Plesk 11.x / Windows :: Firewall Settings Required
Jun 24, 2013
It looks like a change was made to the firewall settings (I think this was done by .net microsoft patch).I have manually added mysql-nt to the firewall ruleset, and this has allowed MySql to talk to the application. (Wordpress websites are now working)I still get the same error when i try to log in to the control panel.
MySQL server has gone away
Is 1 hour network reconfiguration downtime unavoidable with every Hosting Provider?
Today I got explanation from RackSpace why they needed to bring my server down for an hour when they install Hardware firewall (see below).
Could you comment if it's really necessary have 1 hour downtime in that case?
Here's how I see appropriate maintenance: - Install and plug Firewall's power and external network cable without touching production server (no downtime yet). - Connect test machine behind firewall and test if firewall works properly (no downtime yet). - Switch network cable so it connects Production server to Hardware Firewall (20 seconds downtime).
Why couldn't the maintenance be done that way?
Anyway, here's response from RackSpace: ======= I have answered questions 1-3 below and will be passing this ticket over to our network technicians in order to get questions 4-6 answered for you.
1) Why installing hardware firewall brought my server down by almost an hour? When working this type of maintenance to add firewall:
1. Mark ticket In Progress 2. Grab parts for maintenance 3. Put Public comment in ticket we are starting maintenance. 4. Log into server(at console or remotely). 5. Verify if other users are logged in. 5a. If users are logged in, we send them a message stating server is shutting down in X minutes. 5b. If no users are logged in, go to next step. 6. Shut server down. 7. Open the server. 8. Remove back plate from an open PCI slot. 9. Install PIX 501 card into PCI slot. 10. Screw PIX 501 power supply card in place. 11. Find open Powersupply connection and connect it to back of PIX 501 power card, since this will provide power for firewall. 12. Put side panel back on whitebox. 13. Install the firewall below the rack. We have to mount it to the rack the whitebox sits on. These are racked underneath the rack for each whitebox server. We use zip ties to hold it to the rack in place. 14. Put server back on rack. 15. Plug in power and network connections. 16. Connect console to server and verify server boots up fine. 17. Log in at console and verify it can ping NAT Gateway IP(192.168.100.1) 18. Verify if server can pint out to google or some other site
19. If we are unable to ping out or ping gateway IP, we will have to double check network connections and work with NetSec to resolve issues. This could be port speed issue since the PIX 501 firewalls require the port speed to be at 10Mb.
20. If server is pinging out fine, DCOPS will come back into DCOPS room and verify we can get to server remotely. 21. If server is not remotely accessible, we will have to go back to console and see if they are running any firewall software that is preventing access or if port RDP is using is changed. 21. Change status of server to online complete. 22. Send Public comment stating server is back online. 23. Close ticket. 24. Route Contract Received ticket for firewall over to Network Security to have them online firewall.
Downtime was necessary to install PIX 501 power card since the firewall gets power through this card.
2) How 1 hour downtime goes together with "Zero downtime" RackSpace slogan? Zero downtime means that your network will be up 100% of the time. However when upgrading your configuration (adding a firewall) there needs to be a certain amount of downtime in order to add this firewall to your configuration. Whenever a hardware upgrade is made there will be hardware downtime involved. The amount of time will vary depending on the hardware upgrade.
3) Why the length of downtime was communicated to me only at the beginning of downtime, and not some time prior to that? As we spoke about over the phone today I apologized for XXX not conveying the amount of downtime you will have during this maintenance. I have already spoken with him about this and moving forward if there are any maintenances that need to take place on your account your new Account Manager YYY and XXX will make sure and go into exact detail about the amount of downtime you should expect. Consider this mis-communication taken care of from now on. =======
Is it really necessary to shut down production server just to plug Hardware Firewall power?
- I make changes to the PHP settings but they don't seem to take effect. I even had tried making the changes in the php.ini file, but some of the changes here don't take effect either. I have found similiar posts, but resolutions that work. I have restarted the IIS service after the changes, but this did not change the results I see in phpinfo();.
