Nowadays it would seem really silly to connect a machine to the Internet without some sort of firewall enabled so as to afford it at least a little bit of shielding against the big bad world out there.
A quick and easy solution for Ubuntu is the Uncomplicated Firewall, aka ufw package.
From the documentation: The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default ufw is disabled.
Although it should be installed on your Ubuntu server by default, in the event it isn’t then this is easily enough rectified by running:
sudo apt-get install ufw
Next up is to ensure the ports you know need to be opened up to the rest of the world are indeed enabled in ufw. Needless to say, if this is a remote server then SSH HAS to be enabled, so do that one first! To enable, i.e. add a port, simply run:
sudo ufw allow 22
Note, you can modify the above to control which type of traffic (tcp/udp) it allows through, but for this simple example the above is perfectly fine. If you are setting up a webserver then generally you want to open up FTP (21), SSH (22), HTTP (80), and HTTPS (443).
With SSH access ensured, you can then change the default behaviour to block all incoming traffic not catered for by the allow rules.
sudo ufw default deny
You can check up the status by running:
sudo ufw status verbose
Once you’re happy with your config, enable ufw and if you really want to be sure that ufw rules are being run, reboot your server just for the heck of it.
sudo ufw enable sudo reboot now
Pretty simple, but well worth knowing.
Related Link: https://help.ubuntu.com/community/UFW