I have plesk12 set up but when i set a mail (dovecot) password, it gets stored in plain text (which I can verify by running /usr/local/psa/admin/sbin/mail_auth_view ). I would like to change this default setting to be encrypted.
View 4 RepliesI am looking for a way to prevent panel users i created to change their passwords.
When i try to edit user roles, i can check/uncheck capabilities, but nothing on user password change.
I've tried to search information on this but both Google and this forum are flooded by "users password change" regarding "Horde", which i don't use.
In my documents I have command:
# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa -e "select name from domains" | grep -v 'name' > domains.txt; while read i; do echo $i; /usr/local/psa/bin/domain_pref -i $i | grep nonexistent; done < domains.txtClick to expand...
I have mail-addresses with mailbox turned OFF and Forwarding switched ON.
The user can receive emails but can't use SMTP to send email. I expect that users without mailboxes can send messages, like in Plesk 9.5.
Error: No such user 'info@example.com' in mail authorization database
CentOS 6.4 + Plesk 11.0.9 Update #45
I have set the values for outgoing mail control low enough to catch the problems without affecting all but one of my clients. I have given him increased limits on certain of his mailboxes.
However when he wants to modify the mailbox, for example change the password he gets the following error.
The maximum number of outgoing email messages (in a pink box)
"The value must be in the range 0..50. Only the Plesk administrator can adjust this setting."
He cannot change the password for this mailbox.
Is there anyway of setting a custom limit on an account and also allow the client to retain the ability to reset his own password.
In Plesk (V. 12.0.18) there is no possibility to create mail accounts for subdomains via web interface. The KB article [URL] ..... describes this problem. The article suggests two possible ways.
I don´t want to use option 1 (create subdomain as additional domain) because a subdomain as domain wastes a domain in the license model.
Instead of that I tried the second way (command line interface). I can execute the first command without problems. When I try to execute the second command, I get the following error: "An error occured during mailname creation: Unable to set password: Domain of type subdomain selected".
I have a problem while i'm trying to add a mail account to Thunderbird
I see the problem that Mail server doesn't use encryption !!!
I'm getting multiple smtp mass mail attack, using weak passwords.
Is there a command, a part from
/usr/local/psa/admin/sbin/mail_auth_view
to list only unsecure password?
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
View 1 Replies View RelatedI'm trying to migrate old server into a new server.
Both uses plesk 11.5.30 version.
I'm using the "Migration & Transfer Manager" for importing everything but it does not work. The error is
Error: launchpad error (Error code = 2):
== STDERR ====================
Unable to start SSH session: Unable to exchange encryption keys
==============================
Seems like an ssh problem but ssh from shell works fine in both directions.
I tried also to create public key and put into authorized_keys with no luck..
In my linux vps (cpanel based) hackers have hacked the password of the user ( website owner ) and he have uploaded some hack files(PHP) through FTP. Sometimes the hacker uploads perl/CGI scripts and sends spam mails .This happens frequently in server. How the hacker gets the users password? How can i prevent my users and server from this security issue?
View 7 Replies View RelatedWe are planning to move the mail accounts and domains from plesk to other control panel. Is there any way to view the password of the accounts (domain and emails) of plesk.
So we can create the same accounts on new server with same password.
I'm contemplating creating a website that could store extremely sensitivity information. It's more than likely that a MySQL database would house this information.
My question is. Does anybody have any experience when it comes to encrypting an entire server disk?
I've searched online with disappointing results.
we have identified a number of customers with weak passwords - we wish to send them an email and then wait 1 hour - then change their passwords to the new password we have identified - due to them being across multiple domains, we don't want to do this via the PPA web gui - it would take quite a long time.
What is/are the commands for changing mailbox password for SMTP/IMAP/POP3??
i.e., is there a PPA command for changing both sides of send/receive?
my server has just compromised and someone can retrieve all databases on server with my root sql password.
i changed the root sql password to avoid attacking again and want to ask a question...do i have to change all user's databases password too?
many users have wordpress, forum and other php scripts with config file contains current database password.If i change their pass their sites will stop working.
How to do this without bothering users?
How i get a new Password for a SSH Connection?
Plesk 12, CentOS 6.5
from some time, the plesk password is no more stored in chrome.I mean that even I delete all passwords/history etc chrome don't ask to save password...so something changed in the login page I suppose.from same time every time I connect to any plesk panel. Chrome say that it's not safe and I have to click "advanced" to continue, even it's a new installation make some minute before.
View 6 Replies View RelatedWhere do we access our settings for mail account password strength? I need to dial our minimum password strength UP to the highest level.
View 5 Replies View RelatedMy reseller have got one plan, where option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment).
This plan contains only one subscription in which I would like to permit users to use sftp. If I go in the subscription, and then I click on "Customize subscription", I can see option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment)...
=> So same than in the plan.
After that, when I click on subscription => WebSites and Domain => One domain => FTP Access and I choose a ftp user, I don't have any option to allow ssh access to the user.
Is it possible to query for a list of system users using the API RPC? I know it's possible with a MySQL query
Code:
select id, login, account_id from sys_users order by login;
I've searched through the API RPC manual, but I don't see a way to do this. I always have to specify a filter, I can't find a way to just query for all users.
After some recents updates (currently running on: 12.0.18 Update #19) appeared a problem with connecting to FTP for passive mode users:
Connect ok!
"/" is the current directory
Get directory
227 Entering Passive Mode
550 Access is denied.
Server logs:
/var/log/messages
Oct 14 12:11:26 host xinetd[3692]: START: ftp pid=2709 from=::ffff:xxx.xxx.xxx.xxx
Oct 14 12:11:26 host proftpd[2709]: processing configuration directory '/etc/proftpd.d'
Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - FTP session opened.
But:
/var/log/secure:
Oct 14 12:11:26 host proftpd: PAM unable to dlopen(/lib64/security/pam_stack.so): /lib64/security/pam_stack.so: cannot open shared object file: No such file or directory
Oct 14 12:11:26 host proftpd: PAM adding faulty module: /lib64/security/pam_stack.so
Oct 14 12:11:26 host proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers
Oct 14 12:11:26 host proftpd[2709]: yyy.yyy.yyy.yyy (xxx.xxx.xxx.xxx[xxx.xxx.xxx.xxx]) - USER client: Login successful.
ad1: yes, i do have passive ports configured in /etc/proftpd.conf and FW is properly configured
ad2: everything was fine until recent updates
ad3: this is happening only for passive users only
ad4: we are experiencing this issues across all Plesk instances [6x] on CentOS 6.5 with 12.0.18 Update #19
I'm using Plesk Panel 12 on Debian GNU/Linux 7.6 server. I created a ftp user in a subdomain (sub.domain.tld) of my domain (domain.tld).
In Tools and settings = Policy security, I allowed sftp and ftp connections. When I try to connect I get this message :
Code:
sftp my_user@domain.tld
Connection closed
In the password file I got :
Code:
my_user:x:10000:1003::/var/www/vhosts/domain.tld/sub.mydomain.tld/httpdocs:/bin/false
I get an error when i try to access my webmail(horde) over the i-net i get error Unable to get webmail password every time. The error appeared when i upgraded from 11.09 to 11.5. I also followed this tutorial but it didn't worked too. --> [URL] ....
View 8 Replies View RelatedAre that possible to change root password on plesk?
I have a man so work for me on my server and install double php version on my server and maybe it`s best and change password to root!
So no one have access to my root more.
i have installed phpMyAdmin becouse I don't like the limitation of db management of Plesk, but I can't find the root password to access in it. I read that Plesk rename "root" user in "admin", but I can't find the password. Where is it?
View 4 Replies View RelatedI want to create a webpage where users can make a SRV record. I thought this is possible with the Plesk API but i dont have any expierance with the API. How to create it?
View 3 Replies View RelatedI am experiencing a weird issue after a Plesk upgrade (from 11 to 12, installed on Ubuntu 12.04).
FTP/SFTP is not working for all users in one specific domain. When using the latest Filezilla client, I receive the following error when I try to connect in SFTP with the main user of this domain
Error: Received unexpected end-of-file from SFTP server
Error: Could not connect to serverClick to expand...
I am trying to set the server to reject all mail to non existent users for all domains.
I found this post [URL] but that is for a previous version of Plesk and no longer seems accurate.
Is it possible to configure this setting for all domains at once?
today we notice that all subscriptions on Plesk when we access phpmyadmin has access to all databases,it was a Plesk update that can be done this ?
I don't remember to update anything during this days to this happen.
I am seeing some some some strange behaviour when password protecting directories served by nginx and PHP-FPM. If I have a site set up so that 'Process PHP by nginx' is selected under ('Websites & Domains>Web Server Settings>nginx settings') and set up password protection ('Websites & Domains>Password-Protected Directories') PHP pages are still served without asking for a password.
If I untick 'Process PHP by nginx' the behaviour returns to normal and an attempt to any access files results in the password request.Is this behaviour by design? If so, it is not made clear when you set up the password protection that it will not apply to PHP pages if you have nginx process the PHP pages.
OS: CentOS 6.6 (Final)
Plesk version: 12.0.18 Update #51