Plesk 11.x / Linux :: IP Access Restriction Management?
Apr 24, 2014
(Plesk version 11.09)
Trying to restrict access to plesk control panel to one IP address (fake 66.67.68.69).
When I add the network 66.67.68.69/255.255.255.254 I recieve the following notification:
Error: The access restriction policy and the list of networks are currently configured the way you will not be able to log in with administrator's rights from your IP address '66.67.68.69'.
Now I would like this to be the ONLY ip address from wich i can log in.
I just have installed plesk panel and when i get to the "Firewall" tool, then clicked on "Enable Firewall Rules Management", proftpd has stopped working properly.URLs....I have preinstalled the server 2 times, and every time i try to edit the firewall rules, proftpd got broken.
We are successfully using fail2ban on our server (CentOS 6.6, Plesk 12.0.18), that is, jails running and blocking potential intruders
However, we tried to create a custom jail for the CMS that is being used by most of our clients.
I followed the instructions (Tools & Settings > IP Address Banning (Fail2Ban) > Jails > Manage Filters > Add Filter) and created the filter I wanted, but then it does not appear in the list, even though it displays a message reading that the filter was created successfully. Then, if I try to create a new Jail, the filter is not available from the list.
Looking at the directory /etc/fail2ban/filter.d/ I can find a file that has the same name as the filter I created, with a .local extension (the file name does not contain whitespaces or other special characters)...
I'm trying to use server side includes in a PHP website but am getting the error open_basedir restriction in effect.
I've tried going in to the PHP Settings for the website and have selected the predefined option
{DOCROOT}{/}{:}{TMP}{/}
Which as I understand it should allow access to all files within my httpdocs folder but I still get the error:
PHP Warning: include(): open_basedir restriction in effect. File(/sparklyphp/cms/inc/checkAdminLogin.php) is not within the allowed path(s): (F:PLESKWWWviwebsitedesign.comhttpdocs;C:WindowsTemp) in F:PLESKWWWwebsitedesign.comhttpdocssparklyphpcmsindex.php on line 1
The thing is I know 100% that the file it's having a problem with is in a subfolder of the
F:PLESKWWWwebsitedesign.comhttpdocs folder (the full F:PLESKWWWwebsitedesign.comhttpdocssparklyphpcmsinccheckAdminLogin.php).
I trying to create authentication Key in SSH with plesk 11.5.30 CentOS Linux box...I followed the following KB article to create authentication key. URL...The authentication key not working.
After updating from Plesk 10 to Plesk 12 I have lost ssh access for all users (service is not running).
While I select ssh connection I still receive an error:
--------------------------- PuTTY Fatal Error --------------------------- Server unexpectedly closed network connection --------------------------- OK ---------------------------Click to expand...
ERROR: Zend_Db_Statement_Exception: SQLSTATE[HY000]: General error: 126 Incorrect key file for table '/tmp/#sql_50f_0.MYI'; try to repair it (Pdo.php:234)
After upgrading to v12 i have no access to the plesk panel. The message above is shown.
I have some issues access my files through FTP. I created a new FTP user, that match the domain name, so it is easy for me to terminate access if i choose to delete the domain.
I can only access / see files that i uploaded with that specific FTP user. If i install a plugin inside Wordpress, i can not access those files via FTP.
If i login via SSH, with the root user, i can see all files.
I have tried to add the FTP user to the psacln group, but no luck.
I have Plesk 12 on Ubuntu. In an earlier version of Plesk I have some domains and all was fine. Now on a new server I have a problem: I cannot access to the domains via ftp. I have have user and I can connect to the server with a ftp client. But after (successful) login I did not receive any data and can not do anything.
I use Plesk 11.5.30 on my vServer. I created a new domain with a new web user and /bin/bash (chroot) setting. I can't login with a SFTP connection to this domain only normal FTP connection works. With existing users I don't have this problem.
Using Plesk 12 on a VPS with Ubuntu 12.04 LTS. In the Web Server Settings, if I select "Process PHP by nginx", then the URL "<domain>/plesk-stat/webstat/" is answered by Nginx with "404 Not Found". Having sniffed around, it seems:
/var/www/vhosts/system/VHOST/statistics/webstat is getting statistics gathered.I can't say if they are complete, or even sensible, but things are happening there.The various Alias and other statements required for access to AWStats via Apache are contained in the Apache config file /var/www /vhosts/system/VHOST/conf/last_httpd.conf..But no equivalent statements are generated in /var/www/vhosts/system/VHOST/conf/last_nginx.conf.
In Plesk 11.5 I set log rotation to once a day and to keep 365 files. But I can only find 13 files (only one access_log) in /var/www/vhosts/mydomain/log. But Plesk tells me that 100 GB are used for the logs (the 13 files only have about 3 GB). Where are the files? In previous versions (before 11.5) I always had the files (named .1, .2 etc) in the same log directory.
I cannot SSH or login into Plesk Admin panel. Once I tried SSH, it says 'connection refused'. Once I tried login into admin panel, it says 'Error: Access for administrator from address 'xxx.xxx.xxx.xxx' is restricted in accordance with IP Access restriction policy currently applied.
Tried restarting the plesk server too. Nothing seems working.
I have just looked at the plesk panel log - /usr/local/psa/admin/logs/panel.log - and seen an alarming number of attempts to access plesk using the admin user. i.e.
