How to Update the Default Plesk SSL (not domain ssl)

You can update the SSL through Plesk under Tools & Settings -> SSL/TLS Certificates.

To change the default Plesk certificate and do not reassign certificates for all domains manually, do the following:

  1. In Plesk open Tools & Settings > SSL/TLS Certificates > Add > proceed with adding new certificate.
  2. Return to Tools & Settings > SSL/TLS Certificates > select the certificate created in previous step > Make Default .

Set up Sendgrid on Plesk

This is used to set up Sendgrid in Plesk for Azure email functionality.

  1. Set up a sendgrid account and set up the first email:
  2.  Ssh to the Azure server and make the following modifications:

Find your Postfix config file, typically /etc/postfix/main.cf, and add the following:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587

Now you need to specify your credentials (optionally, use apikey as username and an API Key as password) in the separate file /etc/postfix/sasl_passwd (you’ll likely need to create it):

[smtp.sendgrid.net]:587 yourSendGridUsername:yourSendGridPassword

Next, make sure the file has restricted read and write access only for root, and use the postmap command to update Postfix’s hashtables to use this new file:

$ sudo chmod 600 /etc/postfix/sasl_passwd
$ sudo postmap /etc/postfix/sasl_passwd

Finally, restart Postfix:

$ sudo systemctl restart postfix

Send your email and then verify in sendgrid.

If you are getting no mechanism available error messages it generally indicates that you are missing some SASL authentication libraries.

Install the missing module dependency using apt-get (i.e., Debian, Ubuntu):

$ apt-get install libsasl2-modules

Or using a yum (i.e., RedHat, Fedora, CentOS):

$ yum install cyrus-sasl-plain

Troubleshooting
If port 587 is not working for you please try 2525 in your postfix config. You may also need to edit /etc/postfix/master.cf to remove # from

#tlsmgr unix - - n 1000? 1 tlsmgr

Other integrations with MTA’a – https://sendgrid.com/docs/Integrate/Mail_Servers/postfix.html

Enable TLS version 1.2 on Plesk

Enabling TLS 1.2 and disabling other versions on Plesk.

In order to use the steps outlined below, you will need to upgrade Plesk to it’s most recent version. You can do so within the System Overview section of the Home screen in Plesk Panel or by running

# /usr/local/psa/admin/bin/autoinstaller

Once you have completed the upgrade you can run the command in the link below to enable TLS1.2 and disable older versions of TLS.

https://support.plesk.com/hc/en-us/articles/115000422229-How-to-enable-disable-particular-TLS-version-in-Plesk-on-Linux-

Find Plesk users and Remove them

Plesk uses system users to handle logins. As such removing the user effectively removes their access to the entire server.
If you want to delete the user without deleting any of their files, type this command as root:

#userdel username

If you want to delete the user’s home directory along with the user account itself, type this command as root:

# userdel -r username

Check for user


# grep username /etc/passwd
#

Just to be sure check the logins for Plesk on the server and the list of users is below.

# plesk db “select login from domains inner join sys_users on domains.id = sys_users.id”
+————–+
| login |
+————–+
| artist |
| test |
| user1|
| testuser1|
| rod|
| james|
| lisa|
+————–+

			

Courier service can not be started: courierlogger dead but pid file exists

Courier cannot start:

Courier service can not be started: courierlogger dead but pid file exists
#service courier-pop3s status

In the Plesk Control Panel/Tools and Settings/ Services all of the ‘Courier’ entries show they are not running.

The usual fix of grep the courierlogger process and killing it does not work. Here is what does:

This is caused by hung processes, but not courierlogger was hung, but couriertcpd processes, one of them was running since April 3:


# ps aux | grep couriertcpd
root 3784 0.0 0.0 11976 1796 ? S 11:05 0:04 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 110 /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
root 3907 0.0 0.0 11972 1884 ? S 11:05 0:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 143 /usr/sbin/imaplogin /usr/bin/imapd Maildir
root 3973 0.0 0.0 11972 1776 ? S 11:05 0:00 /usr/lib64/couriertcpd -address=0 -maxprocs=40 -maxperip=4 -nodnslookup -noidentlookup 993 /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/bin/imapd Maildir
root 26808 0.0 0.0 103396 2080 pts/2 S+ 19:53 0:00 grep couriertcpd
root 26951 0.0 0.0 11976 1704 ? S Apr03 0:49 /usr/lib64/couriertcpd -address=0 -maxprocs=80 -maxperip=10 -nodnslookup -noidentlookup 995 /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib64/plesk-9.0/pop3login Maildir
[root@216-55-187-88 ~]# ps aux | grep courierlogger
root 13394 0.0 0.0 4124 1432 ? S 18:08 0:00 /usr/sbin/courierlogger -name=courier-authdaemon -pid=/var/run/courier-authdaemon.pid -lockfile=/var/lock/subsys/courier-authdaemon -start /usr/lib64/courier-authlib/authdaemond


Kill all those processes and after that you are able to start the service successfully:


# service courier-imapd status
courierlogger (pid 29099) is running...

Plesk Commands

Here are some Plesk commands that are useful:

How to re-patch

 # plesk installer update --repatch

https://support.plesk.com/hc/en-us/articles/360002264953-How-to-reinstall-Plesk-micro-updates-MU-

This is related to an issue for Courier

Plesk Web Statistics not Updating for SSL Site

In checking Plesk Stats, the traffic is much lower that the actual traffic.

Plesk Web Stats button only links to now SSL traffic. See: https://support.plesk.com/hc/en-us/articles/213951505-Different-statistics-values-for-SSL-and-non-SSL-traffic

As a workaround, SSL traffic statistics can be accessed using the following link:

https://example.com/plesk-stat/webstat-ssl

FTP statistics can be accessed using the following link:

https://example.com/plesk-stat/ftpstat
https://example.co/plesk-stat/anon_ftpstat

Add Gzip to Plesk Server

Instructions
Login to your Plesk server.
Select the domain you wish to enable gzip for from the left hand side.
Click in Apache and nginx settings:

Down the bottom, add the following to the “Additional nginx directives” field:


gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript application/javascript text/xml application/xml application/xml+rss text/javascript image/x-icon image/bmp image/svg+xml;
gzip_vary on;

Click OK to save.
Verify with GTMetrix.com .