How to Set Up a Proper Firewall Rule Set

Posted 1.21.10 by

Here is Online Tech’s quick tips on how to setup a proper firewall rule set:

  1. Limit your server management ports (RDP: 3389 and SSH: 22) to your office subnet or a VPN connection.  The first and easiest way for someone to hack your managed dedicated server is for them to be able to RDP or SSH to your server and start bashing usernames and passwords.  If you limit RDP or SSH just to your office they won’t even have a chance to try to login to your server.
  2. Secure all database connections to specific IPs that NEED to connect.  Another way for people to gain access to your equipment is if they can access your DB servers.  They can steal your information, alter it or even delete it.  Make sure any SQL, MySQL, or other DB servers can only be reached by IP Addresses you trust.
  3. Review your firewall rules to make sure you don’t have a port open that you used to use but now you no longer use it.  Also check who can connect through certain ports, maybe you had a contractor helping with website development and should remove his ip range to your server after his work is done.
  4. Try to limit rules that allow anyone to access a port.  Certain ports like Http, Https have to be open for all, but maybe only certain clients should have FTP or SFTP access.
  5. If in doubt, you can always ask. If you explain to your provider what you are trying to accomplish, who needs to be able to access certain ports and they might be able to help design your firewall rule set with you.

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get in touch with an Otava Rep today – just provide us with a bit of information below to get started and we’ll reach out to you shortly!