1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice

plesk firewall

Discussion in 'Plesk for Linux - 8.x and Older' started by faris, Sep 6, 2005.

  1. faris

    faris Guest

    0
     
    I think I'm going mad. Or at least madder than I previously was.

    I've been playing with plesk 7.5.3 on a test box (RedHat 9). One of the things I wanted to try was getting a tftp server running. To my surprise it worked "out of the box". And considering I had the Plesk firewall turned on, I found this amazing.

    Then I looked closely, and discovered that the default policy for anything not explicitly defined in the firewall is to ALLOW rather than DENY.

    This seems insane to me.

    Does everybody who uses the Plesk firewall normally swap the default rule over to DENY rather than ALLOW (which I discovered I could do with a single mouse click) or could I have done something daft at some point without realising it?

    Having said that, my two production boxes are also set to ALLOW rather than DENY. It doesn't matter because there's another firewall in front of them, and all non-essential services are switched off. But still, it really seems totally mad.

    Have I missed something?

    Faris.
     
  2. glennj

    glennj Guest

    0
     
    I was wondering this also... thought I must have missed something also as it seemed crazy.

    However, I have changed it to deny all and it seems ok... :confused:
     
  3. faris

    faris Guest

    0
     
    I'm glad it isn't just me then. Whew!

    I'm half afraid of switching it in case something that used to work stops working :) But since I should already have created the correct rules to start with....

    Faris.
     
  4. acidbox

    acidbox Guest

    0
     
    I have my INCOMING and FORWARDING set to deny, but my OUTGOING set to allow. The reason is because when I denied outgoing, it completely hosed my server. FTP stopped working, wget stopped, DNS stopped etc... Was not fun.
     
Loading...