Plesk 11.5.30 Update #47
When I look in a directory password protected by the Plesk Panel, I don't see an .htaccess file...
So, how does Plesk password protect directories?
And, is it possible to add functionality that would limit number of login attempts, and block an offending IP for a period of time?
I was wondering if it would be advisable to use the Password Protected Directory option in cPanels to limit part of my website to no more than 1,000 paying customers (yearly subsciption). Can cPanels handle this? Would accessing .htaccess and .htpassword to authenticate be too slow? Would management become too much? Has anyone attempted this? Are there any good alternatives such as open source programs? I've looked and found a few that are expensive and do way more than what I need.
View 2 Replies View Related I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected">
AllowOverride All
AuthType basic
AuthName "Enter Login"
AuthUserFile /etc/htpasswd/.htpasswd
Require valid-user
Order deny,allow
Allow from user1
</Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
OS: Debian 7.3
Apache 2.2.22
Every time I log on plesk 11.09 I get an email from admin saying that due to maximum number of failed login attempts for admin, the account was blocked for 30 minutes.
First, I do not get failed login attempts, I log in every time.
Two, the account is not blocked, I can log in, out and back in as many times as I want without problem except that I get this email everytime.
On Plesk 11.5 / Centos 6.5 / Linux
I normally protect a given directory in the Plesk Contral Panel with a Username / Password. I would like to bypass the username and password for visitors from one IP.
It has been 1 week, i am getting following email every day from my server.
Code:
5 failed login attempts to account root (system) -- Large number of attempts from this IP: 173-45-230-205.slicehost.net
Everyday a login attempt comes from new/different ip address.
Should i install CSF?
A client wants to FTP some files to my server but I don't want him to see/have access to all the other stuff on the server. Is there a way that I can 'corden-off' an area for him to FTP stuff to? A password protected area perhaps?
View 2 Replies View RelatedI have 2 domains on 1 account. My main website is www.aviationcafe.net and i added on www.modelcuir.com thats what it looks like to the public. But with my host it will be www.modelcuir.aviationcafe.net.
I noticed in the files area that modelcuir is it's own file, i can password protect that but it will stop people getting onto the website completly and i only want to stop them getting into the members area.
I can't create a members area either unless i can add a new folder which i can't i dont think.
I've got a file I want to access via cURL that is within a password protected directory.
I've tried sending:
Code:
$headers = array(
"HTTP_AUTH_LOGIN: admin3e",
"HTTP_AUTH_PASSWD: opensesame",
"Content-Type: text/html"
);
curl_setopt($curl, CUROPT_HTTPHEADER, &$headers);
(insecure)
and:
Code:
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, '[user]:[pass]');
but I can't figure out how to get past the login:
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Apache/2.0.52 (CentOS) Server at ****** Port 80
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
View 1 Replies View RelatedI have several customers with wordpress domains. I want to protect these directory's with Nginx on a plesk 12 machine.
I thought:
location /wp-admin/ {
allow 123.123.123.123;
deny all;
satisfy all;
}
would do the trick, but no go, nginx isnt passing it to apache by the looks of it. I tried all kinds of possible solutions but cant get it to work. It works with files though. The logfile says directory index of "/var/www/vhosts/testdomain.eu/httpdocs/wp-admin/" is forbidden. This makes sense, since its turned off.
How to get this to work with plesk 12 and nginx ?
I have a small problem. I have a install directory on my website, who are only for me. I have a password protected directory, and thats no problem to create in Plesk on Linux.
But the main diffrent from Windows based Plesk, are that I can not create a directory there I can browse the files in my webreader.
In windows plesk they have a option called Web directory, but I have never seen thats option in Linux plesk.
Are there any easy way to password protect and allow directory browsing in Plesk for Linux? Or do anybody have a easy way to do that?
One option, is to access the directory thru FTP interface in Internet explorer (ftp://mysite/directory). But I want to access the site thru HTTP if possible.
After I've upgraded Plesk 1.0.18 to latest version, I'm unable to set protection on directories. Plesk say it is set, but it is not. I can access protected directory without pop-up of login-details. Old protected directories work, but for new one added not working anymore. I also tried by conventional way adding .htaccess and .htpasswd files to the directory, but it does not apply either.
View 2 Replies View RelatedWe will be migrating from plesk 9 to plesk 11 and I am having some trouble finding a fix for something. Previously, http and https could either share a directory or have split directories (httpdocs and httpsdocs) for a site. Now all I see is httpdocs and I can't find a way to have separate directories.
View 6 Replies View Related run a command on /var/git to set rights and onwer without being cautious enough.I have run chown git:git .* -R which did not only run direction downwards the tree but upwards as well :-(
Any way to reset permissions and ownership for the directories back to standard?I tried /usr/local/psa/bin/repair already. Did lot of the fixes, but not all is in line yet.
I am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
View 4 Replies View RelatedWhere can I get examples to create login ID and password with changing of password function for valid user to access apache web server?
View 3 Replies View RelatedHow i get a new Password for a SSH Connection?
Plesk 12, CentOS 6.5
from some time, the plesk password is no more stored in chrome.I mean that even I delete all passwords/history etc chrome don't ask to save password...so something changed in the login page I suppose.from same time every time I connect to any plesk panel. Chrome say that it's not safe and I have to click "advanced" to continue, even it's a new installation make some minute before.
