Author Archive

Apache server status

Add the following to httpd.conf for resource troubleshooting: ExtendedStatus On SetHandler server-status Order deny,allow Deny from all Allow from myipaddress

Too many open files when several hundred domains in Plesk

With more than several hundred domains in plesk, issues can arise with too many open files. Solution: echo ‘ulimit -n 32768′ >> /etc/sysconfig/httpd Enabling piped logging his also helps greatly,: mysql -uadmin -p$(cat /etc/psa/.psa.shadow) -BAND psa -e ‘REPLACE INTO misc VALUES (“apache_pipelog”,”true”)’ /usr/local/psa/admin/bin/websrvmng -a To see the default open file limit per process: ulimit -n […]

Allow directory listing in Apache

Simple I know, but I always forget. # Create a .htaccess file Options +Indexes

Adding a secondary SMTP port in Plesk

Choose an unused port and add it to the /etc/services file, for example: smtp_alt 2525/tcp # new SMTP port Make a copy of /etc/xinetd.d/smtp_psa to /etc/xinetd.d/smtp_psa_alt and correct service line within new file: service smtp_alt Restart xinetd `/etc/init.d/xinetd restart` Edit the firewall, adding port 25025

Adding a second FTP account in Plesk

Sometimes it’s necessary to have two FTP users on a domain with access to the httpdocs and/or subdirectories, which Plesk doesn’t allow by default. # Create a web user in Plesk # Change the default directory to the required one and the userid to the same as the main FTP user grep ftpuser1 /etc/passwd usermod […]

Plesk SQL Queries

A few queries I put together to grab info from the Plesk database for troubleshooting: #FTP ACCOUNTS #———— SELECT account_id AS ‘ID’, login AS ‘USERNAME’, password AS ‘PASSWORD’, home AS ‘HOMEDIR’ FROM sys_users S, accounts A WHERE S.account_id = A.id; #MAIL ACCOUNTS #————- SELECT account_id AS ‘ID’, mail_name AS ‘USERNAME’, password AS ‘PASSWORD’, postbox as […]

Plesk for Windows – PCI Compliance

This is somewhat of a work in progress. The only thing flagged by PCI compliance scans so far is the use of SSLv2. This can be disabled in Windows 2003 by adding the following registry entry in: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server create a new DWORD named Enabled with the default value Also disable weak ciphers: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders […]

Plesk for Linux – PCI Compliance

Courier Weak SSL Ciphers and SSLv2 The most common flaw uncovered by a PCI compliance scan is that a service is allowing SSL connections using weak SSL ciphers. Disable SSLv2 in Courier by adding the following line to both /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl: TLS_CIPHER_LIST=”HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH” After restarting Courier, test with openssl to confirm SSLv2 has been disabled […]

Resync the IIS anonymous username and password on Plesk for Windows

If the domain is prompting for a login, and then gives “HTTP Error 401.1 – Unauthorized: Access is denied due to invalid credentials”, there might be an issue with the anonymous password that Plesk is holding. First thing to check is that all directory permissions are adequate and that anonymous directory access is ticked in […]

Zeus 301 redirect

Add the following to rewrite.script: match URL into $ with (.*) set SCRATCH:COND = %{IN:Host} match SCRATCH:COND into % with ^domainname\.co\.uk if not matched then goto RULE_0_END set URL = http://www.domainname.co.uk$1 set RESPONSE = 301 set OUT:Location = %{URL} set BODY = Please try <a href=”%{URL}”>here</a> instead\n RULE_0_END: