Want more timely Centmin Mod News Updates?
Become a Member

Install Strict Firewall/ Client has hardware firewall default DROP

Discussion in 'Install & Upgrades or Pre-Install Questions' started by EckyBrazzz, Nov 1, 2019.

Tags:
  1. EckyBrazzz

    EckyBrazzz Active Member

    867
    182
    43
    Mar 28, 2018
    >>>>Click here<<<< i'm nearby......
    Ratings:
    +333
    Local Time:
    8:39 PM
    Latest
    Latest
    Hi there,

    I need to know the ports for Centmin to keep working correct. Bumped into a situation with a setup that has a hardware firewall with everything as default "DROP" connection. (IN & OUT)

    Now I have quickly setup port 53, 80 (for domains with nothing and changed the default index.html to maintainance.html in the /nginx/html), 443 and a different SSH port with only access to some IP's.

    There are a lot of them in the /etc/csf/csf.conf but should I set all these IPv4 & IPv6??

    They want a secure environment, even without FTP.
     
  2. eva2000

    eva2000 Administrator Staff Member

    44,425
    10,144
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,693
    Local Time:
    9:39 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  3. EckyBrazzz

    EckyBrazzz Active Member

    867
    182
    43
    Mar 28, 2018
    >>>>Click here<<<< i'm nearby......
    Ratings:
    +333
    Local Time:
    8:39 PM
    Latest
    Latest
    @eva2000 Thx, did not know that there were so many ports. But will only use several.
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,425
    10,144
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,693
    Local Time:
    9:39 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    The end of post listing isn't all the ports that is used but what ports may be used for services/software too. The mentioned bare number of ports is in the linked post though and close to what Centmin Mod LEMP stack defaults to. Have to weigh up convenient vs know how. Otherwise, if you lock down too many ports, folks who are noobs will just have no idea why software they install post-Centmin Mod install don't work because they haven't configured CSF Firewall for them.