Plesk 12.x / Linux :: Disabling Weak SSL Ciphers - Sites Are Down

Jul 8, 2015

After successfully changing to a fresh created dhparam pem and a reissue of my certificate all was well.

A couple of other things needed to be done so I followed the article: [URL] ....

nginxDomainVirtualHost.php was already present so the only thing I did was adding the ciphers I got from another site (ciphers that also gave me XP and IE8 support etc.)

After executing the httpdmng --reconfigure-all command I instantly got a error message:

Details: (timestamp) ERR [util_exec] proc_close() failed
(timestamp) ERR [panel] Apache config (14364042360.16209100) generation failed:
Template_Exception: nginx: [emerg] unknown directive "HIGH:!aNULL:!MD5"

[Code] .....

Why are "HIGH:!aNULL:!MD5" unknown directives? How can I merge:

ssl_ciphers
EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384HE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:

[Code] ....

into these these automatically created @domainname.conf files of all my sites without getting this error.

I'm hosting 5 sites, all 5 sites are down now because of the missing conf files.

View 9 Replies


ADVERTISEMENT

Plesk 12.x / Linux :: Elliptic Curves Ciphers Suite With Sw-nginx

Nov 9, 2014

I am testing our Plesk linux-server (Plesk 12.0.18 on RHEL 6.6 x64) for SSL high security configuration with Qualys SSL Labs reccomendations (https://www.ssllabs.com/ssltest/).

Best choise today is using Elliptic Curves Ciphers Suite for secure-connection negotiating, but I could not force plesk-contributed sw-nginx to using elliptic curves ciphers suite (sw-nginx-1.6.0-1.14051516.rhel6.x86_64):

when place ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDH+AESGCM; to nginx server and vhost configurations, then secure negotiation is not established.

Starting from RHEL6.5 Red Hat contribute openssl with EC ciphers - https://access.redhat.com/documenta...erprise_Linux/6/html-single/6.5_Release_Notes (openssl-1.0.1e-30.el6_6.4.x86_64)

OpenSSL on live system shows these ciphers:

openssl ciphers -v | grep ECDHE
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD

I think, the problem is that the sw-nginx is compiled with old openssl binaries without elliptic curves support.Can Plesk development team recompille and release updated sw-nginx package..Сan use genuine nginx package from official nginx repository instead of sw-nginx package?

View 5 Replies View Related

Plesk 11.x / Linux :: Disabling Email Forwarding Configured In Accounts

Aug 23, 2014

Many of our clients create e-mail accounts that forward incoming e-mail to mailboxes hosted on other e-mail services. e.g., Gmail.

Lately, though, a handful of these accounts have been receiving a lot of spam (i.e., UCE) and that's been causing a lot of damage to our reputation with these other e-mail services because the message that's being forwarded appears to have originated from our servers.

Code:
<someuser@gmail.com>: host gmail-smtp-in.l.google.com[64.233.183.27]
said: 552-5.7.0 This message was blocked because its content presents a
potential 552-5.7.0 security issue. Please visit 552-5.7.0
http://support.google.com/mail/bin/answer.py?answer=6590 to review our 552
5.7.0 message content and attachment content guidelines.
g20si28780491ici.46 - gsmtp (in reply to end of DATA command)

Is there some way to...

Find accounts that are configured to forward to gmail?

Disable forwarding in accounts that are configured to forward to gmail? 

View 4 Replies View Related

Plesk 12.x / Linux :: Cannot List Sites Through API

Apr 15, 2015

I'm trying to get a list of all sites on a Plesk 12 server. This is the request:

Code:
<?xml version="1.0" encoding="UTF-8"?>
<packet version="1.6.6.0">
<site>

[Code].....

View 4 Replies View Related

Plesk 12.x / Linux :: Sites Do Not Send Emails

Apr 30, 2015

Started after last update 12.0.18 Update #44 (on CloudLinux): I can send mail wia created mailboxes, but sites can not send mail, contact forms say "Failed to send your message." maillog file also do not indicate sending any messages from domains. Wordpress restore password claims:

"The e-mail could not be sent.
Possible reason: your host may have disabled the mail() function."
php.ini is default:
safe_mode = Off
disable_functions = is empty

The issue about not sending mail from domains was - old versions of LVE anf CageFS are incompatible with latest plesk update, updating them caused all sites in Cagefs to throw error 500 with log string: "SecureLVE jail error Invalid regexps: no match for path to base home directory". It was fixed by changing cagefs.base.home.dirs regexp to the real sites folder location. Enabling cagefs back removed one of the files it shouldn't:

"Removed file /var/cagefs/81/xxx/etc/php.d/soap.ini"
So be carefull to place necesssary files back.
For now everything works.
Click to expand...
Click for original message

View 8 Replies View Related

Plesk 11.x / Linux :: Deleted Panel And Sites Are Gone

Sep 9, 2014

I just want to remove plesk and installed again. i saw (URL...) this page. use this code but plesk not removed. my sites are gone.how can i get back my site? what i should install.When i try install plesk 12 says you already install version 11.0.9

View 7 Replies View Related

Plesk 12.x / Linux :: Error 403 Forbidden On All Sites After Migration

Dec 17, 2014

We have installed Plesk 12 on a fresh up to date Ubuntu 14.04 x64 server.

After installation, and before any migration, we have moved some folders:

- /var/www/vhosts -> /opt/vhosts
- /var/qmail -> /opt/qmail
- /var/mysql -> /opt/mysql

We have created symlinks, modified some configuration files (Plesk included) and ran domains reconfiguration script (zero domain installed, but just in case the script will do anything else).

After that, we have launched Plesk Migration Wizard (from Plesk 9 to last release).

Everything has worked fine: all domains have been migrated on our new folders (/opt based) and owners has been correctly defined for each domain. The same for MySQL and all mail accounts.

We have checked Apache VirtualHost configured by Plesk Migration Wizard : our new folders are used (/opt).

So all seems to be ok.

But now, all websites (configured with Apache and Apache PHP module) returns 403 Forbidden error.

We have try changing to FastCGI with Apache same error.

We have try changing to full Nginx (PHP and static files), some websites run.

We have checked some KB (112884, 800) but all seems to be good.

Is there any steps we have omitted when we move folders ?

View 11 Replies View Related

Plesk 12.x / Linux :: Password Protecting Sites With Nginx And PHP-FPM

Jun 21, 2015

I am seeing some some some strange behaviour when password protecting directories served by nginx and PHP-FPM. If I have a site set up so that 'Process PHP by nginx' is selected under ('Websites & Domains>Web Server Settings>nginx settings') and set up password protection ('Websites & Domains>Password-Protected Directories') PHP pages are still served without asking for a password.

If I untick 'Process PHP by nginx' the behaviour returns to normal and an attempt to any access files results in the password request.Is this behaviour by design? If so, it is not made clear when you set up the password protection that it will not apply to PHP pages if you have nginx process the PHP pages.

OS: CentOS 6.6 (Final)
Plesk version: 12.0.18 Update #51

View 2 Replies View Related

Plesk 12.x / Linux :: After Reboot Server - Sites Not Opening

Dec 29, 2014

Today I reboot my server. And after that my sites are not opening.

View 2 Replies View Related

Plesk 12.x / Linux :: All Sites Down After Any Change Made In Domain

Sep 25, 2014

OS: Centos 6.5
Plesk Version: 12.0.18

Recently, we had trouble with Horde, which I Re-installed. However, since then any change that is made to a domain in plesk (changing mailbox settings, domain settings, hosting settings) All website show the default plesk page and I will have to re-run the reconfigure-all command in SSH to bring them all back up. Sometimes even that won't work and I will have to re-run the bootstrap repair command. We were actually on Plesk 11 when this started happening, so we upgraded to Plesk 12, but unfortunately this did not fix the issue.

We have around 500 customer websites on this server, so obviously the changes are made often and the sites going down on every change isn't great at all.

I have a long list of these errors in my error Plesk error log:

2014/09/25 17:31:53 [error] 818#0: *1566 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: *.*.*.*, server: , request: "$

But I can't seem to find out if this is the cause, or how to fix this error correctly on a Plesk install.

View 1 Replies View Related

Plesk 12.x / Linux :: Increase PHP Memory Limit For All Hosted Sites

Nov 12, 2014

I am trying to increase the PHP memory limit for all Plesk hosted sites.

I've updated the 'memory_limit' setting in /etc/php.ini

Then I ran

Code:
/usr/local/psa/admin/sbin/httpdmng --reconfigure-all
/usr/local/psa/admin/sbin/httpdmng --reconfigure-server
Checking a phpinfo() page on hosted sites I see that this setting has not been effective.

Checking some /var/www/vhosts/system/domain.com/etc/php.ini also shows the old setting, and I can see that these files have not been updated.

I note that all these domain php.ini files have been modified earlier today, all at the same time, so presumably some process did regenerate them earlier. All these files hae the "DO NOT MODIFY ..." heading

I realise that I can go the the domain in Plesk GUI and save the PHP settings to force an update, but is there anyway to force the regeneration of all of these files via CLI?

View 3 Replies View Related

Plesk 12.x / Linux :: SSL Sites Receive 502 Bad Gateway When Nginx Is Enabled

Oct 22, 2014

When I turn on nginx for the server I am able to browse non SSL protected sites correctly. I receive a 502 Bad Gateway error on any sites that have an SSL certificate. Is there a fix for this? I have been unable to find one.

I am running Plesk 12 on an Ubuntu server.

