Posts Tagged ‘Plesk’

« Older Entries

Don’t Upgrade OpenSSL If You’re Using Plesk (= Broken Controlpanel)

April 1st, 2010

UPDATED as of April 1st, 2010

*It seems Parallel’s has released a fix for this. Fix was just released / revised as of April 1st, 2010*

http://kb.parallels.com/en/8338

Resolution

It is necessary to update Parallels Panel web-engine:

1. Download the appropriate package using the wget utility. Example for CentOS 5 x86:

#wget -c http://kb.parallels.com/Attachments/12669/Attachments/sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

A list of fixed packages:

CentOS 5 x86
CentOS 5 x86_64
CentOS 4 x86
CentOS 4 x86_64
RHEL 4 x86
RHEL 4 x86_64

2. Install the downloaded package. Example for CentOS 5 x86:

#rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm
The fix is listed above.
</br>

Taken from “http://mattiasgeniar.be/2010/03/29/dont-upgrade-openssl-if-youre-using-plesk-broken-controlpanel/” -

If you’re using Plesk 9.x on a CentOS system, don’t upgrade the openssl package from version 0:0.9.8e-12.el5_4.1 to 0:0.9.8e-12.el5_4.6. It will break your Plesk Controlpanel, causing it to no longer start up. You’ll see a message similar to this.

[root@srv~]# /etc/init.d/psa start
Starting xinetd service…               done
Starting named service…             done
Starting mysqld service…           done
Plesk: Starting Mail Server… already started
Starting mail handlers tmpfs storage
Starting Plesk…                       failed

There won’t be an obvious error message in any log file location (/var/log/*, /usr/local/psa/var/log/*, /usr/local/psa/admin/logs/*), but it will most likely be caused by your recent openssl upgrade. Solution is this.

1) Downgrade method

If this works, it’s the easiest solution. Just make sure that due to dependencies, nothing of Parallels or Plesk is removed along.
[root@srv~]# yum downgrade openssl openssl-devel

2) Using RPM packages

Download the OpenSSL version 0.9.8e-12 5_4.6 for your architecture (these apply to CentOS).

You have to download these first! After completing the next steps, you’ll be without openssl – and downloading through wget or curl won’t  work because of missing libraries. Please take note: the following is at your own risk (and if you lose your SSH connection in the meanwhile, you’re screwed).

Find your current OpenSSL version, it should read version “el5_4.6″.

[root@srv~]# rpm -qa | grep -i openssl
openssl-0.9.8e-12.el5_4.6

Remove the package (if you haven’t downloaded the openssl package yet, do so first !!). (due to the font of this blog, it’s confusing, but the parameter = ‘ – – nodeps’).

[root@srv ~]# rpm -e –nodeps openssl-0.9.8e-12.el5_4.6

And re-install the correct version (replace the RPM with the one for your achitecture).

[root@srv  ~]# rpm -ivh openssl-0.9.8e-12.el5_4.1.x86_64.rpm
warning: openssl-0.9.8e-12.el5_4.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
Preparing…                ########################################### [100%]
1:openssl                ########################################### [100%]

Afterwards, you’ll be able to start Plesk again.

[root@srv~]# /etc/init.d/psa start
Starting xinetd service…               done
Starting named service…             done
Starting mysqld service…           done
Plesk: Starting Mail Server… already started
Starting mail handlers tmpfs storage
Starting Plesk…                       done
Since there’s no update on Plesk yet, this is something to look out for!
Update: An official message from Parallels

For now the only workaround is to downgrade openssl, either with yum or with rpm (if yum is not configured):

# wget -c http://mirrors.kernel.org/centos/5/updates/x86_64/RPMS/{openssl-0.9.8e-12.el5_4.1.x86_64.rpm,mod_ssl-2.2.3-31.el5.centos.2.x86_64.rpm,httpd-2.2.3-31.el5.centos.2.x86_64.rpm}

# rpm -Uvh –oldpackage {openssl-0.9.8e-12.el5_4.1.x86_64.rpm,mod_ssl-2.2.3-31.el5.centos.2.x86_64.rpm,httpd-2.2.3-31.el5.centos.2.x86_64.rpm}

# /etc/init.d/sw-cp-server start

Good luck!

