Firewall modifications are not saved / cant close port 22

dosch · December 12, 2022, 8:35am

Hardware: VPS bought online
YunoHost version: 1.0.10.2 (stable)
I have access to my server : Through SSH | through the webadmin

Description of my issue

I tried to close port 22 in Home/Tools/Firewall on both IPv4 and IPv6.
The webinterface asks me for confirmation (Are you sure you want to close port 22 (protocol: TCP, connection: ipv4) which I confirm
the switch turns red: indicating the port is now closed.
I navigate away from the page
When I return to the page the ports are open and the switch indication is green again.

I can also still connect over ssh, so indeed the port is still open.

Using Firefox 107.0.1 on MacOS 13.0.1 (22A400)

Aleks · December 12, 2022, 2:55pm

Yes, I think there’s a specific bit of code to forbid closing port 22, because that can result in catastrophic consequences (loosing entire server access) if not inadvertently … I think the logic was “if you really want to disable SSH access, not forwarding the SSH port on your router should be enough”

dosch · December 12, 2022, 3:03pm

ah, but then maybe also not offering the option in the webinterface might avoid some confusion…
Also, I do not have access to the router in the datacentre where my VPS lives…

Aleks · December 12, 2022, 3:41pm

Hmyeah clearly I would really advise against disabling port 22 if you’re on a VPS … Like, if for some reasons the webadmin becomes unavailable, this means you’re locked out of your server (unless you have “direct” access through a console from your VPS provider or something)

If your concern is about security, then consider changing the SSH port to some non-default value

dosch · December 12, 2022, 6:31pm

all good, wise and sound advice. Will look into them. Thnx @Aleks!

But please do remove the switch that doesn’t switch

system · January 11, 2023, 6:31pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.