3v-Hosting Blog

How to open a port in UFW


5 min read

Opening a port in UFW is a fundamental task for network and system administrators who need to control access to services running on a Linux server. UFW provides a simplified interface for configuring a firewall on Ubuntu and other Debian-based systems. The purpose of this article is to provide a short step-by-step guide on how to open a specific port in UFW, as well as discuss several other useful examples of using this firewall.



What is UFW


UFW (for Uncomplicated Firewall) is a convenient interface for managing iptables firewall rules on Linux systems. Designed for ease of use, it simplifies the firewall configuration process and helps administrators implement security policies with minimal effort. By default, UFW is configured to deny all incoming connections and allow all outgoing connections, providing a basic level of security.

Now, without much preamble, we suggest you immediately start practicing.



Checking UFW Status


Before making any changes, it is essential to check the current status of UFW to understand the existing configuration. This can be done using the following command:

    sudo ufw status


This command will display the status of UFW (active or inactive) and list the current rules. If UFW is inactive, you can enable it with:

    sudo ufw enable



Opening a Port in UFW


To open a port in UFW, you use the ufw allow command followed by the port number and, optionally, the protocol (TCP or UDP). For example, to open port 80 for HTTP traffic, you would use:

    sudo ufw allow 80/tcp

This command allows incoming TCP traffic on port 80. If the protocol is not specified, UFW will open the port for both TCP and UDP traffic by default.

For example, to open port 22 for SSH, you would use the following command:

    sudo ufw allow 22/tcp


After executing this command, you should check the status again to confirm the rule has been added:

    sudo ufw status



Other articles on the topic of administering Linux servers:

    - How to Get Your Linux IP Address in Different Ways

    - A short Linux cheat sheet for new hosting users: from logging into a server to setting up a web server.

    - How to install cPanel on Ubuntu 20.04

    - How to add or remove a user on Linux systems



Allowing Ports from Specific IP Addresses


In some cases, you might want to restrict access to a port to specific IP addresses. This can enhance security by limiting the number of potential sources of unauthorized access. The syntax for this is:

    sudo ufw allow from <IP_ADDRESS> to any port <PORT_NUMBER>


For example, to allow SSH access only from the IP address, you would use:

    sudo ufw allow from to any port 22




Listing UFW Rules

To view all the rules configured in UFW, you can use the following command:

    sudo ufw status numbered


This command lists all the rules with numbers, making it easy to reference or delete specific rules.




Deleting UFW Rules

If you need to remove a rule, you can use the delete command followed by the rule number. First, list the rules to identify the number:

    sudo ufw status numbered

Then, delete the rule using its number. For example, to delete rule number 3, you would use:

    sudo ufw delete 3




Advanced Configuration: Allowing Ranges and Subnets


UFW also supports more advanced configurations, such as allowing entire subnets or ranges of ports. To allow a range of ports, use the following syntax:

    sudo ufw allow <START_PORT>:<END_PORT>/tcp

For example, to allow ports 1000 to 2000 for TCP traffic:

    sudo ufw allow 1000:2000/tcp


To allow a subnet, use:

    sudo ufw allow from <SUBNET>


For example, to allow traffic from the subnet

    sudo ufw allow from




Ensuring Security with UFW

While opening ports is necessary for the functionality of various services, it is crucial to ensure that only the necessary ports are open and that access is limited to trusted sources whenever possible. Regularly reviewing the UFW rules with ufw status and auditing open ports can help maintain a secure server environment.





You see, opening a port in UFW is a primitively simple process, but it significantly affects the network security and availability of your server. By learning how to properly configure a firewall, administrators can ensure that their systems are secure and functional. In this brief reference, we looked at only one of the huge number of options for using UFW, and if you want to learn more about this really useful tool, go to the official manual.