View 6 Replies View RelatedWhen I try to login to any accounts on my server via FTP the responce is:
Quote:
[20/03/2008 15:41:15] 331 User restore OK. Password required
COMMAND:>[20/03/2008 15:41:15] PASS
[20/03/2008 15:41:16] 530 Login authentication failed
I can login to their cPanel accounts fine using the exact same password so I'm not sure what the problem is. I've tried restarting the FTP server and syncing the ftp passwords using WHM -> cPanel -> Synchronize FTP Passwords but still no luck. I've tried changing the account password but I can still login to cPanel with the new password but not ftp.
I try connect to the ftp server via the IP address and domain (ftp.domain.com) but again, no luck.
I have an Ubuntu 14.04 LTS 64 bit virtual private server with Plesk 12. The server is hired from a hosting provider. The server is used to run the Odoo ERP application (using postgres database).
The Odoo application is running fine and now I want to create a backup of the application using Plesks Backup manager.
I choose configurations and content option in the backup manager but the created backup is only 200kb.
I think the problem is the location where the Odoo application is installed is not included in the backup. I made a tar backup from the server and extracted it on my pc. It seems that the main parts of the Odoo application are in the var, opt, etc and usr directories (not in a domain but under root).
Installing the application in a domain would solve the Plesk backup issue I think but the installation script of Odoo puts Odoo in var, opt, etc and usr directories even if I put the install script in the directory of a created domain. Since the manual Odoo installation is complicated I am very happy to use the script.
My questions are:
1. Is it possible to include the directories var, opt, etc and usr in the Plesk backup and how and where do I do that?
2. Can I restore such a backup without no problem in Plesk?
Over the weekend, I upgraded from Plesk 10.3 to Plesk 11.5, using the updater in the control panel. Everything seemed to go well. However, this morning I've noticed that some, not all, email accounts are having trouble logging into the server to send and receive mail. Other accounts are working fine.Via POP, I get this error: -ERR Temporary problem, please try again later
Via SMTP, I get this error:
535 auth failure
I see this in the maillog:
Jun 17 07:15:05 [server] courier-pop3d: LOGIN FAILED, user=[username], ip=[::ffff:xxx.xxx.xxx.xxx]
Jun 17 07:15:05 [server] courier-pop3d: authentication error: Input/output error
And this... Jun 17 07:24:50 [server] smtp_auth: FAILED: [email address] - password incorrect from [host] [xxx.xxx.xxx.xxx]
I replaced the server name, username, host, and IP in the above.
Here are the steps I've tried so far.
- Changing the password using the control panel.
- Updating the number of daemons in authdaemonrc
- Restarting the services
I just upgraded my Plesk on Ubuntu (vServer) yesterday. But after the upgrade I couldn't login to the Panel anymore because all I get when I try to reach the panel (https://panel.examplesite.com:8443) is a white screen.
I rebooted the server and restarted the panel as well as Apache several times with no change.
I cannot login to Plesk server with admin credentials as it says Error: Access for administrator from address 'xx.xx.xx.xx' is restricted in accordance with IP Access restriction policy currently applied. Also I cannot SSH to server and it says connection refused.
View 2 Replies View RelatedI have VPS Server with Parallels Plesk 11.5.30 (64 bits) on OVH.ORG..Today i do Update to newest version via https://MY-IP:8447
Code: [URL] .....
Now i cant login to my server: [URL] ....
How can i repair it. I dont wanna install again Plesk Panel becouse i have a lot of configuration and email adress.All components like Apache Mysql, ftp works good, but i cant only login.
I cannot login server:8447
1. netstat -anp |grep 8447 = nothing
2. iptables -L Chain INPUT (policy ACCEPT) - empty; Chain FORWARD (policy ACCEPT) - empty; Chain OUTPUT (policy ACCEPT) - empty
This happened after the unsuccessful upgrade.
Code:
Execution failed.
Command: autoinstaller
Arguments: Array
(
[0] => --select-product-id
[1] => plesk
[2] => --select-release-current
[3] => --upgrade-installed-components
[4] => --include-components-from-class
[5] => vendor=parallels
[6] => --include-components-from-class
[7] => patched
[code]....
ERROR: Failed to download the package URL...transfer closed with 205 bytes remaining to read..Not all packages were installed.Please try installing packages again later.try installing the packages again.
It seems like I have got a lot of trouble with Plesk 12 on a CentOS 7 machine.
1. I could not install Plesk properly due to some drweb problem.
2. Than the smb configuration seems only to be implemented partly.
3. Suddenly FTP login is not possible anymore (503 Access denied)
And now even Apache is not running anymore!
Code:
Unable to generate the web server configuration file on the host <xxxxxxx.dyndns.org> because of the following errors:
Template_Exception: [Mon Jun 08 14:16:28.058302 2015] [so:warn] [pid 4230] AH01574: module actions_module is already loaded, skipping
[Mon Jun 08 14:16:28.063364 2015] [so:warn] [pid 4230] AH01574: module headers_module is already loaded, skipping
[Mon Jun 08 14:16:28.063957 2015] [so:warn] [pid 4230] AH01574: module logio_module is already loaded, skipping
[Mon Jun 08 14:16:28.066150 2015] [so:warn] [pid 4230] AH01574: module suexec_module is already loaded, skipping
httpd: Syntax error on line 357 of /etc/httpd/conf/httpd.conf: Syntax error on line 5 of /etc/httpd/conf.d
[code]....
