Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
Plesk website opens with one of the following errors in a browser:
CONFIG_TEXT: This site can’t be reached
ERR_NAME_NOT_RESOLVED
CONFIG_TEXT: DNS_PROBE_FINISHED_NXDOMAIN
-
DNS Server is enabled in Tools & Settings > Services Management and no errors are provided on its restart.
Cause
The port 53 (TCP or UDP) is filtered by a firewall for incoming or/and outgoing connections for the Plesk server's IP address:
# nmap -p53 203.0.113.2
PORT STATE SERVICE
53/tcp filtered domain
# nmap -sU -p53 203.0.113.2
PORT STATE SERVICE
53/udp open|filtered domain
Resolution
Allow inbound and outbound connections on port 53 (TCP and UDP) in a firewall.
-
Make sure that Plesk Firewall is installed. If required, enable it to open all ports needed by Plesk automatically.
-
If Plesk Firewall is installed and enabled, however, the rule Domain name server is missing, add a custom rule for opening port 53 as per the article.
-
Connect to the server via SSH.
-
Open port 53 (UDP and TCP) for incoming and outgoing connections in the local firewall:
- For
iptables
:
-
Open port 53 in
iptables
:# iptables -I INPUT -m tcp -p tcp --sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp --sport 53 -j ACCEPT
# iptables -I INPUT -m udp -p udp --dport 53 -j ACCEPT
# iptables -I INPUT -m tcp -p tcp --dport 53 -j ACCEPT -
To apply changes execute the command below:
-
for RHEL-based OSes:
# service iptables save
-
for Debian-like OSes:
# iptables-save > /etc/iptables/rules.v4
-
-
For
firewalld
:# firewall-cmd --permanent --add-port=53/tcp
# firewall-cmd --permanent --add-port=53/udp
# firewall-cmd --reload
- For
-
Connect to the server via RDP.
-
Go to Start > Control Panel > Windows Defender Firewall > Advanced Settings.
-
Open the Inbound Rules and make sure that the following rules are enabled:
Add them manually if required.
Note: If after applying the above steps port 53 is still shown as filtered (closed) in an online port checker (for example, ping.eu), that means that port is being filtered on a hosting/Internet service provider side. Please, contact your hosting/Internet service provider and ask them to open these ports for you.
Comments
1 comment
Had to restart Plesk firewall in order to fix the issue with names resolution.
The DNS port (53) at my Plesk firewall was opened, however, names could not be resolved.
Please sign in to leave a comment.