Articles in this section

Unable to activate Plesk Firewall: Connectivity failure occurred with both the new and rollback (previous) firewall configurations

Daniel Yordanov
Updated
Plesk for Linux kb: technical

Applicable to:

  • Plesk for Linux

Symptoms

  • The Plesk Firewall is stuck and it cannot be activated with the newly configured rules, while it also cannot be rolled back to the previously used rules:

    CONFIG_TEXT: Failed to apply the firewall configuration.
    Connectivity failure occurred with both the new and rollback (previous) firewall configurations, indicating that both configurations are faulty. As an emergency measure, the firewall was disabled and a configuration without firewall rules was applied. To resolve the issue, correct the firewall rules and re-enable the firewall.

    CONFIG_TEXT: Failed to apply the firewall configuration.
    Command '['/usr/local/psa/var/modules/firewall/firewall-new.sh']' returned non-zero exit status 4.

  • Errors that are similar to the following appear in the /var/log/plesk/panel.log:

    CONFIG_TEXT: [2025-10-07 02:00:50.859] 360834:68e473efdcc7a ERR [panel] Task failed: id=24195, pid=360834, type=ext-firewall-tasks\activate, clientRemoteAddr=195.214.233.7, configurationId=1, referrer=/modules/firewall/, runTaskUnderLogin=admin, token=4c7e16d230f3893269fc1e7968ba3bdd, error=pm_Exception: Command '['/usr/local/psa/var/modules/firewall/firewall-new.sh']' returned non-zero exit status 4.

    file: /opt/psa/admin/plib/modules/firewall/library/FwConfigurator.php
    line: 580
    code: 0
    trace: #0 /opt/psa/admin/plib/modules/firewall/library/FwConfigurator.php(388): PleskExt\Firewall\FwConfigurator::callSbin(string 'rules', array, array)
    #1 /opt/psa/admin/plib/modules/firewall/library/Tasks/Activate.php(39): PleskExt\Firewall\FwConfigurator->activate(string '4c7e16d230f3893269fc1e7968ba3bdd', integer '120')
    #2 /opt/psa/admin/plib/Task/Control/Sdk.php(49): PleskExt\Firewall\Tasks\Activate->run()
    #3 /opt/psa/admin/plib/Db/Table/Broker/LongTasks.php(178): Plesk\Task\Control\Sdk->run()
    #4 /opt/psa/admin/plib/Db/Table/Broker/LongTasks.php(113): Db_Table_Broker_LongTasks->_syncStart(object of type Db_Table_Row_LongTask)
    #5 /opt/psa/admin/plib/Task/Async/Executor.php(54): Db_Table_Broker_LongTasks->runTaskWithinExecutor(object of type Db_Table_Row_LongTask)
    #6 /opt/psa/admin/plib/scripts/task-async-executor.php(6): Task_Async_Executor->execute()

Cause

A conflict between Plesk Firewall rules and manually configured rules in iptables (which the Plesk Firewall also manages) is present and it prevents the firewall rules from being loaded.

A more complex case once discussed in https://webpros.atlassian.net/browse/PPS-18338, however the customer stopped responding and that case was not resolved. Due to this, if the solution below doesn't work, create a new 3rd-line for further investigation.

Resolution

  1. Log into Plesk

  2. Go to Extensions > Firewall

    Warning: Uninstalling and Reinstalling the Plesk Firewall extension will remove all previously added custom rules.

  3. Uninstall the Plesk Firewall extension by using the steps in this article:
    How to manage Plesk extensions (install, disable, remove, update - section Removing a Plesk extension
  4. Reinstall the extension by using the steps in this article:
    How to manage Plesk extensions (install, disable, remove, update - section Installing a Plesk extension
Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.