Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
When accessing Plesk on ports 8443/8880 in a web-browser, the page fails to load with one of the following errors:
PLESK_INFO: This site can’t be reached
server.example.com took too long to respond.
ERR_CONNECTION_TIMED_OUT
PLESK_INFO: The connection has timed out
Cause
Plesk ports 8443/8880 are filtered by a firewall.
Resolution
1. Opening ports 8443/8880 in a local firewall
Plesk ports may be filtered by a local firewall installed on the system.
-
Connect to the Plesk server via SSH.
-
Check the status of port 8443:
# iptables -nL | grep 8443
-
For some Linux distributions (CentOS 7, Debian, Ubuntu), additional package "iptables-persistent" / "iptables-services" is required to be installed before running "iptables-save":
-
on CentOS/RHEL-based distributions
# yum install -y iptables-services
# systemctl enable iptables-services -
on Debian/Ubuntu-based distributions
# apt install -y iptables-persistent
-
-
Allow incoming connections to port 8443/8880:
# iptables -I INPUT 1 -p tcp --dport=8443 -j ACCEPT
# iptables -I INPUT 1 -p tcp --dport=8880 -j ACCEPT-
for OSes with firewalld enabled, run these commands:
# firewall-cmd --permanent --add-port=8443/tcp
# firewall-cmd --permanent --add-port=8880/tcp
# firewall-cmd --reload
-
During Plesk installation on Windows Server, Plesk Installer automatically adds rules to Windows Firewall. To check if the rule is there, follow these steps:
-
Connect to the Plesk server via RDP.
-
Click Windows Start and type Windows Firewall with Advanced Security.
-
Look for the rule names Plesk and Plesk Newsfeed in Inbound Rules.
Click on the picture to enlarge
If the rules are missing, add them:
3.1. Click New Rule... in the Inbound Rules menu.
3.2. Select "Port" and click Next.
3.3. Type 8443 and click Next.
3.3. Select "Allow the connection" and click Next.
3.3. Select all profiles and click Next.
3.4. Name the rule "Plesk" and click Finish.
Note: If a 3rd-party firewall/router is configured between your Plesk server and the Internet, open ports 8443/8880 there as well.
2. Opening ports 8443/8880 in a cloud computing service firewall
If Plesk is installed on a cloud computing service, follow the instructions for your cloud computing service to open ports 8443/8880:
3. Opening ports 8443/8880 on hosting/Internet service provider side
If after applying the above steps Plesk ports 8443/8880 are still shown as filtered (closed) by an online port checker (for example, ping.eu), that means that these ports are filtered on a hosting/Internet service provider side. Please, contact your hosting/Internet service provider and ask them to open these ports for you.
Comments
2 comments
I followed all the steps described here, but it didn't help. See the terminal protocol of the steps on my server:
root@h2632858:~# iptables -nL | grep 8443
root@h2632858:~# iptables -I INPUT 1 -p tcp --dport=8443 -j ACCEPT
root@h2632858:~# iptables -I INPUT 1 -p tcp --dport=8880 -j ACCEPT
root@h2632858:~#
# prepare firewall management
/usr/local/psa/bin/modules/firewall/settings -e
Firewall rules management was successfully enabled, use --confirm command within 60 second(s) to confirm enable, otherwise firewall rules management will be disable.
root@h2632858:~# exit
Abgemeldet
Connection to h2632858.stratoserver.net closed.
franz@UbuntuDesktop:~$ sudo ssh root@h2632858.stratoserver.net
root@h2632858.stratoserver.net's password:
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.15.0 x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Wed Mar 24 08:09:25 2021 from 95.49.208.201
This server is powered by Plesk.
Run the 'plesk login' command and log in by browsing either of the links received in the output.
Use the 'plesk' command to manage the server. Run 'plesk help' for more info.
root@h2632858:~# /usr/local/psa/bin/modules/firewall/settings -c
psa-firewall.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable psa-firewall
Firewall rules management was successfully confirmed.
root@h2632858:~#
# define firewall rules
/usr/local/psa/bin/modules/firewall/settings -s -name 'Plesk' -direction input -action allow -ports '8443/tcp,8880/tcp'
Firewall rule was successfully created; rule id: '45'.
root@h2632858:~# /usr/local/psa/bin/modules/firewall/settings -a
Firewall rules were successfully activated, use --confirm command within 60 second(s) to confirm activation, otherwise all changes will be rolled back.
root@h2632858:~# exit
Abgemeldet
Connection to h2632858.stratoserver.net closed.
franz@UbuntuDesktop:~$ sudo ssh root@h2632858.stratoserver.net
root@h2632858.stratoserver.net's password:
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.15.0 x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Wed Mar 24 08:17:56 2021 from 95.49.208.201
This server is powered by Plesk.
Run the 'plesk login' command and log in by browsing either of the links received in the output.
Use the 'plesk' command to manage the server. Run 'plesk help' for more info.
root@h2632858:~# /usr/local/psa/bin/modules/firewall/settings --confirm
Firewall rules were successfully confirmed.
root@h2632858:~#
# Check if port 8443 is free
iptables -nL | grep 8443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
root@h2632858:~# plesk login
https://www.fosar-bludorf.com:8443/login?secret=AglblFAVR0tSQsjjhbxYQ1jTsBJge5flpzsanPAQtTtSevG2
root@h2632858:~#
After that, the https address given above doesn't work:
Windows network error management resulted in a message, that the page is online, is accessible on the webserver, but there is no response:
Any suggestion what I did wrong? Any ideas what I could try next?
Dear Team,
I am using Plesk application in my organization but the issue is I am not able to open the portal on port 8443. however I have disabled the server firewall and able to telnet the port from the localhost but from other machine which is one the same network I am not. kindly help me in the same.
Please sign in to leave a comment.