View 6 Replies View Related

Plesk 12.x / Linux :: Moved Vhost Location - Some Sites Not Working

Nov 14, 2014

I have a new DS with Plesk 12. I needed to change the default /var/www/vhosts location to a different physical drive, with more capacity.The larger disk is mounted as /disk1, so I created a folder here called vhosts, moved everything from the existing /var/www/vhosts directory, then I mounted /disk1/vhosts as /var/www/vhosts. See my fstab output below.

I then edited /etc/psa/psa.conf to update the VHOSTS location as per [URL] ...., and restarted Apache, MySQL and reconfigured domains.I thought all was OK, and that Plesk would just see /var/www/vhosts as normal, but I proceeded to migrate domains from another server to this box, and found that whilst some sites were working OK, many were not.

I was finding that existing config directives that used <Directory> were being ignored or seemed to disappear.All sites with .htaccess files stopped workingWe would get Apache / PHP errors saying that files could not be accessed as they were not in the allowed path for the domain. Plesk seems to be logging, reporting, and handling files as if they were in /disk1/vhosts, not the usual location. I have got sites working by adding /var/www/vhosts/ domain and /disk1/vhosts/domain to the PHP Settings page as allowed paths.

I have checked in the httpd.conf for each domain, and they all list the site document root as /disk1/vhosts/domain, not /var/www/vhosts/domain.It's as if Plesk is ignoring the change in /etc/psa/psa.conf.

All I want is for Plesk to think that /var/www/vhosts is the document root for all domains, and not do anything with /disk1/vhosts. I have many sites with hard coded links to included files in /var/www/vhosts/domain, and I dont want to have to rewrite them all to use /disk1/vhosts.

I have had to stick HTTP configuration directives on nearly every site, and add these entries to the allowed paths box, which obviously I should not have to do. Can any Plesk / Linux gurus tell me what I need to do to fix my problem, get sites working in /var/www/vhosts, and have Plesk allow .htaccess files to work without me having to add "AllowOverride All" to every domains??

# /etc/fstab
# Created by anaconda on Tue Oct 14 05:22:57 2014
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#

[code]....

View 2 Replies View Related

Plesk 12.x / Linux :: Certificates Disappeared After Upgrade - All Sites Using SSL Now Broken

Sep 25, 2014

All my sites using SSL are now broken and the panel says there are no certs.... I hope they are still there somewhere where I can find them.

View 6 Replies View Related

Plesk 12.x / Linux :: Prevent 502 Error For All Sites When Changing Configs

Nov 19, 2014

I have a Plesk 12 server running that works great. But the problem is that whenever one of my shared hosting customers changes something out a domain or subdomain, all the other sites on the server give a 502 error.

The reason why is clear to me: apache is reloading its config while nginx is still active, but sees apache as being down and therefor throws a 502 error.

Is there any way to prevent this from happening? Because it's happening a lot and people are sending in 'site down' reports while there's actually nothing wrong with the server or their site.

View 2 Replies View Related

Plesk 12.x / Linux :: Sites Just Stop - Zend DB Adapter Exception

Apr 6, 2015

Since hour ago my sites just stopped and Plesk, too. Error when trying to open plesk is:

ERROR: Zend_Db_Adapter_Exception: SQLSTATE[HY000] [2002] No such file or directory (Abstract.php:144)

Plesk just won't start.

View 1 Replies View Related

Plesk 12.x / Linux :: Sites Offline While It Runs Perfect After Reboot

Apr 2, 2015

I run a centos 6 plesk 12 server with around 7 domains.All runs perfect untill a 3 hours ago. The server was offline.After reboot plesk starts up without a problem but the sites keep offline. While httpd and mysqld and psa runs perfect.Also cannot find error messages in the messages, error_log or anything. How to proceed debugging?

View 2 Replies View Related

Plesk 11.x / Linux :: All Sites Unresponsive Until Reboot Happening Several Times A Day?

Jun 8, 2014

OSCentOS 5.6 (Final)
Panel version11.0.9 Update #61
The system is up-to-date; last checked at June 6, 2014 03:32 AM

I use pingdom to alert me when sites go down. It would happen only once every few weeks, and I'd just reboot the VPS from my provider's control panel, however in the last 24 hours it has started doing it more and more often. The only change I have made in this time is to delete a few unused web sites.

When I get alerted, I check the the domains and they won't load. I look at the plesk control panel page thought and that does work.

I can SSH in, but I can't see anything that might work in the messages log.

I removed the plesk control panel error as that only seemed to happen once and is not happening anymore.

I saw quite a few entries in the /var/log/secure log and so I added iptables rules to only allow SSH access from my own IP and to DROP all other requests. It seemed fine for a while, but after 12 hours it has started becoming unresponsive again until reboot.

