Firewall Overview

Plans and Pricing

DigitalOcean Cloud Firewalls are available at no additional cost.

Regional Availability

Firewalls are available in every region. A Firewall’s rules can include servers from any combination of regions.


While you can apply Firewall rules to individual Droplets, a more powerful option is to use tags. Tags are custom labels that you can apply to Droplets. By using a tag for your Firewall, you automatically include any Droplets with that tag in your Firewall configuration.


  • You can have a maximum of 10 Droplets per Firewall and 5 Tags per Firewall. You can have an unlimited number of Firewalls per Droplet.

  • Each Firewall can have up to 50 total incoming and outgoing rules.

  • The Cloud Firewall applies rules to both public and private network and cannot be applied to only one or the other.

  • The Cloud Firewall supports ICMP, TCP, and UDP protocols only.