Plesk 12 Permissions For Sites Using Apache For User And Group
Jan 6, 2015
We have several sites on one server. When I use the plesk wordpress manager it some how updates the User and Group permissions on folders and files with the username apache. How or what command do I run to get it to use the site username and psacln. It appears something maybe in an update or whatever has caused this issue. This only occurs with wordpress and drupal updates from the plesk interface.
What command can I run just to update the permissions to update all users to a username and psacln security settings on folders and directories.Running Plesk 12.0.18 and CentOS7
I've finally made the leap to upgrading from shared hosting to a VPS. I'm still setting up my configuration before I point the domain name to my new server, but for now, I have the site mirrored and I'm ensuring that all is running well. For the most part, everything is working, but I am running into a few permission issues...
As of right now, all the files in my htdocs directory are owned by root, and I am logging into my FTP client as root. However, I'm pretty sure that this is not how I should be doing this, because I need to allow write permissions to some folders from my php scripts.
I was just curious, how do you you guys set up the users and groups on your linux servers (running apache). I'm just not certain of the best way to handle it. Should I make a new FTP user, and if so, what group should it go in? Should that user be the owner of all the web files? When is it safe to set folder permissions to 777?
I have opensuse 13.1 on my server and i folow this tutorial: URL....but as you see this is for opensuse 12.2, but i manage to run everythink only apache2 server.Well i get this error, but i run vhost.No user or group set - set suPHP_UserGroup..Well apache2 is rurning as every other thinks on server only web page dont show and i get error: Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
APache is running under the "nobody" user/group as default in CPanel servers as a suggestion I should change it to another user/group to improve security!
But in CPanel servers its hard to do that because you must edit some scripts and files to prevent the backing to nobody when running some scripts such
The problem is, how do I get the group to be set as apache on a file/dir upload? I really do not like having other permissions set, as it can be a security risk, allowing others to access someone else's files.
Another issue is, I can't remove privileges, but I can add them.
copy of proftpd.conf:
Code: ServerName "FTP" ServerType standalone
Port 21 PassivePorts 35000 35999 UseReverseDNS off TimesGMT off TimeoutLogin 120 TimeoutIdle 600 TimeoutNoTransfer 900 TimeoutStalled 3600
#MaxCients 20 "Sorry, the maximum number of allowed users are already connected (%m)" #MaxClientsPerHost 2 #MaxClientsPerUser 2 MaxConnectionsPerHost 6 "Sorry, you may not have more then 6 connections open at a time" MaxHostsPerUser 6 "Sorry, you may not connect more than 6 times"
#DON'T modify this log format. Its used by DirectAdmin to determine user usage LogFormat userlog "%u %b" ExtendedLog /var/log/proftpd/IP.bytes WRITE,READ userlog
AuthUserFile /etc/proftpd.passwd DefaultServer on
#AuthPAM off
<IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd/proftpd.tls.log TLSProtocol TLSv1 TLSVerifyClient off TLSRequired off
I believe the product we are using is Parallels Operations Automation.
We have a customer that we want to be able to give the right to unlock user accounts. The only way to do this seems to be to enable "Billing" as one of the privileges. Unfortunately this gives them more access than we really want to. Is there some trick we can use to give this user only these rights?
I have a question regarding running Mediawiki on my server and the user/group "nobody", which seems to be causing problems as far as file permissions go.
When a file is uploaded via mediawiki, it's assigned the group/user of "nobody" This means I can't change the file's permissions via ftp or ssh, unless I login as root and chmod/chown the file back to the proper user.
I have just used rsync to backup a dedicated server to a new cloud server. I put the files in a plesk webspace 'Backup' folder for ease of use (gui). In File Manager for that webspace it shows the folder user and group as root, which is obviously correct as rsync maintains users etc?
Thats fine, I just wanted to be able to back them up along with the rest of the server configuration and content.
However, when I run backup it says "For security reasons, backing up is performed on behalf of subscription's system user. This system user has no read access to:" and "So it was not backed up. All other data was backed up successfully. To fix this issue you may grant access read/write to the file or directory for system user "(username)" or "apache"."
I don't know how to give read/write access to the system user? Through file manager there is no option to change permissions.
I'm making an account for my friend, and I just want him to have access to /var/www/hishomedirectory/
I want him to be able to do anything in that directory (rename files, delete, copy, move, upload, etc..), but not able to use apt-get or play with settings. Not a superuser either.
i have 3 sites/users that all need to be able to access each other with complete read/write/exec access
Site1 Site2 and Site3
what's the best way to do this without screwing up all the premissions and access to my currently active sites. I need advice from someone who is a pro at this and not just guessing at what premissions to set. I'm assume i need to create a MasterGrp and invite all 3 sites then set/change permissions on all three sites. Also all new files created would need to have the masterGrp set as the group automatically
After some yum updates last night one user and group called xfs were created on my dedicated server. Does anyone know what this group/user is used for?
Compliments about the integration of Fail2Ban. I saw a lot of blocks on different IP addresses that tried to logon to the server. Fail2Ban is setup to monitor SSH, FTP, and some more.
It is however not possible to activate the "plesk-apache" and "plesk-apache-badbot" jails.
