diff --git a/group_vars/abid/staging.yml b/group_vars/abid/staging.yml
index 33fef19eb1..da51735d37 100644
--- a/group_vars/abid/staging.yml
+++ b/group_vars/abid/staging.yml
@@ -1,4 +1,10 @@
 ---
+# firewall
+firewall_allowed_networks:
+  - 128.112.200.0/21
+firewall_allowed_ports:
+  - port: 80
+  - port: 443
 postgres_host: "lib-postgres-staging1.princeton.edu"
 postgres_version: 15
 postgresql_is_local: false
diff --git a/playbooks/abid.yml b/playbooks/abid.yml
index f25b9e8fa5..16842f7452 100644
--- a/playbooks/abid.yml
+++ b/playbooks/abid.yml
@@ -10,6 +10,8 @@
     - ../group_vars/abid/{{ runtime_env | default('staging') }}.yml
     - ../group_vars/abid/vault.yml
   roles:
+    - role: roles/firewall
+      when: runtime_env == "staging"
     - role: roles/abid
 
   post_tasks: