Disable ETags

To alleviate security risks arising from disclosure of information about files and their properties by Apache Web server, disable FileETag directive. For PCI Compliance it is required to disable ETags

Create a file at /etc/httpd/conf.d/no-etags.conf with the following:

Header unset ETag
FileETag None

Then of course restart Apache.

http://httpd.apache.org/docs/2.2/mod/core.html#FileETag

Plesk 10.X fails to start after upgrade !

Service of the sw-cp-server cannot be started after the Parallels Plesk Panel upgrade. The sw-cp-server fails to start with the following error:
/etc/init.d/sw-cp-server start
Starting SWsoft control panels server…Duplicate config variable in conditional 0 global: var.sso_username
2011-04-14 05:48:16: (configfile.c.838) source: /usr/share/sw-cp-server/applications-conf.sh line: 72 pos: 11 parser failed somehow near here: (EOL)
2011-04-14 05:48:16: (configfile.c.838) source: /etc/sw-cp-server/config line: 13 pos: 1 parser failed somehow near here: (EOL)
Things to try
1. Check the number of the sw-sso packages installed on the server:
# rpm -qa |grep sw-sso

2. If this command shows 2 packages, the oldest version of the sw-sso package should be removed from the server.
# rpm -qa |grep sw-sso
sw-sso-2.2-r3488
sw-sso-2.7-11062309

If only one sw-sso package is installed do not remove it.
# rpm -e sw-sso-2.2-r3488

3. After removing the extra package, you should be able to start service on the sw-cp-server and access the control panel.

How to change the default port for Plesk

It is not recommended to change the default Plesk port because it can break Plesk integration with other programs (like Plesk Expand or DrWeb).

Linux

To change the port Plesk listens on you will need to edit /usr/local/psa/admin/conf/httpsd.conf file and change the following directives to list the port you want Plesk to listen on:

Listen 8443
Port 8443
<VirtualHost *:8443>

You will need to restart Plesk afterwards and update the hardware object in the SoftLayer portal with the new port (Hardware > Click on Server name > Password Update / History)
Plesk cannot listen on any of the ports used for common services (21, 22, 23, 25, 53, 80, 110, 443 etc..).

Windows

Most Plesk installs will be using Apache by default. You will want to edit the Apache configuration file C:\Program Files\SWsoft\Plesk\admin\conf\httpd.conf

1.) Change the following line to list the port number you want Plesk to listen on
Listen 8443

2.) Restart Plesk Control Panel
You will need to restart Plesk afterwards and update the hardware object in the SoftLayer portal with the new port (Hardware > Click on Server name > Password Update / History)

Restarting Mail Enable through Plesk (Windows)

In order to restart the Mail server [Mail Enable], please use these steps. 

1) Login To Remote Desktop >> “Plesk Services Monitor” [ Right side in the task bar] >> Check the box “Mail Server” >> Click on Restart.

OR

2) Login To Remote Desktop >> Start >> Run >> type ” services.msc ”

From here, you have restart the Mail Enable [ Mail Server] services such as:
Mail Enable List Connector
Mail Enable Mail Transfer Agent
Mail Enable POP service
Mail Enable PostOffice Connector
Mail Enable SMTP Connector

Right Click on it and press Restart.

Installing qmHandle

qmHandle is a simple program which allows you to view and manage the qmail queue.

Installation:

wget http://jaist.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz
tar xvzf qmhandle-1.2.0.tar.gz
chmod 777 qmHandle
./qmHandle –h

That will show you how to use ./qmHandle

Now, i am writing few tips how to use it.

/root/qmHandle/ -s
Messages in local queue: 0
Messages in remote queue: 484

It means 484 messages in your SMTP queue.

You can list message queues using:

/root/qmHandle -l

After a while this will show you the result, now if you can see all the messages in queue you can find our the spam emails. After finding it you may choose first few character of mail subject, an example is:

2868937 (9, R)
Return-path:
From: MAILER-DAEMON@your.servername.com
To: user@domainname.com
Subject: failure notice
Date: 22 Apr 2006 05:51:32 +0000
Size: 3161 bytes

Now, to delete all mails with subject “failure” you may use command:

/root/qmHandle -Sfailure

This will delete all emails with the Subject failure from SMTP queue. Now if any body is doing SPAM with subject “PayPal verification” you may run this command:

/root/qmHandle -SPayPal

Indeed a good tool 🙂

Creating domain on a freshly added IP address fails in Parallels Panel for Windows

