Cannot enable Plesk Firewall: The firewall rules management has not been enabled

Created:

2017-07-28 15:02:01 UTC

Modified:

2017-08-16 16:58:55 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Cannot enable Plesk Firewall: The firewall rules management has not been enabled

Applicable to:

  • Plesk Onyx for Linux

Symptoms

Cannot enable Plesk Firewall:

The firewall rules management has not been enabled

The following error can be found in /usr/local/psa/admin/logs/panel.log :

DEBUG [util_exec] [597b4fc0ef223] Starting: safeact --try-enable-features --iptables=/sbin/iptables --table=filter --rule=-m state --state NEW,ESTABLISHED,RELATED,INVALID, stdin:
DEBUG [util_exec] [597b4fc0ed06d] Stdout: safeact: Execution of /sbin/ip6tables -t filter -L failed with return code 3.Stderr isip6tables v1.4.14: can't initialize ip6tables table `filter': Permission denied (you must be root)Perhaps ip6tables or your kernel needs to be upgraded. 

The following permissions and ownership are set to /opt/psa/admin/sbin/mod_wrapper and /opt/psa/var/modules/firewall/firewall-active.sh files:

# ls -al /opt/psa/admin/sbin/mod_wrapper
-r-x--x--- 1 root psaadm 19808 Oct 28  2016 /opt/psa/admin/sbin/mod_wrapper  
# ls -al /opt/psa/var/modules/firewall/firewall-active.sh
-rwxrwxrwx 1 psaadm psaadm 3513 Jul 26 21:16 /opt/psa/var/modules/firewall/firewall-active.sh 

Cause

Incorrect file permissions and ownership.

Resolution

1. Login to the server over SSH

2. Set correct ownership and permissions:

# chmod u+s /opt/psa/admin/sbin/mod_wrapper
# chmod 4110 /opt/psa/admin/sbin/mod_wrapper
# chmod 700 /opt/psa/var/modules/firewall/firewall-active.sh
# chown root:root /opt/psa/var/modules/firewall/firewall-active.sh

Have more questions? Submit a request
Please sign in to leave a comment.