UFW Disable

This post will discuss how to completey disable UFW firewall.

The Uncomplicated Firewall is largely written to, well, uncomplicated the task of setting up a firewall and ufw disable is not an exception to this rule. If you want to completely disregard all the rules set using ufw, you can easily do so by running:

$ sudo ufw disable
Firewall stopped and disabled on system startup

This will not only disable the firewall, but also prevent it from starting again as a service if you reboot your server.

Checking the service status

You can check the status of ufw by simply typing in:

$ service ufw status

This is similar to ufw status although it is more on the system level. The same service command can be used to look at the status of other running services like httpd, etc.

Why disable UFW?

If you are experimenting with other firewalls, maybe even external ones, then disabling ufw is great. The rules are stored persistently at /etc/ufw and the next time you enable the service the same rules will take effect.

Most cloud services offer a firewall for your VPS. These are often easier to use and more robustly maintained by professionals. Using an external firewall can free up some resources on your VPS, as well.

Flip-side of convenience

While ufw disable stops the firewall on starting up when the system reboots, ufw enable does the exact opposite.

$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

It enables the firewall and ensures that it starts up everytime the system boots. This is a convenient feature. It is easy to forget starting the firewall everytime the system is rebooted (which is not that often) and, in doing so, you may end up leaving your system vulnerable to the rest of the world. Auto enable helps mitigate this problem.

On the other hand, this means that the firewall rules are set in stone once it is enabled. If you lock yourself out of the system, say, by accidentally blocking SSH port you won’t be able to access your server unless you have a remote console attached.

Even rebooting might not help you get out of this mess, so be careful and check everything before enabling ufw . Disabling is not that involved of a process.