HestiaCP Firewall

Hi, I just noted that new used ports that were not covered by any previous rule were wide open.
Shouldn’t the default setting in HestiaCP be that everything that is not covered in an accept rule will be dropped?

I’m very certain that was the case some while ago.

I feel something like iptables -A INPUT -j DROP is missing ion the default.
I can’t even find a way to add that to the UI since I can only reject 0.0.0.0/0
Or am I missing something major?

Thanks

We add it by default in the ip tables configuration: