Need help?

Our experts have had an average response time of 13.52 minutes in October 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Virtualizor firewall – Here’s how to configure it

by | Mar 19, 2019

Virtualizor is a great way to manage virtual servers. It comes with a panel where server tasks are just a click away.

But, ensuring security is really critical in Virtualizor servers. And, the popular option is to setup Virtualizor firewall.

Unfortunately, bad firewall often create problems on Virtualizor server.

That’s why, we often get requests from our customers to setup Virtualizor firewall as part of our Infrastructure Management Services.

Today, we’ll see how our Dedicated Engineers setup Virtualizor firewall and solve errors with them.


Why do we need firewall in Virtualizor?

Firstly, let’s check on the need for firewall on a Virtualizor. A firewall can bring in effective restriction on service ports of Virtualizor. For example, some customers may want only a few IP addresses to access the web panel. Or some may try to restrict mail access on the server to certain users.

Again, firewall can help to close down unused ports on the server. Thus, it works well to avoid port based attacks too.


Different ways to enable Virtualizor firewall

Now, let’s see the different methods to enable firewall in Virtualizor. We can either use the built-in firewall or configure 3rd party firewall programs in the Virtualizor server. We’ll now see the steps that our Dedicated Engineers take to ensure the proper working of firewall in the server.


1. Inbuilt firewall

Luckily, Virtualizor comes with a firewall option. This is based on the iptables module. Usually, manually adding iptables rules can be tedious to non techie customers. Fortunately, Virtualizor panel offers an easy interface to manage the firewall. It has simple options to add a rule, remove a rule, check the firewall rules and many more.

However, to make use of the Firewall Services, our Dedicated Engineers always ensure that the Firewall is enabled on the server. To do this, we click on the ‘Firewall Enable‘ button in the Firewall Services page.

The Firewall Services page in Virtualizor looks as shown in the picture below.


In short, the Firewall interface help customers to avoid the use of complex iptable rules. Still, Virtualizor supports adding rules via command-line too. This comes handy when adding multiple rules at a time. Our Support Engineers use scripts to add rules in a batch. And, we always double check the rules prior to enabling them on live servers.


2. Using firewall programs

Similarly, another method to enable Firewall on Virtualizor is to use 3rd party firewall programs. As a result, customers can choose a firewall program of their choice.

The popular firewall programs that customers use include Configserver Security and Firewall (CSF), Uncomplicated Firewall (UFW), etc.

We’ll now take a look at the steps that we take to enable CSF on Virtualizor.

Our Dedicated Engineers download and install the CSF package on the Virtualizor server first. Then, we proceed with editing the configuration file at /etc/csf/csf.conf. For example, the changes include opening ports in the range 4082 – 4085 for Virtualizor web panel access, restricting web panel access to certain specific IP address, etc. Again, to enable vnc access, we open port range 5900 – 7000.
Finally, we add iptables forwarding rules for Virtualizor work with csf.

To ensure additional security, our Support Engineers always recommend customers to use a VPN to connect to the Virtualizor panel. As a result, it will always keep the same IP address and helps to manage the server from anywhere.


Common errors with Virtualizor firewall and fixes

Although, the set up of Virtualizor firewall is rather easy, we often see customers experiencing problems with firewall rules. Let’s now check the top problems and their fixes.


1. Panel appears offline

Often, after configuring the firewall, the Virtualizor panel may look offline to customers. This usually happens due to the wrong port configuration in the Virtualizor firewall. For the the panel to work properly, the firewall on the slave server also should be working.

Recently, when one of our customers reported problems with Virtualizor panel, it was the slave firewall that was causing the error. To fix it, our Dedicated Engineers had to allow the Master server IP on the slave server and also allow port range 4081-4085.



Similarly, Virtualizor firewall can also cause problems in some of the applications in the server too. Usually, this happens when the users forget to open the relevant service ports in the firewall.

For example, installing cPanel on Virtualizor server is pretty easy. But, if the ports 2082, 2083, 2086, 2087 are not open on the server, when you access cPanel or WHM in the browser, it will show the error “ERR_CONNECTION_REFUSED“.

Here, to fix the problem, our Dedicated Engineers manually add the iptables rules to open the relevant ports in the Virtualizor firewall. Additionally, we check the ports listening on the server using the command:

netstat -tulpn 

This would give us an idea on the exact services listening on each port.

[Do you need help with Virtualizor firewall? Our Virtualization Engineers can help you here.]



In a nutshell, maintaining security in virtual servers becomes rather easy with Virtualizor firewall. But, wrong rules can block your own access to the server. Today, we saw how our Support Engineers setup Virtualizor firewall correctly and fix common errors with it.


Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.


var google_conversion_label = "owonCMyG5nEQ0aD71QM";


Submit a Comment

Your email address will not be published. Required fields are marked *


Privacy Preference Center


Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]


Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid


Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie


These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.