• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Plesk won't work with IPTables

E

echolima

Guest
I have installed Plesk to try it on a Fedora Core 2 server. I am behind a router and don't know quite how to configure iptables. If I turn iptables off I can get to the admin section but cannot if I turn on the iptables. Any help and/or adivce would be appreciated. Thank you.
 
Plesk runs on TCP port 8443, so add a rule to iptables to allow TCP 8443.

If you aren't comfortable managing iptables rules manually, I'd recommend using apf as it is very robust, and has pretty easy to use configuration files.
 
I knew I had to add port 8443 and a few other ports but how do I enter that in iptables? Does anybody have any examples I can go from?
 
The easiest way to do it (on a RH based system) is simply edit /etc/sysconfig/iptables & restart iptables after you make the changes. The rules themselves your look something like:

-A INPUT -p tcp -m tcp --dport 8443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT

etc...
 
What are the risks of having the iptables off if behind a router?
 
Obviously the risks are much higher if you are not filtering on the server, and do not have a real firewall between it and the internet. That being said, a firewall in and of itself wont protect your server. It is just another layer of security. Your server will most likely be compromised through a port that you must allow through the firewall anyway (http, dns, smtp, etc). However, if used in conjunction with something like BFD, and/or mod_evasive you can at least mitigate such attacks. BFD is cool because it works in conjunction with APF. You set a threshold, and it "watches" the ports you tell it to. When someone tries to brute force attack a port/service, it will automatically inject a rule into your iptables for the offending IP.

There are a lot of things you can do to help secure your server, but as it has been said in the past, the only way to secure a server is to turn it off.
 
You must log in or register to reply here.

Similar threads

S
Issue Cant activate the plesk firewall
Replies
5
Views
875
martinez.marcias@gmai
M
E
Resolved NGinx deny rules and Firewall (iptables?)
Replies
4
Views
2K
epertinez
E
tony2452
Checking Automatic Updates
Replies
2
Views
599
Kaspar@Plesk
Kaspar@Plesk
R
Resolved After migration: Mail delivery does not work: do not list domain in BOTH mydestination and virtual_mailbox_domains
Replies
8
Views
617
RomanLed
R
Tim_Wakeling
Issue Firewall suddenly took Plesk down overnight
2
Replies
23
Views
3K
Peter Debik
P
Back
Top