• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Resolved Juggernaut Security and Firewall Plesk Addon

Error [Firewall_Settings_Initial]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Port]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_General]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Smtp]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Portflood]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logging]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Portknocking]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Redirect]. Message [Unable to read file [/etc/csf/csf.redirect]]

Error [Firewall_Settings_Denyserverip]. Message [Unable to read file [/etc/csf/csf.sips]]

Error [Firewall_Settings_Docker]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Loginfailure]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Loginfailurecustomtrigger]. Message [Unable to read file [/usr/local/csf/bin/regex.custom.pm]]

Error [Firewall_Settings_Reporting]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Temptoperm]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Globallist]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Blocklist]. Message [Unable to read file [/etc/csf/csf.blocklists]]

Error [Firewall_Settings_Dirwatch]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Dirwatchpath]. Message [Unable to read file [/etc/csf/csf.dirwatch]]

Error [Firewall_Settings_Trackingdistributedattack]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackinglogin]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingconnection]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingprocess]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingportscan]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackinguserid]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingaccount]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Messenger]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Cluster]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logscanner]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logscannerlogfile]. Message [Unable to read file [/etc/csf/csf.logfiles]]

Error [Firewall_Settings_Statistics]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Sysloguser]. Message [Unable to read file [/etc/csf/csf.syslogusers]]

Error [Firewall_Settings_Logginglogfile]. Message [Unable to read file [/etc/csf/csf.syslogs]]

Error [Firewall_Settings_Rbl]. Message [Unable to read file [/etc/csf/csf.rblconf]]

Error [Firewall_Settings_Cloudflare]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Cloudflareuser]. Message [Unable to read file [/etc/csf/csf.cloudflare]]

Error [Firewall_Settings_Osbinary]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Oslogfile]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Osport]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Osmisc]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Deny]. Message [Unable to read file [/etc/csf/csf.deny]]

Error [Firewall_Settings_Allow]. Message [Unable to read file [/etc/csf/csf.allow]]

Error [Firewall_Settings_Allowdyndns]. Message [Unable to read file [/etc/csf/csf.dyndns]]

Error [Firewall_Settings_Ignore]. Message [Unable to read file [/etc/csf/csf.ignore]]

Error [Firewall_Settings_Rdnsignore]. Message [Unable to read file [/etc/csf/csf.rignore]]

Error [Firewall_Settings_Dirwatchignore]. Message [Unable to read file [/etc/csf/csf.fignore]]

Error [Firewall_Settings_Trackingprocessignore]. Message [Unable to read file [/etc/csf/csf.pignore]]

Error [Firewall_Settings_Trackinguseridignore]. Message [Unable to read file [/etc/csf/csf.uidignore]]

Error [Firewall_Settings_Superuserignore]. Message [Unable to read file [/etc/csf/csf.suignore]]

Error [Firewall_Settings_Logscannerignore]. Message [Unable to read file [/etc/csf/csf.logignore]]

Error [Networkinfo_Settings]. Message [Unable to read file [/etc/csf/csf.conf]]
 
also when i try restore warden settings.xml i got ERROR: Allowed memory size of 268435456 bytes exhausted (tried to allocate 20480 bytes) (MySQLi.php:171)
 
papahausa said:
Error [Firewall_Settings_Initial]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Port]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_General]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Smtp]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Portflood]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logging]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Portknocking]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Redirect]. Message [Unable to read file [/etc/csf/csf.redirect]]

Error [Firewall_Settings_Denyserverip]. Message [Unable to read file [/etc/csf/csf.sips]]

Error [Firewall_Settings_Docker]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Loginfailure]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Loginfailurecustomtrigger]. Message [Unable to read file [/usr/local/csf/bin/regex.custom.pm]]

Error [Firewall_Settings_Reporting]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Temptoperm]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Globallist]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Blocklist]. Message [Unable to read file [/etc/csf/csf.blocklists]]

Error [Firewall_Settings_Dirwatch]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Dirwatchpath]. Message [Unable to read file [/etc/csf/csf.dirwatch]]

Error [Firewall_Settings_Trackingdistributedattack]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackinglogin]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingconnection]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingprocess]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingportscan]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackinguserid]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Trackingaccount]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Messenger]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Cluster]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logscanner]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Logscannerlogfile]. Message [Unable to read file [/etc/csf/csf.logfiles]]

Error [Firewall_Settings_Statistics]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Sysloguser]. Message [Unable to read file [/etc/csf/csf.syslogusers]]

Error [Firewall_Settings_Logginglogfile]. Message [Unable to read file [/etc/csf/csf.syslogs]]

Error [Firewall_Settings_Rbl]. Message [Unable to read file [/etc/csf/csf.rblconf]]

Error [Firewall_Settings_Cloudflare]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Cloudflareuser]. Message [Unable to read file [/etc/csf/csf.cloudflare]]

Error [Firewall_Settings_Osbinary]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Oslogfile]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Osport]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Osmisc]. Message [Unable to read file [/etc/csf/csf.conf]]

