Question Whitelisting IPs in Firewall > How to include our dynamic IP?

[FlowinBeatz]

Server operating system version

Ubuntu 18.04.4. LTS

Plesk version and microupdate number

18.0.60 Update #1

Hi all,

our client forces us to blacklist all IPs in the firewall but Cloudflare which he wants to route all traffic through.

I was wondering how I can ensure my own access to Plesk as we don't have a company network with static IPs or similar.
Do I really have to use a VPN service with static IPs to maintain access to Plesk? Do you guys have any other ideas to authenticate on Plesk's web interface with these settings?

Many thanks in advance
Philipp

 

[scsa20]

Are you talking about for accessing the control panel or for SSH access? If for SSH access, you shouldn't be leaving this publicly open to begin with and instead use other means for securely accessing it such as using a service like teleport or any other number of services that allows secured access.

In either case, the Plesk firewall uses iptables (like most of other firewall services) and so you can't simply utilize a DDNS domain since iptables is IP based. What you can do, however, is utilize Plesk's command line interface to update the information utilizing a shell script to get the information although at that point I'd ditch the Plesk firewall and opt to just do everything manually with iptables since this way you would have more control over it when scripting it out. Refer to https://support.plesk.com/hc/en-us/...rules-using-Plesk-Firewall-in-Plesk-for-Linux for how to use the Plesk firewall and Create iptables Rules Based on Hostname Using an IPSet - Putorius for setting up automations to check for your DDNS IP address (just update the commands to utilizes Plesk's if sticking with Plesk's firewall extension) but I would also highly suggest that you test test and test on a dummy server before implicating it on your real server