Idea to secure Port 8090

I have asked the AI whether CSF can be used to better secure the attacked port 8090. My idea is that only I am allowed to access port 8090 from my IP. Anyone else (other IP) who even touches the port 8090 should immediately be completely blocked with their IP for my server. The AI says it works. But I haven’t tried it yet. What do you think?

Step 1: Allow Access to Port 8090 for a Specific IP

  1. Open the CSF allow configuration file by entering: sudo nano /etc/csf/csf.allow
  2. Add the IP address that should have access to port 8090 in the following format:
    tcp:in:d=8090:s=<YOUR_IP_ADDRESS>
    Replace <YOUR_IP_ADDRESS> with the IP you want to allow.
  3. Save and close the file.

Step 2: Block All Other Access to Port 8090

  1. Open the main CSF configuration file by typing: sudo nano /etc/csf/csf.conf
  2. Find the line for TCP_IN ports and make sure port 8090 is not open for general access.
  3. Enable automatic blocking of any IP that tries to access port 8090 by setting:
  • BLOCK_REPORT = "1"
    This setting automatically blocks and reports any IP attempting access to port 8090.
  1. Set up a permanent automatic block for IPs with repeated unauthorized attempts:
  • LF_TRIGGER_PERM = "1"

Step 3: Restart the Firewall

Restart CSF to apply the settings with sudo csf -r.


Note

Only the specified IP address will be allowed access to port 8090. All other IP addresses attempting access on this port will be automatically and permanently blocked.

However, I fear that all IPs that want to access ANY port that is not explicitly enabled will be blocked immediately. The question is: Is this a problem?

Now I use PSAD togetheer with CSF:

Top scanned TCP ports:

tcp 43 5505
tcp 8090 461

Seems there are a LOT of trials to reach the admin port…