Results 1 to 7 of 7

Thread: Plesk firewall keeps resetting to defaults?

  1. #1
    Kilo Poster
    Join Date
    Apr 2006
    Posts
    10

    Exclamation Plesk firewall keeps resetting to defaults?

    Hi,

    I have opened port 3306 in Plesk Firewall so that I can remotely connect to my server to do off site backups.

    I have a cron job on another machine that connects every 24 hours to do a complete mysql backup.

    My problem is that Plesk Firewall keeps closing the mysql port. It seems to happen daily also.

    The backup fails everyday and doing a nmap shows that the port is closed. When I click "Edit Firewall Configuration" and then "Accept" the port opens up again and backup works. I'm not sure how long it works until it fails.

    It is strange because when I view the firewall configuration after it has reset, mysql still appears to be open but nmap shows it has been closed (or reset).

    Any help would be greatly appreciated.



  2. #2

    Default

    Have you thought about running iptables from command line and chattr so plesk can't override in the gui or if it wishes? I don't know if this is an issue as I don't use I use a hardware firewall for my setup. What is the details on your system OS and etc.?

    Prowler318.



  3. #3
    Kilo Poster
    Join Date
    Apr 2006
    Posts
    10

    Default

    I haven't tried manually editing iptables as I thought this might mess up Plesk. Perhaps you can confirm?

    I've never used chattr, or even heard of it. Am I right in saying it will prevent plesk from overwriting manual changes?

    My setup is CentOS 4 with atomic packages. Plesk 8.6 with latest updates.

    Thanks



  4. #4

    Default

    There was a bug for Plesk firewall setup which affected my setup (Ubuntu on Webfusion VPS) in which the firewall seemed to start but was using a default config....which left a lot of ports OPEN! I wonder if more than your backup ports get opened when you run plesk VPN. On reboot the system goes back to a closed state.
    Running IPTABLES manually was a pain but after some three months webfusion applied the fix to their VPSs



  5. #5
    Kilo Poster
    Join Date
    Apr 2006
    Posts
    10

    Default

    I tried manually changing iptables and managed to open the port but it closed again over night. Is there a way to test the open ports on my server other than nmap as I have read it will only show the open ports if it finds a service on that port?



  6. #6
    Kilo Poster
    Join Date
    Apr 2006
    Posts
    10

    Default

    If anyone is wondering I managed to solve this.. I had apf (advanced policy firewall) installed that was interfering with the plesk firewall.



  7. #7
    Product Expert
    Join Date
    Jul 2007
    Location
    Seattle Area
    Posts
    1,370

    Default

    I think the plesk firewall is a POS - it really sucks. I finally had to remove it and I did use APF - since then no complaints.

    The "hardest" part of it is to configure the egress and igress ports properly but psa has a KB article on the ports it needs so you can clearly see those and then configure them as you see fit.
    Parallels Certified Automation Professional - Parallels Plesk for Linux (PCAP PPP Linux)
    Parallels Product Expert



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •