1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Firewall not blocking IPs?

Discussion in 'Plesk for Linux - 8.x and Older' started by bray, Jan 10, 2006.

  1. bray

    bray Guest

    0
     
    Hi All,

    I've set my firewall to DENY ALL from 62.162.197.55 on all ports. I've been getting a lot of spam from that IP and was trying to block it. However, after I added this to my firewall it still accepts mail from it? I'm thinking it must be because the default rules Plesk has are interfering with it or taking priority. Should I remove all the other default Plesk rules first? This is what is installed by default:

    Plesk administrative interface Allow incoming from all
    WWW server Allow incoming from all
    FTP server Allow incoming from all
    SSH (secure shell) server Allow incoming from all
    SMTP (mail sending) server Allow incoming from all
    POP3 (mail retrieval) server Allow incoming from all
    IMAP (mail retrieval) server Allow incoming from all
    Mail password change service Allow incoming from all
    MySQL server Allow incoming from all
    PostgreSQL server Allow incoming from all
    Tomcat administrative interface Allow incoming from all
    Samba Allow incoming from all
    Plesk VPN Allow incoming from all
    Domain name server Allow incoming from all
    Ping service Allow incoming from all
    System policy for incoming traffic Allow all other incoming traffic
    System policy for outgoing traffic Allow all other outgoing traffic
    System policy for forwarding of traffic Deny forwarding of all other traffic

    I read in one other thread that the default rules are very lax, though I am no firewall expert. I just want to block the IPs I add and have the server work properly.

    Thanks for any pointers on the matter,

    Eric
     
  2. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    IMO the Plesk firewall is not that good, by default it leaves everything wide open. I would recommend APF, it's easy to install and configure. Plus when you add BFD (from the same developers) you have a great Brute Force Detector which will automaticall add offending IP's to the APF firewall script. Check it out here:

    http://www.rfxnetworks.com/proj.php
     
  3. bray

    bray Guest

    0
     
    Thanks, but I guess I'm not looking to purchase another firewall but manage the one that's there. I have put the PostGRE, Ping and Tomcat services to DENY ALL now. I'm just curious what the other rules should be set to so it's more secure.

    Of course, I don't want to DENY something that should be set to ALLOW all, incoming, outgoing or forwarding. I suppose I'm just looking for what other people actually use effectively for the firewall setup in Plesk.
     
  4. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    No bray, APF and BFD are free!!

    If you look through the documentation and the script you will see their reasoning for different firewall rules. If nothing else it may be able to give you ideas for configuring the Plesk firewall.
     
  5. bray

    bray Guest

    0
     
    Alright thanks. I guess I'll go read the readme file to see what rules they use by default on a regular web server.
     
  6. phoenixisp

    phoenixisp Silver Pleskian

    27
    57%
    Joined:
    Feb 2, 2002
    Messages:
    840
    Likes Received:
    0
    Just be sure to leave the ports that Plesk needs open:

    8443 - Admin Panel
    5224 - Plesk's key updater
     
Loading...