[2015-02-02 14:53:46] ERR [panel] [Action Log] Failed login attempt with login 'admin' from IP 50.62.148.176
I have fail2ban installed and set up for other things...
I need to disable apache access logs. I commented out the access log path in /etc/httpd/conf/httpd.conf and restarted the server but it's still logging access.
I read in the Plesk 12 release notes that resellers should have access to the new Wordpress toolkit. However, when I login with a reseller account, the Wordpress tool does not show up in the left-hand side menu. What do I need to do to give resellers access?
Access_log and error_log are being rotated around 10AM daily for my server.
But for busy days access_log and error_log gets very big to inspect. Is there any way that I can manually reset the logs for the time being but without changing the daily rotation time?
My reseller have got one plan, where option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment).
This plan contains only one subscription in which I would like to permit users to use sftp. If I go in the subscription, and then I click on "Customize subscription", I can see option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment)...
=> So same than in the plan.
After that, when I click on subscription => WebSites and Domain => One domain => FTP Access and I choose a ftp user, I don't have any option to allow ssh access to the user.
I've seen a number of exploit attemps on the default website which I believe has come via direct access via ip address i.e http://xxx.xxx.xxx.xxx.I have tried to block with .htacess but it seems to be being ignore (possibly by parallels or nginx configuration).how I can block access to the default site to all but 127.0.0.1, server external ip and my ip?
I enter one of my IPs or the hostname belonging to this IP, followed by the Plesk port, and I get redirected to the "main" hostname of the server, which was set in Plesk. But at this moment that hostname is used by another server (my old server) and so I'm redirected to the other server and cannot access Plesk on the new server.
I don't know why Plesk reacts like this, because it did not on the old server. Here the problem more detailed:
I'm just configuring my new server with Plesk 11. My old server uses Plesk 10. On my old server / in Plesk 10 I have the following scenario:
- I have several IPs (10) - Each IP is used for a different domain - Each IP has it's domain as the reverse entry (configured outside of the server/Plesk) - Each IP is set to "Dedicated" in Plesk - I set Plesk to listen only on one of these IPs (and different port) - Several domains are created in Plesk, but not a domain for my Plesk IP - The server's name is one of the domains (required for mails not being recognized as spam) - The hostname of the Plesk IP is one assigned by my provider (something like x-x-x-x.xyzservers.com) - Entering the IP of Plesk redirects to the "Plesk hostname" => Plesk can be accessed by using x-x-x-x.xyzservers.com:myport
And under Plesk 11 (here comes the problem):
- Still several IPs (but less: 4) - One IP should be used for Plesk, one for domain X, one for domain Y and the last one for the other domains - Reverse entries are x-x-x-x.xyzservers.com for Plesk IP, domain X/Y for two other IPs and the main domain for the last IP - Plesk IP and the two single domain IPs are configured as dedicated, the last one as shared - At this point I did not configure any domains in Plesk - Server's name is the same as my old server (the main domain) => Entering any IP with the Plesk port redirects to the servers hostname, e.g. my main domain, which is still on the old server. => Result: I cannot access Plesk!
Of course I could just change the hostname of the server via SSH (just have to find out how to do this), but why does Plesk react in another way now? Or is the problem that I cannot change Plesk to listen on only one IP?
We run a high traffic server and the access logs get filled up very quick. I know we could implement rotation, but I would also like to prevent performance loss by having an access log, doesnt matter how marginal that would be.
I currently run a fair size forum which is running IPB and the new version recommends mysql 5.6. Therefore I decided to go ahead and get this installed. In the process I managed to mess up all my sites completely like a moron and at one point couldnt access anything running modcgi. Now I have fixed almost all of it
Problem: Problem I have now is that I cannot access the plesk panel no matter what I try. Firstly I could not restart the service as it said that the database was missing, and therefore I have restored the PSA database from a backup. The service now restarts however looks slightly different to how I would usually see the restart:-
Stopping sw-engine-fpm: [ OK ] Starting sw-engine-fpm: [ OK ]
However I cannot access the panel from the usual address. All I get is "Firefox can't establish a connection to the server at husky-owners.com:8443" . Im at a bit of a loss as to where to go from here.
I am currently unable to access the Plesk control panel except from the web server itself. When I try any of the following options, all work on the server itself but externally all I get is the default Tomcat page.
I don't know if the problem is on the server itself or something within our firewall - we use Microsoft Forefront TMG. The port 8443 is open, and the Tomcat page is being served. All websites working fine, both internally and externally. The server itself is in a DMZ on the network.
The server is running Centos 7 with Plesk 12.
I just noticed that when adding a new domain, I am warned that the domain resolves to another IP address - the external one. Currently, the IP address set up in Plesk is the internal (192.168...) address. Could it be that I need to change this to the external?
Unable to read apache features from the service node: [Sat Jan 10 12:25:03.013856 2015] [so:warn] [pid 32541] AH01574: module actions_module is already loaded, skipping [Sat Jan 10 12:25:03.014058 2015] [so:warn] [pid 32541] AH01574: module auth_digest_module is already loaded, skipping [Sat Jan 10 12:25:03.014694 2015] [so:warn] [pid 32541] AH01574: module authz_user_module is already loaded, skipping
I migrate from plesk 9.5 to another server with plesk 12.0.18, and then outlook and mail default from iphone don't work, but tunderbird and webmail work well.
In outlook when i put the same configuration than tunderbird and i try to send mail out from my domain said this error:
