{"id":12805,"date":"2025-12-20T12:41:03","date_gmt":"2025-12-20T07:11:03","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12805"},"modified":"2025-12-20T12:41:05","modified_gmt":"2025-12-20T07:11:05","slug":"how-to-configure-ufw-on-linux","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-configure-ufw-on-linux","title":{"rendered":"How to Configure UFW on Linux Server &#8211; (Step-by-Step Guide 2026)"},"content":{"rendered":"\n<p><strong>To configure UFW on a Linux server<\/strong>, install UFW, set default policies (deny incoming, allow outgoing), allow SSH, then enable the firewall. Add service rules (e.g., HTTP\/HTTPS), verify with ufw status and external scans, and adjust advanced options like rate limiting and IPv6 as needed. This step-by-step 2026 guide shows you how.<\/p>\n\n\n\n<p>If you want a simple, secure way to protect your server, <a href=\"https:\/\/www.youstable.com\/blog\/what-is-kubernetes-on-linux-server-step-by-step-learning-guide\/\">learning how to configure UFW on a Linux server<\/a> is a smart first step. UFW (Uncomplicated Firewall) is a user-friendly interface for iptables\/nftables that lets you define allow\/deny rules quickly without complex syntax\u2014ideal for Ubuntu, Debian, and many cloud images.<\/p>\n\n\n\n<p>In this expert, beginner-friendly walkthrough, I\u2019ll cover installation, safe activation (so you don\u2019t lock yourself out), common service rules, advanced hardening, backups, automation, and troubleshooting\u2014plus real-world tips from managing production servers at scale.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-ufw-and-why-use-it\"><strong>What is UFW and Why Use it?<\/strong><\/h2>\n\n\n\n<p>UFW (Uncomplicated Firewall) is a command-line firewall manager for Linux that simplifies iptables\/nftables. It\u2019s the default on Ubuntu and widely available on Debian and other distros. UFW makes it easy to open ports, restrict IPs, apply rate limiting, and manage IPv6 with human-readable commands.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"960\" height=\"960\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-68.png\" alt=\"Configure UFW on Linux \" class=\"wp-image-12913\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-68.png 960w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-68-96x96.png 96w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-68-150x150.png 150w\" sizes=\"auto, (max-width: 960px) 100vw, 960px\" \/><\/figure>\n\n\n\n<p>Primary keyword focus: configure UFW on Linux server. Secondary keywords used naturally: UFW firewall, Ubuntu firewall, Debian firewall, ufw allow port, iptables vs UFW.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-safety-checklist\"><strong>Prerequisites and Safety Checklist<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"before-you-begin\"><strong>Before You Begin<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SSH access with sudo privileges<\/li>\n\n\n\n<li>Console\/serial access via your cloud provider in case of lockout<\/li>\n\n\n\n<li>Server OS: Ubuntu 20.04\/22.04\/24.04 LTS, Debian 11\/12, or compatible<\/li>\n\n\n\n<li>Confirm whether IPv6 is enabled on your host\/network<\/li>\n\n\n\n<li>Know your critical services and ports (e.g., SSH 22, HTTP 80, HTTPS 443)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"check-current-firewall-status\"><strong>Check Current Firewall Status<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw status verbose\nsudo iptables -S\nsudo nft list ruleset 2&gt;\/dev\/null<\/code><\/pre>\n\n\n\n<p>On modern Ubuntu\/Debian, UFW often manages nftables under the hood. Don\u2019t mix multiple firewalls at once unless you know what you\u2019re doing.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-and-enable-ufw-without-locking-yourself-out\"><strong>Install and Enable UFW (Without Locking Yourself Out)<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"1-install-ufw\"><strong>1) Install UFW<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update\nsudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-ufw-on-linux\/\">install ufw<\/a><\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"2-set-default-policies\"><strong>2) Set Default Policies<\/strong><\/h3>\n\n\n\n<p><strong>Default policies define what happens when no explicit rule matches.<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw default deny incoming\nsudo ufw default allow outgoing<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"3-allow-ssh-before-enabling\"><strong>3) Allow SSH Before Enabling<\/strong><\/h3>\n\n\n\n<p>Always allow SSH first to avoid being locked out. If your SSH runs on a custom port, change 22 to that port.