• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Unable to enable Plesk-Firewall rules

@KieranK

Did you already use the firewall, or is it a clean install?

If you just recently installed the Plesk Firewall extension, you would be best off by removing the extension and re-installing it immediately.

If you already used the Plesk Firewall extension and added some firewall rulesets, a clean re-install would be an option, but it might not be the best one.

Depending on your server (question is: do you have a VPS or a dedicated server?), one of the following is often the root cause of the problem:

1 - the number of iptables rulesets (Plesk Firewall is essentially a GUI for iptables) is very high, resulting in both iptables and Plesk Firewall becoming (relatively) unresponsive, slow and in rare cases even corrupted: this scenario would certainly apply if

- when using a (Virtuozzo based) VPS, the result of the command cat /proc/user_beancounters indicates a non-zero value in the column failcnt for the key numiptent,
- Fail2Ban exists a whole lot of banned IP addresses, which is often the result of badly defined jails and filters or badly configured Fail2Ban,
- your VPS is under attack or enduring a whole lot of connections at the same time,

and the above is a non-exhaustive summary, I just gave the most common situations creating a less responsive iptables and/or Plesk Firewall.

2 - the firewall-active.sh script is actually corrupted, which can be verified by inspecting (all of the below)

- the rules in the Plesk Firewall GUI: just use the Plesk Panel to have a view at the firewall rulesets,
- the rules in iptables: just run the command iptables -L from the command line (as a starter, to get an idea what actually is loaded in iptables)
- the lines in firewall-active.sh

and the lines in the firewall-active.sh script should be exactly identical to the rules in iptables and/or Plesk Firewall: if they are not, the script is "corrupted" somehow.


I would strongly recommend to start with option 2: inspect the files.

I am pretty sure that you will find one or more lines that do not belong in the firewall-active.sh script.

If that is the case, then the solution is simply: erase those lines and try to enable the firewall again.


A small tip: always make a backup of the firewall-active.sh script before editing it manually.


Hope the above helps a bit.

Regards..........
 
You must log in or register to reply here.

Similar threads

J
Question Enable DNS Caching with Plesk Firewall extension in use
Replies
1
Views
555
Kaspar
K
jola
Issue Firewall stops working
Replies
7
Views
957
Peter van der Kleij
P
O
Resolved Update Plesk 18.0.68 on CentOS7 result in no website reachable and email not working anymore
Replies
3
Views
637
Onkeltom01
O
Z
Issue Blocked ports 25-587
Replies
1
Views
474
zihniates
Z
L
Issue Extensions and firewall dont show up
Replies
11
Views
2K
WSNHosting
WSNHosting
Back
Top