Plesk12 has been installed on Windows2012R2. In the Tools and Settings/Database Servers list we have
· Local MySQL server (default for MySQL)
· .MSSQLSERVER2012
· sql-db-1 (default for MS SQL)
We only expect to use the remote sql-db-1 database for user databases.
Can we delete the other 2 databases and is this recommended? Does the Local MySQL server contain the Plesk Management database/schema?
I have upgrade my mysql plesk installation from 5.1 to 5.6 and have troubles in setting utf8mb4 charset for server and databases. Special characters still display badly in my websites. I'm running Windows Server 2012 R2 and plsk 12.
View 1 Replies View RelatedI keep having tons of spams in the Drop folder of my Windows SMTP which I enable only for sending out forms. How do you normally stop this? I cant stop the SMTP as it is for forms usage. Relays are already set to my local IPs
View 1 Replies View RelatedI just got my servers up, DNS servers what not and my main plesk server for shared/reseller hosting.
Now for the weirdest thing ever!
I started working on my plesk packages a few days ago, after I got plesk installed.
Systems stats as follows
Supermicro AS1021M-T2 barebone
[url]
Has 16GB of infeon DDR2-667 memory.
2 250GB hard drives in mirrored configuration with the Acera 9500 w/ 256MB of memory
Running Cent OS 4.4
For some reason, Everytime I go into Plesk, or any of the websites that are contained in Plesk, The nic card drops out, wont allow any activity to get through, both ways.
Curious to know the maximum number of sql server databases you guys have seen on a single server box?
View 0 Replies View RelatedI'm looking for a way to get a report of the top domains that are continuously greylisted so I can determine which ones need to be put on the "domains- whitelist" because they use different IPs when resending, causing very long delays (hours/days/never) for each message sent.We're using Plesk11 on CentOS 6.4 with Postfix and the Plesk built-in Greylisting option enabled.
# /usr/local/psa/bin/grey_listing --info-server
Grey listing configuration.
Grey listing checking enabled
Grey interval 5 minutes
Expire interval 51840 minutes
Penalty interval 2 minutes
Penalty disabled
Personal grey listing
configuration allowed
[code]....
Black domains patterns list:
SUCCESS: Gathering of server wide information complete.Click to expand...
Let's say a customer opened a VPS account with you, but never actually used the service. After having the dormant account 6 months, they call and ask for a refund.
View 14 Replies View RelatedWe have 8 IP's on our dedicated server, and only 3 are being used. The other 5, according to bandmin, are using both incoming and outgoing bandwidth. I've never seen this before. Each IP is using on average... 160mb (in+out).
My server provider says its normal, but he didn't really seem interested in the problem.
In my new job as webmaster (last one left without notice), I added 12 IP addresses to our managed server. Silly me, thought the cpanel would show the new ones seperate from the ones currently used.
But when I went to add a new website, I discovered that now all IP addresses (both used and unused) are listed in the same dropdown menu. Web host tech supt says unless I had a listing of old, used IP addresses, to compare with, I would have to manually test each one.
Since this company has over 100+ websites on this server, this will be slow going.
Does any one have an idea of a legit software app that I can use test ping my websites for me so I can track down these newly assigned but unused IP addresses for my sites?
if there is any good method for finding files that have not been accessed by the server for a long period of time. I was thinking this might be a good way of clearing space.
View 10 Replies View Relatedhow to set multiple databases for a single user in plesk.
It only alows 1 db per user.
The sql server I have my users use is on a different server from which plesk is installed. Plesk should include the size of the user's databases from the external server as well otherwise the user can have a database as large as he wants. It's no longer restricted by the plans limits.
View 7 Replies View RelatedI have done many tests and always fails.= Plesk 9.5 to Plesk 12 =
I perform a migration with several domains from Plesk 9.5 and Plesk 12, it runs well. Then I remove all the migrated domains in Plesk 12 server. Then I perform a new migration with the same domains from the same server with Plesk 9.5 to the same server with Plesk 12 and it fails.The reason is that Plesk 12 doesn't remove the databases attached to the subscriptions. The new migration tries to deploy the databases and it can't because the same databases with the same users are deployed already.
I tried to remove the databases with `plesk bin database` and it was not enough. Maybe the same error will show when you migrate from Plesk 11.5/12 to Plesk 12.
today we notice that all subscriptions on Plesk when we access phpmyadmin has access to all databases,it was a Plesk update that can be done this ?
I don't remember to update anything during this days to this happen.
I have 2 Nodes. Both of them are configured like this:
Node1: Roles: MySQL, Apache,. Postfix; Attributes: Apache, Postfix, Webhost; restricted=>Reseller1
Node2: Roles: MySQL, Apache,. Postfix; Attributes: Apache, Postfix, Webhost; restricted=>Reseller2
I log in as Reseller1 (clean login; not by switching from PPA Admin to Reseller1), create a Webspace and a Database. At that point I am able to see and create Databases on every Node, even on Reseller1 (Node1), which is set to restricted. I guess this behaviour is not intended, isn't it?
So I was trying to look up something from the horde Databases just to find that the full server backup that can be triggered in "tools & settings" -> "backup manager" does NOT include the horde and roundcube databases, even with "configuration and content" selected.
Sure, there are 7 days worth of daily backups in /var/lib/dumps but it would be nice to have those files included in the "full backup" Or am I missing something here?
A friend pointed out today that urgentVPS' WHMCS license had expired so he was unable to get to support tickets, he also said about the phone number not working properly. Wondered if anyone could shed some light on this situation, or whether I should get ready to back up and pack up?
View 12 Replies View RelatedI have a VPS with rDNS and SPF records configured fine. I am able to send email to all. But for hotmail I can not.
The strange is that on VPS log I have message that the trasation was competed:
**************
$
2008-02-29 23:22:07 1JVHMV-00069K-PE <= adriano@domain.com.br H=localho$
2008-02-29 23:22:08 1JVHMV-00069K-PE => teste.noreply@hotmail.com R=lookuphost $
2008-02-29 23:22:08 1JVHMV-00069K-PE Completed
***************
But the message was not delivered in any teste.noreply@hotmail.com folder (inbox or spam folder).
I can not understand it. What can to be happening?
Feel free to use the following iptable commands below to drop INVALID SYN packets that sometimes are also used to flood the server..
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
/sbin/iptables -A INPUT -i eth0 -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
What are the different methods to drop DDOS attack?
View 10 Replies View Relatedway to restart mysql and named if they drop. I'm on cpanel.
I've searched and found the following:
For mysql:
Code:
NUMBER=`ps --no-heading --user mysql | wc -l`;
[ $NUMBER -eq 0 ] && service mysql restart;
For named:
Code:
NUMBER=`ps --no-heading --user named | wc -l`;
[ $NUMBER -eq 0 ] && service named restart;
I have these set to run every 5 minutes, just to check if mysql/named are running. I found out that it doesn't work: I woke up to a whole bunch of sql errors and realized that mysql dropped while I was asleep... I type in "service mysql restart" manually and it restarts as usual, so I know that the command to restart sql works fine, but the restarts aren't triggering in the first place.
I have created virtual SMTP server in IIS6 and while send e-mail from the same server using SMTP IP address, the e-mail do not reach recipient, all sent e-mails goes directlly to DROP folder and stay it that folder.
I have checked event viewer, no error, also used telnet to create and send e-mail, no error.
(This is the first review I've ever written for practically anything so please bear with me. I feel the need to share my experience to try to help others after all the great advice and info I've received around here.)
If you've done everything you think you can do to improve the responsiveness of your websites like add a mysql cache, PHP opcode cache and various other tweaks, I discovered there is still one more easy thing you can do for a big improvement: replace Apache with LiteSpeed. It's way too easy not to try it and you can leave Apache completely intact to go back to at a moment's notice if you so desire.
I call LiteSpeed a "drop-in" replacement because it uses all my httpd.conf and .htaccess settings without modification. This was critical for me as my sites have some very complex rewrite rules. Other solutions like LightHttpd require extensive work to make changes if you use fancy mod-rewrite rules. LiteSpeed does not need any fiddling. LiteSpeed just adds it's own clean little web interface so you can tweak if you want to, but I didn't really have to change anything. Last but not least, LiteSpeed gets along with Cpanel and DirectAdmin without any conflicts. LiteSpeed's so compatible I can literally do this on my server and the visitors don't even notice the difference (except speed of course!)
service httpd stop
service lsws start
(and visa versa)
I discovered LiteSpeed after reading that the main WordPress.com site had switched to it and had great success (they have a quarter million registered bloggers and of course many millions more daily readers).
The main reason I tried LiteSpeed is because it's roughly twice as efficient in memory use and performance than Apache 1.3 & 2. It runs PHP up to 50% faster than Apache and static files get served several times faster (faster than thttpd & lighthttpd). So this means you can either double the number of active connections you currently max out at now, or make a regular website respond nearly twice as fast, or under heavy loads still respond within a reasonable amount of time when Apache would be completely unresponsive.
The last situation was exactly what I was hoping for and LiteSpeed helped me keep my sanity on a bad VPS node.
Basically a couple months into owning my first VPS (after many years of shared-hosting experience) I started to realise many of the industry promises about VPS are an outright lie. You are far from isolated from your neighbours. Any disk load created by bad neighbours, mysql abuse or otherwise, will directly affect you and you are powerless to stop it. It's the most poorly regulated resource on any VPS node and it can be made worse by slack, ignorant or inexperienced hosts who do things like move accounts during busy periods onto and off a node at the root level which ties up the entire node for an hour or more. Under Apache, I was getting timeouts during peak visitor times and that was very upsetting.
On top of my VPS neighbour troubles, no matter how I fiddled with Apache's settings (with all the helpful guides around here) I could not make it comfortably fit within the guaranteed memory limit of my VPS with Cpanel, which I really wanted to keep as it's much easier for my end-users. Switching to LiteSpeed caused a radical drop in memory use. I've seen nearly 1000 people online within a one minute period on one of my sites and it still fit comfortably within my memory limits and stayed extremely responsive.
I've discovered another plus to LiteSpeed along the way that no-one else seems to mention. It's the only server software that "out of the box" seems to serve web compressed (gzipped) pages properly as chunked output. This means a visitor will start to see the page immediately as soon as the first part is sent vs. on Apache, mod_gzip actually de-chunks all the output, waits for it to finish, then compresses, then sends.
Mod_deflate on Apache 2.0 was supposed to fix this but it usually doesn't work properly and I've never gotten 2.0 to do compressed+chunked output on my sites without alot of fiddling and help from PHP. It also doesn't seem as smooth as LiteSpeed's output which gives you that "silky" watch-the-webpage render effect that's mentally rewarding to visitors.
On the downside, there is one reason you wouldn't use LiteSpeed - if you use highly customised Apache mods. LiteSpeed cannot support custom mod's and their directives. It does have a lot built in however that Apache does not, so you may way to examine if you can accomplish what you are trying to do another way.
I started with LiteSpeed 3.1 and when I found an incompatibility with an obscure Apache feature (ie. ErrorDocument's as plain text output: ErrorDocument 404 "Not Found" was not supported) they fixed it for me in a day or so after I reported it on their forum. The same for PHP support of "Apache_Response_Headers". Note I am not even a commercial customer! They are now up to 3.2 which has a few other fixes.
The free version of LiteSpeed has a limit of 150 simultaneous connections (plus the linux stack of 200 more which will backlog). I've never seen that limit hit. It's so intelligent about closing connections as needed that it's not an issue for me. Perhaps on a dedicated server with many virtual hosts this will be a problem. Up to version 3.1.1 that was the only limitation, however unfortunately in 3.2 they have decided to also limit virtual hosts to "5", so that's something else you'll have to consider if you want the free version, otherwise the commercial version has a free trial and money back guarantee.
Some people were upset with me that I wouldn't name my VPS host when I was constantly complaining of troubles but that's just my style when I have nothing nice to say still have to do business with them, so don't name names. But when I have something nice to say about a company, I like to speak up. So I heartily recommend LiteSpeed and hope other people give it a try - especially if you are on my VPS node ;-)
4 times already this month we been listed by CBL
i cant for the life of me figure out why!
IP Address XX.XX.XX.XX was found in the CBL.
It was detected at 2007-11-30 16:00 GMT (+/- 30 minutes), approximately 17 hours, 30 minutes ago.
