Control Web Panel
Security => CSF Firewall => Topic started by: goodbot on March 30, 2020, 04:03:13 PM
-
I'm setting up my FireWall whitelist and I'm thinking it might be a good idea to explicitly allow in all CWP Support IPs...
but I can't find this suggestion or info mentioned anywhere.
Should I do this... or does CWP Support have some other way into my box around my firewall?
Note: I'm intending on closing down all ports besides 80 & 443 for public access, but I'll allow my home IP full access (via the WhiteList) - this is where I'm thinking that CWP Support should also share this same open access as me.
Correct?
-
I'm setting up my FireWall whitelist and I'm thinking it might be a good idea to explicitly allow in all CWP Support IPs...
but I can't find this suggestion or info mentioned anywhere.
I think you should check out:cat /scripts/install_supportKey
;)
-
Excellent! The script takes a more comprehensive approach than my simply manually adding in the IP to the csf whitelist...
... looking through the script, I have an issue with CWP using "root" to sign-in to my server... I'd much prefer them using a user name with an ssh key combo that I assign them... this name either being in the wheel group, or requiring/allowing this user to su. This creates a clearer log record of who's doing what when, etc. A separate issue for a separate post...
But now they're in my whitelist... great... thank you!
(Maybe I need to start looking through all this other big content in this /scripts folder - are these scripts documented anywhere else?)