• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question Plesk seems to block one specific IP

J

joe-td

New Pleskian
I seem to have managed the masterpiece of blocking my remote office IP from Plesk.
Can someone please point me in the right direction?

I have looked through the Jails, the logs and tried to re-configure iptables.
But my IP is still denied all access.
I can't get to any web content, or even ping the address to our main office building. All things work, as far as I can see, from any other IP. Just not the one.
Now, I am at a loss as to where I should continue my search.
Any tips would be most welcome!
Thank you for your time. I appreciate it!

JoE
 
Could the blockade be at some other place? Perhaps your office netwrok is blocking the IP(s) of your server. Instead of the server blocking your office IP? Alternatively could there be any blockade at the DNS level?
 
This is entirely possible. I have gone through the security settings, and contacted Zyxel support about it already, and it seems my IP is not at all blocked in the router or it's firewall.
Blockade at DNS level seems like a hope. I can search it and see what turns up. Is there any specific place I should go and look first?
Thank you SO much for your time and input!
 
I was thinking that if you used a DNS provider like CloudFlare there are perhaps some firewall settings on their end blocking your server access. I am no CloudFlare expert, so this might be a bit far fetched.
 
Last edited:
Rasp said:
I was thinking that if you used a DNS provider like CloudFlare there are perhaps some firewall settings on their end blocking your server access. I am not CloudFlare expert, so this might be a bit far fetched on my end.
Click to expand...
No. We don't use any such services.
And I even get blocked trying to access the hosted domains via ip-adress. I can't get anywhere, if I am at the remote office.
I am really quite stumped on this one.
But thanks for the suggestion. I appreciate the help, even if it doesn't solve my problem now.

I don't even know what to search for in this case.
/JoE
 
Can you connect to/access other services on your server? SSH for example? Or any mail service (POP, IMAP, SMTP)?
 
How many devices are connected to your office network? Have you tested using another device within your office network to access your server? To rule out the possibility that the issue might on your own computer/device.
 
Rasp said:
How many devices are connected to your office network?
Click to expand...
Please define or elaborate.
Are you thinking of how many devices in my remote office network, or on the same network as Plesk?
I am a bit unsure about what to answer here. Sorry.
 
Sorry, I posted my previous post to soon and edited it afterwards to supplement my question. My mistake.

You stated that the issue only occurs from your (remote) office network. I was thinking that perhaps the issue is not at your server firewall or at your office Zyxel modem/router/switch firewall, but at your own computer/laptop? So if you have any other device (computer, laptop, tablet, smartphone, ect) available that's also connected to your (remote) office network use that second device to rule out the possibility that the blockage might on your primary computer/device.

Maybe you've already tested this. Just wanted to make sure. Happend to me before and it took me way to much time to figure out the issue was at my own laptop :)
 
Yes, this was perhaps not entirely we explained on my part.
I have tested with a desktop computer, a laptop, and a smartphone. That's why I was focusing on the network, rather than a device.
The same devices can access the Plesk server if connected to another network, with a different external IP.
This is why I am thinking it is based on the IP address.
I can set up a virtual machine with Linux, or use a liveUSB to test as well, but I have a strong suspicion that the result will be the same.
Thank you so much for using your valuable time on my problem.
I really appreciate it!
/JoE
 
Alright, I see. Than the issue is most likely at your server of maybe at your provider.

Last two things I can think of are that the issue could also be at the firewall of your provider (if they have any). Some providers, like DigitalOcean, provide a firewall service you can use in front of your server. Not sure if you use any? Perhaps it got switched on accidentally? Or perhaps your provider has an firewall, but you can't access it. Might be worth asking your provider.

The other thing would be to check Fail2ban, the Plesk Firewall and iptables again and see if instead of your office IP address got blocked the whole IP subnet got blocked somehow.
 
Rasp said:
Alright, I see. Than the issue is most likely at your server of maybe at your provider.

Last two things I can think of are that the issue could also be at the firewall of your provider (if they have any). Some providers, like DigitalOcean, provide a firewall service you can use in front of your server. Not sure if you use any? Perhaps it got switched on accidentally? Or perhaps your provider has an firewall, but you can't access it. Might be worth asking your provider.

The other thing would be to check Fail2ban, the Plesk Firewall and iptables again and see if instead of your office IP address got blocked the whole IP subnet got blocked somehow.
Click to expand...
I know that our network is connected via a firewall and a fiber modem. The modem is sat in bridge mode, so the firewall does all the work.
The logs in the firewall reports that my IP is getting through to the correct local IP.
I haven't thought to check for a subnet ban. Will do tomorrow.
You have given me hope, Rasp.
And believe me, I deeply appreciate that!
/JoE
 
Can you check with traceroute how close you get to the destination host before it fails?
 
joe-td said:
Thank you. I will look into this when I am onsite again.
Much appreciated!
Click to expand...
Did you ever figure out where the IP address was blocked and how to fix it? We have the same situation now. The IP address of one of my customers is blocked from doing anything to the server. He cannot view any of his websites, ping, or SSH from his house. He can take the same computer elsewhere and does not have any problem connecting. My firewall is not blocking him. His home IP is not banned in Plesk nor can I find it in the Fail2Ban log on the server. I am perplexed!
 
Hi,
i have same problem. A remote server can ping plesk ad all work for few second. If i disable firewall all return to work for few second, if i reenable firewall all come back to work for few sencond. The ip is not blacklisted and with tcdump i see incoming request... This is a very big problem for me !!! Please help me !!!
 
You must log in or register to reply here.

Similar threads

michaeljoseph01
Question How to block non-mail traffic to certain ip?
Replies
1
Views
699
MarkM
MarkM
P
Issue plesk firewall 2.1.5-412 still has problems
2
Replies
20
Views
2K
PeterKi
P
Tim_Wakeling
Issue Firewall suddenly took Plesk down overnight
2
Replies
23
Views
2K
Peter Debik
P
finbarr69
Question Plesk Email Security - block emails for reply-to of a different domain from sender
Replies
2
Views
750
finbarr69
finbarr69
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
2K
The 8th
The 8th
Back
Top