Symptoms
Creating domain with hosting on the IP address that has just been added fails and the following error is returned:

dnsmng::update() failed: dnsmng failed: Unknown error 0x80131501 (COM Error 80131501, Description: Generic failure ) at resetSecondaries ZoneName = '' transfer={ "" } notify={ "" }
at (dnsmng::msdns::MsDnsManager::resetSecondaries line 385)
at createPrimaryZone ZoneName = ''(dnsmng::msdns::MsDnsManager::createPrimaryZone line 373)
at execute "C:\Program Files (x86)\Parallels\Plesk\/admin/bin/dnsmng" update (vconsoleapp::run line 140)

Cause
As soon as an IP address is added to the system, Microsoft Windows performs the IP verification procedure, Windows checks up if the IP is unique. Until check-up is complete, the IP address is marked as ‘tentative’. If trying to create domain with physical hosting during the verification, creating DNS zone for the domain fails, which prevents from creating the domain.
Resolution
To avoid this issue, delay creating a domain for about 30 seconds after you add new IP address.

Plesk : ProFTPD Remote Code Execution Vulnerability and Exploit

A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences.

ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521

Parallels Plesk Panel 9.x, 9.5x and 10 include this vulnerability. Parallels will issue Micro Updates (hotfixes) for 9.5.2 and 9.5.3 no later than 12:00 GMT (noon) on Thursday November 11, (7:00am EST in the US) to fix this. The patch for Parallels Plesk Panel 10.01 will be released at 17:00 GMT on Thursday November 11, (12:00pm EST in the US). Patches for Plesk 9.0, 9.22, and 9.3 will be posted by 12 noon GMT on Friday November 12, (7am EST in the US). Parallels updates on this will be coming soon.

MORE INFORMATION:

Updating to ProFTPD version 1.3.3c or disabling FTP services is the only current solution to this vulnerability.
ProFTPD is capable of processing TELNET IAC sequences on port 21; the sequences enable or disable certain options not supported by the Telnet or FTP protocol itself. The buffer overflow allows attackers to write arbitrary code to the application’s stack and launch it. Updating to version 1.3.3c of ProFTPD solves the problem.
The update also fixes a directory traversal vulnerability which can only be exploited if the “mod_site_misc” module is loaded. This flaw could allow attackers with write privileges to leave their permitted path and delete directories or create symbolic links outside of the path. The module is not loaded or compiled by default.
A remote root exploit is available:[Full-disclosure]ProFTPD IAC Remote Root Exploit.

A Proftpd update for Plesk has been provided by Atomic Rocket Turtle. To apply the update, execute the commands below.

# wget -O - http://www.atomicorp.com/installers/atomic |sh
# yum upgrade psa-proftpd

Zone file and corresponding record in named.conf are missed for particular domain

Symptoms
Bind DNS server is used.
There is no entry in named.conf for some domain, there also no zone file for it in %plesk_bin%dns\var folder. If records are created manually they will be removed the next time Plesk updates named.conf.
Cause
There is wrong status in dns_zone table for this domain (it is configured to 2). If DNS for some domain is managed in Plesk Control Panel, the status for this domain in dns_zone table is temporary setting to value 2 (to lock it for any changes) and sets it to 0 value when the transaction is over. If for some reason the transaction is interrupted during DNS
managing (Plesk restarts for example) the status field value is not changed to 0 and stays as 2. Domains with that status value are not recorded in named.conf file during any DNS management.
Resolution
Notes: You are recommended to backup Plesk database before applying described solution.
To run SQL queries you can use dbclient.exe tool.

Check dns_zone records for problem domain (domain.com for example):

Example for MysQL (Jet)

select * from dns_zone where name like 'domain.com';

If there is only one selected record, please change status field from 2 to 0.

Notice, that in case that there are several records, Plesk uses the first of them in numeral order. So it is necessary to check that this id does not belong to another domain and delete it in case it is orphaned:

delete from dns_zone where id=[wrong_record_id]

Otherwise set correct values to all fields.

Please apply following query to DNS zone record which belongs to problem domain:

update dns_zone set status=0 where id=[where id is numerical value
obtained from query 1]

When it’s done update DNS records using dnsmng.exe utility:

cd %plesk_bin%
dnsmng.exe update *

Domain cannot be open in Parallels Plesk Panel: SysUser: unable to select: no such row in the table

The following error is shown when try to open domain in Parallels Plesk Panel 8.x through Domains -> domain.tld:

Unable to create SysUser object: SysUser: unable to select: no such row in the table

0: /usr/local/psa/admin/plib/class.DomainControlForm.php:168
DomainControlForm->assign(object of type BsDomain)
1: /usr/local/psa/admin/htdocs/domains/dom_ctrl.php3:149

In Parallels Plesk Panel 9.x through Domains -> domain.tld:

Unable to create PHostingManager object:An error occured during SysUser class creation: SysUser: unable to select: no such row in the table