*It seems Parallel’s has released a fix for this. Fix was just released / revised as of April 1st, 2010*

http://kb.parallels.com/en/8338

Resolution

It is necessary to update Parallels Panel web-engine:

1. Download the appropriate package using the wget utility. Example for CentOS 5 x86:

#wget -c http://kb.parallels.com/Attachments/12669/Attachments/sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

A list of fixed packages:

CentOS 5 x86
CentOS 5 x86_64
CentOS 4 x86
CentOS 4 x86_64
RHEL 4 x86
RHEL 4 x86_64

2. Install the downloaded package. Example for CentOS 5 x86:

#rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

1 comment »

Posted in Plesk, Qmail, Windows Vista

Tags:

Creating additional FTP Users In Plesk (Linux)

February 12th, 2010

Plesk for Linux, by default only allows one ftp users (While it does let you add multiple web users, they are locked to the same directory as the main ftp user). However you can get around this limitation by creating additional FTP users by creating them outside of Plesk, using SSH / Shell. The process is fairly simple as well and you can setup any directory structure that you want the new user to connect to, even for adding ftp access behind the root of a web directory if you like.

To do this, we simply need to do the following;

*Prior to doing this, make sure you already have an existing ftp user in place, as you will need their ID#

1. Log into your Linux server (Only applies to a dedicated server, colo server or virtual server – VPS).

2. Once you have logged in, you need to find an ID of an existing FTP user. To do this, simply type the following:

$id user     (user is the name of the existing ftp user)

3. If you have the user, you will be given an output that looks like this;

# uid=10002(user) gid=2524(psacln) groups=2524(psacln)

4. Take the uid number as you will need this to setup the new user.

5. Now, create the new user by using this command. Also with this command, you can set the directory you want them to have access to.;

/usr/sbin/useradd -u 10002 -o -d /var/www/vhosts/example.com/custom_folder -g psacln -s /bin/false newuser    (newuser is the name if the new account)

6. The new user has been created. Now you have to assign a password to it. To do this, type the following *make sure the password is not the same as the main Plesk ftp account*;

$passwd newuser password (Change password to the password you want to assign to the user)

7. It will then ask for you to confirm the password, type the password again. If done correctly, you will get the following message;

passwd: all authentication tokens updated successfully.

That’s it, the ftp user has been created. If you ever want to remove the user, you have to do it via command line as Plesk will not sure the user. To do this, simply type the following;

$/usr/sbin/userdel username

No comments »

Posted in FTP, Linux, Plesk

Tags:

Setting Up Spam Protection Based on DomainKeys in Plesk

December 11th, 2009

*Please note that Plesk only supports the use of Domainkeys as of 8.6 and up*.

To switch on spam protection based on DomainKeys:

  1. Click the Server shortcut in the navigation pane.
  2. Click the Mail icon in the Services group.
  3. Under the DomainKeys spam protection group, select the following options:
    • Allow signing outgoing mail. Selecting this option allows you and your customers to switch on support for DomainKeys e-mail signing on a per-domain basis through the domain administration screens of the control panel (Domains > domain name > Mail > Preferences > Use DomainKeys spam protection system to sign outgoing e-mail messages option). It does not automatically switch on signing of outgoing e-mail messages.
    • Verify incoming mail. Selecting this option will configure the DomainKeys system to check all e-mail messages coming to e-mail users under all domains hosted on the server.
  4. Click OK.

Now your mail server will check all incoming e-mail messages to ensure that they come from the claimed senders. All messages, sent from the domains that use DomainKeys to sign e-mail, which fail verification will be discarded. All messages, sent from the domains that do not participate in the DomainKeys program and do not sign e-mail, will be accepted without verifying.

