TCP/IP
--
Questions
--
Followers
Top Experts
We got the following error during a PCI scan: TCP Source Port Pass Firewall.
Solution: Ensure all your filtering rules are correct and strict enough. If the firewall intends to deny TCP connections to a specific port, it should be configured to block all TCP SYN packets going to this port, regardless of the source port.
To mitigate this, I added the following rule to Cloudflare firewall:
Field: Hostname
Operator: wildcard
Value: not cf.edge.server_port in {80 443 24567}
I found this online, but it is not working, and I need help setting up the correct rule on Cloudflare.
Please help!
Jorge B.
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
This should be false positive as long as your origin server did not use or need the high port I.e. 24567. The testing should be on the origin server instead of the cloudflare which is more of cloud waf, cdn and ddos mitigation services. The test of cloudflare if intended should revolved ard those security configuration set. You can easily googled that this finding is intended hence not NC per se as false positive if the test dis not pass when going directly to the origin.
Thank you. I still have to fine tune a rule so it doesn’t block my own server, but I’ll open another question about that.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
TCP/IP
--
Questions
--
Followers
Top Experts
Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.