It has been relisted following a previous removal at 2007-11-25 23:59 GMT
I emailed them and it seems i get an autoresponse which makes no sense they reply me the following:
The IP was detected most recently at:
2007:11:20 ~21:00 UTC+/- 15 minutes (approximately 18 hours ago)
sending email in such a way as to strongly indicate that the IP itself
was operating an open http or socks proxy, or a trojan spam package.
In short, this IP is impersonating being a machine we know it _cannot_
be. No properly configured mail server does this under any circumstances.
You will need to examine the machine for a spam trojan or open
proxy. Up-to-date anti-virus tools are essential.
If the IP is a NAT firewall, we strongly recommend configuring the
firewall to prevent machines on your network connecting to the Internet
on port 25, except for machines that are supposed to be mail servers.
Software notes: If you are running Email Architect, set the
"Masqueraded domain" in SMTP service to be the fully qualified
domain name for the machine.
If you are using an Internet Security Systems firewall (eg:
Proventia M10), please contact ISS and obtain new firmware.
They are aware of issues with the CBL. The firmware version
that fixes this bug is, we believe, "3.5" (at least for
the M10).
Useful links:
[url]
[url](see "Securing your System" and "proxies")
[url]
For more information on securing NAT firewalls/gateways, please
see [url]
This entry has already been delisted from the CBL. Unless otherwise
stated, the CBL will relist this IP if the underlying issues are not
resolved, and the CBL detects the same thing again.
has anyone been in this problem before? ive got myself delisted but its just a pain keep waking up each morning to find this happening
is it possible that someoen who is accessing their email through outlook has a virus on their pc?
Which file can I find my nameservers listed in?
Godaddy was disallowing me to edit nameservers, so cPanel prevented me from setting up ns1.domain.com and ns2.domain.com, this has meant now I have a major problem: A client paid me to develop his site and he has now gone on holiday, he wanted it finished today but I can't put it online because he set the nameservers to ns1.domain.com ns2.domain.com whereas I have had to set up the nameservers as one.domain.com and two.domain.com due to godaddy disallowing me to create ns1 and ns2.
Now my question is: Is it possible to edit a config file that can set up NS1 and NS2 to work along side ONE and TWO? I'm using cPanel and I have root access.
They kindly provided me with timestamp as to when detection was happening and they sent me this description:
Timestamp: 2007-12-02 22:55:32
(ive attached the logs from below for around couople of minutes) If anyone knows how to solve this much appreicate it..or if anyone know what could be the issue!
In a nutshell, your IP is forging a well known domain as theEHLO/HELO - imagine connecting to, say aol.com and having your IPHELO as "apple.com". Understandably, when an IP connects to ourservers and presents such an obvious forgery, we're going to consider ita virus emitter or otherwise compromised.] This is what you need to keep in mind when you're trying to resolvesituations like this: 1) Our detections are based on port 25 SMTP connections your IP makesto one or more of our mail servers. The CBL listing _itself_ is theevidence/"proof"/log of the incident. We generally do not keep samples of CBL detections, because thevolumes are so horrendously high (presently more than 700,000detections per day). They never provide any additional information,because the headers, if any, are all fake anyway. In order to preserve the effectiveness of the CBL, informationbeyond what we've already given you will not be revealed.We can sometimes give additional information (eg: more precisetimestamps) if and only if we know it's necessary to find/fixthe problem. 2) The CBL detects suspicious SMTP activity, NOT spamming per-se. Inother words, the CBL detects email being sent in such a way as toindicate that the sender is compromised in some fashion into sendingviruses or spam.
As such, the CBL focuses on identifying how to prevent the behavior infuture, instead of, for example, identifying spammers that need to beterminated. Indeed, in the case of NAT firewalls, it is almost always impossiblefor us to precisely identify which machine behind your NAT is infected. Only your NAT logs (if you keep any and know what to look for) knowwhich machine is infected. In the case of NATs, our focus is on blocking the malicioustraffic getting to the Internet. We can give tips/pointers on howyou can identify specific infected machines behind a NAT, but ourpriority is to prevent _any_ infected machine behind your NATspewing junk to the Internet, because we know that for everyinfected machine you fix, another one (or more) will eventuallyspring up in its place, and we (and we suspect you) don't likeplaying a never-ending game of whack-a-mole. 3) The viruses we detect carry their own SMTP clients with them, and donot attempt to relay through your mail servers. Hence, email transitfilters (either inbound or outbound) on your mail servers can't help.Only AV scanning the infected machine does.
