How to fix inactive UFW status shows in Linux

UFW, also known as Uncomplicated Firewall, is a firewall system for many Linux distributions. UFW has made it very easy for new users to manage the firewall through command line interface and GUI.

A UFW firewall is a system that monitors network traffic according to specific rules to keep the network safe from network sniffers and other attackers. If you have installed UFW and its status is inactive then there can be many reasons behind this. In this guide, I will explain how to fix the inactive status of UFW Firewall on Linux.

Why is UFW showing inactive status on Linux?

Some of the reasons for deactivation of UFW are given below:

  • In many Linux distributions, UFW is pre-installed, but by default, it is disabled.
  • If you have installed UFW yourself, it will be disabled by default showing inactive status.

Why is UFW disabled by default on Linux?

UFW is disabled by default because it may block SSH or HTTP ports, which are important for server communication and management. It rejects all incoming traffic and allows outgoing traffic. As a server administrator, you can send requests and receive responses. However, the firewall will block all incoming connections.

The incoming traffic is critical for SSH and HTTP communications. Without SSH, you will not be able to access the server. These ports must be allowed through UFW to connect to the server. Therefore, before enabling UFW, you must ensure that the main ports are enabled for incoming traffic.

Comment: I am using Ubuntu 22.04 to execute the following command while the instructions are similar for other distributions as well.

How to View UFW Status on Linux

In Linux, UFW is disabled by default whether it is pre-installed or you installed it manually. You have to activate it.

Execute to observe UFW status ufw status Command in terminal:

You can also check UFW status through UFW configuration file. To access the file, use the command below:

sudo Cat ,etc,ufw,ufw.conf

read and check file Able Service. if it is No So it means UFW is disabled.

You can also launch the GUI application to check the UFW status.

How to Fix UFW Status Shows Inactive on Linux

The disabled state of UFW can be fixed by enabling it using the command line.

Before enabling UFW, it is a good practice to take a look at the additional rules.

Comment: By default, UFW rejects all incoming traffic.

To enable UFW, launch Terminal and run enable ufw Command, which enables UFW even at bootup:

To monitor the status, re-run the command below:

To format the status in numbered form, use:

You can also enable it using the UFW configuration file. Open the UFW configuration file using nano Editor:

sudo nano ,etc,ufw,ufw.conf

search Ablechange position from No To YesAnd save the file.

Press to save the file Ctrl+XThis will motivate you to make and press change and and To save the file.

Comment: To enable UFW via configuration file you must reboot the server.

You can also enable UFW using the GUI window of UFW. Launch the UFW application and toggle Enabled.

How to know which application requires incoming via UFW

Every port that needs incoming traffic must be allowed through UFW. SSH is important, because if you enabled UFW without allowing the SSH port you may lose control of your server.

To see which applications should be allowed for incoming traffic, run ufw app list Permission:

Or, check the UFW application profile:

Ras ,etc,ufw,application.d

These are applications that require ports to be opened.

Comment: Applications that require ports to be enabled have a UFW profile.

How to identify and allow ports with UFW

Use the below command to know the port of a specific application.

The syntax of the command is:

sudo UFW App Information ,<ऐप-नाम>,

For example, to view the port name of ssh Use the command below:

sudo UFW App Information “openssh”

OpenSSH requires port 22 to function properly.

To check the full port of Apache use:

sudo UFW App Information “apache complete”

As can be seen Apache requires two ports 80 and 443 to work.

How to enable UFW for applications that require incoming traffic

Enabling UFW will cause all incoming traffic to be rejected. To avoid your own exclusion from the server, it is important to add a rule to access the server via SSH before enabling UFW.

To add OpenSSH connection rules use:

Or use:

Use the following command to add rules for the Apache web server:

Ports 80 and 443 are for HTTP and HTTPS respectively and both are required for the Apache web server.

Or use:

sudo uh allow “apache complete”

After enabling the main port via UFW, you can enable UFW using enable ufw Permission.


UFW is the default firewall of various Linux distributions. By default, it is set to disabled as it may block traffic from some important ports like 22, 80, or 443. There are various procedures to activate it. UFW can be enabled through commands, the UFW configuration file, and the UFW graphical user interface. UFW disables all incoming traffic, so make sure the SSH rule is added before enabling UFW.

Add comment

By Ranjan