HG Firewall Plugin

HostGator offers the HG Firewall plugin for managing firewall settings from WHM. HG Firewall is available to customers who are administrating VPS or Dedicated servers. This article will detail how to access and use this plugin.

Access and Use HG Firewall

To access HG Firewall on your VPS or Dedicated server:

  1. Log into WHM as root.
  2. Select HG Firewall Administration from the Plugins section in the left hand navigation bar:

This will open up the HG Firewall management screen. From here you may open ports, whitelist or blacklist IP addresses, add custom rules, delete rules, and even stop, start, and restart the firewall service.

To stop, start, or restart the firewall service:

  1. Locate the buttons for managing the service:

  2. Click the desired button:
    • Stop, to disable the firewall (Not recommended except for as a temporary troubleshooting step).
    • Start, to start the firewall service if it is stopped.
    • Restart, to quickly restart the firewall.

To remove a rule that has been previously added:

  1. Scroll to the list of existing firewall rules:

  2. Double click on the existing rule that you would like to delete.
  3. Restart the firewall service to ensure that the rule is cleared.

Open an Outbound Port

Outbound ports allow services hosted locally on the server to connect outbound to external servers. For example, if you have software installed that needs to send mail using SMTP via an external server, port 26 may need to be opened outbound in order to allow the software to connect externally. To open an outbound port:

  1. Enter the desired port number in the text box.
  2. Click Open Port.

Your software and services should now be able to connect to external servers via the opened port. If it is not yet working, please attempt to restart the firewall.

Open an Inbound Port

Inbound ports are required for external software and services to access services on your server. For example, to use SSH to access your server, the correct SSH port (22 by default on VPS and Dedicated servers) needs to be open. To open an inbound ports:

  1. Enter the desired port number in the text box.
  2. Click Open Port.

You should now be able to access your server via the now open port. If it is not yet working, please attempt to restart the firewall.

Blacklist an IP address

You may entirely deny access to your server to specific IP addresses by using this blacklist. To add an IP address to the blacklist:

  1. Enter the desired IP Address in the text box.
  2. Click Block IP.

Whitelist an IP address

You may whitelist an IP address which you have previously denied access to, or which has in some other way become blacklisted. To add an IP address to the whitelist:

  1. Enter the desired IP Address in the text box.
  2. Click Add IP.

Add a Custom iptables Rule to a Chain

The most powerful feature of HG firewall is the ability to add custom iptables rules to your chain of firewall rules. To add a custom rule:

  1. Enter the correctly formatted iptables rule into the text box (You may omit the prefix "iptables" as this will be added automatically).
  2. Click Add Rule.
Note: This is an advanced feature requiring an understanding of the usage of the iptables command chain to provide rules to your server's firewall.

Please contact us via phone or Live Chat if you have any questions or require assistance.