Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    secure web and ssh server

    Scheduled Pinned Locked Moved
    Firewalling
    2
    3
    165
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrjoli021
      last edited by

      I currently host my own gitlab server. This server is publicly accessible because I have clients from all over connecting to it pushing or pulling code that I develop from them. I have the server publicly limited to 443 and 22. No other protocol or port is allowed. I also have the same thing on the linux side. I know gitlab itself has its own security best practices which I am following, but that is on the linux side. The server is only allowed access to pre-registered clients as well as only ssh keys are allowed. My question is, does PFSense have a rate limit or throttling mechanism that would detect a large amount of traffic on 443 or 22 and block that IP for X time, sort of like fail2ban does? Does PFSense have something similar?

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @mrjoli021
        last edited by

        @mrjoli021
        Maybe….
        https://docs.netgate.com/pfsense/en/latest/firewall/configure.html#maximum-state-entries-this-rule-can-create

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        M 1 Reply Last reply Reply Quote 1
        • M
          mrjoli021 @michmoor
          last edited by

          @michmoor Perfect. That is what I was looking for. Thx

          1 Reply Last reply Reply Quote 1
          • First post
            Last post