Install the Plesk Firewall Module


Step 1:

Click "Tools and Settings" and then "Updates and Upgrades"


Step 2.

Click "Add Components"


Step 3.

Locate the "Plesk Firewall Extension" under "Additional Plesk Extensions" and check the box next to it


Step 4.

Click "Continue" and follow the instructions to complete the installation. 


Managing the Firewall

Accessing the Firewall Module is achieved by going to "Extensions" and then "Firewall"



The firewall is very powerful and caution should be taken when modifying it as it can be easy to make your server inaccessible to everyone, including yourself and CWCS Support. 

These options work best if you have a static IP address that you connect from as you can lock down services to a single IP making it near impossible for anyone other than
yourself the ability to access the server.

From within the Firewall extension click "Edit Firewall Configuration"


You can click any of the rules and edit them as you require


The options you have are:


Allow - Open to everyone

Deny - Blocked to everyone

Allowed from selected sources, deny from others - Blocks traffic to everyone except from ones specifically defined

When selecting "Allowed from selected sources, deny from others" you need to enter in the IP address you want to ACCEPT traffic from such as the IP address used by your office in to the "Add IP address or network" field and then click "Add", repeat this for each IP and then click "Ok" when finished. 


Once you are happy with your changes click "Apply Configuration" to make the changes go live:


Creating your own rule

You can create your own rules to allow or deny access, either to a specific port, or network or a combination of both. 

As an example lets say you know an IP address that you want to block from accessing your server

Start by clicking "Add Custom Rule"


Then in the "Name of the rule" field type in "Blocked"

Match Direction - would be set to "Incoming" as we want to block the traffic coming into the server

Action -  set to "Deny"

Ports - Leave this as it is, as we want to block any type of traffic

Sources - Enter in the IP address you want to block and click "Add", repeat this for each IP you want to block

Click "Ok" to finish adding the rules



Click "Apply Configuration" to load the rules and make them live


Once the rule has been applied you have successfully blocked traffic reaching your server from any of the IP addresses you specified. 

IMPORTANT INFORMATION:

If you decide to restrict access to services on your server to a specific IP address please add our support IP so we can continue to access your server to provide support, our IP address is:

193.200.80.2

If you are a Gold or Platinum customer please contact technical support before making any firewall changes as we have extra services accessing your server for both backups and monitoring that will need to be allowed.