Plesk firewall keeps resetting to defaults?

Discussion in 'Parallels Plesk Panel for Linux - 8.x and Older' started by castles, Dec 5, 2008.

  1. castles

    castles New Member


    I have opened port 3306 in Plesk Firewall so that I can remotely connect to my server to do off site backups.

    I have a cron job on another machine that connects every 24 hours to do a complete mysql backup.

    My problem is that Plesk Firewall keeps closing the mysql port. It seems to happen daily also.

    The backup fails everyday and doing a nmap shows that the port is closed. When I click "Edit Firewall Configuration" and then "Accept" the port opens up again and backup works. I'm not sure how long it works until it fails.

    It is strange because when I view the firewall configuration after it has reset, mysql still appears to be open but nmap shows it has been closed (or reset).

    Any help would be greatly appreciated.
  2. prowler318

    prowler318 New Member

    Have you thought about running iptables from command line and chattr so plesk can't override in the gui or if it wishes? I don't know if this is an issue as I don't use I use a hardware firewall for my setup. What is the details on your system OS and etc.?

  3. castles

    castles New Member

    I haven't tried manually editing iptables as I thought this might mess up Plesk. Perhaps you can confirm?

    I've never used chattr, or even heard of it. Am I right in saying it will prevent plesk from overwriting manual changes?

    My setup is CentOS 4 with atomic packages. Plesk 8.6 with latest updates.

  4. gerryb

    gerryb New Member

    There was a bug for Plesk firewall setup which affected my setup (Ubuntu on Webfusion VPS) in which the firewall seemed to start but was using a default config....which left a lot of ports OPEN! I wonder if more than your backup ports get opened when you run plesk VPN. On reboot the system goes back to a closed state.
    Running IPTABLES manually was a pain but after some three months webfusion applied the fix to their VPSs
  5. castles

    castles New Member

    I tried manually changing iptables and managed to open the port but it closed again over night. Is there a way to test the open ports on my server other than nmap as I have read it will only show the open ports if it finds a service on that port?
  6. castles

    castles New Member

    If anyone is wondering I managed to solve this.. I had apf (advanced policy firewall) installed that was interfering with the plesk firewall.
  7. Amin Taheri

    Amin Taheri Product Expert

    I think the plesk firewall is a POS - it really sucks. I finally had to remove it and I did use APF - since then no complaints.

    The "hardest" part of it is to configure the egress and igress ports properly but psa has a KB article on the ports it needs so you can clearly see those and then configure them as you see fit.

Share This Page