- Apr 25, 2015
- 1,845
- 2
- 2,199
- 327
This video showcases firewall rules to drop all traffic except SSH and connections to ports 80, 443 from Sucuri's IP ranges.
Reference links
- https://kb.sucuri.net/firewall/Troubleshooting/same-user-ip
- Sign in to Sucuri and click https://waf.sucuri.net/?settings&panel=security
Code:
iptables -P INPUT ACCEPT
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -s 192.88.134.0/23 -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 185.93.228.0/22 -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 66.248.200.0/22 -m multiport --dports 80,443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -m multiport --dports 80,443 -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -L -v