• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Firewall configuration from the command-line

Azurel

Azurel

Silver Pleskian
Hello,

I use plesk 11.5.30. Its possible to add firewall rules with command-line? What I do:

I use cron.hourly to download a TOR ip list and add it to apache and restart apache... working fine, but with little problems:

1. This will apache restart every hour and visitors get a error page, when apache restarts. Not fine!
2. Not all processes going down correctly. I get more and more ghost php processes after every hour.

Better, I can add tor ip list directly to the firewall. But how?


EDIT:

Sergey L said:
We know the need for firewall command line, but we don't have it yet
Click to expand...
Thats now two years ago. Any progress?


EDIT2:

Its possible to add a rule with a description and delete all rules with a specific description?
Or add a rule for a defined time? Like a "timeban"-function.
 
Last edited:
Looks great! The features list is impressive! Its a little expensive for my small server. What server-performance lose have this extra addon? ;)

Its look like the best addon for plesk... but I have my problems with not approved external software. Its always a security risk, like browser addons. Can anybody give a statement to this addon? Have anybody use it?
 
Azurel said:
What server-performance lose have this extra addon? ;)
Click to expand...

There is little overhead even with a few thousand iptables rules. You can set a threshold for the maximum number of permanently / temporarily denied IP addresses and the login failure daemon will automatically rotate blocks when it reaches your maximum. Also the login failure daemon uses very little resources even when monitoring 300+ domains.
If you have any other questions just let me know :)
 
You must log in or register to reply here.

Similar threads

Tim_Wakeling
Issue Firewall suddenly took Plesk down overnight
2
Replies
23
Views
3K
Peter Debik
P
C
Issue Errors with Plesk scheduled backups
Replies
2
Views
263
cmartinez127
C
T
Apache2 ModSec Error - Apache2 fails to start and AH00111 error
Replies
1
Views
1K
Peter Debik
P
N
Question How to restart the Plesk service from command line
Replies
6
Views
6K
NIEL
N
A
Issue Problem with modsecurity - modsecurity_ctl failed
Replies
8
Views
2K
Alfonzo12
A
Back
Top