Plesk Firewall deny rules do not block connections to Docker container

Follow

Comments

6 comments

  • Avatar
    Francis

    Can confirm that on Plesk Onyx 17.8.11 Update #35 the Problem occurs. The iptables should not be changed via shell since it is overwritten like mentioned in the Preview function.
    Is there any other way to deny Docker managed ports from external access?

  • Avatar
    Alexandr Redikultsev

    Hi @Francis,

    Have you tried to add the rule for precise block of specific docker port via Plesk Firewall?

    Try it out and let me know in case it works.

  • Avatar
    Dumith

    Hi @Alexandr

     

    How do we add this to Plesk Firewall? I tried, it doesn't seems to work

  • Avatar
    Ivan Postnikov

    Hello @Dumith,

    Detailed instruction on how to use Plesk firewall may be found here

    Please note that the issue from this article is still not resolved. So in case you have faced this issue, you will need to use the workaround from the article (SSH access will be required).

  • Avatar
    Dumith (Edited )

    Hi,
    How can we make this permanent for now? Tried Plesk Firewall. Its not working.

    Every time Plesk Panel Updates/Restarts or Server restarts, Port 6379 become open. Huge problem as hackers attacks on Redis. Many servers running Redis

    Thank you.

  • Avatar
    Ivan Postnikov

    Hello @Dumith,

    >> How can we make this permanent for now? Tried Plesk Firewall. Its not working.
    Until bug is fixed, currently there is no permanent solution in Plesk Firewall. It is necessary to add firewall rules into iptables manually as described in workaround.

    Iptables resets to default settings after server reboot. Here is examples on how to save iptables rules permanently for different OS'es:
    CentOS 7 - https://serverfault.com/questions/626521/centos-7-save-iptables-settings
    For Debian/Ubuntu - https://www.thomas-krenn.com/en/wiki/Saving_Iptables_Firewall_Rules_Permanently

Please sign in to leave a comment.

Have more questions? Submit a request