Guide to Configuring Your Perimeter Firewall

Introduction A perimeter firewall is crucial for protecting your network and servers from various types of cyberattacks, including Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. Proper configuration of your firewall can significantly enhance your security posture by ensuring that only necessary services are exposed to the internet while all other ports and services are blocked.

Firewall Configuration Overview

  1. Accessing the Firewall Settings

    • Navigate to the firewall section in your control panel.
    • You will see options to add, edit, and delete firewall rules.

    • Adding a Firewall Rule

    • Click on "Add Firewall Rule" to open the rule configuration dialog.

Key Options and Their Significance

  1. Destination IP

    • Enter the IP address of the dedicated server or VPS you want to protect.

    • Source

    • Define the source IP address range that the rule applies to. Use 0.0.0.0/0 to apply the rule to all incoming traffic.

    • Protocol

    • Select the protocol to which the rule will apply. Common protocols include:

      • UDP (User Datagram Protocol)
      • TCP (Transmission Control Protocol)
      • ICMP (Internet Control Message Protocol)
      • GRE (Generic Routing Encapsulation)
      • RDP (Remote Desktop Protocol)

    • Ports

    • Source Port: Specify the source port if needed.

    • Destination Port: Define the port on the destination server. Leave this empty to apply the rule to all ports.

    • Action

    • Choose the action that the firewall should take when the rule matches:

      • Accept: Allow the traffic.
      • Discard: Silently drop the traffic.
      • Rate Limit: Limit the traffic rate to prevent DoS/DDoS attacks. You can set the rate limit value (e.g., 10000 bytes per second).

    • Comments

    • Add a description or comment to the rule for future reference. For instance, "DROP ICMP".

Example Configuration for DoS/DDoS Protection

  • Block ICMP (Ping) Requests

    • Destination IP: IP of the dedicated server or VPS
    • Source: 0.0.0.0/0
    • Protocol: ICMP
    • Action: Discard
    • Comments: DROP ICMP

    • Rate Limit UDP Traffic on Port 53 (DNS)

    • Destination IP: IP of the dedicated server or VPS

    • Source: 0.0.0.0/0
    • Protocol: UDP
    • Source Port: 53
    • Action: Rate Limit
    • Rate Limit: 10000 bytes per second
    • Comments: Rate limit DNS traffic

Best Practices for Firewall Configuration

  1. Close All Unnecessary Services

    • Ensure that only essential services required for your application or network are open. All other ports and services should be closed to minimize the attack surface.

    • Regularly Review Firewall Rules

    • Periodically review and update your firewall rules to ensure they meet your current security requirements.

    • Use Specific IP Addresses Where Possible

    • Instead of using 0.0.0.0/0 for source IPs, specify IP ranges or individual IPs whenever possible to limit exposure.

    • Monitor and Adjust Rate Limits

    • Continuously monitor traffic patterns and adjust rate limits as necessary to prevent service disruptions while maintaining security.

Conclusion

Configuring your firewall correctly is essential to protecting your network and servers from cyberattacks. By following the steps and best practices outlined in this guide, you can ensure that your firewall is effectively safeguarding your infrastructure against DoS and DDoS attacks, while only allowing necessary traffic to access your services.