Tag: Plesk

Posted on

How to force HTTPS in Horde (Plesk)

If your using Horde as your preferred webmail client on a Plesk virtual hosting server, its advisable to enable (and force) the use of HTTPS in order to secure webmail users against their login information and email communication being compromised.

To force HTTPS within Horde:

# nano -w /etc/psa-webmail/horde/horde/conf.php

Then change:

$conf['use_ssl'] = 2;

to:

$conf['use_ssl'] = 1;

Next edit the Horde virtual host file:

nano -w /etc/httpd/conf.d/zzz_horde_vhost.conf

And just below the “ServerAdmin [email protected]” line add:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}

Make sure to tab the lines in to match the delimiter of the previous servername/alias/admin lines. Continue reading “How to force HTTPS in Horde (Plesk)”

Posted on

How to change the default Plesk Control Panel port

By default Plesk uses TCP port 8443 to allow access to the control panel, for example: http://server1.domain.net:8443. For security reasons, its recommended to change the default port to a non-standard port number such as 6677.

Parallels Plesk Panel versions 7.x – 8.x use the Apache service with configuration file $PRODUCT_ROOT_D/admin/conf/httpsd.conf. To change the control panel port you need to modify directives Port, Listen and <VirtualHost *:PORT> in the Apache configuration file for the control panel. Once edited you must restart the Plesk control panel:

~# /etc/init.d/psa restart
Stopping Plesk...                                                     done
Starting Plesk...                                                     done
~#

Please note that none of the ports (21, 22, 23, 25, 53, 80, 110, 443, etc…) used for the standard web hosting services (Apache, POP, SMTP, mySQL, ProFTPd, BIND) can be used.

Parallels Plesk Panel version 9.x uses sw-cp-server instead of Apache. Configuration file of Parallels Plesk Panel is /etc/sw-cp-server/applications.d/plesk.conf. Find the following line in the file and change the port: Continue reading “How to change the default Plesk Control Panel port”

Posted on

Restore a single domain in Plesk 9.2.1 (Linux)

If you have correctly configured your Plesk backups, using the ‘pleskbackup’ command line utility then single domain restores don’t have to be complicated!

Note that this outline expects that you have a pleskbackup script similar to the following in place at /etc/cron.daily/z-plesk-backup:

echo Plesk Nightly Backup
echo
/bin/mv /psabu/dump6 /psabu/dump7
/bin/mv /psabu/dump5 /psabu/dump6
/bin/mv /psabu/dump4 /psabu/dump5
/bin/mv /psabu/dump3 /psabu/dump4
/bin/mv /psabu/dump2 /psabu/dump3
/bin/mv /psabu/dump1 /psabu/dump2
/usr/local/psa/bin/pleskbackup server --output-file=/psabu/dump1
echo
echo Backup File Sizes:
echo
/usr/bin/du -csh /psabu/dump*
echo
echo Backup Complete!

Restore Process

1. Make sure the domain you need to restore is not listed in the “Domains” list in Plesk.
Continue reading “Restore a single domain in Plesk 9.2.1 (Linux)”

Posted on

Plesk Webstats (AWStats)

To force re-create web statistics for all domains on a Plesk Linux server use:

/usr/local/psa/admin/sbin/statistics –calculate-all

Parallels knowledge base article 393 for more information.

Posted on

Plesk Grey Listing Problems

I recently debugged a mail delivery issue between a Plesk 9.2 server running Qmail and 3rd party ‘sending’ servers. In short, Qmail was not accepting email and was issuing a ” 451 qq trouble in home directory (#4.3.0) (in reply to end of DATA command)” error. Mail was then being diverted to a backup mx server (running Postfix) and being held until the Qmail server eventually accepted mail or the postqueue was forced.

The following is the receive error from the Plesk 9.2 server, running Qmail:

Jul 14 09:44:50 vh qmail-queue-handlers[20737]: call_handlers: call executable = '/usr/local/psa/handlers/info/05-grey-vvIjta/executable'
Jul 14 09:44:50 vh greylisting filter[20738]: Starting greylisting filter...Jul 14 09:44:50 vh qmail-queue-handlers[20737]: handlers_stderr: DEFER
Jul 14 09:44:50 vh qmail-queue-handlers[20737]: call_handlers: DEFER during call '/usr/local/psa/handlers/info/05-grey-vvIjta/executable' handler
Jul 14 09:44:50 vh qmail-queue-handlers[20737]: call_handlers: stop callhandlers from dir '/usr/local/psa/handlers/before-queue/global'

The backup MX server would list:

-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
35412AE80F9     1252 Mon Jul 13 21:41:04  [email protected]
(host vh.myserver.net[51.52.53.54] said: 451 qq trouble in home directory (#4.3.0) (in reply to end of DATA command))
[email protected]

As the undeliverable error on mail being sent to the Plesk server.

After much research and testing, it became apparent that Plesk’s grey listing was incorrectly flagging the sending server as a spam source and was applying Grey Listing parameters to the inbound messages.

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again and the email is accepted. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and cannot afford the time delay to retry.

Whilst grey listing is a logical spam counter measure, it can cause major problems when a backup mail server is attempting to relay mail to a primary (or lower preferenced) server for a specific mail domain.

In our environment, the best solution was to disable Grey Listing completely as we already have a perimeter spam filtering solution in place.

This command will disable Plesk’s built in grey listing:

# /usr/local/psa/bin/grey_listing --update-server -status off

A detailed outline of Plesk’s Grey Listing implementation (grey_listing) can be found here.

Please Note: If you are utilizing Plesk’s build in spam filtering options, do not disable grey_listing. Instead, adjust expire and penalty options to better suit your configuration and, if n/usr/local/psa/bin/grey_listingecessary, white list mail from your backup MX server. See the Plesk technical documentation for specific configuration.