{"id":913,"date":"2017-04-30T18:23:22","date_gmt":"2017-04-30T15:23:22","guid":{"rendered":"https:\/\/community.virtono.com\/?p=913"},"modified":"2017-04-30T18:23:22","modified_gmt":"2017-04-30T15:23:22","slug":"how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/","title":{"rendered":"How To Set Up a Firewall with UFW on Ubuntu 16.04"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Introduction\" title=\"Introduction\">Introduction<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_1_%E2%80%94_Using_IPv6_with_UFW_Optional\" title=\"Step 1 \u2014 Using IPv6 with UFW (Optional)\">Step 1 \u2014 Using IPv6 with UFW (Optional)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_2_%E2%80%94_Setting_Up_Default_Policies\" title=\"Step 2 \u2014 Setting Up Default Policies\">Step 2 \u2014 Setting Up Default Policies<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_3_%E2%80%94_Allowing_SSH_Connections\" title=\"Step 3 \u2014 Allowing SSH Connections\">Step 3 \u2014 Allowing SSH Connections<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_4_%E2%80%94_Enabling_UFW\" title=\"Step 4 \u2014 Enabling UFW\">Step 4 \u2014 Enabling UFW<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_5_%E2%80%94_Allowing_Other_Connections\" title=\"Step 5 \u2014 Allowing Other Connections\">Step 5 \u2014 Allowing Other Connections<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Specific_Port_Ranges\" title=\"Specific Port Ranges\">Specific Port Ranges<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Specific_IP_Addresses\" title=\"Specific IP Addresses\">Specific IP Addresses<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Subnets\" title=\"Subnets\">Subnets<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Connections_to_a_Specific_Network_Interface\" title=\"Connections to a Specific Network Interface\">Connections to a Specific Network Interface<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_6_%E2%80%94_Denying_Connections\" title=\"Step 6 \u2014 Denying Connections\">Step 6 \u2014 Denying Connections<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#By_Rule_Number\" title=\"By Rule Number\">By Rule Number<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#By_Actual_Rule\" title=\"By Actual Rule\">By Actual Rule<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_8_%E2%80%94_Checking_UFW_Status_and_Rules\" title=\"Step 8 \u2014 Checking UFW Status and Rules\">Step 8 \u2014 Checking UFW Status and Rules<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Step_9_%E2%80%94_Disabling_or_Resetting_UFW_optional\" title=\"Step 9 \u2014 Disabling or Resetting UFW (optional)\">Step 9 \u2014 Disabling or Resetting UFW (optional)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-set-up-a-firewall-with-ufw-on-ubuntu-16-04\/#Conclusion\" title=\"Conclusion\">Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Introduction\"><\/span><b>Introduction<\/b><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">UFW, or Uncomplicated Firewall,it\u2019s an interface to <\/span><span style=\"font-weight: 400;\">iptables<\/span><span style=\"font-weight: 400;\"> , which simplifies the process of configuring a firewall.It\u2019s an difficulty for the beginners to learn how to use it to properly configure a firewall.Because <\/span><span style=\"font-weight: 400;\">iptables<\/span><span style=\"font-weight: 400;\"> is a solid and flexible tool If you&#8217;re looking to get started securing your network, and you&#8217;re not sure which tool to use, UFW may be the right choice for you.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This tutorial will help you to set up a firewall with UFW on Ubuntu 16.04.<\/span><\/p>\n<h2><\/h2>\n<h2><span class=\"ez-toc-section\" id=\"Step_1_%E2%80%94_Using_IPv6_with_UFW_Optional\"><\/span><b>Step 1 \u2014 Using IPv6 with UFW (Optional)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">This tutorial is written with IPv4 in mind, but will work for IPv6 as well as long as you enable it.If the Ubuntu server you have is enabled with IPv6 then ensure that UFW is configured to support IPv6 so that it will manage firewall rules for IPv6 in addition to IPv4. To do this, open the UFW configuration with <\/span><span style=\"font-weight: 400;\">nano<\/span><span style=\"font-weight: 400;\"> or your favorite editor.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">sudo nano \/etc\/default\/ufw<\/span><span style=\"font-weight: 400;\"><\/p>\n<p><\/span><\/p>\n<p><span style=\"font-weight: 400;\">Then make sure the value of <\/span><span style=\"font-weight: 400;\">IPV6<\/span><span style=\"font-weight: 400;\"> is <\/span><span style=\"font-weight: 400;\">yes<\/span><span style=\"font-weight: 400;\">. It should look like this:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\/etc\/default\/ufw excerpt<\/span><\/p>\n<p><span style=\"font-weight: 400;\">&#8230;<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">IPV6=<\/span><span style=\"font-weight: 400;\">yes<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">&#8230;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Save and close the file now and when the UFW is enabled, it will be configured to write both IPv4 and IPv6 firewall rules.We want to insure that the firewall is configured to allow you to connect via SSH,before enabling UFW.Let&#8217;s start with setting the default policies.