Search results

Hi IgorG, I've found this article : Is it safe to update system packages using an operating system package manager? and so I've mod my yum.conf to exclude kernel update. I'm on a VM, but I think that this patch for kernel is "a must have". So, do you think that I can remove the exclusion from...

Hi, for Kernel ELF security patch I've read that all CentOS 7.4 kernel 3.10.0-693 and higher have fixed this vulnerability. After I have update CentOS from plesk my kernel is 3.10.0-327.18.2.el7.x86_64. Now, what can I do ?

Hi learning_curve, why you want to upgrade to the last release ? And especially why we cannot update Postfix with plesk ? Is it secure to update Postfix (and Dovecot) with plesk release (17.5) ?

Thank you Igor, my question was about semanage command, that it isn't installed on my own server. But I've look that selinux is disable so I didn't need semanage to change default port. P.S. I'm on 17.5.3

Hi, is there a best practice about turn on (or leave off) SELinux with plesk ? Thank you

Hi trialotto, I already use f2b with maxretry and recidive, my question was about that even if I've adopted these two action my Dovecot gone offline for a brute force attack that send over 20 request per second! and f2b failed to manage this situation. That's why I would consider to integrate...

trialotto and mr-wolf.. Thank you both. I have two question about your explanation : a) what about performance if I configure a huge amount of IP (from various country, not only cn) ? Isn't a trouble for nginx to read every times this db? Or if I configure all "good" cidr for firewall isn't...

Hi trialotto, do you talk about firewall-cmd (package: firewalld) to use with f2b ?

Hi trialotto, can you explain how to implement the use of firewall to block specific countries ? Thank you

Hi mr-wolf, I'm happy that your country script works. I'll install firewall too asap. I've resolve the problem with f2b and ipset (it works like a charm) and now I'm trying to implement iptables --seconds 1 --hitcount 10 to some port (22, 110, 25....)

Hi mr-wolf, thank you for your support/cooperation. If it can help you, you can try to enable firewall at your side and then click on preview bottom. It show you the script (and the INPUT chain) that will be apply to the iptables. I hope that this help you (and me).

Thank you, mr-wolf. Fail2Ban is present since 12.5 under security panel from plesk. It's a service that you can activate and configure with a gui. It's a good scanner of log files (Fail2ban) and with 17.5 you have 0.9.6 version. There is a new enhanced version: 0.11.

Hi mr-wolf, so you suggest to enable plesk firewall or load a firewall like you ?

So, what you can suggest to have a "realtime" protection ? Set a number of login attempts per minute ?

Hi, I'm on CentOs 7.3 and there isn't iptables under sysconfig but ip6tables-config and iptables-config. This is the output of command # Generated by iptables-save v1.4.21 on Wed Sep 27 10:10:51 2017 *filter :INPUT ACCEPT [13:1196] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [6:540] :f2b-BadBots -...

Hi UFHH01, the problem persist if I use this action with Fail2Ban. Can you suggest something to try ? Thank you

So, if I change Fail2Ban to use ipset (and not iptables) can I further reduce this latency ?

If your customers have a staatic ip, you can put their IP in "trusted IP address" under Fail2Ban section on plesk

I've tried to use command line to create a test ipset and it works : ipset -v ipset v6.29, protocol version: 6 [root@server action.d]# ipset create f2b-iptest hash:ip timeout 3600 [root@server action.d]# ipset list Name: f2b-iptest Type: hash:ip Revision: 1 Header: family inet hashsize 1024...

Hi UFHH01, I'm in the same situation: f2bmng failed: ERROR Found no accessible config files for 'action.d/iptables-ipset-proto6-allports.conf' under /etc/fail2ban :( Edit : now it works. I've remove extension (.conf) from the action line and no errors are showed. Now I'm testing it. Edit 2: It...