0: common_func.php3:108
psaerror(string ‘Unable to create PHostingManager object:An error occured during SysUser class creation: SysUser: unable to select: no such row in the table’)
1: client.domain.hosting.anonymous-ftp.php:19
plesk__client__domain__hosting__anonymous_ftp->validateHosting(object of type BsDomain)
2: client.domain.hosting.anonymous-ftp.php:47
plesk__client__domain__hosting__anonymous_ftp->validateItem(object of type UserAdmin)
3: UIPointer.php:1123
UIPointer->validate()

Cause
Physical hosting is configured on the domain, however appropriate system user is missing:

mysql> select * from (select A.id, A.name as domain, A.htype as 'hosting type', sys_users.login as 'system user' from (select id, concat('/var/www/vhosts/', name) as home, htype, name from domains) A left join sys_users on (A.home=sys_users.home)) B where `hosting type` = 'vrt_hst' and `system user` is NULL;
+-----+------------+--------------+-------------+
| id | domain | hosting type | system user |
+-----+------------+--------------+-------------+
| 15 | domain.tld | vrt_hst | NULL |
+-----+------------+--------------+-------------+
1 row in set (0.00 sec)

mysql>

Where domain.tld is your domain that experiences the problem. /var/www/vhosts is PRODUCT_ROOT_D, it may be /var/www/vhosts, /usr/local/www/vhosts or /srv/www/vhosts on your server.
Resolution
The following instructions are recommended for problem resolving.

1. Backup old database of Parallels Plesk Panel before any reconfiguration.

~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` psa > psa.dump.`date +%F.%s`.sql

2. Further instructions depends on either domain system user exist.
2.1 System user exists:

~# grep domain.tld /etc/passwd
domain_ftp_user:x:10001:2524::/var/www/vhosts/domain.tld:/bin/false
~#

Where /var/www/vhosts is PRODUCT_ROOT_D. domain_ftp_user is old domain’s system user.

3.1 To resolve the problem it is recommended to insert the missing record into database of Parallels Plesk Panel manually.

3.1.1 Get ID of domain’s system user:

mysql> select sys_user_id from hosting where dom_id=15;
+-------------+
| sys_user_id |
+-------------+
| 4 |
+-------------+
1 row in set (0.00 sec)

mysql>

Where 15 is domain’s ID, for details see query in part CAUSE.

3.1.2 Insert account record:

mysql> insert into accounts(type,password) values ('plain','');
Query OK, 1 row affected (0.09 sec)

mysql>

Where is new password for new system user for the domain. This is password for domain’s FTP user also.

3.1.3 Find ID of created record:

mysql> select * from accounts order by id desc limit 1;
+-----+-------+------------------+
| id | type | password |
+-----+-------+------------------+
| 186 | plain | |
+-----+-------+------------------+
1 row in set (0.00 sec)

mysql>

3.1.4 Insert record into table sys_users:
mysql> insert into sys_users values (4,'sb4',186,'/var/www/vhosts/domain.tld','/bin/false',0);
Query OK, 1 row affected (0.08 sec)

mysql>

Where is login of new system user for domain domain.tld, it is also domain’s FTP user. And 4 is domain’s sys_user_id, 186 is ID of new password.

2.2 System user does not exist.

~# grep domain.tld /etc/passwd
~#

3.2 It is recommended to re-enable physical hosting for the domain anew. However note that whole virtual hosting directory is overwritten and domain content is lost.

3.2.1 Disable hosting for domain:

mysql> update domains set htype='none' where name='domain.tld';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0

mysql> delete from hosting where dom_id=15;
Query OK, 1 row affected (0.00 sec)

mysql>

Where 15 is domain’s ID, for details see query in part CAUSE.

3.3.3 Login to Parallels Plesk Panel and configure physical hosting for the domain anew through Domains -> domain.tld -> Setup. Choose Physical hosting, insert new user login and password. Click OK to finish configuration.
Additional information
Use the following command to connect to database of Parallels Plesk Panel:

~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

How do I repair/rebuild all mail configuration files and restore settings for all mailboxes?

Resolution
This can be done with Plesk mchk utility:

# /usr/local/psa/admin/sbin/mchk --help
Synopsis:
mchk [OPTION]
--without-spam - restore all settings except for SpamAssassin configuration
--with-spam - restore all settings
--spam-only - restore only SpamAssassin settings

This utility rebuilds in line with Plesk database Qmail control files in the /var/qmail/control, /var/qmail/users directories and mail users’ settings. Also, it sets proper ownership/permissions for all mailboxes (/var/qmail/mailnames/*).

Example:
# /usr/local/psa/admin/sbin/mchk --with-spam