This article outlines the steps to disable Web Admin and User Portal access from the WAN zone. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
As a general best security practice to reduce attack surface wherever possible, Sophos recommends disabling HTTPS admin services on the WAN interface. If the User Portal is not being used, Sophos also recommends deactivating this service on the WAN as well.
Note: If you currently rely on WAN-based Admin services, we recommend you have configured one of the following BEFORE deactivating these services in order to ensure you maintain access to these devices:
Note: Disabling the User Portal does not affect the operation of SSL VPN and does not require re-distribution of SSLVPN installers etc.
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.