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw allow 22\/tcp\n# Example for a custom port\n# sudo ufw allow 2222\/tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"4-enable-ufw-and-verify\"><strong>4) Enable UFW and Verify<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw enable\nsudo ufw status numbered\nsudo ufw status verbose<\/code><\/pre>\n\n\n\n<p>UFW persists across reboots automatically once enabled.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"essential-ufw-commands-and-concepts\"><strong>Essential UFW Commands and Concepts<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"allow-or-deny-ports-and-services\"><strong>Allow or Deny Ports and Services<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow common web services\nsudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp\n\n# Deny a specific port explicitly\nsudo ufw deny 25\/tcp<\/code><\/pre>\n\n\n\n<p>Many distros ship with UFW application profiles for quick rules.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw app list\nsudo ufw allow \"Nginx Full\"    # usually allows 80 and 443\nsudo ufw allow \"OpenSSH\"<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"delete-or-reset-rules\"><strong>Delete or Reset Rules<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># List with numbers\nsudo ufw status numbered\n\n# Delete by number\nsudo ufw delete 3\n\n# Reset to defaults (removes all rules)\nsudo ufw reset<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-logging-for-auditing\"><strong>Enable Logging (for Auditing)<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw logging on\nsudo ufw logging medium   # low|medium|high\n# Logs: \/var\/log\/ufw.log or journalctl -u ufw<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"configure-common-services-real-world-examples\"><strong>Configure Common Services (Real-World Examples)<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"web-server-http-https\"><strong>Web Server (HTTP\/HTTPS)<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Generic:\nsudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp\n\n# Profile-based (if available):\nsudo ufw allow \"Nginx Full\"\n# or\nsudo ufw allow \"Apache Full\"<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"dns-mail-and-ftp\"><strong>DNS, Mail, and FTP<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># DNS server (UDP 53, TCP 53)\nsudo ufw allow 53\n# SMTP (25), Submission (587), SMTPS (465), IMAPS (993), POP3S (995)\nsudo ufw allow 25\/tcp\nsudo ufw allow 587\/tcp\nsudo ufw allow 465\/tcp\nsudo ufw allow 993\/tcp\nsudo ufw allow 995\/tcp\n# FTP (21) and passive range example\nsudo ufw allow 21\/tcp\nsudo ufw allow 40000:50000\/tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"limit-access-to-specific-ips-subnets\"><strong>Limit Access to Specific IPs\/Subnets<\/strong><\/h3>\n\n\n\n<p>Restrict sensitive services (e.g., databases, admin panels) to trusted IPs only.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow MySQL only from an office IP\nsudo ufw allow from 203.0.113.10 to any port 3306 proto tcp\n\n# Allow Postgres from a private subnet\nsudo ufw allow from 10.0.0.0\/24 to any port 5432 proto tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"per-interface-rules-multi-nic-hosts\"><strong>Per-Interface Rules (Multi-NIC Hosts)<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow service only on a specific interface\nsudo ufw allow in on eth1 to any port 9200 proto tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"port-ranges-and-protocols\"><strong>Port Ranges and Protocols<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Port range\nsudo ufw allow 2000:2100\/tcp\n\n# UDP example (VoIP, gaming, etc.)\nsudo ufw allow 3478\/udp<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"advanced-hardening\"><strong>Advanced Hardening<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rate-limit-brute-force-attempts\"><strong>Rate Limit Brute-Force Attempts<\/strong><\/h3>\n\n\n\n<p>Rate limiting throttles repeated connection attempts. It\u2019s ideal for SSH and APIs, but not a replacement for strong auth.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw limit 22\/tcp comment 'Rate-limit SSH'\n# For a custom API port:\nsudo ufw limit 8443\/tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-and-verify-ipv6\"><strong>Enable and Verify IPv6<\/strong><\/h3>\n\n\n\n<p>If your server has IPv6, ensure UFW manages it; otherwise you\u2019ll leave IPv6 wide open.