HostRooster™ is the place people come to give their business an identifiable name, construct a high-quality website, find clients, make sales, and coordinate their operations. We're on a mission to empower our worldwide community of customers—and entrepreneurs everywhere—by giving them all the help and tools they need to grow online.

Setting up the server’s network screen with a firewall

Instructions for configuring Firewall rules for virtual servers in the HostRooster control panel.

What it is?

You are able to control network data packets and access to the server by using the firewall directly from the control panel. The price of the server includes this option and is not charged separately.

At the moment there is a limit of 50 rules, if this limit is not enough for you, then you can increase it upon request to technical support .

Network architecture

[step num=”1″]

To avoid conflicting firewall rules and properly configure it, you need to understand how existing firewalls work. First, you can set up a firewall for the private network. Secondly, for the server through the control panel. Thirdly, you can set up an internal firewall, for example, for Linux via iptables, for Windows – built-in.

[/step]

[step num=”2″]

For incoming packets, the network layer firewall (if any) will be applied first. If the packet passed, then the firewall at the server level will be applied next, the internal software mechanism will be used last. For outgoing packets, the reverse sequence will be applied.

[/step]

We do not recommend using a server-level firewall and an internal software firewall at the same time:

Create a rule

[step num=”3″]

The firewall configuration is available for all VPS and is located in the server settings in the Firewall section.

[/step]

Important:
– the order of the rules matters, the lower the order number of the rule (the higher it is in the list), the higher its priority. You can change the sequence of rules using Drag and Drop by dragging the rule with the left mouse button to the desired position;
– by default – all data packets, both incoming and outgoing, are allowed.

[step num=”4″]

To create a rule, click the Add button :

[/step]

[step num=”5″]

You will see a window for adding a rule. The following fields must be filled in:

  • Name – user-friendly name (no more than 50 characters), as a rule, briefly describes the purpose of the rule;
  • Direction – the direction of the packets for which you want to apply the rule, takes one of two values: Incoming or Outgoing. Incoming – the rule applies to incoming data packets, Outgoing – to outgoing ones;
  • Source/Destination – depending on the direction, contains the server IP address or one of the following values: IP address, CIDR, IP address range, and any;
  • SourcePort/DestinationPort – when choosing the TCP, UDP or TCP and UDP protocol, it is possible to specify a port, a range of ports, or Any;
  • Action – the action to be applied takes one of two values: Allow or Deny. Allow – permission to send data packets, Deny – prohibition of forwarding;
  • Protocol – protocol type, available ANY, TCP, UDP, TCP and UDP and ICMP.

Click Save to create the rule .

[/step]

[step num=”6″]

In our example, the rule blocks all incoming packets to the server:

[/step]

[step num=”7″]

For the created rule to take effect, you must save the changes using the Save button . You can create multiple rules and then save them all at once:

[/step]

After that, the page will look like this:

Rule Priority

[step num=”8″]

The lower the rule number (the higher it is in the list), the higher its priority. For example, after a deny rule has been created for all incoming traffic, let’s create a rule allowing incoming packets to be received on port 80 of the Tcp protocol. After saving the changes with this configuration, this port will still be unavailable, due to the fact that the deny rule has a higher priority:

[/step]

[step num=”9″]

To change the priority of the rules, drag the allowing rule to the first position with the left mouse button and save the changes:

[/step]

[step num=”10″]

After saving, the sequence numbers of the rules will change, and their priority will also change:

[/step]

[step num=”11″]

Now the firewall configuration allows you to receive packets via the Tcp protocol on port 80, other packets will not go through.

[/step]

HostRooster is a leading web hosting solutions company. Since our founding in 2019, HostRooster has continually innovated new ways to deliver on our mission: to empower people to fully harness the web. Based in London, England, we provide comprehensive tools to users throughout the world so anyone, novice or pro, can get on the web and thrive with our web hosting packages.


Posted

in

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: