Issue Sometimes it is not possible to connect the panel via :8443.

[WSNHosting]

Server operating system version

Alma 8

Plesk version and microupdate number

18.0.62

I tested the accessibility. through various networks such as

Domestic networks, international networks, mobile networks

The result is that it can be accessed through the domestic network.

But cannot be accessed via mobile networks or foreign networks.

In the system, there is no firewall or any access settings configured.

Services are working normally. I can't figure out the cause of this problem.

But if you configure the url for panel access :443 as a domain, you can access mobile networks and international networks.

 

[WSNHosting]

some time timeout on :8443

 

[WSNHosting]

[root@server ~]# curl -I https://domain.com:8443
HTTP/1.1 303 See Other
Server: sw-cp-server
Date: Thu, 11 Jul 2024 23:29:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Thu, 11 Jul 2024 23:29:41 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: https://domain.com:8443/login.php
X-Content-Type-Options: nosniff

[root@server ~]# curl -I https://domain.com:8443
curl: (7) couldn't connect to host

 

[Kaspar@Plesk]

Connectivity issues can be hard troubleshoot. First place I'd look for more information would be the system logs.

Is it a virtual server (VM)? The reason I am asking is because if it is a virtual server you might want to ask your provider for help too. They might have a better tools to help you troubleshoot.

 

[Bitpalast]

Some networks don't allow ports 8080 or 8443. In many businesses, admins believe that 8443 is a security risk and block the port on their routers (for really no true reason). It is thinkable that this is the case for the networks you are in. if the same endpoint connects to the server port 8443 when using a different network, there is definitely a port block between client and server.

 

[Zakky]

Some networks don't allow ports 8080 or 8443. In many businesses, admins believe that 8443 is a security risk and block the port on their routers (for really no true reason). It is thinkable that this is the case for the networks you are in. if the same endpoint connects to the server port 8443 when using a different network, there is definitely a port block between client and server.

I apologize, I'm a beginner, and I seem to have a similar issue with this access. I created a thread with possibly the same question, just in simpler language. I can't access the panel via the subdomain.

 

[mow]

Connectivity issues can be hard troubleshoot. First place I'd look for more information would be the system logs.

and second, use tcpdump to listen to traffic on 8443 to check whether anything arrives at your server at all.

Some mobile providers use a lot of transparent proxying and several layers of NAT and may not route traffic on unusual ports.

 

[AYamshanov]

Just an idea, to check from different places what the tcptraceroute tool shows, probably, it helps to find where packets are filtered,

As an example for the plesk.com website and port 443,

# tcptraceroute plesk.com 443
Selected device enp0s3, address 10.0.255.10, port 51467 for outgoing packets
Tracing the path to plesk.com (172.64.147.135) on TCP port 443 (https), 30 hops max
 1  140.91.198.115  0.236 ms  0.163 ms  0.167 ms
 2  162.158.84.83  46.759 ms  71.967 ms  21.525 ms
 3  162.158.84.82  1.496 ms  1.529 ms  1.545 ms
 4  162.158.84.53  10.191 ms  3.959 ms  5.443 ms
 5  172.64.147.135 [open]  0.854 ms  0.825 ms  0.818 ms

 

[WSNHosting]

Just an idea, to check from different places what the tcptraceroute tool shows, probably, it helps to find where packets are filtered,

As an example for the plesk.com website and port 443,

# tcptraceroute plesk.com 443
Selected device enp0s3, address 10.0.255.10, port 51467 for outgoing packets
Tracing the path to plesk.com (172.64.147.135) on TCP port 443 (https), 30 hops max
 1  140.91.198.115  0.236 ms  0.163 ms  0.167 ms
 2  162.158.84.83  46.759 ms  71.967 ms  21.525 ms
 3  162.158.84.82  1.496 ms  1.529 ms  1.545 ms
 4  162.158.84.53  10.191 ms  3.959 ms  5.443 ms
 5  172.64.147.135 [open]  0.854 ms  0.825 ms  0.818 ms

i try test it

 

[AYamshanov]

It means the last address that answered is 202.[...].30, after that something is happening... there is no answer to what exactly but it can be some specific configuration or filtering (or the filtering is performed on the next router). Makes sense to compare different traceroutes to each other (where everything works and where the issue happened) to figure out could the issue be only in this one place.

According to APNIC Whois Search, the ip-address belongs to "CS Loxinfo", you also can find some of their email addresses to send them an email asking for help to trace the issue.

 

[WSNHosting]

I'm using Alma8 and I've asked my service provider. There is no firewall filtering data into my machine.

I'm wondering if it's Alma8 and the firewall and iptables.
But I turned off the firewall.

This problem makes me very confused. Everyone says there's no firewall or protection. within my network

 

[Dave W]

SSH in and go

systemctl status firewalld
systemctl status iptables
iptables -L -n

 

[WSNHosting]

here

 

[Dave W]

fail2ban is running on your server.
you can stop it from the Plesk Panel under Tools&Settings >> IPAddress Banning (I think its called)
or

systemctl stop fail2ban