Plesk 12.x / Linux :: PSA-Firewall Not Working Correctly?
Aug 23, 2014When I modify rules using the firewall panel it is not generating rules correctly when selecting allow from selected sources deny from others.
View 2 Replies
ADVERTISEMENT
Plesk 12.x / Linux :: System Policy For Incoming Traffic - Firewall Not Working Correctly
Jun 25, 2015When I deny all other traffic for the "System policy for incoming traffic" to secure the server by only allowing the explicit ports I've requested to open, my server stops operating correctly.
It appears when I set the "System policy for incoming traffic" to deny, it appears to be disrupting various functions such as web traffic over ports 80/443, FTP, SSH, they either work extremely slow or don't work at all.
I brought this up with my Plesk license provider and they stated that the Plesk firewall doesn't add any tracking for ephemeral ports, therefore if you set the policy to drop for incoming/outgoing, it's not going to allow proper TCP communication since the return socket can't be opened. Also that the firewall is an explicit deny system rather than explicit allow based system.
Am I doing something wrong? All I want to do is to block all ports other than the ones I've set to allow. Is this how it is supposed to work?
Plesk 12.x / Linux :: Firewall Not Generating Rules Correctly
Aug 17, 2014I am using the plesk firewall and trying to set up SSH rule which only allows from my IP but deny from everywhere else. In previous versions this worked fine by adding an ip selecting Allow from selected sources, deny from others and the icon in the rules would be orange with the lines
allow incoming from xxx.xxx.xxx.xx
Deny incoming from all others
However this no longer works as the deny from all others is not appearing and is not being generated in the iptables by plesk.
Plesk 12.x / Linux :: Website Not Working Correctly - URL Rewrite
Sep 2, 2014Latest Plex installed on a fresh machine. Have tried both Ubuntu 12.04 and 14.04 and cannot seem to have my website work correctly regarding URL rewrites. Its enabled in apache...
View 1 Replies View RelatedPlesk 12.x / Linux :: Firewall Allow Specific Source Deny Others Not Working?
Mar 28, 2015In plesk I have set the ssh rule to allow from source, deny others and added my IP. However, if I connect my PC to my work VPN, I can still login via ssh, even when I am on a different IP as the allowed IP
View 18 Replies View RelatedPlesk 12.x / Linux :: Firewall Module Modified Iptables - FTP Not Working Now
Feb 13, 2015I temporarily enabled and activated Plesk firewall module (which I wish I didn't the first time) and for some reason it seems to have overwritten the default iptables configuration that was set, leaving my ftp unable to be logged into. I tried to disable the firewall module and reboot the server. It didn't work.
I also noticed that it somehow seem to have changed my hostname to my previous server hostname as well
Is there any way to completely revert back to original iptables settings before enabling the Firewall module?
Plesk 12.x / Linux :: Firewall Enabled - FTP Stopped Working In Passive Mode
Aug 19, 2014I am running Plesk 12 . Centos 6.5
I have Plesk Firewall Installed.
After the Plesk Firewall was enabled the FTP Stopped working in passive Mode.
I searched the net and found the following :
Code:
/etc/sysconfig/iptables-config and change the line with IPTABLES_MODULES to: IPTABLES_MODULES="ip_conntrack_ftp"
It started working.
I changed the default FTP port from proftpd.conf
Code:
port 2392
and /etc/services
Code:
ftp 2392/tcp
ftp 2392/udp fsp fspd
I allowed the new port in Plesk Firewall in Incoming connection and disabled port 21
Now I am not able to connect to the ftp, I get the following error. Have I missed anything ?
Code:
Response:257 "/" is the current directory
Command:TYPE I
Response:200 Type set to I
Command:PASV
Response:227 Entering Passive Mode (85,25,51,34,216,46).
Command:MLSD
Error:Connection timed out
Error:Failed to retrieve directory listing
Plesk 11.x / Linux :: How To Partition SSD To HDD Correctly
Dec 6, 2014I am running a CentOS 6.6 (Final) with Plesk 12.0.18 Update #27 on my dedicated server. I was advised to upgrade my server to one that has a SSD due to better performance. What they failed to tell me was that I would need to perform additional configurations so that Plesk stores the subscription files in the /HDD-var/ directory and NOT the /SDD-var/ directory. Current server
Here are my questions:
1. How difficult would it be (I am a quick learner and can follow exact steps or directions very well) to make Plesk store the files on the HDD rather than the SDD?
