{"id":309,"date":"2024-10-22T21:18:20","date_gmt":"2024-10-22T21:18:20","guid":{"rendered":"https:\/\/bestresellerhosting.in\/blog\/?p=309"},"modified":"2024-10-22T21:18:22","modified_gmt":"2024-10-22T21:18:22","slug":"common-firewall-rules-set-up-in-cpanel","status":"publish","type":"post","link":"https:\/\/bestresellerhosting.in\/blog\/common-firewall-rules-set-up-in-cpanel\/","title":{"rendered":"Common Firewall Rules to Set Up in cPanel for Enhanced Security"},"content":{"rendered":"\n<p>Firewall Rules &#8211; In today&#8217;s digital world, securing your web server is more crucial than ever, especially with the constant rise of cyber threats. If you&#8217;re using cPanel to manage your server, a firewall plays a key role in defending your system against unauthorized access and malicious activity. But knowing which firewall rules to set up can be daunting, especially if you&#8217;re new to server management. In this post, we&#8217;ll break down the <strong>common firewall rules<\/strong> you should configure in cPanel to protect your server from common vulnerabilities.<\/p>\n\n\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#why-set-up-firewall-rules-in-c-panel\">Why Set Up Firewall Rules in cPanel?<\/a><ul><li><a href=\"#1-block-unnecessary-ports\">1. Block Unnecessary Ports<\/a><\/li><li><a href=\"#2-enable-ip-whitelisting-and-blacklisting\">2. Enable IP Whitelisting and Blacklisting<\/a><\/li><li><a href=\"#3-limit-ssh-access\">3. Limit SSH Access<\/a><\/li><li><a href=\"#4-protect-against-d-do-s-attacks\">4. Protect Against DDoS Attacks<\/a><\/li><li><a href=\"#5-block-ping-icmp-requests\">5. Block Ping (ICMP) Requests<\/a><\/li><li><a href=\"#6-geo-blocking\">6. Geo-Blocking<\/a><\/li><li><a href=\"#7-rate-limiting-login-attempts\">7. Rate Limiting Login Attempts<\/a><\/li><li><a href=\"#8-enable-mod-security-for-web-application-firewall-waf\">8. Enable ModSecurity for Web Application Firewall (WAF)<\/a><\/li><\/ul><\/li><li><a href=\"#conclusion\">Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why-set-up-firewall-rules-in-c-panel\">Why Set Up Firewall Rules in cPanel?<\/h2>\n\n\n\n<p>A firewall acts as a gatekeeper between your server and the internet. It filters incoming and outgoing traffic based on predetermined security rules. When properly configured, a firewall in cPanel can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Block unauthorized access<\/strong> to specific ports or services.<\/li>\n\n\n\n<li><strong>Mitigate brute-force attacks<\/strong> on login pages.<\/li>\n\n\n\n<li><strong>Limit access<\/strong> to specific IP ranges, increasing overall security.<\/li>\n\n\n\n<li><strong>Prevent DDoS attacks<\/strong> by detecting and dropping malicious traffic.<\/li>\n<\/ul>\n\n\n\n<p>Now, let\u2019s look at the most critical firewall rules to set up in your <a href=\"https:\/\/cpanel.net\" rel=\"nofollow noopener\" target=\"_blank\">cPanel environment<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1-block-unnecessary-ports\"><strong>1. Block Unnecessary Ports<\/strong><\/h3>\n\n\n\n<p>By default, many ports remain open on a web server for communication. However, leaving unnecessary ports open can expose your server to security threats. Here\u2019s a list of important ports to allow or block:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Allow:<\/strong> Essential ports like 80 (HTTP), 443 (HTTPS), 21 (FTP), and 22 (SSH). Ensure that only services you actually use are accessible.<\/li>\n\n\n\n<li><strong>Block:<\/strong> All other unused ports, such as 23 (Telnet), 1433 (SQL Server), and 3306 (MySQL, unless you need remote database access). This reduces the attack surface of your server.<\/li>\n<\/ul>\n\n\n\n<p><strong>Tip:<\/strong> Tools like ConfigServer Security &amp; Firewall (CSF) in cPanel make it easy to manage and block unused ports.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2-enable-ip-whitelisting-and-blacklisting\">2. <strong>Enable IP Whitelisting and Blacklisting<\/strong><\/h3>\n\n\n\n<p>IP whitelisting and blacklisting are critical for managing who can access your server:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IP Whitelisting:<\/strong> Add trusted IP addresses (e.g., your office network or developers&#8217; IPs) to allow them unrestricted access to sensitive services like SSH or WHM.<\/li>\n\n\n\n<li><strong>IP Blacklisting:<\/strong> Block known malicious IPs or ranges of IPs that have attempted suspicious activity on your server.<\/li>\n<\/ul>\n\n\n\n<p>This rule helps prevent brute-force attacks by limiting the number of people who can access login pages like cPanel, WHM, or SSH.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"3-limit-ssh-access\">3. <strong>Limit SSH Access<\/strong><\/h3>\n\n\n\n<p>SSH is a powerful protocol for remote server management, but it&#8217;s also a common target for hackers. To secure SSH, configure the following firewall rules:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Allow SSH Access Only from Trusted IPs:<\/strong> Restrict SSH access to your server by allowing it only from known, trusted IP addresses. This rule prevents unauthorized users from trying to log in.<\/li>\n\n\n\n<li><strong>Change Default SSH Port:<\/strong> Moving the SSH port from the default (22) to a custom port can help evade automated attacks.<\/li>\n\n\n\n<li><strong>Set Connection Limits:<\/strong> Limit the number of simultaneous connections or restrict login attempts within a specific timeframe to prevent brute-force attacks.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"4-protect-against-d-do-s-attacks\">4. <strong>Protect Against DDoS Attacks<\/strong><\/h3>\n\n\n\n<p>Distributed Denial of Service (DDoS) attacks are designed to overwhelm your server with traffic, causing downtime. To protect against DDoS attacks, implement these firewall rules:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Limit Connection Rate:<\/strong> Set a rate limit for incoming traffic to drop suspicious requests that exceed a predefined limit. This can prevent attackers from flooding your server with fake requests.<\/li>\n\n\n\n<li><strong>Enable SYN Flood Protection:<\/strong> This rule helps guard against SYN flood attacks, a common type of DDoS, by limiting the number of partially open connections.