To keep your VPS safe from viruses, DDoS attacks, and illegal access, it is essential to secure it. Configuring firewall rules is one of the best methods to improve server security. Incoming and outgoing traffic is managed by a firewall, which blocks malicious or superfluous requests while permitting only trusted connections.
This tutorial will show you how to use UFW (Uncomplicated Firewall), a simple program included on the majority of Linux distributions, to set up firewall rules on a VPS.
Let us follow the guide:
- Check UFW Status:
First, verify if UFW is installed and running:sudo ufw status
If UFW is inactive, you’ll see “Status: inactive.”
- Enable UFW:
Enable UFW to start managing firewall rules:sudo ufw enable
- Allow SSH Connections:
To prevent locking yourself out, allow SSH (default port 22):sudo ufw allow 22/tcp
If your SSH runs on a custom port, replace 22 with that port number.
- Allow Essential Services:
Allow HTTP (80) and HTTPS (443) traffic for web servers:sudo ufw allow 80/tcp sudo ufw allow 443/tcp
- Deny Unnecessary Ports:
Block all other ports that are not in use. For example, to deny port 21 (FTP):sudo ufw deny 21/tcp
- Enable Logging (Optional)
Enable logging to monitor firewall activity:sudo ufw logging on
- Verify Rules:
Check the list of active rules:sudo ufw status verbose
Notes & Best Practices:
- Always allow SSH before allowing UFW to avoid being locked out.
- Use custom SSH ports for extra security.
- Only open ports required by your applications.
- Regularly review firewall logs for suspicious activity.
In this manner, you can greatly lower the danger of unwanted access and any attacks on your VPS by configuring firewall rules. UFW simplify the procedure while guaranteeing that only essential traffic is allowed. Server security can be further strengthened by regularly assessing and upgrading your firewall rules.
Want to manage firewalls via Plesk too? Learn How to manage local firewall rules using Plesk for Linux