firewalld is a firewall
management tool for Linux operating systems. This section explains how
you can use it to open the ports necessary for Plesk to operate.
For Plesk and its services to work properly, a number of ports must be
open on the server. On some operating systems, these ports can be closed
by default. When you install Plesk, if firewalld is installed on the
server, Plesk automatically opens the ports required for Plesk to
operate. This mechanism works even if firewalld is turned off during the
Plesk installation.
firewalld is supported on the following operating systems:
- CentOS 7, RHEL 7, CloudLinux 7
- Ubuntu 16.04 and higher.
On CentOS and RHEL versions 7 and later, firewalld is installed and runs
by default. On Ubuntu 16.04 and later, you need to turn on firewalld
manually after installing Plesk.
Known Issues and Limitations
- Plesk can only configure firewalld version 0.4 or later.
- Plesk can only configure firewalld during Plesk installation. When
you upgrade Plesk, the firewalld configuration does not change.
You can see the list of ports and associated protocols Plesk opens via
firewalld in the table below:
| Service name | Ports used by service |
|---|---|
| Administrative interface of Plesk over HTTPS | TCP 8443 |
| Administrative interface of Plesk over HTTP | TCP 8880 |
| Web server | TCP 80, TCP 443 |
| FTP server | TCP 21 |
| SSH (secure shell) server | TCP 22 |
| SMTP (mail sending) server | TCP 25, TCP 465, TCP 587 |
| POP3 (mail retrieval) server | TCP 110, TCP 995 |
| IMAP (mail retrieval) server | TCP 143, TCP 993 |
| Domain name server | UDP 53, TCP 53 |
| Plesk upgrades and updates | TCP 8447 |
Plesk applies the configuration above to the firewalld zone called
“plesk” and sets that zone as the default one. Runtime firewalld
rules
added before installing Plesk are lost. Permanent
rules
are not affected. You can roll them back at anytime.
Rolling Back the Initial firewalld Configuration
If you configured permanent firewalld
rules
before installing Plesk by adding…
with