How to Delete UFW Rules in Ubuntu

Last updated: July 17, 2022

One of the most common tasks when managing a firewall is updating or deleting the rule. Deleting a firewall rule should be done carefully because any mistake can expose the server to unwanted traffic.

In this guide, we will learn how to delete UFW rules on Ubuntu.

Prerequisites

The user running the UFW commands must have

  • A Linux distribution with UFW installed and enabled
  • A user account with sudo privileges

Delete a UFW Rule

Before making any manipulation of the UFW firewall, it is important to know the existing rules. List UFW rules help to know existing rules defined on the firewall.

There are two ways to delete UFW rules:

  • By rule number
  • By specification

1. Delete a UFW Rule by rule number

Deleting the UFW rules by rule number is easier because you only need to specify the rule number to delete.

sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] OpenSSH                    ALLOW IN    Anywhere                  
[ 2] 80                         ALLOW IN    Anywhere                  
[ 3] 443                        ALLOW IN    Anywhere                  
[ 4] OpenSSH (v6)               ALLOW IN    Anywhere (v6)             
[ 5] 80 (v6)                    ALLOW IN    Anywhere (v6)             
[ 6] 443 (v6)                   ALLOW IN    Anywhere (v6)

Once the number has been identified, you can delete the rule

sudo ufw delete 2
Deleting:
 allow 80
Proceed with operation (y|n)?

As you can see, you need to confirm the operation.

When a rule is removed by the number, then the order of the other rules also changes. You should be aware that deleting a rule by number does not do it automatically for the IPv4 and IPv6. You will have to manually remove the IPv4 and IPv6 rules as well.

sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] OpenSSH                    ALLOW IN    Anywhere                  
[ 2] 443                        ALLOW IN    Anywhere                  
[ 3] OpenSSH (v6)               ALLOW IN    Anywhere (v6)             
[ 4] 80 (v6)                    ALLOW IN    Anywhere (v6)             
[ 5] 443 (v6)                   ALLOW IN    Anywhere (v6)

Make sure to always check the rules number before any deletion.

2. Delete a UFW Rule by ufw delete Command

The second way to delete a rule is to use the ufw command used to create the rule with the delete option. To be more specific, let's sqy you added a rule that opens port 443 with the command sudo ufw allow 443, to delete it go as below

sudo ufw delete allow 443
Rule deleted
Rule deleted (v6)

You see that removing a rule by specification automatically removes the rules for both IPv4 and IPv6

3. ufw disable

This will disable the firewall but will keep all rules in place. Disabling UFW doesn't delete rules from the system.

UFW disable will allow all connections to come through so you need to be careful when using it. The good thing is later when enable, all rules get active again.

sudo ufw disable
Firewall stopped and disabled on system startup

4. UFW Reset

UFW reset will delete all rules and backup to a location. The system will go back to the default firewall state.

sudo ufw reset
Resetting all rules to installed defaults. This may disrupt existing ssh
connections. Proceed with operation (y|n)?

It can be useful if you would like to start from zero because of some misconfigurations. You also need to be careful when using this command as it may disrupt your ssh access to the server.

Conclusion

In this guide, we learned how to delete UFW rules in Ubuntu.

Make sure to always keep your ssh rule and don't delete it, otherwise, you can lose your ssh access

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment