If you're locked out of your server due to firewall rules, or troubleshooting a system via a rescue environment, you may need to disable UFW (Uncomplicated Firewall) manually. This guide shows how to disable UFW from a mounted Linux filesystem.
🛠️ Step 1: Boot into Rescue Mode
First, boot your system into a rescue environment. Most hosting providers offer this when the system becomes unreachable. Once inside, identify and mount your main filesystem.
Example output of lsblk
:
/dev/md2 206.9G RAID1 — likely your root filesystem
Then mount it:
mkdir /mnt/rescue
mount /dev/md2 /mnt/rescue
🔒 Step 2: Disable UFW in Configuration
Once mounted, edit the UFW configuration file:
nano /mnt/rescue/etc/ufw/ufw.conf
Look for this line:
ENABLED=yes
Change it to:
ENABLED=no
If the line doesn't exist, just add it. Save and exit the file.
🚫 Optional: Fully Disable UFW Rule Files
If you want to ensure UFW doesn't apply any firewall rules, you can rename the entire configuration folder:
mv /mnt/rescue/etc/ufw /mnt/rescue/etc/ufw.disabled
This will completely prevent UFW from loading when the system boots.
🔁 Step 3: Reboot and Test
Once you've made the changes, reboot your server:
reboot
After the system comes back up, UFW will be disabled, and no UFW-based firewall rules will be applied.
✅ Bonus Tip: Check for iptables Rules
UFW is just a frontend for iptables
. If you're still locked out after disabling UFW, you might also want to check for custom iptables rules:
iptables -L
Or clear them (only if you're sure):
iptables -F
🧠 Summary
- Mount the root filesystem.
- Edit
ufw.conf
to setENABLED=no
. - Optionally rename
/etc/ufw
to disable all rules. - Reboot the server.
This can be a lifesaver if you’ve locked yourself out or need to regain control of firewall settings remotely.
Comments
Post a Comment