Find us on social media

Client area
FirewallWindowsPorts6 min read

Configure Windows Firewall

Configure Windows Firewall with inbound and outbound rules to control network traffic.

Windows Firewall with Advanced Security controls inbound and outbound traffic. Properly configured, it protects your VPS while allowing necessary services.

Open Windows Firewall

powershell
wf.msc

Or: Server ManagerToolsWindows Defender Firewall with Advanced Security

Understanding profiles

  • Domain: When connected to a domain controller
  • Private: Trusted networks
  • Public: Untrusted networks (default for VPS)

Allow a port (inbound rule)

Using PowerShell:

powershell
# Allow HTTP
New-NetFirewallRule -DisplayName "Allow HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow

# Allow HTTPS
New-NetFirewallRule -DisplayName "Allow HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow

# Allow custom port
New-NetFirewallRule -DisplayName "Allow My App" -Direction Inbound -Protocol TCP -LocalPort 3000 -Action Allow

Block a port

powershell
New-NetFirewallRule -DisplayName "Block Telnet" -Direction Inbound -Protocol TCP -LocalPort 23 -Action Block

Allow a port range

powershell
New-NetFirewallRule -DisplayName "Allow High Ports" -Direction Inbound -Protocol TCP -LocalPort 8000-8100 -Action Allow

Allow from specific IP

powershell
New-NetFirewallRule -DisplayName "Allow SSH from Office" -Direction Inbound -Protocol TCP -LocalPort 22 -RemoteAddress 203.0.113.50 -Action Allow

List existing rules

powershell
Get-NetFirewallRule | Where-Object {$_.Enabled -eq 'True'} | Format-Table DisplayName, Direction, Action

Remove a rule

powershell
Remove-NetFirewallRule -DisplayName "Allow My App"

Disable/Enable the firewall (not recommended)

powershell
# Disable (dangerous!)
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False

# Enable
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

Default rules to keep

Never disable these rules:

  • Remote Desktop (TCP 3389)
  • Windows Remote Management (if using WinRM)
  • Core Networking rules

Tip

Your Baires Host VPS includes network-level DDoS protection. Windows Firewall adds application-level filtering for defense in depth.

Was this guide helpful?
← Back to Windows Server