• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Plesk Firewall [Do I have to open all ports when switching from another firewall to Plesk Firewall?]

othmaqsa

Regular Pleskian
Server operating system version
Version 18.0.52
Plesk version and microupdate number
Ubuntu 20.04.6 LTS
Hello,

If I I want to use the Plesk Firewall instead of Ionos Firewall, I need to open all ports in Plesk Firewall before remove them from Ionos ?

Note: I want to switch to Plesk Firewall so that I can use the feature of denying countries.
 
Sounds like you're going from a network firewall, to a server level firewall. They can work in tandem if you want.

I would close what ports are not needed within the Plesk Firewall, before disabling the old one.
 
I would not recommend opening anything that you have in your data center firewall. Why not leave ports closed there so that some bad traffic cannot reach your server in the first place. The Plesk Firewall is the on-server firewall that you'd normally use in addition to the data center firewall (as @MarkM correctly pointed out). Using both will give you extra security. It is not necessary to disable your data center firewall when you want to use the Plesk Firewall.
 
I would not recommend opening anything that you have in your data center firewall. Why not leave ports closed there so that some bad traffic cannot reach your server in the first place. The Plesk Firewall is the on-server firewall that you'd normally use in addition to the data center firewall (as @MarkM correctly pointed out). Using both will give you extra security. It is not necessary to disable your data center firewall when you want to use the Plesk Firewall.
Ok, so if I understood correctly, I can install Firewall Plesk and use the feature of blocking countries while leaving the ports disabled on Firewall Plesk and enabled on Firewall IONOS?
 
Sounds like you're going from a network firewall, to a server level firewall. They can work in tandem if you want.

I would close what ports are not needed within the Plesk Firewall, before disabling the old one.
Ok, thank you.
 
When you do not enter a specific port, the block applies to all ports. This includes the web service and mail ports.
 
Hello @Peter Debik

Thank you for your message.

I have installed the Firewall. Now before enabling the Firewall in Plesk, I want to disable all the default rules and add 1 custom rule (Deny country).

Note: I want to deactivate the default rules because the same rules are already open in the Data Center Firewall.
 
Sounds like you're going from a network firewall, to a server level firewall. They can work in tandem if you want.

I would close what ports are not needed within the Plesk Firewall, before disabling the old one.
When you do not enter a specific port, the block applies to all ports. This includes the web service and mail ports.

Thank you guys. :)

You can now mark this thread as resolved.
 
When you do not enter a specific port, the block applies to all ports. This includes the web service and mail ports.

Hello guys.

I just enabled country block using Workaround II but i still receiving e-mails from Russia for example, which is correctly blocked (tested with VPN) for nginx. Mail server keeps receiving spam from domain names associated to IP addresses from RU.

Any idea?
Thanks
 
Are these mails really sent from an IP address in the blocked range? Or are they coming from another SMTP server outside the range?
 
Maybe because the Workaround II, it only blocks the access to the Website, not mail.

You must use the Plesk firewall.
Hello guys.

I just enabled country block using Workaround II but i still receiving e-mails from Russia for example, which is correctly blocked (tested with VPN) for nginx. Mail server keeps receiving spam from domain names associated to IP addresses from RU.

Any idea?
Thanks
 
Are these mails really sent from an IP address in the blocked range? Or are they coming from another SMTP server outside the range?
For example, today I received an e-mail from this address: [email protected]

Check this header:
spf=pass (sender IP is 188.127.251.135) smtp.mailfrom=[email protected] smtp.helo=mail4.srnart-gas.com

This IP is from Russia: 188.127.251.135 IP Address Geolocation Lookup Demo | IP2Location

You must use the Plesk firewall.
Ok, but how?

Thanks!
 
Ok thanks. But, how do I country block smtp/imap/pop3 requests at server level? Or better, block all ports and services.
With the Plesk firewall, you can block a bunch of countries using the ISO 3166 country codes , all ports (incoming) and place the deny rule at the top.

This way, you will block incoming traffic for the websites and email.
 
Back
Top