Error [Firewall_Settings_Deny]. Message [Unable to read file [/etc/csf/csf.deny]]

Error [Firewall_Settings_Allow]. Message [Unable to read file [/etc/csf/csf.allow]]

Error [Firewall_Settings_Allowdyndns]. Message [Unable to read file [/etc/csf/csf.dyndns]]

Error [Firewall_Settings_Ignore]. Message [Unable to read file [/etc/csf/csf.ignore]]

Error [Firewall_Settings_Rdnsignore]. Message [Unable to read file [/etc/csf/csf.rignore]]

Error [Firewall_Settings_Dirwatchignore]. Message [Unable to read file [/etc/csf/csf.fignore]]

Error [Firewall_Settings_Trackingprocessignore]. Message [Unable to read file [/etc/csf/csf.pignore]]

Error [Firewall_Settings_Trackinguseridignore]. Message [Unable to read file [/etc/csf/csf.uidignore]]

Error [Firewall_Settings_Superuserignore]. Message [Unable to read file [/etc/csf/csf.suignore]]

Error [Firewall_Settings_Logscannerignore]. Message [Unable to read file [/etc/csf/csf.logignore]]

Error [Networkinfo_Settings]. Message [Unable to read file [/etc/csf/csf.conf]]
Click to expand...

solved. was problem with dns settings.
 
papahausa said:
also when i try restore warden settings.xml i got ERROR: Allowed memory size of 268435456 bytes exhausted (tried to allocate 20480 bytes) (MySQLi.php:171)
Click to expand...
i use this for change mamory

  1. vi /usr/local/psa/admin/conf/php.ini
  2. Increase the memory_limit value to 512M:
    memory_limit = 512M
But, when i try again import settings, after a few time i got white page.
1755429472088.png
 
We would love some insight on an issue if anyone has any thoughts.

We quit getting emails from a major hospital network. We had the emails sent to a gmail account and found the sender's IP address. We then searched though the Juggernaut interface for IP Table Logs, searching for the IP address, but found no rejections. We do have some GEO blocks, so we tested the IP address via the Juggernaut GEO Tools lookup, and Juggernaut shows the IP to be U.S. based which is allowed. We also searched via the IP search queries on the Juggernaut home page. Searches were also run in the Deny tab, and no reference to the sending IP address ever appeared.

Then, as a test, we whitelisted the IP range for the sender's IP in the "Allow" tab, and the emails started coming in immediately.

While this one instance is fixed via a workaround, it does make us wonder what other emails we're missing.

Any idea what we're missing as to what function in Juggernaut that could be blocking this, and why we can't find a record of the block in the IP Tables Logs?

Thanks in advance for any insight.
 
@MacGyver You should always use the IPtables search on the dashboard or using the command line instead of trying to search the Logs -> IPTables logs:

To search for an IP address

Code: 
csf --grep <ipaddress>

It will tell you exactly what is being blocked and more importantly the reason why it was blocked in the first place. Drop incoming logging is not enabled default because its too verbose and will slow down the server. Most people would be better off just using the search. If you really want to turn it on you can enable it under Settings -> Logging Settings -> Drop incoming logging.
 
Thank you for the insight. I actually did search via the Dashboard IP Tables search first, but found nothing for the IP which was odd, because as soon as I set it up under "Allow" it came right in,

On the IP Tables Logs, I'm a bit confused. I do see "Blocked" entries under Logs > IPtables Log. Here is an example of what I see:

1762366545912.png

However, again, I saw no "Blocked" entries for the IP that was not delivering.

I do see the "Drop incoming logging" and perhaps that will be good to enable just when we're troubleshooting. Thank you for that insight.

Is a "Blocked" different than a "Drop?"
 
@MacGyver You can hover your mouse over every setting in Juggernaut to get detailed information about what each setting does:


Without "Drop incoming logging" enabled an IP address being blocked from country blocks or blocklists would not be logged to the Iptables log. The dashboard search should search everything that CSF uses: permanently denied, temporarily denied, blocklists, country blocks. That's the reason why it's recommended.
 
That's what I thought, and why I searched from the Dashboard. That leads to more questions than answers. Nothing at all came up, yet the emails weren't delivering, but once I put the range in the Allowed tab, all the back emails arrived. Very frustrating, but it sounds like there is nothing left to check. Thank you for the replies.
 
You must log in or register to reply here.

Similar threads

H
Issue Can't connect to server - Remote RDP - Firewall settings link not working in Plesk. Any other method?
Replies
1
Views
344
Sebahat.hadzhi
Sebahat.hadzhi
Z
Issue Major security inconsistency in Plesk admin access control logic
Replies
7
Views
3K
zigzag
Z
wakabayashi
Question SMTP Firewall - is it possible to block brutforce attacks?
Replies
3
Views
2K
Vladimir C.
V
wasiwarez
Issue Issues with Plesk/bind configuring as master and slave nameserver
Replies
6
Views
374
wasiwarez
wasiwarez
T
Issue Unable to whitelist Cookiebot scanner in Plesk (tried all usual methods)
Replies
6
Views
746
Tim den Dikken
T
Back
Top