Skip to content

I suggest you...

← Feature Suggestions

When Nginx and Apache are used, Apache should only listen to ports 7080 and 7081 on localhost.

As discussed in https://talk.plesk.com/threads/security-attack-surface-ports-7080-and-7081.368543 security should be reinforced: When Nginx and Apache are used, Apache should only listen to ports 7080 and 7081 on localhost. When Nginx is not used, Apache should only listen to ports 80 and 443.

6 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

AdminPlesk Staff (Community Manager, Plesk International GmbH) shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Michael Wolter commented  ·   ·  Report

    To elaborate: At the moment, plesk - at least on debian 10 - listens on the public IP only on ports 7080 and 7081. When nginx is used as proxy for all domains on that public IP, it is not necessary for apache to listen on that public IP because requests to 7080 & 7081 should only originate from nginx.
    (Strictly speaking, it wouldn't even be necessary to listen on 7081 because costly SSL negotiation on localhost is superfluous, but that requires a bit more configuration to work so that links stay https.)
    When nginx is not used, obviously apache needs to listen on the standard ports of that public IP.

Feature Suggestions: Plesk (general)

Categories

Feedback and Knowledge Base

(thinking…)