• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[SOLVED] Firewall Setup for Cloud hosting web app

Scheduled Pinned Locked Moved General pfSense Questions
4 Posts 3 Posters 169 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    Bambos
    last edited by Bambos Feb 18, 2025, 1:58 PM Feb 13, 2025, 3:15 PM

    Hello everyone,

    i'm working on a cloud hosting for a web app, that will be also server for android app.

    There is a dns name with the form of "thewebapp.domain.com" that is already pointing on the public IP. The datacenter has pfsense ISO available, so is my choice to go.

    What would be the suggested firewall port allow for something like this ?
    Should this be normal port forward from WAN to LAN server IP? or there is a usage scenario of reverse proxy ? (HA Proxy?)

    In this kind of cloud hosting, do we forward everything inside (as the developer requested) or only the specific services and ports ?
    (Actually they request a VM with direct public IP without firewall in the front)

    any comments / suggestions appreciated.

    N 1 Reply Last reply Feb 14, 2025, 4:53 AM Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by Feb 13, 2025, 6:37 PM

      I would only expect to need to forward port 443 for a web app. But it may need other ports, they would need to tell you what's required.

      1 Reply Last reply Reply Quote 0
      • N
        netblues @Bambos
        last edited by Feb 14, 2025, 4:53 AM

        @Bambos said in Firewall Setup for Cloud hosting web app:

        In this kind of cloud hosting, do we forward everything inside (as the developer requested) or only the specific services and ports ?
        (Actually they request a VM with direct public IP without firewall in the front)

        You should really direct the developer to a network security primer as soon as possible.
        This guy is a security menace!

        B 1 Reply Last reply Feb 14, 2025, 8:25 AM Reply Quote 1
        • B
          Bambos @netblues
          last edited by Feb 14, 2025, 8:25 AM

          @netblues thanks a lot. this is what i thought :)

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received