2. Is this something I should undertake or is this very difficult to do?
3. If I perform these changes, will they revert to the old way if I perform Plesk updates? Or will the changes I make become permanent?
SSH: df -h
Filesystem Size Used Avail Use% Mounted on
/dev/md1 4.0G 916M 3.1G 23% /
/dev/mapper/ssd-usr 3.9G 1.9G 1.8G 51% /usr
/dev/mapper/ssd-var 3.9G 3.7G 2.7M 100% /var (Plesk is storing data here)
/dev/mapper/ssd-home 3.9G 792M 2.9G 22% /home (Would also like this data to be on the HDD)
[Code] ....
Plesk 11.x / Linux :: Permission Correctly In Vhost?
Nov 25, 2014I have domainA and domainB. domainA hosting files, for security ALL browser access should denied.. EXCEPT domainB make in php call with readfile() to a file on domainA. This should allowed.
domainB => readfile(http://domainA/myfile) => allowed ... all other access should denied.
So I set in vhost of domainA this:
<DirectoryMatch "^/var/www/vhosts/domainA/httpdocs/folder/">
Order deny,allow
Deny from all
Allow from 127
Allow from server-ipv4
Allow from server-ipv6/128
Allow from ::1/128
</DirectoryMatch>Click to expand...
Plesk 11.x / Linux :: MySQL Crashing / Not Loading Correctly
May 14, 2014I have a Centos 6 server with Heart Internet, who yesterday had an issue with the issue and once back online have been struggling til now getting the mysql service working correctly again and have now refused to provide any further support and redirected me here.
I was following this article here: [URL] ....
I've gotten to point 4. "~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` -A | sed '1iSET FOREIGN_KEY_CHECKS = 0;' > /root/dumpall.sql" however it's saying "got error: 145: table './avenue141_dabs/av_options' is marked as crashed and should be repaired when using LOCK TABLES and any attempts made to get into the DB to repair is giving me "error: 1045: Access denied for user 'root'@'localhost' (using password: NO)
This issue is urgent as we have a few websites on this server which use mysql databases for their website.
Plesk 12.x / Linux :: Request For Instruction On Correctly Installing APC
Oct 6, 2014I would like to install APCu (Alternative PHP Cache) & ZendOptimizer on plesk v12, I just wanted to know if there is any instructions for installing it correctly in a manner that will not cause issues with plesk updates.
View 5 Replies View RelatedODBC Connection Not Working Correctly
May 28, 2009I had a small question about ODBC. I created a new connection to a MySQL database with the 'ODBC Data Source Administrator' on my Win 2008 / IIS 7 webserver.
In this administration panel the ODBC data source works just fine. When I fill in the required values I receive the list of available databases and pressing the "test" button results in a successful connection.
But when I want to use this connection in other software, a C++ application and a PHP application, they supply me with errors "Couldn't connect to database", etc.
So the ODBC connection is correct (so are the credentials in the software 100% sure of that), but software can't use the connection. Because the software worked perfectly on an older server I think I'm missing out on some sort of setting which enables applications to use the connection (or something like that).
PHP4 & PHP5 Not Working Correctly
Jun 7, 2008I have suPHP installed in FastCGI mode. PHP5 is my default installation but I have it setup so that PHP4 can also run. At least that is my intention.
I have PHP5 working without a problem.
PHP4 is loading if I add the directinf x-httpd-php4 .php into my .htaccess file.
HOWEVER: PHP (via phpinfo) is trying to load the config file from /usr/local/etc/php5/cgi/php.ini when it should be from ....php4/cgi/php.ini
Where do I go to fix this? Or is there a second directive that I need to load in the .htaccess file?
Also... In either php5 or php4, if I put a php.ini file into a directory, it is suppose to load that one. However, it is not doing this either.
Plesk 12.x / Linux :: CLI - PSA Firewall Activation?
Apr 7, 2015How to activate/enable the firewall by cli, does this is possible?
Firewall module is installed.
Option in plesk GUI working well.
Does this is possible ? If yes how ?
Plesk 11.x / Linux :: How To Block Baidu In Firewall
Jan 15, 2015Is that possible to block baidu without specifying whole list of IDs it's using ?
View 1 Replies View RelatedPlesk 12.x / Linux :: FTP Performance Unusable With Firewall
Dec 17, 2014I have these problems since version 11.5. Now I have installed version 12 on centos . FTP works fine and is super fast and speedy until i enable PLEK FIREWALL, I also tried to add passive port range 60000-65534 to Plesk Firewall rules.
But nothing works.
It takes like 10 times longer to Login + List Files + Make changes using FTP. We applying changes via FTp and its very slow. We can use plesk file manager but its very inconvenient way for quick file uploads and changes.
Plesk 11.x / Linux :: Firewall Might Disable Itself After Updating To 11.5
Nov 26, 2013I already posted this as a bug report and now wanted to inform other users.
Starting with Plesk 11.5, the file "/opt/psa/var/modules/firewall/firewall-emergency.sh" contains the following line:
Code:
rm -f /opt/psa/var/modules/firewall/active.flag
That line stems from updating
Code:
Preparing to replace psa-firewall 11.0.9-debian6.0.build110120608.16 (using .../psa-firewall_11.5.30-debian6.0.build115130819.13_amd64.deb) ...
Unpacking replacement psa-firewall ...
Now, when you stop the firewall, you cannot start it again, cause deleting the active.flag disables the firewall:
Code:
# ll /opt/psa/var/modules/firewall/active.flag
-rw-r--r-- 1 root root 0 2013-11-26 09:22 /opt/psa/var/modules/firewall/active.flag
# /etc/init.d/psa-firewall stop
psa-firewall: firewall successfully disabled
# ll /opt/psa/var/modules/firewall/active.flag
ls: cannot access /opt/psa/var/modules/firewall/active.flag: No such file or directory
# /etc/init.d/psa-firewall start
psa-firewall: service is disabled
You then have to manually "touch" the active.flag to be able to start the firewall again. A workaround is to remove the line:
Code:
sed -i 's:rm -f /opt/psa/var/modules/firewall/active.flag::' /opt/psa/var/modules/firewall/firewall-emergency.sh'
I really hope that Parallels fixes this asap, as normally you won't notice that the firewall is not active when every works fine (nothing is blocked) and Plesk still shows all the rules.
Plesk 12.x / Linux :: Can Have WAF ModSecurity And Firewall Running Together
May 26, 2015I currently have the Web Application Firewall (ModSecurity) installed but would like a visual interface to block IP's, subnets etc.. Can I install the Plesk firewall as well without any conflict with the Web Application Firewall?
View 3 Replies View RelatedPlesk 12.x / Linux :: Firewall Blocks Emails Every Day
Sep 14, 2014I have a brand new and fresh installed server with:
Parallels Plesk v12.0.18
openSUSE 13.1
My Problem is, every day i have to click on activate in the settings of the firewall. Otherwise i have no Mail. The rest (Hosting, etc.) works fine.
No changes in the firewall settings where made, just a migration from my old server.
Plesk 11.x / Linux :: Firewall Has Not Effect On IPv6
May 15, 2014Plesk Firewall has no effect on IPv6?
I am writing today regarding the Plesk Firewall. It seemed to be pretty handy for quickly blocking troublesome users from *replace-with-whatever-IP-block-is-giving-you-trouble*. Yet I am unable to block IPv6 addresses, and the fire wall seems to let some blocked IPv4s right in. I did not see any distinction as to v4 or v6 in the Firewall dialog for adding custom rules, so...
The question is...
(1) Is the Plesk Firewall *supposed* to apply rules to IPv6 by default?
If yes...
(2) Is there a setting or a switch that has to be configured for this to work?
If yes...
(3) Where are said configuration options located?
Okay, when I run /sbin/ip6tables -L (CentOS) I get output that resembles the iptables (no 6) output, only... what, converted to IP6? Not sure. Example output:
DROP tcp ::ffff:31.0.0.0/104 ::/0 tcp dpts:1:10000
In that particular instance I added a drop for the 31.0.0.0/8 block (using the Plesk Firewall interface), in order to create the script that's loaded into iptables (and ip6tables as well, apparently) when one elects to "Apply Configuration". It worked great, executed perfectly, and the iptables output list output looked to be (and remember, I have grossly insufficient background knowledge in this area) accurate.
