I've seen a number of exploit attemps on the default website which I believe has come via direct access via ip address i.e http://xxx.xxx.xxx.xxx.I have tried to block with .htacess but it seems to be being ignore (possibly by parallels or nginx configuration).how I can block access to the default site to all but 127.0.0.1, server external ip and my ip?
View 19 RepliesI am currently unable to access the Plesk control panel except from the web server itself. When I try any of the following options, all work on the server itself but externally all I get is the default Tomcat page.
https://server_name:8443
https://anydomain.com:8443
https://local_ip_address:8443
https://external_ip_address:8443
I don't know if the problem is on the server itself or something within our firewall - we use Microsoft Forefront TMG. The port 8443 is open, and the Tomcat page is being served. All websites working fine, both internally and externally. The server itself is in a DMZ on the network.
The server is running Centos 7 with Plesk 12.
I just noticed that when adding a new domain, I am warned that the domain resolves to another IP address - the external one. Currently, the IP address set up in Plesk is the internal (192.168...) address. Could it be that I need to change this to the external?
I uploaded the default skeleton files into the management ppa server at /var/www/vhosts/.skel/0/
But when I am creating a new subscription the skeleton is still the default plesk skeleton, something changed from ppa 11 to 11.5 ??
We have set up a site for a customer anyone goes to view the sites an a default authentication pop up appears, and the only way to view the website is to type in the customers Cpanel Login details.
I've checked the IUSR, IWPD permissions and they are correct. and check the authentication modules and level in IIS and they seems to be correct.
Is there away to set a customers permissions to the default settings?
I use a spam protection service. It works as following : -My DNS are configured to point to a server (sever A) which is configured to filter spams. -If an email is not a spam, the first server send it to my mail server (server B).
But some spammers found a way to bypass the protection : They send directly their email to my mail server (server A). So, i want to allow only emails coming from the server A IP.
I am currently running a virtual server, and over the past couple days have had a number of brute attacks from Chinese and Indian based IP's which have been marked in my logs and trying to break in, this has pulled my websites down with the server load.
I am trying to, in the Firewall settings, add the IP's to a block list, however am unable to see where this can be configured.
Is that possible to block baidu without specifying whole list of IDs it's using ?
View 1 Replies View RelatedI have the problem that the ip blocked "failban" too short (set findtime=1800).
The ip should be blocked for 30 minutes (the second time).
2015-03-23 22:24:59,779 fail2ban.filter [2807]: INFO Set maxRetry = 5
2015-03-23 22:24:59,780 fail2ban.filter [2807]: INFO Set findtime = 1800
2015-03-23 22:24:59,781 fail2ban.actions[2807]: INFO Set banTime = 600
2015-03-27 04:50:56,209 fail2ban.actions[2807]: WARNING [ssh] Ban 195.xxx.xxx.xxx
2015-03-27 05:00:56,913 fail2ban.actions[2807]: WARNING [ssh] Unban 195.xxx.xxx.xxx
2015-03-27 05:09:05,483 fail2ban.actions[2807]: WARNING [ssh] Ban 195.xxx.xxx.xxx
2015-03-27 05:19:06,153 fail2ban.actions[2807]: WARNING [ssh] Unban 195.xxx.xxx.xxx
2015-03-27 05:35:39,317 fail2ban.actions[2807]: WARNING [ssh] Ban 195.xxx.xxx.xxx
2015-03-27 05:45:40,012 fail2ban.actions[2807]: WARNING [ssh] Unban 195.xxx.xxx.xxx
I am trying to block this whole range of IPs, all that begin with 66.249. How is is that done?
View 1 Replies View RelatedImpossible to find a way to show, by default, all domains and websites...
When I log on the Plesk Admin, I come first on a list of websites and domains, but they are not «all» listed. I have to go to the full bottom of the page to click on «Show all».
I didn't find a preference or anything else to change that, and I don't understand why all domains are not listed.
I am replacing the default certificate in Plesk so that customers do not get a certificate warning when visiting the panel login page.
