Plesk 12.x / Linux :: Firewall Keeps Blocking Port 25 And Passive FTP Ports
Mar 1, 2015
I have some issues with the plesk firewall:
1. Emails are not delivered:
From some reasons, plesk is blocking incoming 25 port (in plesk shows opened, but it's not)My emails are delivered trough port 25, after doing some tests ( i've sent some emails to an email account hosted in the server) there was no email in the roundcube inbox! All emails were blocked...
a) Firewall was blocking the port 25 on server restart.
b) I have succesfully unblocked it from plesk manager -> tools -> edit/change -> even if i didn't change anything, i saved the "changes" and in my roundcube inbox i recived all the test emails.
c) In /var/log/maillog there is no error.
2. Passive FTP gets blocked in the same way, to successfully connect FireFTP on passive mode i need to repeat 1.b steps even if i've created a special rule to prevent the blocking, opening 49152-65534 ports and set PassivePorts 49152 65534 in /etc/proftpd.conf
The issue appears randomly, because in the last 5 days i didn´t restart the server, the last time i checked it worked. Today, without touching anything, firewall blocked my passive FTP and I had probmels reciving emails from gmail, yahoo etc...
View 2 Replies
ADVERTISEMENT
Aug 24, 2014
I have the web pro edition panel 12 on centos 6.5 64bit, and i have made some custom firewall rules in order to be able to run a teamspeak server. The problem is that the firewall randomly blocks the teamspeak port and keeps it blocked unless i restart the firewall.
View 4 Replies
View Related
Apr 21, 2009
Do you still have to add each port individually to Server 2008's Firewall like we did on Server 2003?
If so, will the guides that were put out for 2003 work on 2008's? I want to be sure before putting all these ports in....if I can just specify a range instead, it would be much easier!
View 3 Replies
View Related
Aug 19, 2014
I am running Plesk 12 . Centos 6.5
I have Plesk Firewall Installed.
After the Plesk Firewall was enabled the FTP Stopped working in passive Mode.
I searched the net and found the following :
Code:
/etc/sysconfig/iptables-config and change the line with IPTABLES_MODULES to: IPTABLES_MODULES="ip_conntrack_ftp"
It started working.
I changed the default FTP port from proftpd.conf
Code:
port 2392
and /etc/services
Code:
ftp 2392/tcp
ftp 2392/udp fsp fspd
I allowed the new port in Plesk Firewall in Incoming connection and disabled port 21
Now I am not able to connect to the ftp, I get the following error. Have I missed anything ?
Code:
Response:257 "/" is the current directory
Command:TYPE I
Response:200 Type set to I
Command:PASV
Response:227 Entering Passive Mode (85,25,51,34,216,46).
Command:MLSD
Error:Connection timed out
Error:Failed to retrieve directory listing
View 4 Replies
View Related
Feb 11, 2015
i'm running 12.0.18#34 on PCS dedicated server. i recently discovered that some of the default jails on fail2ban that is shipped with Plesk 12 were not working correctly. Let me explain what i mean. For instance, the plesk-panel jail. The logs were parsed correctly, the command was successfully appended in iptables list, the fail2ban log was updated. Still, the intruder was not blocked. I kept reading "already banned" on the fail2ban.log but actually there was no blocking.
After some checks, i found out that fail2ban default configuration states SSH as default blocking port.
that means, the block was working but only for ssh hits. thus the plesk-panel admin page hits were passing through.
since i added port=http,https on jail.local > plesk-panel and did it a restart on fail2ban service, only then did it start to actually block incoming hits.
I think this should be verified by programmers group and maybe include a fix in some future minor update.
View 1 Replies
View Related
Aug 25, 2014
How do we redirect port in Plesk firewall module without touching iptables? I saw forwarding but there was no destination port.
View 1 Replies
View Related
Jan 19, 2008
what are the inbound and outbound ports when FTP Passive mode is used for PureFTPd.
View 3 Replies
View Related
Mar 23, 2009
I'm running a Win2003 dedicated server with IIS and Plesk v9. While trying to configure my FTP ports I found out that my host has a basic (free) hardware firewall on my main/shared IP with ports 2000-2015 reserved for passive FTP connections. I asked them if they could change the ports to match the default ones but to customize hardware firewall settings I'm require to upgrade to a paid solution.
I again tried to approach the problem by trying to get IIS to conform to the host's ports. However after some research I found that the default MSFTP range is 1025-5000 while custom values have to be between 5001-65535. My host recommends I upgrade to a personal hardware firewall or make do with a software firewall. Other than dropping the firewall is there nothing I can do here?