<\/span><\/p>\n<h3><\/h3>\n<h2><span class=\"ez-toc-section\" id=\"Step_2_%E2%80%94_Setting_Up_Default_Policies\"><\/span><b>Step 2 \u2014 Setting Up Default Policies<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><\/h3>\n<p><span style=\"font-weight: 400;\">There\u2019s a rule,if you are getting started to your firewall and that is your default policies. These rules control how to handle traffic that does not explicitly match any other rules. By default, UFW is set to deny all incoming connections and allow all outgoing connections. This means anyone trying to reach your cloud server would not be able to connect, while any application within the server would be able to reach the outside world.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Let&#8217;s set your UFW rules back to the defaults so we can be sure that you&#8217;ll be able to follow along with this tutorial. To set the defaults used by UFW, use these commands:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw default deny incoming<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw default allow outgoing<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">These commands set the defaults to deny incoming and allow outgoing connections. These firewall defaults alone might suffice for a personal computer, but servers typically need to respond to incoming requests from outside users. We&#8217;ll look into that next.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Step_3_%E2%80%94_Allowing_SSH_Connections\"><\/span><b>Step 3 \u2014 Allowing SSH Connections<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">If we enabled our UFW firewall now, it would deny all incoming connections. This means that we will need to create rules that explicitly allow legitimate incoming connections \u2014 SSH or HTTP connections, for example \u2014 if we want our server to respond to those types of requests. If you&#8217;re using a cloud server, you will probably want to allow incoming SSH connections so you can connect to and manage your server.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To configure your server to allow incoming SSH connections, you can use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow ssh<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This will create firewall rules that will allow all connections on port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\">, which is the port that the SSH daemon listens on by default. UFW knows what SSH and a number of other service names mean because they&#8217;re listed as services in the <\/span><span style=\"font-weight: 400;\">\/etc\/services<\/span><span style=\"font-weight: 400;\"> file.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, we can actually write the equivalent rule by specifying the port instead of the service name. For example, this command works the same as the one above:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow 22<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If you configured your SSH daemon to use a different port, you will have to specify the appropriate port. For example, if your SSH server is listening on port <\/span><span style=\"font-weight: 400;\">2222<\/span><span style=\"font-weight: 400;\">, you can use this command to allow connections on that port:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow <\/span><span style=\"font-weight: 400;\">2222<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Now that your firewall is configured to allow incoming SSH connections, we can enable it.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Step_4_%E2%80%94_Enabling_UFW\"><\/span><b>Step 4 \u2014 Enabling UFW<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">To enable UFW, use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw enable<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">You will receive a warning that says the command may disrupt existing SSH connections. We already set up a firewall rule that allows SSH connections, so it should be fine to continue. Respond to the prompt with <\/span><span style=\"font-weight: 400;\">y<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The firewall is now active. Feel free to run the <\/span><span style=\"font-weight: 400;\">sudo ufw status verbose<\/span><span style=\"font-weight: 400;\"> command to see the rules that are set. The rest of this tutorial covers how to use UFW in more detail, like allowing or denying different kinds of connections.<\/span><\/p>\n<h3><\/h3>\n<h2><span class=\"ez-toc-section\" id=\"Step_5_%E2%80%94_Allowing_Other_Connections\"><\/span><span style=\"font-weight: 400;\">Step 5 \u2014 Allowing Other Connections<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">At this point, you should allow all of the other connections that your server needs to respond to. The connections that you should allow depends your specific needs. Luckily, you already know how to write rules that allow connections based on a service name or port; we already did this for SSH on port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\">. You can also do this for:<\/span><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><b><span style=\"font-weight: 400;\">HTTP on port 80, which is what unencrypted web servers use, using <\/span><span style=\"font-weight: 400;\">sudo ufw allow http<\/span><span style=\"font-weight: 400;\"> or <\/span><span style=\"font-weight: 400;\">sudo ufw allow 80<\/span><\/b><\/li>\n<\/ul>\n<ul>\n<li><span style=\"font-weight: 400;\">HTTPS on port 443, which is what encrypted web servers use, using <\/span><span style=\"font-weight: 400;\">sudo ufw allow https<\/span><span style=\"font-weight: 400;\"> or <\/span><span style=\"font-weight: 400;\">sudo ufw allow 443<\/span><\/li>\n<\/ul>\n<ul>\n<li><span style=\"font-weight: 400;\">FTP on port 21, which is used for unencrypted file transfers (which you probably shouldn&#8217;t use anyway), using <\/span><span style=\"font-weight: 400;\">sudo ufw allow ftp<\/span><span style=\"font-weight: 400;\"> or <\/span><span style=\"font-weight: 400;\">sudo ufw allow 21\/tcp<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">There are several others ways to allow other connections, aside from specifying a port or known service.