Plesk 12.x / Linux :: Firewall Module Modified Iptables - FTP Not Working Now

Feb 13, 2015

I temporarily enabled and activated Plesk firewall module (which I wish I didn't the first time) and for some reason it seems to have overwritten the default iptables configuration that was set, leaving my ftp unable to be logged into. I tried to disable the firewall module and reboot the server. It didn't work.

I also noticed that it somehow seem to have changed my hostname to my previous server hostname as well

Is there any way to completely revert back to original iptables settings before enabling the Firewall module?

View 4 Replies


ADVERTISEMENT

Plesk 12.x / Linux :: Redirecting Port In Firewall Module?

Aug 25, 2014

How do we redirect port in Plesk firewall module without touching iptables? I saw forwarding but there was no destination port.

View 1 Replies View Related

Plesk 12.x / Linux :: PSA-Firewall Not Working Correctly?

Aug 23, 2014

When I modify rules using the firewall panel it is not generating rules correctly when selecting allow from selected sources deny from others.

View 2 Replies View Related

Plesk 12.x / Linux :: Firewall Allow Specific Source Deny Others Not Working?

Mar 28, 2015

In plesk I have set the ssh rule to allow from source, deny others and added my IP. However, if I connect my PC to my work VPN, I can still login via ssh, even when I am on a different IP as the allowed IP

View 18 Replies View Related

Plesk 12.x / Linux :: Firewall Enabled - FTP Stopped Working In Passive Mode

Aug 19, 2014

I am running Plesk 12 . Centos 6.5

I have Plesk Firewall Installed.

After the Plesk Firewall was enabled the FTP Stopped working in passive Mode.

I searched the net and found the following :

Code:

/etc/sysconfig/iptables-config and change the line with IPTABLES_MODULES to: IPTABLES_MODULES="ip_conntrack_ftp"

It started working.

I changed the default FTP port from proftpd.conf

Code:
port 2392
and /etc/services

Code:
ftp 2392/tcp
ftp 2392/udp fsp fspd

I allowed the new port in Plesk Firewall in Incoming connection and disabled port 21

Now I am not able to connect to the ftp, I get the following error. Have I missed anything ?

Code:

Response:257 "/" is the current directory
Command:TYPE I
Response:200 Type set to I
Command:PASV
Response:227 Entering Passive Mode (85,25,51,34,216,46).
Command:MLSD
Error:Connection timed out
Error:Failed to retrieve directory listing

View 4 Replies View Related

Plesk 12.x / Linux :: System Policy For Incoming Traffic - Firewall Not Working Correctly

Jun 25, 2015

When I deny all other traffic for the "System policy for incoming traffic" to secure the server by only allowing the explicit ports I've requested to open, my server stops operating correctly.

It appears when I set the "System policy for incoming traffic" to deny, it appears to be disrupting various functions such as web traffic over ports 80/443, FTP, SSH, they either work extremely slow or don't work at all.

I brought this up with my Plesk license provider and they stated that the Plesk firewall doesn't add any tracking for ephemeral ports, therefore if you set the policy to drop for incoming/outgoing, it's not going to allow proper TCP communication since the return socket can't be opened. Also that the firewall is an explicit deny system rather than explicit allow based system.

Am I doing something wrong? All I want to do is to block all ports other than the ones I've set to allow. Is this how it is supposed to work?

View 1 Replies View Related

Plesk Automation :: PPA Install On Infrastructure Running Parallels Cloud Server - IPTables / Firewall

Apr 9, 2014

I'm in the process of installing PPA on infrastructure running Parallels Cloud Server. Each container has 2 interfaces, one public facing and a private interface for inter-server communication.

No problems installing PPA 11.5 (specifying IP's on commandline) or adding service nodes however, the firewall rules the documentation speaks of are nowhere to be seen? i.e.:

Important: After the installation, PPA creates the special firewall chain PPA-SN-Rules-INPUT used for communication with service nodes. Do not change it, otherwise, you will not be able to add service nodes to PPA.Click to expand...

Has this been dropped from PPA 11.5 ? (I recall seeing the firewall settings in 11.1) There is also no sign of the ppa.firewall tool that is also mentioned.

The only rule I see inserted is for Postgres on the management node, and 2 for pleskd on all of the nodes (open to world!).

View 2 Replies View Related

Iptables Module

May 27, 2009

how can i chek that my iptables firewall have this module?
ipt_recent

and if it is not installed...

