Internal Web Server: how to protect with pfBlockerNG

prx · Sep 2, 2019, 3:29 PM

Hi,

first of all I'm sorry for my poor English.

I have a couple 4 Servers (Debian + Nginx + PHP7.3 + Magento) behind pfSense and I'd like to increase protection of these Web Servers with pfBlockerNG-devel. How can I do it? I have read a little and, if I understood well, I have to use the section under Feeds to add lists of IPv4 that must be blocked. Now the question is: which one I have to select or can you advice me with some other lists to add in IPv4 tab?

Thank you very much

dragoangel · Sep 2, 2019, 11:20 PM

Main question: what defend you try to achieve? You try restriction outgoing connections or incoming or both?
Is this servers are accessible from public internet? If - yes, then: what services you put on internet? Based on this you could get a list of bad guys abusing this and only this services. Such list can be get from many places. Use pfBlocker devel package - it newer and recommend release. It have build in some lists though... But aware of false positive. And if you exposed ssh for example, better hide it and simply use VPN, or use only IP white-list to give access to ssh on firewall.

petersmithfvb · Oct 21, 2021, 7:47 AM

@prx can you tell me are you using the Magento 1 version. Since people are migrating their site from Magento 1 to Magento 2. it might be a problem. You can dig into Magento 2 migration.

rakeshdonga · Mar 15, 2023, 9:07 AM

@prx can you let me know if you're using a previous version of Magento 1? That can be a problem for you since users are updating their sites from an earlier version to the most recent version of Magento 2.4.6. You may look into Magento 2 Upgrade.