Plesk 12.x / Linux :: How To Test WAF (mod Security)
Oct 8, 2014
I have Parallels Plesk 12.0.18 with CentOS 6.5 (Final)
WAF is On, with Atomic Basic ModSecurity rule set.
I was wondering if my sites were protected and I went to the Atomic wiki.
When I run a test from a non-whitelisted system following these instructions (STEP 10) [URL].... I always receive 404 error with all of my sites.
I also tested with:
[URL]...
Results: The sites load normally. (the call not even appears in the logs)
I've unistalled and reinstalled mod_security several times with the same results.
Is there any "official" way to check if WAF is protecting Plesk 12?
I asked same question in Atomic forum and they said:
you'd need to ask parallels about this, we made the ruleset available to them, but they implemented it using their own design. They might not be using 403 error codes like we do.
View 13 Replies
ADVERTISEMENT
Jun 3, 2008
Is there any script or method where I can test my server security?
View 2 Replies
View Related
Feb 23, 2015
My server is a debian 7 64 bits with plesk 12 last update.
A customer installed drupal 7.4 from plesk panel successful. However from Drupal/Configuration admin panel can not enable "Clean url". Clean test url failed too:
"The clean URL test failed"
.htaccess was ok .
I tried set domain vhost.con with (https://www.drupal.org/getting-started/clean-urls#enabling-7):
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
</IfModule>
But it not worked (IApache have module rewrite loaded.)
I think maybe issue y for nginx. But I don't know how set this -> [URL] .... in nginx.conf of domain in plesk.
How to set clean url of Drupal in Plesk 12?
View 6 Replies
View Related
May 20, 2014
I wrote a script to test the integrity of my DNS and run it from time to time on my server...
I just ran it today and it discovered I suddenly have 5 domains with SOA-records that doesn't point to itself. They point to the secondary nameserver.
They are records that exist for years and were for sure correct before (I know this because of that script).
If I do a "restore defaults" it isn't corrected and if I switch to slave and then back to master it doesn't change either...
The file /var/named/run-root/var/obfuscated.com is updated, but the slave-DNS stays in that file...
The only way I'm able to correct it is by deleting the NS-record with the slave DNS and adding it again.
I assume there's some mechanism that scans the NS-records and then decides to make that one the SOA. This has always worked fine... also on this server.
View 6 Replies
View Related
May 7, 2015
I freshly installed Plesk 12.0 on Ubuntu 14.04. Everything works accept the MySQL database creation.
When I try to create one, i get this error :
error: the test connection to the database server has failed because of network problems: connection refused...
View 1 Replies
View Related
Jul 6, 2014
Plesk 12 on Centos 6.5
I added the following to my /etc/logrotate.conf
/var/log/modsec_audit.log {
missingok
daily
rotate 4
compress
}
I'm not exactly sure if the above is the correct syntax, but the result was that two days later my current modsec_audit.log was Gzipped and a new modsec_audit.log was created.
The problem is that nothing was logged to this new file.
From the Plesk 12 control panel I turned off mod security and then turned it back on again and hey presto, the new logfile started to log events.
This leaves the problem of why nothing was recorded when the file was created.
View 2 Replies
View Related
Jun 26, 2014
After upgrading to Plesk 12 the FTP connection has become very slow. Mode Security, Fail2Ban and Plesk Firewall have been enabled, the security is set to force sFTP and maximum security and in /etc/proftpd.d/ a conf file has been added to set the passive ports that have been opened in the Plesk Firewall (60000 to 62000)
Turning off the Mod Security does not solve the slow connection.
What can we do to detect the cause of the problem?
View 3 Replies
View Related
Mar 4, 2014
I have tried this on Plesk 11.5 and Plesk 12.0.10 Preview running on Ubuntu 12.04.4 LTS...
Locate the file
/etc/sw-cp-server/conf.d/plesk.confClick to expand...
View 3 Replies
View Related
Jul 12, 2014
How can I do to send email without the security warning?
I want the clients sending mails no longer have a security warning.
I tried with SSL port 465
I tried with port 587 TLS> Mail settings for the entire server> Enable Send Message
View 1 Replies
View Related
Aug 24, 2014
I thought this problem was fixed in Plesk 11.5 but I'm still getting the following backup warnings in Plesk 12..."For security reason backup is performed on behalf of subscription system user...."
My phpbb forum creates cache files which have apache ownership and Plesk backup manager gives warnings that it cannot backup the files due to ownership errors.
I have searched for days for a solution without success. If I change the permissions to owner instead of apache the forums don't function correctly.
Is this a Plesk bug that is still evident in Plesk 12?
View 10 Replies
View Related
Apr 4, 2008
I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
View 10 Replies
View Related
Oct 7, 2009
Anyone have a good download test in chicago other then FDC's?
I was told i was upgraded to a 1GBPS port for free by my host(from a 10mbit) which is sort of weird, i want to confirm. at this time FDC's 100MB file takes me about 3 seconds to download and downloads at 44.7M/s.
the file is too small for me to try and pull 1gbit, by that speed i have a 500mbit line odviosely but i want to test against something outside of FDC.
