The Problem: I'm trying to set up an automatic backup to an ftp server using ftps (as configured in the personal ftp repository). Copying the files fails however.
The things I checked: The Plesk management website can't show the target folder's contents. The only error I get is Error-Code "1". The ftp server (a synology NAS) logs the ftp access: Credentials are correct, session is terminated after transferring 0 Bytes. Each failed backup leaves a 0-Byte .tar file on the Backup folder. If I disable ftps and go with plain ftp, everything works just fine.
Our previous generation Plesks (v11 and lower) can utilize ftps for backup (to the same ftp server) without a hitch.
Additional considerations: Since the WebServer is on a hosted machine and file transfer has to be done across the internet, unsecured transport is not an option.
Plesk Panel 12 uses a proftpd FTP server, with the TLS module pre-installed and configured.
Many questions and/or problems arise when trying to connect to the FTP server over a FTPS connection. In (almost) all cases, the disability to connect with FTPS is due to
a) the lack of configuration of passive ports, AND b) firewall settings, enabling connections through before mentioned passive ports.
The passive port range can be configured by
adding a line to /etc/proftpd.conf, stating: "PassivePorts <start> <end>", OR adding a separate file with name <filename>.conf to /etc/proftpd.d/, with the contents of <filename>.conf stating: "PassivePorts <start> <end>"
And note that
- <start> is the first port of the port range, in theory any value above 1050 can suffice, - <end> is the last port of the port range, any value below 65000 (!) can suffice, - the extension .conf is required when using a separate config file, - the directory location /etc/proftpd.d/ is required when using a separate config file, - one should always limit the port range, i.e. it is not desirable to open up a lot of ports, - it is desirable to have the <start> value above 20000, in order to prevent conflicts with other programs, using a specific port (for instance, port 8443 is also being used), - it is not necessary to restart proftpd after configuring the passive ports.
The firewall settings have to be changed to allow connections through the passive ports that have been opened for FTPS connections and note that
- only open up the port range (not more) in the firewall settings, - it is only necessary to open up ports in the firewall settings of the FTP server, - it is not required to open up ports in the firewall settings of the sending server. Many issues have been arising when setting up the FTP Backup Repository.
In general, the passive mode checkbox has to be selected, when encountering issues.
The explicit use of the passive mode allows for proper configuration of the FTP Backup Repository and note that it does not matter whether FTPS or normal FTP will be used.
For some reason FTPS is no longer working as it used to before plesk upgraded. At this point, I am not sure which Plesk upgrade caused this since I do not FTPS or ftp in general often. its enabled as it was before, even disabled and re-enabled it again. Still gives a "could not establish connection". Restarted the service via command Line with "service xinetd restart". still isnt working...
I experienced an issue using an external backup repository on Plesk 12.0.18 machines using ftps. The ftp server uses ftps (explicit) connections.Plesk 11.5 works fine (and ordinary ftp client like Filezilla as well), Plesk 12 throws the following error when trying to add the server via the web interface:
Code: Curl error: Login denied Unencrypted connections will work. Plesk 11.5 machines (with the same settings) will work.
I've analyzed the problem and got so far: The backup manager tries to connect using "regular" transfer method + ssl, not ftp-ssl explicit.Is there a chance to force Plesk using explicit ftpes connections? Or is there another work around?Some additional infos about the (ftp) server: The ftp server is running ProFTP 1.3.4d, uses port 2000 for the control port and has a port range (2001 - 2100) for the passive connections.I tried to add the server using the address field of the gui IP:2000 and checkboxed "passive mode" and "ftps".
Ubuntu 14.04 with Plesk 12 (10 Domain License).Using this for mail only... multiple domains.Postfix and Dovecot installed. Trying to figure out how to do:
- SASL Auth (Dovecot) - TLS - want above two to be mandatory... no plain text auth and no unencrypted connections.
How do I achieve this with Plesk 12?I have found countless how-to's about doing this with Vanilla (non Plesk) installs with the same server software. However, Postfix main.cf and master.cf both appear to have specific Plesk modificatuons. Same thing for the related Dovecot conf files... also have Plesk specific modifications.
I see no way to enable the desired settings from the Plesk Panel. Can't achieve this within the Panel but also can't modify the conf files without potentially breaking some Plesk-specific functionality? My original hope in purchasing the Plesk license was to make administration of the mail server easier. Unfortunately, I'm struggling to do this now and may have already had this figured out had I not bothered with the Panel.
I've just setup CentOS 6.6 with Plesk at my Hoster OVH. Now when I want to connect to the smtp server I get following message:
Code: SASL LOGIN authentication failed: encryption needed to use mechanism SASL auth is enabled in the main.cf also submission. I connect to tls://smtp.example.com:587 with my email and password.
is it possible to set Auth .htpasswd if a specific file and not the directory. example admin access [url]and a Auth User/Pass window appears. I need for /sec/ to be unprotected for image loading so a complete directory protection is not an option.
I'd like to describe an issue and see if this sounds familiar to anyone, or if there is a solution that I have not thought of yet.
CAUSE: My ISP (yeah, it's comcast) began blocking port 25 inbound so my personal mail server was no longer receiving mail.
RESOLUTION: I worked through a new DNS re-router to change the port that would now receive mail: from port 25 to port 587. It took me a while to get the routes pointed correctly, but I finally got the messages to route, get through my firewall, and hit the mail server.
NEW PROBLEM: After some IP and DNS routing issues, I finally got things to work, the email that gets sent finally arrives at my mail server. However, the mail server (Alt-N MDaemon) now requires AUTH from the incoming DNS re-direct.
BIG QUESTION: How do I configure MDaemon mail server (or any other mail server, for that matter) to accept the mail from the new re-route server? Mail now re-directed to the new port ALWAYS comes from that route (mx-routes01.editdns.net). Where in the configuration settings of MDaemon do I set it up? I've tried including the host name and the IP address into every WhiteList list I can find, added it to the trusted host name list and everything. I'm at a loss, since it's impossilbe to configure the re-route server to provide AUTH credentials to my mail server. MDaemon now replys to every mail reuqest with : 530
Authentication required (in reply to MAIL FROM command)
Forbidden You don't have permission to access /_vti_bin/_vti_aut/author.exe on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I have done the following: uninstalled /re installed extensions via whm (same error)
.htaccess is default frontpage's code only, nothing else
/scripts/chownpublichtmls
dns zone propagated fully, correct (today)
.htaccess file:
Code: # -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> order deny,allow deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName www.domain.com AuthUserFile /home/user/public_html/_vti_pvt/service.pwd AuthGroupFile /home/user/public_html/_vti_pvt/service.grp
I'm trying to get exception from auth (.htpasswd ) for one specific URL, but seems, that it does not work with my Rewriting rules. Disabling RewriteEngine solving auth problem. My .htaccess:
I've been trying to set up Postfix to send email for the past few days. I've managed to get it to ask for a username and password, in order to try and send mail to an external domain
I can receive email fine on the server, but I can't send email out
I have Cpanel, with the "Prevent Nobody from sending emails" in the WHM>Tweak Settings enabled.
I want to force sendmail to use SMPT auth.. so that all mails sent are sent via SMPT and an authenticated POP user. I guess this will help in limiting the "The maximum each domain can send out per hour" setting.
I would expect the second - to be replaced by the logged in user. The doc says, the user is logged if the document is protected. I do protect the whole directory using directory match. Without log in I fail to retrieve the document in question.
