{"id":26563,"date":"2025-08-12T13:58:05","date_gmt":"2025-08-12T11:58:05","guid":{"rendered":"https:\/\/contabo.com\/blog\/?p=26563"},"modified":"2026-01-16T13:06:55","modified_gmt":"2026-01-16T12:06:55","slug":"how-to-configure-a-firewall-for-a-cloud-based-server-linux-windows","status":"publish","type":"post","link":"https:\/\/contabo.com\/blog\/how-to-configure-a-firewall-for-a-cloud-based-server-linux-windows\/","title":{"rendered":"How to Configure a Firewall for a Cloud-Based Server (Linux &amp; Windows)\u00a0"},"content":{"rendered":"\n<p>Setting up a <a href=\"https:\/\/contabo.com\/blog\/wiki\/firewall\/\" target=\"_blank\" rel=\"noreferrer noopener\">firewall<\/a> is one of the simplest ways to strengthen your server\u2019s security. In this guide, you\u2019ll learn how to configure a firewall for your cloud-based server step by step. You\u2019ll also see how to manage inbound and outbound traffic and apply smart port management to keep attackers out while keeping your services reachable.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-is-a-firewall\">What Is a Firewall\u00a0<\/h2>\n\n\n\n<p>A firewall controls what enters or leaves your server. When configured well, it forms a strong barrier between your system and unwanted traffic. It is a network security system that monitors, filters, and controls incoming and outgoing traffic based on predefined rules.&nbsp;&nbsp;<\/p>\n\n\n\n<p>In the following steps, you\u2019ll learn how to define essential services, set rules in your cloud provider\u2019s dashboard, and configure both <a href=\"https:\/\/contabo.com\/en\/vps\/\" target=\"_blank\" rel=\"noreferrer noopener\">Linux<\/a> and <a href=\"https:\/\/contabo.com\/en\/windows-servers-vps\/\" target=\"_blank\" rel=\"noreferrer noopener\">Windows server<\/a> firewalls.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-1-define-what-you-need-to-protect\">Step 1: Define What You Need to Protect\u00a0<\/h2>\n\n\n\n<p>Start by mapping out which services need to be accessible. This helps you avoid exposing unnecessary ports.&nbsp;<\/p>\n\n\n\n<p>A common setup includes:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Port 22 for SSH&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Port 80 for HTTP&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Port 443 for HTTPS&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Everything else should stay blocked. This improves security and reduces exposure to attacks.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-2-configure-firewall-rules-in-your-cloud-dashboard\">Step 2: Configure Firewall Rules in Your Cloud Dashboard\u00a0<\/h2>\n\n\n\n<p>Next, visit your cloud provider\u2019s control panel. Then, open the firewall or security group section tied to your server. Here you manage inbound and outbound traffic. Keep your rules simple and open only for what you need. If possible, allow specific IP addresses instead of broad ranges. This gives you more control and reduces risks.&nbsp;<\/p>\n\n\n\n<p>Since most interfaces use point-and-click options, you can complete this step without terminal commands.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-3-linux-firewall-setup-with-iptables\">Step 3: Linux Firewall Setup with iptables\u00a0<\/h2>\n\n\n\n<p>If your server runs Linux, you will likely use <strong>iptables<\/strong> to manage rules. Start by checking your current rule set:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -L&nbsp;<\/code><\/pre>\n\n\n\n<p>If the output looks empty, your firewall is not doing much yet. So, let\u2019s add key rules. Allow SSH, HTTP and HTTPS using these commands:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -A INPUT -p tcp --dport 22 -j ACCEPT&nbsp;<br><br>iptables -A INPUT -p tcp --dport 80 -j ACCEPT&nbsp;<br><br>iptables -A INPUT -p tcp --dport 443 -j ACCEPT&nbsp;<\/code><\/pre>\n\n\n\n<p>These rules open the essential ports. Then, set a default policy to block everything else:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables -P INPUT DROP&nbsp;<\/code><\/pre>\n\n\n\n<p>Make sure you have already allowed SSH. Otherwise, you may lock yourself out.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-make-your-linux-firewall-rules-persistent\">Make Your Linux Firewall Rules Persistent\u00a0<\/h2>\n\n\n\n<p>iptables rules disappear after reboot unless you save them. To make them persistent, install the necessary tool:&nbsp;<\/p>\n\n\n\n<p>For Debian\/Ubuntu:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>apt-get install iptables-persistent&nbsp;<\/code><\/pre>\n\n\n\n<p>For CentOS:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>yum install -y iptables-services&nbsp;<\/code><\/pre>\n\n\n\n<p>Then save your active rules:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables-save &gt; \/etc\/iptables\/rules.v4&nbsp;<\/code><\/pre>\n\n\n\n<p>This ensures your configuration returns after every restart.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-4-windows-firewall-setup\">Step 4: Windows Firewall Setup\u00a0<\/h2>\n\n\n\n<p>Windows users can configure rules visually. Open <strong>Windows Firewall with Advanced Security<\/strong>, then go to <strong>Inbound Rules<\/strong>.&nbsp;<\/p>\n\n\n\n<p>Here you can:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Allow RDP on port 3389&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable or disable HTTP and HTTPS&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Remove rules for unused services&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Review your rules carefully so your firewall stays clean and effective.