Linux Firewall Basics: UFW and firewalld Rules for Server Security

Linux Firewall Basics is a practical Linux and server administration skill for IT professionals, help desk teams, system administrators, DevOps learners, and technical support staff. This tutorial is written to be clear, searchable, and useful in real troubleshooting situations.

Why Linux firewalls matter

A firewall controls which traffic can reach your server. Even if applications are secure, unnecessary open ports increase risk.

UFW vs firewalld

Ubuntu commonly uses UFW as a simple firewall interface. RHEL, CentOS, Fedora, and similar systems often use firewalld with zones and services.

Start with required services

Allow only what the server needs, such as SSH, HTTP, HTTPS, monitoring, or application-specific ports. Deny everything else by default where possible.

Avoid locking yourself out

When configuring a remote server, allow SSH before enabling the firewall. Keep a backup session open and understand cloud security groups too.

Review rules regularly

Firewall rules should be documented and reviewed. Old temporary rules often become long-term security risks.

Useful Linux commands

sudo ufw status verbose
sudo ufw allow OpenSSH
sudo ufw allow 443/tcp
sudo firewall-cmd --list-all
sudo firewall-cmd --add-service=https --permanent

Safe practice checklist

• Check the current state before changing configuration.
• Take backups of important files before editing.
• Test commands in a lab or non-production system first.
• Make one change at a time and verify the result.
• Document what changed and how to roll back.

Final thoughts

Linux server administration becomes easier when you follow a careful process: observe, verify, change safely, and document. Practice these commands regularly so they become part of your everyday troubleshooting toolkit.

Educational note: This tutorial is for learning purposes only. Test carefully and do not make production changes without approval, documentation, and backups.