Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using pfSense for website hosting protection

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 4 Posters 1.6k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jimfreeze
      last edited by

      Cloudflare now has a service to protect websites.

      I am looking for a way to protect hosted websites from bad actors.
      I would like to block repeated failed ssh attempts.
      I would also like to block (and restrict the user for a period of time) URL attempts like "POST /api.php".
      Ideally, I would like to block any PHP call.

      Having a pfSense solution for website hosting would be very nice to have.

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Rebel Alliance @jimfreeze
        last edited by

        @jimfreeze An IDS package like Snort or Suricata has rules that can look for things like SSH attempts or other web requests. There isn't a great way to block specific URLs but maybe you can write your own rules if you're really familiar with doing so. I would read up on implementing it in the forum here before jumping in, and not block by default for a while until you can observe what alerts are being triggered.

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • SlaySilverS Offline
          SlaySilver
          last edited by

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • SlaySilverS Offline
            SlaySilver
            last edited by

            This post is deleted!
            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.