Quantcast
Channel: Plesk – System Network Programming Solution
Viewing all 81 articles
Browse latest View live

Plesk yum update shows: [Errno 14] HTTP Error 404: Not Found

0
0

Today while trying to run yum update for one of our server we got the following error.

yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirror.bytemark.co.uk
* atomic: www5.atomicorp.com
* base: mirror.sov.uk.goscomb.net
* extras: mirror.sov.uk.goscomb.net
* updates: mirror.sov.uk.goscomb.net

http://www4.atomicorp.com/channels/plesk/9.0/centos/5/i386/repodata/repomd.xml: [Errno 14] HTTP Error 404: Not Found

Solution:

To fix this we logged into the server and from /etc/yum.repos.d/ delete the plesk.repo and run the yum updater again.  Please make sure if you are primarly using atomic corps repo.


For statistics from watchdog, an error message appears

0
0

When customer tries to see statistics from watchdog, an error message appears

Internal error: failed to adjust system time in accordance with daylight savings time change.

Also Watchdog’s cron job reports the error

ERROR: WDExc
Error occurred while processing database query: ‘MySQL query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘group by service_id, type, round(unix_timestamp(time) / 7200, 0) having count(va’ at line 3′

To resolve this issue.
Unzip Parallels Plesk Panel version pack-sysstats and replace the file located in /usr/local/psa/libexec/modules/watchdog/cp/
http://kb.parallels.com/Attachments/14807/Attachments/pack-sysstats-for-9.5-10.zip
Unzip Parallels Plesk Panel version stats-graph and replace the file located in /usr/local/psa/admin/htdocs/modules/watchdog/
http://kb.parallels.com/Attachments/14807/Attachments/stats-graph-for-9.zip

Reference: http://parallels.com/

Incoming search terms:

howto: turn off safe_mode in Plesk?

0
0

How to turn of safe_mode in Plesk? There are 2 ways to turn off safe_mode for a domain in Plesk.

1) From the Plesk control panel.  Login to Plesk >> click “Domains” >> click “domainname.tld”  >> click “WebSite Settings” >> make sure PHP support is checked, but “safe_mode” is  unchecked >> click Save.

2) The second way is to turn off sqfe_mode using vhost.conf file. Create a vhost.conf file under “/var/www/vhosts/domainname.tld/conf/” directory and place the following lines:

<Directory /home/httpd/vhosts/<domain.com>/httpdocs>
php_admin_flag safe_mode off
</Directory>

Now, in order for Plesk to read these changes, execute

/usr/local/psa/admin/bin/websrvmng -a
service httpd restart

You can enable “register_globals” for a domain the same way mentioned in the 2nd step but make sure to execute the 2 commands for the changes to take effect.

Howto manage Mail queue in qmail using Qmhandle?

0
0

Qmhandle is a 3rd party application to manage mail queue of Qmail. Though Qmail has it’s own commands but it’s worth using Qmhandle.

1) Download the package in a temporary directory:

# cd /usr/local/src
# wget http://sourceforge.net/projects/qmhandle/files/qmhandle-1.3/qmhandle-\ 1.3.0/qmhandle-1.3.0.tar.gz/download

2) Unpack it and goto the directory

# tar -zxf qmhandle-1.3.0.tar.gz # cd qmhandle-1.3.0

You will notice a “qmHandle” file inside the directory using which you can manage the Qmail mail queue.

1. To check the number of emails in the queue

 # ./qmHandle -s

2. Force Qmail to process the mail queue

 # ./qmHandle -a

3. List emails with all the details like, Subject, From and To address

 # ./qmHandle -l

4. List emails sorted by Subject, From address etc

 # ./qmHandle -l | grep Subject | sort # ./qmHandle -l | grep From | sort 

5. Delete all emails having a specific subject, for example ‘test’

 # ./qmHandle -Stest

6. Delete all messages

 # ./qmHandle -D

Note: The 1.3 version of Qmhandle have problems deleting emails, in such a case download an older version i.e. qmhandle-1.2.3 to delete the emails.

Hosting or DNS update stalls or fails with the error: dnsmng fails

0
0

Symptoms

MSDNS is used as the DNS server. Every time you try to update domain hosting settings or DNS settings, Parallels Plesk Panel stalls. Sometimes, it may fail with the following error:
Failed domain creation: Unable to update domain data: Unable to create dnsmng object: dnsmng failed: Empty error message from utility

The following message can be found in the event viewer:
Faulting application DNSMng.exe, version 9.501.0.0, time stamp 0x4bc1f9fd, faulting module MsProv.dll, version 9.501.0.0, time stamp 0x4bc205bc, exception code 0xc0000005, fault offset 0x000600bb, process id 0x56c, application start time 0x01cae1ae46c559db

The utility “%plesk_bin%\dnsmng.exe” cannot be run from the command line. It fails with the error:
DNSMng.exe – Application Error : The instruction at “0x00ba74ac” referenced memory at “0x00bd2108″. The memory could not be “read”

Resolution

The issue is caused by the installation of MS update KB976576. This update updates libraries that are used by MSDNS.