View 2 Replies View Related

Unknown Iptables Module

May 28, 2009

I've bought a basic unmanaged VPS, purely to learn things from it. The best way to learn imo is to hammer the hell out of things, break it, then try to fix it. Anyway, I think I'm part way there, pretty sure I've broken something

When I start the consoleSSH I get this at the top:

Warning: Unknown iptable module: xt_NFQUEUE, skipped
Warning: Unknown iptable module: xt_mark"IPTABLES="ipt_REJECT, skipped
Warning: Unknown iptable module: xt_NFQUEUE, skipped
Warning: Unknown iptable module: xt_mark"IPTABLES="ipt_REJECT, skipped
Warning: Unknown iptable module: xt_NFQUEUE, skipped
Warning: Unknown iptable module: xt_mark, skipped

Any ideas what's causing it and how I can fix it? ..............

View 5 Replies View Related

Apf :: Unable To Load Iptables Module (ip_tables), Aborting

Oct 6, 2006

root@myserver [/etc/apf]# apf -r
Opening /proc/modules: No such file or directory
Unable to load iptables module (ip_tables), aborting.

View 8 Replies View Related

APF Firewall Without Module Ip_tables

Oct 12, 2007

Will the APF firewall work without the "ip_tables" module? I contacted my server management company and told them my previous tech said enabling ip_tables module on any VPS on our system would cause a kernel panic. Their response was to install APF on the VPS in question and not enable ip_tables, saying it should still block IPs and ports that aren't supposed to be open. Is this true? Or am I getting the runaround?

View 5 Replies View Related

Plesk 12.x / Linux :: Pagespeed Module Compatibility

Mar 16, 2015

Our server setup is like this, wordpress, vtiger crm and ecommerse applications running on plesk 12 , with apache as backend server and nginx as proxy to serve static content. Now plans are to optimize webpages with Google pagespeed module , As per google documentation, module installation on nginx server need to be build from source. Is it recommended to install ngx_pagespeed module by building nginx from source on Plesk server?

View 3 Replies View Related

Plesk 11.x / Linux :: Enabling BCmath Php Module

May 20, 2014

how to enable bcmath in php.

We have a virtual server running Linux CentOS 6 with plesk 11.5 & PHP 5.4.28

So far I have found info here: [URL]

But can't get the commands to work. I'm not great with putty and the commands but learning a little.

I was also hoping that maybe updating PHP to a newer version and using the --enable-bcmath would work but where to start.

We have several websites installed on the server, some with opencart etc installed so I don't want to break the server!

This is what I get so far:

[root@louks ~]# wget rpms.famillecollet.com/enterprise/6/remi/x86_64/php-bcmath-5.4.28-1.el6.remi.x86_64.rpm
--2014-05-20 11:27:10-- http://rpms.famillecollet.com/enterprise/6/remi/x86_64/php-bcmath-5.4.28-1.el6.remi.x86_64.rpm

[Code].....

View 18 Replies View Related

Plesk 12.x / Linux :: Enable PHP IMAP Module For Server

Nov 27, 2014

I need php imap extension for my server. How can I enable it?

View 3 Replies View Related

Plesk 12.x / Linux :: Installing SPDY Module For Nginx?

Sep 17, 2014

How do I go about installing the spdy module for nginx? I understand it's now part of nginx 1.6 which comes with Plesk 12 but when I add the directive

Code:
listen 443 ssl spdy;

I get an error saying "nginx: [emerg] the "spdy" parameter requires ngxhttpspdy_module".

View 6 Replies View Related

Plesk 12.x / Linux :: Ion Cube Error - Unable To Initialize Module

Aug 7, 2014

I am receiving below email everyday ....

