Skip to main content

Firewall Management – Platform

tip

🔐 A good firewall configuration is essential to ensure the security of your cloud infrastructure. SaveinCloud provides a simple and powerful interface for this management.

🧱 Part 1 – Accessing the Firewall Manager

Step 1 – Access the SaveinCloud Panel

  1. Log in at: https://app.paas.saveincloud.net.br
  2. Select the environment you want to configure.
  3. Click
  4. In the side menu, click Firewall.

imagem

📊 Part 2 – Firewall Overview

In the Overview tab, you will see:

  • 🔘 Firewall Status (ON/OFF)
    When the firewall is enabled, all connections will be filtered according to your rules.

  • 🌐 Inbound/Outbound Connections
    Allows configuring whether the environment will accept all connections or only those allowed by the rules.

  • 🧩 Isolated Environment Groups
    Allows segmenting environments into isolated groups, ensuring they do not communicate with each other by default (LAN).

info

💡 By isolating environments, you improve network security and prevent lateral traffic between containers of different environments.

🔐 Part 3 – Inbound Rules

✅ Creating a new inbound rule

  1. Go to the Inbound Rules tab
  2. Click New Rule
  3. Fill in the following fields:
FieldExampleDescription
NodesLoad BalancerSelect the node (container) where the rule will be applied
NameHTTP/HTTPSDescriptive name to identify the rule
ProtocolTCPConnection protocol (TCP or UDP)
Port Range80,443Single port or range (e.g., 8000-8100). Leave blank for all ports
SourceAllDefines the connection source (all, specific IPs, local network, etc.)
Priority1040Priority number. Lower number = higher priority
ActionAllowDefines if the traffic will be Allowed or Denied
  1. Click Save to apply the rule.
tip

💡 Priority: Rules with lower priority values are evaluated first. Use this to deny access before allowing it, if necessary.

warning

⚠️ Avoid using "All" or "Internet (Public Access)" with sensitive ports like SSH (22) without restricting by IP.

🌍 Part 4 – Outbound Rules

✅ Creating a new outbound rule

  1. Go to the Outbound Rules tab.
  2. Click New Rule.
  3. Configure as needed:
FieldExampleDescription
ProtocolTCPType of traffic
Port80, 443HTTP/HTTPS
Destination IP0.0.0.0/0Destination IPs (any)
ActionAllowDefines if the connection is allowed
info

🔧 In SaveinCloud, all outbound accesses are allowed by default unless you explicitly configure to deny.

🧠 Part 5 – Best Practices and Security

warning

⚠️ Never open unnecessary ports. Each exposed service can be a security vulnerability.

  • Restrict access by IP where possible.
  • Use key authentication for SSH.
  • Review your rules periodically.
  • Document every change made to the firewall.

🛠️ Troubleshooting – Common Issues

❌ I cannot access my application

  1. Check if the application port is allowed in the inbound rules.
  2. Confirm if the source IP is included in the rule.
  3. Validate if the application is listening on the correct port:
netstat -pltn | grep :80