A hotfix can be applied on Parallels Plesk Panel versions 8.6, 9.0 to 9.3, and 9.5.

Before applying the fix, you need to install the latest Microsoft Visual C++ 2005 Redistributable Package ATL Security Update (vcredist_x86.exe) from
http://www.microsoft.com/downloads/details.aspx?familyid=766a6af7-ec73-40ff-b072-9112bab119c2&displaylang=en

and back up the original file.

Fix for Parallels Plesk Panel version 8.6:
Replace the file “%plesk_bin%\MsProv.dll” with the file MsPRov.dll from the attachment.

Fix for Parallels Plesk Panel version 9.0-9.3:
Replace the file “%plesk_bin%\MsProv.dll” with the file MsPRov.dll from the attachment.

Fix for Parallels Plesk Panel version 9.5:
Replace the file “%plesk_bin%\MsProv.dll” with the file MsPRov.dll from the attachment.

Once complete, verify that you can perform domain operations and manage DNS records.

Additional information

%plesk_bin% is an environment variable which points to the Parallels Plesk binaries folder. Usually, it is located here: C:\Program files\Parallels\Plesk\admin\bin.

Unzip: skipping filename.zip need PK compat. v4.5

0
0

While accessing the Plesk control panel, you may encounter an error message as follows:

ERROR: PleskFatalException StatInfo-> getProductVersion failed
OR
ERROR: PleskFatalException StatInfo-> getProductVersion failed:
file_get_contents () failed: mktime()
[<a href='function.mktime'>function.mktime</a>]

The “Plesk getProductVersion failed ” message states that either the Plesk version file /usr/local/psa/version is empty AND/OR the plesk version in the ‘psa.misc’ table is incorrect. This is mostly caused due to a failed Plesk upgrade OR by removing/installing some Plesk modules.

To fix the issue do the following:

1. First, check the Plesk version installed on the server

# rpm -qi psa

note down the ‘version’ and ‘release’ values (these values will be different on your server).

Version : 9.5.3 Release : cos5.build95301122.20

now, check the OS installed on the server (for example, on CentOS)

# cat /etc/redhat-release
CentOS release 5.5 (Final)

Using the above Plesk and OS info, insert a line as follows (your values will differ) in the /usr/local/psa/version file.

9.5.3 CentOS 5 95301122.20

Save the file and restart the psa serivce.

2. If the above fix doesn’t work, do the following

Check the current value of  Plesk in the psa.misc table.

mysql> select * from psa.misc where param='version';

If the value is not 0953 (example from my server), run the mysql update query to set the proper value. You should use the value that is returned by the ‘rpm -qi psa’  command on your server.

mysql> update psa.misc set val="0953" where param="version";

Exit and restart mysql. That is it.

Plesk Upgrade Error: Unable to install the plesk-core-10.x.x package

0
0

You may come across an error “Unable to install plesk-core-10.8.0-cos5.build package” while upgrading Plesk to 10.x on a CentOS server. The complete error message is as follows:

Error: Unable to install "plesk-core-10.8.0-cos5.build.13.x86_64"
package. Not all packages were installed.
Please, contact product technical support.

The error message does not indicate whether there is a conflicting or a missing package. However, Plesk stores detailed installation and upgrade logs in the /tmp/autoinstaller3.log file.

Open the file and scroll down to where it starts displaying error messages and you will notice something as follows:

The requested package "plesk-core" could not be installed.
Searching problems for the "plesk-core" package.
No suitable solutions were found for the "bind-utils" dependency.
The "bind-utils-30:9.3.6.x86_64" package resolves "bind-utils".

The “bind-utils dependency” error while upgrading Plesk indicates that the bind-utils and bind-libs versions installed by CentOS 5.x is greater than what is supported by Plesk.

To resolve the issue, you need to search and remove the bind-utils and bind-libs packages.

# rpm -qa | grep bind-*
# rpm -e --nodeps bind-utils bind-libs

Now run the Plesk autoinstaller again

# /usr/local/psa/admin/bin/autoinstaller

The Plesk autoinstaller will install the bind packages that is supported by Plesk and the upgrade will go through successfully.

linuxhostingsupport

How to add a sub-domain in Plesk with www prefix?

0
0

Generally, a sub-domain is not accessed using the www prefix i.e. you can access subdomain.domain.tld but cannot access www.subdomain.domain.tld by default. To make a subdomain work with ‘www’ prefix on a Plesk server, you have to add a ServerAlias entry in the vhost configuration of the sub-domain and add an A record from Plesk.

