Securing RouterOS for small networks

samuelackerman · February 16, 2026, 8:12am

Hi all,

I’m working with MikroTik RouterOS and appreciate its flexibility, but I’m curious about current best practices for security. There’s lots of advice out there, but what’s still essential in 2026?

For those running MikroTik in production:

Key steps for securing a fresh install?
Services you typically disable?
Firewall templates or remote management tips?

Would love to hear real-world approaches.

whatever · February 16, 2026, 8:36am

Follow the securing your router guide: Securing your router - RouterOS - MikroTik Documentation
Explicitly allow everything you need in the firewall, input and forward tables, ipv4 and ipv6
Add a drop all rules to the end of all these firewall tables. This will make sure things you didn't think of are denied by default.