Default firewall policy

By default, the firewall of a newly deployed cloud server has the "DROP" policy. This policy indicates that incoming and outgoing traffic by any of the server ports is rejected unless explicitly configured to allow it. To change the default policy or add rules you must enter "Cloud Servers" >> Network> Firewall.

The reason why the default policy is this is because this prevents your service from being breached through open ports of which you have no knowledge. Remember that the operating system also has its own firewall whose default policy is "ACCEPT" which allows traffic on all public interfaces without restriction.

It is good practice to use the service firewall directly instead of the one in the operating system to have an additional layer of security, but this practice is already under the client's consideration.


Was this article helpful?

mood_bad Dislike 0
mood Like 1
visibility Views: 314