EhudZ

My feedback

  1. 60 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  9 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  2. 566 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  99 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    EhudZ commented  · 

    True, Juggernaut does so, however for a heafty $100 a yaer. This task should nit cost that.

    An error occurred while saving the comment
    EhudZ commented  · 

    Re BitNinja, please also note the heafty price it comes with... $300 a year, as a Plesk extension.

    An error occurred while saving the comment
    EhudZ commented  · 

    Hi,

    Would BitNinja remove the uage of the Plesk built-in FireWall IPTables and IPSet, as it requires their usage:
    https://doc.bitninja.io/installation/ubuntu1004.html

    What does the non-pro version provide?

    And, is the Plesk installation of the extension reversable exactly to pre-installation configuration
    (for example Plesk FireWall manual rules)?

    An error occurred while saving the comment
    EhudZ commented  · 

    spams comes from all over, not only from 64K IPs...

    An error occurred while saving the comment
    EhudZ commented  · 

    All of these deny country tools, are REALLY EASY to build. Their code is like 200 lines, and they use free real-time updating DB of IP associated to countries.
    This should be a built-in Plesk tool, and no need for a monthly payment for it. It's worth 5 USD a year, not 5 USD a month...

    EhudZ supported this idea  · 
  3. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  4. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » WordPress Toolkit  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  5. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Extensions  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    EhudZ commented  · 

    Please note, those that use this MFA might think they have its protection, while the Plesk mobile app might serve as kind of a "back door". Meaning, they might be considered as mislead to believe they are protected by MFA, while in fact, this might not be the case.

    EhudZ supported this idea  · 
  6. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Usability and UI  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  7. 33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    EhudZ commented  · 

    Hi Bob,
    It's much more complicated...
    Plesk fire wall collapses when using direct Iptables blocking for cide ip of vountries
    Also each Plesk fire wall rule is limited to a few hundred ips (cidr ranges), and also bring to the entire Plesk to collapse, if superseded.

    EhudZ supported this idea  · 
    An error occurred while saving the comment
    EhudZ commented  · 

    Still waiting

  8. 12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Feature Suggestions » Usability and UI  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
    An error occurred while saving the comment
    EhudZ commented  · 

    I used this feature for few years. I would consider going to older versions or leaving Plesk all together due to this issue.

  9. 3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » WordPress Toolkit  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  10. 3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Feature Suggestions » Extensions  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    EhudZ commented  · 

    This is extremely important.

    EhudZ supported this idea  · 
  11. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Extensions  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  12. 44 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  15 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
    An error occurred while saving the comment
    EhudZ commented  · 

    well.. I was in touch with support referring to this idea here, and the Plesk dev team asked to get elaboration...

    apparently not a lot of tolls for this important task.

    The one I just added to my website seems to be for pages and the website itself. I'm looking for an easy toll to add also for SSHD level. I'm not sure CDN would do that..

    An error occurred while saving the comment
    EhudZ commented  · 

    I was asked to elaborate them here by Plesk dev team, which passed their request via Plesk support team.

    An error occurred while saving the comment
    EhudZ commented  · 

    And here is a file:
    Amazon AWS IP list

    An error occurred while saving the comment
    EhudZ commented  · 

    I would like to add the list (as provided i n JSON file) of AWS used IPs so all of those are WhiteListed on the Plesk FireWall.

    I'm also looking into ways to connect the Plesk firewall to tools geo-restricting ALL access to instance (including SSHD) for certain countries according to countries (could it be added to the Plesk FireWall). Have a look at these two links:
    https://lonewolfonline.net/blocking-website-access-country-php/

    http://www.phptutorial.info/iptocountry/the_script.html

    I have found an easy method for blocking a country, it only takes a few lines of code and has virtually no server load, so read on and I'll tell you.

    It works like this:

    Goto http://www.phptutorial.info/iptocountry/the_script.html for a look at "country identification without databases." Download the complete database (~540k) and extract it to a folder on your website. It will create a folder called 'ip_files'.

    Next use this bit of PHP at the top of each of your pages. (Code provided on phptutorial.info)

    if ($_SERVER['HTTP_X_FORWARDED_FOR'])
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    else
    $ip = $_SERVER['REMOTE_ADDR'];

    $two_letter_country_code=iptocountry($ip);

    function iptocountry($ip)
    {
    $numbers = preg_split( "/./", $ip);

    include("ip_files/".$numbers[0].".php");
    $code=($numbers[0] * 16777216) + ($numbers[1] * 65536) + ($numbers[2] * 256) + ($numbers[3]);

    foreach($ranges as $key => $value)
    {
    if($key<=$code)
    {
    if($ranges[$key][0]>=$code)
    {
    $country=$ranges[$key][1];break;
    }
    }
    }

    if ($country=="")
    {
    $country="unknown";
    }

    return $country;
    }
    Then, add this little blocking script at the end of the code above:

    if ($two_letter_country_code=="US")
    die();
    You should replace US with the two letter country code for the country you are trying to block.

    I have taken this a bit further on mine, in that I check for a valid session, and if not found, run all the checks and create a session. This prevents the script from running every page load - just when a new visitor connects.

    <?php
    session_start();
    if (!isset($_SESSION['FirstVisit']))
    {
    if ($two_letter_country_code=="US")
    die();
    else
    $_SESSION['FirstVisit'] = 1;
    }
    ?>p
    Of course, this isn't a perfect solution and will only protect your PHP pages, but in an emergency?

    Note, you can find a full list of country codes listed in countries.php within ip_files folder of the zip file.

  13. 3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  14. 11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  3 comments  ·  Feature Suggestions » Usability and UI  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  15. 13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  16. 48 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    Have you seen an option to configure only one domain to access the Plesk? https://docs.plesk.com/en-US/obsidian/deployment-guide/plesk-installation-and-upgrade-on-single-server/customizing-plesk-url.76455/.

    If yes, why do you decided do not use this feature?


    Currently, we do not plan to restrict access to Plesk by 8443 port but it could be done by the system’s firewall (and if something goes wrong, it could be used as a reserve method to access the Plesk).

    — AY

    EhudZ supported this idea  · 
  17. 3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Panel/Mail  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  18. 21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Feature Suggestions » Extensions  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  19. 5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 
  20. 306 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    24 comments  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…  ·  Admin →
    EhudZ supported this idea  · 

Feedback and Knowledge Base