{"id":14338,"date":"2025-12-30T11:35:10","date_gmt":"2025-12-30T06:05:10","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=14338"},"modified":"2025-12-30T11:35:18","modified_gmt":"2025-12-30T06:05:18","slug":"how-to-monitor-secure-ufw-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-monitor-secure-ufw-on-linux-server","title":{"rendered":"How to Monitor &amp; Secure UFW on Linux Server &#8211; Easy Guide"},"content":{"rendered":"\n<p><strong>To monitor and secure UFW<\/strong> on a Linux server, set a deny-by-default policy, explicitly allow required services (e.g., SSH), enable and tune logging, watch real-time events with journalctl or \/var\/log\/ufw.log, apply rate limiting and per-IP rules, integrate Fail2ban for brute-force protection, and audit rules regularly with status and log reviews.<\/p>\n\n\n\n<p>In this guide, you\u2019ll learn how to monitor and secure UFW on a Linux server step-by-step. We\u2019ll build a safe baseline, enable actionable logging, add hardening rules, integrate alerting, and troubleshoot with confidence. Whether you manage a single VPS or multiple nodes, these best practices work across Ubuntu and Debian-based distributions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-ufw-and-why-it-matters\"><strong>What is UFW and Why it Matters<\/strong>?<\/h2>\n\n\n\n<p>UFW (Uncomplicated Firewall) is a user-friendly interface for <a href=\"https:\/\/www.youstable.com\/blog\/configure-csf-firewall-on-linux\/\">Linux\u2019s netfilter firewall<\/a>, using iptables or nftables under the hood depending on your distro. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"600\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-106.png\" alt=\"What Is UFW and Why It Matters\" class=\"wp-image-14415\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-106.png 1200w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-106-150x75.png 150w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure>\n\n\n\n<p>It\u2019s designed to make firewall management simple and predictable using human-readable commands, while still allowing granular controls like interfaces, IP ranges, and logging.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"before-you-begin-safety-checklist\"><strong>Before You Begin: Safety Checklist<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Console access:<\/strong> Have cloud\/VPS console or KVM\/IPMI access in case a rule locks you out.<\/li>\n\n\n\n<li><strong>Know your SSH port:<\/strong> If using a non-default SSH port, note it before enabling UFW.<\/li>\n\n\n\n<li><strong>Confirm network details:<\/strong> Public interface name (e.g., eth0) and trusted IPs\/ranges.<\/li>\n\n\n\n<li><strong>Backup:<\/strong> Snapshot the server or back up \/etc\/ufw.<\/li>\n\n\n\n<li><strong>Change window:<\/strong> Apply changes during a maintenance window if it\u2019s a production system.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-and-enable-ufw\"><strong>Install and Enable UFW<\/strong><\/h2>\n\n\n\n<p>On <a href=\"https:\/\/www.youstable.com\/blog\/configure-nginx-on-linux\/\">Ubuntu and most Debian-based servers<\/a>, UFW is available in the default repositories and often preinstalled. If not, install and enable it:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update\nsudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-ufw-on-linux\/\">install ufw<\/a>\nsudo ufw status verbose\n<\/code><\/pre>\n\n\n\n<p>On first use, UFW is inactive. We\u2019ll set a safe baseline and then enable it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"build-a-secure-baseline-minimum-safe-rules\"><strong>Build a Secure Baseline (Minimum Safe Rules)<\/strong><\/h2>\n\n\n\n<p>Start with a deny-by-default posture and explicitly allow what you need. Ensure <a href=\"https:\/\/www.youstable.com\/blog\/how-to-enable-ssh-access-for-clients-or-users\/\">SSH is allowed before enabling<\/a> UFW to avoid lockouts.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># 1) Enable IPv6 support if you use IPv6\nsudo sed -i 's\/^IPV6=.*\/IPV6=yes\/' \/etc\/default\/ufw\n\n# 2) Set default policies\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\n\n# 3) Allow SSH (22\/tcp) or your custom port\nsudo ufw allow ssh\n# or, for a custom port (example: 2222)\n# sudo ufw allow 2222\/tcp\n\n# 4) Enable UFW\nsudo ufw enable\n\n# 5) Verify\nsudo ufw status verbose<\/code><\/pre>\n\n\n\n<p>If your <a href=\"https:\/\/www.youstable.com\/blog\/best-linux-distros-for-hosting\/\">server hosts web<\/a> apps, allow HTTP\/HTTPS:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"hardening-ufw-practical-security-enhancements\"><strong>Hardening UFW: Practical Security Enhancements<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rate-limit-ssh-and-critical-services\"><strong>Rate Limit SSH and Critical Services<\/strong><\/h3>\n\n\n\n<p>UFW\u2019s \u201climit\u201d reduces brute-force attempts by rate limiting new connections from the same IP. It\u2019s ideal for SSH.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Applies a simple rate limit on SSH\nsudo ufw limit ssh comment 'Rate limit SSH to reduce brute force'<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"allow-only-from-trusted-ips-admin-and-database\"><strong>Allow Only from Trusted IPs (Admin and Database)<\/strong><\/h3>\n\n\n\n<p>Restrict management ports (SSH, database admin, <a href=\"https:\/\/www.youstable.com\/blog\/control-panel\/\">control panels<\/a>) to specific IPs or ranges whenever possible.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow SSH only from a trusted admin IP\nsudo ufw allow from 203.0.113.10 to any port 22 proto tcp comment 'Admin SSH'\n\n# Allow MySQL\/MariaDB only from app server subnet\nsudo ufw allow from 10.10.0.0\/24 to any port 3306 proto tcp comment 'App servers \u2192 DB'<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"use-application-profiles\"><strong>Use Application Profiles<\/strong><\/h3>\n\n\n\n<p>UFW ships with application profiles in \/etc\/ufw\/applications.d that predefine ports and protocols.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw app list\nsudo ufw allow 'Apache Full'\n# or\nsudo ufw allow 'Nginx Full'<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"control-by-interface-for-multi-nic-hosts\"><strong>Control by Interface for Multi-NIC Hosts<\/strong><\/h3>\n\n\n\n<p>Bind rules to an interface to avoid exposing services on unintended networks.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Expose HTTP only on public interface\nsudo ufw allow in on eth0 to any port 80 proto tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"tighten-outbound-traffic-egress-filtering\"><strong>Tighten Outbound Traffic (Egress Filtering)<\/strong><\/h3>\n\n\n\n<p>For hardened environments, restrict outbound traffic to reduce data exfiltration and malware callbacks. Start permissive, then narrow.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Example: allow DNS and HTTP\/S outbound only\nsudo ufw default deny outgoing\nsudo ufw allow out 53   # DNS\nsudo ufw allow out 80\/tcp\nsudo ufw allow out 443\/tcp<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"logging-levels-and-best-practices\"><strong>Logging: Levels and Best Practices<\/strong><\/h3>\n\n\n\n<p>Enable logging at a level that provides visibility without flooding disks. Start with \u201clow\u201d or \u201cmedium,\u201d increase temporarily for investigations.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Enable logging (low|medium|high|full)\nsudo ufw logging medium\nsudo ufw status verbose | grep -i logging<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"where-ufw-logs-live-and-how-to-monitor-them\"><strong>Where UFW Logs Live and How to Monitor Them<\/strong><\/h2>\n\n\n\n<p>Depending on your system, UFW logs are written to the system journal and\/or \/var\/log\/ufw.log via rsyslog. Use these commands to read and stream events:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># View UFW logs via journalctl (systemd)\nsudo journalctl -u ufw -n 200 --no-pager\n\n# Stream kernel firewall logs in real time\nsudo journalctl -k -f | grep -i ufw\n\n# If rsyslog writes a dedicated log\nsudo tail -f \/var\/log\/ufw.log<\/code><\/pre>\n\n\n\n<p>Look for lines containing UFW BLOCK or UFW ALLOW, source\/destination IPs, ports, and interfaces. These are crucial for investigating rejected packets, scans, and misconfigurations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-time-monitoring-and-alerting\"><strong>Real Time Monitoring and Alerting<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"integrate-fail2ban-with-ufw\"><strong>Integrate Fail2ban with UFW<\/strong><\/h3>\n\n\n\n<p>Fail2ban scans logs for suspicious patterns (e.g., failed SSH logins) and dynamically bans IPs using firewall actions. Use the UFW action to add bans as UFW rules.