Last Updated:

Linux : Enable and configure the brandmauer using the UFW utility for working with nginx

nginx
 
Linux Ubuntu. Enabling and configuring the firewall with the UFW utility to work with nginx


Ubuntu uses a shell called UFW (firewall). In this article we will look at how to configure UFW in linux ubuntu to work with nginx. After executing a series of commands, the UFW firewall will block all ports except the nginx and ssh ports.

In order to see if you have the firewall enabled or not, you need to run the command:

After execution, you will get the following answer:
 
sudo ufw status

Status: inactive - This means that the firewall is not active


Next we need to open port 22 for ssh
sudo ufw allow OpenSSH


If you are going to enable the firewall on a remote machine and do it over an ssh connection, then you need to open the port for SSH, otherwise after enabling the firewall, you may lose access to the machine


Open port 80 for nginx (http).

Open port 443 for nginx (https. traffic with TLS/SSL encryption).


Next, to verify the change, type:


The result should be as follows:



In order for the changes to take effect, you must disable UFW:

And re-enable:
sudo ufw allow 'Nginx HTTP'
sudo ufw allow 'Nginx HTTPS'
sudo ufw status
To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
OpenSSH                    ALLOW       Anywhere                  
Nginx HTTP                 ALLOW       Anywhere                  
Nginx HTTPS                ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Nginx HTTP (v6)            ALLOW       Anywhere (v6)             
Nginx HTTPS (v6)           ALLOW       Anywhere (v6)
sudo ufw disable

sudo ufw enable