Plesk 11 Set firewall rules manually

linux centos firewall spam
9,253

The actual configuration files for the firewall under Plesk are in the 

/usr/local/psa/var/modules/firewall/

directory and in particularly in the firewall-active.sh script

make your changes in there and then restart the firewall through 

/etc/init.d/psa-firewall restart

BUT these changes are not reflected in the web interface so if you change anything in those files you cannot not use the web interface to check the firewall.

Also I have the impression that even accessing the web interface of the firewall it will rewrite your handwritten rules even though you don't do any changes but I am not 100% certain on that.

Do a iptables -L or similar to see the state of your applied rules

Share:
9,253

Related videos on Youtube

Marm
Author by

Marm

Updated on September 18, 2022

Comments

  • Marm
    Marm almost 2 years

    I have a big spamming problem on my site from ip addresses coming from Asia. My website is designed for people in France and Canada, so I want to block all ip addresses from Asia to avoid spam. I found a list of about 1400 ip range and I want to create a rule in Plesk firewall that blocks all these ips.

    The plesk interface allows me to enter ip addresses one by one, but is there a way to add a list in bulk?

    I changed the database entry corresponding to my rule in module_firewall_rules table.

    When I click on the firewall link in plesk, I see all my ip addresse. But when I click on "Edit Firewall Configuration", I just see the one I enter when I've created the rule. So when I click on apply, there's only this address in the rule and the database is overwritten.

    So, is there a way to generate the firewall-active.sh with the database record manually?

    If not, is there a way to bulk insert ip addresses to a firewall rule?

  • Marm
    Marm over 11 years
    Thanks a lot. I've tried to change this file manually and then restart the firewall using the web interface, and the file was rewritten to fit the web interface. I will try to restart the firewall in command line. But plesk must store the web interface config somewhere? There is no way to change the config there so the web interface will match the file?
  • thanosk
    thanosk over 11 years
    From my understanding no. The web interface saves its config in db and xml files but it does not support that kind of firewall rule. Also when you restart the firewall from the web interface it also resets the saved configuration. Just edit the file and use the command line to restart it. Automated graphical tools like Plesk are nice and quite helpful but they do have their obvious shortcomings.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What prevents a machine from responding to pings?
blocking port 80 via iptables
iptables blocking from internet side on eth1?
IPtables string match for some URLs
What does an empty iptables mean?
Problems with multicasts in "iptables"
Figuring out the reason for a "Connection timed out" error
FirewallD is not running in CentOS Linux 7.1.1503
Can not open ports in iptables on CentOS 5?
Why firewalld doesn't apply my drop rule?