“Please Wait Loading…” pop-up is being shown continuously while login to plesk
In order to fix this issue disable magic_quotes_runtime and magic_quotes_sybase in the Plesk control panel PHP configuration file “/usr/local/psa/admin/conf/php.ini”.
These options have to be Off by default:
magic_quotes_runtime = Off
magic_quotes_sybase = Off
Switch them off and restart Plesk CP.
Increase Courier-IMAP Limits in Plesk
Plesk is configured with the following limitations for Courier-IMAP.
1. A single IP address can establish 4 connections simultaneously.
2. IMAP connections are not established more than 40 connections.
You can increase Courier-IMAP e-mail server limits by editing the file - ‘/etc/courier-imap/imapd’.
Steps:
1. Open the file - /etc/courier-imap/imapd
vi /etc/courier-imap/imapd
2. Navigate the line “MAXPERIP”. You can find the value as 4.
3. Change this value as per your wish and save the file
4. Navigate the line “MAXDAEMONS” and change its value to 80
5. Save the file
6. Restart Plesk service
/etc/rc.d/init.d/psa restart
Unable to enable sendmail in Virtuzzo Power Panel (VZPP)
The exact issue :
Unable to enable sendmail using “Virtuzzo -> system services -> xinetd (tab) -> sendmail” section.
This is mainly occurring due to one entry /etc/xinetd.d/sendmail file. In order to fix this issue, do the following:
Modify :
service smtp
{
disable=yes
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}
Modify it to :
service smtp
{
disable=no
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}
restart the xinetd using:
/etc/init.d/xinetd restart
Verify the sendmail status using “Virtuzzo -> system services -> xinetd (tab) -> sendmail”. You can see that the status of sendmail now changed to “enabled”.
How to Encrypt Shell Script
We all know that anyone can read shell script.Think if any one gets access to the shell script which has root password and all stored in it. Its really a security risk. Now we have a solution for that ie all this risk can be avoided if the shell script is encrypted and then executed. The utility used for that is called shc
I will explain how to install it and then use it for the encrypting purpose
1) Download from http://www.datsi.fi.upm.es/~frosal/sources/shc-3.7.tgz
wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.7.tgz
2) Untar it
3) To install it follow the below given steps
cd shc-X.X/
make
make install
4) After install it will create a binary called shc, use it to encrypt the shell scripts
5) Write a shell script, lets call it heloworld.sh
#!/bin/bash
echo ” Helo world ”
6) To test shc execute the command
Option -f is used to encrypt
7) Now you will get an encrypted version of the script. It will be named something like heloworld.sh.x
Its an encrypted version and you can execute it as you wish
9) You have an encrypted shell script.
Preventing potential cross-site scripting vulnerability
There is a security issue related to Acrobat Reader version 7.08 and earlier versions . The flaw let hackers use a technique known as cross-site scripting, in which they blend malicious JavaScript with a link to a Portable Document Format (PDF) file on a Web site to hijack a user’s computer.
There is a server wide workaround for those who do not have the latest versions.
1 Search DefaultType in /usr/local/apache/conf/httpd.conf
After “DefaultType text/plain”
Add
AddType application/octect-stream .pdf
2 Next Enable mod_headers and check the version of apache (go to the specified directory)
cd /home/cpapachebuild/buildapache/apache_1.3.37/src/modules/standard
/usr/local/apache/bin/apxs -c mod_headers.c
/usr/local/apache/bin/apxs -i -a -n headers mod_headers.so
3 Search modsec in /usr/local/apache/conf/httpd.conf after the line add the following.
<IfModule mod_headers.c>
<FilesMatch “\.pdf$”>
Header append Content-Disposition “attachment;”
</FilesMatch>
</IfModule>
4 Restart apache
