Sources:
http://www.fail2ban.org/wiki/index.php/MANUAL_0_8
http://thanosk.net/content/securing-plesk-installation-using-fail2ban
Linux, Windows, Software Tips, Articles and Hacks
mysqlcheck -u admin -p`cat /etc/psa/.psa.shadow` -o --all-databases
APPLIES TO:
Parallels Plesk 11.0 for Linux
Instructions:
1. Install epel and remi repositories:
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm # sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
2. Enable remi repository:
# sudo vi /etc/yum.repos.d/remi.repo
In the [remi] section of the file, set the “enabled” option to 1.
3. Upgrade PHP with this command:
# yum install php
Installation of ionCube for PHP 5.4 (optional)
1. Download ionCube:
For x32:
# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.zip
For x64:
# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.zip
2. Unzip file.
3. Copy ioncube_loader_lin_5.4.so to PHP extensions folder:
# sudo cp ioncube/ioncube_loader_lin_5.4.so /usr/lib/php/modules/
4. Set SELinux attributes:
# sudo chcon -u system_u -t textrel_shlib_t /usr/lib/php/modules/ioncube_loader_lin_5.4.so
5. Switch on ionCube in PHP config:
# echo "zend_extension=/usr/lib/php/modules/ioncube_loader_lin_5.4.so" >> /etc/php.d/zend_extensions_psa.ini
6. Check functioning of ionCube:
# php -r 'phpinfo();' | grep -i ioncube
You can also test ionCube Loader by using the helper PHP script “loader-wizard.php” that’s included in the ionCube Loader archive.
Possible issues
1. MySQL server is upgraded with PHP. If, when creating databases, database users or applications fail with MySQL errors such as “Table mysql.servers does not exist,” it means that the MySQL server has been upgraded with PHP. This can be fixed with the following command:
# mysql_upgrade -uadmin -p`cat /etc/psa/.psa.shadow`
2. If you see an error message like “Failed loading /usr/lib/php/modules/ioncube_loader_lin_5.4.so: /usr/lib/php/modules/ioncube_loader_lin_5.4.so: wrong ELF class: ELFCLASS6,” it means that the the ionCube Loader file has a different OS architecture.
3. If you see an error message like “Failed loading /usr/lib/php/modules/ioncube_loader_lin_5.4.so: /usr/lib/php/modules/ioncube_loader_lin_5.4.so: cannot restore segment prot after reloc: Permission denied,” it means that SELinux is effective. The SELinux context is wrong on the ionCube Loader file.
4. PHP doesn’t work in CGI/FastCGI mode with HTTP Error 500. This can be caused by the existence of directives that are incompatible with PHP 5.4 in the global or domain php.ini file. Here is a list of incompatible directives:
register_globals
register_long_arrays
magic_quotes_gpc
magic_quotes_runtime
magic_quotes_sybase
allow_call_time_pass_reference
define_syslog_variables
highlight.bg
session.bug_compat_42
session.bug_compat_warn
y2k_compliance
safe_mode
safe_mode_gid
safe_mode_include_dir
safe_mode_exec_dir
safe_mode_allowed_env_vars
safe_mode_protected_env_vars
zend.ze1_compatibility_mode
Refer to http://www.php.net/manual/en/migration54.ini.php for details.
Upgrade from Atomic
# wget -q -O - http://www.atomicorp.com/installers/atomic | sh
# yum update php
Getting an error after a server upgrade?
ERROR: Session_Exception, Session expired. This occurred after an update for the shellshock bug.
Resolution
Upgrade plesk from 11.5 to 12. Or , rum the autoinstaller
Migrating MySQL database from one Windows Plesk Server to other Windows Plesk Server
The only condition is that the database Engine should be an INNODB. Create the database , database user and password on the plesk server to which you want to migrate the database. Assume that the database name is demodb . Now login to the server from which you want to move the database . Go to the path of the backup E:Program Files (x86)ParallelsPleskDatabasesMySQLdata. Copy the folder “demodb” and paste it on the other server where you want to move at the path C:Program Files (x86)ParallelsPleskDatabasesMySQLdata.
Login to plesk as admin, go to Database Servers, Local Mysql Server, click on the database name and delete the database user and recreate it .
The Path of MySQL Databases on windows plesk server is C:Program Files (x86)ParallelsPleskDatabasesMySQLdata
What to add the firewall or a program in plesk?
# /usr/local/psa/admin/bin/autoinstaller
Error when removing an email in horde:
SQLSTATE HY0001 General error 1267
Install Roundcube in plesk. Switch the webmail to roundcube. Remove Horde. Reinstall. Then switch back to Horde. The installer should install the correct tables.
Check the mail queue in a plesk server:
# /usr/local/psa/admin/bin/mailqueuemng -s
mail queue is full of spam type messages like this:
Subject: Mr.: 14623c9d 65% off for you!
Sale Sale Sale!! Vigara – 0.54$, Cilias – 1.09$, Levtira – 1.15$.. and more more more… ”
Steps to take:
1. Check the mail queue for suspicious emails that are spam and remove them. Monitor the mail queue to see who is sending email and the content and locate the email account for spam delivery.
To remove all mail from the queue, enter:
# postsuper -d ALL
2. Check the passwords for the email accounts with this command logged in ssh as root:
# /usr/local/psa/admin/bin/mail_auth_view Change all weak passwords to more secure passwords. (There are many simple email passwords).
3. Check any wordpress and joomla web sites for updates. Make sure all plugins and core software is up to date.
4. Check any forms on websites and ensure that they have captcha enabled so that they cannot be submitted automatically.
Here are some links to assist in installing an email wrapper to see if the sever is sending spam via a script:
If Postfix – http://kb.parallels.com/en/114845
Once the server is verified spam free you can contact us and we can help with any de-listing submissions.
Please let us know if you have any other questions.
Don’t know the admin password for your plesk panel?
Linux
#ssh root@123.22.33.22 /usr/local/psa/bin/admin --show-password 34GGb$sger
Windows
Connect to the server via RDC
Run the following in a command prompt
# cd %plesk_bin% # plesksrvclient -get
Invald SSL
Rename or delete the file cert8.db in the Profile Folder to remove all intermediate certificates that Firefox has stored by visiting secure websites.
The build-in root certificates show as “Builtin Object Token” and the stored intermediate certificates as “Software Security device”
Rename or delete the file cert_override.txt (cert_override.txt.old) in the Firefox Profile Folder to remove all permanent exceptions that you have saved.