Nirjhor Anjum

How to configure UTF Firewall on Ubuntu

Uncomplicated Firewall (UFW) is a program for managing a Netfilter Firewall. You need to use it from a command-line interface to harden the security. UFW helps you to prevent your server from unwanted attacks.

Server applications get registered with UFW so that they can get the security and protection benefits of UFW. To check the installed UFW profiles you can run the following command:


How to install Nginx on Ubuntu

NGINX is considered one of the most popular web servers besides Apache web server and Microsoft’s IIS. It is being popular day by day because it is open-source, fast, lightweight, and high-performing.

Once you create a cloud server on any cloud platform (like AWS, DigitalOcean, Linode, etc.), you will get the operating system ready only. Therefore you need to set up the NGINX next. I am going to show you the steps in the case of “Ubuntu” which is almost the same for similar operating systems, by the way. I am showing the example of Ubuntu because it is widely used for its user-friendliness.

Now, moving towards installing and configuring NGINX, there are a few steps that you should follow:

Step 1: Install NGINX

First of all, to install NGINX you need to run the following commands:

sudo apt update
sudo apt install nginx

Next, if any instruction comes, you can easily follow, like,

  • If it asks for “Yes” just press “Y”. Follow the next instructions.
  • If it asks for “Restart” just press the “Enter” button.

Step 2: Configure the Firewall

After installation of NGINX, you should configure your operating system’s default firewall mechanism, which is ufw. You can click here to know about how to configure UTF Firewall on Ubuntu.

Step 3: Check the status of your NGINX server

Now to check your NGINX server’s status using the following command:

systemctl status nginx 

It will give you the following output:

● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-04-24 12:01:29 GMT; 7 days ago
Docs: man:nginx(8)
Main PID: 3384 (nginx)
Tasks: 4 (limit: 3201)
Memory: 6.7M
CGroup: /system.slice/nginx.service
├─5642 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─7632 nginx: worker process

Step 4: Manage your NGINX server

You can use the following commands for further management of  your NGINX server:

sudo systemctl start nginx

sudo systemctl stop nginx

sudo systemctl restart nginx

sudo systemctl reload nginx

sudo systemctl disable nginx

sudo systemctl enable nginx

The above commands do as follows respectively:

  • “start” command helps to start the server
  • “stop” command helps to stop the server
  • “restart” command simply stops the server and starts automatically again
  • “reload” command reloads the configuration of the server, and accepts your changes in the configuration without restarting it
  • “disable” command will disable NGINX, and in your next server boot (restart/start) NGINX will not be started automatically
  • “enable” command will enable NGINX, which means, on each boot (restart/start) NGINX will start automatically

Step 5: Setting Up Server Blocks (like Virtual Host in Apache)

By default, one website’s configuration remains there in NGINX, however, you can anytime change the configuration and can manage multiple websites from your single server.

For example purpose, we are assuming that your website’s name is going to be “”. Now, to manage your multiple websites there are a few steps as written below.

At first, you need to create a folder in the /var/www/ directory with the following command:

 sudo mkdir -p /var/www/ 

Here “-p” means that, if any parent directory creation is needed, then those will be created automatically.

Then, you need to assign directory ownership to yourself, the web root user, with the following command, where $USER means the current user:

 sudo chown -R $USER:$USER /var/www/ 

As an owner, you would get “read”, “write” and “execute” permission to the files inside the directory, but for other users and user groups, you need to set permission which should be “read” and “execute” only.

Therefore, next, to grant “read” and “execute” permission to other users and user groups you can run the following command:

 sudo chmod -R 755 /var/www/ 

After that, you need to configure your Server Block (i.e. Virtual Host) which is located at /etc/nginx/sites-available/. You need to create a configuration file here in the name of your website’s name using the following command:

 sudo pico /etc/nginx/sites-available/ 

Copy the following configuration and paste it on this file that you are editing with the “pico” Editor:

server {

    # Define the port from which your Host would respond

    listen 80;
    listen [::]:80;

    # Define the Hostname and 302 Found State

    return 302 https://$server_name$request_uri;

    # SSL Configuration

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;

    # Define Public Directory where Sites will be there

    root /var/www/html;

    # Define File Names that will be loaded by Default

    index index.php index.html index.htm index.nginx-debian.html;

    # PHP Configuration

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;

    # Define URL Rules

    location / {
        try_files $uri $uri/ /index.php?$args;

    location /blog/ {
        try_files $uri $uri/ /blog/index.php?$args;

Next, you need to create a shortcut to this configuration in the sites-enabled directory, which is read by NGINX on startup. Simply run the following command to create the shortcut (symbolic-link / symlinks):

 sudo ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/ 

Now, check if all your configurations are perfect or not, by the following command:

 nginx -t 

Finally, if you see that everything is fine, simply restart your server:

 sudo systemctl restart nginx 


Open Chat
Send Message
You may drop me a message here to schedule an appointment at a convenient time.