Subject : Cron <aioftp@main> /usr/bin/php -q /var/www/vhosts/domain.com/subdomains/somedir/httpdocs/dir/cron.php
Failed loading /usr/lib64/php/modules/ioncube_loader_lin_5.4.so: /usr/lib64/php/modules/ioncube_loader_lin_5.4.so: cannot open shared object file: No such file or directory
PHP Warning: Module 'soap' already loaded in Unknown on line 0
PHP Warning: PHP Startup: XCache: Unable to initialize module
Module compiled with module API=20090626
PHP compiled with module API=20100525
These options need to match
in Unknown on line 0

View 1 Replies View Related

Plesk 12.x / Linux :: How To Install Google Pagespeed Module On Nginx

Dec 21, 2014

How to install google pagespeed module on nginx and plesk 12

View 5 Replies View Related

Plesk 12.x / Linux :: Module IonCube Loader Already Loaded In Unknown On Line 0

Sep 2, 2014

After successful upgrade PHP, and not successful with ioncube i get:

Failed loading /usr/lib/php/modules/ioncube_loader_lin_5.4.so: /usr/lib/php/modules/ioncube_loader_lin_5.4.so: cannot open shared object file: No such file or directory
PHP Warning: Module 'ionCube Loader' already loaded in Unknown on line 0
The ionCube PHP Loader is disabled because of startup problems.
PHP Warning: Module 'ionCube Loader' already loaded in Unknown on line 0
The ionCube PHP Loader is disabled because of startup problems.
PHP 5.4.32 (cli) (built: Aug 21 2014 07:33:35)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
with the ionCube PHP Loader v4.6.1, Copyright (c) 2002-2014, by ionCube Ltd., andClick to expand...

View 4 Replies View Related

Plesk 12.x / Linux :: Fail2ban Module Fails To Activate Proftpd And Ssh-jail

Mar 4, 2015

I have a brand new Plesk 12 Installation with just a first Subscription/Domain for my test. Enabling fail2ban jails brings me the following error for the jails plesk-proftpd and ssh. All others went on.

error 'f2bmng failed: ERROR No file(s) found for glob /var/log/secure'.

I see that /var/log/secure is missing, althoug I already used ssh and ftp to log in once. I can go to touch the /var/log/secure file or adjust the jail configs to proper log file location? Which is the way to go? 

View 2 Replies View Related

Iptables Firewall; CSF, APF, Arnos... Etc.

Jan 5, 2009

Is it me or that anyone else experiencing the VZ master node not properly configured for those front-end firewall programs?

I recently purchased couple Linux VPSs (OpenVZ) from different vendors and both seems not having iptables properly configured. One of them finally got resolved, but took like a week for them to figure out what's wrong with it.

I'm currently still stuck with second VPS not protected.

I have not check into which iptables modules APF or CSF requires, but VPS vendors/resellers should expect their clients would be using those and properly configure their VZ master prior to deployments.

I'm begin to wonder people that purchases VPS slices, are they using any decent firewall front-end or not.

It always seems that ip_conntrack is missing. When exists, everything works.

View 2 Replies View Related

Plesk 12.x / Linux :: How To Add Multiple IPs To IPTables

Jun 22, 2015

I have a list of bad Ips and would like to add it into iptables, but I don't went to enter one-by-one or by command line, I would like to insert into list file of iptables editing a file or something like that, where and how I can procedure to do this?

View 5 Replies View Related

Plesk 11.x / Linux :: PHP Support 11.5.30 - Cannot Change Or Choose Running As Apache Module Or CGI Application

Jul 17, 2015

Hosting Settings

There is no php support - so i can´t change or choose running as apache module or cgi application (s. screenshot)...

OS Ubuntu 12.04.5 LTS

Panel version 11.5.30 Update #50, last updated at July 17, 2015 03:46 AM

View 4 Replies View Related

Iptables Firewall On: Can't Receive Emails

Jun 8, 2009

after turning on the iptables firewall i can't receive emails anymore on a dedicated centos 5.3 server with postfix and dovecot.

with iptables firewall turned off everythin works fine.

following is the /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
# -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT

# ************ tried doing this first ************

#-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 110 -j ACCEPT --syn
#-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 25 -j ACCEPT --syn
#-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 143 -j ACCEPT --syn

# ************ tried doing this too ************

-A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 72.233.54.234 --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -s 72.233.54.234 --sport 25 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -s 72.233.54.234 --sport 1024:65535 -d 0/0 --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -s 0/0 --sport 25 -d 72.233.54.234 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT


-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

as you can see here i have tried opening ports 110, 25, 143 earlier. still did not work.

View 2 Replies View Related

Kernel, Iptables And APF Firewall Problem

Oct 21, 2009

Hello !

I've got problems with my APF firewall. Here is are the errors I get :

[root@ks123456 ~]# apf -r
apf(6493): {glob} flushing & zeroing chain policies
apf(6493): {glob} firewall offline
apf(6530): {glob} activating firewall
Opening /proc/modules: No such file or directory
apf(6570): {glob} unable to load iptables module (ip_tables), aborting.
apf(6530): {glob} firewall initalized
apf(6530): {glob} fast load snapshot saved

The /var/log/apf_log file is full of these errors.

I've been told that it was a compatibility issue with the server's kernel. So I upgraded the kernel to the last version, but the problem still remains and I get the same errors...

Can you advise about what I should do now ?

Thank you !

View 2 Replies View Related

APF Firewall :: Iptables: No Chain/target/match By That Name

Jun 6, 2007

Hello,

I have two similar VPS plans with identical software setups.
I installed APF Firewall on VPS A, modified the conf.apf file to
change the interfaces to venet0 and set monokern to 1 and
then opened all the ingress ports required. Started the firewall
with 'service apf start' and everything went fine, and everything
is working fine with no errors.

I did the same on VPS B but when I start apf I get the following
error that reoccurs during the startup sequence:

iptables: No chain/target/match by that name

While the firewall does seem to be running (by checking iptables -L)
I am unable to download files on the VPS, via wget or yum ...

View 4 Replies View Related

Apf Firewall Giving Iptables: Invalid Argument

Oct 27, 2006

I have a Virtuozzo VPS running Debian Sarge. I installed apf. My /etc/apf/conf.apf looks like:

IFACE_IN="venet0"
IFACE_OUT="venet0"
SET_MONOKERN="1"
IG_TCP_CPORTS="21,22,53,80,443,25,465,110,995,143,993,137,139,445,10000,3306"
IG_UDP_CPORTS="53"

Am am getting several "iptables: Invalid arguments" message. I traced this to these iptables calls from within /etc/apf/firewall. Each of these iptables calls gives "iptables: Invalid arguments":

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL NONE -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags SYN,RST SYN,RST -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags FIN,RST FIN,RST -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,FIN FIN -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,URG URG -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,PSH PSH -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL FIN,URG,PSH -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL ALL -j IN_SANITY

/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL FIN -j IN_SANITY

Any thoughts? According to my ISP, I have these iptables modules:
iptable_filter
iptable_mangle
ipt_limit
ipt_multiport
ipt_tos
ipt_TOS
ipt_REJECT
ipt_TCPMSS
ipt_tcpmss
ipt_ttl
ipt_LOG
ipt_length
ip_conntrack
ip_conntrack_ftp
ip_conntrack_irc
ipt_conntrack
ipt_state
ipt_helper
iptable_nat
ip_nat_ftp
ip_nat_irc

View 0 Replies View Related

Iptables LKM Ip_tables Missing So This Firewall Cannot Function

Apr 4, 2008

When I click Start Firewall

I get this

iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf
Error: aborted, at line 156

View 3 Replies View Related

Iptables Script :: Configure IP Tables For Firewall

Oct 31, 2008

I find it hard to configure IP tables for firewall, can I find already made scripts anywhere?

View 1 Replies View Related

Iptables Not Working With CSF

Feb 7, 2008

I have CSF installed on one of our server.

CSF dont ban the IP and if manually it is done I get following error.
----------------
csf -d 195.88.65.47
Adding 195.88.65.47 to csf.deny and iptables DROP...
iptables: Index of insertion too big
DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0
Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864
-------------------
Also iptables is not running on server.
If status is checked it says its stopped.

I have many sites on my server I dont want to get any downtime.

Please let us know how can we fix this issue as soon as possible.

I have tried reinstall CSF but still the issue remains same.

View 3 Replies View Related

Iptables Not Working

Aug 5, 2008

After I start iptables:
service iptables start
There is not any message coming up.
When use
service iptables status,
It said:
iptables: Firewall is not running.

My os is fedora core 6

View 10 Replies View Related

Iptables Block An IP Not Working

Apr 25, 2008

I use

iptables -I INPUT -s 60.216.238.212 -j DROP

To block ip, not working

After issue

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

I can still see

87 218.86.252.158
163 219.150.191.62
301 60.216.238.212

60.216.238.212 still has 301 connection, any idea.

Basically, I use ddos-deflate to block ddos attack.
I already set the max conection to 25.
But it seems not working.
all the connections over 25 have not been blocked.
Did I miss something?
I mean after I issue

iptables -I INPUT -s 60.216.238.212 -j DROP

Do I need to do something like refresh iptables?

View 0 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved