EhudZ
My feedback
-
60 votesopen discussion · 9 comments · Feature Suggestions » Plesk (general) · Flag idea as inappropriate… · Admin →EhudZ
supported this idea
·
-
566 votesopen discussion · 99 comments · Feature Suggestions » Security · Flag idea as inappropriate… · Admin →
An error occurred while saving the comment An error occurred while saving the comment EhudZ
commented
Re BitNinja, please also note the heafty price it comes with... $300 a year, as a Plesk extension.
An error occurred while saving the comment EhudZ
commented
Hi,
Would BitNinja remove the uage of the Plesk built-in FireWall IPTables and IPSet, as it requires their usage:
https://doc.bitninja.io/installation/ubuntu1004.htmlWhat does the non-pro version provide?
And, is the Plesk installation of the extension reversable exactly to pre-installation configuration
(for example Plesk FireWall manual rules)?An error occurred while saving the comment EhudZ
commented
spams comes from all over, not only from 64K IPs...
An error occurred while saving the comment EhudZ
commented
All of these deny country tools, are REALLY EASY to build. Their code is like 200 lines, and they use free real-time updating DB of IP associated to countries.
This should be a built-in Plesk tool, and no need for a monthly payment for it. It's worth 5 USD a year, not 5 USD a month...EhudZ
supported this idea
·
-
4 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
2 votes
Could you please formulate this as a feature request? What is the benefit of this feature?
Thanks,
—
IGEhudZ
supported this idea
·
-
4 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGAn error occurred while saving the comment EhudZ
commented
Please note, those that use this MFA might think they have its protection, while the Plesk mobile app might serve as kind of a "back door". Meaning, they might be considered as mislead to believe they are protected by MFA, while in fact, this might not be the case.
EhudZ
supported this idea
·
-
1 vote
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
33 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.—
IGAn error occurred while saving the comment EhudZ
commented
Hi Bob,
It's much more complicated...
Plesk fire wall collapses when using direct Iptables blocking for cide ip of vountries
Also each Plesk fire wall rule is limited to a few hundred ips (cidr ranges), and also bring to the entire Plesk to collapse, if superseded.EhudZ
supported this idea
·
An error occurred while saving the comment EhudZ
commented
Still waiting
-
12 votes
Thank you for your input. We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
An error occurred while saving the comment EhudZ
commented
I used this feature for few years. I would consider going to older versions or leaving Plesk all together due to this issue.
-
3 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
3 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGAn error occurred while saving the comment EhudZ
commented
This is extremely important.
EhudZ
supported this idea
·
-
4 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
44 votesopen discussion · 15 comments · Feature Suggestions » Plesk (general) · Flag idea as inappropriate… · Admin →EhudZ
supported this idea
·
An error occurred while saving the comment EhudZ
commented
well.. I was in touch with support referring to this idea here, and the Plesk dev team asked to get elaboration...
apparently not a lot of tolls for this important task.
The one I just added to my website seems to be for pages and the website itself. I'm looking for an easy toll to add also for SSHD level. I'm not sure CDN would do that..
An error occurred while saving the comment EhudZ
commented
I was asked to elaborate them here by Plesk dev team, which passed their request via Plesk support team.
An error occurred while saving the comment EhudZ
commented
And here is a file:
Amazon AWS IP listAn error occurred while saving the comment EhudZ
commented
I would like to add the list (as provided i n JSON file) of AWS used IPs so all of those are WhiteListed on the Plesk FireWall.
I'm also looking into ways to connect the Plesk firewall to tools geo-restricting ALL access to instance (including SSHD) for certain countries according to countries (could it be added to the Plesk FireWall). Have a look at these two links:
https://lonewolfonline.net/blocking-website-access-country-php/http://www.phptutorial.info/iptocountry/the_script.html
I have found an easy method for blocking a country, it only takes a few lines of code and has virtually no server load, so read on and I'll tell you.
It works like this:
Goto http://www.phptutorial.info/iptocountry/the_script.html for a look at "country identification without databases." Download the complete database (~540k) and extract it to a folder on your website. It will create a folder called 'ip_files'.
Next use this bit of PHP at the top of each of your pages. (Code provided on phptutorial.info)
if ($_SERVER['HTTP_X_FORWARDED_FOR'])
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
else
$ip = $_SERVER['REMOTE_ADDR'];$two_letter_country_code=iptocountry($ip);
function iptocountry($ip)
{
$numbers = preg_split( "/./", $ip);include("ip_files/".$numbers[0].".php");
$code=($numbers[0] * 16777216) + ($numbers[1] * 65536) + ($numbers[2] * 256) + ($numbers[3]);foreach($ranges as $key => $value)
{
if($key<=$code)
{
if($ranges[$key][0]>=$code)
{
$country=$ranges[$key][1];break;
}
}
}if ($country=="")
{
$country="unknown";
}return $country;
}
Then, add this little blocking script at the end of the code above:if ($two_letter_country_code=="US")
die();
You should replace US with the two letter country code for the country you are trying to block.I have taken this a bit further on mine, in that I check for a valid session, and if not found, run all the checks and create a session. This prevents the script from running every page load - just when a new visitor connects.
<?php
session_start();
if (!isset($_SESSION['FirstVisit']))
{
if ($two_letter_country_code=="US")
die();
else
$_SESSION['FirstVisit'] = 1;
}
?>p
Of course, this isn't a perfect solution and will only protect your PHP pages, but in an emergency?Note, you can find a full list of country codes listed in countries.php within ip_files folder of the zip file.
-
3 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
11 votesopen discussion · 3 comments · Feature Suggestions » Usability and UI · Flag idea as inappropriate… · Admin →EhudZ
supported this idea
·
-
13 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
ETEhudZ
supported this idea
·
-
48 votes
Have you seen an option to configure only one domain to access the Plesk? https://docs.plesk.com/en-US/obsidian/deployment-guide/plesk-installation-and-upgrade-on-single-server/customizing-plesk-url.76455/.
If yes, why do you decided do not use this feature?
Currently, we do not plan to restrict access to Plesk by 8443 port but it could be done by the system’s firewall (and if something goes wrong, it could be used as a reserve method to access the Plesk).
— AY
EhudZ
supported this idea
·
-
3 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
21 votes
This is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
— rk
EhudZ
supported this idea
·
-
5 votes
Thank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IGEhudZ
supported this idea
·
-
306 votes
As UserVoice staff cleaned up the most of twisted voices, I’ve returning this suggestion to open discussion.
Everyone, please continue voting for this feature if you consider it important.
—IB
EhudZ
supported this idea
·
.png){kind=link}
True, Juggernaut does so, however for a heafty $100 a yaer. This task should nit cost that.