By default, we cannot access the Plesk interface and a number of Plesk services on Plesk instances deployed from Amazon Lightsail images.
Mostly, this happens when the ports they require to operate are blocked by the Amazon Lightsail Firewall.
In this context, we shall look into how we can allow access to Plesk Services on an Amazon Lightsail Instance.
How to allow Access to Plesk Services on an Amazon Lightsail Instance ?
To access Plesk and use these services, we need to manually allow connections to specific ports or port ranges.
By default, Amazon Lightsail allows all outgoing connections and blocks all incoming connections on Plesk instances.
However, there are exceptions for connections to ports on:
- SSH server – TCP 22
- Web server – TCP 80, TCP 443
Access to the Plesk interface and Plesk services using ports not listed above is blocked.
To allow access to a Plesk service on an Amazon Lightsail instance:
1. Initially, we go to Amazon Lightsail Home.
2. Under "INSTANCES", we click the instance and then go to the "Networking" tab.
3. Under "Firewall", we click +Add another and specify the following:
- a) "Application"- The default "Custom" value.
- b) "Protocol" – We select either TCP or UDP from the drop-down list.
- c) "Port range" – Specify the port or a port range corresponding to the Plesk service to allow access to.
4. Finally, we click Save.
To access Plesk for the first time, we need to allow access to the services below:
- The administrative interface of Plesk over HTTPS – TCP 8443.
- Plesk Installer, Plesk upgrades, and updates – TCP 8447.
- Domain name server – UDP 53, TCP 53.
For security reasons, We recommend allowing access only to services we want to use.
We can keep the ports corresponding to the services we do not want to use closed.
For example, to use mail, open all ports listed in the "Mail" section.
For the list of ports, we need to open to allow migrating customers and domains to or from the instance.