Configuring firewall rules

Configuring Firewall Rules

Protect your VPS by controlling which network traffic is allowed. Learn how to configure firewall rules effectively.

Cloud Firewall (Dashboard)

Our cloud firewall filters traffic before it reaches your server.

Creating a Firewall

Go to Networking > Firewalls
Click Create Firewall
Name your firewall
Add rules
Apply to your servers

Common Rules

Name	Protocol	Port	Source
SSH	TCP	22	Your IP
HTTP	TCP	80	All
HTTPS	TCP	443	All
MySQL	TCP	3306	Private

Server Firewall (UFW)

UFW is the default firewall on Ubuntu/Debian.

Basic Commands

# Check status
sudo ufw status

# Enable firewall
sudo ufw enable

# Allow SSH (do this first!)
sudo ufw allow ssh

# Allow specific port
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow from specific IP
sudo ufw allow from 192.168.1.100

# Deny a port
sudo ufw deny 3306

# Delete a rule
sudo ufw delete allow 80/tcp

Application Profiles

# List available profiles
sudo ufw app list

# Allow an application
sudo ufw allow 'Nginx Full'
sudo ufw allow 'OpenSSH'

Best Practices

Default deny - Block all incoming, allow all outgoing
Whitelist approach - Only open ports you need
Limit SSH - Restrict to your IP or use fail2ban
Use both - Cloud firewall + server firewall

Example Secure Configuration

# Reset to defaults
sudo ufw default deny incoming
sudo ufw default allow outgoing

# Allow essential services
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

# Enable
sudo ufw enable

Troubleshooting

Locked out of SSH?

Use console access in dashboard
Boot into recovery mode
Disable firewall: sudo ufw disable