UFW stands for uncomplicated firewall. UFW actually is not a firewall itself, instead it is a configuration program for iptables.
First of all, make sure that UFW is installed on the server with the following command: sudo apt install ufw
In the most cases firewalls are configured to block all incoming traffic and allow all outgoing traffic by default. If this is your first time i’d recommend configuring it like just like that. Todo this run the following 2 commands:
sudo ufw default deny incoming
sudo ufw default allow outgoing
Now that we blocked all incoming traffic we should ensure that where still able to manage this machine after enabling the firewall. This means we need to allow SSH. In most cases, HTTP and HTTPS traffic is crucial as well. You can allow these 3 services by running the commands below.
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
Now we need to make sure we enable the firewall. Todo so this run sudo ufw enable
Afterwords you can check your config by running sudo ufw status verbose
For more information on UFW and on how to use it see the following pages: