How to Install and Configure a Firewall on Debian 12: Secure Your Server the Smart Way

Introduction

When deploying any Linux server especially Debian 12 security should be your top priority. One of the first lines of defense is a well-configured firewall, helping control incoming and outgoing traffic and reducing exposure to attacks.

In this guide, you’ll learn how to install and configure a firewall on Debian 12 using two powerful tools: UFW (Uncomplicated Firewall) and iptables. Whether you’re running a personal project or a business-critical application, this tutorial will give you the confidence to lock down your system properly.

Why Use a Firewall on Debian 12?

A firewall acts as a gatekeeper, filtering network traffic based on a set of rules. Without one, your server is left exposed to threats like:

• Unauthorized access attempts
• Brute-force attacks
• Malware communication
• Open and unnecessary ports

Using a firewall helps you control access, minimize risks, and stay compliant with best security practices.

Step 1: Updating Your System

Before installing anything, always update your system:

sudo apt update && sudo apt upgrade -y

Step 2: Installing UFW (Uncomplicated Firewall)

UFW simplifies firewall configuration with user-friendly commands.

Install UFW

sudo apt install ufw -y

Enable UFW

sudo ufw enable

Check UFW Status

sudo ufw status verbose

Step 3: Basic UFW Rules

Allow SSH (Essential for Remote Access)

sudo ufw allow ssh

Or use port number:

sudo ufw allow 22/tcp

Allow HTTP & HTTPS

sudo ufw allow http
sudo ufw allow https

Deny All Incoming by Default, Allow All Outgoing

sudo ufw default deny incoming
sudo ufw default allow outgoing

Step 4: Managing UFW Rules

Check Existing Rules

sudo ufw status numbered

Delete a Rule

sudo ufw delete [rule number]

Optional: Use iptables for Advanced Control

If you need fine-grained control, you can use iptables.

Install iptables-persistent

sudo apt install iptables-persistent

Example: Allow SSH with iptables

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Save iptables Rules

sudo netfilter-persistent save

sudo netfilter-persistent save

sudo netfilter-persistent save

Step 5: Testing the Firewall

Use tools like nmap from another machine to check open ports:

nmap your_server_ip

This helps verify that only necessary ports are exposed.

🔒 Firewall Best Practices

• Only open ports you need
• Regularly review and update rules
• Always allow SSH access before enabling UFW to avoid being locked out
• Combine firewall with fail2ban for brute-force protection
• Keep system and packages up to date

Conclusion

Securing your Debian 12 server with a firewall is simple yet powerful. Whether you're a beginner using UFW or an advanced user managing iptables, these tools can significantly reduce your attack surface.

Take a few minutes today to lock down your system it could save you from major headaches tomorrow.

🌐 Need Help with Server Security?

At Technology Elevator, we offer professional Linux server setup, cloud security, and DevOps services to keep your infrastructure safe and scalable. Let our experts handle the technical heavy lifting so you can focus on growing your business.

👉 Contact us now and let’s elevate your security!