Search results

No. If you started out on Plesk 10 and left register_globals set to "default", this caused it to be explicitly set to off in the php.ini file. If you upgraded to Plesk 11 and 12, they took default (which was off) and kept the setting as off, causing the value to be set with no action on the...

No question at all. You stated Plesk itself would never put register_globals definition in the php.ini, and you were shown to be wrong.

Why do you regularly jump into threads and give incorrect information? Plesk has a PHP Settings area going all the way back to version 10, which, as anyone would know, means back to php versions as old as 5.1 (centos 5) or 5.3 (centos 6). If, at any point in time, you or your customers chose...

This error can also occur if the register_globals directive is still present in the php.ini and you're trying to use php 5.6. In Plesk versions where you can select to use the Plesk-provided php 5.6, if you have register_globals set to "yes" or "no", your php apps will crash with that same...

Has anyone tried the workaround mentioned in that thread?

It is applicable to 12.0.18 as well, where SSLv3 is not disabled by default, hence my request.

Can someone at Plesk (the company) alter the behavior of Plesk (the software) so that when the disablesslv3 option is set: http://kb.odin.com/en/123160 that it affects the port 8443 server as well? It seems kind of stupid to have to manually edit the /etc/sw-cp-server/config file. Well it's...

Here's how you work around this in case anyone else has the same issue. The error must have occurred before beginning, so ftps in, transfer a file, log out. Run ausearch -m avc | grep -B 2 xferlog That will give you a bunch of the failure alerts, along with the human readable date and time...

Feb 24 12:19:03 server proftpd[1574]: 192.0.2.1 - unable to open TransferLog '/var/log/plesk/xferlog': Permission denied I'm running into that on Plesk 12 on CentOS 7 with selinux enabled. Audit log confirms this is an selinux issue: type=AVC msg=audit(1456334343.451:542779): avc: denied {...

Most things that PCI scanners fail you on have no basis in security or logic, they're one step up from script kiddies doing something because a scanning script they found online told them to. Unfortunately, proving to them why they're stupid is not typically easy to do. I was able to manually...

Any response from Plesk?!

root@:/etc/nginx/plesk.conf.d/webmails# mysql -u admin --password=`cat /etc/psa/.psa.shadow` -e "select count(*) from domains" psa +----------+ | count(*) | +----------+ | 68 | +----------+ root@:/etc/nginx/plesk.conf.d/webmails# ls -1|wc -l 23

Product version: 12.0.18 Update #68 Update date: 2015/10/08 03:28 Build date: 2015/08/17 13:00 Build target: CentOS 7 Revision: 334346 Architecture: 64-bit Wrapper version: 1.2

We have a fresh Plesk 12 server where new sites being added are set to have mail enabled, webmail enabled and webmail set to Roundcube. No other webmail options are installed. We're finding new sites get added and show roundcube selected, yet no files exist under...

I'm curious if there are any changes that can be made to the SPF filter, or spam assassin, to have the "From" header of the message investigated for SPF pass/fail in addition to the Return-Path? We have customers with explicit (-all) spf records still seeing forged emails coming in claiming to...

Those should be fine. You could turn off watchdog's weekly/monthly tasks if you wanted; you can find it under Extensions. Was there anything interesting in your syslogs from the kernel?

If mysql itself will not start, then this wouldn't be a Plesk issue. What errors do you get when you try to start mysql?

What ends up in your syslog? Particularly /var/log/messages or /var/log/kern depending on syslog setup. Should be some errors there. Does the host of your server have a method for you to access the console of the system before initiating the reboot? If something caused the kernel to panic...

Not that I've seen. On servers where we've changed it, any CSR's generated after that point have been sha2. You can confirm this by pasting the CSR into a file and running "openssl req -noout -text -in FILENAME" and you should see it mention sha256.

It is a ONE LINE change in ONE FILE; does that really require a major version update instead of just a micro update to add "default_md = sha256" to /usr/local/psa/admin/conf/openssl.cnf? Why does it seem like a constant battle to get Odin to update Plesk with current security standards?