I've created the certificate in the "SSL Certificates" section made it default and used it to secure Plesk. However I've still got all the existing domains using the old default certificate, how can I do a mass changeover so that all existing domains are now using the new certificate?
I've updated the IP's to use the new certificate. When I go to "SSL Certificates" in "Tools and Settings", it seems that there are some domains now using the new certificate but quite a lot of the other are still not, how can I get these over too?
I recently set up an eas and autodiscover sub-domains on my main domain (eg myserver.com) running Plesk, Webmail etc, and is the default website for the ip.
So it should be..
myserver.com (not SNI default for IP)
eas.myserver.com (SNI)
autodiscover.myserver.com (SNI)
But I notice the actual default site (non SNI) is the sub-domain autodiscover.myserver.com.
I checked in
Plesk -> Tools & Settings -> IP Addresses
and that was set correctly, so I tried to change it and back again, then...
/opt/psa/admin/bin/httpdmng --reconfigure-all
Neither worked.
I'm running Ubuntu 12.04.5 LTS and Plesk 11.5.30 #48 (the latest MU)
When typing my ip it used to go to Plesk landing page.
Then through the option: server > tools > IP Addresses, I changed the "Default site" to my main domain, however, it just points to the main page, and not changes the url to the domain (keeps the ip in title, and not show the domain url).
How to make it forwarded to the domain (show it in the address bar), and not just to the index page?
My System:
Ubuntu 12.04
Plesk 12.0.18 Update #18
Only Webserver no mail
What I want:
I have an old sha1 certificate and I would change this for the whole server.
What I have done so far:
I have already uploaded the new sha256 certificate with a new private key to plesk (I can not simply replace the old one, plesk does not allow me to upload a new private key).
Then I set the new certificate as standard certificate and pressed the "secure pannel" button.
After that the panel uses the new certificate.
Then I set in "Tools & Settings -> IP Addresses" on both IP addresses the new certificate.
Reboot
But now the "Tools & Settings -> SSL Certificates" shows me that the old certificate is still used 2 times somewhere. But the Interface does not show where it is used. How can I find out where this certificate is used? I want to remove the old certificate from the server.
I think it is possible, but just to be sure...
Default document root is:
var/www/vhosts/www.mysite.com/httpdocs/
Can I change it to:
var/www/vhosts/www.mysite.com/web/
A simple "yes" or "no" will do...
Did 12.0.18 comes with default maria DB instead of mysql ??
View 2 Replies View RelatedI'm trying to use spamfilter to block mail from specific address, adding this e-mail to spamfilter in mail account settings, but it doesn't work. In logs I see:
spamc[13430]: skipped message, greater than max message size (256000 bytes).
I'd like to know if it's possible with Plesk 12 to block a given domain as destination of emails.
For example: imagine I want some customers not to be able to send emails to addresses in the domain "@parallels.com".
I use Postfix for outgoing mails.
When a customer use the wordpress auto installation tool, all work ok.
But, when the customer try to install wordpress manually (Uploading by FTP), it returns different permissions errors.
Example: "wp-config.php" cant write .
I compared the permissions of both vhosts (WP-Auto-install and WP-Manually-Install), and have totally different permissions.
WP-Auto-installed : /httpdocs = 770
WP-Manually : /httpdocs = 750
How I can set permissions to 770 by default when create a vhost? to avoid the customer having to do it manually.
I have suddenly lost all of the websites on the plesk panel server 12.0.18. One of the domains was being used to spam and so I started blocking stuff and removing some of the offending files and folders and the spamming stopped.
However it got to a point where I needed to restart the server and although it was working before the restart, once I did restart it it stopped working. All domains are loading nothing and the access_log looks like nginx or FastCGI is trying to redirect the page somewhere. The bootstrapper repair log file states:
"Details: PHP Warning: include_once(Template/Writer/Webserver/Apache.php): failed to open stream: No such file or directory; File: /usr/local/psa/admin/plib/Loader.php, Line: 97"
I have found through the KB the way to do it server wide but I was wondering if there was still a way to reset default domain permissions per domain.
