How to Add Firewall Service to Vultr Instance

Vultr announced firewall service and it’s time to stop system built-in firewall. I will walk you through how to add firewall service to your vultr instances step by step in this tutorial.

Before the details, I am showing you the steps. First, add a firewall group. Second, add firewall rules to the firewall group. Third, link instances to this firewall group.

Add a firewall group

Navigate to Servers–>Firewall, click Add Firewall Group, then fill in the blank by entering a firewall description.

Add vultr firewall group

Add firewall description

Add rules

Vultr firewall service supports ICMP, TCP, UDP and GRE protocols. ICMP protocol is used for ping service, if you allow others to ping your vultr instances, please add a rule to accept ICMP packets. TCP and UDP protocols are two commonly used protocols. Here is a list of protocols and ports that you may want to accept packets from:

  • HTTP: TCP 80
  • HTTPS: TCP 443
  • SSH: TCP 22
  • FTP: TCP 21 20
  • MySQL: TCP 3306

You can filter the packets by source, 0.0.0.0/0 accetps packets from anywhere. If you want to allow SSH connection from a specific IP and reject other sources, you choose Custom and fill in the blank next to source by entering an IP address and sub-net mask. For example, if you accept SSH access from 11.22.33.44, then fill the blank with 11.22.33.44/32.

There is a cross sign and trash bin on the right. Adding a rule by clicking cross sign, while removing a rule by clicking trash bin sign.

Add firewall rules

Link to instances

Congrats, you are almost done, only one step left. Choose the instance you want to link and click the cross sign on the right. Wait for less than 120 seconds, and the firewall has been actived for the instance.

If you want to unlink instances, by click the unlink sign on the right of each linked instances. It also takes less than 120 seconds to take effect.

unlink vultr instances

Leave a Reply

Your email address will not be published. Required fields are marked *