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Specific_Port_Ranges\"><\/span><span style=\"font-weight: 400;\">Specific Port Ranges<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">You can specify port ranges with UFW. Some applications use multiple ports, instead of a single port.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, to allow X11 connections, which use ports <\/span><span style=\"font-weight: 400;\">6000<\/span><span style=\"font-weight: 400;\">&#8211;<\/span><span style=\"font-weight: 400;\">6007<\/span><span style=\"font-weight: 400;\">, use these commands:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow <\/span><span style=\"font-weight: 400;\">6000<\/span><span style=\"font-weight: 400;\">:<\/span><span style=\"font-weight: 400;\">6007<\/span><span style=\"font-weight: 400;\">\/tcp<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow <\/span><span style=\"font-weight: 400;\">6000<\/span><span style=\"font-weight: 400;\">:<\/span><span style=\"font-weight: 400;\">6007<\/span><span style=\"font-weight: 400;\">\/udp<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">When specifying port ranges with UFW, you must specify the protocol (<\/span><span style=\"font-weight: 400;\">tcp<\/span><span style=\"font-weight: 400;\"> or <\/span><span style=\"font-weight: 400;\">udp<\/span><span style=\"font-weight: 400;\">) that the rules should apply to. We haven&#8217;t mentioned this before because not specifying the protocol simply allows both protocols, which is OK in most cases.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Specific_IP_Addresses\"><\/span><span style=\"font-weight: 400;\">Specific IP Addresses<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">When working with UFW, you can also specify IP addresses. For example, if you want to allow connections from a specific IP address, such as a work or home IP address of <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\">, you need to specify <\/span><span style=\"font-weight: 400;\">from<\/span><span style=\"font-weight: 400;\">, then the IP address:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow from <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">You can also specify a specific port that the IP address is allowed to connect to by adding <\/span><span style=\"font-weight: 400;\">to any port<\/span><span style=\"font-weight: 400;\">followed by the port number. For example, If you want to allow <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\"> to connect to port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\"> (SSH), use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow from <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\"> to any port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Subnets\"><\/span><span style=\"font-weight: 400;\">Subnets<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">If you want to allow a subnet of IP addresses, you can do so using CIDR notation to specify a netmask. For example, if you want to allow all of the IP addresses ranging from <\/span><span style=\"font-weight: 400;\">15.15.15.1<\/span><span style=\"font-weight: 400;\"> to <\/span><span style=\"font-weight: 400;\">15.15.15.254<\/span><span style=\"font-weight: 400;\"> you could use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow from <\/span><span style=\"font-weight: 400;\">15.15.15.0<\/span><span style=\"font-weight: 400;\">\/<\/span><span style=\"font-weight: 400;\">24<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Likewise, you may also specify the destination port that the subnet <\/span><span style=\"font-weight: 400;\">15.15.15.0\/24<\/span><span style=\"font-weight: 400;\"> is allowed to connect to. Again, we&#8217;ll use port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\"> (SSH) as an example:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow from <\/span><span style=\"font-weight: 400;\">15.15.15.0<\/span><span style=\"font-weight: 400;\">\/<\/span><span style=\"font-weight: 400;\">24<\/span><span style=\"font-weight: 400;\"> to any port 22<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Connections_to_a_Specific_Network_Interface\"><\/span><span style=\"font-weight: 400;\">Connections to a Specific Network Interface<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">If you want to create a firewall rule that only applies to a specific network interface, you can do so by specifying &#8220;allow in on&#8221; followed by the name of the network interface.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You may want to look up your network interfaces before continuing. To do so, use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">ip addr<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Output Excerpt:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">&#8230;<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">2: <\/span><span style=\"font-weight: 400;\">eth0<\/span><span style=\"font-weight: 400;\">: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc pfifo_fast state<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">&#8230;<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">3: <\/span><span style=\"font-weight: 400;\">eth1<\/span><span style=\"font-weight: 400;\">: &lt;BROADCAST,MULTICAST&gt; mtu 1500 qdisc noop state DOWN group default <\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">&#8230;<\/span><span style=\"font-weight: 