Network services
Network services ensure interaction of devices on the network — computers and other active equipment. For example, the sshd service provides connections to the server via SSH, the ihttpd service is responsible for connections to the web server, etc.
In the "Network services" module you can configure:
- access rules for your server's network services;
- protection against network attacks of the "brute force" type using the Fail2ban service.
To work with the module, enter System → Network Services.
Configuring access rules
Viewing the list of network services
The module interface displays the following information:
- Service name — the name of the network service;
- Protocol — the protocol for connecting to the server;
- Ports — the port on which the connection is made.
Adding a rule
To add an access rule to a service, select its name in the list and press Add. Read more about creating rules in Firewall rules.
Configuring the Fail2ban service
The Fail2ban service blocks access to a network service from a specific IP address after a specified number of suspicious connection attempts. For example, if the attacker tries to connect with the wrong password.
In the Fail2ban settings you can configure:
- the number of connection attempts;
- blocking time;
- IP addresses that should not be blocked.
By default, ispmanager applies global Fail2ban parameters to network services. You can also specify individual settings for each service rule.
Global settings
To set global Fail2ban parameters:
- Press the Fail2ban settings button.
- Specify the settings:
- To apply these settings to all created rules, enable the Apply to all rules option.
- Press OK.
Individual service settings
To configure settings for an individual service, select the service from the list → Fail2ban rules button → select the rule → press Edit:
- Select the Enable rule option.
- Specify the settings:
- Press Save.
Rule management
Use the Enable all rules and Disable all rules buttons to enable or disable all Fail2ban rules created for the service.
To enable or disable an individual rule, select the service → Fail2ban rules button → select the rule → press Enable or Disable.