I have asked the AI whether CSF can be used to better secure the attacked port 8090. My idea is that only I am allowed to access port 8090 from my IP. Anyone else (other IP) who even touches the port 8090 should immediately be completely blocked with their IP for my server. The AI says it works. But I haven’t tried it yet. What do you think?
Step 1: Allow Access to Port 8090 for a Specific IP
- Open the CSF allow configuration file by entering:
sudo nano /etc/csf/csf.allow
- Add the IP address that should have access to port 8090 in the following format:
tcp:in:d=8090:s=<YOUR_IP_ADDRESS>
Replace<YOUR_IP_ADDRESS>
with the IP you want to allow. - Save and close the file.
Step 2: Block All Other Access to Port 8090
- Open the main CSF configuration file by typing:
sudo nano /etc/csf/csf.conf
- Find the line for TCP_IN ports and make sure port 8090 is not open for general access.
- Enable automatic blocking of any IP that tries to access port 8090 by setting:
BLOCK_REPORT = "1"
This setting automatically blocks and reports any IP attempting access to port 8090.
- Set up a permanent automatic block for IPs with repeated unauthorized attempts:
LF_TRIGGER_PERM = "1"
Step 3: Restart the Firewall
Restart CSF to apply the settings with sudo csf -r
.
Note
Only the specified IP address will be allowed access to port 8090. All other IP addresses attempting access on this port will be automatically and permanently blocked.