In this lesson, you'll learn how to enable a ufw firewall to allow external communication for everything we want to leave the server and prevent internal communication for everything we do not wish to come into our server.

To make things easier, let's set some rules in advance for things we'll install and configure in our next steps: Postfix, Bitwarden, & Docker, but we'll do it all now, so we don't have to backtrack later.

Configuring a Firewall with UFW for SSH, HTTP, & HTTPS

Please copy the following command into your terminal; this will allow SSH access through the firewall and allow HTTP and HTTPS access.

sudo ufw allow proto tcp to port 22 comment 'Allow SSH access' && sudo ufw allow proto tcp to port 80 comment 'Allow HTTP access' && sudo ufw allow to port 443 comment 'Allow HTTPS access'

Then we'll enable our firewall with the following command:

sudo ufw enable

You may be prompted that this might disrupt existing ssh connections, hit y, and continue.

With our firewall enabled, next, we'll generate our SSL certificate and keys for our email server.