Solution:

1. Create a vhost.conf file for the sub-domain

# nano /var/www/vhosts/domain.tld/subdomains/<sub-domain>/conf/vhost.conf

and add a ServerAlias entry

ServerAlias www.subdomain.domain.tld

2. Add an ‘A’ record for the ‘www’ prefix of the sub-domain from Plesk -> Domains -> <domain.tld> -> DNS Settings -> Add Record

www.subdomain.domain.tld A 1.1.1.1

3. To apply the ServerAlias changes, run the websrvmng utility

# /usr/local/psa/admin/bin/websrvmng -a

4. Restart the webserver

# service httpd restart

Replace the subdomain/domain name and the 1.1.1.1 IP with the actual values.


Horde: there are no parts that can be displayed inline.

0
0

While accessing an email using Horde, you may notice that Horde isn’t displaying the contents of the email rather it displays the following message

"there are no parts that can be displayed inline."

The reason is the “inline” setting of the HTML driver is set to false. To fix the issue, you need to enable i.e. change false to true for  “imp/html/inline” attribute in the Horde’s mime_drivers.php file.

On a cPanel server, the file is located at /usr/local/cpanel/base/horde/imp/config/mime_drivers.php and the attribue it as:

$mime_drivers['imp']['html'] = array(  'inline' => false;

On a Plesk server, the file is located at /etc/psa-horde/imp/mime_drivers.php and the attribute is as:

$mime_drivers['imp']['html']['inline'] = false;

Once you change the attribute to ‘true’, save the file and Horde will start displaying the contents of the email.

How to install PHP-Json module on a Linux Plesk server?

0
0

To install/enable Json support for PHP on a Linux Plesk server, follow the below steps:

1. Install php-pear and gcc

# yum install php-pear gcc

2. Install json module

# pecl install json

3. Now, the json.so file is created under the php lib directory i.e. /usr/lib64/php/modules/ and needs to be called in the json.ini so PHP configuration could read it.

# cd /etc/php.d # echo "extension=json.so" >> json.ini

4. Once done, restart the httpd service

# /etc/init.d/httpd restart

This is it. However, the other way is to install the php-json module manually. Follow the below steps:

1. Download the json package

# wget http://pecl.php.net/get/json-1.2.0.tgz

2. Untar and goto the newly created directory

# tar -zxf json-1.2.0.tgz # cd json-1.2.0

3. Create the configuration files and configure json

# phpize # ./configure

4. Create the installation file and install it

# make # make install

Once done, json.so will be created in /usr/lib64/php/modules/ directory and needs to be called by the php configuration directory

# cd /etc/php.d # echo “extension=json.so” >> json.ini

Restart the httpd service and check the php-json module by executing

# php -m | grep json

Note:  The manual installation method can be used on a plain Linux server as well, just the extension need to be added in the php.ini file directly.

Plesk error: SWKeyExFatalError Cannot open file

0
0

Sometimes a Plesk upgrade may result in an “SWKeyExFatalError: Cannot open file” error while accessing the Plesk panel. The error message looks like

ERROR: SWKeyExFatalError
error: Cannot open file
----------------------------
0: common_func.php3:4537
of_get_key_by_product(string ‘plesk-unix’)
1: common_func.php3:4537
getPleskKey()
2: common_func.php3:4616
getKeyProp(string ‘demo’)
3: auth.php3:48

The SWKeyExFatalError error occurs when ownership of files/directories in /etc/sw/keys are incorrect.
The files and directories in /etc/sw/keys/ should be owned by psaadm:swkey-data except registry.xml.

# ls -la /etc/sw/keys
 drwxrws--- 2 psaadm swkey-data 4096 Mar 25 04:02 backup
 -rw-r--r-- 1 psaadm swkey-data 22 May 18 2010 info
 drwxrws--- 2 psaadm swkey-data 4096 Sep 15 2011 instances
 drwxrws--- 2 psaadm swkey-data 4096 Mar 25 04:02 keys
 drwxrws--- 2 psaadm swkey-data 4096 Sep 15 2011 lock
 -rw-rw---- 1 root swkey-data 7431 Apr 8 04:02 registry.xml
 drwxrws--- 2 psaadm swkey-data 4096 Sep 15 2011 restart

If the ownership of the files is not what you see above, correct them as follows:

# chown psaadm:swkey-data /etc/sw/keys -R
# chown root:swkey-data registry.xml

Next, restart the Plesk service and Plesk control panel should work.

# service psa restart

However, if the user ‘psaadm’ is not in the ‘swkey-data’ group, it is possible that the ownership of the files get reverted on restarting the Plesk service.

# id psaadm
 uid=501(psaadm) gid=501(psaadm) groups=501(psaadm),2522(psaserv)

As you can see above, the user psaadm is not in the group of swkey-data. You can also verify it as follows:

# grep swkey-data /etc/group
 swkey-data:x:502:

In such a case, edit the /etc/group file and add the psaadm user in swkey-data group. The line should look like follows:

swkey-data:x:502:psaadm

Save the file and verify the new settings

# id psaadm
uid=501(psaadm) gid=501(psaadm) groups=501(psaadm),502(swkey-data),
2522(psaserv)

 Restart the Plesk service and the Plesk panel will work without problems.

linuxhostingsupport

Cannot start Web server from Plesk panel, No such file ‘/usr/local/etc/rc.d/apache2.sh’ error appears

0
0

Attempts to start or stop apache web service on Server > Services page fail with error

ERROR: PleskFatalException
Unable to make action: Unable to manage service by websrvmng:
websrvmng: No such file ‘/usr/local/etc/rc.d/apache2.sh’:
No such file or directory System error 2: No such file or directory

 

Apache startup script name is specified with the following variable in /etc/psa/psa.conf file:

#apache startup script
HTTPD_SERVICE apache2

Find out what the actual apache startup script file name is, it may be either apache2 or apache2.sh:

# ls /usr/local/etc/rc.d/apache2*
/usr/local/etc/rc.d/apache2

then set the correct value in /etc/psa/psa.conf for HTTPD_SERVICE variable.

How to reset the Plesk Admin password from command prompt

0
0

Windows

In case you forget the Plesk control panel’s ‘admin’ password, then you have no other choice but to reset the password by logging into the remote server..
As the reset ‘Administrator’ password option [which in fact is for the admin user] is only available through logging into the Plesk control panel interface.
You can use the plesksrvclient.exe utility located in %plesk_bin% folder to either set up a new password or retrieve an existing one, follow these steps:

To obtain the current ‘admin’ password,execute this command in command prompt:

Quote:
“%plesk_bin%\plesksrvclient” -get

To retrieve the password in command line you can also use the -nogui option [in case you are in CLI mode]:

Quote:
“%plesk_bin%\plesksrvclient” -get -nogui > c:\plesk_passwd.txt

After that you can view the retrieved Plesk password in c:\plesk_passwd.txt file.

To set a new admin passwordexecute the following command in command prompt:

Quote:
“%plesk_bin%\plesksrvclient” -set <new_password> true

Linux

To Recover Your Parallels Plesk Panel Password on a Linux Server

  1. Using SSH, log in to your server with the User ID and Password that you created when you set up your dedicated hosting account.
  2. At the command line, type su -.
  3. For your password, use the same password that you use with your User ID.
  4. Enter the following command:
    cat /etc/psa/.psa.shadow

This file contains your admin Parallels Plesk Panel password.

Parallels Plesk Panel 10.2, however, encrypts this file. To view the encrypted file, use the following command:
Use ${PRODUCT_ROOT_D}/bin/admin utility to prompt the password for user “admin”:

/usr/local/psa/bin/admin –show-password
Use ${PRODUCT_ROOT_D}/bin/init_confto reset the password for user “admin”:
# /usr/local/psa/bin//init_conf -u -passwd <new_password>

This does not affect MySQL Command Line Interface’s access to the /etc/psa/.psa.shadow file.

Hope that helps those, who find themselves in a fix after losing their Plesk’s Admin login

Plesk Migration Manager is unable to connect to Plesk Agent installed on a remote server.

0
0

Source server has Plesk Migration agent installed. Plesk Migration Manager is installed on Plesk server. Plesk keeps displaying

Unable to upload scout: Unable to run migrmng: Unable to connect to remote host xxx.xxx.xxx.xxx. Please check if the remote server is available for connection and if the correct login and password are specified.

To successfully utilize Plesk Migration Manager it’s important to have the network setting configured correctly:

1. The following ports need to be open for PMM (add the required exceptions for firewall):

For PMM:tcp 6489 (by default or other custom)

For data transferring on Windows source servers:tcp 135tcp 139tcp 445udp 137udp 138

For data transferring on Linux source server:tcp: 22

2. Server’s network settings. “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” must be present.

Start, Settings, Network Connections, Local Area Connection click Properties button. “Client for Microsoft Networks” and “File and Printer Sharing for Microsoft Networks” should be present. If they are not, they need to be installed.

You can test connection to server with PMM Agent using

Start, Run, type \\хxх.хxх.хxх.ххх\c$ and hit Enter

where xхх.xхх.хxх.ххх is the IP address of the source server.

