• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Search results

  1. J.Wick

    Plesk 12.5 PCI-DSS Trustwave TSL v1.0 Issue

    That is gold! I'm going to take that information back to Trustwave and have some fun. Thanks for the response UFHH01!
  2. J.Wick

    Plesk 12.5 PCI-DSS Trustwave TSL v1.0 Issue

    Yes, I've upgraded to Plesk 12.5 and I notice that there are some minor differences. It would be really nice if Odin would use Trustwave in their research and development process in regards to the PCI-DSS compliance feature of Plesk. I'm paying a significant fee every month for Plesk so I don't...
  3. J.Wick

    Plesk 12.5 PCI-DSS Trustwave TSL v1.0 Issue

    This apparently doesn't look like it applies to Plesk 12.5 as the nginx file doesn't contain any information for ssl_protocols or ssl_ciphers support. Any other suggestions? While looking around in custom/server/ I found PCI_compliance.php file with the following. <?php if...
  4. J.Wick

    Plesk 12.5 sFTP Logging Per User? How?

    Thanks Igor, do you know of any way to create individual customer account logs like FTP logs so we can see login and file transfer / manipulation information? Kind of need this for compliance.
  5. J.Wick

    Plesk 12.5 PCI-DSS Trustwave TSL v1.0 Issue

    First off, I have to say that after setting up a new server and migrating all our customer accounts over, that Plesk 12.5 is pretty awesome! Love the changes made to backup, that will make life a lot easier, along with the extra control over which modules are installed. I did the migration...
  6. J.Wick

    Plesk 12.5 sFTP Logging Per User? How?

    I've read a lot of tutorials online on how to log sFTP traffic. What's the best way to accomplish this on Plesk 12.5? I run a pretty secure server and would like to have the file transfer and login logs for compliance. FTP is not allowed on the server for obvious reasons. Would really be nice...
  7. J.Wick

    Brand New Plesk 12.5 Install Dies After Initial Login.

    2nd attempt was a success, and this time I just installed the "base" without doing any wild customization and then made changes after and it all worked.
  8. J.Wick

    Brand New Plesk 12.5 Install Dies After Initial Login.

    Just installed Plesk 12.5 on a fresh server in Digital Ocean and everything went smooth up to the point of install where the sftp sub system had a bug during install preventing chroot from properly setting up. I fixed the config file with that issue, and ran Plesk Repair --all Then logged...
  9. J.Wick

    Plesk 12.5 RTM is out

    I had a Plesk 12 running perfectly on Centos 6.5, but migrated to a new Centos 7 server and wow, did that really suck. I've spent about 3 work days fixing things that should be covered by Plesk. I feel I've learned so much that I can manually configure the server by myself. :/ Even right now I...
  10. J.Wick

    Plesk 12.0.18 & Plesk Mobile Manager 1.5 Internal Error

    Currently tried everything to get Mobile Manager working and having no luck. I'm getting an internal error every time I try to setup the connection. I worked last week, have no idea why it decided to stop. I have exhausted http://kb.odin.com/en/112730 There are no entries in the log file to...
  11. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Hi UFHH01, Yes, that matches much of what I've researched on the matter. Looking at web logs, those versions of Windows are such small numbers it's a non-factor if we cut them off. From my hours of investigation it seems that this area of security for a lot of administrators is a highly...
  12. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Hi Tom, From the looks of your config, it would seem that TLSv1 is also enabled, easily found out over at https://www.ssllabs.com/ssltest/
  13. J.Wick

    Resolved How to redirect vhost domain 8443 to proper secured login panel domain?

    Which log and config files would you like to see?
  14. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Oh, I have searched hard on this one, I have about 5 hours into it. Made a lot of notes, found and even installed new CLI commands to show the supported cipher for a domain, and SSLLabs.com SSL scanner is really good. I'm getting an A+ there, yet Trustwave is having a fit with TLSv1 support...
  15. J.Wick

    Resolved How to redirect vhost domain 8443 to proper secured login panel domain?

    Thanks UFHH01, it's a start but it's not perfect. I got it working, but it only works for http, not https, it should really work for both. Also, what's the way of getting notified when an extension has been updated and path for upgrading extensions?
  16. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Hi Tom, Thanks for the suggestion. I tried it and still end up with TLSv1 somehow still enabled. I'm wondering if this is a bug.
  17. J.Wick

    Resolved How to redirect vhost domain 8443 to proper secured login panel domain?

    I'm kind of shocked no one has requested or written a guide on making the Plesk Login to only allow login in from a single URL, not the VhostDomain.com:8443 which produces an insecure SSL warning. Is there a trick to making all domains server wide forward to...
  18. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Reasons why this is important. https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplement_v1.pdf
  19. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    BTW: My ssl.conf SSLHonorCipherOrder On SSLProtocol -all +TLSv1.1 +TLSv1.2 SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
  20. J.Wick

    PCI-DSS Compliance fails, after running Plesk PCI scripts.

    Running Plesk 12 on Centos 7 with Apache 2.4.6 and I'm not able to disable TLS v1. I've looked everywhere reading countless pages and it seems like all the Plesk PCI documentation and scripts for hardening need to be upgraded to excluded SSLv2 SSLv3 and TLS v1. I even modified the SSLFix.sh file...
Back
Top