• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Additional (no root) User for PHP Script across all Resellers

Code-Specialist

Code-Specialist

New Pleskian
Server operating system version
Ubuntu 18.04.6 LTS
Plesk version and microupdate number
18.0.58 Update #2
Hi There,

PLESK RESELLER EDITION !!!
I am about to write a program, which helps my clients to maintain their webspaces automatically.
For my personal overview this script should call PHP scripts within their accounts and should habe access to all of their directories.
The script will be start by cron. Not by apache. (no Webaccess)
It is necessary, this user ist NOT root of cause.
My first Idea was, to create a client user manually and add him to sudoers to give him rights. But I have no Idea, how this will impact into plesk userrightadministration....
And further I don't know, what will happen, If I will update Plesk to its next Version.

Is there a "Plesk-way" to solve my Problem ?
My first try was to create a new FTP User for each Domain. But currently there are more then 70 domains - several clients and variant subdomains, so I really won't do that manually.

Thanks for your Ideas and helping me out.

Michael

--
Ubuntu 18.04.6 LTS
Plesk Obsidian Reseller
 
Dear Code-Specialist,

I am in the same boat as you: we only have Reseller permissions, and sometimes I want to log in as a user to inspect things or execute a script for one or more users.

My solution (which took me some time to build):
  • I asked our provider to open up Plesk XML API access to a specific IP address
  • I wrote a script to retrieve all subscriptions using the API in JSON format
  • I wrote a second script to SSH to selected subscriptions using the retrieved subscription information
I can use the second script to execute arbitrary scripts and to log in as particular users (provided they have SSH enabled).

There are significant security risks:
  • Anyone who can access the IP address and user credentials to use can use the same API. So be sure you only enabled this for a very safe host.
  • The API doesn't offer read-only access, so anyone who can retrieve information can also destroy things. (And I did destroy things, purely by mistake, while developing my script.)
  • Anyone who can access the subscription information will have all SSH/FTP passwords in plaintext. So make sure that JSON file never gets leaked.
If you're still interested, I'm happy to share my code.
 
You must log in or register to reply here.

Similar threads

C
Resolved Rsync in PHP script
Replies
8
Views
2K
CMRP
C
J
Issue Additional FTP accounts fatal error over SFTP: Received unexpected end-of-file from SFTP server
Replies
10
Views
6K
learning_curve
learning_curve
T
Issue CI/CD with GitHub: Additional deployment actions (React App)
Replies
0
Views
3K
timothy_K.
T
Azurel
Question fail2ban/ip_ban access in plesk-php?
Replies
2
Views
1K
Azurel
Azurel
F
Issue Pretty bad problem: Server starts successfully and starts all services but stops them again.
Replies
1
Views
2K
Fuchur
F
Back
Top