Security
#
FirewallThe integrated Firewall in CloudPanel is based on UFW, also known as Uncomplicated Firewall.
Developed to ease iptables firewall configuration, ufw provides a user-friendly way to create an IPv4 or IPv6 host-based firewall.
CloudPanel is being shipped with pre-configured rules to achieve higher security.
Recommendation
For higher security, whitelist the SSH Port (22) for your IPs only. The CloudPanel Port (8443) should only be whitelisted if you have a static ip.

#
Adding a RuleTo add a new Rule, click on the button Add Rule.
Select the Type, enter the Port Range, Source, and Description (optional) and click on Add Rule to apply the firewall rule.

#
Editing a Rule- Click on the Rule you want to edit.

- Edit the Firewall Rule and click on the button Save.

#
Deleting a Rule- Select the Rule you want to remove and click on Delete.

#
Basic AuthIf you don't have a static ip to close port 8443, a Basic Auth in front of CloudPanel is recommended to restrict the access.
#
Enable Basic Auth#
Via Web InterfaceTo enable Basic Auth, click in the left menu on Security and then on the tab Basic Auth.
Enter a User Name and Password and click on Save to enable basic auth.

#
Via Command Line (CLI)To enable Basic Auth via the command line, log in via SSH and execute the following command as the root user.
clpctl cloudpanel:enable:basic-auth --userName='john.doe' --password='password123'
#
Disable Basic Auth#
Via Web InterfaceTo disable Basic Auth, click in the left menu on Security and then on the tab Basic Auth.

#
Via Command Line (CLI)To disable Basic Auth via the command line, log in via SSH and execute the following command as the root user.
clpctl cloudpanel:disable:basic-auth