• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Plesk access multi-IP

A

Arnaud GUY

New Pleskian
Hello,

I've a centos server with 10 ip adress, and plesk 17.0.17
I would like to restrict access to plesk and ssh server to an ip address for security reasons. Is that possible?

Thanks you so much,
Arnaud
 
Thanks for your reply.
I'hve test this, but if i modify Parallels Admin Admin Plesk Panel Allow incoming from XX.XX.XX.XX

XX.XX.XX.XX.XX Is one of my 10 ip addresses from the plesk server. The connexion with the server are lost and the configuration is not applY.
 
Hi,
I think that is misunderstood. What you say works but with the ip of my box. But what I seek to do is restrict access to plesk to an ip from my server.
Thanks
Arnaud
 
Arnaud GUY said:
Hi,
I think that is misunderstood. What you say works but with the ip of my box. But what I seek to do is restrict access to plesk to an ip from my server.
Thanks
Arnaud
Click to expand...

It is possible.

For plesk, edit /etc/sw-cp-server/conf.d/plesk.conf and remove all server IPs except the ip that you want and 127.0.0.1 ie

Code: 
server {
                listen 1.2.3.4:8443 ssl http2;
                listen 127.0.0.1:8443 ssl http2;
                listen 1.2.3.4:8880;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

then execute # service sw-cp-server restart

For ssh, edit /etc/ssh/sshd_config and comment/remove all 'ListenAddress' entries and 'AddressFamily any', then add

Code: 
ListenAddress 1.2.3.4

then execute # service sshd restart

Cheers
 
Hi,
Wiz said:
For plesk, edit /etc/sw-cp-server/conf.d/plesk.conf and remove all server IPs except the ip that you want and 127.0.0.1 ie
Click to expand...
It"s no possible to remove ip because i have not ! my file plesk.conf :
Code: 
server_names_hash_bucket_size  64;

server {
                listen 8443 ssl;
                listen 8880;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

I'have add my ip adress and restart sw-cp-server, but it's not ok.
It's the same with ssh, listen adresse and familyadress are comments !

Thanks
 
Arnaud GUY said:
It"s no possible to remove ip because i have not !
I'have add my ip adress and restart sw-cp-server, but it's not ok.
It's the same with ssh, listen adresse and familyadress are comments !
Click to expand...

Please paste your current plesk.conf config but replace the ip you want to use with x.x.x.x

Also for ssh, you need to have only 1 'ListenAddress x.x.x.x' entry .. if this is the case, please paste the first 50 lines of your sshd_config
 
Sanity check - Are you trying to have plesk accessable on only one of the 10 ips you have or are you trying to restrict access to plesk so that only one of the 10 ips is able to access it?
 
My current plesk.conf
Code: 
server_names_hash_bucket_size  64;

server {
                listen 8443 ssl;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}
and I've add listen XXX.XXX.XXX.XXX 8443 ssl;
 
Wiz said:
Sanity check - Are you trying to have plesk accessable on only one of the 10 ips you have or are you trying to restrict access to plesk so that only one of the 10 ips is able to access it?
Click to expand...
I am trying to have access to plesk only on one of the 10 ip of my server.
 
Arnaud GUY said:
I am trying to have access to plesk only on one of the 10 ip of my server.
Click to expand...

Then I understood you correctly the first time..

Edit plesk.conf with:
Code: 
server_names_hash_bucket_size  64;

server {
                listen x.x.x.x:8443 ssl;
                listen 127.0.0.1:8880 default_server;
                include conf.d/*ipv6_ports.inc;


                ssl_certificate /usr/local/psa/admin/conf/httpsd.pem;
                ssl_certificate_key /usr/local/psa/admin/conf/httpsd.pem;

                include conf.d/*plesk.inc;
                include conf.d/*wpb.inc;
}

Replace x.x.x.x with the ip you want plesk running on.

Then execute the following via shell -
# service sw-cp-server restart && service sw-engine restart

Plesk should now only be accessable/listening on x.x.x.x
 
You must log in or register to reply here.

Similar threads

E
Resolved CLI command plesk bin subscription -u example.net -ip 123.123.123.213 is not working
Replies
2
Views
954
Exou
E
Zalem Citizen
Question PHP net_get_interfaces and IPs privacy
Replies
0
Views
665
Zalem Citizen
Zalem Citizen
weareimpulse
Issue IP Access restriction - locked out of PLESK
Replies
3
Views
600
trialotto
T
majdi draouil
Question How to Block Direct IP Access and Ensure All Traffic Routes Through Cloudflare
Replies
1
Views
646
Raul A.
R
F
Question IPv4 forwarding rule
Replies
8
Views
369
alvarezcruz
alvarezcruz
Back
Top