View 9 Replies
View Related
Aug 15, 2008
I have used e2fsck on linux server hard disk (CentOS 5.0) and the result :
=================================
Warning! /dev/sda2 is mounted.
Warning: skipping journal recovery because doing a read-only filesystem check.
/dev/sda2 contains a file system with errors, check forced.
Pass 1: Checking inodes, blocks, and sizes
Deleted inode 19137773 has zero dtime. Fix? no
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Block bitmap differences: -(16332803--16332804) -(16332823--16332826) +(16345421--16345424) +16347209
Fix? no
Free blocks count wrong for group #498 (25950, counted=25949).
Fix? no
Free blocks count wrong (37023218, counted=37023216).
Fix? no
Inode bitmap differences: -19137773
Fix? no
Free inodes count wrong (19162546, counted=19162545).
Fix? no
/dev/sda2: ********** WARNING: Filesystem still has errors **********
/dev/sda2: 137806/19300352 files (2.3% non-contiguous), 1556879/38580097 blocks
=================================
I don't know the exact meaning of the displayed result , does it mean bad sectors? How much the e2fsck is reliable? Is there any better Linux utility to check bad sectors on Western Digital HDD?
View 12 Replies
View Related
Jul 15, 2015
It seems I am not getting any emails from plesk, like scheduled event notifications, ect.
What function of plesk can I run to force it to send an email so I can troubleshoot why I am not getting emails from plesk?
View 4 Replies
View Related
Jul 17, 2014
This is a new test install of PPA 11.5.5 with currently 8 nodes: CP, Apache, IIS, MySQL, Mail, 2 BIND, and Webmail. Installation and adding nodes went pretty much without a hitch so I'm testing account creation, subscription settings, etc. but I'm not getting very far. Anytime I try to add a subscription (any subscription) to an account I get the error: "Owner with external ID = '211' does not exist in Plesk database" The actual ID number varies depending on which account I'm trying to add a subscription to, but otherwise it's always the same error. I've tried the built-in default subscriptions, I've tried creating my own...same results either way.
View 2 Replies
View Related
Feb 3, 2015
WINDOWS SERVER Plesk Panel version 12.0.18
Error: Test the database server connection failed:
mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication. Please use an administration tool to reset your password with the command SET PASSWORD = PASSWORD('your_existing_password'). This will store a new, and more secure, hash value in mysql.user. If this user is used in other scripts executed by PHP 5.2 or earlier you might need to remove the old-passwords flag from your my.cnf file
View 1 Replies
View Related
Jan 20, 2008
About next week, I'll put a Linux box on the web.
Could anyone suggest what kind of security measures I could implement?
Iptables:
- Protect against DDos?
- Protect against certain worms?
- Protect against flooding?
Services:
- Protect against constant dictionary attacks based on ports?
Pretty much any experience you could put down in this thread would be invaluable.
Also mod, if this shouldnt be here. Feel free to move, Im not sure where it should go!
View 9 Replies
View Related
Feb 29, 2008
What is the best security (antivirus/firewall) for a linux web server?
View 4 Replies
View Related
Apr 28, 2008
i have managed server. just i want sure if it is secured.
i want company to test my server, Security Scanner.
and give me report about my bugs.
View 7 Replies
View Related
Sep 29, 2007
This is a new one - please check http://kb.swsoft.com/en/2169 ASAP if you running PLESK of selected versions.
7.5.4, 8.1.1 and 8.2.1+ is NOT affected.
View 0 Replies
View Related
Jul 19, 2009
[url]
Now, before you say it, the real flaw is the compiler. But, that too comes from the usual holier-than-thou culprits. They can't fix it unless they fix the compiler.
And of course, there is the usual see no evil-hear no evil head in the sand approach to defending the honour of their little pet.
View 1 Replies
View Related
Nov 18, 2008
Your Favorite Security Tools For Your Linux Web Servers
Just wanted to know what all you guys favorite tools are for your Linux Web Server Setups
View 7 Replies
View Related
Jan 17, 2007
I just discovered something on my Plesk 8.1 server:
I'm the server admin and I host my domain name: mydomain.com. in the Plesk CP.
I have other "clients". Those clients are allowed to create subdomains.
The problem is, if the customer wants to, they can go to the subdomains settings in their client CP and insert a subdomain such as support.mydomain.com(yes a sub domain on my domain name) and then they could redirect it to another site or upload their own personal files.
This is a huge security issue. Has anyone delt with this?
View 14 Replies
View Related
Aug 22, 2007
What are new methods to High secure a linux server ? (For webhosting company)
Please write something you know for Linux Security Methods (New version of OS).
View 14 Replies
View Related
Jun 14, 2008
I just had a ticket from one of my clients, he is able to see the calendar of another domain!
After some research I found out that more than 60 clients are able to view his calendar!
SQL view:
[url]
(There was a list of e-mail addresses at the last, but I left them out for privacy reasons.
This should never have been able to have happened! How do I prevent his calendar to be shared?
