UFW (Uncomplicated Firewall) is the recommended firewall tool for Ubuntu/Debian VPS servers. It provides a simple interface for managing iptables rules.
Installing UFW
apt install ufw -ySetting Default Policies
Block all incoming connections by default and allow all outgoing:
ufw default deny incoming\nufw default allow outgoingAllowing Required Ports
Add rules for the services you run:
# Allow SSH (critical β do this before enabling UFW)\nufw allow 22/tcp\n\n# Allow HTTP and HTTPS\nufw allow 80/tcp\nufw allow 443/tcp\n\n# Allow cPanel (if installed)\nufw allow 2083/tcp\nufw allow 2087/tcpEnabling UFW
After adding your rules:
ufw enable\nufw status verboseCritical: Ensure SSH (port 22) is allowed BEFORE enabling UFW. Enabling UFW without allowing SSH will lock you out of the server.