Get the most out of your Centmin Mod LEMP stack
Become a Member

CSF Keep only the important ports

Discussion in 'Other Centmin Mod Installed software' started by pamamolf, May 16, 2016.

  1. pamamolf

    pamamolf Well-Known Member

    2,500
    229
    63
    May 31, 2014
    Ratings:
    +390
    Local Time:
    10:58 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    Hi

    On my server i do not use any remote services and i am thinking to try to keep only the basic ports open...

    So which ports do you recommend me to use?

    Code:
    # Allow incoming TCP ports
    TCP_IN = "20,21,1021,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,3000,3334,8080,8888,81,9312,9418,6081,6082,30865,30001:50011"
    
    # Allow outgoing TCP ports
    TCP_OUT = "993,995,465,587,1110,1194,9418,20,21,22,25,53,80,110,113,443,587,993,995"
    
    # Allow incoming UDP ports
    UDP_IN = "67,68,1110,33434:33534,20,21,53"
    
    # Allow outgoing UDP ports
    # To allow outgoing traceroute add 33434:33523 to this list
    UDP_OUT = "67,68,1110,33434:33534,20,21,53,113,123"
    I am thinking of keeping :

    Tcp in and out : web 80 phpmyadmin 9418 ftp 21 ssh 22(for example) ssl 443 ?
    Udp: don't know if any service use any port....
     
  2. eva2000

    eva2000 Administrator Staff Member

    28,989
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    5:58 PM
    Nginx 1.13.x
    MariaDB 5.5
    • Agree Agree x 1
  3. pamamolf

    pamamolf Well-Known Member

    2,500
    229
    63
    May 31, 2014
    Ratings:
    +390
    Local Time:
    10:58 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    One last question :)

    Is CT_LIMIT useless when use Cloudflare as it doesn't read real user's ip's from nginx log file?
     
  4. eva2000

    eva2000 Administrator Staff Member

    28,989
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,767
    Local Time:
    5:58 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes when behind any reverse proxy like Cloudflare, Sucuri, Incapula etc
     
    • Informative Informative x 1