Search Engine: Elastic

Article ID: 2202, created on Sep 27, 2007, last review on Dec 25, 2018

  • Applies to:
  • Odin Automation
  • Odin Business Automation Standard 4.5

Resolution

The following ports should be always open for OBAS in firewall:

  • TCP port 80 for incoming HTTP requests from external network
  • TCP port 443 for incoming HTTPS requests on OBAS system - it is preferred to use HTTPS connection for OBAS Online Store and Control Panels as Resellers and Customers could enter some private information in the Store and may would like to use HTTPS connection over external network.
  • TCP port 25 for outgoing conections to public network or email gateway (if Mail Transport Agent in OBAS is configured to send all mail messages through the email gateway) - OBAS should be able to send email notifications to Provider, Reseller and Customers
  • TCP/UDP port 53 - OBAS should be able to send DNS notifications to manageable nameservers (publically available) registered in OBAS system and provide DNS zone tranfer to the manageable nameservers
  • TCP port 22 for outgoing SSH connections to Virtuozzo Containers hardware nodes and SSH-manageable nameservers registered in OBAS
  • TCP port 8443 for outgoing HTTPS connections to Plesk nodes registered in OBAS
  • TCP ports 80 and 443 for outgoing HTTP/HTTPS API connections to Sitebuilder nodes registered in OBAS

OBAS also should be able to communicate with DNS registrars' gateways, Payment gateways and AntiFraud systems (VariLogiX just for example) - exact firewall configuration in such cases depends on used Domain registration, Payment or AntiFraud plug-in. Usually it should be enough to open all connections to Domain registration/Payment gateway used in the plug-in configuration (on Top > Service Director > Domain Manager > Plug-ins > Plug-in Configuration or Top > Commerce Director > Online Payments > Payment Plug-ins > Plug-in configuration screen).

Additional Information

OBAS is able to perform basic firewall configuration and load all required rules itself, you may check this article for more details on basic firewall configuration script.

No additional actions are required on Virtuozzo node, no matter if that node is in a cluster or not. The Container has its own firewall and its modification is enough.

400e18f6ede9f8be5575a475d2d6b0a6 8fc71f07abe5b233fea1ae0377cd5e3d 70a5401e8b9354cd1d64d0346f2c4a3e 624ca542e40215e6f1d39170d8e7ec75 3ef1f5f998c0dc182718a7fe4376f875

Email subscription for changes to this article
Save as PDF