I receive the following error when I try to activate the jails:
Cannot activate the selected jails: f2bmng failed: ERROR NOK: ('plesk-apache',) ERROR NOK: (13, 'Permission denied') ERROR NOK: (13, 'Permission denied') ...... ERROR:f2bmng:Command '['/usr/bin/fail2ban-client', 'reload', 'plesk-apache']' returned non-zero exit status 255 ERROR:f2bmng:Failed to reload following jails due to errors in configuration: plesk-apache
When i look into the logfile of fail2ban, i see that there are no permissions for the log files: 2015-01-10 20:14:40,987 fail2ban.comm [19428]: WARNING Command ['set', 'plesk-apache', 'addlogpath', '/var/www/vhosts/system/[domainname]/logs/error_log'] has failed. Received IOError(13, 'Permission denied')
The file permissions are set as following on all the log files: -rw-r--r-- root root
I'd really like to activate Fail2Ban for Apache too.
Does anyone know what could be the cause of this issue? I located a few others over at cpanel.net that have this problem, but no solution has been found.
[url]
I am running a VPS server with the following:
WHM 10.8.0 cPanel 10.9.1-S14304 RedHat 9 i686 - WHM X v3.1.0 phpMyAdmin - 2.9.0.2 MySQL client version: 4.1.10 mysql version: 5.0.27-standard
I have a database user that needs "Super Privileges" and so this was done. However, when Cpanel is updated the user permission is reset automatically from "ALL PRIVILEGES" to "USAGE".
Here's a look at the database permissions from phpMyAdmin.
Code: User Host Password Global privileges Grant hello localhost Yes ALL PRIVILEGES Yes hello_ % No ALL PRIVILEGES Yes hello_ localhost No ALL PRIVILEGES Yes
The user "hello" loses its "ALL PRIVILEGES" and switches over to "USAGE" if an update is triggered. Updates to cpanel, creating/removing a database/user, and updating the account password will cause the switch.
I want to use something like PHPBB forums and using one MySQL user and database. Just wondering, what are common user permissions I should set for the user? I want to try to minimize any permissions that can cause big risk to the server security.
Here is a full list of permissions I can grant to the user (via Webmin):
-Select table data -Insert table data -Update table data -Delete table data -Create tables -Drop tables -Grant privileges -Reference operations -Manage indexes -Alter tables -Create temp tables -Lock tables
I am trying to setup a cronjob but cPanel, (Linux Centos 5), tells me that user/bin/crontab permissions are incorrect and need to be changed to 4755 - I try to change permissions in WinSCP [Properties] but it doesn't 'take'.
how to force a change of permissions with SSH (Putty)
My Pink Floyd website has a photo section of rare concert pictures that our members upload. We have about 3,000 of these pictures, that our members upload via an FTP server that is hosted on a simple cPanel web hosting account. Someone logged into the account and not only deleted all the pictures, but uploaded obscene pictures and index.html files to some really nasty stuff.
We delete all the obscene stuff, but before we re-upload all the pictures I need to know...
On a cPanel account is there a way to have the FTP User only able to upload files and not edit/delete/change? Somehow we can edit their permission?
I asked HostGator about this and the ChatTech said this cannot be done, and I was a bit surprised. I could easily do this on my own server, but i'm not sure where to start at the user level.
Is there any safe way to grant command line permissions to a user/specific account? One that only allows them access to databases on their account.
The problem is that this user intermittently runs queries that cause their database to hang (including PHPMyAdmin, so they can't view the processlist through there), and I have to manually kill that process, because they can't.
Server is 2.4.21 with MySQL 4.0.27, admin is cPanel WHM.
I tried to harden our plesk servers and encountered a problem with switching to individual dh keys.We are running Postfix version 2.9.6-2 on Debian 7 boxes with Plesk 12.First I removed SSLv3 and limited the Ciphers as proposed on the Guide to Deploying Diffie-Hellman for TLS. All excluded Ciphers won't be served. Never the less the newly created individual 2048bit DH key under /etc/ssl/dhparam.pem would not be used.
The test-tool: [URL].... can check for ports. So when I check port 25, I get the message, that the server is not vulnerable, but that I should turn on ECDH.I checked the postfix documentation. I´ve kept the master.cf as is and changed the main.cf to this:
Do I have to modify the master.cf as well?Here I found entries for every domain/ip:
plesk-domainname.com-1.2.3.4 - unix - n n - - smtp -o smtp_bind_address=1.2.3.4 -o smtp_bind_address6= -o smtp_address_preference=ipv4 -o smtp_ helo_ name=domainname.com
Do I have to add the -o smtpd_tls_dh1024_param_file=$submission_tls_dh1024_param_file to those entries? I want to keep the setting permanent. I experienced in the past, that plesk tends to overwrite the setting I´ve made.
Not sure if this is an Apache issue but I'm guessing it is. I also have cPanel on this server.
I made a PHP script and placed it on my server. This script has a function that will create a new file on the server, say a .txt file with information in it. When I go to do anything with that file that is created such as edit it, I get a permission denied from the server.
Someone guessed that it is possible that when the PHP file is creating a new file on the server, it automatically places its permissions under root/apache, making it inaccessible for the cPanel user... if this were the case how could I potentially solve this issue?
I am trying to change permissions on my perl and CGI files to execute them for my website.
I have a laptop I am using as my server. It has Windows Server 2003. I have Apache, and Active Perl. IIS is disabled. My website loads just fine.. I just cant change the permissions or find out how.
How do I change the permissions on my perl and cgi files?
I have installed phpmyadmin, and i tried placing the folder both in /var/www/xxx/xxx/ and /var/www/ and neither seem to work.
How I can get it to show up in the /var/www/xxx/xxx so i can just access from my.site.name/phpmyadmin
Even more preferred would be keeping it in the /var/www/ folder, but still being able to access my site at my.site.name/index.php and my phpadmin by my.site.name/phpmyadmin
