• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Firewall not blocking IPs?

B

bray

Guest
Hi All,

I've set my firewall to DENY ALL from 62.162.197.55 on all ports. I've been getting a lot of spam from that IP and was trying to block it. However, after I added this to my firewall it still accepts mail from it? I'm thinking it must be because the default rules Plesk has are interfering with it or taking priority. Should I remove all the other default Plesk rules first? This is what is installed by default:

Plesk administrative interface Allow incoming from all
WWW server Allow incoming from all
FTP server Allow incoming from all
SSH (secure shell) server Allow incoming from all
SMTP (mail sending) server Allow incoming from all
POP3 (mail retrieval) server Allow incoming from all
IMAP (mail retrieval) server Allow incoming from all
Mail password change service Allow incoming from all
MySQL server Allow incoming from all
PostgreSQL server Allow incoming from all
Tomcat administrative interface Allow incoming from all
Samba Allow incoming from all
Plesk VPN Allow incoming from all
Domain name server Allow incoming from all
Ping service Allow incoming from all
System policy for incoming traffic Allow all other incoming traffic
System policy for outgoing traffic Allow all other outgoing traffic
System policy for forwarding of traffic Deny forwarding of all other traffic

I read in one other thread that the default rules are very lax, though I am no firewall expert. I just want to block the IPs I add and have the server work properly.

Thanks for any pointers on the matter,

Eric
 
IMO the Plesk firewall is not that good, by default it leaves everything wide open. I would recommend APF, it's easy to install and configure. Plus when you add BFD (from the same developers) you have a great Brute Force Detector which will automaticall add offending IP's to the APF firewall script. Check it out here:

http://www.rfxnetworks.com/proj.php
 
Thanks, but I guess I'm not looking to purchase another firewall but manage the one that's there. I have put the PostGRE, Ping and Tomcat services to DENY ALL now. I'm just curious what the other rules should be set to so it's more secure.

Of course, I don't want to DENY something that should be set to ALLOW all, incoming, outgoing or forwarding. I suppose I'm just looking for what other people actually use effectively for the firewall setup in Plesk.
 
No bray, APF and BFD are free!!

If you look through the documentation and the script you will see their reasoning for different firewall rules. If nothing else it may be able to give you ideas for configuring the Plesk firewall.
 
Alright thanks. I guess I'll go read the readme file to see what rules they use by default on a regular web server.
 
You must log in or register to reply here.

Similar threads

gennolo
Issue Cannot update an existing firewall rule to allow all ips
Replies
2
Views
604
gennolo
gennolo
gennolo
Resolved Cannot update an existing firewall rule to allow all ips
Replies
3
Views
878
gennolo
gennolo
Thomas Wilhelmi
Issue Firewall and IPv6
Replies
5
Views
745
Thomas Wilhelmi
Thomas Wilhelmi
A
Question Some security questions
Replies
2
Views
148
amba1980
A
serreri
Question Overuse is not allowed - it does not suspend the domain and does not redirect to 503
Replies
2
Views
282
serreri
serreri
Back
Top