400;\"><\/p>\n<p><\/span><\/p>\n<p><span style=\"font-weight: 400;\">The highlighted output indicates the network interface names. They are typically named something like <\/span><span style=\"font-weight: 400;\">eth0<\/span><span style=\"font-weight: 400;\"> or <\/span><span style=\"font-weight: 400;\">eth1<\/span><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So, if your server has a public network interface called <\/span><span style=\"font-weight: 400;\">eth0<\/span><span style=\"font-weight: 400;\">, you could allow HTTP traffic (port <\/span><span style=\"font-weight: 400;\">80<\/span><span style=\"font-weight: 400;\">) to it with this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow in on <\/span><span style=\"font-weight: 400;\">eth0<\/span><span style=\"font-weight: 400;\"> to any port <\/span><span style=\"font-weight: 400;\">80<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Doing so would allow your server to receive HTTP requests from the public Internet.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Or, if you want your MySQL database server (port <\/span><span style=\"font-weight: 400;\">3306<\/span><span style=\"font-weight: 400;\">) to listen for connections on the private network interface <\/span><span style=\"font-weight: 400;\">eth1<\/span><span style=\"font-weight: 400;\">, for example, you could use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw allow in on <\/span><span style=\"font-weight: 400;\">eth1<\/span><span style=\"font-weight: 400;\"> to any port <\/span><span style=\"font-weight: 400;\">3306<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This would allow other servers on your private network to connect to your MySQL database.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Step_6_%E2%80%94_Denying_Connections\"><\/span><b>Step 6 \u2014 Denying Connections<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">If you haven&#8217;t changed the default policy for incoming connections, UFW is configured to deny all incoming connections. Generally, this simplifies the process of creating a secure firewall policy by requiring you to create rules that explicitly allow specific ports and IP addresses through.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, sometimes you will want to deny specific connections based on the source IP address or subnet, perhaps because you know that your server is being attacked from th<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Or if you want to deny all connections from <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\"> you could use this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw deny from <\/span><span style=\"font-weight: 400;\">15.15.15.51<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Now let&#8217;s take a look at how to delete rules.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">ere. Also, if you want change your default incoming policy to allow (which isn&#8217;t recommended in the interest of security), you would need to create deny rules for any services or IP addresses that you don&#8217;t want to allow connections for.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To write deny rules, you can use the commands described above, replacing allow with deny.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, to deny HTTP connections, you could use this command:<\/span><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li><b>sudo ufw deny http<br \/>\nStep 7 \u2014 Deleting Rules<\/b><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">Knowing how to delete firewall rules is just as important as knowing how to create them. There are two different ways specify which rules to delete: by rule number or by the actual rule (similar to how the rules were specified when they were created). We&#8217;ll start with the delete by rule number method because it is easier, compared to writing the actual rules to delete, if you&#8217;re new to UFW.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"By_Rule_Number\"><\/span><span style=\"font-weight: 400;\">By Rule Number<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">If you&#8217;re using the rule number to delete firewall rules, the first thing you&#8217;ll want to do is get a list of your firewall rules. The UFW status command has an option to display numbers next to each rule, as demonstrated here:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw status numbered<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Numbered Output:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Status: active<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"> \u00a0\u00a0\u00a0\u00a0To \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Action \u00a0\u00a0\u00a0\u00a0\u00a0From<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"> \u00a0\u00a0\u00a0\u00a0&#8212; \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0&#8212;&#8212; \u00a0\u00a0\u00a0\u00a0\u00a0&#8212;-<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">[ 1] 22 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALLOW IN \u00a0\u00a0\u00a015.15.15.0\/24<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">[ 2] 80 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALLOW IN \u00a0\u00a0\u00a0Anywhere<\/span><span style=\"font-weight: 400;\"><\/p>\n<p><\/span><\/p>\n<p><span style=\"font-weight: 400;\">If we decide that we want to delete rule 2, the one that allows port 80 (HTTP) connections, we can specify it in a UFW delete command like this:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw delete <\/span><span style=\"font-weight: 400;\">2<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This would show a confirmation prompt then delete rule 2, which allows HTTP connections. Note that if you have IPv6 enabled, you would want to delete the corresponding IPv6 rule as well.