To switch on signing outgoing e-mail messages for a single domain:

  1. Go to Domains > domain name > Mail > Preferences.
  2. Select the Use DomainKeys spam protection system to sign outgoing e-mail messages check box.
  3. Click OK.

To switch on signing outgoing e-mail messages for a number of domains at once:

  1. Click Domains.
  2. Select the check boxes to the left of the domain names you need. To select all domains in the list, select the upper left check box in the column heading.
  3. Click Group Operations.
  4. Under Preferences, select the Switch on option next to the Use DomainKeys spam protection system to sign outgoing e-mail messages field.
  5. Click OK.

Now, the following will happen for the selected domains:

  • Private keys are generated and placed in the server’s database.
  • Public keys are generated and placed in the TXT resource records created in the domains’ DNS zones.
  • The sender’s policy advertised in the DNS TXT resource records is set to “all e-mail messages sent from this domain must be cryptographically signed; if someone receives an e-mail message claiming to originate from this domain, which is not signed, then this e-mail must be discarded.”
  • Outgoing e-mail messages are digitally signed: the “DomainKeys-Signature” header containing a signature based on a private key is added to the message headers.

No comments »

Posted in Linux, Plesk

Tags:

How to migrate Horde (Plesk) address, calendar and perferences.

June 18th, 2009

Sadly, migrating settings that are saved in Horde is not supported by Plesk 8 as of 8.6, and likely not in Plesk 9. However there is a way to migrate the data, however it will need to be done manually. To do so, you will need to goto the server where the information that you need to migrate is. Once there, you need to login via shell / SSH. Once logged in, we need to backup 3 things;

kronolith_events

kronolith_storage

Horde Mysql database

To do this, we need to backup the tables as such;

~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde --tables kronolith_events > kronolith_events.dump
~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde --tables kronolith_storage > kronolith_storage.dump

Then we need to backup the Horde database;

~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde > horde.old.dump
Now that we have the files, you will need to move them to the new server, either by ftp, wget, scp or however you move your files between your servers.
Now on the new server, make sure you make a backup of these files incase this fails;
~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde > horde.new.dump
~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde --tables kronolith_events > kronolith_events.dump
~# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` horde --tables kronolith_storage > kronolith_storage.dump
Put these files in a different directory to make sure you do not get confused.
Now we can start to restore the old data by doing the following;
~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` horde < kronolith_events.dump
~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` horde < kronolith_storage.dump
Before you restore the Horde database, you will want to remove the existing one first and then recreate it;
~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` -e"drop database horde"
~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` -e"create database horde"
Then restore the original Horde database;
~# mysql -uadmin -p`cat /etc/psa/.psa.shadow` horde < horde.old.dump
Once you do this and restart Horde/Exim, you will have all of your contacts and settings migrated and ready to use on the new server.
*MAKE SURE YOU MAKE BACKUPS BEFORE YOU DO THIS*

No comments »

Posted in Plesk, Windows 2003, horde

Tags:

How to bypass SSL errors when using an iPhone to connect to Plesk email accounts

March 19th, 2009

If you have an iPhone and are encountering an error, such as the one below, there is a way to bypass this.

Error – “the certificate for smtp email_account at 195.545.2.15 may not be valid”

To get around this, simply do the following;

On the iPhone:

  1. Select Settings, Mail
  2. Select Add Account…
  3. Select Other
  4. Enter all of your relevant email account details. Make sure to select IMAP or POP before you “Cancel” and “Save.” You can’t adjust that setting when modifying the account later.
  5. Select the Save button. At this point, you will be presented with an ‘invalid certificate’ warning.
  6. Select the Cancel button; you will be returned to the account details screen
  7. Select the Save button; ignore the warning that ‘you may not be able to send email’
  8. Open the settings for your new mail account and select the Advanced button
  9. Use the sliders to disable SSL for mail receiving/sending. Be sure to check the port numbers to ensure they’re valid for your particular email server
That’s it. After doing this you will be able to access the email using your iPhone.

No comments »

Posted in Iphone

Tags: