ufw allow http ufw allow https ufw allow ssh ufw enable
That is, allow HTTP (port 80), HTTPS (port 443), and SSH (port 22), and nothing else.
Check the current status of your firewall with
ufw status verbose
Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 80 ALLOW IN Anywhere 443 ALLOW IN Anywhere 22 ALLOW IN Anywhere 80 (v6) ALLOW IN Anywhere (v6) 443 (v6) ALLOW IN Anywhere (v6) 22 (v6) ALLOW IN Anywhere (v6)
And if you ever want to turn it off
A firewall should not matter if you are using a default Docker install of Discourse, for the same reason almost no Linux distribution ships with a firewall enabled by default.
But if you have somehow installed extra services that talk to the outside world, adding a firewall gives you “belt and suspenders” security, if that is of interest to you.