How to Open a Port in UFW

If you’re running a server with Ubuntu or Debian, UFW (Uncomplicated Firewall) provides a simple yet powerful way to manage firewall rules. Opening a specific port in UFW allows external traffic to reach your server for a particular service such as SSH, HTTP, or a custom application.

This guide explains how to open a port using UFW via the command line. Whether you’re setting up a web server, remote access, or other services, these steps will ensure your firewall is configured correctly.

Check If UFW Is Installed

To confirm that UFW is already installed run the following command.

sudo ufw status

If it returns a status (e.g., active or inactive), UFW is installed. If not, install it with:

sudo apt install ufw

You can add a -y flag onto the end to skip confirmation.

Enable UFW

If UFW is inactive, enable it with the following command:

sudo ufw enable

This will start the firewall using the default rules, typically allowing SSH access if it was enabled beforehand.

Open a Specific Port

To allow traffic through a particular port, use:

sudo ufw allow 

For example, to open port 8443:

sudo ufw allow 8443

This command adds a rule to allow both TCP and UDP traffic by default. If needed, you can restrict it by protocol:

sudo ufw allow 8443/tcp

4. Confirm the Rule Has Been Applied

After adding the rule, check that it has been added to the active ruleset:

sudo ufw status

You should see an entry like:

8443                      ALLOW       Anywhere

This confirms the port is now open and accessible from the outside, subject to any server-level or application-specific restrictions.

5. Remove a Rule

When you need to remove a rule or revoke access to a port you can reverse / delete it with the following command:

sudo ufw delete allow 8443

Always recheck the status to ensure the rule was removed successfully.