I used to have my apache 1.3.37 with PHP compiled as a CGI. Whenever i have a php script (say vbulletin forum software) that allow file uploads, files will be uploaded with the correct userid and groupid on the server. However, once i compiled PHP as ISAPI module, the files will be uploaded but will be owned by 'nobody'. Of course i can log in as root and chown it back to the right user, but it's a hassle if there are multiple user accounts on the server and they're using php software on their end. If someone is using an ftp program and tries to overwrite that uploaded file that's owned by nobody, it will not let them do so. Is there a way to fix this, or change the config files that would fix it?
I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.
Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.
How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|
I am wanting to know if there is a way to stop files being uploaded to my vps, via ftp cpanel etc that are malicious..
I have been told there is a way to do this but i havent been told how..
Basicaly i want to know if there is something where i can add a list of keywords that are in the malicious files and what ever it is will stop them from being uploaded or if they manage to get uploaded onto my vps will it make them not work?
I am looking into this as i had an issue before where someone uploaded a shell onto my server :@ luckily it didnt cause no damage or he didnt get anywhere but i still want to be safe.
I've recently started experiencing some issues where files uploaded through Joomla or some other scripts (mostly PHP) inherit a permission of 600. Prior to updates being done on the server I'm hosted on, uploaded files received 644 permissions and all things worked great.
I've checked the umask that assigned to the shell (022) and have ruled out that as a problem.
I want to be able to copy 1000's of files from one subscription to another or rather from one domain to another on the server without having to FTP them each time. Is there a way which this can be done directly in Plesk and avoid the need to ftp the same 1000's of files into each subscription ? FTPing on my connection is really slow and takes 2-3 for each subscription / domain, whereas if I could just FTP to the server once and then copy&paste the files between subscriptions then this would save me a huge amount of time...
After restore (without any errors) some of my files are missing from one particular domain. The files are present in the backup however, they just don't restore. In this case it is a Wordpress installation and the complete wp-content folder did not restore one one of the domains.
I'm trying to get something simple to work in Plesk. I just want to use Apache for PHP files with Fast-CGI and PHP 5.6. Everything works fine with Nginx and PHP-FPM but because of the restrictions, that Nginx can only use a systemwide PHP version, which is 5.3.3 in my case, I need Apache for that.
So the problem is that I get the .php files as download and Apache doesn't parse them.
A little background information: Cent OS 6.6 Plesk 12.0.18 Update #49 PHP Versions 5.3.3 and 5.6.9 PHP Handles installed with this KB [URL] ....:
the problem is very big since backup procedure not backup all files and folder. I have a lot of Wordpress installations (some of that made with App Installer and others made by hand).
Into all the above installations, files and folder created by Wordpress, like plugin installed or image, uploaded are not backup!
I have seen that all this files come with www-data:www-data user and group but with read permissions for owner, group and others, so i not able to understand why they are not inside my backups. If i change user and group all works fine.
Check your Wordpress backup and verify the presence of plugin and images (miniature of images are still present since they are created with different user and group)...
I have a problem with file upload. I changed php.ini files in /etc/php5/cgi and user and php.ini to work with big files. I changed accordingly max_filesize, post_max_size, memory_limit.Also changed suhosin memory_limit and some other stuffs. I cant get files bigger than ~100MB to be sent through forms with post! Below is ok.Is there any method to do this with plesk 11.5?? I saw docs on this particular topics with plesk 10 on internet but nothing for plesk 11.
In Plesk 11.5 I set log rotation to once a day and to keep 365 files. But I can only find 13 files (only one access_log) in /var/www/vhosts/mydomain/log. But Plesk tells me that 100 GB are used for the logs (the 13 files only have about 3 GB). Where are the files? In previous versions (before 11.5) I always had the files (named .1, .2 etc) in the same log directory.
I am trying to restore a backup that Parallels Plesk made (latest version) and I used to get the option at some point to replace everything. Now, I only get the options to select what I want to restore and it fails because it says certain things, domains, content is already there.
