Question

enabled UFW locks me out, my web pages doesn´t work, SSH also not, rulles applied

I have upgraded my droplet from 12.04 to 16.04.01 LTS. As soon I enable UFW nothing works, no SSH, no web. Rules were reapplied, like they were in previous system, see below, I have flushed iptables, reinstalled UFW. Can´t figure out what else it can be? Also when I reboot system UFW is diabled.

RULES

tuple ### allow tcp 80 0.0.0.0/0 any 0.0.0.0/0 in

-A ufw-user-input -p tcp --dport 80 -j ACCEPT

tuple ### allow tcp 443 0.0.0.0/0 any 0.0.0.0/0 in

-A ufw-user-input -p tcp --dport 443 -j ACCEPT

tuple ### allow tcp 25 0.0.0.0/0 any 0.0.0.0/0 in

-A ufw-user-input -p tcp --dport 25 -j ACCEPT

tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 OpenSSH - in

-A ufw-user-input -p tcp --dport 22 -j ACCEPT -m comment --comment ‘dapp_OpenSSH’

tuple ### allow any 22 0.0.0.0/0 any 0.0.0.0/0 in

-A ufw-user-input -p tcp --dport 22 -j ACCEPT -A ufw-user-input -p udp --dport 22 -j ACCEPT

tuple ### allow any 25 0.0.0.0/0 any 0.0.0.0/0 in

-A ufw-user-input -p tcp --dport 25 -j ACCEPT -A ufw-user-input -p udp --dport 25 -j ACCEPT

END RULES

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

You can try adding rules to UFW before enabling it. You can enable application by port or by it’s name. Some applications can register their profiles with UFW, so UFW can manage them by name.

Executing

  1. sudo ufw app list
Sample output
Available applications: Apache Apache Full Apache Secure OpenSSH

To be able able to use SSH, you need to allow it before enabling UFW:

  1. sudo ufw allow OpenSSH

Same can be done by enabling port, instead of name:

  1. sudo ufw allow 22/tcp

Now, when you enable UFW (sudo ufw enable), SSH should be working. You should allow your web server, so you can access it. UFW is IPtables configuration tool, this rules should still persist, but you can try adding rules to UFW too.

Following articles can help you understanding UFW: How To Set Up a Firewall with UFW on Ubuntu 14.04. UFW Essentials: Common Firewall Rules and Commands.

Have you enabled your firewall to allow HTTP? Port 80?

I had a similar issue where when I enabled my firewall with sudo ufw enable I could no longer access my website from the browser.

I solved this issue by allowing port 80, which is the port number assigned to the HTTP protocol.

$ sudo ufw allow 80

To allow ssh to work you can run:

$ sudo ufw allow ssh

I hope this is helpful.

Thanks for answer.

Still I can´t make this work. After Ubuntu upgrade to 16.04.01 I can not make sites running. With UFW disabled everything works. What else it can be? I am simply out of ideas.

UFW output is set so: http://pasteboard.co/fLsA7c731.jpg

Have read both articles mentioned above. Have set same setup some time ago on 14.04.