• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

iptables

  1. E

    Question yum update conflict

    Hi all, We have servers with Plesk / Almalinux 9. When we try to do a yum update, we get the following message: # yum update Last metadata expiration check: 2:51:22 ago on Mon Sep 9 06:01:22 2024. Error: Problem 1: package iptables-legacy-1.8.10-2.2.el9.x86_64 from @System requires...
  2. D

    Issue Plesk Firewall does not add changes to zone (CloudLinux)

    I am using Plesk firewall extension to open some ports on my CloudLinux 8 server but I am unable to open certain ports because the Plesk firewall interface does not add the rule to firewalld: The operating system has no modifications and I am not using security extensions like Imunify360. I...
  3. E

    Resolved NGinx deny rules and Firewall (iptables?)

    Hi, I have a problem with a production machine. My Firewall (Plesk->Extensions->Firewall) tells me that I have to apply the changes. But when I try to it simply halts the machine (or the network, who knows) to the extend that I cannot ping it and I have to hard reset the server for it to work...
  4. D

    Question Question How to allow custom iptables rules in Plesk Obsidian?

    I need to make a custop iptables rule persistent so that I can enable our docker containers to access Internet. This is the rule: But this rule is lost everytime I make a change using the Plesk Firewall GUI. How can I make this rule persistent? I've seen post talking about...
  5. pr0tax

    Question Stop SSH Port Scanning

    I've been monitoring my server logs (the realtime log browser) and even though my HW firewall is setup to only permit access to a particular set of ports (ie: apache/nginx/ftp) etc. I still see a constant stream of bots/ips/servers trying to access SSH on my server and being unsuccessful. I use...
  6. Thomas Wilhelmi

    Issue Firewall and IPv6

    Hi, I have IPv4 and IPv6 on my server. And I want to harden my firewall-settings. So I set the built-in rule System policy for incoming traffic to deny. And I defined all wanted traffic in rules. But this has the effect that all IPv6-traffic is blocked. What can I do that tis works correctly...
  7. D

    Resolved Docker containers crash randomly any few days

    Hey guys, I have an issue with the Docker feature on Ubuntu Ubuntu 20.04.5 LTS. I have automatic updated enabled so I always use the latest Plesk version. Every few days my Docker containers crash. Sometimes it's a network related error (I cant reproduce this right now) and sometimes its the...
  8. AbramS

    Input Spamhaus (e)DROP Script for iptables

    While migrating my Plesk server due to an OS upgrade last year, I pulled together the scripts that I wrote/modified and added some better documentation. I figured I would share these here, as there are probably some among you that can benefit from them. Hope it's helpful. Note: I've added links...
  9. L

    Question iptables port blocking [in & out] - which open, which filtered?

    Hey everyone, how do you handle your firewall? Blocking all incoming traffic and open the related ports for incoming Traffic like 80, 443, 8443 and so on, and do you block also all outgoing traffic and open the related ports for outgoing or just let open all ports for outgoing traffic? Thanks :)
  10. E

    Question Secure email reception from MX

    Hi all, On a server (Plesk Obsidian 18) we have domain mail (Postfix / Dovecot). The MX domain names are hosted on another server (anti-spam system) which sends the flow of messages to our server. Except that some spam still arrives on our server because the messages are sent directly to the IP...
  11. B

    Issue All down with Fail2ban and iptables

    Hi. If I have activated fail2ban all services are down neither having ssh access. Desactivating fail2ban for less I will get ssh access. To get working all other services I need to desactivate the firewall and delete manualy all emtries of iptables. After reboot again I will need to delete all...
  12. bulent

    Issue Plesk firewall rule

    Hi, I have set a plesk firewall rule like below which blocks all connections to ports. Deny incoming from all on ports 6379/tcp, 6379/udp, 9200/tcp, 9200/udp, 9300/tcp, 9300/udp and have another rule which allows same ports for 127.0.0.1. But it seems like these ports are accessible outside. The...
  13. P

    Resolved plesk firewall rules do not show up in iptables -L

    I have blocked some spammer IPs using a custom rule and run the activation script. At first I added 2 IPs and checked with IPtables -L Everything was as expected Then I added another 3 addresses and checked that the activation script lists the appropriate drop lines. After running the activation...
  14. daedparrotsoftware

    Question If we Upgrade from 12.5 to Onyx How to setup firewall with Cloudflare

    We currently have a dedicated Centos 7.5 server running Plesk Parallels 12.5 and hosting a few wordpress sites. We also have the server behind the CloudFlare CDN & Cloudflare DNS and Firewall. This has worked great for controlling malicious traffic, but we still had some attacks coming straight...
  15. S

    Question blocked ip in Fail2ban and iptables in Syslog Watch again

    Hi, any ip adress are in fail2ban with the status blocked, and also in the ip tables ( per SSH added), but in the sys-log in plesk i can see the ip again with hacking activities, is this normal ?
  16. M

    Input How my firewall helped in uncovering a malicious PHP-script

    We are using Plesk to host sites for others. Many of our clients use WordPress and this makes it hard to keep our servers safe. I am already forcing Wordfence on all sites and created a script that will collect IP's found by it and use it in iptables to block these server-wide. What I also...
  17. M

    Question Plesk's Fail2ban

    I have personally not that much interest in fail2ban. I've written something like that some 8 years ago myself without ever hearing of fail2ban. What I wrote then is similar to what fail2ban is doing now. I'm writing my iptables rules directly in a file and it's loaded automatically if the...
  18. S

    Issue Plesk firewall doesn't register iptables rules

    I have plesk Onyx 17.5.3 installed on a Centos 7.3.1611. I tried to use plesk firewall extension to secure the server, so I disabled firewalld and issued: service psa-firewall start which gives me a succes message. However, when checking the iptables rules, I only found the three policies (INPUT...
  19. M

    Input Use Wordfence to fill the firewall

    Some users have been using Wordfence to protect their sites. It detects nasty people trying to hack into other people's network. I thought of harvesting these IP's and wrote a script that collects these and use them in iptables. Each hour it scans all the WordPress sites on my server and adds...
  20. Mike2017

    Resolved Reloading iptables on reboot in Plesk 17.0.17

    Hello, I recently migrated my VPS from Plesk 12 to Plesk Onyx (I am now running Plesk Onyx v17.0.17 update #21 on Ubuntu 14.04.5 LTS). I have a number of custom rules in iptables and, previously, I just had iptables-persistent installed - it was auto loading on reboot iptables stored in...
Back
Top