Secure your infrastructure with Cloud Firewalls

Protect your cloud infrastructure from cyberattacks, define what services are visible on your Droplets, and easily block traffic with Cloud Firewalls, available at no additional cost.

Protect staging and production deployments—and more—for free

Create rules to permit certain types of traffic to your Droplet and block everything else with simple and effective Firewalls.

Scales as you grow

Cloud Firewalls are designed to grow with you. Once you define your filtering rules, you can easily apply them to new and existing Droplets.

Secure multiple Droplets

For groups of Droplets, simply tag them and the appropriate rules are immediately applied.

Control rules in one view

See all Cloud Firewall rules in one centralized view. Add, edit, and remove rules in a single place and update your whole infrastructure.

Inbound traffic rules dashboard

Secure by default

DigitalOcean Cloud Firewalls are built to be secure by default to protect you from malicious traffic. Get granular control by controlling which ports are open and which devices can access them. Whitelist by IP address range, tags, Droplets, or Load Balancers. Everything else is blocked by your Cloud Firewall.

Create a firewall dashboard

Easy to configure

Cloud Firewalls are simple to set up and maintain. Set up a Cloud Firewall in the dashboard, CLI, or API, and enable protection without installing or maintaining any software.

Do more with Cloud Firewalls

Find out more about Cloud Firewalls and protecting against cyber attacks with the help of these step-by-step tutorials.

Create Cloud Firewalls for free

Securing your application

An Introduction To DigitalOcean Cloud Firewalls

Getting started with Cloud Firewalls

How To Create Your First DigitalOcean Cloud Firewall


How to Organize Your DigitalOcean Cloud Firewalls

Frequently asked questions

General information about cloud firewalls:

What is a cloud firewall?

DigitalOcean Cloud Firewalls are a product from DigitalOcean that act as a barrier between incoming traffic and DigitalOcean Droplets. In general, cloud-based firewalls are a security feature deployed on cloud infrastructure that act as a barrier between web applications and data and external traffic. Firewalls are designed to protect your application from suspicious traffic and cyber attacks by acting as a virtual barrier and enabling users to set up filtering rules, such as defining which IP addresses are allowed to access your application. A cloud firewall gives security teams granular control over what traffic accesses their application, and allows them to monitor network traffic. Firewalls are an important part of an organization’s overall security policies, and can prevent attacks such as distributed denial of service (DDoS) attacks and other cyber attacks.

How does a cloud firewall differ from a traditional firewall?

Unlike traditional firewalls that are deployed on-premise within a data center, cloud-based firewalls are hosted within the cloud, making them more flexible and scalable than traditional firewalls for those who leverage cloud computing solutions. Those utilizing cloud infrastructure services will require cloud-based firewalls, while those using on-premise hardware would use a traditional firewall.

A cloud firewall is generally easier to manage and maintain than a traditional firewall, as a cloud firewall is managed through a central console that can be accessed from anywhere rather than through on-premise systems. Next generation firewalls are another, newer type of firewall-as-a-service which provide even more advanced security features, such as an intrusion prevention system and deep packet inspection to detect malware.

What are the main benefits of using a firewall?

Firewalls provide organizations utilizing cloud infrastructure to host their applications and databases with enhanced security that can help protect them from attack. Cloud firewalls block hacks and suspicious traffic before it has a chance to access sensitive data, take systems offline, or cause other disruption to your application. Cloud firewalls are the main firewall option for those using cloud infrastructure—they are built to be integrated with your existing cloud infrastructure and can scale easily to handle an increase in web traffic.

What are the key features of a cloud firewall?

A cloud firewall should be simple to set up and deploy, and enable the user to set up a range of firewall rules to block or allow traffic. A cloud firewall should also provide the user with visibility into the traffic accessing their application, and detect and block potentially malicious traffic from bots and other bad actors.

How do I get started with a cloud firewall?

DigitalOcean’s Cloud Firewalls are provided at no additional cost to DigitalOcean users, and can be created through our CLI, API, or in the cloud control panel. In the cloud control panel, simply open the create menu in the upper right and choose Cloud Firewalls, and then create rules to define what traffic to allow to access your application. Cloud Firewalls are easy to manage and maintain, saving security teams valuable time.

What other security guards should I consider to protect my applications?

A cloud firewall is just one example of a security-as-a-service that helps organizations reduce their attack surface and set up a secure network perimeter. Other security services include access management and access control systems, using SSH keys, load balancers, DDoS attack prevention solutions, and more advanced threat mitigation solutions. It’s also best practice to back up your data regularly using a cloud backup solution.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.