• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Please beaware of a breaking change in the REST API on the next Plesk release (18.0.62).
    Starting from Plesk Obsidian 18.0.62, requests to REST API containing the Content-Type header with a media-type directive other than “application/json” will result in the HTTP “415 Unsupported Media Type” client error response code. Read more here

What is apsc (listening on port 6308)?

B

Barungar

New Pleskian
Hello,

I've tried searching this forum for "apsc" and "port 6308". Sadly I can't find any conclusive information to my question.

So here's my question: What is apsc? I found an apsc.conf (in /etc/sw-cp-server/conf.d) the file contains the line "listen 6308 ssl;". So far that explains why sw-cp-server is listening on that particular tcp port.

Which service is provided by apsc? Can I change it to listen only to 127.0.0.1? I like my server to have a minimum of open ports to the public.

Thanks,
Barungar
 
apsc - application service controller. It is part of Plesk. On my test server I see:

# lsof -i tcp:6308
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sw-cp-ser 20809 root 7u IPv4 121005997 0t0 TCP *:6308 (LISTEN)
sw-cp-ser 20810 sw-cp-server 7u IPv4 121005997 0t0 TCP *:6308 (LISTEN)

It is correct behaviour.
Please do not touch apsc and this port. Consequences may be unpredictable.
 
Okay, so it is the "application service controller". Why does this tool need a listening port? See, I just want to understand why any tool/program opens a listening port on my server. It's nice to know that it is part of plesk and all seems to be right. But I'd like to know why this apsc needs a listenning port. Thanks.
 
Actually this port and corresponding vhost section in sw-cp-server config is a part of integration Plesk with other Parallels Automation solutions like PBAS, POA, etc. You can safely comment this vhost section in config and this port will not listen if you do not use mentioned integration.
 
Thanks, IgorG.

So I will change the line "listen 6308 ssl;" to "listen 127.0.0.1:6308 ssl;" in /etc/sw-cp-server/conf.d/apsc.conf
That should stop this service from listening to the public.

Barungar
 
How does one alter the software listening on that port to not accept SSLv3 so it doesn't cause PCI scan failures?
 
IgorG said:
Actually this port and corresponding vhost section in sw-cp-server config is a part of integration Plesk with other Parallels Automation solutions like PBAS, POA, etc. You can safely comment this vhost section in config and this port will not listen if you do not use mentioned integration.
Click to expand...

IgorG, would it be safe to assume that adding 127.0.0.1 to the "Source Address" in the firewall for port 6308, thus blocking the port from the public, should have no consequences?
I am controlling the iptables firewall in the Parallels Power Panel.
 
G J Piper said:
IgorG, would it be safe to assume that adding 127.0.0.1 to the "Source Address" in the firewall for port 6308, thus blocking the port from the public, should have no consequences?
I am controlling the iptables firewall in the Parallels Power Panel.
Click to expand...
Yes, I think you can do it safely for Plesk, but I'm not sure about "Parallels Power Panel".
 
You must log in or register to reply here.

Similar threads

adocsys
Resolved How to add HTTP Security Header on port 80?
Replies
3
Views
630
adocsys
adocsys
P
Resolved How to expose a Docker port to the public?
Replies
1
Views
1K
philippL
P
sundowatch
Resolved All docker ports are blocked
Replies
3
Views
2K
giovanni.lorenzini
G
F
Question Setting php-fpm to listen to 127.0.0.1:9000 by default on all domains
Replies
9
Views
9K
francescoca
F
J
Question How to hide port in Nginx forwarding / change listening port
Replies
0
Views
1K
jasmines
J
Back
Top