The pfSense Store

Author Topic: Best Security on WAN to DMZ  (Read 108 times)

0 Members and 1 Guest are viewing this topic.

Offline soloam

  • Full Member
  • ***
  • Posts: 124
  • Karma: +1/-1
    • View Profile
Best Security on WAN to DMZ
« on: December 05, 2017, 11:40:02 am »
Hello, I have a webserver and some services running on a DMZ network that I have open to the WAN side. I have HAProxy running to map my DNS to the proper service, all is acceded by port 443.

So I have the services mapped on the HAProxy and I have HAProxy bound to port 443 on the WAN network.

I made a pass rule on WAN 443 to allow traffic. Is this secure?

Rule
Action: Pass
Interface: WAN
Address Family: IPv4
Protocol: TCP
Source: <My Country IP>
Destination: WAN address 443

How can I harden the security?

Thank You