How to force SFTP access only

Seems like the my only security hole left to plug is ftp. How do I set Vmin to only allow SFTP connections?

close port 21
inform users through the sent email to use port 22 when you create a domain

ya, I guess that would do it.

thanks for all of your help today ronald.

Ok so how does one close port 21? I’m a bit familiar with the Linux Firewall under Webmin. But am no expert

is it as simple as adding a rule to the IP tables


Destination TCP or UDP port -> equals -> 21


i see a lot of other settings there I do not understand, so I don’t want to shoot my server in the foot. :slight_smile:

I can also as our

I use this:

-A INPUT -p tcp -m tcp --dport ftp -j DROP
not sure if udp needs to be blocked too.

You can set that in the webmin/Linux Firewall module.
Create a new rule.
Action to Take - drop
Network Protocall = TCP
Destination TCP or UDP port enter ftp where you would normally enter a single port number
click save.
click apply configuration

I do not use ftp.
I only use sftp on port 22 and this works for me…