Articles in this section

See more

How to block an IP address in Plesk Firewall?

Avatar
Alexandr Nikolaenko
Updated
Follow

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Question

How to block an IP address in Plesk Firewall?

Answer

Linux environment

  1. Go to Plesk > Tools & Settings > Firewall.

    Note: If Firewall is not presented then it is not installed. Install it using this article.

  2. Click on Modify Plesk Firewall Rules.

    Note: If only Enable Firewall Rules Management is presented, press on it in order to enable firewall first. Then, follow instructions on the screen.

  3. Press Add Custom Rule.

  4. Fill Name of the rule field, set Match direction according to the requirements and choose Deny in the Action field:

    Screenshot.png

  5. Set the port or the port range, mark TCP or UDP protocol according to the needs and press Add button. Added ports will be presented in the table on the left side:

    Screenshot_2.png

    Note: If no ports were specified the rule will be working for any port only for specified protocol.

  6. Add the required IP address to field Add IP address or network: and press Add button. The added IP addresses will appear in the table on the left side:

    Screenshot_3.png

  7. Press OK.

  8. Click Apply Changes.

Windows environment

  1. Go to Plesk > Tools & Settings > Firewall.

    Note: If green button Switch On is presented, press on it in order to enable firewall first.

  2. Click on Firewall Rules.

  3. Press Add Firewall Rule.

  4. Make sure the tickbox Switch on the rule is active. Fill The rule name field, set Profile according to the profile of the network interface (mark all of them if there are no confidence of which profile is in use):

    border_plus_Capture.PNG

  5. Choose Deny in the Action field, set the port or the port range, mark TCP or UDP protocol according to the needs:

    border_plus_Capture2.PNG

  6. Add the required IP address to field Add IP address or network: and press Add button. The added IP addresses will appear in the table on the left side:

    border_plus_Capture3.PNG

  7. Press OK.

Additional information:

Here are several examples:

To block an access to websites for a specific IP address

Match Direction:

Incoming

Action:

Deny

Ports:

TCP 80
UDP 80
TCP 443
UDP 443

Sources:

203.0.113.2

To block email sending from a specific IP address

Match Direction:

Incoming

Action:

Deny

Ports:

TCP 25
UDP 25
TCP 465
UDP 465

Sources:

203.0.113.2

Comments

2 comments

Sort by Date Votes
  • Avatar
    Peter Kielbasiewicz

    I have blocked some IPs according to the given recipe but they still show up in mail.log on my Ubuntu 16LTS server.

    iptables -L -n | grep DROP shows the banned IP but in mail.log I still see lines like this:

    Oct 7 08:29:10 h2731456 postfix/smtpd[15954]: connect from unknown[89.248.162.145]
    Oct 7 08:29:10 h2731456 plesk_saslauthd[15957]: failed mail authentication attempt for user 'support@stratoserver.net' (password len=7)

     

    0
    Comment actions Permalink
  • Avatar
    Taras Ermoshin

    @Peter Kielbasiewicz Hello!

    Make sure that all TCP ports used by SMTP - 25, 465, 587 - are added in the Ports section of the rule.

    Also, consider using Fail2Ban to protect from brute force attacks (there is already "plesk-postfix" jail in the Fail2Ban shipped with Plesk).

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles