Recent content by trialotto

@cmaurand You can use Nginx custom templates that will stick across updates. There is only one downside : you will get all kinds of annoying error notifications with updates and/or when using plesk repair command and/or when using or running httpdmng in general ............ but in most cases...

@everyone, Have a look at : https://cloudlinux.zendesk.com/hc/en-us/articles/4413944172562-Binary-files-are-detected-as-malicious It seems that - at least at this moment - the best option is to put the files on an ignore list. Nevertheless, in my humble opinion, the .so files and the...

@JuanCar You should have a look at this : Resolved - Can't run Plesk Premium Antivirus (drweb) Kind regards.....

@Sebahat.hadzhi There are two approaches suggested to this DrWeb related issue, being : 1 - adjustment of ssl.conf : see https://support.plesk.com/hc/en-us/articles/12377059549975-Unable-to-start-Plesk-Premium-Antivirus-in-Plesk-Plesk-authorization-failed-HTTP-request-error-35 2 - added /...

@macadia Given this text I think that you have an entirely different issue : "human error" or "human intent". It makes no sense for any hacker to attempt a hack on one account (as you describe it, "an account") and when being succesful, being satisfied with the hack of one account and the...

It is also possible to add ModSecurity at the Nginx level. In most cases, this is a better "security approach" since it prevents bad traffic from reaching the Apache level. Nevertheless, there is general consensus that the ModSecurity at the Nginx level is not to be preferred due to...

I applied a similar approach for testing purposes : a modified SpamAssassin config ....... but it did not make any difference (to be honest, it reduced the spam related issues, but in comparison to DKIM implementation, the "heavy SA config" effects were modest). I currently assume that there...

@macadia @Kaspar is fully right and I highlight the parts of his response that I hope to add value to : In essence, Roundcube is safe and plugins might help. Nevertheless, one could also consider a set of Nginx based rules that add to the default Nginx webmail config. Brute force...

@Kaspar There is a systematic issue with Plesk mail delivery that is not related to "spam" at all. One can add all Plesk extensions and all spam solutions and still spam will go through the Plesk server. I did not find any conclusive / unambiguous root cause of the problem yet ...

@AK_learner Do you have SPF, DMARC, DKIM and alike properly defined? The Plesk mail eco-environment is a bit buggy at the moment, with a lot of spam related issues that can cause major email delivery issues. Nevertheless, simple solutions like DKIM often seem to help in a considerable way...

@La Linea You can and you should. Simply replace the certificates with new ones that do not contain OCSP rules AND remove all Nginx ssl_stapling related directives. The can be related to (insufficient) privileges, but if I am not mistaken, then the command should be limited to domains...

@Janko Falli The statement is not entirely correct, in a number of ways. First of all, Plesk GUI should not "read" Nginx config and can hence not "reflect" that Nginx config. If and when you get a green "UI indicator" by adding lines to the "Additional Nginx directives" .... and it...

@wolle @Raul A. is right. I think that you should first check your Fail2Ban and Firewall for the 18.203.120.118 and 52.30.104.252 IPs (and other IPs associated with Plesk updates). If one of the IPs is blocked somehow, just unblock them : remove them from the Firewall and/or move to...

@snIP3r The error message is highly indicative of the fact that your old license was Web Host, whereas your new license is Web Admin. One could go through all kinds of fuzz and manual steps, but I would recommend to 1 - request a trial Web Host license for migration, 2 - restore the...

Should the second export PATH=/opt/plesk/php/8.3/bin:$PATH not be export PATH=/opt/plesk/php/8.2/bin:$PATH ?? Stated differently, there seems to be a version typo once. Kind regards.... PS Still not sure whether this whole setup with Litespeed is worth the effort. However, pretty sure...