Author: David FinsterLast Updated: Wed, Apr 7, 2021
Vultr Firewall has features comparable to many server operating system firewalls, with several key differences.
Packet filtering takes place at a higher level on the network, reducing resource usage of your server.
The firewall is managed through the Vultr control panel.
Updating the firewall policy for multiple servers is quick and convenient because Vultr Firewall groups can be applied to multiple servers.
Server instances can use the Vultr firewall or OS firewall, or both simultaneously. The diagram below illustrates the interaction between the Vultr firewall and the OS firewall. The three servers shown are linked to a single Vultr firewall, and each have their own respective OS firewalls.
As an internet user attempts to connect:
HTTP traffic in connection attempt 1 succeeds. Both the Vultr Firewall and the OS firewall are configured to pass HTTP.
SSH traffic in connection attempt 2 fails. The traffic passes successfully through the Vultr firewall, but is blocked by the OS firewall.
MySQL traffic in connection attempt 3 fails. The OS firewall is configured to pass MySQL traffic, but the traffic is blocked by the Vultr firewall which only allows HTTP and SSH.
Click Firewall on your Vultr control panel.
Click the pencil icon to edit the firewall group.
Selecting the Cloudflare source will allow traffic from this list of Cloudflare IP addresses.
Click Linked Instances to view the linked servers.
Click the Unlink Instance icon to remove the server from the firewall group.
A Vultr cloud server can belong to one firewall group at a time.
View a server's Vultr firewall assignment.
Select the server from your Vultr control panel.
Click Firewall on the left menu.
Click the Firewall dropdown to modify the server firewall group assignment.
The Vultr API offers several endpoints to manage the Vultr Firewall.
Get information for a firewall group.
Get the rules for a firewall group.
Get a list of all firewall groups.
Create a new firewall group.
Update information for a firewall group.
Delete a firewall group.
See the Vultr Firewall documentation for full details.