Enabling the UFW Firewall and blocking attacking IPs or ports on your Ubuntu Server is an important step to increase security.

Here’s how to do it:

1. Enable the UFW Firewall on Ubuntu Server
   Install UFW (if not already installed):

bash
sudo apt update
sudo apt install ufw
Enable the Firewall:

Enable UFW:

bash
sudo ufw enable
Check the status:

bash
sudo ufw status verbose
Allow required services:

e.g. enable SSH access:

bash
sudo ufw allow 22/tcp
If using a different port for SSH:

bash
sudo ufw allow [port_number]/tcp
Allow other services:

HTTP:

bash
sudo ufw allow 80/tcp
HTTPS:

bash
sudo ufw allow 443/tcp

2. Block attacking IPs (Blacklist)
   Block specific IP addresses:

Use this command:

bash
sudo ufw deny from [IP_ADDRESS]
Example:

bash
sudo ufw deny from 192.168.1.100
Block IP addresses for specific ports:

Use this command:

bash
sudo ufw deny from [IP_ADDRESS] to any port [PORT_NUMBER]
Example:

bash
sudo ufw deny from 192.168.1.100 to any port 22

3. Block unused ports
   For added security You can block unwanted ports using the command:

bash
sudo ufw deny [port_number]/tcp
Example:

bash
sudo ufw deny 3306/tcp

4. ​​Use Rate Limiting to reduce Brute Force attacks
   UFW has a Rate Limiting feature to reduce attacks:

bash
sudo ufw limit 22/tcp
This setting will reduce the frequency of abnormal SSH connections.

5. Record and inspect Logs
   Inspect Logs: Look at network behavior to detect suspicious IPs:

bash
sudo tail -f /var/log/ufw.log
If suspicious behavior is detected, immediately block the IPs as above.

6. Reload UFW after configuration
   For the settings to take effect:

bash
sudo ufw reload
Additional Tips
Use Fail2Ban in conjunction with UFW to block IPs that attempt to re-attach:

bash
sudo apt install fail2ban
Backup your data before making any changes to your firewall To avoid settings that may prevent you from accessing the server.

If you need further assistance with these settings or have any problems using UFW, please let us know.