3CX DLL-Sideloading attack: What you need to know

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remove 'Allow any/any' rule

We have an UTM9 firewall running. The two last firewall rules are:

  • rule 17: Allow any/any (Default Allow rule)
  • rule 18: Drop any/any  (Default drop rule)

I want to remove the 'allow any/any' rule as it defeats previous, more specific 'allow' rules in the firewall.

Before doing that, I want to be absolutely sure that, when removing the 'allow any/any' rule, I don't lock myself out on the WebAdmin access.

I will be performing the change from a network that is in the 'Allowed Networks' in the General WebAdmin settings. Is that enough? Do these networks always have access to the WebAdmin even though there is no firewall rule that allows this traffic?


This thread was automatically locked due to age.