Add an Auto Defense Rule
Auto defense rules are used to prevent massive connection attempts or brute force attacks. This topic describes how to add an auto defense rule.
Procedure
- Log in to PBX web portal, go to Add. , click
- In the Name field, enter a name to help you identify the rule.
- In the Defense Object section, configure relevant
settings of the defense object.
- Service/Port Range: Set whether the rule is
applied to a specific service or a port range.
- Service: Select a service from the
drop-down list. The defense rule will be applied to the
service and the service port.Note: The port follows the setting in Service Ports ( ).
- Port Range: Set a port range.
- Service: Select a service from the
drop-down list. The defense rule will be applied to the
service and the service port.
- Protocol: Choose a protocol to which the rule
is applied.
- UDP
- TCP
- BOTH: Both UDP and TCP.
- Number of IP Packets: The number of IP packets permitted within a specific time period.
- Time Interval (s): The time interval to
receive IP Packets.
For example, Number of IP Packets is 90 and Time Interval (s) is 60; The PBX will block the IP that sends more than 90 IP packets in 60 seconds.
- Service/Port Range: Set whether the rule is
applied to a specific service or a port range.
- Click Save.
Result
When a source address sends packets over the limit within the specified time period,
the followings can be achieved:
- The PBX blocks the IP address. You can check the details in Blocked IPs.
- If you have enabled notification for Auto Defense IP Blocked Out event, the PBX will give you a pop-up reminder on the web interface, and notify you via a specific method.