UniqueSoft/openpanel
2
0
Fork 0
mirror of https://github.com/stefanpejcic/openpanel synced 2025-06-26 18:28:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
d1a3612648
openpanel/documentation/docs/admin/security/firewall.md
Stefan Pejcic d1a3612648
Update firewall.md
2024-07-28 20:31:00 +02:00

2.7 KiB
Raw Blame History

sidebar_position
2

Firewall

View and edit firewall rules.

OpenPanel supports both ConfigServer Firewall (CSF) and Uncomplicated Firewall (UFW). By default, CSF is installed, but you can choose to install UFW instead by using the --ufw option during installation.

Based on the installed firewall, the OpenAdmin > Firewall page will display either the ConfigServer Firewall UI or the custom UFW interface.

CSF

If ConfigServer Security & Firewall (CSF) is installed, it's integrated UI will be displayed on OpenAdmin > Firewall.

For instructions on how to use the CSF UI, please refer to ConfigServer Security & Firewall official documentation.

csf firewall

UFW

If Uncomplicated Firewall (UFW) is installed, our custom interface will be displayed on OpenAdmin > Firewall.

openadmin firewall settings

The firewall settings page provides multiple tabs:

  • IPv4 - View and manage IPv4 firewall rules
  • IPv6 - View and manage IPv6 firewall rules
  • Settings - Manage UFW settings
  • Blacklists - Enable/disable blaklists
  • Logs - view the UFW service log

View existing rules

The table shows firewall rules, showcasing information such as rule ID, action, ports, source/destination IP, and the username of the user utilizing the port. For IPv6 rules, navigate to the IPv6 tab.

openadmin firewall ipv6 rules

Add Rules

To create a new rule click on the 'Add Rule' button and in the modal choose 'ALLOW' to allow the IP address or port, and 'DENY' to block access for IP address or port.

openadmin firewall add rule

Delete Rules

To delete a rule click on the 'Delete' link next to it, and in the confirmaiton modal click on 'Delete' button.

openadmin firewall delete rule

Settings

Blacklists

openadmin_ufw_blacklists.png

--skip-blacklists

View logs

For logs, navigate to the 'Logs' tab.

openadmin firewall logs

External Firewall

Some cloud providers, like Hetzner, offer their own external firewalls. If you are using an external firewall, ensure the following ports are open for OpenPanel services to be accessible: 53 80 443 2083 2087 32768:60999

If you are using a custom port for OpenPanel instead of the default 2083, ensure that port is open as well.

Restart rules

To re-open all necessary ports for OpenPanel services and users, run the command: opencli firewall-reset