Firewall
NetworkingFirewall is a security control that monitors and filters network traffic between systems based on defined rules. It can be implemented in hardware, software, or cloud services to allow legitimate connections while blocking unwanted access, scans, and some attack patterns. In hosting, firewalls commonly protect servers, applications, and management interfaces by limiting exposed ports and enforcing trusted sources.
How It Works
A firewall sits at a boundary where traffic enters or leaves a network or host, such as the edge of a data center, a virtual network, or directly on a server. It evaluates packets and connections against rules that define what is allowed (for example, inbound TCP 80/443 to a web server) and what is denied (for example, inbound SSH from the public internet). Rules can match on IP addresses, ports, protocols, connection state, and sometimes application-level attributes.
Most modern firewalls are stateful, meaning they track active sessions and can distinguish legitimate return traffic from unsolicited inbound attempts. In hosting environments you may encounter network firewalls (filtering traffic before it reaches the server), host-based firewalls (running on the OS using tools like nftables/iptables or Windows Firewall), and web application firewalls (WAFs) that inspect HTTP requests to block common web attacks. Firewalls are typically managed through rule sets, security groups, or access control lists, and they require careful change control to avoid accidentally exposing services or blocking real users.
Why It Matters for Web Hosting
Firewall capabilities affect how safely and easily you can run a site or application on a hosting plan. When comparing providers or plan tiers, look for whether you can control inbound/outbound rules, restrict admin access (SSH, RDP, database ports) to trusted IPs, and segment environments (production vs staging). Also consider how firewall changes are applied (self-service vs support ticket), whether DDoS filtering or a WAF is included, and how logs and alerts help you troubleshoot blocked traffic without weakening security.
Common Use Cases
- Allowing only HTTP/HTTPS to a public web server while blocking all other inbound ports
- Restricting SSH or control panel access to a specific office IP or VPN range
- Blocking outbound traffic from compromised processes to reduce data exfiltration risk
- Separating application, database, and cache tiers so only required internal ports are reachable
- Using a WAF to filter malicious HTTP requests such as injection attempts and exploit probes
- Logging and alerting on repeated connection attempts to detect scans and brute-force activity
Firewall vs WAF
A firewall primarily controls network access (IP, port, protocol, and connection state) and is used to reduce the attack surface by limiting what can connect to your server or services. A WAF focuses on web traffic (HTTP/HTTPS) and inspects requests and responses to block application-layer attacks that can pass through an open port 443. In practice, hosting setups often use both: a firewall to expose only necessary services, and a WAF to protect the web application running behind those services.