Similarly, the spamware (open proxy or spam trojan) we detect donot route through your mail servers either. 4) Most AV tools aren't very good at detecting/cleaning out establishedinfections. Especially those resulting from day-zero attacks.Particularly since many of these infections open back doors, and theoriginal infection vector downloads many pieces of software that _may_not be in themselves malware, just used in a malicious fashion. 5) The headers don't help at all. Since the virus/spamware has its ownclient, and doesn't pass through your server[s], the only thing knowableabout the virus/spamware is the peer (connection) address at therecipient's mail server - which is what we've listed - your NAT firewallif you have a NAT... Only your NAT firewall logs can tell you anydifferent. Short of AV scanning the infected machine, the only useable informationabout which machine is infected is in your NAT firewall logs - ifyou actually make any logs and keep them long enough. For the most part, then, a CBL listing of an IP means that the IPneeds to be fixed. If it's a NAT IP - port 25 blocking (and youcan find/fix the infected machine[s] at your leisure), if it's nota NAT - virus/malware eradication. 6) Outbound port 25 connection blocking on NAT firewalls (permittingonly your authorized mail servers) is the best solution for NATs. 7) If you have a NAT, once you've implemented port 25 blocking, younot only contain the viruses, your NAT firewall logs will immediatelytell you who is infected or is compromised with a spam trojan oropen proxy. 8) As far as we're aware, once port 25 blocking is instituted in ANAT, the only times people have continued to have trouble with CBLlistings is when the blocking wasn't working for some reason. Itwould be a good idea to test whether the blocking is in fact working.We have suggested procedures for this if you want - ask us.
2007-12-02 22:55:05 [19907] list matching forced to fail: failed to find host name for 201.58.9.244
2007-12-02 22:55:05 [9913] SMTP connection from [81.129.182.181]:60329 I=[69.16.237.199]:25 (TCP/IP connection count = 3)
2007-12-02 22:55:06 [9913] SMTP connection from [85.177.218.230]:9468 I=[69.16.237.199]:25 (TCP/IP connection count = 4)
2007-12-02 22:55:06 [19907] H=(20158009244.user.veloxzone.com.br) [201.58.9.244]:61429 I=[69.16.237.199]:25 F=<vash989@lfcc.edu> rejected RCP$
2007-12-02 22:55:06 [19907] SMTP connection from (20158009244.user.veloxzone.com.br) [201.58.9.244]:61429 I=[69.16.237.199]:25 closed by DROP$
2007-12-02 22:55:07 [19908] ident connection to 71.217.38.129 timed out
2007-12-02 22:55:07 [19909] ident connection to 81.129.182.181 timed out
2007-12-02 22:55:08 [9913] SMTP connection from [213.36.8.1]:3542 I=[69.16.237.199]:25 (TCP/IP connection count = 4)
2007-12-02 22:55:08 [19909] H=host81-129-182-181.range81-129.btcentralplus.com [81.129.182.181]:60329 I=[69.16.237.199]:25 F=<markhuu.Fabris@$
2007-12-02 22:55:08 [19909] SMTP connection from host81-129-182-181.range81-129.btcentralplus.com [81.129.182.181]:60329 I=[69.16.237.199]:25$
2007-12-02 22:55:09 [19910] H=e177218230.adsl.alicedsl.de [85.177.218.230]:9468 I=[69.16.237.199]:25 F=<Vesterinenowao@jcel.com> rejected RCP$
2007-12-02 22:55:09 [19910] SMTP connection from e177218230.adsl.alicedsl.de [85.177.218.230]:9468 I=[69.16.237.199]:25 closed by DROP in ACL
2007-12-02 22:55:09 [19908] H=71-217-38-129.tukw.qwest.net [71.217.38.129]:63507 I=[69.16.237.199]:25 F=<0agwampler@rapidreply.net> rejected $
