> For the complete documentation index, see [llms.txt](https://docs.cloud.olakrutrim.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.cloud.olakrutrim.com/basics/core-infrastructure/compute/vms-and-baremetals/custom-firewall.md).
# Custom Firewall
**UFW Firewall Setup on Ubuntu VM**
You can attach a UFW firewall to your VMs. **Enabling the UFW firewall may break SSH access to your VM or other open ports.**Please follow these steps to ensure SSH access is maintained.
***
#### Solution
When enabling a firewall on a remote server that you connect to using SSH, make sure to **adjust the default policy to allow connections** instead of the default deny. Otherwise, enabling the firewall could disconnect your remote session and disable access to the server.
***
#### Step-by-Step Instructions
#### Step 1: Set the default policy to allow
Run the following command to set the default policy to allow all connections. This will prevent being locked out once the firewall is enabled:
```
sudo ufw default allow
```
#### Step 2: Enable the firewall
Enable the firewall with the following command. This will apply the settings:
```
1sudo ufw enable
```
#### Step 3: Allow SSH access (Port 22)
Use the following command to allow incoming TCP connections on port 22 (the default SSH port):
```
1sudo ufw allow 22/tcp
```
#### Step 4: Set the default policy to deny
Once SSH access is allowed, you can change the default policy to deny all incoming connections. This makes your server more secure by only allowing traffic on explicitly open ports:
```
1sudo ufw default deny
```
Following these steps ensures that SSH access remains available while securing your VM with the UFW firewall.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.cloud.olakrutrim.com/basics/core-infrastructure/compute/vms-and-baremetals/custom-firewall.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.