- Plesk for Linux
A website/webmail cannot be reached with one of the following error messages in a browser:
PLESK_INFO: Unable to connect
PLESK_INFO: Your Internet access is blocked ERR_NETWORK_ACCESS_DENIED
PLESK_INFO: This site can’t be reached
example.com took too long to respond
PLESK_INFO: The connection has timed out
MXToolBox TCP Port Status tool reports that ports 80/443 are filtered. The same does the nmap utility:
# nmap 203.0.113.2 -p 80,443
PORT STATE SERVICE
80/tcp filtered http
443/tcp filtered https
A domain resolves to a proper IP address that belongs to a Plesk server:
# dig +short example.com
A "curl" request from inside a Plesk server works successfully for http/https:
# curl -I http://example.com/
HTTP/1.1 200 OK
# curl -I http://example.com/
HTTP/1.1 301 Moved Permanently
A "curl" request from an external network fails for http/https with timeout:
# curl -I http://example.com
curl: (7) Failed connect to example.com:80; Connection timed out
Ports 80 or/and 443 are blocked by a firewall.
- Managing firewall rules via Plesk
- Managing firewall rules via a command-line interface
- Solution for Amazon (AWS) instances
Managing firewall ports via Plesk
Install Plesk firewall.
In Plesk, go to Tools & Settings > Firewall and click Enable Firewall Rules Management.
Once Plesk Firewall is enabled, make sure that the WWW server rule is enabled. This rule allows connections via ports 80 and 443.
Managing firewall rules via a command-line interface
Connect to the server via SSH.
Allow inbound connections via ports 80, 443 in a firewall:
For SystemD based OSes:
# firewall-cmd --zone=public --permanent --add-port=80/tcp
# firewall-cmd --zone=public --permanent --add-port=443/tcp
# firewall-cmd --reload
For SystemV bases OSes:
# iptables -I INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT
# iptables -I INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT
Depending on a server infrastructure, way to open 80/443 port may vary. For example, using the "firewall-cmd" utility, or, if it is an Amazon or Alibaba Cloud server, firewall settings may be managed from account directly without accessing the server.
Note: If 80/443 is still shown as "filtered", it means that it is blocked somewhere outside of the server: on a network level, or on an Internet Service Provider side. In this case, contact your network administrator or ISP.
Solution for Amazon (AWS) instances
Log in to your EC2 Management console.
Navigate to Instances > select a required instance > click on a security group name.
On the Security Groups page, switch to the Inbound tab > click Edit > and add two new rules: HTTP for port 80 and HTTPS for port 443:
Note: for Amazon Lightsail, visit the following link: Open Access to Plesk Services on an Amazon Lightsail Instance
Note: If there are additional software that extends standard firewall (e.g. APF, Bitninja, Imunify360), it should be configured as well in accordance to its documentation.