VPS and Firewalls

[rocketgirl]

I read that firewalls do not always work well in a virtual environment; how can that be true? If it is, how do you protect a VPS server?

 

[paullopez]

I read that firewalls do not always work well in a virtual environment;

I would say that it is untrue.

To protect VPS server, every web host have their security patches so there is no issue whether firewall is installed or not. In terms of extra security you should opt software firewall on your VPS account.

 

[handsonhosting]

Depends on the firewall and the kernel you're using, but most software firewalls will operate just fine on a VPS server as long as you select the right options.

Some firewalls had issues using monolithic kernels but almost all software firewalls out there have instructions for the particular OS you're running.

The two that I use daily are APF/BFD and CSF/LFD

These work without any issue on a VPS machine. These are software firewalls.

 

[CrocWeb]

CSF/LFD should not have any issues and is recommended.

 

[HostOX]

CSF/LDF Should be fine.

Consider securing your PHP, this is a must on a VPS, it can be attacked a lot easier and there are more ways to break into a VPS, so it is a must to secure it.

 

[Hostigation]

Consider securing your PHP, this is a must on a VPS, it can be attacked a lot easier and there are more ways to break into a VPS, so it is a must to secure it.

Other then compromising the host node, how do you feel there are more ways?

 

[lowesthost]

Depends on the virtualization
xen/KVM no issues (as long as you install iptables & associated modules as needed) you the user control this so there is no issue

Open VZ some issues and if the host does not set up the node correctly
Virtuozzo some minor issues if using the old UBC instead of SLM and again if the host does not set up the node correctly

but overall firewalls should run just fine

 

[jeff-ay]

OpenVZ is a filebase virtualization and the firewall setting in fact most depends on the host node compare to Xen VPS which is more isolated environment, so it shouldn't have any issue.

 

[AJKpeter]

Yes, it depends on virtual machine installed, but mostly it's ok

 

[VL-Adam]

It shouldn't have any issue, as mentioned CSF would work great as well!

 

[hosthop]

As someone who specializes in VPS security is our main concern. We take a proactive approach and we actually try and find vulnerabilities, sometimes we do and we resolve them and look for more. It is a computer and no matter what someone out there is going to look for openings in your security and they will exploit them if they can.

But as mentioned above VPS servers give you great flexibility to try things. Remember ask questions, have fun experiment you might learn something.

 

[ughosting]

The only problem you you might have with Virtuozo is a incompatability with ip_conntrack which will affect your ftp clients with the firewall up, but you can configure FTP to use a range of ports, which you can configure the firewall to allow.

 

[CrocWeb]

Firewall is just another step to increase security, but it does not secure your vps/dedicated server 100%. You should take further steps and install RootKit Hunter, secure ssh, etc. There are many guides just google.

 

[Dedi.cated.IT]

Running a firewall should be an issue unless your VPS provider has not configured the host node correctly.

To run a firewall in a VPS you need to have certain modules loaded on the host node.

Here is some good info on it from CSF forums
http://forum.configserver.com/viewtopic.php?t=212
http://forum.configserver.com/viewtopic.php?p=5084&postcount=6

 

[Bitcable]

Firewalls should be fine on any server, dedicated or VPS.

As others have suggested, CSF is highly recommended. I can't say anything higher than that it is used on all of our servers.

 

[eNetcloud-CEO]

I dont think firewall works and doesnt work making difference if its on dedicated or a VPS . Its your provider who is suppose to install and configure the firewall on your VPS

APF/BFD and CSF/LFD the best software firewalls for VPS or dedicateds linux servers

For windows VPS go for Visnetic firewall , a perfect firewall for windows environment

 

[jbvps]

Virtual or Physical... There is no difference... Well that it if you are using VMware.

 

[Crish Bronzs]

Re :

According to me Firewall is ok for normal sites in any server. If there is a e-commerce site some extra security needed because it transfer some important data like passwords, pin numbers,.. etc...

 

[Beachcomber]

I dont think firewall works and doesnt work making difference if its on dedicated or a VPS . Its your provider who is suppose to install and configure the firewall on your VPS

APF/BFD and CSF/LFD the best software firewalls for VPS or dedicateds linux servers

For windows VPS go for Visnetic firewall , a perfect firewall for windows environment

We have also used CSF/LFD without issue, it has worked just fine.

Make sure to run php as a cgi and prevent any 777 folders on the server. And keep a close eye on it. A VPS is a hands on product, it needs to be monitored, updated and secured.

 

[FirstHosting]

Hey, that depends on the type of setting and configuaration you do, because it work well with Virtual Machines