Archive for the tag 'plesk'

SBDavid
Jul 18th, 2012

Important Parallels Plesk Panel Critical Vulnerability MicroUpdates

Important Parallels Plesk Panel Critical Vulnerability MicroUpdates

Parallels has released new set of Critical MicroUpdates for certain versions of Plesk Panel 10.4 or earlier to address functional fixes, stability, and security – including third-party components.

Impact
These MicroUpdates are not needed for Parallels Plesk Panel 11. Updating prior versions to Parallels Plesk Panel 11 eliminates the need to apply this set of Critical MicroUpdates. Parallels Plesk Panel 11 can be downloaded from: http://www.parallels.com/download/plesk.

These Critical MicroUpdates are available for Windows and Linux for the following versions of Parallels Plesk Panel:

10.4.x
10.3.x
10.2.x
10.1.x
10.0.x
9.5.x
9.3.x
9.2.x
9.0.x
8.6.x
8.4.x
8.2.x

Independent of this update Parallels has become aware of unsubstantiated claims of a new Security Vulnerability in Parallels Plesk Panel version 10.4 and earlier (http://kb.parallels.com/en/114330). After extensive investigation, Parallels has traced all reported issues back to the vulnerability already reported and closed with the February 2012 security advisory http://kb.parallels.com/113321. This vulnerability has had patches and remediation steps available since February 2012.

Call to Action and Best Practices

By applying this new MicroUpdate, all previous MicroUpdates will also be applied (including those discussed in the most recent advisory: http://kb.parallels.com/113321).

Independent of this update Parallels has become aware of unsubstantiated claims of a new Security Vulnerability in Parallels Plesk Panel version 10.4 and earlier (http://kb.parallels.com/en/114330). After extensive investigation, Parallels has traced all reported issues back to the vulnerability already reported and closed with the February 2012 security advisory http://kb.parallels.com/113321. This vulnerability has had patches and remediation steps available since February 2012.

Parallels takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.

Important Note: Your updated Parallels Plesk Panel installation will only be secureif your underlying server infrastructure is correctly maintained and patched. Please ensure that all your server components including operating systems and databases are correctly patched and up-to-date.

Remove any active sessions using:

# php -d open_basedir= -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` –clean-up-sessions

Review published web content for integrity, removing any malicious scripts:

# grep -ilr ‘km0ae9gr6m’ /var/www/vhosts/ | while read arq; do echo $arq; echo $arq >> /root/infected.txt; sed -ni ‘1h;1!H;${x;s/km0ae9gr6m.*qhk6sa6g1c/virus removed/;p}’ $arq; done;

Should you require further support to patch/upgrade your Parallels Plesk Panel or solve this issue, please submit a Full Security Audit plan: http://www.serverbuddies.com/full-server-security-audit.php

SBDavid
Mar 4th, 2011

Customizing Service Links in Parallels Plesk Panel

Customizing Service Links

This chapter describes how to customize items of the Panel graphical user interface which let your customers do the following:

* Register domain names.
* Purchase SSL certificates.
* Access you website providing the mentioned or other services.

These items are customized using the interface_template command line utility.
The utility is located in /usr/local/psa/bin directory on Linux systems.

SBDavid
Feb 23rd, 2011

Repository Structure Parallels Plesk Panel for Linux/Unix

Repository Structure Parallels Plesk Panel for Linux/Unix

The Parallels Plesk Panel for Linux/Unix repository located at http://autoinstall.plesk.com is structured as follows.

* products.inf3 - Parallels Installer configuration file which describes the Panel products

* plesk.inf3 - Parallels Installer configuration files which describe different versions of the Panel and additional components.

* pp-sitebuilder.inf3 - The configuration file which describes SiteBuilder - the required Panel component.

* billing.inf3 - The configuration file which describes Customer & Business Manager - the Panel component.

* [PRODUCT_NAME]_[product_version] - Several subdirectories named in accordance with the Panel versions.

Reference: http://parallels.com/

SBDavid
Feb 17th, 2011

Setting Up Locale in Parallels Plesk Panel

Setting Up Locale in Parallels Plesk Panel

To change the default en-US locale:

Log in to the Parallels Plesk Panel server via SSH.

Change the locale by running the utility:

On Linux:

# /usr/local/psa/bin/admin –update -locale en-US

Reference: http://parallels.com/

SBDavid
Feb 14th, 2011

Optimizing Parallels Plesk Panel in VPS

Optimizing Parallels Plesk Panel in VPS

This makes the Panel use less memory than other control panels available on the market, which ensures better utilization of hardware resources and increased density of virtual environments per server.

If you deploy Parallels Plesk Panel in Parallels Virtuozzo Containers for Linux, consider switching the Panel to a special mode of operation - optimized for virtual environments.

The mode switches off InnoDB engine in MySQL database server, and Apache web server modules that are not critical for hosting services.

The only disadvantages of using the optimized mode are as follows:

* Web applications requiring InnoDB will not work.
* Perl, python and ASP scripts will not work because the required Apache modules will be switched off.
* PHP will be available only through CGI.

Note: It is not applicable to the Panel installations upgraded from earlier versions.

Reference: http://parallels.com/

« Prev - Next »