Setting up a firewall in Ubuntu is super easy. We can use UFW which is part of the standard Ubuntu 20.04. In case UFW is not installed in your machine, you can easily install it using the following commands.

sudo apt update
sudo apt install ufw

You can check the status of UFW using

sudo ufw status

If your UFW is inactive you will see

Status: inactive

To see all applications that can register their profiles with UFW, use this command.

sudo ufw app list

The result might look like this.

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS
  OpenSSH

If UFW is active, by default it will block all incoming connections to your machine except the connections that are explicitly allowed. For instance, to make sure that the firewall allows SSH connection, you have to explicitly allow it by typing

sudo ufw allow OpenSSH

Similarly, if you want to allow HTTP connection for your Nginx, then execute

sudo ufw allow 'Nginx HTTP'

Or, if you want to allow both HTTP and HTTPS connections, you can use

sudo ufw allow 'Nginx Full'

In case you want to disallow a connection, let say the HTTP connection that we set previously, use

sudo ufw delete allow 'Nginx HTTP'

Now, to active your UFW, use the following command.

sudo ufw enable

Check the status again using sudo ufw status, you may see a result like this

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

That's all! Now, your firewall is active.