I like to add here that I disagree with article authors opinion regarding the Firewall GUI and the point about enabling it.
UFW is only a GUI, that said if you enable it or not it does not magically do anything unless you actually work with it and change some iptables, manually, via script or trough the GUI itself which only triggers iptables, nftables. Even if you manually enable it, running it once it does not stay enabled after a reboot, for that you need to use a script to set it to start upon boot.
The GUI do not need to be enabled when the iptables or nftables are configured to be secure by default, which is often the case in most Linux distros. Unless Windows even if you disable the GUI the rules you applied before or that are pre-defined remain intact, this is different from the Windows Firewall GUI which entirely leaves you defenseless if you disable it within their GUI.
I do not see this as negative point that the GUI is not enable by default, the fear people have are about open ports and by default there are none because applications are not allowed to run unless allowed or explicitly permitted after boot sequence. The best is to directly address this by default with a solid iptables configuration that comes with the actual Distro. People with GUIs usually tend to create holes with rules and exceptions instead of solving the actual problem.
Other than that I am thankful that people here and then spending their time reviewing things.
I like to add here that I disagree with article authors opinion regarding the Firewall GUI and the point about enabling it.
UFW is only a GUI, that said if you enable it or not it does not magically do anything unless you actually work with it and change some iptables, manually, via script or trough the GUI itself which only triggers iptables, nftables. Even if you manually enable it, running it once it does not stay enabled after a reboot, for that you need to use a script to set it to start upon boot.
The GUI do not need to be enabled when the iptables or nftables are configured to be secure by default, which is often the case in most Linux distros. Unless Windows even if you disable the GUI the rules you applied before or that are pre-defined remain intact, this is different from the Windows Firewall GUI which entirely leaves you defenseless if you disable it within their GUI.
I do not see this as negative point that the GUI is not enable by default, the fear people have are about open ports and by default there are none because applications are not allowed to run unless allowed or explicitly permitted after boot sequence. The best is to directly address this by default with a solid iptables configuration that comes with the actual Distro. People with GUIs usually tend to create holes with rules and exceptions instead of solving the actual problem.
Other than that I am thankful that people here and then spending their time reviewing things.