ClearOS offers Attack Detector but if you have a fixed IP address, you can restrict SSH and / or Webconfig (the web-based admin panel) to a specific IP address.
Below is an example to remove SSH (usually port 22) and Webconfig (port 81) access from default Incoming Firewall (https://example.org:81/app/incoming_firewall) and replace by rules in the Custom Firewall
Be careful not to lock yourself out!
iptables -I INPUT -p tcp --dport 22 -j DROP
iptables -I INPUT -p tcp --source 203.0.113.0 --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 81 -j DROP
iptables -I INPUT -p tcp --source 203.0.113.0 --dport 81 -j ACCEPT
- The order of the rules is important, so in this case, it's block everything, and after, add an exception.
- Rules from the default Incoming Firewall override Custom Firewall rules, so you'll want to disable the SSH and Webconfig rules that are there by default
- Make sure you have activated the rules on the Custom Firewall (you disable a rule instead of deleting)
- You can also use ClearOS as a gateway and VPN server, and thus, you would VPN in to your office, and access the server from there.
- The same idea could be used to restrict a web-based intranet (with port 80 / 443)
- Webconfig (port 81) also offers phpMyAdmin so it's one more reason to restrict access