iptables

Hello, After migrating from CentSO to Almalinux, Fail2ban is not working properly. The problem occurs on several servers. Not just one. The error is that Fail2ban does not create the rules in iptables, and for that reason it gives an error: I have uninstalled Fail2Ban and reinstalled it, but...

Hi all, We have servers with Plesk / Almalinux 9. When we try to do a yum update, we get the following message: # yum update Last metadata expiration check: 2:51:22 ago on Mon Sep 9 06:01:22 2024. Error: Problem 1: package iptables-legacy-1.8.10-2.2.el9.x86_64 from @System requires...

I am using Plesk firewall extension to open some ports on my CloudLinux 8 server but I am unable to open certain ports because the Plesk firewall interface does not add the rule to firewalld: The operating system has no modifications and I am not using security extensions like Imunify360. I...

Hi, I have a problem with a production machine. My Firewall (Plesk->Extensions->Firewall) tells me that I have to apply the changes. But when I try to it simply halts the machine (or the network, who knows) to the extend that I cannot ping it and I have to hard reset the server for it to work...

I need to make a custop iptables rule persistent so that I can enable our docker containers to access Internet. This is the rule: But this rule is lost everytime I make a change using the Plesk Firewall GUI. How can I make this rule persistent? I've seen post talking about...

I've been monitoring my server logs (the realtime log browser) and even though my HW firewall is setup to only permit access to a particular set of ports (ie: apache/nginx/ftp) etc. I still see a constant stream of bots/ips/servers trying to access SSH on my server and being unsuccessful. I use...

Hi, I have IPv4 and IPv6 on my server. And I want to harden my firewall-settings. So I set the built-in rule System policy for incoming traffic to deny. And I defined all wanted traffic in rules. But this has the effect that all IPv6-traffic is blocked. What can I do that tis works correctly...

Hey guys, I have an issue with the Docker feature on Ubuntu Ubuntu 20.04.5 LTS. I have automatic updated enabled so I always use the latest Plesk version. Every few days my Docker containers crash. Sometimes it's a network related error (I cant reproduce this right now) and sometimes its the...

While migrating my Plesk server due to an OS upgrade last year, I pulled together the scripts that I wrote/modified and added some better documentation. I figured I would share these here, as there are probably some among you that can benefit from them. Hope it's helpful. Note: I've added links...

Hey everyone, how do you handle your firewall? Blocking all incoming traffic and open the related ports for incoming Traffic like 80, 443, 8443 and so on, and do you block also all outgoing traffic and open the related ports for outgoing or just let open all ports for outgoing traffic? Thanks :)

Hi all, On a server (Plesk Obsidian 18) we have domain mail (Postfix / Dovecot). The MX domain names are hosted on another server (anti-spam system) which sends the flow of messages to our server. Except that some spam still arrives on our server because the messages are sent directly to the IP...

Hi. If I have activated fail2ban all services are down neither having ssh access. Desactivating fail2ban for less I will get ssh access. To get working all other services I need to desactivate the firewall and delete manualy all emtries of iptables. After reboot again I will need to delete all...

Hi, I have set a plesk firewall rule like below which blocks all connections to ports. Deny incoming from all on ports 6379/tcp, 6379/udp, 9200/tcp, 9200/udp, 9300/tcp, 9300/udp and have another rule which allows same ports for 127.0.0.1. But it seems like these ports are accessible outside. The...

I have blocked some spammer IPs using a custom rule and run the activation script. At first I added 2 IPs and checked with IPtables -L Everything was as expected Then I added another 3 addresses and checked that the activation script lists the appropriate drop lines. After running the activation...

We currently have a dedicated Centos 7.5 server running Plesk Parallels 12.5 and hosting a few wordpress sites. We also have the server behind the CloudFlare CDN & Cloudflare DNS and Firewall. This has worked great for controlling malicious traffic, but we still had some attacks coming straight...

Hi, any ip adress are in fail2ban with the status blocked, and also in the ip tables ( per SSH added), but in the sys-log in plesk i can see the ip again with hacking activities, is this normal ?

We are using Plesk to host sites for others. Many of our clients use WordPress and this makes it hard to keep our servers safe. I am already forcing Wordfence on all sites and created a script that will collect IP's found by it and use it in iptables to block these server-wide. What I also...

I have personally not that much interest in fail2ban. I've written something like that some 8 years ago myself without ever hearing of fail2ban. What I wrote then is similar to what fail2ban is doing now. I'm writing my iptables rules directly in a file and it's loaded automatically if the...

I have plesk Onyx 17.5.3 installed on a Centos 7.3.1611. I tried to use plesk firewall extension to secure the server, so I disabled firewalld and issued: service psa-firewall start which gives me a succes message. However, when checking the iptables rules, I only found the three policies (INPUT...

Some users have been using Wordfence to protect their sites. It detects nasty people trying to hack into other people's network. I thought of harvesting these IP's and wrote a script that collects these and use them in iptables. Each hour it scans all the WordPress sites on my server and adds...