<\/span><\/p>\n<h3><span class=\"ez-toc-section\" id=\"By_Actual_Rule\"><\/span><span style=\"font-weight: 400;\">By Actual Rule<\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The alternative to rule numbers is to specify the actual rule to delete. For example, if you want to remove the <\/span><span style=\"font-weight: 400;\">allow http<\/span><span style=\"font-weight: 400;\"> rule, you could write it like this:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw delete <\/span><span style=\"font-weight: 400;\">allow http<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">You could also specify the rule by <\/span><span style=\"font-weight: 400;\">allow 80<\/span><span style=\"font-weight: 400;\">, instead of by service name:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw delete <\/span><span style=\"font-weight: 400;\">allow 80<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><b>This method will delete both IPv4 and IPv6 rules, if they exist.<\/b><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Step_8_%E2%80%94_Checking_UFW_Status_and_Rules\"><\/span><b>Step 8 \u2014 Checking UFW Status and Rules<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">At any time, you can check the status of UFW with this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw status verbose<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">If UFW is disabled, which it is by default, you&#8217;ll see something like this:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Output<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Status: inactive<\/span><span style=\"font-weight: 400;\"><\/p>\n<p><\/span><\/p>\n<p><span style=\"font-weight: 400;\">If UFW is active, which it should be if you followed Step 3, the output will say that it&#8217;s active and it will list any rules that are set. For example, if the firewall is set to allow SSH (port <\/span><span style=\"font-weight: 400;\">22<\/span><span style=\"font-weight: 400;\">) connections from anywhere, the output might look something like this:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Output<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Status: active<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">Logging: on (low)<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">Default: deny (incoming), allow (outgoing), disabled (routed)<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">New profiles: skip<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">To \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Action \u00a0\u00a0\u00a0\u00a0\u00a0From<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">&#8212; \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0&#8212;&#8212; \u00a0\u00a0\u00a0\u00a0\u00a0&#8212;-<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">22\/tcp \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ALLOW IN \u00a0\u00a0\u00a0Anywhere<\/span><span style=\"font-weight: 400;\"><\/p>\n<p><\/span><\/p>\n<p><span style=\"font-weight: 400;\">Use the <\/span><span style=\"font-weight: 400;\">status<\/span><span style=\"font-weight: 400;\"> command if you want to check how UFW has configured the firewall.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Step_9_%E2%80%94_Disabling_or_Resetting_UFW_optional\"><\/span><b>Step 9 \u2014 Disabling or Resetting UFW (optional)<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">If you decide you don&#8217;t want to use UFW, you can disable it with this command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw disable<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Any rules that you created with UFW will no longer be active. You can always run <\/span><span style=\"font-weight: 400;\">sudo ufw enable<\/span><span style=\"font-weight: 400;\"> if you need to activate it later.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If you already have UFW rules configured but you decide that you want to start over, you can use the reset command:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">sudo ufw reset<\/span><span style=\"font-weight: 400;\">\n<p><\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">This will disable UFW and delete any rules that were previously defined. Keep in mind that the default policies won&#8217;t change to their original settings, if you modified them at any point. This should give you a fresh start with UFW.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span><b>Conclusion<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Your firewall should now be configured to allow (at least) SSH connections. \u00a0Be sure to allow any other incoming connections that your server, while limiting any unnecessary connections, so your server will be functional and secure.