• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Disable FTP on single ip address

R

RedEnzian

New Pleskian
Server operating system version
Almalinux 9.5
Plesk version and microupdate number
18.0.68 Update #1
Hello,

we need to block FTP traffic for one of the dedicated IPs on our server.
I tried to add a firewall rule, but i cant setup a rule using incoming on port 21/tcp for a single destination. (incoming has only a from field not a destination field, destination is always 0.0.0.0). Also tried using the console command, but it ignores the --to setting

Is there a way to disable the FTP Server to listen on port 21 for a specific IP?
ive found the /etc/proftpd.d/50-plesk.conf file but this file is always autogenerated, so changing it does not help.
 
Do I correctly understand you want deny the whole Internet to connect to specific IP-address that is used by ftp server on a Plesk server?
iptables -A INPUT -d 192.0.2.1/32 -p tcp --dport 21 -j DROP ?
 
yes, i tried to iptables command but i could not persist it since plesk-firewall always overwrites it on restart.
iptables-save did not work
 
RedEnzian said:
yes, i tried to iptables command but i could not persist it since plesk-firewall always overwrites it on restart.
iptables-save did not work
Click to expand...

As a workaround you could create a script which adds custom rule(s) to iptables. Then in Plesk you can use the Event Manager setup an event which calls your script every time the Plesk firewall rules gets updated (Firewall rules activated). That way your custom iptables rules get re-added automatically every time the Plesk firewall rules get updated.
 
You must log in or register to reply here.

Similar threads

A
Resolved Plesk Firewall and Samba
2
Replies
22
Views
2K
Raul A.
R
E
Issue Plesk on Ubuntu through AWS Lightsail FTP Issues
Replies
2
Views
1K
AYamshanov
AYamshanov
T
Question Using an external firewall to block Plesk ports
Replies
3
Views
2K
thinkjarvis
T
C
Question Securing Docker ports to local access only with firewalld
Replies
8
Views
9K
captainhook
C
P
Issue block per ip in firewall rules
Replies
2
Views
1K
Pavlo.UA
P
Back
Top