Try Us Free for 30 Days – Your Wallet Can Thank Us Later!

Try Us Free for 30 Days – Your Wallet Can Thank Us Later!

How to Open a Port in UFW (Uncomplicated Firewall)

UFW (Uncomplicated Firewall) is a user-friendly frontend for managing iptables on Linux systems, and it’s commonly used on Ubuntu-based systems. If you need to open a port to allow traffic for applications like Apache, Webmin, or any other service, you can use UFW to manage your firewall.

Here’s how you can open a port in UFW:


Step 1: Log in as Root

First, log into your server using SSH as the root user or a user with sudo privileges.

bash
ssh root@your-server-ip

Step 2: Check if the Port is Defined as a Service

Before opening a port, check if the port or service name is already defined in /etc/services.

  1. To check for a service name (e.g., OpenVPN, PostgreSQL), use the following command:
    bash
    cat /etc/services | grep service-name
  2. Alternatively, you can look for the port number directly:
    bash
    cat /etc/services | grep port

Step 3: Open a Port in UFW

You have several options for opening a port in UFW:

Open a Port Using a Service Name

If the service is listed in /etc/services, you can open the port by service name (e.g., Apache, SSH).

  • For example, to allow HTTP (port 80):
    bash
    sudo ufw allow http
  • To allow a service with a specific protocol (TCP or UDP):
    bash
    sudo ufw allow http/tcp
    sudo ufw allow ssh/udp

Open a Port Using a Port Number

If the port is not listed as a service, you can open it by specifying the port number and protocol (TCP or UDP).

  • To allow a specific port (e.g., port 10000):
    bash
    sudo ufw allow 10000
  • To allow a specific UDP port (e.g., port 1352):
    bash
    sudo ufw allow 1352/udp

Allow Connections from a Specific IP Address

If you want to allow connections from a specific IP address:

  • To allow all traffic from a specific IP:
    bash
    sudo ufw allow from 1.2.3.4
  • To allow connections to a specific port (e.g., SSH on port 22) from a specific IP:
    bash
    sudo ufw allow from 1.2.3.4 to any port 22

Allow Connections from an IP Subnet

You can also allow connections from an entire subnet by specifying the subnet in CIDR format:

bash
sudo ufw allow from 1.2.3.0/24

Step 4: Enable UFW (If Not Already Enabled)

If UFW is not already enabled on your server, you can activate it by running:

bash
sudo ufw enable

Step 5: Verify UFW Status

After making changes, it’s important to verify that your firewall rules are applied correctly.

  1. To check the status of UFW:
    bash
    sudo ufw status
  2. To see more detailed information:
    bash
    sudo ufw status verbose
  3. To check the status with rule numbers:
    bash
    sudo ufw status numbered

    This will display each rule with a number, which you can use to remove specific rules if needed:

    bash
    sudo ufw delete 1

Step 6: Close a Port in UFW (If Needed)

If you no longer need a port open, you can close it by using the service name or port number:

  • To block a service (e.g., POP3):
    bash
    sudo ufw deny pop3
  • To block a specific port (e.g., port 995):
    bash
    sudo ufw deny 995

By following these steps, you can manage your UFW firewall to open or close ports as needed, helping secure your Linux server while allowing necessary traffic for services like web servers or SSH.

4o mini
Picture of Ramandeep Singh Sethi

Ramandeep Singh Sethi

Hello, I’m Ramandeep Singh Sethi a Public Speaker, Entrepreneur, Philanthropist, and the CEO & Founder of three pioneering technology companies: Hydizo Global Solutions, 1Only Host, and Leadtuts.
Share the Post:

Related Posts

Scroll to Top