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction UFW, or Uncomplicated Firewall,it\u2019s an interface to iptables , which simplifies the process of configuring a firewall.It\u2019s an difficulty for the beginners to learn how to use it to properly configure a firewall.Because iptables is a solid and flexible tool If you&#8217;re looking to get started securing your network,<\/p>\n","protected":false},"author":3,"featured_media":915,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[5,3],"tags":[],"class_list":["post-913","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase","category-tutorial-how-to"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/04\/UFW-Firewall.jpeg?fit=320%2C240&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-eJ","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":880,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/linux-securityfirewalls\/","url_meta":{"origin":913,"position":0},"title":"Linux Security:Firewalls","author":"Daniel Draga","date":"January 25, 2017","format":false,"excerpt":"Security is an important but complex topic. So I'll be doing a series of articles, focusing on the principles and working of security of Linux. The challenge is that it\u2019s an ever-changing idea. Software we think of as secure can become insecure as hackers figure out how to break though\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/01\/firewall-hacker-720x380.jpg?fit=720%2C380&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/01\/firewall-hacker-720x380.jpg?fit=720%2C380&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/01\/firewall-hacker-720x380.jpg?fit=720%2C380&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/01\/firewall-hacker-720x380.jpg?fit=720%2C380&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":696,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/securing-linux-web-server\/","url_meta":{"origin":913,"position":1},"title":"Securing Ubuntu or Debian Linux Web Server","author":"Daniel Draga","date":"October 11, 2016","format":false,"excerpt":"Securing your server is important, we'll discuss it in this article why?, but lets begin securing your server right now, with these, quick and small steps towards a secured server. Before we begin, make sure: 1.You have root access to the Linux server 2.You are running either Ubuntu 10.04 LTS\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/10\/tux_virus.png?fit=298%2C320&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1067,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-mongodb-on-ubuntu-16-04\/","url_meta":{"origin":913,"position":2},"title":"How to Install MongoDB on Ubuntu 16.04","author":"Shreyash Sharma","date":"October 9, 2017","format":false,"excerpt":"Introduction MongoDB it is a document-oriented database. It is a free and open-source database. It does not rely on a traditional table-based relational database structure that\u2019s why it is classified as a NoSQL database. Instead it uses JSON-like documents with dynamic schemas. Before you add data to database MongoDB does\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/mongodb-1.jpeg?fit=1040%2C560&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/mongodb-1.jpeg?fit=1040%2C560&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/mongodb-1.jpeg?fit=1040%2C560&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/mongodb-1.jpeg?fit=1040%2C560&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":2719,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-webuzo-v3-on-ubuntu\/","url_meta":{"origin":913,"position":3},"title":"How to Install Webuzo v3 on Ubuntu","author":"George B.","date":"June 28, 2022","format":false,"excerpt":"In this guide, we will show you how to install Webuzo v3 control panel on Ubuntu. What is Webuzo? Webuzo is a Multi-User Control Panel that helps you manage your cloud or dedicated server. It's a hosting platform to help you grow your web applications as it helps customers to\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/06\/Screenshot-2022-06-23-at-15.43.54.png?fit=1200%2C714&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/06\/Screenshot-2022-06-23-at-15.43.54.png?fit=1200%2C714&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/06\/Screenshot-2022-06-23-at-15.43.54.png?fit=1200%2C714&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/06\/Screenshot-2022-06-23-at-15.43.54.png?fit=1200%2C714&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/06\/Screenshot-2022-06-23-at-15.43.54.png?fit=1200%2C714&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":415,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-build-openvpn-server-on-ubuntu\/","url_meta":{"origin":913,"position":4},"title":"HOW TO BUILD OPENVPN SERVER ON UBUNTU","author":"Daniel Draga","date":"August 13, 2016","format":false,"excerpt":"This article will show you how to install and setup OpenVPN server on Ubuntu 14.04, with pictures, just follow along, and if you encounter any trouble, just comment below. Before we dive in the steps, here is a little VPN and OpenVPN\u2019s basic definitions for you. What is VPN and\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/08\/picc.png?fit=400%2C300&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3191,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-postfix-on-linux\/","url_meta":{"origin":913,"position":5},"title":"How to install Postfix on Linux","author":"George B.","date":"April 8, 2023","format":false,"excerpt":"Install Postfix on CentOS 7 To install Postfix on CentOS 7, follow these steps: Open a terminal or login to your server via SSH as a root user. Update your system packages by running the following command: yum update Install Postfix using the following command: yum install postfix Start the\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2023\/04\/How-to-install-Postfix-on-Linux.png?fit=600%2C330&ssl=1&resize=525%2C300 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/913","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=913"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/913\/revisions"}],"predecessor-version":[{"id":916,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/913\/revisions\/916"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/915"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=913"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=913"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=913"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}