How to disable ufw ?

Hi there,

Since you cannot connect to your Lightsail instance via ssh or through the browser-based ssh client after enabling ufw. You can recover your instance by taking a snapshot of it if you did not create a backup on launch and create a new instance from it. When you launch the new instance via console add the following script as a launch script to disable ufw:

sudo service ufw stop

You can also use AWS CLI to launch the new instance from a snapshot by running the following command:

aws lightsail create-instances-from-snapshot --region <snapshot-region> --instance-snapshot-name <snapshot-name> --instance-names <new-instance-name> --availability-zone <preferred-AZ> --user-data 'sudo service ufw stop' --bundle-id <value>

Alternately, you can export your Lightsail snapshot to Amazon EC2 for further troubleshooting by following the steps here and here. Additionally, here is a video tutorial on how to export Lightsail instance to Amazon EC2 instance.

Hope this helps

Please refer the instructions under the section Resolve firewall issues in this article https://repost.aws/knowledge-center/lightsail-resolve-ssh-console-errors

Copy pasting that content below for easy reference:

To use a launch script to deactivate OS-level firewalls, complete the following steps:

1. Open the Lightsail console.
2. Create a manual snapshot of the instance.
3. Create an instance from the snapshot.
4. Choose Add launch script, and then add the following script:

sudo ufw disable
sudo iptables -F
sudo mv /etc/hosts.deny /etc/hosts.deny_backup
sudo touch /etc/hosts.deny
sudo systemctl enable sshd
sudo systemctl restart sshd

Note: The preceding example script deactivates the UFW firewall, flushes all the iptable chains or firewall rules, and renames the /etc/hosts.deny file to deactivate it.

5. Choose a new instance plan, or use the same plan as the previous instance.
6. Enter a name for the instance, and then choose Create instance.