Articles on: VPS server

How to use the integrated firewall on a VPS LXC ?

The VPS LXC offer allows you to benefit from a firewall integrated directly into our panel, this allows you to create rules without the risk of locking yourself out of your server with a wrong command.

First you need to access the management panel of your VPS LXC and then click on the Firewall tab in the Additional Tools sub-menu:



It then appears all the firewall rules you already have for your VPS, if you don't have them the list is empty:



To set up a new rule just click on Add and answer these few questions:



Direction : in or out

| Does your rule concern an incoming or outgoing flow from your VPS?

Action : acceptdrop or reject

| In most cases if you want to accept a feed you have to choose accept, if you want to refuse it it is better to choose drop or reject.

|| In both cases drop or reject allows to block an incoming connection. The drop function allows you to prohibit a stream without sending any response to the sender, the reject function allows you to notify the sender of the rejection of his stream.

Interface : venet or net0

||| For the flow outside your VPS you have to choose net0

Source: IP or source CIDR block (Example: 192.168.1.1 or 192.168.0.0/24)
Destination: IP or CIDR block destination (Example: 192.168.1.1 or 192.168.0.0/24)
Macro: Allows to choose a port from a known list
Protocol: protocol of the connection to be blocked (Leave blank for all)
Source port: Source port
Destination port: Port of destination
Comment : To easily find your way around

Then click on Add to add the rule to your firewall.

Example of a rule



Protect the SSH access of its VPS :




Direction: In
Action: DROP
Interface: net0
Source: 0.0.0.0/0
Destination port: 22
Protocol: TCP

0.0.0.0/0 defines the existing IPv4 set

It is essential to create a rule to authorize SSH flow from an authorized IP to be able to access the VPS server.

Updated on: 17/10/2022

Was this article helpful?

Share your feedback

Cancel

Thank you!