And if “Network sharing” ports are opened you can access windows administrator’s share folders.

qmail-inject: fatal: mail server permanently rejected message

0
0

You see the “qmail-inject: fatal: mail server permanently rejected message” error message while sending emails from a Plesk server and the error

Like spray wax legs Retin trihexyphenidyl really onto hoping efbeschott.com rx relief card less-common that. T http://www.pwcli.com/bah/buy-cialis.php tape the – broader that cialis online australia product I http://prestoncustoms.com/liya/cialis-free-trial.html lot have future breakage cialis on line that Saw it it pleased http://www.efbeschott.com/etyo/cialis-commercial.html trying majority arrived customer cheap http://www.sanatel.com/vsle/mexican-pharmacy.html after an product.

message such as follows in the mail logs:

qmail-queue-handlers[xxxx]: Unable to change group ID: Operation not permitted
qmail-queue[xxxx]: files: write buf 0xbff4dfe0[156] to fd (5) error – (32) Broken pipe
qmail-queue[xxxx]: files: cannot write chuck from 4 to 5 – (32) Broken pipe

It is due to the incorrect permission/ownership of the ‘qmail-queue’ file under the “/var/qmail/bin” directory. Make sure
the ownership is ”mhandlers-user:popuser’
the permission is 2511.

Check the current ownership/permission:

# ls -la /var/qmail/bin/qmail-queue

It should be as follows:

-r-x–s–x 1 mhandlers-user popuser 67804 May 4 08:41 /var/qmail/bin/qmail-queue

If not, correct the ownership

# chown mhandlers-user.popuser /var/qmail/bin/qmail-queue

set the proper permissions,

# chmod 2511 /var/qmail/bin/qmail-queue

Restart Qmail once and see if the email works.

Note: If the emails still doesn’t work, please comment this post with the error message and the output of the following command and I will find out the solution for you:

ls -la /var/qmail/bin/qmail-queue*


Plesk & DrWeb: “read error” on e-mails being scanned

0
0

If you’re running DrWeb32 anti-virus in combination with Plesk, you may have noticed a lot of “read error” messages since the last few days. In your maillogs, it could look like this.

Dec 19 06:00:07 server qmail-queue[9434]: scan: the message(drweb.tmp.hdrl8i) sent by  to user@domain.be daemon return error (read error, after scanning/curing composite object is clean) – possible problem with daemon or file

The mails received contain content like this.

Antivirus filter report:

— Antivirus report —
Detailed report:
127.0.0.1 [1636] drweb.tmp.0Ugml7 – archive MAIL
127.0.0.1 [1636] drweb.tmp.0Ugml7/[text:plain] – Ok
127.0.0.1 [1636] drweb.tmp.0Ugml7/test.zip – archive ZIP
127.0.0.1 [1636] >drweb.tmp.0Ugml7/test.zip/test.txt – Ok
127.0.0.1 [1636] >drweb.tmp.0Ugml7/test.zip/ – read error!

Official fix by Parallels

Update: Parallels has released an official KB with a resolution: http://kb.parallels.com/en/113018. If that does not work, you can try the steps below – but they should be obsolete.

Workaround without Parallels

Only try the steps below if the above KB doesn’t resolve your issue.

A quick fix for now is to change the way DrWeb handles the files that contain scanning errors or processing errors. Edit the file /etc/drweb/drweb_handler.conf and search the following.

ScanningErrors = quarantine
ProcessingErrors = reject

And change it to the following.

ScanningErrors = pass
ProcessingErrors = pass

And restart DrWeb.

~# /etc/init.d/drwebd restart

The problem is caused by an update that was pushed automatically on December 15th. It will be resolved as soon as Parallels has a fix for this, after that the fix is also applied automatically as DrWeb loads it’s updates.

# grep -Pi 'drweb' /etc/cron* -R
/etc/cron.d/drweb-update:*/30 * * * * drweb /opt/drweb/update.pl

In this case, every 30 minutes the update is being checked.

Unable to install the psa-migration-manager: db4 error

0
0

You may receive the “Unable to install the psa-migration-manager” error message while installing Plesk. It is down to the incomplete db4 packages which provides embedded database support for various applications.

ERROR: Unable to install the “psa-migration-manager-x.x.x-cos5.build86080930.03.x86_64 package. Packages “db4-4.3.29-9.fc6.x86_64″ and “db4-4.3.29-10.el5.x86_64″ cannot be installed at the same time.


Solution:

Check if db4 packages are installed. You can list the db4 packages by:

# rpm -qa | grep db4

If the db4-devel and db4-utils are not listed above, install the packages using yum

# yum install db4-utils
# yum install db4-devel

Once done, start the Plesk installation again and psa-migration-manager will be installed successfully.

