• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Autoupdater IP rejects 8447 connection since upgrade to Onyx

J

Jesse Fitzgerald

New Pleskian
Linux 2.6.32-642.13.1.el6.x86_64 #1 SMP Wed Jan 11 20:56:24 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux CentOS release 6.8 (Final) Plesk Onyx Version 17.0.17

Greetings. Strange occurrence... Since I upgraded to Onyx from Plesk 12 last week, the autoupdater cannot connect to 8447. The Onyx upgrade worked perfectly BTW. I AM ABLE to open 8447 on another remote honeypot IP with no problem. I can verify this with curl and nmap. I also get the same findings from my desktop computer at home and using an online port tester such as http://www.yougetsignal.com/tools/open-ports/ . Only since the update. I stopped iptables and turned the intrusion detection stuff on our firewall off to troubleshoot as well. I have verified that this is not our firewall intervening on the egress via packet analysis. I tacked that on the end of the message for you to see.

nmap for 8447 to autoinstall.plesk.com and portquiz.net:

[root@speedbird etc]# nmap -p 8447 portquiz.net
Starting Nmap 5.51 ( http://nmap.org ) at 2017-02-04 20:55 CST
Nmap scan report for portquiz.net (178.33.250.62)
Host is up (0.027s latency).
rDNS record for 178.33.250.62: electron.positon.org
PORT STATE SERVICE
8447/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.66 seconds

[root@speedbird etc]# nmap -p 8447 autoinstall.plesk.com
Starting Nmap 5.51 ( http://nmap.org ) at 2017-02-04 21:19 CST
Nmap scan report for autoinstall.plesk.com (37.235.107.44)
Host is up (0.0014s latency).
rDNS record for 37.235.107.44: dallas-20.cdn77.com
PORT STATE SERVICE
8447/tcp filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 0.65 seconds

Results verified using curl with remote honeypot and then our plesk server:
[root@speedbird etc]# curl portquiz.net:8447
Port 8447 test successful!
Your IP: 72.249.135.2

[root@speedbird etc]# curl autoinstall.plesk.com:8447
curl: (7) couldn't connect to host

When I did a packet analysis at our firewall, this is what I see for the failed connection from the CURL attempt, so there is no IDP or firewall rules being triggered. Nothing to see here.

Egress packet data from firewall from failed curl connection attempt above:

Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:69:ca:11], Dst=[00:d0:03:a5:3c:0a]
IP Packet Header
IP Type: TCP(0x6), Src=[72.249.135.2], Dst=[37.235.107.44]
TCP Packet Header
TCP Flags = [SYN,], Src=[60802], Dst=[8447], Checksum=0x3f7e
Application Header
Not Known
Value:[0]
Forwarded 0:0)

As an aside... 8447 is open locally to ingress traffic.

[root@speedbird etc]# netstat -natp | grep :8447
tcp 0 0 :::8447 :::* LISTEN 25460/autoinstaller

Thanks for any help you can impart!

Kind regards,

Jesse :)
 
Last edited:
I was able to update Onyx from the shell with 'plesk installer --select-release-current --reinstall-patch --upgrade-installed-components' ...I'm still wondering about why the panel is behaving this way and how it relates to the egress port 8447 thing...
 
I have the same issue, I've tried all the solutions provided but no luck, btw it's only working with command line. I see this problem with alot of users here, is it common or something need to be fixed with the next update?
==============Update=====================
After a deep troubleshooting, the problem is from cloud flare. They don't allow port 8447 but 8443
 
Last edited:
You must log in or register to reply here.

Similar threads

J
Resolved Updates and Upgrades page cannot be opened: it just loads continuously
Replies
2
Views
4K
Jesse Fitzgerald
J
Dukemaster
Issue Plesk licence key update failed (Network failure / Couldn't resolve host name)
Replies
12
Views
4K
AYamshanov
AYamshanov
M
Input How my firewall helped in uncovering a malicious PHP-script
Replies
1
Views
3K
virtubox
virtubox
Klaus Parzinger
Issue No webmail login possible after upgrading to Onyx
Replies
13
Views
4K
UFHH01
U
Back
Top