My computer is connected to a router and I am running a web server. This server is supposed to receive requests only from a specific internet IP address, and not any other one, plus the requests from my own computer. I tried to set this up, and I am still receiving hits, which are probably scanners, robots, zombies, and who knows what.
I tried both ZA and Sygate to block all IPs except one or two, and had better luck with the former. However, I'd like to use Sygate instead. It's smaller and apparentely less confusing. I'll post my settings in both, because I'd like to make both work, just in case
Here are my settings in ZA:
--------------------------------
- Firewall/Main/Internet Zone Security = High (no Custom settings, just default)
- Firewall/Main/Trusted Zone Security = Med (no Custom settings, just default)
I assume the default High settings for the internet zone block incoming at port 80, so I set up an expert rule (explained below). Do I need to adjust also the custom settings?
- Firewall/Zones/Network = 192.168.1.0
- Firewall/Main/Advanced/Security/Internet Conncection Sharing
Here I am confused. If my computer is connected to a router, do I have to check "My computer is in a ICS/NAT gateway" ?
- Firewall/Expert:
----------------------
Here I created one rule:
- State = enabled
- Action= allow
- Source = the internet IP address I only want HTTP requests from.
- Destination = My Computer
- Protocol = TCP / Destination Port: HTTP - 80 / Source Port: HTTP - 80
- Time = Any
Here are my settings in Sygate:
--------------------------------
- Advanced Application Configuration window
-Name of Application: (web server's name)
-Application restrictions / trusted IPs : (the internet IP that I want to give access to)
-Remote server ports; TCP = 80 ; UDP=nothing ; Act as client=checked
-Local ports; TCP = 80 ; UDP=nothing ; Act as server=checked
Allow ICMP traffic = checked
I'd appreciate any help with these settings, because whatever I did, It's not having the results I want. With ZA, the web server still receives requests from unwanted IP addresses, with Sygate, access to the server seems ok, but the server logs don't show there was access (?) That's weird.