/ Register

Learn about Centmin Mod LEMP Stack today
Become a Member

Install Strict Firewall/ Client has hardware firewall default DROP

Discussion in 'Install & Upgrades or Pre-Install Questions' started by EckyBrazzz, Nov 1, 2019.

Tags:
Previous Thread Next Thread
Loading...
  1. Nov 1, 2019 #1
    EckyBrazzz

    EckyBrazzz Active Member

    917
    190
    43
    Mar 28, 2018
    >>>>Click here<<<< i'm nearby......
    Ratings:
    +363
    Local Time:
    2:43 AM
    Latest
    Latest
    Hi there,

    I need to know the ports for Centmin to keep working correct. Bumped into a situation with a setup that has a hardware firewall with everything as default "DROP" connection. (IN & OUT)

    Now I have quickly setup port 53, 80 (for domains with nothing and changed the default index.html to maintainance.html in the /nginx/html), 443 and a different SSH port with only access to some IP's.

    There are a lot of them in the /etc/csf/csf.conf but should I set all these IPv4 & IPv6??

    They want a secure environment, even without FTP.
     
  2. Nov 1, 2019 #2
    eva2000

    eva2000 Administrator Staff Member

    58,893
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    3:43 PM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
  3. Nov 1, 2019 #3
    EckyBrazzz

    EckyBrazzz Active Member

    917
    190
    43
    Mar 28, 2018
    >>>>Click here<<<< i'm nearby......
    Ratings:
    +363
    Local Time:
    2:43 AM
    Latest
    Latest
    @eva2000 Thx, did not know that there were so many ports. But will only use several.
     
  4. Nov 1, 2019 #4
    eva2000

    eva2000 Administrator Staff Member

    58,893
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    3:43 PM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    The end of post listing isn't all the ports that is used but what ports may be used for services/software too. The mentioned bare number of ports is in the linked post though and close to what Centmin Mod LEMP stack defaults to. Have to weigh up convenient vs know how. Otherwise, if you lock down too many ports, folks who are noobs will just have no idea why software they install post-Centmin Mod install don't work because they haven't configured CSF Firewall for them.
     
Previous Thread Next Thread
Loading...

.