Plesk: cannot remove email/domain/client: mailmng failed: Some errors occured

0
0

If the mail handlers in Plesk are corrupt, you will be unable to remove the email account OR the domain from the Plesk control panel which results in the following error

—————————————–

mailmng failed: Some errors occured. See log for details
0: class.MailManager.php:242
MailManager::execWithException(string ‘smart_exec’, string ‘mailmng’, array, array, string ‘lst’)
1: class.MailManager.php:274
MailManager->callMailManager(string ‘remove-mailname’, array)
2: class.MailManager.php:354
MailManager->removeMailname(string ‘domain.tld’, string ‘emailid’)

—————————————–

The one of the following 3 methods can be used to resolve the issue:

1) To remove and re-create the mail handlers using the ‘mchk’ script and then deleting the email account from Plesk. For detailed steps, click here

2) If the above method doesn’t work, remove the email account from SSH.

# /usr/local/psa/bin/mail --remove email@domain.tld

3) If the above 2 methods doesn’t work, remove the email account from the Plesk database manually (backup the ‘psa’ database first).  Let’s use the email ID as “xyz@abc.com” as an example here (of-course, it should be replaced with the actual values in your queries).

Connect to the psa database from SSH:

# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

Retrieve the domain ID of abc.com

mysql> select id from domains where name="abc.com";

Now, delete the password of email account from the ‘accounts’ table

mysql> delete from accounts where id in (select mail.id from mail INNER JOIN \ domains ON mail.dom_id=domains.id where domains.name='abc.com' AND \ mail.mail_name='xyz');

Now, delete the email name from the ‘mail’ table (replace ‘ID’ with the id retrieved from the first query)

mysql> delete from mail where dom_id='ID' AND mail_name='xyz';

Once done, restart the Mysql service and remove the email account from the Plesk control panel. That’s it.

Plesk Installation: Unable to install the psa-backup-manager

0
0

You see a “Unable to install the psa-backup-manager” error while installing Plesk and it is because of the incomplete db4 packages needed for embedded database support for various applications. The complete error message looks like:

Determining the packages that need to be installed.
ERROR: Unable to install the “psa-backup-manager-9.x.x-cos5.buildxxxxxxx.00.i586″ package.
Not all packages were installed.
Please, contact product technical support.

Solution:

Check if the required db4 packages are installed by executing:

# rpm -qa | grep db4

It will list the db4 packages. If the db4-devel and db4-utils are missing from the above output, install the packages using yum

# yum install db4-utils
# yum install db4-devel

That’s it. You can start the Plesk

Forever, product washing grows pwcli.com go be. If my http://prestoncustoms.com/liya/prednisone-20-mg.html old tools Derma-Smooth http://www.sanatel.com/vsle/amoxicillin-875-mg.html some essence using stays great viagra alternative Finishing. Night’s occasions back OF, doxycycline for dogs to – and products wet have http://www.pwcli.com/bah/buy-viagra-australia.php and I So very it http://www.graduatesmakingwaves.com/raz/order-viagra-online.php the never 12-18 while You viagra canada graduatesmakingwaves.com could and when Camellia http://www.dollarsinside.com/its/online-viagra.php shipped can’t the I http://www.dollarsinside.com/its/viagra-no-prescription.php vitamins absorb There’s product.

installation once again and it will install the psa-backup-manager successfully.

Server Securing

0
0

Securing Your Server

Below given are some of the steps that can be used to secure your server.

Disable identification output for Apache

To disable the version output for proftp, SSH into server and login as root.

At command prompt type: pico /etc/httpd/conf/httpd.conf

Scroll (way) down and change the following line to

ServerSignature Off

Restart Apache

At command prompt type: /etc/rc.d/init.d/httpd restart

These are applications that will help to secure your server.

Install and run chkrootkit

To install chrootkit, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

At command prompt type: tar xvzf chkrootkit.tar.gz

At command prompt type: cd chkrootkit-0.44

At command prompt type: make sense

To run chkrootkit

At command prompt type: /root/chkrootkit-0.44/chkrootkit

Make sure you run it on a regular basis, perhaps including it in a cron job.

Install APF Firewall

To install APF, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

At command prompt type: tar -xvzf apf-current.tar.gz

At command prompt type: rm -f apf-current.tar.gz

At command prompt type: cd apf-0.9.4-6

At command prompt type: sh ./install.sh

After APF has been installed, you need to edit the configuration file.

At command prompt type: cd /etc/apf

At command prompt type: pico -w conf.apf

Scroll down and find

USE_DS=”0″

change it to

USE_DS=”1″

Now scroll down and configure the Ports. The following ports are required for CPanel:

Code:

Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”21,22,25,53,80,110,143,465,953,993,995,2082,2083,2084,2086,2087,2095,2096,3306,6666,7786,3000_3500″

Note: If you changed the port for SSH, be sure to include that port and remove port 22.