Examples of Changes Not Taking Effect:
- I changed "error_log" in PHP Settings. phpinfo showed no value for error_log. I changed error_log in php.ini and the change took effect for both local and global. - memory_limit is set to 128M in php.ini. It shows as 32M for local and 128M for global with phpinfo(). No matter what I change this to (some value, "-1", default) in 'PHP Settings', the value does not change for local. - The same problem with 'memory_limit' also occurs for post_max_size. - PHP 5.2 and 5.4 are installed. If I change the version under the 'General' tab, it stays as 5.2.17 in phpinfo(). - I have changed the error_log setting in php.ini and 'PHP Settings', but still nothing is logged in the error_log file with safe_mode on or off (set to local directory). There is a note out there saying that with PHP 5.2, safe_mode on will not write to file. - I have performed IIS Restarts, but this did not make any settings take effect. - I also have tried changing PHP settings under the 'general' and "PHP Settings' tab, both under the website area and the advanced options->Website Scripting and Security. So the 'website' settings would be specific for the website and under 'Website Scripting and Security' would be for the webspace. Changing in either location does not make a difference.
Other Note - I discovered this, because a client was getting a 501 when performing a post, which also sent an email. If he attached a file larger than 7MB to his form, the code would fail with a 501 error. After investigating, the "To" field was blank if a person attached a file larger than 7MB. Defnitely seems to be a memory issue. But since no log file, nor will my settings take effect, I have not been able to resolve this.
PLESK Version - 11.0.9 Update #62 on Windows 2008 and IIS is the web server.
I wanted to select I want PHP 5.4 instead of 5.3 and to disable AWStats for the domain. This is what I got :-(
Error: Unable to reconfigure Web server: websrvmng failed: Filename: Error: Cannot add duplicate collection entry of type 'add' with unique key attribute 'name' set to 'Perl-CGI-pl' In module Exception type: System.Runtime.InteropServices.COMException at Microsoft.Web.Administration.Interop.IAppHostElementCollection.AddElement(IAppHostElement pElement, Int32 cPosition) at Microsoft.Web.Administration.ConfigurationElementCollectionBase`1.Add(T element) at HandlerCollection.AddRange(List`1 ) at IIS7Handlers.enable(IIS7Handlers* , set<enum IHandlers::HandlerType,std::less<enum IHandlers::HandlerType>,std::allocator<enum IHandlers::HandlerType> >* types, Boolean disableOther)
Incoming mail on several devices with various operating systems gives me no trouble at all. However I can not find the right settings for outgoing mail for Thunderbird 24.0.
For incoming mail I noticed I had to submit mail.<name>.be and port 143, no authentication and non-encrypted password. And it works.
For outgoing mail server I've tried a lot of options:
mail.<name>.be, all ports tested, all authentication options, and with both encrypted or non-encrypted passwords, in every combination of these settings. smtp.<name>.be , all ports tested, all authentication options, and with both encrypted or non-encrypted passwords, in every combination of these settings. <name>.be, all ports tested, all authentication options, and with both encrypted or non-encrypted passwords, in every combination of these settings.
I tried to configure windows live mail for an email account. Domain is hosted on a windows Plesk server. Incoming mail is working but unable to send outgoing mails.
Subject 'xxxxxxxxxxxxxxx' Server Error: 503 Server Response: 503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server. Server: 'xxxxxxxxx.tld' Windows Live Mail Error ID: 0x800CCC79 Protocol: SMTP Port: 25 Secure(SSL): No
Current Version Installed :Parallels Plesk Panel 11.5.30 Update #31 Problem: When username have @ like : firstname.lastname@example.org
Steps : When configure the setting all go right (test to validate setting is ok too) , but when Scheduled Backup Settings using Personal FTP Repository cannot connect for server because the url use 2 @ like error message below.
Error Message : Cannot parse output file 'ftp://email@example.com@mydomain.com/' [Invalid URI: Can not parse the hostname.]
i have a problem with my plesk 12 Installation on a Windows Server 2012 R2 Standard machine.
When I select a Website and want to change the php settings for that page it wont apply the new settings.
I placed a phpinfo() file in the Folder of that Website to test that. The weird thing is when i change the memory_limt value it is visible on the phpinfo() but when i change post_max_size or upload_max_filesize nothing changes.
