Security group rules for different use cases
Security groups are a fundamental part of securing your resources on Nebula. It’s important to understand how to configure these rules properly to maintain a secure environment.
Each of the following use cases are practical examples of security group rule configurations and include clear rule definitions so you can apply them confidently to your environment.
Secure remote access via SSH
To connect to your NebCompute server using SSH, allow the following rules in its security group:
Inbound rule
This restricts access to only the specified IP, preventing unauthorized login attempts.
| Type | Protocol | Port | Source |
|---|---|---|---|
| IPv4, IPv6 | TCP | 22 | Your public IPv4 address or IPv6 address if your server’s VPC supports IPv6. e.g X.X.X.X/32 |
Outbound rule
This allows your server to access the internet, which is useful for downloading updates, packages, or connecting to remote services.
| Type | Protocol | Destination |
|---|---|---|
| IPv4, IPv6 | All | 0.0.0.0/0 (IPv4), ::/0 (IPv6) |
Public web hosting (HTTP/HTTPS)
For a server that should be accessible to users on the internet, allow the following rules in its security group:
Inbound rule
This allows your server to receive HTTP(80) and HTTPS(443) traffic.
| Type | Protocol | Port | Source |
|---|---|---|---|
| IPv4, IPv6 | TCP | 80 | 0.0.0.0/0 (IPv4), ::/0 (IPv6) |
| IPv4, IPv6 | TCP | 443 | 0.0.0.0/0 (IPv4), ::/0 (IPv6) |
Outbound rule
This allows your server to access the internet, which is useful for downloading updates, packages, or connecting to remote services.
| Type | Protocol | Destination |
|---|---|---|
| IPv4, IPv6 | All | 0.0.0.0/0 (IPv4), ::/0 (IPv6) |
Next steps
- To get started, create a security group on Nebula
- Understand how security groups work
Need help?
If you have any technical questions or encounter any problems, get in touch with our Support team! We are here to help, and will provide support if you encounter any issues with NebCompute.