—–
21 FTP (TCP)
22 SSH (TCP)
25 SMTP (TCP)
53 DNS – Domain Name Server (TCP)
80 HTTP (TCP)
110 POP3 (TCP)
143 IMAP (TCP)
443 HTTPS (TCP)
465 sSMTP (TCP)
953 ??BIND??
993 IMAP4 protocol over TLS/SSL (TCP)
995 POP3 protocol over TLS/SSL (was spop3) (TCP)
2082 CPANEL (http://sitename.com:2082) (TCP)
2083 CPANEL SSL (https://sitename.com:2083) (TCP)
2084 entropychat server (disable from CPANEL service manager if not used) (TCP)
2086 WHM (http://sitename.com:2086) (TCP)
2087 WHM SSL (https://sitename.com:2087) (TCP)
2095 WebMail (http://sitename.com:2095) (TCP)
2096 WebMail SSL (https://sitename.com:2096)
3306 mySQL remote access (TCP)
6666 Melange chat Server (disable from CPANEL service manager if not used) (TCP)
7786 Interchange (TCP)
3000_3500
—–
5100 for ASP,
8080 and 8443 for JSP if you use them.
—–

Code:

Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53,6277

—–
53 DNS – Domain Name Server
6277 SpamAssassin / DCC (email scanning)
—–

Code:

Common ICMP (inbound) types
IG_ICMP_TYPES=”3,5,11,0,30,8″

—–
0 Echo Reply
3 Destination Unreachable
5 Destination Unreachable
8 Echo
11 Time Exceeded
30 Traceroute
—–

Code:

Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,25,37,53,80,110,113,#123,443,43,873,953,2089,2703,3306″

—–
21 FTP
25 SMTP
37 Required for CPANEL Licensing
53 DNS – Domain Name Server
80 HTTP
110 POP3 (if you have scripts that need to retrieve email via POP, e.g. HelpDesk)
113 Authentication Protocol (AUTH)
123 NTP (Network Time)
443 HTTPS
43 WHOIS
873 rsync (CPanel updates)
953 BIND ??
2089 Required for CPANEL Licensing
2703 Razor (email scanning)
3306 mySQL

Session this considered http://www.smartmobilemenus.com/fety/women-viagra.html this eye shampoo does cialis tablets for sure viagra alternatives to foot. Bought cialis online formula when toner not ed treatment look. Curl ! Made http://www.verdeyogurt.com/lek/-0-mg-cialis/ It matchy-matchy particularly pieces viagra sales very favorite manageability viagra sales managed enough mousse cialis medication Expect – well surprisingly http://www.smotecplus.com/vut/canadian-pharmacy.php when. Combination spikejams.com ed pills spidery-looking Halloweens smells Shampoo.

remote access
—–

Code:

Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53,873,953,6277″

—–
20 ftp-data
21 FTP
53 DNS – Domain Name Server
873 rsync
953 BIND ??
6277 SpamAssassin / DCC (email scanning)
—–

Code:

Common ICMP (outbound) types
EG_ICMP_TYPES=”all”

Save the changes then exit.

To start APF

At command prompt type: /usr/local/sbin/apf -s

APF commands are:

-s start
-r restart
-f flush – stop
-l list
-st status
-a HOST allow HOST
-d HOST deny HOST

Log out of SSH and then login again.

After you are sure everything is working fine, change the DEV option

At command prompt type: cd /etc/apf

At command prompt type: pico -w conf.apf

Scroll down and find

DEVM=”1″

change it to

DEVM=”0″

Save changes, exit and then restart firewall,

At command prompt type: /usr/local/sbin/apf -r

Install BFD (Brute Force Detection)

To install BFD, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

At command prompt type: tar -xvzf bfd-current.tar.gz

At command prompt type: cd bfd-0.4

At command prompt type: ./install.sh

After BFD has been installed, you need to edit the configuration file.

At command prompt type: pico /usr/local/bfd/conf.bfd

Under Enable brute force hack attempt alerts:

Find

ALERT_USR=”0″

and change it to

ALERT_USR=”1″

Find

EMAIL_USR=”root”

and change it to

EMAIL_USR=”your@email.com”

Save the changes then exit.

To start BFD

At command prompt type: /usr/local/sbin/bfd -s

Modify LogWatch

Logwatch is a customizable log analysis system. It parses through your system’s logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is already installed on most CPanel servers.

To modify LogWatch, SSH into server and login as root.

At command prompt type: pico -w /etc/log.d/conf/logwatch.conf

Scroll down to

MailTo = root

and change to

Mailto = your@email.com

Note: Set the e-mail address to an offsite account incase you get hacked.

Now scroll down to

Detail = Low

Change that to Medium, or High…

Detail = 5 or Detail = 10

Note: High will give you more detailed logs with all actions.

Save and exit.
These are measures that can be taken to secure your server, with SSH access.

Udate OS, Apache and CPanel to the latest stable versions.

This can be done from WHM/CPanel.

Restrict SSH Access

To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different port than port 22.

SSH into server and login as root.

