OVH firewall setup explained step by step. Learn how to enable, configure, and secure OVH Network Firewall with real rules and examples. Our 24/7 Live Support Team is always here to help you.
If you run a server on OVHcloud, security is not optional. One open port or a missed rule is enough to invite trouble. That’s exactly why mastering ovh firewall setup matters. This guide walks you through the process in plain language, with real steps, real logic, and no filler.
By the end, you’ll know how to enable the firewall, set smart rules, and avoid the mistakes most users only learn after an outage.
What the OVH Network Firewall Really Does
Before diving in, let’s be clear. OVH’s Network Firewall works at the IP level, not at the server level. That means:
- Each public IP must be configured separately
- Rules are applied before traffic reaches your server
- Internal OVH network traffic is not filtered
Because of this, ovh firewall setup is your first line of defense, especially during scans or DDoS events.
Steps
Enable the Network Firewall in OVHcloud
First, log in to the OVHcloud Control Panel.
Then follow these steps carefully:
1. First, go to Network in the left sidebar
2. Then click Public IP Addresses
3. Afterward locate the IP you want to protect
4. Then click the three dots (…) next to the IP
5. Then select Create Firewall
6. Finally, confirm when prompted
After that, click the gear icon next to the IPv4 address and enable the firewall.
Moreover at this point, the firewall is active, but wide open. Therefore, rules are critical.
Understand How Firewall Rules Work
OVH allows up to 20 rules per IP, ranked from priority 0 to 19.
- Important details to remember:
- Rules are read top to bottom
- The first matching rule stops further checks
- Priority 0 is the most important
- Priority 19 is usually a final deny rule
Also, during DDoS attacks, the firewall auto-enables and cannot be turned off. That’s why a proper ovh firewall setup should always be ready in advance.
Add Essential Rules (Correct Order Matters)
To add rules, right-click Add a rule.
Moreover, here’s a proven configuration example.
Rule 0 – Allow Established TCP Connections
- Priority: 0
- Action: Authorize
- Protocol: TCP
- IP: Any
- TCP option: Established
This rule is mandatory. Without it, your server won’t receive proper TCP responses.
Rule 1 – Allow SSH
- Priority: 1
- Action: Authorize
- Protocol: TCP
- Destination port: 22
Rule 2 – Allow HTTP
- Priority: 2
- Action: Authorize
- Protocol: TCP
- Destination port: 80
Rule 3 – Allow HTTPS
- Priority: 3
- Action: Authorize
- Protocol: TCP
- Destination port: 443
Lock Down Your OVH Firewall
Rule 4 – Allow Required UDP Port
- Priority: 4
- Action: Authorize
- Protocol: UDP
- Destination port: 10000
Rule 19 – Block Everything Else
- Priority: 19
- Action: Refuse
- Protocol: IPv4
This final rule ensures nothing slips through.
Important Notes Most Guides Skip
- UDP fragmentation is blocked by default
- VPN users must adjust MTU settings
- For OpenVPN, enable MTU test
- Disabled firewall rules should still be reviewed regularly
These details make or break a solid ovh firewall setup.
Conclusion
This one explains why they matter. A clean ovh firewall setup reduces attack surface, prevents accidental lockouts, and keeps traffic predictable.
