• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!

Recent content by brother4

  1. brother4

    Question Cron Stil "30 11,16 * * 3-7" allowed in Plesk?

    I was just wondering if Plesk validates something like that or just files it and that's it? I have an Ubuntu 22.04 server. According to Crontab.guru - The cron schedule expression generator it is not a standard rule. So I was unsure how to find out if it works or not. Anyway, it seems to be...
  2. brother4

    Question Cron Stil "30 11,16 * * 3-7" allowed in Plesk?

    Does Plesk Onyx for Linux support the cron syntax 30 11,16 * * 3-7 for scheduling tasks? I want to run a script at 11:30 AM and 4:00 PM every Wednesday through Sunday.
  3. brother4

    Input Plesk Fail2Ban: Integration for AbuseIPDB

    @LRob That fits, thank you very much! One hand washes the other :)
  4. brother4

    Input Plesk Fail2Ban: Integration for AbuseIPDB

    @Kaspar This code works fine also with IPv6: #!/bin/bash # Your AbuseIPDB API Key API_KEY="123" # File where already reported IPs are stored REPORTED_IPS_FILE="/var/log/reported_ips.log" # If the file doesn't exist, create it [ ! -f "$REPORTED_IPS_FILE" ] && touch "$REPORTED_IPS_FILE"...
  5. brother4

    Question Custom rules for Mod Seruity 3.0 Nginx - WordPress protection

    @Kaspar Unfortunately, for a few days now, thousands of such bots have been sending corresponding requests to the web urls within a few hours, which places a heavy load on the CPU. These requests are contained in each of these bot IPs. And are apparently not recognized by the previous Fail2Ban...
  6. brother4

    Question Custom rules for Mod Seruity 3.0 Nginx - WordPress protection

    Hey! I would like to block an IP if any of the following URLs are accessed three times. Essentially, if a bot tries to access these files multiple times, it should be automatically blocked: /wp-content/plugins/index.php /admin/function.php /wp-admin/user/network.php...
  7. brother4

    Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?

    You can also simply prevent it via .htacesss or nginx directive. But with all these questions, one thing is paramount: inexperienced users do not know this. However, Plesk suggests on the help page that the WordPress Plesk jail protects against brute force. I also assumed this at first: But then...
  8. brother4

    Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?

    @Maarten But not every WordPress instance is managed with WP Toolkit. That's what the Fail2bBan jails are for. So it doesn't change the actual point that many brute force attacks on servers are not recognized, but this is suggested with the jail. But thanks for the info anyway. I wasn't aware...
  9. brother4

    Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?

    Acutal /etc/fail2ban/filter.d/plesk-wordpress.conf: failregex = ^<HOST>.* "POST .*/wp-login.php([/\?#\\].*)? HTTP/.*" 200 Suggestion /etc/fail2ban/filter.d/plesk-wordpress.conf: failregex = ^<HOST>.* "POST .*/wp-login.php([/\?#\\].*)? HTTP/.*" 200 failregex = ^<HOST>.* "POST...
  10. brother4

    Question Why isn't xmlrpc.php monitored by the WordPress jail in Fail2Ban?

    Hello! I've been using the WordPress jail in Fail2Ban to protect my WordPress installations from brute-force attacks. While I appreciate the protection it offers, I recently noticed a significant gap in its coverage that raises some concerns regarding security. Specifically, I’ve observed...
  11. brother4

    Question Optimizing PHP FPM Handler Settings for Apache and Nginx in Plesk

    Hello everyone, I have a question regarding the PHP FPM handlers and their description in the documentation. In Plesk, I see the following options for executing PHP: FastCGI application (Apache) FPM application (Apache) FPM application (nginx) Dedicated FPM application (Apache) Dedicated FPM...
  12. brother4

    Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?

    If I change the settings so that PHP runs under Apache, it works. Is this the recommended way?
  13. brother4

    Question Best way to block direct PHP file access and ensure .htaccess rules are always applied with Nginx as a reverse proxy?

    Hi all, I have a server running Plesk with Nginx configured as a reverse proxy in front of Apache. I have several domains hosted on this server, and I want to ensure that .htaccess rules are always enforced, especially to prevent direct access to certain PHP files. For example, I have the...
  14. brother4

    Issue Intermittent 503 Errors on Plesk Obsidian (Ubuntu 22.04 LTS) with PHP-FPM Crashes - Seeking Advice

    @ChristophRo I do not use the Plesk Performance Booster, or at least I have not activated it via panel.ini, as described here: (Plesk for Linux) Website Performance Optimization Could there still be problems here? I mean the problems also existed before I configured the PHP 8.2 JIT compiler...
  15. brother4

    Issue Intermittent 503 Errors on Plesk Obsidian (Ubuntu 22.04 LTS) with PHP-FPM Crashes - Seeking Advice

    Hello everyone, I’ve been experiencing intermittent issues where certain domains on my Plesk Obsidian (Ubuntu 22.04 LTS) instance go offline with the following error: 503 Service Unavailable Service Unavailable The server is temporarily unable to service your request due to maintenance...
See more
Back
Top