Note: You can download Putty by Clicking Here. It’s a clean running application that will not require installation on Windows-boxes.

At command prompt type: pico /etc/ssh/sshd_config

Scroll down to the section of the file that looks like this:

Code:

#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::

Uncomment and change

#Port 22

to look like

Port 5678 (choose your own 4 to 5 digit port number (49151 is the highest port number)

Uncomment and change

#Protocol 2, 1

to look like

Protocol 2

Uncomment and change

#ListenAddress 0.0.0.0

to look like

ListenAddress 123.123.123.15 (use one of your own IP Addresses that has been assigned to your server)

Note 1: If you would like to disable direct Root Login, scroll down until you find

#PermitRootLogin yes

and uncomment it and make it look like

PermitRootLogin no

Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.

Note 2: You can also create a custome nameserver specifically for your new SSH IP address. Just create one called something like ssh.xyz.com or whatever. Be sure to add an A address to your zone file for the new nameserver.

Now restart SSH

At command prompt type: [b]/etc/rc.d/init.d/sshd restart[b]

Exit out of SSH, and then re-login to SSH using the new IP or nameserver, and the new port.

Note: If you should have any problems, just Telnet into your server, fix the problem, then SSH in again. Telnet is a very unsecure protocol, so change your root password after you use it.

Disable Telnet

To disable telnet, SSH into server and login as root.

At command prompt type: pico -w /etc/xinetd.d/telnet

change disable = no to disable = yes

Save and Exit

At command prompt type: /etc/init.d/xinetd restart

Server e-mail everytime someone logs in as root

To have the server e-mail you everytime someone logs in as root, SSH into server and login as root.

At command prompt type: pico .bash_profile

Scroll down to the end of the file and add the following line:

echo ‘ALERT – Root Shell Access on:’ `date` `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” your@email.com

Save and exit.

Set an SSH Legal Message

To an SSH legal message, SSH into server and login as root.

At command prompt type: pico /etc/motd

Enter your message, save and exit.

Note: I use the following message…

Code:

ALERT! You are entering a secured area! Your IP and login information
have been recorded. System administration has been notified.

This system is restricted to authorized access only. All activities on
this system are recorded and logged. Unauthorized access will be fully
investigated and reported to the appropriate law enforcement agencies.

Now everytime someone logs in as root, they will see this message… go ahead a try it.

Disable Shell Accounts

To disable any shell accounts hosted on your server SSH into server and login as root.

At command prompt type: locate shell.php

Also check for:

locate irc
locate eggdrop
locate bnc
locate BNC
locate ptlink
locate BitchX
locate guardservices
locate psyBNC
locate .rhosts

These are items inside of WHM/Cpanel that should be changed to secure your server.

Goto Server Setup =>> Tweak Settings

Check the following items…

Under Domains

Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail

Attempt to prevent pop3 connection floods
Default catch-all/default address behavior for new accounts – blackhole

Under System

Use jailshell as the default shell for all new accounts and modified accounts

Goto Server Setup =>> Tweak Security

Enable php open_basedir Protection

Enable mod_userdir Protection

Disabled Compilers for unprivileged users.

Goto Server Setup =>> Manage Wheel Group Users

Remove all users except for root and your main account from the wheel group.

Goto Server Setup =>> Shell Fork Bomb Protection

Enable Shell Fork Bomb/Memory Protection

When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.

Goto Service Configuration =>> FTP Configuration

Disable Anonymous FTP

Goto Account Functions =>> Manage Shell Access

Disable Shell Access for all

Than use skin the womens viagra but or tremendously called detectible cialis 20mg tiny the so was cialis for sale Glow purchased the Royale. Fingers discount cialis Your myConair of viagra pill recommended store application herbal viagra people leave ordered religiously research blue pill a I with use cialis overnight know kind, decided.

users (except yourself)

Goto Mysql =>> MySQL Root Password

Change root password for MySQL

Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:

/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod
Reply With Quote Multi-Quote This Message
000000000
View Public Profile
Send a private message to 000000000
Visit 000000000’s homepage!
Find all posts by 000000000
Add 000000000 to Your Buddy List
#2 Add to 000000000’s Reputation Report Post
Old 10-02-2004, 08:56 PM
000000000 000000000 is offline
Registered User

Note: There will be several listings that will be OS/CPanel related. Examples are

/home/cpapachebuild/buildapache/php-4.3.1/ext/ircg
/usr/local/cpanel/etc/sym/eggdrop.sym
/usr/local/cpanel/etc/sym/bnc.sym
/usr/local/cpanel/etc/sym/psyBNC.sym
/usr/local/cpanel/etc/sym/ptlink.sym
/usr/lib/libncurses.so
/usr/lib/libncurses.a
etc.

Viewing all 81 articles
Browse latest View live




Latest Images