Block port 443: safe or not?

[klasje]

Hi,

I just noticed my httpd service used 1 gig of RAM.
Apparantly there was one ip (208.76.244.50), having a lot of connections:
tcp 97 0 my_ip:53403 208.76.244.50:443 CLOSE_WAIT
tcp 4185 0 my_ip:56350 208.76.244.50:443 CLOSE_WAIT
tcp 0 0 my_ip:60502 208.76.244.50:443 ESTABLISHED

I blocked this IP and the issue was solved.

BUT:
All connections seemed to be on port 443.
Since I do not host a https website, can't I just completely block all connections on port 443 in debian?
This to prevent this https ddos to happen again.

Is it smart to close port 443?

Thank you very much!

 

[zEitEr]

Hello,

If you don't run any site on HTTPS, then you might want to disable the port in apache (and directadmin un-check it in packages details) and for you sure additionally you might want to block incoming 443 port with a firewall.

 

[klasje]

Hi,

Since I block port 443 in the firewall, my Directadmin license file will not update anymore.
My vps provider requires me to monthly update the license file.
Currently my DA license file is in graced state.

Any way on how to bypass this?

Thank you

 

[zEitEr]

Hello,

You should not block outgoing traffic to TCP:443, but only incoming.