• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question Disable FTP on single ip address

R

RedEnzian

New Pleskian
Server operating system version
Almalinux 9.5
Plesk version and microupdate number
18.0.68 Update #1
Hello,

we need to block FTP traffic for one of the dedicated IPs on our server.
I tried to add a firewall rule, but i cant setup a rule using incoming on port 21/tcp for a single destination. (incoming has only a from field not a destination field, destination is always 0.0.0.0). Also tried using the console command, but it ignores the --to setting

Is there a way to disable the FTP Server to listen on port 21 for a specific IP?
ive found the /etc/proftpd.d/50-plesk.conf file but this file is always autogenerated, so changing it does not help.
 
Do I correctly understand you want deny the whole Internet to connect to specific IP-address that is used by ftp server on a Plesk server?
iptables -A INPUT -d 192.0.2.1/32 -p tcp --dport 21 -j DROP ?
 
yes, i tried to iptables command but i could not persist it since plesk-firewall always overwrites it on restart.
iptables-save did not work
 
RedEnzian said:
yes, i tried to iptables command but i could not persist it since plesk-firewall always overwrites it on restart.
iptables-save did not work
Click to expand...

As a workaround you could create a script which adds custom rule(s) to iptables. Then in Plesk you can use the Event Manager setup an event which calls your script every time the Plesk firewall rules gets updated (Firewall rules activated). That way your custom iptables rules get re-added automatically every time the Plesk firewall rules get updated.
 
You must log in or register to reply here.

Similar threads

A
Resolved Plesk Firewall and Samba
2
Replies
22
Views
2K
Raul A.
R
E
Issue Plesk on Ubuntu through AWS Lightsail FTP Issues
Replies
2
Views
1K
AYamshanov
AYamshanov
T
Question Using an external firewall to block Plesk ports
Replies
3
Views
1K
thinkjarvis
T
C
Question Securing Docker ports to local access only with firewalld
Replies
8
Views
9K
captainhook
C
P
Issue block per ip in firewall rules
Replies
2
Views
1K
Pavlo.UA
P
Back
Top