2007-12-02 22:55:09 [19908] SMTP connection from 71-217-38-129.tukw.qwest.net [71.217.38.129]:63507 I=[69.16.237.199]:25 closed by DROP in ACL
2007-12-02 22:55:09 [19911] H=dyn-213-36-8-1.ppp.tiscali.fr (dyn-213-36-8-129.ppp.tiscali.fr) [213.36.8.1]:3542 I=[69.16.237.199]:25 F=<Norbe$
2007-12-02 22:55:09 [19911] SMTP connection from dyn-213-36-8-1.ppp.tiscali.fr (dyn-213-36-8-129.ppp.tiscali.fr) [213.36.8.1]:3542 I=[69.16.2$
2007-12-02 22:55:13 [9913] SMTP connection from [201.212.156.23]:51905 I=[69.16.237.199]:25 (TCP/IP connection count = 1)
2007-12-02 22:55:13 [9913] SMTP connection from [200.122.38.174]:1152 I=[69.16.237.199]:25 (TCP/IP connection count = 2)
2007-12-02 22:55:14 [9913] SMTP connection from [201.233.222.43]:2980 I=[69.16.237.199]:25 (TCP/IP connection count = 3)
2007-12-02 22:55:16 [19915] ident connection to 201.233.222.43 timed out
2007-12-02 22:55:17 [19915] H=cable201-233-222-43.epm.net.co (castellanos.une.net.co) [201.233.222.43]:2980 I=[69.16.237.199]:25 F=<Chasityse$
2007-12-02 22:55:17 [19915] SMTP connection from cable201-233-222-43.epm.net.co (castellanos.une.net.co) [201.233.222.43]:2980 I=[69.16.237.1$
2007-12-02 22:55:18 [19920] cwd=/home/annajwa/public_html/forum 2 args: /usr/sbin/sendmail bloochunc@bk.ru
2007-12-02 22:55:18 [19920] 1IyxiY-0005BI-5f <= annajwa@host.mpadc.com U=annajwa P=local S=747 T="Welcome to An- Najwa" from <annajwa@host.mp$
2007-12-02 22:55:18 [19921] cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1IyxiY-0005BI-5f
I have a server that keeps getting listed by DSBL. It is RHEL 3 running Plesk and Qmail. In the MAIL config SMTP relay is set to "Authorization is Required" and the SMTP box is checked. I have a couple other very similar server setups and they have never been listed, so I dont know why this one is. I suspect it may be a bug.
As for the last listing (yesterday) here is the exerpt from the maillog showing the SMTP relay
===================
Aug 26 13:36:48 slv3 qmail-queue[426]: scan: the message(drweb.tmp.0PW0bG) sent by nobody@cor.neva.ru to listme@listme.dsbl.org should be passed without checks, because contains uncheckable addresses
Aug 26 13:36:48 slv3 qmail-queue-handlers[428]: to=listme@listme.dsbl.org
Aug 26 13:36:48 slv3 qmail-queue-handlers[428]: recipient[3] = 'listme@listme.dsbl.org'
Aug 26 13:36:48 slv3 qmail-queue-handlers[428]: handlers dir = '/var/qmail//handlers/before-queue/recipient/listme@listme.dsbl.org'
Aug 26 13:36:48 slv3 qmail: 1188153408.989183 starting delivery 7244: msg 2327042 to remote listme@listme.dsbl.org
Aug 26 13:36:48 slv3 qmail-remote-handlers[430]: to=listme@listme.dsbl.org
===================
why my server is relaying?
I signed up with a new VPS provider and got three IPs and ordered an additional IPS. It turns out all six IPS were listed by SORBS as spam sources.
So I contact the provider and they give me one clean IP but I have to keep the remaining 5 SORBS marked spam IPs that I am going to use for nameservers and "reseller" account with nameservers.
My quetion is . . . is being marked by SORBS going to have any negative effect on my VPS? Alot of places will mention this when looking up a domain like Domain Tools and DNS Stuff, so is this going to make my web sites come off as spammers?
my server's Ip adresse was found listed at the CBL list.
check this out :
[url]
i think i'm listed for naming issue as they referred me to this page to solve the problem.
what should i do to correct the probleme i made some changes on /etc/hostname and etc/hosts and requested delisting but without positive results.
I'm On debian SARGE.