On October 19, 2021, we have enabled single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
If you had already registered your account at Plesk 360 (formerly known as My Plesk) please use one for login. Otherwise please re-register it using the same email address as your existing Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account.

How to block an IP address in Plesk Firewall

Follow

Comments

9 comments

  • Avatar
    Peter Kielbasiewicz

    I have blocked some IPs according to the given recipe but they still show up in mail.log on my Ubuntu 16LTS server.

    iptables -L -n | grep DROP shows the banned IP but in mail.log I still see lines like this:

    Oct 7 08:29:10 h2731456 postfix/smtpd[15954]: connect from unknown[89.248.162.145]
    Oct 7 08:29:10 h2731456 plesk_saslauthd[15957]: failed mail authentication attempt for user 'support@stratoserver.net' (password len=7)

     

    0
    Comment actions Permalink
  • Avatar
    Taras Ermoshin

    @Peter Kielbasiewicz Hello!

    Make sure that all TCP ports used by SMTP - 25, 465, 587 - are added in the Ports section of the rule.

    Also, consider using Fail2Ban to protect from brute force attacks (there is already "plesk-postfix" jail in the Fail2Ban shipped with Plesk).

    0
    Comment actions Permalink
  • Avatar
    Karl May

    Here you should also find how to block parts of an IP-Range like 1.2.0.0/16. A ip subnet calculator would be nice ;)

    1
    Comment actions Permalink
  • Avatar
    Luis Zubeldia

    is posible to block ip ranges?

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello Luis Zubeldia

    Please, vote for this functionality to be added in upcoming updates here.

    0
    Comment actions Permalink
  • Avatar
    Peter Kielbasiewicz

    I think you cannot block an IP range with a fromAddress - to Address construct but you can easily block a network segment with a subnet mask.

    There are various online subnet calculators on the internet, just google for it.

    A common tasks is to block a class C subnet range by giving a base IP address like 94.25.181.0 and a bitmask which tells how many bits of the IP should be treated as fixed.

    E. g. adding 94.25.181.0/24 to the firewall treats the leftmost 24 bits as fixed and thus blocks the address range 94.25.181.0 - 94.25.181.255.

     

     

    0
    Comment actions Permalink
  • Avatar
    Simon Ang

    If we have a very LONG LONG list of IP address that we want to put in Fail2Ban, is a way to upload it in a file form and than individually upload each IP. Please advice.

    0
    Comment actions Permalink
  • Avatar
    Anton Maslov

    Hello Simon,

    I assume command line + scripting will do the trick. Please check this documentation to see how to manage fail2ban with command line.

    0
    Comment actions Permalink
  • Avatar
    ignacio correia

    I hack my way to generate the list:

    1 - Inspect the SELECT element using dev tools.

    2 - copy past the selector to VS Codes

    3 - Add the list then copy past again to the browser

    4 - Save :)

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request