Firewall

Firewall as a service is a cloud solution that allows you to manage incoming and outgoing traffic from cloud servers and cloud services (databases and balancers) using firewall rules you set.

You do not need to make any changes to the server settings at the operating system level. All you need to do is set the rules through your Hostman control panel and select which servers and services they should apply to.

• You can create up to 50 rule groups.

• You can add up to 100 rules to a group for each type of traffic (incoming and outgoing).

• You can include up to 200 services in a group.

A group of rules can be applied to any virtual servers, databases and balancers on the account, regardless of the region and availability zone where they were created.

How It Works

When using a firewall, it is important to consider the following:

• If no rules are created, all traffic is allowed.

• A service can be included either in allowing traffic (whitelist) groups of rules or in prohibiting ones (blocklist).

• A service can be added to two, three or more groups of rules of the same type (for example, to five groups of rules that allow traffic). In this case, all specified rules will be applied to the service.

• Prohibiting rules work as a blacklist: only traffic specified by the rules is prohibited; all other traffic is allowed.

• Allowing rules work as a whitelist: only traffic specified by the rules is allowed, all other traffic is denied. If, for example, you allow a rule for a specific TCP port, then traffic will be blocked not only to all other TCP ports, but also to all connections via other protocols.

• Be careful when creating rules for outbound traffic. Most services require outgoing connections, even a simple ping to the server. We recommend that you do not create rules for outbound traffic unless there is a serious need for it.