diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
index 9dedb1d..2a9e37d 100644
--- a/roles/ssh/tasks/main.yml
+++ b/roles/ssh/tasks/main.yml
@@ -1,3 +1,13 @@
+    - name: ufw - preemptively allow new SSH port
+      become: true
+      community.general.ufw:
+        rule: limit
+        direction: in
+        to_port: "{{ ssh_port }}"
+      notify: "firewall : restart ufw service"
+
+    - name: flush handlers to restart ufw
+      ansible.builtin.meta: flush_handlers
 
     - name: secure ssh configuration 
       become: true