- Plesk for Linux
- Domain cannot be reached, one of the following error messages is shown in a browser:
CONFIG_TEXT: Unable to connect
CONFIG_TEXT: Your Internet access is blocked ERR_NETWORK_ACCESS_DENIED
CONFIG_TEXT: This site can’t be reached
example.com took too long to respond
CONFIG_TEXT: The connection has timed out
Domain resolves to the proper IP address that belongs to Plesk server:
# dig +short example.com
- curl requests from inside the Plesk server work successfully:
# curl -I http://example.com/
HTTP/1.1 301 Moved Permanently
- curl requests from external network fail with timeout:
# curl -I http://example.com
curl: (7) Failed connect to example.com:80; Connection timed out
- Ports 80 and 443 are filtered on the server:
# nmap 203.0.113.2 -p 80,443
PORT STATE SERVICE
80/tcp filtered http
443/tcp filtered https
Port 80 or/and 443, if HTTPS is used is blocked by firewall.
If Plesk firewall management is enabled do the following:
1. Log into Plesk UI.
2. Navigate to the tab Plesk > Tools & Settings > Firewall.
3. Click Modify Firewall rules.
4. Click Add Custom rule.
5. Fill in the required fields, set port type as TCP in ports section click Add and then click OK. For example, for port 80:
5. Click Apply Changes.
Solution with command line, Plesk for Linux:
1. Connect to the server using SSH.
2. Allow inbound connections via ports 80, 443 in the server's firewall:
For SystemD based OSes:
# firewall-cmd --zone=public --permanent --add-port=80/tcp
# firewall-cmd --zone=public --permanent --add-port=443/tcp
# firewall-cmd --reload
For SystemV bases OSes:
# iptables -I INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
# iptables -I INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT
Depending on a server infrastructure, way to open 80 port may vary. For example, using firewall-cmd utility, or, if it is an Amazon or Alibaba Cloud server, firewall settings may be managed from account directly without accessing the server.
If 80 is still shown as "filtered", it means that it is blocked somewhere outside of the server: on a network level, or on an Internet Service Provider side. In this case, contact your network administrator or ISP.
Solution for Amazon (AWS) instance:
1. Login EC2 Management console.
2. Navigate to Instances.
3. Select the required Instance.
4. Click on Security Group name.
5. Add ports 80 and 443 to Security Group using the following article: How to add a port in the Security Group of Amazon instance.
Note: If there are additional software that extends standard firewall installed (APF, Bitninja, Imunify360), it should be configured as well in accordance to its documentation.