Firewall, whether on the root host machine or on the router (in the case of dedicated servers), does not affect the server's performance and does not impact its internal configuration.
Rule “allow everything that is not blocked”: Priority is given to blocking rules. If a port is not blocked, it is considered accessible.
Default ports: The firewall by default blocks two user ports — SSH (22) and RDP (3389).
Port availability check: If a port is unavailable, it is recommended to check for the presence of a service on the server that serves the port and its configuration.
Firewall configuration: To configure, visit [control panel] -> [VDS/DS] -> [MANAGEMENT] -> [TAB “SERVER MANAGEMENT”].
In the [FIREWALL] section, the main settings are provided.
Description of [Firewall] settings
- TRAFFIC TYPE: INCOMING or OUTGOING.
- PROTOCOL: TCP or UDP. Choosing [ALL] adds rules for both TCP and UDP.
- OUTGOING IP or DESTINATION IP: For incoming – the sender's IP, for outgoing – the receiver's IP. With ALL – for the entire range of IPv4 addresses.
- DESTINATION PORT: Specify the port or leave it blank for the entire range (1-65535).
- SELECT RULE: ALLOW or DENY traffic.
Note: When specifying an IP, a subnet mask (/16 for addresses 65534) can be used. For example, for IP 84.246.80.111 with a mask of 84.246.0.0/16, the rule will apply to the entire range.
Granting access via SSH
When you need to provide access to the server via SSH, you should follow a few key steps for proper configuration. First, set the traffic type as incoming, indicating that you are opening access for external connections. Next, specify that the TCP protocol is used, which ensures stable data transmission. Indicate your IP address or mask to define the source of the connection. Set the port to 22, standard for SSH, which will direct external requests to your server. Finally, choose the rule — “ACCEPT” or “ALLOW”, allowing traffic to pass through the specified port, and save the changes by clicking the “ADD” button.
Granting access via RDP
Similarly, if you need to provide access via RDP, follow the same steps. Set the traffic type as incoming, as you are granting access from external sources. Specify that the TCP protocol is used, which is standard for RDP. Indicate your IP address or mask for accurate identification of the connection source. Set the port to 3389, standard for RDP. Choose the rule “ACCEPT” or “ALLOW” and save the settings by clicking “ADD”. This way, you will ensure secure and controlled access to your server.
