Experts insights Updates and releases

An easy to use Firewall on GandiCloud VPS

An illustration of a server stack floating on a purple background with stars. A laptop and a smartphone are floating nearby along an orbital path around the server stack.

By default, we don’t filter any traffic in or out of your VPS, leaving you the responsability to choose ports you want to expose on the Internet, using softwares like iptables or ufw.

Today, we add the possibility to manage an easy-to-use firewall directly from your GandiCloud VPS admin Web interface.

On a GandiCloud VPS server overview, a panel allows to configure the”Infrastructure Firewall”.

Enable Firewall on GandiCloud VPS

By enabling the firewall, only some protocols are allowed. By default,we suggest allowing the SSH and ping connections but it is also possible to allow protocols used by a Web server or a mail stack.

Infrastructure Firewall Rules VPS

All of these traffic restrictions only apply to the ingress traffic (the traffic coming to to server). The egress traffic (the traffic going out of your server) is not filtered at all.

The goal of this interface is to provide an easy way to set a firewall for the most used applications. For more specific usecases, it is still possible to use the OpenStack CLI to create OpenStack security group rules in order to restrict the traffic as you wish. Actually, this is exactly how our Web interface is implemented: it creates an OpenStack security group with rules for each selected group of protocols.