Skip to main content
Glama
hostinger

hostinger-api-mcp

Official
by hostinger
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

VPS_createFirewallRuleV1

Create a firewall rule to allow specified protocol, port, and source for a Hostinger VPS firewall. Note: activating the rule will desync attached VMs.

Instructions

Create new firewall rule for a specified firewall.

By default, the firewall drops all incoming traffic, which means you must add accept rules for all ports you want to use.

Any virtual machine that has this firewall activated will lose sync with the firewall and will have to be synced again manually.

Use this endpoint to add new security rules to firewalls.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
firewallIdYesFirewall ID
protocolYesprotocol parameter
portYesPort or port range, ex: 1024:2048
sourceYessource parameter
source_detailYesIP range, CIDR, single IP or `any`

Implementation Reference

  • src/core/tools/vps.ts:573-635 (schema)
    Tool schema definition for VPS_createFirewallRuleV1 - defines name, description, HTTP method (POST), path (/api/vps/v1/firewall/{firewallId}/rules), and input schema with required fields (firewallId, protocol, port, source, source_detail). Note: the ruleId param from the OpenAPI spec was dropped from the required list (unlike the update endpoint which includes it).
    {
  "name": "VPS_createFirewallRuleV1",
  "description": "Create new firewall rule for a specified firewall.\n\nBy default, the firewall drops all incoming traffic,\nwhich means you must add accept rules for all ports you want to use.\n\nAny virtual machine that has this firewall activated will lose sync with the firewall\nand will have to be synced again manually.\n\nUse this endpoint to add new security rules to firewalls.",
  "method": "POST",
  "path": "/api/vps/v1/firewall/{firewallId}/rules",
  "inputSchema": {
    "type": "object",
    "properties": {
      "firewallId": {
        "type": "integer",
        "description": "Firewall ID"
      },
      "protocol": {
        "type": "string",
        "description": "protocol parameter",
        "enum": [
          "TCP",
          "UDP",
          "ICMP",
          "GRE",
          "any",
          "ESP",
          "AH",
          "ICMPv6",
          "SSH",
          "HTTP",
          "HTTPS",
          "MySQL",
          "PostgreSQL"
        ]
      },
      "port": {
        "type": "string",
        "description": "Port or port range, ex: 1024:2048"
      },
      "source": {
        "type": "string",
        "description": "source parameter",
        "enum": [
          "any",
          "custom"
        ]
      },
      "source_detail": {
        "type": "string",
        "description": "IP range, CIDR, single IP or `any`"
      }
    },
    "required": [
      "firewallId",
      "protocol",
      "port",
      "source",
      "source_detail"
    ]
  },
  "security": [
    {
      "apiToken": []
    }
  ],
  "group": "vps"
},
  • src/core/tools/vps.ts:573-635 (handler)
    Handler: This tool has no custom handler. It is executed via the generic executeApiCall() method in runtime.ts which constructs an HTTP request based on the tool's method and path, substituting path parameters from input params.
    {
  "name": "VPS_createFirewallRuleV1",
  "description": "Create new firewall rule for a specified firewall.\n\nBy default, the firewall drops all incoming traffic,\nwhich means you must add accept rules for all ports you want to use.\n\nAny virtual machine that has this firewall activated will lose sync with the firewall\nand will have to be synced again manually.\n\nUse this endpoint to add new security rules to firewalls.",
  "method": "POST",
  "path": "/api/vps/v1/firewall/{firewallId}/rules",
  "inputSchema": {
    "type": "object",
    "properties": {
      "firewallId": {
        "type": "integer",
        "description": "Firewall ID"
      },
      "protocol": {
        "type": "string",
        "description": "protocol parameter",
        "enum": [
          "TCP",
          "UDP",
          "ICMP",
          "GRE",
          "any",
          "ESP",
          "AH",
          "ICMPv6",
          "SSH",
          "HTTP",
          "HTTPS",
          "MySQL",
          "PostgreSQL"
        ]
      },
      "port": {
        "type": "string",
        "description": "Port or port range, ex: 1024:2048"
      },
      "source": {
        "type": "string",
        "description": "source parameter",
        "enum": [
          "any",
          "custom"
        ]
      },
      "source_detail": {
        "type": "string",
        "description": "IP range, CIDR, single IP or `any`"
      }
    },
    "required": [
      "firewallId",
      "protocol",
      "port",
      "source",
      "source_detail"
    ]
  },
  "security": [
    {
      "apiToken": []
    }
  ],
  "group": "vps"
},
  • src/servers/vps.ts:3-5 (registration)
    Registration entry point - the VPS tools array (including VPS_createFirewallRuleV1) is imported from src/core/tools/vps.js and passed into the startServer function which registers all tools with the MCP SDK.
    import { startServer } from '../core/runtime.js';
import tools from '../core/tools/vps.js';
  • src/core/runtime.ts:86-99 (registration)
    Registration: The MCPServer.initializeTools() method iterates over the tool list and registers each tool (including VPS_createFirewallRuleV1) by name in the internal tools Map for MCP SDK.
      // Set up request handlers - don't log here
  this.setupHandlers();
}