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Check \/etc\/ufw\/ufw.conf\nsudo sed -n '1,120p' \/etc\/ufw\/ufw.conf | sed -n '\/^#\/!p' | sed -n '1,10p'\n# Set: IPV6=yes\n# Then reload:\nsudo ufw disable &amp;&amp; sudo ufw enable\nsudo ufw status verbose<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"docker-considerations\"><strong>Docker Considerations<\/strong><\/h3>\n\n\n\n<p>Docker manipulates iptables directly and can bypass UFW rules by default. Prefer publishing only required ports and consider Docker\u2019s user-defined networks. If you need stricter control, explore DOCKER-USER chain policies or run a reverse proxy on the host and open only that port in UFW.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"outbound-egress-rules\"><strong>Outbound (Egress) Rules<\/strong><\/h3>\n\n\n\n<p>Default outbound is allow. For locked-down environments, deny by default and allow specific destinations\/ports.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Restrictive egress model\nsudo ufw default deny outgoing\nsudo ufw allow out 53    # DNS\nsudo ufw allow out 80\/tcp  # HTTP\nsudo ufw allow out 443\/tcp # HTTPS\n# Allow outbound to a repository mirror only\nsudo ufw allow out to 198.51.100.20 port 443 proto tcp<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"back-up-restore-and-automate\"><strong>Back Up, Restore, and Automate<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"backup-and-restore-ufw-rules\"><strong>Backup and Restore UFW Rules<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Export active rules\nsudo ufw status numbered &gt; ufw.rules.txt\nsudo cp -a \/etc\/ufw\/ \/root\/backup-ufw-$(date +%F)\n\n# Restore (method: reapply commands or restore config dir)\n# After restoring \/etc\/ufw\/, reload:\nsudo ufw disable &amp;&amp; sudo ufw enable<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"reset-and-rebuild-safely\"><strong>Reset and Rebuild Safely<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Will remove existing rules; be sure you have console access\nsudo ufw reset\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\nsudo ufw allow 22\/tcp\nsudo ufw enable<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"automate-with-cloud-init-or-ansible\"><strong>Automate with Cloud-Init or Ansible<\/strong><\/h3>\n\n\n\n<p>For consistency across fleets, codify UFW in provisioning scripts (cloud-init) or Ansible roles. Pre-bake images with locked defaults and least-privilege rules. If you host with YouStable, our managed server team can provision hardened images with UFW, fail2ban, and DDoS filtering tailored to your stack.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"testing-and-troubleshooting\"><strong>Testing and Troubleshooting<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"test-from-a-remote-client\"><strong>Test from a Remote Client<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># From your workstation\nnc -vz your.server.ip 22\nnc -vz your.server.ip 80\n# or use nmap\nnmap -Pn -p 22,80,443 your.server.ip\n# HTTP check\ncurl -I http:\/\/your.server.ip<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"read-logs-and-system-journal\"><strong>Read Logs and System Journal<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo tail -f \/var\/log\/ufw.log\nsudo journalctl -u ufw -n 200 --no-pager<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-mistakes\"><strong>Common Mistakes<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Forgetting to allow SSH before enabling UFW<\/li>\n\n\n\n<li>Leaving IPv6 unmanaged while IPv6 is active<\/li>\n\n\n\n<li>Allowing services on the wrong interface or IP<\/li>\n\n\n\n<li>Conflicts with cloud security groups or host-based firewalls<\/li>\n\n\n\n<li>Docker-published ports bypassing expected policy<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rollback-plan\"><strong>Rollback Plan<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Temporarily disable if you lock yourself out (via console)\nsudo ufw disable\n# Or remove a bad rule by number\nsudo ufw status numbered\nsudo ufw delete &lt;number&gt;<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ufw-vs-iptables-nftables-pros-and-cons\"><strong>UFW vs. iptables\/nftables (Pros and Cons)<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Pros of UFW: <\/strong>Simple syntax, safer defaults, IPv6 support, profiles for common apps, quick auditing.<\/li>\n\n\n\n<li><strong>Cons of UFW: <\/strong>Less granular than raw nftables\/iptables for complex NAT\/forwarding; Docker interactions need care.