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"5-block-ping-icmp-requests\">5. <strong>Block Ping (ICMP) Requests<\/strong><\/h3>\n\n\n\n<p>Ping (ICMP) requests are often used by attackers to discover open servers and potential vulnerabilities. If your server doesn\u2019t need to respond to pings, block ICMP requests using your firewall:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Disable Incoming ICMP Traffic:<\/strong> This prevents your server from responding to &#8220;ping&#8221; requests and reduces the chances of being targeted by network scans or attacks like <a href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_Control_Message_Protocol\" rel=\"nofollow noopener\" target=\"_blank\">ICMP<\/a> flood.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"813\" height=\"420\" src=\"https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image.png\" alt=\"Firewall Rules\" class=\"wp-image-310\" srcset=\"https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image.png 813w, https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-300x155.png 300w, https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-768x397.png 768w\" sizes=\"auto, (max-width: 813px) 100vw, 813px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"6-geo-blocking\">6. <strong>Geo-Blocking<\/strong><\/h3>\n\n\n\n<p>If your website or business only serves customers in specific regions, you can enhance security by blocking traffic from countries or regions known for high levels of cybercrime:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Block Entire Countries:<\/strong> Use geo-blocking to restrict traffic from regions where you don&#8217;t have customers. For example, if you serve only U.S. customers, you can block traffic from other continents.<\/li>\n\n\n\n<li><strong>Allow Only Specific Countries:<\/strong> Alternatively, you can allow traffic only from countries where your primary user base is located.<\/li>\n<\/ul>\n\n\n\n<p>This strategy is particularly useful for preventing automated attacks originating from abroad.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"7-rate-limiting-login-attempts\">7. <strong>Rate Limiting Login Attempts<\/strong><\/h3>\n\n\n\n<p>Brute-force attacks target login pages like cPanel, FTP, and <a href=\"https:\/\/wordpress.com\/\" rel=\"nofollow noopener\" target=\"_blank\">WordPress admin<\/a> areas. One effective way to mitigate this risk is by limiting the number of login attempts:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Set Login Attempt Limits:<\/strong> After a certain number of failed login attempts, temporarily block the IP address from which the login attempts originated. This can help fend off bots trying to guess credentials.<\/li>\n<\/ul>\n\n\n\n<p>Tools like <strong>CSF<\/strong> in cPanel make it easy to enforce this rule.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"8-enable-mod-security-for-web-application-firewall-waf\">8. <strong>Enable ModSecurity for Web Application Firewall (WAF)<\/strong><\/h3>\n\n\n\n<p>While firewalls protect your server\u2019s network, a Web Application Firewall (WAF) like <strong><a href=\"https:\/\/modsecurity.org\/\" rel=\"nofollow noopener\" target=\"_blank\">ModSecurity<\/a><\/strong> adds another layer of protection by filtering HTTP requests:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Block SQL Injections and XSS Attacks:<\/strong> ModSecurity detects and blocks suspicious activity like SQL injections or cross-site scripting (XSS), preventing hackers from exploiting vulnerabilities in your web applications.<\/li>\n\n\n\n<li><strong>Real-time Traffic Monitoring:<\/strong> Monitor incoming traffic for common attack patterns and block them before they reach your web applications.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"823\" height=\"242\" src=\"https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-1.png\" alt=\"\" class=\"wp-image-311\" srcset=\"https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-1.png 823w, https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-1-300x88.png 300w, https:\/\/bestresellerhosting.in\/blog\/wp-content\/uploads\/2024\/10\/image-1-768x226.png 768w\" sizes=\"auto, (max-width: 823px) 100vw, 823px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"conclusion\">Conclusion<\/h2>\n\n\n\n<p>Setting up the right firewall rules in cPanel is essential for maintaining the security of your <a href=\"https:\/\/bestresellerhosting.in\/vps-server-hosting.html\">web server<\/a>. By blocking unnecessary ports, whitelisting trusted IPs, protecting against DDoS attacks, and using tools like ModSecurity and CSF, you can significantly reduce the risk of unauthorized access and cyberattacks.<\/p>\n\n\n\n<p>Remember, configuring a firewall is not a one-time task. Regularly review and update your firewall rules to address new security challenges and ensure that your server remains secure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Firewall Rules &#8211; In today&#8217;s digital world, securing your web server is more crucial than ever, especially with the constant rise of cyber threats. If you&#8217;re using cPanel to manage your server, a firewall plays a key role in defending your system against unauthorized access and malicious activity. But knowing which firewall rules to set [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":312,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-309","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/posts\/309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/comments?post=309"}],"version-history":[{"count":1,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/posts\/309\/revisions"}],"predecessor-version":[{"id":313,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/posts\/309\/revisions\/313"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/media\/312"}],"wp:attachment":[{"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/media?parent=309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/categories?post=309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bestresellerhosting.in\/blog\/wp-json\/wp\/v2\/tags?post=309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}