diff --git a/terraform/modules/firewall/main.tf b/terraform/modules/firewall/main.tf
index e69de29..c1a3f5c 100644
--- a/terraform/modules/firewall/main.tf
+++ b/terraform/modules/firewall/main.tf
@@ -0,0 +1,51 @@
+resource "hcloud_firewall" "prod-fw" {
+  name = "prod-fw"
+  rule {
+    direction = "in"
+    protocol  = "tcp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+    port = "22"
+    description = "Allow SSH"
+  }
+  rule {
+    direction = "in"
+    protocol  = "tcp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+    port = "80"
+    description = "Allow HTTP"
+  }
+  rule {
+    direction = "in"
+    protocol  = "tcp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+    port = "443"
+    description = "Allow HTTP/S"
+  }
+  rule {
+    direction = "out"
+    protocol  = "tcp"
+    destination_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+    description = "Allow all outbound TCP traffic"
+  }
+  rule {
+    direction = "out"
+    protocol  = "udp"
+    destination_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+    description = "Allow all outbound UDP traffic"
+  }
+}
\ No newline at end of file