New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
@InceptionHosting / @Clouvider
@mxmla server-factory
@HostEONS
@Hosteroid
@naranjatech
Many hosts which suit your requirement available here, for cheap
https://lowend-deals.xbit.win/#kvm-25 (some links are aff)
I think this needs a little of context.
What kind of firewall? External one?
What are you trying to achieve?
Is this new way of saying "I need port 25 open"? Have you ever met a host that wouldn't allow you to manage firewall?
RackNerd has (no aff)
For $2.07 / month. See product specs (aff)
Hi,
I can offer our Node 4GB G2 priced at 4€ per month. Located in Frankfurt.
2 EPYC Cores / 4GB RAM / 40GB NVMe / /56 IPv6 + 1 IPv4 / 10 Gbit/s
External firewall so I can block for example IP ranges so they'll never reach the server. I'm running a small DNS server for me and my family and since this is a public server I'm getting a load of automatic requests from South Africa and Asia. I am aware that there is Cloudflare where I could block specific countries or continents, but I'm too stupid to configure it.
Hetzner, Vultr and many other big providers have firewall.
Can i configure them by myself?
Firewall?
yes, you can manage firewall yourself on all self-managed VMs via SSH
OP wants a external one
Oracle Cloud has an external firewall than needs and loves to be petted frequently. I hate that inconvenience.
Can be configured on a hypervisor level.
Not yet native in the panel but it's on the roadmap.
If you provide us with a list we can configure the firewall for you
Hi,
We should fit the bill with what you're looking for.
Our plans: https://scaleblade.com/products/vps
Sure. I can confirm.
Hetzner Cloud?
You have experience with their cloud?
I know that is hourly billing and they got the firewall for the server into their panel.
We can offer as below KVM VPS
2GB DDR4 Dedicated RAM
2 CPU Cores
25 GB NVMe SSD Storage
2TB Bandwidth
Price : $7/month
Locations :
France VPS (Intel Gold)
Germany VPS (AMD Ryzen)
Finland VPS (AMD Ryzen)
United Kingdom VPS (AMD Ryzen)
Can upgrade storage to 30GB for free.
Firewall?
Apologies, we do not have firewall options. I thought you would manage firewall os level.
@gbzret4d
you got some pretty good offers here, why not spend a few days with UFW or firewalld and learn to do what you need.
Trust me, it is not that hard after you understand the logic.
Try and fail always works, and you learn something pretty useful also.
EDIT:
If filtering for home is what you need, take a look at PI-HOLE. ( DNS based Filtering )
https://pi-hole.net/
Im already running a open dns resolver for my family and some wlan networks i manage. I get many automated requests from what i guess are botnets, so im searching for a cost efficient solution to block them before they reach the server. My domain is using the cloudflare name servers but im not able to proxy the domain to my server, otherwise i could use their firewall to block specified countries and continents or atleast im too stupid for that
You guessed right. Bots, and if you do not set up Rate Limit on port 53 aka request/answer limit / second, they can run your cpu at 100%, as the DNS server is doing what it should, answer until he eats all performance of the VM. - oh yes, and you can have 500.000 or even more request / second if your server makes it to a "list".
Well, GEO-IP based might help, like SNORT, but it is not going to be 100% accurate.
There are no simple ways to do this, as from home you have dynamic IP. So setting the firewall and DNS to reply only to X, Y, Z ip's for DNS requests is out of the question.
Simple firewall will not help you.
Im not hosting my server at home. Right now im hosting it at netcup.
Cloudflare has some function i would like to set up. Block ip ranges from specified countries/continents but like i said im too stupid to get it running.
I'll the second the idea of learning to work with iptables/nftables. There probably isn't much difference between dropping the traffic internally or externally. Besides if this request means that OP doesn't firewall his boxes off in general i'm not sure what i should say.
Unfortunately, that likely isn't what you're looking for (or something that would even work). I'm not sure exactly what you're looking at, but Cloudflare and its features are usually for HTTP(S) traffic only. DNS-Over-HTTPS would probably work fine in this case, but Cloudflare Spectrum for individual port filtering is likely off-limits for personal or family use as it requires an enterprise contract according to their documentation.
That's my life since I joined in this world of hosting.
I configured iptables to drop many of the requests, but my question was for an external firewall so they won't reach the server and produce load on it
I configured their WAF to block all continents except europe but i cant get it running. When i enable their proxy for my domain, dns requests arent reaching the server anymore.