I've thought of serving FTP on a dedicated IP (which would be exempted from the hardware firewall) but when I tried to set it up I got a directory permission error during connection attempts. I may be mistaken but this appears to be an an issue with Plesk not liking to serve a website's HTTP and FTP on separate IPs. Is solving this problem my best bet?
View 3 Replies
View Related
Nov 7, 2007
I have my server set up with the smtp daemon running on port 125, and assp listening on ports 25 and 26, and forwarding to port 125 if the mail passes. This setup has been working for months and months. Already today I've received several emails.
I just attempted to send an email, however, and thunderbird could not connect to port 26. (I use an alternate port because my ISP blocks port 25 except to their mail servers)
So I thought that assp had stopped running. Attempted to go to myip:55555, but the page would not load. Now I really thought assp was broken. SSH'd into server and was able to telnet to localhost, port 26 without an issue. Was also able to lynx [url] without an issue.
Since I'm able to log in to all of these weird ports via SSH but not from my local computer, I'm apt to think that they are blocking the ports (for some reason).
Is there any way I can test this theory? Nothing has changed on my side firewall-wise, and the poor girl at the ISP company didn't even know what a port was. I would like to be 100% sure before I give them another call demanding to speak to someone higher up...
View 5 Replies
View Related
Oct 14, 2014
After some recents updates (currently running on: 12.0.18 Update #19) appeared a problem with connecting to FTP for passive mode users:
Connect ok!
"/" is the current directory
Get directory
227 Entering Passive Mode
550 Access is denied.
Server logs:
/var/log/messages
Oct 14 12:11:26 host xinetd[3692]: START: ftp pid=2709 from=::ffff:xxx.xxx.xxx.xxx
Oct 14 12:11:26 host proftpd[2709]: processing configuration directory '/etc/proftpd.d'
Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - FTP session opened.
But:
/var/log/secure:
Oct 14 12:11:26 host proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
Oct 14 12:11:26 host proftpd: PAM adding faulty module: /lib64/security/pam_stack.so
Oct 14 12:11:26 host proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - USER client: Login successful.
ad1: yes, i do have passive ports configured in /etc/proftpd.conf and FW is properly configured
ad2: everything was fine until recent updates
ad3: this is happening only for passive users only
ad4: we are experiencing this issues across all Plesk instances [6x] on CentOS 6.5 with 12.0.18 Update #19
View 6 Replies
View Related
Mar 19, 2007
I can no longer access Cpanel/WHM as my ISP is blocking all kinds of ports.
Is there an easy way to give Cpanel and WHM a port number below 2082?
I have full root access.
View 13 Replies
View Related
Oct 18, 2007
Im currently at university and they are blocking ports 7777 so I cannot access my server at ip:7777 .
I have sent them an email and asked them if they are able to unblock it for me but thats unlikely because its a P2P port.
I would probably want to setup SSH Tunneling but dont know the commands. I have found tutorials for linux local to linux remote but I have got windows and havent found any tutorials for windows to linux tunneling.
View 14 Replies
View Related
Dec 16, 2008
I have a cPanel Centos VPS.
if they know of any service that I would have running on a basic webserver that would need the following inbound
View 4 Replies
View Related
Jun 20, 2007
Is there any reocmmanded KVM over IP from 1 port to multitple port?
View 8 Replies
View Related
Jul 9, 2014
how to change ports of Nginx from 80 to 8080 I would like install Varnish
View 2 Replies
View Related
Apr 23, 2008
My fedora server is running apf firewall. When I turn it off, clients can connect.
When I turn it on, it says MSG: Contacting Server.
I have already added ports 6100 and 3784 to /etc/apf/conf.apf by adding the ports to the lines, EG_TCP_CPORTS, EG_UDP_CPORTS, IG_TCP_CPORTS, and IG_UDP_CPORTS
and restarted the service.
Is there any additional ports I need to add?
(I've uploaded my conf.apf file)
View 2 Replies
View Related
Jul 24, 2014
It seems that, since Plesk 12.x, many usual ports are now closed by default (ex. port mysql 3306, port 9000...)
Clients are not informed...
how can we re-open these ports ?