<\/li>\n\n\n\n<li><strong>Tip: <\/strong>Use UFW for host firewalls; consider raw nftables\/iptables only for complex networking, routers, or advanced containers.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-and-real-world-tips\"><strong>Best Practices and Real-World Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Define your intended exposure first: only open what the application strictly needs.<\/li>\n\n\n\n<li>Pin admin services to office IPs or VPN subnets; never expose databases publicly.<\/li>\n\n\n\n<li>Enable IPv6 management and mirror your IPv4 rules in IPv6.<\/li>\n\n\n\n<li>Use ufw limit for SSH and API endpoints to slow brute-force attempts.<\/li>\n\n\n\n<li>Review ufw status and logs regularly; integrate with monitoring\/alerts.<\/li>\n\n\n\n<li>Document your ruleset and automate it with config management.<\/li>\n\n\n\n<li>If using Docker, prefer a reverse proxy (Nginx\/Traefik) and open only 80\/443 on the host.<\/li>\n\n\n\n<li>Coordinate UFW with cloud security groups to avoid confusion.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-configure-ufw-on-linux-server\"><strong>FAQs: Configure UFW on Linux Server <\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765608457311\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-ufw-better-than-iptables-or-nftables\"><strong>Is UFW better than iptables or nftables?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>UFW is not \u201cbetter\u201d but easier. It\u2019s a front-end that abstracts iptables\/nftables into simple commands. For most hosts, UFW is sufficient and safer. For complex routing, NAT, or container networks, raw nftables\/iptables may be preferable.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765608465247\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-allow-only-my-ip-to-access-a-port\"><strong>How do I allow only my IP to access a port?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use a source restriction. Example: sudo ufw allow from 203.0.113.10 to any port 5432 proto tcp. Replace the IP and port with your own values. This is ideal for admin panels and databases.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765608471380\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-reset-ufw-to-factory-defaults\"><strong>How can I reset UFW to factory defaults?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Run sudo ufw reset, then re-apply defaults and required rules: sudo ufw default deny incoming, sudo ufw default allow outgoing, sudo ufw allow 22\/tcp, and sudo ufw enable. Use console access to avoid lockouts.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765608480187\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"does-ufw-work-with-docker\"><strong>Does UFW work with Docker?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes, but Docker manages iptables rules directly. Published container ports can bypass expected host rules. Limit published ports, use reverse proxies, and, if needed, enforce policies via the DOCKER-USER chain or dedicated firewall rules.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765608489180\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-check-if-ipv6-is-protected-by-ufw\"><strong>How do I check if IPv6 is protected by UFW?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Open \/etc\/ufw\/ufw.conf and ensure IPV6=yes. Then sudo ufw disable and sudo ufw enable. Verify with sudo ufw status verbose. Mirror your <a href=\"https:\/\/www.youstable.com\/blog\/ipv4-address-classes\/\">IPv4 rules in IPv6 if your server uses IPv6 addresses<\/a>.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To configure UFW on a Linux server, install UFW, set default policies (deny incoming, allow outgoing), allow SSH, then enable [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15638,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"iawp_total_views":2,"footnotes":""},"categories":[350],"tags":[],"class_list":["post-12805","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-UFW-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12805","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12805"}],"version-history":[{"count":7,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12805\/revisions"}],"predecessor-version":[{"id":15640,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12805\/revisions\/15640"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15638"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}