I can't find the option anymore that allows me to say replace everything during the backup. Was that removed? If so, I'd really....really like it back.
Warning: Failed deployment of domain localhost.localdomain Warning: Execution of /usr/local/psa/admin/plib/api-cli/domain.php --create localhost.localdomain -owner admin -do-not-apply-skeleton -notify false -guid 4fe5de63-3103-4fa0-a01c-04894e167107 -vendor-guid 75b2fa01-6c6e-4cb2-8f1b-9c69757fd3ec -creation-date 2014-02-13 -ip 18.104.22.168 -ignore-nonexistent-options failed with return code 1. Stderr is An error occurred during domain creation: There are no available resources of this type (domains) left. Requested: 1; available: 0.
I'm missing files that the existing crontab requires. There are results on Google for it, but since the parallels' forum upgrade, all the Google links are dead...
The missing crons in question are:
/bin/sh: /usr/local/psa/libexec/modules/watchdog/cp/clean-events: No such file or directory /bin/sh: /usr/local/psa/libexec/modules/watchdog/cp/pack-sysstats: No such file or directory /bin/sh: /usr/local/psa/libexec/modules/watchdog/cp/clean-sysstats: No such file or directoryClick to expand...
I followed the following KB to allow country to be identified via GeoIP in AWStats: [URL] .... It works well on one of my domain, but I had to disable first the stats through PLESK Admin, then to reactivate it, so it would regenerate the conf file in /usr/local/psa/etc/awstats/* for a particulair domain. I then followed this KB to re-calculate all stats with country identification: [URL] .... It works as well.
But now: How can I regenerate all the conf file in /usr/local/psa/etc/awstats/* ? Is there any magic command?
I currently run the PMM tool, it migrates and created all the domains for me, but I have a new problem. Some clients does not have their files only at public_html, they use the root at their cpanel accounts, I notice that the PMM did not migrated the files from the root.... Is there any option to it be done?
The "/etc/php.ini" file seems reasonable and the session file path seems correct: session.save_path = "/var/lib/php/session"
But the session files never get deleted automatically. The session folder fills up quickly and I have been deleting session files manually while trying to resolve the problem. How can I verify that the default Plesk cron jobs are set up and running properly?
I'm running plesk 11.5.30 and I'm having an issue with the new word doc format (.docx) being recognized as a zip file. I've read several posts that explain what mime types to add, and I've found the spot where I need to enter them. The part I'm not sure about is whether the custom mime types field is an addition to the current mime types or a replacement list. Does that field just needs the new mime types or a full list?
I cannot seem to find a conclusive answer to this. I use subdomains to create client websites then once they are in their own domains the subdomains still remain. Can I delete only the subdomain and leave all the files or at least leave the database since it is still connected to the new domain. Example below.
subdomain.example.com uses database1
newsite.com still uses database1
Is there a way to copy the database into the new domain?
When i do full backup and download this backup, plesk create a temporary file inside directory /usr/local/psa/tmp but after download finish this file is not deleted, and this is causing problem because i have a server with small disk space.
I was running on a Ubuntu 10.04 LTS VPS and had this error too, then yesterday imported the domain from the old VPS to our new Plesk Server (Ubuntu 12.04.3 LTS) and I still get this error on this one domain.
This is the error in question...
Failed to pack files Backup_mydomain.tld_user-data_1311120042 in /var/lib/psa/dumps/domains/mydomain.tld [ 49562925056 bytes free of 53687091200 bytes total on mount point 0]
For security reason backup is performed on behalf of subscription system user. System user has no read access to backup file.Click to expand...
When you delete a site backup from its "Backup Manager" Panel, it is removed and no longer displayed in the Panel. However, I cannot tell if this action actually does anything with the real site backup files in "/var/lib/psa/dumps". Does this action merely remove it from PSA's database but not touch any actual files? If this is true, then how are site backup files supposed to be managed if this action doesn't actually delete them?