• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Plesk access multi-IP

Arnaud GUY

New Pleskian
Hello,

I've a centos server with 10 ip adress, and plesk 17.0.17
I would like to restrict access to plesk and ssh server to an ip address for security reasons. Is that possible?

Thanks you so much,
Arnaud
 
Thanks for your reply.
I'hve test this, but if i modify Parallels Admin Admin Plesk Panel Allow incoming from XX.XX.XX.XX

XX.XX.XX.XX.XX Is one of my 10 ip addresses from the plesk server. The connexion with the server are lost and the configuration is not applY.
 
Hi,
I think that is misunderstood. What you say works but with the ip of my box. But what I seek to do is restrict access to plesk to an ip from my server.
Thanks
Arnaud
 
Hi,
I think that is misunderstood. What you say works but with the ip of my box. But what I seek to do is restrict access to plesk to an ip from my server.
Thanks
Arnaud

It is possible.

For plesk, edit /etc/sw-cp-server/conf.d/plesk.conf and remove all server IPs except the ip that you want and 127.0.0.1 ie

Code:
server {
                listen 1.2.3.4:8443 ssl http2;
                listen 127.0.0.1:8443 ssl http2;
                listen 1.2.3.4:8880;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

then execute # service sw-cp-server restart

For ssh, edit /etc/ssh/sshd_config and comment/remove all 'ListenAddress' entries and 'AddressFamily any', then add

Code:
ListenAddress 1.2.3.4

then execute # service sshd restart

Cheers
 
Hi,
For plesk, edit /etc/sw-cp-server/conf.d/plesk.conf and remove all server IPs except the ip that you want and 127.0.0.1 ie
It"s no possible to remove ip because i have not ! my file plesk.conf :
Code:
server_names_hash_bucket_size  64;

server {
                listen 8443 ssl;
                listen 8880;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

I'have add my ip adress and restart sw-cp-server, but it's not ok.
It's the same with ssh, listen adresse and familyadress are comments !

Thanks
 
It"s no possible to remove ip because i have not !
I'have add my ip adress and restart sw-cp-server, but it's not ok.
It's the same with ssh, listen adresse and familyadress are comments !

Please paste your current plesk.conf config but replace the ip you want to use with x.x.x.x

Also for ssh, you need to have only 1 'ListenAddress x.x.x.x' entry .. if this is the case, please paste the first 50 lines of your sshd_config
 
Sanity check - Are you trying to have plesk accessable on only one of the 10 ips you have or are you trying to restrict access to plesk so that only one of the 10 ips is able to access it?
 
My current plesk.conf
Code:
server_names_hash_bucket_size  64;

server {
                listen 8443 ssl;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}
and I've add listen XXX.XXX.XXX.XXX 8443 ssl;
 
Sanity check - Are you trying to have plesk accessable on only one of the 10 ips you have or are you trying to restrict access to plesk so that only one of the 10 ips is able to access it?
I am trying to have access to plesk only on one of the 10 ip of my server.
 
I am trying to have access to plesk only on one of the 10 ip of my server.

Then I understood you correctly the first time..

Edit plesk.conf with:
Code:
server_names_hash_bucket_size  64;

server {
                listen x.x.x.x:8443 ssl;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

Replace x.x.x.x with the ip you want plesk running on.

Then execute the following via shell -
# service sw-cp-server restart && service sw-engine restart

Plesk should now only be accessable/listening on x.x.x.x
 
Back
Top