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-fail2ban-on-linux\/\">install fail2ban<\/a>\n# In \/etc\/fail2ban\/jail.local (example)\n&#91;sshd]\nenabled = true\nport    = ssh\nbanaction = ufw\nmaxretry = 5\nfindtime = 600\nbantime  = 3600\n\nsudo systemctl restart fail2ban\nsudo fail2ban-client status sshd<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"use-log-based-alerts\"><strong>Use Log-Based Alerts<\/strong><\/h3>\n\n\n\n<p>Ship UFW logs to a SIEM or logging stack (Elastic, Loki, Graylog) and alert on spikes in \u201cUFW BLOCK\u201d events, repeated hits to non-existent ports, or blocks against critical ports. For lightweight setups, a simple journalctl + mail script via cron works as a starter solution.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rotate-and-retain-logs\"><strong>Rotate and Retain Logs<\/strong><\/h3>\n\n\n\n<p>Ensure logs don\u2019t fill disks. On many systems, \/etc\/logrotate.d\/ufw handles rotation automatically. Verify retention fits your security policy (e.g., 30\u201390 days).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"auditing-testing-and-troubleshooting\"><strong>Auditing, Testing, and Troubleshooting<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"inspect-rules-and-order\"><strong>Inspect Rules and Order<\/strong><\/h3>\n\n\n\n<p>UFW processes rules top-to-bottom. Use numbered output to review and delete rules safely.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Show rules with numbers and details\nsudo ufw status numbered verbose\n\n# Delete a specific rule by number (example deletes rule #3)\nsudo ufw delete 3<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"dry-run-and-reload-safely\"><strong>Dry Run and Reload Safely<\/strong><\/h3>\n\n\n\n<p>Test changes before enforcing them and reload without dropping existing connections.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Preview a rule without applying it\nsudo ufw --dry-run allow 8080\/tcp comment 'Preview rule'\n\n# Apply changes and reload\nsudo ufw allow 8080\/tcp\nsudo ufw reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"diagnose-blocked-traffic\"><strong>Diagnose Blocked Traffic<\/strong><\/h3>\n\n\n\n<p>To confirm if UFW blocks a port, try connecting from a trusted remote host and watch logs in real time. Use curl, nc, or nmap for validation.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># From a remote machine\nnc -vz your.server.ip 443\nnmap -Pn -p 22,80,443 your.server.ip\n\n# On the server, stream for UFW blocks while testing\nsudo journalctl -k -f | grep -i ufw<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-pitfalls\"><strong>Common Pitfalls<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Forgetting IPv6:<\/strong> If IPV6 is disabled in UFW but your host has IPv6, services may bypass IPv4-only rules.<\/li>\n\n\n\n<li><strong>Cloud firewalls:<\/strong> Align UFW with your provider\u2019s security groups to avoid conflicting rules.<\/li>\n\n\n\n<li><strong>Service not listening: <\/strong>A closed port may be due to the service not binding or listening only on localhost.<\/li>\n\n\n\n<li><strong>Rule order:<\/strong> A broad allow placed above a narrow deny can unintentionally expose services.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ongoing-maintenance-and-best-practices\"><strong>Ongoing Maintenance and Best Practices<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Quarterly audits:<\/strong> Review ufw status verbose, prune unused rules, and rotate keys.<\/li>\n\n\n\n<li><strong>Change management: <\/strong>Use comments on every rule to document intent and ownership.<\/li>\n\n\n\n<li><strong>Staging first: <\/strong>Test new rules on a staging or replica server before production.<\/li>\n\n\n\n<li><strong>Baseline integrity:<\/strong> Keep a version-controlled copy of \/etc\/ufw and \/etc\/fail2ban.<\/li>\n\n\n\n<li><strong>Security scans:<\/strong> Periodically run nmap from outside to validate exposed ports.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ufw-vs-other-linux-firewalls-quick-context\"><strong>UFW vs. Other Linux Firewalls (Quick Context)<\/strong><\/h2>\n\n\n\n<p>UFW emphasizes simplicity and is ideal for single servers and small fleets. firewalld offers zone-based management common on RHEL-based systems. Native nftables provides maximum flexibility for advanced environments. Many teams choose UFW for straightforward, auditable rules with minimal overhead\u2014especially on Ubuntu\/Debian servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"production-ready-ufw-checklist\"><strong>Production-Ready UFW Checklist<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Default deny incoming; allow only necessary ports and sources.<\/li>\n\n\n\n<li>Allow SSH from trusted IPs; apply ufw limit ssh.<\/li>\n\n\n\n<li>Enable logging at medium; monitor via journalctl and\/or \/var\/log\/ufw.log.<\/li>\n\n\n\n<li>Integrate Fail2ban with banaction = ufw for brute-force mitigation.