• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Plesk Firewall doesn't work !!

xx1Andy1xxx

xx1Andy1xxx

New Pleskian
Server operating system version
Ubuntu 22.04
Plesk version and microupdate number
Plesk Obsidian
Ubuntu 22.04 & Plesk Obsidian = Not Good

Plesk Firewall does not work ...

Every Article in this Forum does not work to enable the Plesk Firewall - Only Errors

A new Ubuntu 22.04 & Plesk Obsidian installation and nothing works anymore. This software is not worth a penny anymore !!
Command '['/usr/local/psa/var/modules/firewall/firewall-new.sh']' timed out after 14.997228860855103 seconds

Mailserver Errors ....
 
Hi @xx1Andy1xxx, sorry to read that the firewall extension is causing trouble. Just today I had fit 20 production servers with a 5 digit number of domains on them with the new firewall extension and as I read a lot on our forum about it I expected trouble, too, - but it all worked like a charm. So I did not experience the same with the latest version of the firewall extension. So maybe we can find a solution for your server, too?

Please first make sure that you have the latest version of the Plesk Firewall extension and the latest version of Plesk. Your version is not mentioned in the post above, but it should be 18.0.53 with update #2. Your Firewall extension should be version 2.1.1-397. Can you confirm that this is the case?

I see that your attempt timed out barely <15 seconds. Have you considered to give the system a bit more time, e.g. 90 seconds? You could for example try this in your panel.ini file:

Code: 
[ext-firewall]
confirmTimeout = 90 ; the timeout in seconds before the configuration is rolled back
confirmTimeoutCli = 180 ; the timeout in seconds for the --confirm CLI command
 
That's the Answer of the Firewall:

Did not receive a matching activation token before confirmation timeout
 
And another Error:

Command '['/usr/local/psa/var/modules/firewall/firewall-emergency.sh']' timed out after 5 seconds

with this Config in panel.ini

[ext-firewall]
confirmTimeout = 90 ; the timeout in seconds before the configuration is rolled back
confirmTimeoutCli = 180 ; the timeout in seconds for the --confirm CLI command
 
And the next Error:

I did not receive connectivity confirmation after applying new firewall configuration, then same happened after I reverted to previous configuration. This means that both new and previous configurations were bad. Emergency rollback to configuration without rules was performed. Firewall is now disabled. Fix your rules and try again. And the Rules "ARE FROM PLESK" !!!
 
And the next Error:

Network Error !!!

And now you can kick the system into the bin !!

NOW MONEY FOR PLESK !!! IT'S BULLSHIT !!!
 
@xx1Andy1xxx, did you configure any custom rules in Firewall before? I am asking, because it makes no sense that the firewall cannot be started when it comes out of the box, because then you'd not be in the situation where you need to restart it. It only makes sense if custom rules have been added. In that case, either "from" or "ports" fields have been left empty. You could try to fix the situation by removing the extension from the Extensions menu, then reinstalling it. It will then only install the Plesk default ruleset which should work out of the box.
 
The problem with the firewall extension is the apply and confirm procedure, its not consistent.

And good luck doing it from CLI.

Can this --confirm requirement before rolling back to a previous config or an emergency configuration be disabled. I mean I know its a protection thing incase you lock yourself out of a server but c'mon thats on the user.
 
One reason for this not to work can also be a special configuration setting in panel.ini:
Code: 
[task]
syncExecution=true
That must not be there, else applying the rules will probably fail. It is not there by default, but it seems that some users have this setting in their panel.ini file, and these are experiencing issues with firewall rules. Reference EXTPLESK-4798.
 
Unfortunately, threads cannot be merged as such a feature does not exist in the board software.
 
You must log in or register to reply here.

Similar threads

S
Issue Cant activate the plesk firewall
Replies
5
Views
817
martinez.marcias@gmai
M
M
Resolved Failed to apply the firewall configuration
Replies
2
Views
3K
MrPleskLearner
M
S
Resolved Problem receiving email after server restart
Replies
3
Views
1K
smilan
S
learning_curve
Issue Plesk updates when running Ubuntu 24.04.1 LTS - Possible Installer Plesk bug?
Replies
2
Views
311
learning_curve
learning_curve
hansitheking
Resolved Let's Encrypt: Timeout during connect (likely firewall problem)
Replies
4
Views
9K
trialotto
T
Back
Top