Why should you close ports 22 and 3389 with a firewall?

Ports 22 (SSH, Linux) and 3389 (Remote Desktop, Windows) are among the main and critical ports through which the server is managed. A smart practice from the point of view of cyber security is to close public access to these ports with the help of a firewall, with the subsequent opening of access only to a list of allowed IP addresses.

By default, when renting a server from our company, these ports will be closed for public access, and you can open access for your own IP address or other people's IP in literally 1 mouse click in the [server firewall section] .

You can remove the firewall rules that block public access to these ports, after which any Internet participants will be able to connect to the server, including malicious bots, so we recommend opening public access without a good reason, along with understanding the possible consequences. more about them.

Why you should keep ports closed

• Open ports are actively attacked by malicious brute force bots with the aim of finding the administrator's password and gaining control over the server, which may result in the loss of control over the server, including the loss of all data.

• On Windows servers, the open remote desktop port is also actively attacked by brute force bots, only unlike Linux servers, on Windows, the number of remote desktop sessions is limited, and if the bots "use" all free sessions, the remote desktop may stop accepting new ones connection requests and give an error, including the owner of the server.

• Each initiated session on the port, whether it is a living person or a malicious one, even though it is insignificant, but consumes the physical resources of the server - network and software and hardware, the server is forced to process these requests, even if they do not carry any payload.

• Closing these ports allows you to control who exactly has access to the server, because you yourself add the IP to the firewall, which guarantees a much higher level of security.