/usr/local/psa/bin/repair --restore-vhosts-permissions - to restore all domain permissions.
I changed the DNS parameters of the default domain service plans to slave.
But where can I set the default master server, I didn't find it.
Is it possible to know how can I setup the DKIM default for each domains without manually activate it each time?
View 6 Replies View Relatedi'm running 12.0.18#34 on PCS dedicated server. i recently discovered that some of the default jails on fail2ban that is shipped with Plesk 12 were not working correctly. Let me explain what i mean. For instance, the plesk-panel jail. The logs were parsed correctly, the command was successfully appended in iptables list, the fail2ban log was updated. Still, the intruder was not blocked. I kept reading "already banned" on the fail2ban.log but actually there was no blocking.
After some checks, i found out that fail2ban default configuration states SSH as default blocking port.
that means, the block was working but only for ssh hits. thus the plesk-panel admin page hits were passing through.
since i added port=http,https on jail.local > plesk-panel and did it a restart on fail2ban service, only then did it start to actually block incoming hits.
I think this should be verified by programmers group and maybe include a fix in some future minor update.
My server currently installed plesk 12 , I need to change wordpress default language ( default English )
Which aps table to edit language.
My default certificate expired recently. I created a new certificate "default certificate 2".
I used this certificate for "Secure the Panel"
I went to "Tools and Settings" -> "IP addresses" and made this certificate the default for all the IPs. On the page "Tools and Settings" -> "SSL certificates", it says Used: 0 next to "default certificate".
But when I try to delete it, it tells me: "Error: Unable to remove certificates: one or several certificates are assigned to the IP addresses/domains."
Is there anywhere I can check where this certificate is still used?
I have Plesk 11.5 installed on my server. There are about 30 sites on the same shared IP address. I need to set up a site to be accessible via https://<ip-address-of-the-server> . According to the documentation I went to Setting -> IP Addresses and selected the desired site from the drop down. Now http://<ip-address-of-the-server> (note, 80th port) works like a charm. Unfortunately https:// displays only the first page of the selected site; all CSS, JS and other files are not found (404).
I did some research and found that Nginx forwards the requests to Apache for all the PHP files and tries to handle all the static files by itself (what is expected and correct). But it looks like that there is no special configuration for nginx which would specify where to get these static files for the IP address, and Nginx just uses the first loaded config (started from b in my case).
I temporary resolved this issue by modifying the last_nginx.conf for the desired domain this way: listen XX.XX.XX.XX:443 default_server ssl;
Note I added "default_server" directive. Of course it would be erased on each reconfiguration of the config files, but as for now I do not see how I can put it in custom nginx.conf or on the server servel level. I reckon Plesk should include the directive in the file the same way as it produces last_httpd_ip_default.conf Apache config for the selected domain. It looks to be an easy fix on the template level, may be I will do it later, but for now this is just the bug report.
I am noticing that several of my users are wiping out their user root folders ( logs, error docs, etc...) when they fail to use '/httpdocs/' as the root directory when publishing with FTP.
I fixed this by editing the proftpd.conf to use ~/httpdocs/ as the DefaultRoot folder ( instead of just ~/ ).Would it be safer(better) to go through all the ftp users and make the home directory '/httpdocs/' instead of '/' in the admin UI? If yes, what is the best way to do a mass update of this setting for multiple users ( multiple domains ) ?
Is there a way to set the php-handle for all domais as "fastcgi".
At the moment when i create a domain, it will be run as "apache".
I like to change it to "fastcgi". I know there is way, to change it in the databases, but i forget where was it...
If you would disable a subscription and reloaded that domain name. You would be redirected to a default subscription. How can i change this default landing page?
View 2 Replies View RelatedI've just purchased a VPS with Ubuntu 14.04 and Plesk 12 Web Admin Edition. I will use the vps to host just one domain/website. The first time I access Plesk, it asks for some info and first of all it asks form my domain. The default value is localhost.localdomain. Should I leave the default value or should I enter my domain (let's say example.com)?
View 4 Replies View Related