• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Problem with latest Plesk 12 Update and IP Tables

I

Illiminator31

New Pleskian
Hello,
i have a really bad Problem since one of the latest Plesk Updates. When the PSA Service is running it goes nuts and banning all IP Adresses who try to connect to the service (as you can see in the Screen Attachment).
I think it is maybe Fail2Ban, the Problem is that the Command fail2ban-client stop (which is the command to stop it) dont work via SSH.
As soon as i stop the PSA Service and flush my IP Tables via Script they are clean. But when i start my PSA Service again, the Banning starts.
Is it Possible that it has Something to do with Dr.Webd?. When i start PSA it says Failed when he starting this Process (drwebd).
If searched the Forum and the Internet but cant really find a Suitable Topic or something like that, what describes my Problem.

I didnt change something by the way: This Problem occured short after a Automatic Update (I´ve got a Email where plesk tells me that a Update was installed).

Hopefully someone can Provice Assistance, cause i need my Mailserver to run as soon as possible.

Walter
 

Attachments

  • Screen.jpeg
    Screen.jpeg
    79.9 KB · Views: 5
Hi Illiminator31,

the command to stop fail2ban over SSH is: service fail2ban stop ( or /etc/init.d/fail2ban stop )
To start fail2ban, you will use the command: service fail2ban start ( or /etc/init.d/fail2ban start )

If you have errors or failures with a service, you will always have depending log - files, where you might have a look at, to investigate issues. Please bookmark:


... to make sure, that you always find relevant paths for investigations. If you need help with investigations, please make sure to post depending error - logs entries and try to include as well operating system and current Plesk version ( incl. MUs ).

If you post as well the depending configuration files, it is far easier for people willing to help you, because we don't have to guess, what might be a cause. :)
 
Hi
i´ve checked my Plesk and have seen that fail2ban is not installed on my System. Tought it would be f2b but thats not the reasone :(

I have put all logs together in one file, it is attached.

My System is Debian 7.3 Wheezy, My Plesk ist Plesk version:12.0.18 Update #30

When i checked the Logs (f.e Message.log etc) i have seen that most of them get not Updated and some are Empty. I´ve then checked my syslog and have seen that it has a Problem atm.

ps ax | grep syslog says:
7445 pts/0 S+ 0:00 grep syslog

When i use :
service rsyslog status

There is no response, same as with service rsyslog start

Im not sure why its not running and restarting dont change it. I checked the Init Script but that works. I´ve already contacted the Server Support and the look why syslog is not running. They Provide Basic Support (f.e why syslog not running) but no Support for Plesk.


Not sure if you can see from the Logs attached what it was.

Additional Information: I´ve had recently Problems with DDOS Attacks and Attacks and therefore i´ve tryed a Solution with CSF (Config Server Firewall) but Discovered that it dont work with Plesk. Is it maybe CSF what is banning all the IPs?.

btw: After i restarted the PSA Service 5 or 6 Times it now has Stopped. Was the Same last Time, but then it started again today. In Case the Logs dont help, would it be possible that we exchange Skype or Teamviewer and you may get Access to my Server and take a look by yourselfe?.

Lg
 

Attachments

  • Logs.txt
    19.5 KB · Views: 1
Last edited:
Hi Illiminator31,

first: I'm not a Parallels team member. I'm just trying to help people here in the forums, you might call it "solidarity help". I'm as well not providing any "personal" support here in the forums - I do this for the community and in threads.


The command "iptables -F" would "flush" all rules. To list all possible commands, please use the string "--help" ( -h ) => "iptables -h".

Plesk is just a help for system administrators, but it doesn't replace them completely. Plesk doesn't manage your operating system, it relies on the operating system and your very own package installations on your box. If you install an additional firewall, you have to configure it on your own - if you configure such an additional firewall wrong, you sure will have issues/problems. Consider uninstalling it completely from your system and use fail2ban instead, which is as well configurable over the Plesk Control Panel.
 
Hi,
yea ok thanks for the help. Tought "Product Expert" means something like Team Member :).

I´ve never Installed CSF cause i read on a few Forums that it will not work so good with Plesk what so ever.

I´ve now found the Problem:
1) I´ve checked my syslog Conf File and have seen that one of my Partners had made some additions and made a little Syntax mistake at 2 Points. So now my Logging runs again fine.

I will check the Logs again if the IPtables Thing happen again. Btw: I´ve already have a s.sh for that. Its simply a Flushing Script for my iptables, so know that.

Have a nice day
 
You must log in or register to reply here.

Similar threads

T
Issue mysqldump: Got error: 1932: "Table 'psa.WebsitesDiagnostic' doesn't exist in engine" when using LOCK TABLES
Replies
6
Views
529
TrevorM
T
L
Issue Update error Table 'psa.UserSettings' doesn't exist
Replies
4
Views
602
Sebahat.hadzhi
Sebahat.hadzhi
JerryTek101
Issue AtomicCorp Advanced Mod Security ruleset not installing latest rules - Debian 12 - Version 18.0.67
Replies
2
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
O
Resolved Update Plesk 18.0.68 on CentOS7 result in no website reachable and email not working anymore
Replies
3
Views
540
Onkeltom01
O
W
Question How to Prevent High Connection Counts Causing High Memory Usage (Possible DDoS?)
Replies
7
Views
2K
Bitpalast
Bitpalast
Back
Top