Firewall VPS utilisation depuis l'extranet
Firewall VPS usage from the Extranet
Introduction
The **Firewall** section allows you to manage the network filtering rules applied to the virtual machine. It is used to **allow or block incoming and outgoing traffic** based on specific criteria such as IP address, port, and protocol.
From this section, the user can:
- Add new security rules
- Modify existing rules
- Delete obsolete rules
- Check authorized access to the virtual machine
Firewall configuration is essential to **secure the VM**, limit exposure to unwanted access, and ensure proper operation of hosted services. Any changes must be performed carefully to avoid service disruption or loss of access to the machine.
Accessing the Firewall
From your Extranet:
Click on **Cloud Virtual Servers**, then select your server. [1]
![[1]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/KSCimage.png){kind=link}
From the VPS management interface, click on the **“Firewall”** section to access its management. [2]
![[2]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/kQ4image.png){kind=link}
Implementing Network Traffic Filtering Rules
As shown in the image, **by default**, traffic is fully allowed for both incoming and outgoing flows using the **“ACCEPT”** rule. [3]
![[3]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/2S5image.png){kind=link}
To block incoming traffic and implement filtering rules, incoming traffic must be set to **DROP** in the **“Basic firewall configuration”** section, then click **Edit**. [4]
![[4]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/c0Pimage.png){kind=link}
As a result, **any incoming communication attempt to the server will be automatically blocked**, except for traffic explicitly allowed by specific rules.
Difference Between DROP and REJECT
- **DROP**: The firewall silently ignores the connection without sending any response.
The remote user or service receives no message and the connection times out automatically. This method is more discreet and enhances server security.
- **REJECT**: The firewall blocks the connection **by sending an explicit response** indicating that access is denied.
The connection fails immediately and the server remains visible on the network.
In general, **DROP is recommended to secure a VPS exposed to the Internet**.
Incoming Traffic Filtering Rules Configuration
Filtering rules are defined in this section. Some rules are already in place; they were configured by our services and cannot be modified. [5]
![[5]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/OePimage.png){kind=link}
Setting Up an SSH Rule for Incoming Traffic
Click the **Add** button: [6]
![[6]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/Rflimage.png){kind=link}
Fill in the following parameters:
- **Enabled**: YES
- **Type**: IN
- **Action**: ACCEPT
- **Source**: IP address authorized to connect to the VPS via SSH
- **Destination port**: 22
- **Protocol**: TCP (Transmission Control Protocol)
Finish by clicking **Save**. [7]
![[7]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/AP1image.png){kind=link}
After saving, the rule appears in the main firewall table. [8]
![[8]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/maRimage.png){kind=link}
Other Filtering Rules
For any other rule or protocol, the principle remains the same. Select the desired protocol in the **Protocol** section and associate it with the corresponding port. [9]
![[9]](https://wiki.ikoula.com/fr/uploads/images/gallery/2026-04/6WNimage.png){kind=link}
Outgoing Traffic
For outgoing traffic, the operation is strictly identical.
Conclusion
Implementing incoming and outgoing traffic filtering rules strengthens server security by precisely controlling authorized flows. By applying rules adapted to real needs (protocols, ports, and IP addresses), unauthorized access can be limited while ensuring proper service operation.
It is recommended to regularly review these rules and adjust them according to changing usage and security requirements.