What’s new in Plesk 9?

Whats new in Plesk 9.0?

With it’s new multilevel control, Parallels Plesk 9 makes it easy to automate web hosting solutions for small business and resellers. There are five login levels to the control panel each level having its own permissions and features.

Administrator – This user has the highest level of permissions. Can be used to easily and quickly setupsystem services, and manage server users.
Reseller – This user has all the same functionality of the administrator except the ability to manage system services.
Client – Third tier login which has the permissions to create domains.
Domain Owner – Fourth tier login with permissions for single domain administration.
Mail User – Individual mail account users can manage passwords, spam filters and antivirus settings.

Resellers level. The resellers level is a new addition in Plesk 9, giving resellers the ability to manage and create their own clients and domains. Resellers can also distribute other services such as application hosting and databases on a per client basis.

Plesk Billing 6.0. Formerly Modernbill, Plesk 6.0 billing is a basic feature included in the installation with Plesk 9. Fully integrated with smooth nagivation between Plesk and Plesk Billing makes this software extremely efficient and easy to use.

APS Catalog. The new APS Catalog, provides the ability to download packages directly from Parallels website and make them available to your customers. Files are downloaded in APS format and added to the server application vault.Permissions for these applications can be provided to everyone or to select customers according to hosting plans.

Postfix Support. An alternative solution to qmail for unix based Plesk.

New Backup Tool. The new backup solution offers on-the-fly restoration conflicts which offer a variety of ways to resolve conflicts prior to a backup restoration.

Overselling/Overuse Capabilities.With the administrator and reseller users you may oversell your system resources to allow for flexibility and growth.

Plesk API 1.6. The updated API further improves the ability to integrate your software solutions with Plesk 9. Updates to the API include support for all new features included in Plesk 9.

Alternative Webmail. Plesk 9 offersfree Atmail Webmail Light 1.0, as a new webmail client, as well as commercial Atmail 5.5 support.

MSSQL 2008 Support. Parallels 9.0 for Windows offers Microsoft SQL Server 2008 support.

Merak 9.3.2 support. Parallels Plesk 9.0 for Windows offers Merak 9.3.2 Mail Server support.

For a full list of new features please see the following URL:

http://www.parallels.com/r/pdfs/Plesk/parallels_plesk_panel9_whatsnew.pdf

DDOS Check !

A quick and usefull command for checking if a server is
under ddos is:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

cPanel/WHM cannot be accessed using IP/whm and IP/cpanel

The reason for this issue due to missing some lines in httpd.conf.

Fix
====

1) Open the apache configuration file(httpd.conf) in your favorite editor.

2) Add the following lines in the httpd.conf.

===================================================================

ErrorDocument 400 /400.shtml
ErrorDocument 401 /401.shtml
ErrorDocument 403 /403.shtml
ErrorDocument 404 /404.shtml
ErrorDocument 500 /500.shtml
ScriptAlias /cgi-sys/ /usr/local/cpanel/cgi-sys/ Alias /sys_cpanel/ /usr/local/cpanel/sys_cpanel/ Alias /java-sys/ /usr/local/cpanel/java-sys/ Alias /img-sys/ /usr/local/cpanel/img-sys/ Alias /akopia/ /usr/local/cpanel/3rdparty/interchange/share/akopia/

Alias /neo-images/ /usr/local/cpanel/base/neomail/neo-images/
ScriptAliasMatch ^/cpanel/(.*) /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /cpanel /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /whm /usr/local/cpanel/cgi-sys/whmredirect.cgi
ScriptAlias /securewhm /usr/local/cpanel/cgi-sys/swhmredirect.cgi
ScriptAlias /webmail /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/webmail/(.*) /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/kpanel/(.*) /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /controlpanel /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /securecontrolpanel /usr/local/cpanel/cgi-sys/sredirect.cgi
Alias /mailman/archives/ /usr/local/cpanel/3rdparty/mailman/archives/public/
ScriptAlias /mailman/ /usr/local/cpanel/3rdparty/mailman/cgi-bin/
Alias /pipermail/ /usr/local/cpanel/3rdparty/mailman/archives/public/
Alias /interchange/ /usr/local/cpanel/3rdparty/interchange/share/interchange/
Alias /interchange-5/ /usr/local/cpanel/3rdparty/interchange/share/interchange-5/

===================================================================

3) Now restart the httpd service in the server.

WHM locked out – cphulkd

cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service. BUT sometimes it becomes troublesome when you are accessing the cPanel with incorrect password and cPanel assuming you as attacker blocks you with below message :

—————————————————————————————
This account is currently locked out because a brute force attempt was detected. Please wait 10 minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.
—————————————————————————————

To get out of such situation you can disable cphulkd protection :

login via ssh and disable cphulkd using the command below.

# /usr/local/cpanel/bin/cphulk_pam_ctl –disable

This should allow you to login to WHM and double check your cphulk settings.

You can view IP addresses that have been blocked via the WHM interface: WHM -> Security -> Security Center -> cPHulk Brute Force Protection in the Brutes table. On that screen, you can also customize brute force protection settings.

Flush DB will remove all blocked IPs:

WHM >>  Security Center >> cPHulk Brute Force Protection >> Click on Flush DB

Well the other way to this is to remove the IP’s blocked by cPHulk from its database .

ssh to the server login as root and type the following at the prompt

[root@server:] mysql

mysql> use cphulkd;

mysql>BACKUP TABLE  brutes TO ‘/path/to/backup/directory’;

mysql> SELECT * FROM brutes WHERE `IP`=’xxx.xxx.xxx.xxx’;

mysql> DELETE FROM brutes WHERE `IP`=’xxx.xxx.xxx.xxx’;

mysql>quit

🙂