{"id":1027,"date":"2021-11-18T08:56:37","date_gmt":"2021-11-18T01:56:37","guid":{"rendered":"https:\/\/vietserver.vn\/blog\/?p=1027"},"modified":"2021-11-18T08:56:37","modified_gmt":"2021-11-18T01:56:37","slug":"huong-dan-gioi-han-ip-ket-noi-toi-vps-servers-de-bao-mat","status":"publish","type":"post","link":"https:\/\/vietserver.vn\/blog\/huong-dan-gioi-han-ip-ket-noi-toi-vps-servers-de-bao-mat\/","title":{"rendered":"H\u01b0\u1edbng d\u1eabn gi\u1edbi h\u1ea1n IP k\u1ebft n\u1ed1i t\u1edbi VPS\/Servers \u0111\u1ec3 b\u1ea3o m\u1eadt."},"content":{"rendered":"<p><strong>L\u01b0u\u00a0\u00fd:\u00a0\u0110\u00e2y l\u00e0 c\u00e1ch b\u1ea3o m\u1eadt VPS tuy\u1ec7t\u00a0\u0111\u1ed1i nh\u01b0ng kh\u00e1 l\u00e0 h\u1ea1n ch\u1ebf. N\u1ebfu kh\u00f4ng ch\u1eafc ch\u1eafn\u00a0\u0111\u1ecba ch\u1ec9 IP c\u1ee7a b\u1ea1n c\u1ed1\u00a0\u0111\u1ecbnh, ho\u1eb7c\u00a0kh\u00f4ng c\u00f3 IP d\u1ef1 ph\u00f2ng. Vui l\u00f2ng kh\u00f4ng th\u1ef1c hi\u1ec7n tr\u00e1nh tr\u01b0\u1eddng h\u1ee3p m\u1ea5t quy\u1ec1n truy c\u1eadp khi\u00a0\u0111\u1ecba ch\u1ec9 IP thay\u00a0\u0111\u1ed5i.<\/strong><\/p>\n<p><strong>Ch\u00e0o c\u00e1c b\u1ea1n,<\/strong><\/p>\n<p>\u0110\u1ec3 b\u1ea3o m\u1eadt VPS\/Server th\u00ec c\u00f3 r\u1ea5t nhi\u1ec1u c\u00e1ch. M\u1ed9t trong s\u1ed1\u00a0\u0111\u00f3 l\u00e0 thay\u00a0\u0111\u1ed5i user v\u00e0 port m\u1eb7c \u0111\u1ecbnh m\u00e0\u00a0Vietserver\u00a0\u0111\u00e3 gi\u1edbi thi\u1ec7u <a href=\"..\/..\/..\/..\/huong-dan\/huong-dan-bao-mat-vps.html\" target=\"_blank\" rel=\"noopener\"><strong>\u1edf \u0111\u00e2y<\/strong><\/a><br \/>\nVietserver s\u1ebd h\u01b0\u1edbng d\u1eabn th\u00eam c\u00e1c b\u1ea1n c\u00e0i\u00a0\u0111\u1eb7t gi\u1edbi h\u1ea1n <strong>ch\u1ec9 1 ho\u1eb7c nhi\u1ec1u \u0111\u1ecba ch\u1ec9 IP \u0111\u01b0\u1ee3c ch\u1ec9 \u0111\u1ecbnh<\/strong>\u00a0c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o VPS. C\u00e1ch b\u1ea3o m\u1eadt n\u00e0y \u0111\u1ea3m b\u1ea3o tuy\u1ec7t \u0111\u1ed1i an to\u00e0n cho VPS, v\u00ec n\u1ebfu c\u00f3 b\u1ecb l\u1ed9 t\u1ea5t c\u1ea3 c\u00e1c th\u00f4ng tin nh\u01b0ng kh\u00f4ng truy c\u1eadp t\u1eeb IP ch\u1ec9\u00a0\u0111\u1ecbnh th\u00ec c\u0169ng kh\u00f4ng th\u1ec3 login v\u00e0o VPS\u00a0\u0111\u01b0\u1ee3c.<\/p>\n<p><strong>C\u00e1c y\u00eau c\u1ea7u tr\u01b0\u1edbc khi c\u00e0i \u0111\u1eb7t:<\/strong><\/p>\n<ul>\n<li>\u0110\u1ea3m b\u1ea3o r\u1eb1ng <strong>\u0111\u1ecba ch\u1ec9 IPv4 c\u1ee7a b\u1ea1n s\u1eed d\u1ee5ng l\u00e0 c\u1ed1 \u0111\u1ecbnh<\/strong> (v\u00ed d\u1ee5 g\u00f3i c\u01b0\u1edbc c\u00e1p quang IP t\u0129nh, \u0111\u1ecba ch\u1ec9 c\u1ee7a 1 VPS\/Server kh\u00e1c&#8230;). <span style=\"color: #ff0000;\"><strong>N\u1ebfu IP b\u1ecb thay \u0111\u1ed5i, m\u00e1y t\u00ednh c\u1ee7a b\u1ea1n s\u1ebd kh\u00f4ng th\u1ec3 k\u1ebft n\u1ed1i t\u1edbi VPS.<\/strong><\/span><\/li>\n<li>N\u00ean c\u1ea5u h\u00ecnh th\u1eed tr\u00ean VPS m\u1edbi kh\u00f4ng c\u00f3 d\u1eef li\u1ec7u (\u0110\u1ec3 l\u1ee1 c\u00f3 sai th\u00ec c\u00f3 th\u1ec3 c\u00e0i \u0111\u1eb7t l\u1ea1i H\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 l\u00e0m l\u1ea1i). Khi \u0111\u00e3 th\u00e0nh th\u1ea1o th\u00ec m\u1edbi b\u1eaft \u0111\u1ea7u c\u1ea5u h\u00ecnh tr\u00ean VPS \u0111\u00e3 c\u00f3 d\u1eef li\u1ec7u.<\/li>\n<\/ul>\n<p><strong>B\u01b0\u1edbc 1:<\/strong> C\u00e1c b\u1ea1n ki\u1ec3m tra \u0111\u1ecba ch\u1ec9 IPv4 c\u1ee7a m\u00e1y t\u00ednh m\u00ecnh. L\u01b0u \u00fd, n\u00f3 l\u00e0 \u0111\u1ecba ch\u1ec9 IP Public c\u1ee7a nh\u00e0 m\u1ea1ng cung c\u1ea5p ch\u1ee9 kh\u00f4ng ph\u1ea3i \u0111\u1ecba ch\u1ec9 LAN local. \u0110\u1ec3 ki\u1ec3m tra \u0111\u1ecba ch\u1ec9 IPv4 b\u1ea1n \u0111ang s\u1eed d\u1ee5ng, c\u00e1c b\u1ea1n truy c\u1eadp v\u00e0o: <a href=\"https:\/\/whoer.net\/\">https:\/\/whoer.net\/<\/a>\u00a0. V\u00ed d\u1ee5,\u00a0\u1edf\u00a0\u0111\u00e2y m\u00ecnh check\u00a0\u0111\u01b0\u1ee3c\u00a0\u0111\u1ecba ch\u1ec9 c\u1ee7a m\u00ecnh l\u00e0 <strong>14.177.27.151<\/strong><\/p>\n<p style=\"text-align: center;\"><a href=\"..\/..\/..\/..\/storage\/uploads\/2020-07-08\/capture_size_605x199.PNG\" data-rel=\"penci-gallery-image-content\"  target=\"_blank\" rel=\"noopener\"><img title=\"capture\" src=\"..\/..\/..\/..\/storage\/uploads\/2020-07-08\/capture_size_605x199.PNG\" alt=\"capture\" \/><\/a><\/p>\n<p style=\"text-align: center;\">\n<p style=\"text-align: left;\"><strong>B\u01b0\u1edbc 2:<\/strong> V\u00e0o VPS\/Server m\u1edf Powershell, tr\u01b0\u1edbc khi paste v\u00e0 enter\u00a0\u0111o\u1ea1n script b\u00ean d\u01b0\u1edbi,\u00a0c\u00e1c b\u1ea1n h\u00e3y\u00a0\u0111i\u1ec1n IP v\u00e0o\u00a0<span style=\"color: #0000ff;\">&#8220;<span style=\"color: #ff0000;\"><strong>IP C\u1ee6A B\u1ea0N<\/strong><\/span>&#8220;.\u00a0<\/span>N\u1ebfu c\u00e1c b\u1ea1n mu\u1ed1n cho ph\u00e9p\u00a01 ho\u1eb7c nhi\u1ec1u\u00a0\u0111\u1ecba ch\u1ec9 IP c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o VPS, h\u00e3y s\u1eeda d\u00f2ng\u00a0<span style=\"color: #ff0000;\"><strong>$whitelistIPs = &#8220;\u0111\u1ecba ch\u1ec9 IP 1&#8221;,\u00a0&#8220;\u0111\u1ecba ch\u1ec9 IP 2&#8221;,\u00a0&#8220;\u0111\u1ecba ch\u1ec9 IP 3&#8221;.<\/strong><\/span><\/p>\n<p style=\"text-align: left;\">&#8212;&#8212;<\/p>\n<p><span style=\"color: #0000ff;\"><em># Set execution policy<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em># AllSigned : Every script must bear a valid signature<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em># RemoteSigned : Must be signed by a trusted publisher (for example Microsoft)<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em># Unrestricted : No restrictions whatsoever, every script can run<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em>Set-ExecutionPolicy -ExecutionPolicy RemoteSigned<\/em><\/span><\/p>\n<p><span style=\"color: #0000ff;\"><em># Whitelisted IPs which are allowed to use the services on this