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-5-test-your-configuration\">Step 5: Test Your Configuration\u00a0<\/h2>\n\n\n\n<p>After setting up your firewall, always test your ports. From your local machine, try:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl <a href=\"http:\/\/your-server-ip\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">http:\/\/your-server-ip<\/a>&nbsp;<\/code><\/pre>\n\n\n\n<p>If it returns a response, HTTP traffic is working. You can also run <strong>nmap<\/strong> to scan open ports and confirm your rule set is correct.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-step-6-back-up-and-maintain-your-firewall-configuration\">Step 6: Back Up and Maintain Your Firewall Configuration\u00a0<\/h2>\n\n\n\n<p>Backups make it easy to recover from mistakes. On Linux, save your full firewall configuration with:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables-save &gt; \/root\/iptables_backup&nbsp;<\/code><\/pre>\n\n\n\n<p>To restore it, run:&nbsp;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>iptables-restore &lt; \/root\/iptables_backup&nbsp;<\/code><\/pre>\n\n\n\n<p>Review your rules monthly. Remove old entries and keep your configuration tidy to maintain strong security.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-watch-our-youtube-video-on-firewalls-for-cloud-based-servers\">Watch Our YouTube Video on Firewalls for Cloud-Based Servers\u00a0<\/h2>\n\n\n\n<p>If you prefer a visual walk-through, we have a YouTube Video ready for you.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<div class=\"ast-oembed-container \" style=\"height: 100%;\"><iframe loading=\"lazy\" title=\"Configure a firewall for a cloud-based server\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/BlCwWyxUf4c?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-final-thoughts\">Final Thoughts\u00a0<\/h2>\n\n\n\n<p>A firewall is more than a simple on or off switch. It is a traffic filter that monitors, allows, blocks, or logs data based on your rules. In a virtualized environment, it protects the host, the hypervisor, and each virtual machine from unwanted access. By defining your exposed services, configuring cloud firewall rules, setting up iptables on Linux, and using Windows Firewall, you create a layered defense strategy. Combined with regular testing, backups, and reviews, this gives your cloud server a strong, controlled security perimeter.&nbsp;&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Setting up a firewall is one of the simplest ways to strengthen your server\u2019s security. In this guide, you\u2019ll learn how to configure a firewall for your cloud-based server step by step. You\u2019ll also see how to manage inbound and outbound traffic and apply smart port management to keep attackers out while keeping your services [&hellip;]<\/p>\n","protected":false},"author":77,"featured_media":26567,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[18],"tags":[],"ppma_author":[3116],"class_list":["post-26563","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorials"],"uagb_featured_image_src":{"full":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows-.png",1200,630,false],"thumbnail":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows--150x150.png",150,150,true],"medium":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows--600x315.png",600,315,true],"medium_large":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows--768x403.png",768,403,true],"large":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows-.png",1200,630,false],"1536x1536":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows-.png",1200,630,false],"2048x2048":["https:\/\/contabo.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-a-Firewall-for-a-Cloud-Based-Server-Linux-Windows-.png",1200,630,false]},"uagb_author_info":{"display_name":"Anika Kopte","author_link":"https:\/\/contabo.com\/blog\/author\/anika\/"},"uagb_comment_info":0,"uagb_excerpt":"Setting up a firewall is one of the simplest ways to strengthen your server\u2019s security. In this guide, you\u2019ll learn how to configure a firewall for your cloud-based server step by step. You\u2019ll also see how to manage inbound and outbound traffic and apply smart port management to keep attackers out while keeping your services&hellip;","authors":[{"term_id":3116,"user_id":77,"is_guest":0,"slug":"anika","display_name":"Anika Kopte","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/1c425caa652c679ae47e3f85a48de4e19f09d37bcb5593ba88a7aa4a08bb1d81?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26563","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/comments?post=26563"}],"version-history":[{"count":3,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26563\/revisions"}],"predecessor-version":[{"id":27437,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/26563\/revisions\/27437"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/media\/26567"}],"wp:attachment":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/media?parent=26563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/categories?post=26563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/tags?post=26563"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=26563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}