• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question How to disable/restrict by IP <server-ip>/login_up.php ?

F

fabkim

New Pleskian
Hi,

I just noticed that when I access the IP address of my server with Chrome, I am redirected to the page <ip-address>/login_up.php or <server_name>/login_up
Is there a way to restrict this page by IP as is the case when using port 8443?
The "Restricting Administrative Access" feature only protects when the correct credentials are used. There is therefore a possibility of using this page to find the identifiers by brute force
Or is there a way to disable the non-8443-port access or redirecting to the 8443 port ?

Thanks
 
You cannot brute-force into Plesk when the Fail2Ban jail that protects the login is used. Simply activate that jail and you have peace.
 
yes, you are right, I forgot about fail2ban.
But leaving this page accessible lets a hacker know that Plesk is used on the server. The goal of security is to give as little information as possible, which is why I would like this page to no longer be publicly accessible at all.
So is there a way to block it ?
 
fabkim said:
Or is there a way to disable the non-8443-port access or redirecting to the 8443 port ?
Click to expand...
Hi!

Try to use the Plesk Firewall and/or to allow only a subnet for Your I-provider
If you are looking at
Code: 
cat /var/log/plesk/panel.log | grep "Failed login attempt with login"
may you will see, that there is no entry (like here).

I have never had a Fail2ban notification about a failed attempt on the Plesk panel.
IMHO, SSH, installed websites (wordpress etc) and SMTP is much more the risk than Plesk per se.
 
You must log in or register to reply here.

Similar threads

Jürgen_T
Question Massive Brute-Force Attacks on Plesk Panel – Looking for Additional Protection Measures
Replies
15
Views
2K
Franky H
F
T
Issue How to seucre a custom plesk login url?
Replies
1
Views
539
Kaspar
K
majdi draouil
Question Need Help Configuring Plesk Web Access on Server with Custom Ports - IP Accidentally Pointed to Domain
Replies
3
Views
514
majdi draouil
majdi draouil
brother4
Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?
Replies
8
Views
2K
Maarten
M
afuego
Question How to block control panel access for subdomain?
Replies
2
Views
2K
afuego
afuego
Back
Top