How to use the integrated firewall on a VPS LXC ?
The VPS LXC offer allows you to benefit from a firewall integrated directly into our panel, this allows you to create rules without the risk of locking yourself out of your server with a wrong command.
First you need to access the management panel of your VPS LXC and then click on the Firewall tab in the Additional Tools sub-menu:
It then appears all the firewall rules you already have for your VPS, if you don't have them the list is empty:
To set up a new rule just click on Add and answer these few questions:
- Direction : in or out
| Does your rule concern an incoming or outgoing flow from your VPS?
- Action : accept, drop or reject
| In most cases if you want to accept a feed you have to choose accept, if you want to refuse it it is better to choose drop or reject.
|| In both cases drop or reject allows to block an incoming connection. The drop function allows you to prohibit a stream without sending any response to the sender, the reject function allows you to notify the sender of the rejection of his stream.
- Interface : venet or net0
||| For the flow outside your VPS you have to choose net0
- Source: IP or source CIDR block (Example: 192.168.1.1 or 192.168.0.0/24)
- Destination: IP or CIDR block destination (Example: 192.168.1.1 or 192.168.0.0/24)
- Macro: Allows to choose a port from a known list
- Protocol: protocol of the connection to be blocked (Leave blank for all)
- Source port: Source port
- Destination port: Port of destination
- Comment : To easily find your way around
Then click on Add to add the rule to your firewall.
Example of a rule
Protect the SSH access of its VPS :
- Direction: In
- Action: DROP
- Interface: net0
- Source: 0.0.0.0/0
- Destination port: 22
- Protocol: TCP
Updated on: 17/10/2022
Thank you!