image2207×619 18.4 KB

Overview

Whitelisting IPs restricts inbound access so only approved public IP addresses can connect to specific services. This reduces exposure to brute-force attacks and unauthorized access.

Common services and their default port numbers:

• RDP (Remote Desktop Protocol) — TCP 3389

• SQL Server — TCP 1433

• MySQL — TCP 3306

• FTP — TCP 21 plus a configured passive port range(TCP - 5550 - 5650)

Step 1 — Open Windows Defender Firewall with Advanced Security

Use this when you’re already logged into Windows normally (RDP or local session).

1. Click Start

2. Search: Windows Defender Firewall with Advanced Security

3. Open it

   

   image804×715 47.8 KB

4. In the left pane, click Inbound Rules

   

   image313×199 32.9 KB

Step 2 — Locate the Existing Firewall Rules

1. In Inbound Rules, sort by Name.

2. Locate the existing rules for:

   • Remote Desktop

   • SQL Server (may list the instance name or port)

   • FTP Server / FileZilla Server / IIS FTP

3. Double-click the relevant rule.

   

4. Confirm under Protocols and Ports that the rule matches the correct port.

   

   image637×401 54.3 KB

5. Go to the Scope tab.

   

   image611×567 64.5 KB

Step 3 — Whitelist IPs existing Rules

1. Open the existing inbound rule.

2. Select the Scope tab.

3. Under Remote IP address, select:
   These IP addresses

4. Click Add…

5. Enter the approved IPs or subnets.

6. Click OK → Apply

Once saved, only the listed IPs will be able to connect using that rule.

Step 3 — Test Before Closing Your Session

From a whitelisted IP:

• Test RDP login

• Test SQL connectivity

• Test FTP login and file transfer

From a non-whitelisted IP (if possible), confirm connections fail.

Important Notes

• If a service is still accessible publicly, there is likely another enabled allow rule that must also be updated.

• Some services (especially RDP) often have multiple firewall rules by profile — all applicable ones must be scoped.