Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: bakedjake
1) what should I do to unblock both ports, but allow access to only 1 remote IP address. Ive seen some examples on the internet like this...
iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport 21 -j ACCEPT
If this doesnít work. what else can I try, bearing in mind that when I look at the IPTables rules through 1and1 control panel (not plesk), it says that port 21 is accepting everything for anyone and port 22 isnít listed.?
Hope Iíve made sense, thanks.
i've just done this myself recently using ssh, i imstalled shorewall which i used to configure iptables, i struggled for a bit but it turned out to be quite simple, there are comprehensive configuration tutorials on the shorewall site, if you are a stand alone server with the firewall on the server you only need one zone: net (the internet)
i know this isn't what you asked but it could be another route for you if you remain stuck
I'd recommend moving SSH to a different port, in any case, if for no other reason than to de-clutter your log file. By moving SSH to a different port, you will eliminate 99% of SSH attempts, which are primarily script-kiddies.
Remember that if you do move SSH to a different port (edit /etc/ssh/ssh_config and/or ~/.ssh/config) you need to configure your SSH client(s) to use the alternate port.
It's useful to disable password login through SSH. Use keys instead.
If you do not have a firewall, make sure to configure MySQL to bind only to localhost! If you want to use remote MySQL management tools, you can tunnel through SSH.
A firewall is still useful, even if everything is "locked down". (Define "locked down"...) You can run scripts that will detect certain intrusion attempts, and dynamically alter firewall rules to block the suspected intruder(s). A firewall can also be useful for blocking unwanted search-engine crawlers without imposing any load on your webserver.