• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question Disabling IPv6

Do you disable IPv6 for now?

  • Yes

    Votes: 0 0.0%

  • No

    Votes: 2 100.0%
  • Total voters
    2
S

seabiscuit

New Pleskian
Hello,

My firewall provider recommends disabling IPv6 until they come up with IPv6 support since even if they block malicious activity thru IPv4, the attacker can still success if he/she decides to attack thru IPv6 as well.

Do you think I face problems on the server side if I disable IPv6? Or should I leave it as it is? What is your take on this? Thanks....
 
@seabiscuit
"My firewall provider recommends disabling IPv6 until they come up with IPv6 support......"
Click to expand...
Change your firewall to one that includes IPv6. There are many, but here's an example that's a Plesk Extension: Juggernaut Security and Firewall
Fail2Ban in Plesk supports IPv6 banning and you can add IPv6 bans / deny service etc yourself, via the default Plesk Firewall too
IPv6 has been used effectively, since way back in 2012. Why change your server, just to suit an underperforming "firewall provider"??
 
No problems with Plesk if IPv6 is disabled (by experience).
support.plesk.com

How to disable IPv6 addresses on a Plesk server?

Applicable to: Plesk Obsidian for Linux Plesk Onyx for Linux Question How to disable IPv6 addresses on a Plesk server? Answer In order to disable IPv6, the following steps should be performed: ...
support.plesk.com support.plesk.com

There might be some minor cosmetic issues with false positive reports of "broken" subscriptions, but if you follow the article, things will be perfectly fine.
 
Thank you all...
I followed the instructions. And here is the output for "ip -6 addr" :

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever

2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::xxxxxxxxxxxxx/64 scope link
valid_lft forever preferred_lft forever

I went through some articles. As far as I figured, the problematic one is the "scope global". Since I'm not seeing it in the list above, I'm safe I guess.
 
What I meant is, an output like the following can cause problems for attacks thru IPv6:

eth0: mtu 1500 qlen 1000
inet6 xxxx:xxxx:x:xxxx:6ff:fe9b:3e85/64 scope global dynamic
valid_lft 2591998sec preferred_lft 604798sec
inet6 fe80::xxxxxxxxxxxx scope link
valid_lft forever preferred_lft forever

I dont see an output similar like this when I run "ip -6 addr" after I followed the instructions in the article posed by Peter.

So I believe I'm OK.
 
You must log in or register to reply here.

Similar threads

Tim Clarke
Issue Problems with recidive jail
Replies
3
Views
427
La Linea
L
PeopleInside
Question Plesk remote external backup - any suggestions?
Replies
3
Views
508
nmdpa3
N
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
1K
Lenny
Lenny
A
Issue Plesk disables incoming and outgoing IPv6 after a while
Replies
15
Views
2K
Attackwave
A
Back
Top