Suitecrm customization ssh policy

Hi all,
this is my first post, and I am a newbie of SuiteCRM. I’ve just installed it and I’m making the first configurations.
I’ve installed suiteCRM by VMWare image. I note that the OS installed is a Debian:
Linux ucs-2933 4.9.0-14-amd64 #1 SMP Debian 4.9.246-2 (2020-12-17) x86_64 GNU/Linux.

I’m surprised that default ssh is reachable by any IP, without any drop rule.

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
**ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh**

I would like to grant access via ssh, just to one trusted IP.
But, also intervening by means of the usual commands (iptables-persistent), iptables configuration is lost at any reboot. It seems that something is overwriting by SuiteCRM.

Looking for a possible cause, I’ve found the following file
in which all the suitecrm default rules are set. These settings are not acceptable to me.
In the following an excerpt of such .sh file.

iptables --wait -A INPUT -p "tcp"  --dport 22 -j ACCEPT
ip6tables --wait -A INPUT -p "tcp"  --dport 22 -j ACCEPT

How can overwrite such rules, any attempt, as said, was unsuccessful. Why I cannot act directly by iptables, how can resolve such problem.
Thanks a lot to all of you.