Firewall Management
The dashboard lets you manage your VPS firewall directly — enable or disable traffic filtering, add and remove port rules, and view default policies. The firewall runs on the server itself using the tool that matches your operating system.
Supported Firewall Tools
| Operating System | Firewall Tool |
|---|---|
| Debian, Ubuntu | ufw |
| AlmaLinux | firewalld |
| Windows Server | Windows Firewall |
The dashboard detects which tool is installed automatically. If no firewall tool is found, you can install one directly from the panel.
Viewing Firewall Status
- Open your VPS in the dashboard
- Go to the Network tab
The firewall section shows the current state:
- Active or inactive — whether traffic filtering is enabled
- Default incoming policy — whether inbound traffic is allowed or denied by default
- Default outgoing policy — whether outbound traffic is allowed or denied by default
- Rules list — all configured firewall rules
If the firewall status cannot be read, a warning appears. This usually means SSH access is not configured or the server is not running.
Enabling the Firewall
Click the Activate Firewall toggle to enable traffic filtering. When you enable the firewall, the dashboard automatically adds a rule to allow your SSH port before activating — this prevents you from being locked out of your server.
To disable the firewall, turn the toggle off. All traffic will be allowed through without filtering.
Installing a Firewall
If no firewall tool is detected on your server, an Install Firewall button appears. Clicking it installs the appropriate tool for your operating system (ufw on Debian/Ubuntu, firewalld on AlmaLinux) and configures it with your SSH port allowed.
Adding Rules
Click Add Rule to open the rule form. Each rule has the following fields:
| Field | Description |
|---|---|
| Port | A single port (e.g. 80) or a range (e.g. 8000:8100). Required. |
| Protocol | TCP, UDP, or both. |
| Action | Allow or deny traffic on this port. |
| Source | An IP address or CIDR range (e.g. 192.168.1.0/24). Leave empty to apply to all sources. |
| Comment | An optional label to describe the rule (max 64 characters). |
After filling in the fields, click Add to apply the rule immediately.
Removing Rules
Each rule in the list has a delete button. Click it to remove the rule. The change takes effect immediately.
Common Rules
Here are some frequently used firewall rules:
| Service | Port | Protocol |
|---|---|---|
| SSH | 22 | TCP |
| HTTP | 80 | TCP |
| HTTPS | 443 | TCP |
| DNS | 53 | TCP/UDP |
| SMTP | 25 | TCP |
| MySQL | 3306 | TCP |
| PostgreSQL | 5432 | TCP |
Permissions
Reading firewall status requires read-only access. Adding rules, removing rules, toggling the firewall, and installing the firewall tool require collaborator access or higher.
Troubleshooting
"Firewall status could not be read" — SSH access is not configured or the server is not running. Make sure you have an SSH key deployed and the server is online.
"No firewall tool detected" — the server does not have ufw or firewalld installed. Click Install Firewall to set one up automatically.
Locked out after enabling the firewall — the dashboard automatically allows your SSH port when enabling the firewall, but if you changed your SSH port after enabling, you may need to use the VNC console to regain access and add the correct port rule manually.
Rule not taking effect — verify that the firewall is active (the toggle should be on). Rules are only enforced when the firewall is enabled.