Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Network_M
Collaborator

Protection of port 80

I have a web-site facing to public.

3 ports are open in Security Policy: 80/tcp, 443/tcp, 53/udp.

I have redirection on web server from 80 to 443, that is ok.

But there are some scans and potential script executions on port 80.

Firewall shows that scripts as accepted.

IPS is enabled.

 

How to protect port 80? Or is it possible redirect port 80 to 443 on firewall level?

Any valuable advices are appreciated.

Thanks!

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

Plenty of options here depending on what you're trying to achieve including separate offerings such as AppSec.

With that said @Danny  provided some examples previously on things like blocking IoT Scanners / TOR Exit nodes / Geolocation Policy, refer:

https://community.checkpoint.com/t5/Management/HowTo-Block-IoT-scanners-like-Shodan-Censys-Shadowser... 

 

CCSM R77/R80/ELITE
0 Kudos
Network_M
Collaborator

Thank you, but there are so many scanners in the internet, even scriptkiddies can execute scripts.

It will not be solution I think.

0 Kudos
Chris_Atkinson
Employee Employee
Employee

As above if you provide something a little less generic we will probably be better able to guide you.

Not withstanding to get the best out of the available gateway controls HTTPS inspection will be a factor.

CCSM R77/R80/ELITE
0 Kudos
Network_M
Collaborator

Can HTTPS inspection control port 80? It is not encrypted port.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events