host<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em>$whitelistIPs = &#8220;<span style=\"color: #ff0000;\"><strong>IP C\u1ee6A B\u1ea0N<\/strong><\/span>&#8220;<\/em><\/span><\/p>\n<p><span style=\"color: #0000ff;\"><em># DisplayNames for the firewall rules for Remote Desktop<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em>$remoteDeskopFwRules = &#8220;Remote Desktop &#8211; User Mode (TCP-In)&#8221;, &#8220;Remote Desktop &#8211; User Mode (UDP-In)&#8221;, &#8220;Remote Desktop Service&#8221;<\/em><\/span><\/p>\n<p><span style=\"color: #0000ff;\"><em>foreach ($rule in $remoteDeskopFwRules) {<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em> # This will only configure and enable the Firewall ports. The service needs to be (re-)started separately!<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em> Set-NetFireWallRule -DisplayName $rule -Disable True -Direction Inbound -RemoteAddress $whitelistIPs<\/em><\/span><br \/>\n<span style=\"color: #0000ff;\"><em>}<\/em><\/span><\/p>\n<p>&#8212;&#8212;-<\/p>\n<p style=\"text-align: left;\">\n<strong>B\u01b0\u1edbc 3: <\/strong>Th\u1eed l\u1ea1i b\u1eb1ng m\u00e1y t\u00ednh v\u1edbi IP kh\u00e1c xem \u0111\u00e3 th\u00e0nh c\u00f4ng hay ch\u01b0a.<\/p>\n<p style=\"text-align: left;\"><strong>L\u01b0u\u00a0\u00fd:\u00a0\u0110\u00e2y l\u00e0 c\u00e1ch b\u1ea3o m\u1eadt VPS g\u1ea7n nh\u01b0 tuy\u1ec7t\u00a0\u0111\u1ed1i nh\u01b0ng kh\u00e1 l\u00e0 h\u1ea1n ch\u1ebf. N\u1ebfu kh\u00f4ng ch\u1eafc ch\u1eafn\u00a0\u0111\u1ecba ch\u1ec9 IP c\u1ee7a b\u1ea1n c\u1ed1\u00a0\u0111\u1ecbnh ho\u1eb7c\u00a0kh\u00f4ng c\u00f3 IP d\u1ef1 ph\u00f2ng. Vui l\u00f2ng kh\u00f4ng th\u1ef1c hi\u1ec7n tr\u00e1nh tr\u01b0\u1eddng h\u1ee3p m\u1ea5t quy\u1ec1n truy c\u1eadp khi\u00a0\u0111\u1ecba ch\u1ec9 IP thay\u00a0\u0111\u1ed5i.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>L\u01b0u\u00a0\u00fd:\u00a0\u0110\u00e2y l\u00e0 c\u00e1ch b\u1ea3o m\u1eadt VPS tuy\u1ec7t\u00a0\u0111\u1ed1i nh\u01b0ng kh\u00e1 l\u00e0 h\u1ea1n ch\u1ebf. N\u1ebfu kh\u00f4ng ch\u1eafc ch\u1eafn\u00a0\u0111\u1ecba ch\u1ec9 IP c\u1ee7a b\u1ea1n c\u1ed1\u00a0\u0111\u1ecbnh, ho\u1eb7c\u00a0kh\u00f4ng c\u00f3 IP d\u1ef1 ph\u00f2ng. Vui l\u00f2ng kh\u00f4ng th\u1ef1c&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1028,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[],"_links":{"self":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts\/1027"}],"collection":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/comments?post=1027"}],"version-history":[{"count":0,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts\/1027\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/media\/1028"}],"wp:attachment":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/media?parent=1027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/categories?post=1027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/tags?post=1027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}