When I try to reset the Personal FTP Repository setting in Backup Manager, I get "Transport error: unable to list directory: Curl error: Failure when receiving data from the peer"
I've read a solution to this issue for Plesk for Linux, but not for Windows. I have my FTP server setup for FTPS (require explicit FTP over TLS) and when I put the correct information in each box, I get this error. In the meantime, the current settings (for standard FTP) are incorrect.
Obviously the most important this is to correct the Transport and Curl errors, but if I'm unable to do so, how do you clear the current setting? There doesn't seem to be a way to do it...
After a server migration, some critical Plesk settings were not copied across, even though the option to backup/restore panel configuration was used. e.g.
skeleton (vhosts.skel folder) php.ini (Program Files (x86)ParallelsPleskAdditionalPleskPHP5* folder) Default site (vhostsdefault folder) health config (Program Files (x86)ParallelsPleskadminconfcustom-health-config.xml) Additional Administrator accounts
Is there a way to get these things to backup and restore that I am doing wrong?
Are there other important settings/data that I have missed from that list? I am still paying to keep the old server in case I discover something else!
Using Plesk Backup & Restore for disaster recovery will lose these settings unless they take extra steps. e.g. I now have a simple batch file that copies these files to a private folder on one of the domains before the daily backup kicks in.
OSMicrosoft Windows Server 2008 R2 Service Pack 1 Panel version11.5.30 Update #47
We have a few hosting plans setup with different "allowances" for each.The website permissions allow basic html and PHP.In Windows Advanced: The website settings allow for html, php, asp and asp.net
When we change a Basic Hosting plan to Windows Advanced using "Change Plan", it will reassign the subscription/domain to use the new plan, but it will not add-on the extra features in Hosting Settings.
I have set up a Plesk Windows server behind a CISCO PIX 501 firewall and since then am not able to upgrade Plesk to the latest version. It cannot connect to the Plesk Update server. which port do I need to open and whether it will be inbound or outbound?
Ive been searching around recently for a webhost to setup my online development area. The following are my requirements, so if you could point me in the right direction i would be extremly grateful!
Windows Hosting (durr! at least 2 gig space/50 gig bw). ASP.NET 2.0 & AJAX 1.0 (3.5 would be even better, but i can wait until it comes out of BETA). SQL 2000/2005 (I will need upto 10 databases, but none of these stupid 100mb database limits. I would prefer if space as taken out of my web space. ISAPI_REWRITE module (i like to make pretty urls!).
I would prefer UK based servers, but i'll make do with US.
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
My Centos server running Plesk12 is running scheduled backups every sunday 3AM.
The backup is configured so that it's created as a multivolume backup with a volume size of 2047MB.
The backup is placed on my Personal FTP repo (another plesk12 server mounted with big storage).
The backup content is configured to backup server config and content (all).
The problem I have is when the backup is running I can see that it creates the volumes and stores it locally. After it send all the volumes the the external FTP repo it will delete the local (tmp) data. See my attached screenshot for storage health during backup.
Is this behaviour normal? This way we can never run a backup to an external FTP repo when our server passed 50% storage. Is it not normal to:
- Create a volume - Send it to FTP repo - Delete volume locally - Repeat until done
I installed Serv-u FTP for my server online and has open port 21 to client can remote access to FTP server. But...client cannot access to with occur error following : The connection with server was reset.
However, when i turn off Windows Firewall. Client can access to folder in server FTP. What 's the reason?
is it just me or does windows firewall in Win2K3 randomly decide to block SNMP ports?... i have over 30 servers runnng Win2K3 and out of the blue yonder today 3 stopped reporting snmp data ...... the windows firewall was turned off and ICS services were not running but still ports 161 and 162 were being randomly blocked ... so now i add ports 161 & 162 to the FW and it all works but when i disable the services to be free of windows firewall ports 161 and 162 get blocked again and snmp is down [back to square 1]... so simple solution is to leave windows firewall enabled & ports 161/162 enabled rite?
I am trying to find a firewall for windows 2003 64 bit edition. So far I have tried Visnetic, which doesn't work, and comodo will not even have a beta version out until May. Anyone know of another that will work on 64 bit windows?