Guide

LanceAbout 1 min

Solo, a lightweight port protection tool.

With Solo, you can make important ports open only to you, thus achieving the effect of hiding ports.

By leveraging the firewall feature provided by cloud service providers, Solo protects ports by modifying the Cidr Block in firewall rules.

Note

Solo only supports the firewall feature of cloud service providers, not the firewall in the server's operating system.

What is Cidr?

CIDR (Classless Inter-Domain Routing) is a method of representing IP ranges, commonly used in cloud server firewall rules.

For example, the format 1.1.1.1 means the firewall rule only applies to this specific IP.

So, if you dynamically update the Cidr Block of the firewall rule for a critical port to your own IP address,

you can effectively make that port accessible only to yourself.

You can manually modify the Cidr Block in your server's firewall to allow important ports only for your IP address.

Assume your IP is 8.8.8.8, then the rule for allowing SSH (port 22) should look like this:

Policy	Priority	Protocol	Port Range	Cidr Block (Source)	Description
Allow	1	TCP	22/22	8.8.8.8	ssh

As you can see, by setting the Cidr Block, access from other IPs to this port is effectively blocked.

You can verify this by using mobile data, proxy servers, and other methods.

However, manually changing firewall rules each time is too much trouble.

What we need is a tool that automates the process of modifying the Cidr Block.

That’s how Solo came to be.

Solo's port protection process mainly includes the following steps:

Retrieve Firewall Rules
Use the cloud provider’s API to fetch the current list of firewall rules for your server.
Filter and Detect
Determine which rules should be managed by Solo based on their comments, and detect if the local IP has changed.
Automatically Update Rules
If an IP change is detected, Solo automatically uses the cloud provider's API to update the Cidr Block of the relevant rules in real time.