Question delete firewall rules when the firewall is OFF

[shopuser]

Hi,

i have a bad rule (block all ips) in the plesk firewall rules, the firewall is off now, how i can delete this rule ?
When i activate the firewall this bad rule block all ips, and after then i dont have access to plesk and the server


Thanks

 

[websavers]

Run this to get your list of rules:

plesk db -Ne 'select id,object from module_firewall_rules where configuration_id=2'

Grab the ID from that for your rule. I don't have the exact command to delete or disable it, but it looks something like this:

plesk bin modules/firewall/settings --disable -id {ID}

 

[shopuser]

aha thanks, in my list i see this:

.....

90162 a:8:{s:4:"type";s:6:"custom";s:5:"class";s:6:"custom";s:4:"name";s:15:"video2.budtv.tv";s:9:"direction";s:5:"input";s:5:"ports";a:0:{}s:4:"from";a:1:{i:0;s:14:"142.44.138.213";}s:6:"action";s:4:"deny";s:10:"originalId";s:5:"90048";}
90163 a:8:{s:4:"type";s:6:"custom";s:5:"class";s:6:"custom";s:4:"name";s:23:"[email protected]";s:9:"direction";s:5:"input";s:5:"ports";a:0:{}s:4:"from";a:1:{i:0;s:13:"85.25.177.219";}s:6:"action";s:4:"deny";s:10:"originalId";s:5:"90049";}

....


the fist number with 5digit ist the ID ?

 

[websavers]

Yeah, it should be. Large number; you go through a lot of rules? You can remove the `-Ne` part to see the DB structure.

 

[shopuser]

dosent work:

root@server:~# plesk bin modules/firewall/settings --disable -id 90207
Option -id 90207 should not be specified


exit status 1
root@server:~# plesk bin modules/firewall/settings --disable -id "90207"
Option -id 90207 should not be specified


exit status 1
root@server:~# plesk bin modules/firewall/settings --disable -id {90207}
Option -id {90207} should not be specified


exit status 1
root@server:~#

 

[websavers]

Disable must be for the firewall as a whole. Gotta run help on the firewall command to see what options it provides for removing a rule.

 

[shopuser]

in help :
plesk bin modules/firewall/settings --remove-rules or -d <rule_id_1>[,<rule_id_2>[,...]]

dosent work i dont know how i can set the id in in this command



root@server:~# plesk bin modules/firewall/settings --remove-rules -id 90207
Unknown option '90207': /usr/local/psa/bin/modules/firewall/settings --remove-rules -id 90207


exit status 1
root@server:~# plesk bin modules/firewall/settings --remove-rules -id [90207]
Unknown option '[90207]': /usr/local/psa/bin/modules/firewall/settings --remove-rules -id [90207]


exit status 1
root@server:~# plesk bin modules/firewall/settings --remove-rules -id <rule_id_90207>
-bash: syntax error near unexpected token `newline

 

[websavers]

It specifically says in the help:

--remove-rules or -d <rule_id_1>[,<rule_id_2>[,...]]

So, don't use -id... just --remove-rules ID

 

[shopuser]

sorry i dont understand what do you mean, how is the command for remove rule 90207 ?
i try different comands in the last post

this is the wrong rule :

90207 a:8:{s:4:"type";s:6:"custom";s:5:"class";s:6:"custom";s:4:"name";s:8:"lease";s:9:"direction";s:5:"input";s:5:"ports";a:0:{}s:4:"from";a:0:{}s:6:"action";s:4:"deny";s:10:"originalId";s:5:"90093";}

 

[Bitpalast]

plesk bin modules/firewall/settings --remove-rules 90207

 

[shopuser]

ok thanks this comand works without error, but the rule in plesk is not removed or disabled


root@server:~# plesk bin modules/firewall/settings --remove-rules 90207
Firewall rules management is disabled.

exit status 1
root@server:~#

 

[Bitpalast]

That is probably, because the firewall management was disabled?

Regarding your issue I suggest to simply update the dataset in the database to a setting that cannot harm your system, then try to activate the firewall system, then remove the rule.

 

[shopuser]

Yes the firewall management was disabled in plesk! when i aktivate the mangement, after then block this wrong rule all traffic from all ips.
This was a mishap, at the morning a try to add a new rule in the firewall in plesk, but the ip was not taken over from the right field to the left and I took over too quickly.

 

[shopuser]

how i can restore the firewall with the rules after an new installation ?

 

[Bitpalast]

"Restore" implies that you have a backup. When you have a full backup of Plesk including configuration and content, you can restore the whole system. But you cannot selectively install only firewall rules.

 

[shopuser]

Yes the backup complet wit all domains and webspace data, this is not possible.
But when in deinstall the firewall in plesk is this with the rules ? or i have the old rules after reinstall ?

 

[Bitpalast]

The backup contains the configuration that was present on your server at the time of the backup.

Why was my solution to edit the dataset with the faulty rule not suitable for you? The only thing that you need to watch is to count the new number of characters of the new field content and correct the "s" field before that field accordingly.

 

[shopuser]

yes but i can edit (per SSH) this only after switch on the firwall, and then i i dont have acesss to the server.

it is possible in Fail2ban add my ip from my local internet telekom to whitelist ? for acess after switch on the firwall ?

 

[shopuser]

it possible to communicate in german per PM ?

 

[Bitpalast]

The idea was not to edit it in the Plesk GUI, but to edit the dataset in the database directly. Like

# plesk db
> select * from module_firewall_rules where configuration_id=<config id>

makes visible what is stored and
> update module_firewall SET <field name>='<new content>' where id LIKE '<dataset id to update>'
would update the dataset you want to change.

If you are unexperienced with SQL, don't do it.

I do not provide individual support. If you need assistance individually, please contact Plesk support:

How to get support directly from Plesk?

Question How to get support directly from Plesk? Answer Lease-type Plesk licenses purchased directly from Plesk running on supported Plesk version include full free support. Perpetual-type license...

support.plesk.com