VICIfast Firewall

The Firewall section consolidates four real capabilities into one screen.

Console access

Browser-based serial console to the VPS. Use it when SSH is locked out — bad iptables rule, mistyped sshd_config, or after a kernel update. Dashboard → your server → Console.

Recorded SSH sessions

Every SSH session into your box is captured as an asciinema cast (.cast format). Replay any session from the dashboard. Recordings are stored on platform-managed object storage in the same region as your server, retained for 30 days after server delete. Recording cannot be disabled — it is a security feature, not a billing one.

Managed SSH keys

Paste a public key in the dashboard; we sync it to /root/.ssh/authorized_keys via the platform CA. Your private key never leaves your workstation. Revoke from the dashboard and the key is stripped from the box within seconds — we do not rely on a TTL.

Agent self-serve IP portal

Public portal at firewall.<your-brand>.com/<short-token>. Agents authenticate with TOTP, click "whitelist my IP", done. Rate-limited per IP and per token; every whitelist event is logged with the agent's TOTP-authenticated identity. Rotate the token from the dashboard at any time — the old token dies within seconds.