Yet at the time of this writing I can see via live traffic monitor that an address in the 31.0.0.0/8 block (IPv4) is pounding away at a website. This is curious, as the live traffic monitor indicates an IPv4 address. So... can an IPv4 address be detected and recorded from a host that is only able to connect via IPv6? While an interesting question, I was more concerned with just blocking the IPv6 address and get more academic with it later.
But this raises another question; why would Plesk populate ip6tables and not provide an interface to actually submit IPv6 addresses.
Plesk 12.x / Linux :: Firewall Resetting Itself Autonomously?
Oct 25, 2014Running plesk 12.018 on OpenSUSE 13.1
What causes the firewall to change / reset itself periodically? I enabled the plesk firewall, but some time later it is reset itself and switched to the opensuse firewall (completely different rule set, which blocks most of the ports).
I then disabled the plesk firewall and loaded my own iptables rule set via iptables-restore command. However a few hours later, it also gets reset to the opensuse firewall. The std. opensuse firewall closes most of the ports, so then our email is blocked.
I would like to permanently switch off any plesk handling of the firewall and manage the iptables myself. How to do this?
I also have fail2ban running and defined my own jail.local files.
Plesk 12.x / Linux :: Modify Firewall Rules Never Completes
Nov 9, 2014Applying Plesk firewall changes? I make my change, apply and get to:
Status: Applying in progress. If your browser shows connection error messages, or if this screen does not disappear in more than 30 seconds, go to previous page.
And there things stay. Going back to look at the firewall I can see the change haven't been applied, and going to apply just results in the same. No error, just no anything. It also took numerous attempts to get firewall modification to be swtich on although finally at about the eighth attempt changes were enabled. Only now I can't apply them ...
Plesk 12.x / Linux :: FTP Very Slow (with Firewall / Mod Security Enabled)
Jun 26, 2014After upgrading to Plesk 12 the FTP connection has become very slow. Mode Security, Fail2Ban and Plesk Firewall have been enabled, the security is set to force sFTP and maximum security and in /etc/proftpd.d/ a conf file has been added to set the passive ports that have been opened in the Plesk Firewall (60000 to 62000)
Turning off the Mod Security does not solve the slow connection.
What can we do to detect the cause of the problem?
Plesk 12.x / Linux :: Copy Firewall Rules From One Server To Another
Oct 3, 2014Plesk 12.x
CentOS 6.5
Any method for copying the Firewall (extension) rules from one server to another.
Plesk 12.x / Linux :: ModSecurity Firewall Log File Huge?
Oct 24, 2014I have enabled modsecurity system and in 1 day the modsec_audit.log file has grown to more than 700Mb. Is there any way to reduce the number of messages that this module logs?
View 4 Replies View RelatedPlesk 12.x / Linux :: Enable Firewall Rules Management
Jul 2, 2015I just have installed plesk panel and when i get to the "Firewall" tool, then clicked on "Enable Firewall Rules Management", proftpd has stopped working properly.URLs....I have preinstalled the server 2 times, and every time i try to edit the firewall rules, proftpd got broken.
View 10 Replies View RelatedPlesk 12.x / Linux :: Server Firewall / FTP - Allow All Incoming Connections
Jun 18, 2014Since the update I have a problem with my Firewall. I need to set "Allow all incoming connections" under "Server => Firewall" in order to connect over FTP with TLS (explicit). This was working before the update without allowing all incoming connections. How to fix this in the Plesk panel?
View 2 Replies View RelatedPlesk 12.x / Linux :: Redirecting Port In Firewall Module?
Aug 25, 2014How do we redirect port in Plesk firewall module without touching iptables? I saw forwarding but there was no destination port.
View 1 Replies View RelatedPlesk 11.x / Linux :: Export / Import Firewall Rules With Panel
Jul 25, 2014I would like to know if is possible to export Plesk firewall rules from Plesk 9.5.4 to Plesk 11.5.30 with panel.
View 2 Replies View Related