View 3 Replies
View Related
Jun 17, 2009
I would like to setup a new dedicated server with the following:
- Windows Server Standard 2008 64bit Edition
- Plesk control panel
Questions:
Anyone know of a thorough tutorial on securing/optimizing a Windows 2008 server (even with Plesk) for a shared hosting environment?
Other?'s:
Considering Plesk's rip-off pricing, any free and quality alternatives to their products?
- plesk dr.web antivirus
- acronis trueimage backup
- plesk powerpack (I guess $24.99/mo lease isn't too horrible)
I basically want to replicate a Cpanel shared/reseller hosting environment, but with Plesk since Cpanel for Windows is not yet available and been delayed forever.
View 1 Replies
View Related
Jan 24, 2014
After click webadmin its shows a security warning conform box as following on Firefox ...
Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?
And if click " OK" the page display " Server not found " error
[URL] ...
View 1 Replies
View Related
Jul 17, 2008
Is there a simple windows based tool that we can test two websites on two different VPSs?
Basically just load and what not, but some of the tools we have found are a bit intimidating.. We are just looking for something easy to setup and use.
View 4 Replies
View Related
May 21, 2007
Is there a way to test an SSL to make sure the page really is encrypted?
View 3 Replies
View Related
Nov 25, 2007
I have 2 VPS in 2 differents networks. One of these 2 VPS have a WHM/Cpanel load time very high to me. I already contact with my hostiing company support and I told the problem. Support saied that the problem is with my ISP connection. I agree that is possible my ISP issue, but I already test with 3 ISP connections diferents.
So I would like a help to test it. I am creating 2 dummys reseller accounts in my 2 VPSs and I inform the WHM login details here. So I would like that you access both WHMs and try to create a new account and tell me the time to finish the creation process.
From my end one account takes around 90 sec and other take onlu 13 sec.
how much time do you give in creation account on the followinf 2 dummys accounts?
View 14 Replies
View Related
Apr 5, 2009
I just installed Squid V3. I set up putty to ssh socks proxy to my vps that I installed squid on.
Here is a snippet of my cache.logs, but there is no cache log of websites I have visited. The access.log is empty.
How to I tell if squid is working?
Quote:
2009/04/04 22:52:37| Starting Squid Cache version 3.0.STABLE13-20090405 for i686-pc-linux-gnu...
2009/04/04 22:52:37| Process ID 9886
2009/04/04 22:52:37| With 1024 file descriptors available
2009/04/04 22:52:37| Performing DNS Tests...
2009/04/04 22:52:37| Successful DNS name lookup tests...
2009/04/04 22:52:37| DNS Socket created at 0.0.0.0, port 36048, FD 7
2009/04/04 22:52:37| Adding nameserver 208.67.222.222 from /etc/resolv.conf
2009/04/04 22:52:37| Adding nameserver 208.67.220.220 from /etc/resolv.conf
2009/04/04 22:52:37| Unlinkd pipe opened on FD 12
2009/04/04 22:52:37| Swap maxSize 102400 KB, estimated 7876 objects
2009/04/04 22:52:37| Target number of buckets: 393
2009/04/04 22:52:37| Using 8192 Store buckets
2009/04/04 22:52:37| Max Mem size: 8192 KB
2009/04/04 22:52:37| Max Swap size: 102400 KB
2009/04/04 22:52:37| Version 1 of swap file with LFS support detected...
2009/04/04 22:52:37| Rebuilding storage in /usr/local/squid/var/cache (CLEAN)
2009/04/04 22:52:37| Using Least Load store dir selection
2009/04/04 22:52:37| Set Current Directory to /usr/local/squid/var/cache
2009/04/04 22:52:37| Loaded Icons.
2009/04/04 22:52:37| Accepting HTTP connections at 0.0.0.0, port 8080, FD 14.
2009/04/04 22:52:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 15.
2009/04/04 22:52:37| HTCP Disabled.
2009/04/04 22:52:37| Ready to serve requests.
2009/04/04 22:52:37| Done reading /usr/local/squid/var/cache swaplog (0 entries)
2009/04/04 22:52:37| Finished rebuilding storage from disk.
2009/04/04 22:52:37| 0 Entries scanned
2009/04/04 22:52:37| 0 Invalid entries.
2009/04/04 22:52:37| 0 With invalid flags.
2009/04/04 22:52:37| 0 Objects loaded.
2009/04/04 22:52:37| 0 Objects expired.
2009/04/04 22:52:37| 0 Objects cancelled.
2009/04/04 22:52:37| 0 Duplicate URLs purged.
2009/04/04 22:52:37| 0 Swapfile clashes avoided.
2009/04/04 22:52:37| Took 0.02 seconds ( 0.00 objects/sec).
2009/04/04 22:52:37| Beginning Validation Procedure
2009/04/04 22:52:37| Completed Validation Procedure
2009/04/04 22:52:37| Validated 25 Entries
2009/04/04 22:52:37| store_swap_size = 0
2009/04/04 22:52:38| storeLateRelease: released 0 objects
2009/04/04 22:59:06| Squid is already running! Process ID 9886
View 10 Replies
View Related