View 4 Replies View Related

Plesk 12.x / Linux :: Migrated From Debian 7 To Centos X64 - All Php / Wordpress Sites 502 Error

Jan 31, 2015

For some reason I am having issues with latest Plesk with php and wordpress. HTML sites are fine, but all php and wordpress sites are giving a 502 error after fully migrating. I repaired with Webserver Configurations Troubleshooter and rebooted and its still giving me the same issue.Also, noticed my previous server had php 5.4.36, the new CentOS server has 5.4.37.

View 5 Replies View Related

Weak Cipher Vulnerability On Apache Web Server

Apr 10, 2013

We are currently running ColdFusion 9 on an Apache server. After running a Webinspect scan for one of our web applications, a weak cipher vulnerability was flagged as critical. Their recommended change to the httpd.conf file is listed below. We made the change and restarted our server but the same vulnerability came up again. How to eliminate the weak cipher vulnerability?

SSLCipherSuite ALL:!aNull:!ADH:!eNull:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM 

View 3 Replies View Related

Plesk 12.x / Linux :: Sites Inaccessible - Unable To Generate Web Server Configuration File

Aug 31, 2014

I have some error with my server. All my sites are inaccessible.

Code:
Template_Exception: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/opt/psa/var/certificates/cert-ao0glw") failed (SSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:Type=X509_ALGOR error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:Field=pkeyalg, Type=PKCS8_PRIV_KEY_INFO error:0907B00D:PEM

[Code] .....

View 2 Replies View Related

Disabling IonCube In Plesk

Apr 18, 2007

I have RH ES4 running as a vhost on Plesk.

Does anyone know how I can turn off IonCube? I don't see the .so for IonCube in php.ini

View 4 Replies View Related

VPS Plesk .. My Sites Down Again- DNS

Oct 23, 2007

how can i fix my dns problem?

it's shutdown now for 3-5 hours then it's back again!

but i have root login and the ip still work

View 14 Replies View Related

Plesk Migration Of Big Sites

Oct 30, 2007

I'm going to migrate my current web server to Plesk soon, and before I would like to know if I need a stable Internet connection to use the migration tool. My sites and databases are more than 5GB and my Internet connection at home is not very stable currently, so I would like to know if the migration stops as soon my Internet connection interrupts, or if it's completes automatically between the two servers once the migration has been started.

View 5 Replies View Related

Plesk Automation :: Sites Getting Disabled

Dec 15, 2014

We are having an issue with websites randomly getting disabled within our PPA system. There doesn't seem to be any reason why they are getting disabled. Our PPA is not tied to a billing system that would make them shut off. Turning them back on works fine but it shouldn't be just shutting them off.

View 2 Replies View Related

Suitable UK Linux Hosting Packages For Lots Of Small Sites

Sep 5, 2007

Does anyone know of a hosting Linux package (must be UK based) that has the usuals (PHP, MySQL, subdomains, email, Apache ModRewrite) that is geared towards hosting lots of low bandwidth sites?

I use several great hosters but they limit the amount of addon domains or charge you through the roof for extra ones. I'm thinking a package that will let me do 15 - 25 domains. More would be a bonus. The bandwidth allowance is not a problem. A lot of my customers' sites use less than 100 MB a month.

View 5 Replies View Related

Unable To Access Sites On Plesk Server

Jan 29, 2007

When trying to access any web sites or webmail on a plesk server i keep getting the following.

Forbidden
You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Nothing as far as i can see has changed on the server.

I cant access plesk control panel due to network restrictions but have command line access.

what could of caused this blanket ban?

Cant see any changes in .htaccess files, but didnt think that plesk would affect these much anyway

View 5 Replies View Related

Plesk 11.x / Windows :: Separate Backups Of All Sites?

Sep 8, 2013

I do wanted to know if there is any option to program plesk, so that it does separately backups of all sites instead of doing a globally backup of all things in one file.

I do not mind that people an synchronize their account with one of their ftp servers to do backups but what I do want is me also to do backups of all sites separately.

View 5 Replies View Related

Plesk 12 Permissions For Sites Using Apache For User And Group

Jan 6, 2015

We have several sites on one server. When I use the plesk wordpress manager it some how updates the User and Group permissions on folders and files with the username apache. How or what command do I run to get it to use the site username and psacln. It appears something maybe in an update or whatever has caused this issue. This only occurs with wordpress and drupal updates from the plesk interface.

What command can I run just to update the permissions to update all users to a username and psacln security settings on folders and directories.Running Plesk 12.0.18 and CentOS7

View 1 Replies View Related

Plesk 11.x / Windows :: Secure Your Sites Button Not Visible

Jan 27, 2014

On windows 2008 server with Plesk 11.5, the Secure your Sites option is not displayed. In addition unable to share SSL certificates across many sites with shared IP address.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved