Facebook
Twitter
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Resolved Juggernaut Security and Firewall Plesk Addon
>We follow the same defaults for logging that CSF uses for all Cpanel servers. Just enable Drop incoming logging as I mentioned if you really want them logged.
Forgive me if I'm missing something. I'm not trying to be obtuse. I just know that without using Juggernaut, if we had someone who couldn't connect via FTP, we would have someone look at the logs, see what IP was knocking on the door, and then we would whitelist it.
When we know the IP, what would be causing it not to show up in the Dashboard search you suggested?
Forgive me if I'm missing something. I'm not trying to be obtuse. I just know that without using Juggernaut, if we had someone who couldn't connect via FTP, we would have someone look at the logs, see what IP was knocking on the door, and then we would whitelist it.
When we know the IP, what would be causing it not to show up in the Dashboard search you suggested?
danami
Silver Pleskian
If you search for the IP address in the dashboard search and it doesn't come up with any results, then it's not blocked on the firewall. It's not a firewall problem.
>If you search for the IP address in the dashboard search and it doesn't come up with any results, then it's not blocked on the firewall. It's not a firewall problem.
Perhaps there is a disconnect in how I am relaying things then.
I pull up a browser. I got to a site on this server. I can connect with no problem. I pull up a browser based VPN and set it to connect from Germany, Romania, etc. A country that is blocked. I go to ipchicken.com to check the IP address. I try to connect to the same website. Now it times out. I go back to ipchicken.com and confirm that it's still that IP address. I turn off the VPN and connect to the site successfully now. I now go to the Dashboard and search for that overseas IP, and it's not there.
Clearly I'm misunderstanding something. What am I doing wrong?
Perhaps there is a disconnect in how I am relaying things then.
I pull up a browser. I got to a site on this server. I can connect with no problem. I pull up a browser based VPN and set it to connect from Germany, Romania, etc. A country that is blocked. I go to ipchicken.com to check the IP address. I try to connect to the same website. Now it times out. I go back to ipchicken.com and confirm that it's still that IP address. I turn off the VPN and connect to the site successfully now. I now go to the Dashboard and search for that overseas IP, and it's not there.
Clearly I'm misunderstanding something. What am I doing wrong?
Thanks. We got the issue resolved temporarily, but will open a ticket regarding the MaxMind issue as the issue does not seem to be resolved. Just FYI, we go this in the morning email:
We’re still seeing outdated API requests from your account (ID XXXXXX) that are using an incorrect endpoint.
Going forward, we will only accept:
If you have questions or need help, just reply to this email.
We’re still seeing outdated API requests from your account (ID XXXXXX) that are using an incorrect endpoint.
Going forward, we will only accept:
- API requests sent with the more secure HTTPS protocol.
- API requests sent to the appropriate hostname.
If you have questions or need help, just reply to this email.
danami
Silver Pleskian
@safemoon A web application firewall and an IPtables firewall perform two completely different tasks. You should have both installed. Juggernaut will monitor the modsecurity logs and ban users who trigger modsecurity repeatedly.
@zed2007 Just add a rule for the IP address under Allow -> Allow permanently.
@zed2007 Just add a rule for the IP address under Allow -> Allow permanently.
danami
Silver Pleskian
Juggernaut Security and Firewall 4.0.3 has been released with Debian 12 support, a new command line interface, and more!
Just a shout out for the Danami support team. We decided to try Juggernaut on a server we were migrating purely in hopes that it would supply some GEO blocking security. Now over a year later it's done everything we hoped, and more. We're now using it to deal with some other security issues, and the Danami support team has been great.
We're not usually big on subscription based products, but this one has proven itself. So much so that when our AV comes up for renewal this year, we will likely be switching to the Danami product for that as well. When first looking at the firewall, it seems to be a bit overwhelming, but I have found that it's really not once you start using it.
If you're looking for a good software based firewall add on for Plesk that will provide GEO Blocking, this is a great product. I hope this helps others who are looking for a solution.
We're not usually big on subscription based products, but this one has proven itself. So much so that when our AV comes up for renewal this year, we will likely be switching to the Danami product for that as well. When first looking at the firewall, it seems to be a bit overwhelming, but I have found that it's really not once you start using it.
If you're looking for a good software based firewall add on for Plesk that will provide GEO Blocking, this is a great product. I hope this helps others who are looking for a solution.
Similar threads