<\/li>\n\n\n\n<li>Review ufw status numbered monthly; remove stale rules.<\/li>\n\n\n\n<li>Enable IPv6; ensure parity between IPv4 and IPv6 rules.<\/li>\n\n\n\n<li>Rotate logs and forward to a central system for alerts.<\/li>\n\n\n\n<li>Validate externally with nmap after every change window.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"example-secure-web-server-with-admin-access\"><strong>Example: Secure Web Server with Admin Access<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code># Defaults\nsudo ufw default deny incoming\nsudo ufw default allow outgoing\nsudo ufw logging medium\n\n# Admin access (SSH) from office IP only\nsudo ufw allow from 203.0.113.10 to any port 22 proto tcp comment 'Office SSH'\n\n# Web stack\nsudo ufw allow 80\/tcp comment 'HTTP'\nsudo ufw allow 443\/tcp comment 'HTTPS'\n\n# Rate limit SSH\nsudo ufw limit ssh comment 'Rate limit SSH'\n\n# Enable and verify\nsudo ufw enable\nsudo ufw status numbered verbose<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs\"><strong>FAQ&#8217;s<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765951214454\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"1-how-do-i-check-ufw-logs-and-see-whats-being-blocked\">1. <strong>How do I check UFW logs and see what\u2019s being blocked?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Enable logging with sudo ufw logging medium, then review events via sudo journalctl -k -f | grep -i ufw or tail -f \/var\/log\/ufw.log if present. Look for \u201cUFW BLOCK\u201d lines to identify source IPs, destination ports, and interfaces.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951230315\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"2-whats-the-recommended-ufw-default-policy-for-servers\">2. <strong>What\u2019s the recommended UFW default policy for servers?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use sudo ufw default deny incoming and sudo ufw default allow outgoing, then explicitly allow required services (SSH, HTTP, HTTPS, database if needed). For high-security environments, restrict outgoing as well and permit only necessary destinations.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951239096\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"3-does-ufw-support-ipv6-and-how-do-i-enable-it\">3. <strong>Does UFW support IPv6 and how do I enable it?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. Set IPV6=yes in \/etc\/default\/ufw, then sudo ufw reload. Ensure every IPv4 rule has a matching IPv6 rule to avoid unintentional exposure over IPv6.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951247784\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"4-how-can-i-protect-ssh-with-ufw-from-brute-force-attacks\">4. <strong>How can I protect SSH with UFW from brute-force attacks?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Combine sudo ufw limit ssh with IP allowlists for admin networks. For advanced protection, deploy Fail2ban with banaction = ufw to dynamically ban abusive IPs based on failed login patterns.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951261562\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"5-whats-the-difference-between-ufw-and-iptables-nftables\">5. <strong>What\u2019s the difference between UFW and iptables\/nftables?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>UFW is a higher-level, user-friendly manager that writes rules to netfilter via iptables or nftables. It simplifies common tasks, provides readable status, and reduces human error. If you need extremely complex policies, nftables directly offers more flexibility but at the cost of complexity.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To monitor and secure UFW on a Linux server, set a deny-by-default policy, explicitly allow required services (e.g., SSH), enable [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":16728,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-14338","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Monitor-Secure-UFW-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=14338"}],"version-history":[{"count":6,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14338\/revisions"}],"predecessor-version":[{"id":16730,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14338\/revisions\/16730"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/16728"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=14338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=14338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=14338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}