## PUT /api/v2/vps/{id}/firewall/options **Update VPS firewall options** Partially update inbound VPS firewall options. Send at least one of `enabled` or `inboundPolicy`; unknown fields are rejected. Public v2 firewall management is inbound-only; use `POST /api/v2/vps/{id}/firewall` for inbound allow rules. To turn protection on for inbound traffic, set `enabled: true` and usually `inboundPolicy: "DROP"`, then add explicit allow rules. ### Related Endpoints - `GET /api/v2/vps/{id}/firewall/options`: Get VPS firewall options - `GET /api/v2/vps/{id}/firewall`: List VPS firewall rules - `POST /api/v2/vps/{id}/firewall`: Add VPS firewall rule ### Headers - `Accept`: application/json - `Authorization`: Bearer YOUR_API_KEY - Required API scope: `write:vm` - `Content-Type`: application/json ### Parameters - `id` (path, string, required): Public VPS ID from `GET /api/v2/vps` `data[].id`. Do not invent this value; use the exact ID returned by the referenced API response. Example: `vps_01hxa3b4c5d6e7f8g9h0j1k2m3` ### Request Body - `enabled` (boolean, optional) Example: `true` - `inboundPolicy` (string, optional) Example: `DROP` Allowed values: ACCEPT, DROP, REJECT ### Request Examples #### Enable inbound filtering ```bash curl -X PUT "https://cloud.hostup.se/api/v2/vps/vps_01hxa3b4c5d6e7f8g9h0j1k2m3/firewall/options" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -d '{ "enabled": true, "inboundPolicy": "DROP" }' ``` ```json { "enabled": true, "inboundPolicy": "DROP" } ``` ### Response Schema - `enabled` (boolean, required) Example: `true` - `inboundPolicy` (string, required) Example: `DROP` Allowed values: ACCEPT, DROP, REJECT - `platformFilteringInbound` (boolean, required) Example: `true` - `available` (boolean, required) Example: `true` - `reason` (string,null, required) Example: `null` - `source` (string,null, required) Example: `live` - `mode` (string,null, required) Example: `enabled_restrictive` - `summary` (string,null, required) Example: `Firewall protection is on. Incoming traffic must match an allow rule to pass.` - `detail` (string,null, required) Example: `Traffic that does not match an allow rule is blocked before it reaches the VM.` - `actions` (object, required) - `actions.canUpdate` (object, required) - `actions.canUpdate.allowed` (boolean, required) Example: `true` - `actions.canUpdate.reason` (string,null, required) Example: `null` - `actions.canUpdate.code` (string,null, optional): Machine-readable reason code when an action is blocked. Example: `pending_order` ### Responses #### 200 - Firewall options updated. ```json { "enabled": true, "inboundPolicy": "DROP", "platformFilteringInbound": true, "available": true, "reason": null, "source": "live", "mode": "enabled_restrictive", "summary": "Firewall protection is on. Incoming traffic must match an allow rule to pass.", "detail": "Traffic that does not match an allow rule is blocked before it reaches the VM.", "actions": { "canUpdate": { "allowed": true, "reason": null } } } ``` #### 400 - Invalid request. The response body is an RFC 7807 Problem Details document. ```json { "type": "https://developer.hostup.se/errors/invalid_request", "title": "Invalid request", "status": 400, "detail": "The request body failed validation.", "code": "invalid_request", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z", "errors": [ { "pointer": "/items/0/domainName", "detail": "`domainName` is required.", "code": "invalid_request" } ] } ``` #### 401 - Unauthorized. Authentication is required. ```json { "type": "https://developer.hostup.se/errors/unauthorized", "title": "Unauthorized", "status": 401, "detail": "Authentication is required.", "code": "unauthorized", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 403 - Forbidden. The caller lacks a required scope or does not own the resource. ```json { "type": "https://developer.hostup.se/errors/forbidden", "title": "Forbidden", "status": 403, "detail": "The caller lacks a required scope or does not own the resource.", "code": "forbidden", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 404 - Not found. The resource does not exist or is not owned by the caller. ```json { "type": "https://developer.hostup.se/errors/not_found", "title": "Not found", "status": 404, "detail": "The requested resource could not be found.", "code": "not_found", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 429 - Rate limited. Retry after the limit resets. 429 responses include `Retry-After` seconds plus `X-RateLimit-*` headers. ```json { "type": "https://developer.hostup.se/errors/rate_limit_exceeded", "title": "Too many requests", "status": 429, "detail": "Too many requests. Retry after the limit resets.", "code": "rate_limit_exceeded", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 500 - Internal error. Retry later or contact support if the issue persists. ```json { "type": "https://developer.hostup.se/errors/internal_error", "title": "Internal server error", "status": 500, "detail": "An unexpected error occurred. Retry later or contact support if the issue persists.", "code": "internal_error", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ```