Plesk 12.x / Linux :: SSL Cipher Strength RC4?
Jan 5, 2015
Recently i have upgraded my system to Plesk 12 and im loving it. After upgrading i started checking and fixing all my SSL shortcommings. I think i've come from a far end upgrading it.
One of the fixes was the poodle fix, wich recommended to upgrade cipher suites. When analysing my cipher suites at ssllabs testing suite i get the following errors:
TLS_RSA_WITH_RC4_128_MD5 (0x4) WEAK128
TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK128
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) WEAK128
RC4Yes WEAK
I cannot find a way to remove the weak RC4 protocol and the other three weaknesses.
View 3 Replies
ADVERTISEMENT
Aug 8, 2014
Yesterday we upgraded two of our servers to the latest Plesk 12.
The 1st server is an CentOS/CLoudlinux 6.x server and the 2nd an CentOS 5.x server.
Both of them were running Plesk 11.5 before the upgrade.
After the upgrade, we have the same issue in both servers which is that the START/TLS, SSL protocols at Courier imaps or pop3s do not work, and mail clients (outlook, thunderbird) return that the password is wrong when they connect over a secure connection.
In both of them, at the /var/log/maillog, we are getting the same messages, as the following one:
--------------------------------------------------------------------------
courier-imaps: couriertls: connect: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
--------------------------------------------------------------------------
As the issue is in both server, we believe thath it there is a bug in the new version or the update script.
We have already checked all configurations which seem ok, tried to... reboot the machines, mailchk repair, but nothing seems to work.
View 1 Replies
View Related
May 7, 2014
Where do we access our settings for mail account password strength? I need to dial our minimum password strength UP to the highest level.
View 5 Replies
View Related
Jul 15, 2008
Can anyone who is a security expert recommend the most secure option for choosing what type of "cipher" to use with our OpenVPN setup?
(I bolded the one I think might be best? Let me know what you think. We are currently using "BF-CBC", but I want to be sure it's not breakable...) ...
View 4 Replies
View Related
Apr 10, 2013
We are currently running ColdFusion 9 on an Apache server. After running a Webinspect scan for one of our web applications, a weak cipher vulnerability was flagged as critical. Their recommended change to the httpd.conf file is listed below. We made the change and restarted our server but the same vulnerability came up again. How to eliminate the weak cipher vulnerability?
SSLCipherSuite ALL:!aNull:!ADH:!eNull:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM
View 3 Replies
View Related
Jun 20, 2014
I am trying to install Magento on my apache server. I am running into the dreaded mcrypt issue as Magento needs it to run. I have now been googling for the past few hours and have gotten nowhere.
Here are my details:
Linux
Centos 5.5
PHP 5.3.3
x86_64
Plesk 12
I have tried installing all sorts of different repos and it just isn't working.
When I try to install using # yum install php-mcrypt I get the following:
Loaded plugins: fastestmirror
Package php-mysql is obsoleted by php-mysqlnd, trying to install php-mysqlnd-5.5.13-3.el5.remi.x86_64 instead
--> Processing Dependency: php53-gd for package: psa-php53-configurator
--> Processing Dependency: php53-imap for package: psa-php53-configurator
[Code].....
View 6 Replies
View Related
Feb 25, 2015
Does Parallels support Plesk 12 being installed on a Linux VM that is provisioned on Microsoft Windows Server 2012 R2 Hyper-V?Is it fully supported?
View 2 Replies
View Related
Nov 17, 2008
Best platform for IMAP mail (Cpanel, Plesk Linux or Plesk Windows)
I need to setup 5 email accounts on my domain, each will use IMAP and store messages on server, so total space taken by each account will be 2-5 GB.
I have decided to go with eurovps.com as I'm close to them and ping is fast.
What is the best solution for IMAP and large email accounts: Linux Cpanel, Linux Plesk or Windows Plesk?
Each account will be accessed by 2 people differently by Thunderbird and occasionally by webmail, so nice webmail is a plus.
View 7 Replies
View Related
Nov 3, 2008
I have a server running Linux and PLESK, and am interested in switching to Windows and PLESK. Will the backups made under Linux restore under Windows?
View 1 Replies
View Related
Oct 24, 2008
I always managed RHE/CentOS/Fedora servers with cPanel or just withouth any control panel, plain boxes. Now one of my customers need to have Plesk panel on a RHE 5 box.
My questions:
1.- Should I secure a Plesk server in the same way I do it for plain RHE servers?
2.- Where can I get optimization guides for plesk specific?
View 3 Replies
View Related
Feb 25, 2008
Anyone know of a good tutorial for upgrading php on a linux plesk 8.3.0?
View 4 Replies
View Related
Jun 14, 2014
When calling the new Wordpress Management Option from the 'Websites&Domains' page in Plesk (Version: 12.0.18 Update #4, OS: Ubuntu 12.04.4 LTS), the page that is supposed to show the list of Wordpress installations (/smb/wordpress/list) shows an error "Specified column "name" is not in the row".
Exact output:
Internal error: Specified column "name" is not in the row
MessageSpecified column "name" is not in the row
FileAbstract.php
Line179
TypeZend_Db_Table_Row_Exception
I already tried bootstrapper repair without success. Other functions in Plesk seem to work, there are at least two Wordpress installation on the server (one through Plesk, one manual installation). How can I get rid of this error without risking my Plesk settings?
View 19 Replies
View Related
Aug 15, 2014
SymLinks are not possible in standard.I've opened Webserver settings and put into the fields "Additional directives for HTTP(S)" the following code:
Code:
<Directory />
Options FollowSymLinks
</Directory>
Does not work.
Code:
Options +FollowSymLinks
Does not work.
The settings were saved in the vhost.conf file, this file is included in the httpd.conf. I have manually restarted the httpd service, but no change. I cannot access my Symlink (403 forbidden).BUT, whats really misleading: When I create a .htaccess and put "Options +FollowSymLinks" in it, it works!Why I cannot enable it with these webserver options I made in /smb/web/web-server-settings/ -> Additional Apache directives ?
View 2 Replies
View Related
Nov 6, 2014
I have installed a version of php (v5.4). My Web run correctly before and now not. My web is Joomla 2.5. I recived this error:Fatal error: Class 'JConfig' not found in /var/www/vhosts/*********/httpdocs/includes/framework.php on line 56.
View 1 Replies
View Related
Feb 5, 2015
I've checked the firewall and FTP is allowed incoming, I added the passive ports to the firewall. Plesk shows the user in active connections, but when I connect to any domain I get an error that its not able to retrieve the directory. I am not sure if plesk just doesn't know what the directory is or if the main config messed up on the domain or sites level. I am running Plesk 12 on CentOS7.
View 1 Replies
View Related
Apr 1, 2015
I have a Plesk host that I am tasked with upgrading. It started with openSUSE 11.4 on Plesk 10.4 and I have upgraded it all the way to openSUSE 12.2 on Plesk 11.09 (fixed minor issues with pop3d and mysql locking on the way). The next upgrade was supposed to be 11.5, but the option to upgrade it never shows up. I have re-instated our support license so I know the license is OK, and also checked that 11.5 supports openSUSE 12.2. The update log doesn't really tell me much either:
Code:
Release PLESK_12_1_18 contains no any build for this OS
Release PLESK_12_1_17 contains no any build for this OS
Release PLESK_12_1_16 contains no any build for this OS
Release PLESK_12_1_15 contains no any build for this OS
Release PLESK_12_1_14 contains no any build for this OS
[code]....
View 1 Replies
View Related
May 25, 2015
After installing a separate SSL to domain.com and www.domain.com, for some reason host.domain.com, which is the subdomain for plesk login, isn't being secured by FTP when choosing "Secure Plesk" after choosing the correct SSL. No error occurs, nor does the dashboard respond to it. It stays the same and unsecured. I tried rebooting server, restart services, etc.
View 1 Replies
View Related
Jul 21, 2014
Easy way to install 5.2 with plesk i try all old threads but these not working ....
View 2 Replies
View Related
Apr 9, 2015
How to add Cron?
View 14 Replies
View Related
Dec 28, 2014
OS: CentOS 6.6
Plesk: 11.5.30 #48
ProFTPd: 1.3.4c
I am unable to connect over TLS/SSL using my FTP client. I have ports 989 & 990 enabled in my server's firewall. My FTP client is attempting connection on port 990, but times out waiting for the server to respond. I also tried adding "TLSProtocol TLSv1" or "TLSProtocol SSLv3" to /etc/proftpd.conf, but get the same result, except that a non-TLS/SSL connection attempt then returns "server closed the connection".
View 2 Replies
View Related
Oct 19, 2014
Since yesterday I can't connect to any of my ftp clients.For months I could login to my FTP using Coda and Filezilla and everything worked until yesterday.
Coda gives me this message:
Error -203: miscellaneous error occurred while trying to login to the host
Filezilla gives me this message:
Antwoord:220 ProFTPD 1.3.5 Server (ProFTPD) [MYSERVERIP]
Opdracht:USER username (username is my ftp username)
Antwoord:550 SSL/TLS required on the control channel
I have not changed anything on my server. Just out of the blue this errors appears and now my customers and I can't login anymore.I tried to restart the server, made a new ftp account..I don't know if I can reinstall the ProFTPD or need to open port 21?
View 3 Replies
View Related
Jan 18, 2015
I can not connect to the server with using "Require explicit FTP over TLS"
In /etc/proftpd.conf I have added from here [URL] ....:
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/tls.log
TLSProtocol SSLv23
[Code]....
PS: in Tools & Settings ->SSL Certificates ->I created a new self-signed certificate, set as default. In Tools & Settings ->IP Adress bind new certificate to IP
For each domain is created own certificate, but when try to connect, will be ascked to confirm a default certificate from Plesk I have create a new certificate (using SSH)
Service restarted too with: service sw-cp-server restart
View 1 Replies
View Related
Aug 31, 2014
I activated fail2ban in Plesk 12 and set the SSH jail to ban after 2 retries for 24h on all ports.
This is the generated "/etc/fail2ban/jail.local":
Code:
[ssh]
enabled = true
maxretry = 2
action = iptables-allports[name=ssh]
I tested it and I'm only banned on the IP of SSH (I have one only for SSH and the Plesk panel).
I have 10 IPs in total on my server. I can still access all other IPs, i.e. my websites.
Why does fail2ban not block me completely?
View 13 Replies
View Related
Dec 20, 2014
I wanna know How to install php 5.5 in my Plesk 12 CentOs 6
View 4 Replies
View Related
Sep 1, 2014
My Plesk installation (on Debian Wheezy) has PHP5.4.4 and I need to upgrade it to 5.4.9 or above.
How can I do this (It's a self managed Plesk server)?
View 3 Replies
View Related
Dec 19, 2014
I am using Plesk for my website and I want speed it little bit so I wanna install an APC without screwing everything.
View 16 Replies
View Related
Jun 24, 2014
Moving sites from other servers into a Plesk 12 environment (Centos 6.5) I cannot see a way to set cgi-bin in the webspace root directory instead of document root (httpdocs). In previous Plesk CGI support allowed selection of cgi-bin location.
I have tried (to no avail):
Code:
/usr/local/psa/bin/domain -u mydomain.tld -cgi-mode www-root
/usr/local/psa/admin/bin/httpdmng --reconfigure-domain mydomain.tld
Code:
mysql> SELECT * FROM dom_param WHERE dom_id=x;
(where x is the dom_id of my domain) shows the cgi_bin_mode param has val www-root but no change to system/<domain>/httpd.conf.
Relocating cgi-bin to httpdocs/cgi-bin is not an option - some of these sites are development environments where I cannot move cgi-bin on the live environment and some of the scripts use relative paths.
Is this no longer possible in Plesk 12?
The following works (oops):
Code:
/usr/local/psa/bin/domain -u mydomain.tld -cgi-mode webspace
/usr/local/psa/admin/bin/httpdmng --reconfigure-domain mydomain.tld
mkdir /var/www/vhosts/mydomain.tld/cgi-bin
chown myuser:psaserv /var/www/vhosts/mydomain.tld/cgi-bin
View 3 Replies
View Related
Mar 2, 2015
I set a new Plesk 12 server (Debian 7.8) and migrate some domains from a plesk 11.0.9 server.After this, FTP does not work. I can connect but I receive this error:
Error:The data connection could not be established: ETIMEDOUT - Connection attempt timed out..And no list of folder or files found. Not one domain, any domain.I restart xinetd and fil2ban but still same problem. Via control panel I can see the files but not via FTP.
View 4 Replies
View Related
Mar 14, 2015
I have get installing php .5.4 & 5.5 from Igor here
Mcrypt working good with php 5.3.3 and i need install mcrypt for php 5.4
View 3 Replies
View Related