View 1 Replies
View Related
Jul 20, 2007
as per apf firewall issue
Jul 17 02:03:02 duck kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:01:02:c9:94:20:00:90:69:8a:f3:f0:08:00 SRC=192.168.1.43 DST=192.168.1.220 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=40428 DF PROTO=TCP SPT=37079 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0
i already added 192.168.1.43 ip in allow list.
tcp:in : d=3306 : s=192.168.1.43
d=3306 : s =192.168.1.43
tcp: out : d=3306 : s =192.168.1.43
# added 192.168.1.43 on 07/19/07 01:15:21
192.168.1.43
But ip is still blocking traffic while monitor mysql....
View 3 Replies
View Related
Jul 11, 2009
I have a virtuozzo VPS with CSF. People can't connect to ftp because the firewall is conflicting with iptables. I looked at the csf guide:
[url]
To correct it, the ftp issues states:
Quote:
For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN
and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd:
PassivePortRange30000 35000
Where is pure-ftpd.conf? Do I have to install it or something?
View 8 Replies
View Related
Nov 26, 2007
I'm trying to set up a site on IIS 5. I think I've done the setup on IIS ok, but when I try the site, it's not getting served. I think there might be a firewall in the way, blocking port 80. Any idea how I would test to see if this is the case?
View 1 Replies
View Related
May 6, 2008
I have a client who was sending email to another server with Cpanel, all of a sudden all emails are in the queue for a few days and we checked everything was ok on our side even the logs are able to find the domain name, just that it drops from there.
Took me a while I finally telnet their port 25 and found it block, but somehow a few minutes later it was unblocked. Is there any mechanism in Cpanel that auto block port 25? I know the client uses a catchall so all rubbish went there, I cleared the catchall for him.
View 3 Replies
View Related
Apr 10, 2009
I am currently in the throws of configuring a new dedicated "Windows Web Server 2008 / IIS7 / Plesk" server. As part of the setup I have obviously made sure the firewall is correctly setup. After doing this I have run a remote port scan (from my internet connected PC) to the IP address of the server. This has brought up two ports that should be blocked:
5190
1863
I can open a remote telnet session to both these ports, however if I remote desktop to the server and attempt a telnet connection both ports fail to respond.
Does anybody know what these ports are?
If it helps at all, the firewall surrounding the server is an external Cisco device
View 2 Replies
View Related
Aug 28, 2012
How can I allow only one ip or a list of ip addresses to access port 8443.I need to limit access this port to few ip addresses and not everyone
View 6 Replies
View Related
Apr 13, 2015
Every time my server tries to send mail to Gmails/yahoos - they reject it with the following message:
Code:
Apr 13 11:35:49 m1370 plesk sendmail[5009]: handlers_stderr: PASS
Apr 13 11:35:49 m1370 plesk sendmail[5009]: PASS during call 'limit-out' handler
Apr 13 11:35:49 m1370 plesk sendmail[5009]: handlers_stderr: SKIP
Apr 13 11:35:49 m1370 plesk sendmail[5009]: SKIP during call 'check-quota' handl er
Apr 13 11:35:49 m1370 postfix/pickup[1759]: C90FA61668: uid=48 from=<apache>
[Code] ....
I tried Qmail, same issue
Code:
Hi. This is the qmail-send program at m1370.contabo.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. It didn't work out.
<emailhere@gmail.com>:
2a00:1450:4013:0c00:0000:0000:0000:001b failed after I sent the message.
[Code] .....
Centos 6.6 + Plesk 12 Web Pro Edition
My server certainly did not spam Gmail servers, (my old server works fine sending email t gmail) I fear this has something to do with my "Postfix" configuration.
View 1 Replies
View Related
Jul 3, 2008
Is it possible to change the port of ftp, similarly to what you can do with SSH?
View 13 Replies
View Related
Apr 7, 2015
How to activate/enable the firewall by cli, does this is possible?
Firewall module is installed.
Option in plesk GUI working well.
Does this is possible ? If yes how ?
View 2 Replies
View Related
May 15, 2014
installing a softarwe that used port 8088, but that port is used by plesk. What ports not used by plesk and how do I assigned one to this new software.
server Centos 5 +
View 3 Replies
View Related
Jan 15, 2015
Is that possible to block baidu without specifying whole list of IDs it's using ?
View 1 Replies
View Related
Dec 17, 2014
I have these problems since version 11.5. Now I have installed version 12 on centos . FTP works fine and is super fast and speedy until i enable PLEK FIREWALL, I also tried to add passive port range 60000-65534 to Plesk Firewall rules.
But nothing works.
It takes like 10 times longer to Login + List Files + Make changes using FTP. We applying changes via FTp and its very slow. We can use plesk file manager but its very inconvenient way for quick file uploads and changes.
View 1 Replies
View Related