/**
 * Parse headers from string
 */
private parseHeaders(headerStr: string): Record<string, string> {
  const headers: Record<string, string> = {};
  if (headerStr) {
    headerStr.split(",").forEach((header) => {
      const [key, value] = header.split(":");
      if (key && value) headers[key.trim()] = value.trim();
    });
  • src/core/runtime.ts:1879-1966 (handler)
    Generic API handler - VPS_createFirewallRuleV1 is not a custom tool so it uses executeApiCall(), which builds an HTTP request from the tool's method (POST) and path (/api/vps/v1/firewall/{firewallId}/rules), substituting path params from input and sending remaining params as JSON body.
      this.log('info', `Resolving username from domain: ${domain}`);
  const username = await this.resolveUsername(domain);

  const queryParams = this.hosting_showJsDeploymentLogs_buildQueryParams(params);

  let logs: any;
  try {
    this.log('info', `Fetching logs for ${domain}, build ${buildUuid}`);
    logs = await this.hosting_showJsDeploymentLogs_fetchLogs(username, domain, buildUuid, queryParams);
  } catch (error) {
    const errorMessage = error instanceof Error ? error.message : String(error);
    this.log('error', `Failed to fetch logs: ${errorMessage}`);
    throw error;
  }

  const effectiveFromLine = (typeof fromLine === 'number' && Number.isInteger(fromLine) && fromLine >= 0) ? fromLine : 0;

  return {
    domain,
    username,
    buildUuid,
    fromLine: effectiveFromLine,
    logs
  };
}

/**
 * Execute an API call for a tool
 */
private async executeApiCall(tool: OpenApiTool, params: Record<string, any>): Promise<any> {
  // Get method and path from tool
  const method = tool.method;
  let path = tool.path;

  // Clone params to avoid modifying the original
  const requestParams = { ...params };

  // Replace path parameters with values from params
  Object.entries(requestParams).forEach(([key, value]) => {
    const placeholder = `{${key}}`;
    if (path.includes(placeholder)) {
      path = path.replace(placeholder, encodeURIComponent(String(value)));
      delete requestParams[key]; // Remove used parameter
    }
  });

  // Build the full URL
  const baseUrl = this.baseUrl.endsWith("/") ? this.baseUrl : `${this.baseUrl}/`;
  const cleanPath = path.startsWith("/") ? path.slice(1) : path;
  const url = new URL(cleanPath, baseUrl).toString();

  this.log('debug', `API Request: ${method} ${url}`);

  try {
    // Configure the request
    const config: AxiosRequestConfig = {
      method: method.toLowerCase(),
      url,
      headers: { ...this.headers },
      timeout: 60000, // 60s
      validateStatus: function (status: number): boolean {
        return status < 500; // Resolve only if the status code is less than 500
      }
    };
   
    const bearerToken = process.env['API_TOKEN'] || process.env['APITOKEN']; // APITOKEN for backwards compatibility
    if (bearerToken && config.headers) {
      config.headers['Authorization'] = `Bearer ${bearerToken}`;
    } else {
      this.log('error', `Bearer Token environment variable not found: API_TOKEN`);
    }

    // Add parameters based on request method
    if (["GET", "DELETE"].includes(method)) {
      // For GET/DELETE, send params as query string
      config.params = { ...(config.params || {}), ...requestParams };
    } else {
      // For POST/PUT/PATCH, send params as JSON body
      config.data = requestParams;
      if (config.headers) {
        config.headers["Content-Type"] = "application/json";
      }
    }

    this.log('debug', "Request config:", {
      url: config.url,
      method: config.method,

Tool Definition Quality

A4.1/5.0
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description discloses key behavioral traits: default drop policy, need to add accept rules, and the side effect of VMs losing sync requiring manual sync. This adds value beyond the schema, though rate limits or auth requirements are not mentioned. Given no annotations, this is helpful.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is 5 sentences, each providing essential information: purpose, default behavior, usage context, side effect, and restatement. It is reasonably concise, though the last sentence is slightly redundant. Overall well-structured.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no annotations and no output schema, the description adequately covers the tool's purpose, default behavior, and post-creation requirement (VM sync). It does not explain return values, but that is acceptable without an output schema. The description is complete enough for effective use.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with clear descriptions for all 5 parameters. The description does not add significant new meaning beyond the schema (e.g., explaining 'port' format as range, 'source_detail' as IP/CIDR). Thus, it meets the baseline expectation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb 'Create' and the resource 'new firewall rule for a specified firewall'. It distinguishes from sibling tools like VPS_deleteFirewallRuleV1 and VPS_updateFirewallRuleV1 by focusing on creation. The default drop behavior and need to add accept rules further clarify the purpose.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explains that the firewall drops all inbound traffic by default, so this tool is used to add accept rules for desired ports. It also notes that VMs will lose sync and require manual sync after rule creation, guiding the agent on subsequent steps. However, explicit comparison with alternatives (e.g., VPS_createNewFirewallV1) is missing.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/hostinger/api-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server