Introduction: Closing the Doors

In the physical world, you wouldn't leave your front door wide open when you aren't home. In the digital world, having 'Open Ports' that you aren't actively using is exactly like leaving your house wide open to any stranger walking by. Blocking Unauthorized Port Access is the single most important task for securing your computer or server.

In this guide, we'll explain how to identify 'leaky' ports and how to lock them down using the tools built into your computer.

How to Block Ports

Windows Firewall

  1. Open 'Windows Defender Firewall with Advanced Security'.
  2. Click 'Inbound Rules' and select 'New Rule'.
  3. Choose 'Port', enter the number you want to block (e.g., 21 for FTP), and select 'Block the connection'.

macOS

  1. Go to 'System Settings > Network > Firewall'.
  2. Turn it on and click 'Options'.
  3. Ensure 'Block all incoming connections' is checked for any service you don't recognize.

The 'Default Deny' Rule

The safest way to run a network is Default Deny. This means your firewall blocks *everything* by default, and you only manually open the specific doors you need (like 80 and 443 for a web server). This is much safer than trying to 'spot-block' bad guys as they arrive.

Conclusion

Securing your ports is about reducing your 'Attack Surface'. The fewer open doors you have, the harder it is for anyone to break in. Test your firewall's strength here.