Search results

I guess this would be a quick fix on any 18.0.56 Update #1 system: mv /usr/share/psa-roundcube/program/lib/Roundcube/rcube_washtml.php /usr/share/psa-roundcube/program/lib/Roundcube/rcube_washtml.php_bck wget...

Thanks for the great updates @Peter Debik

This thread should be merged with Question - Roundcube 1.6.4 is released. When will plesk upgrade to it?

This thread should be merged with Issue - Plesk Rouncube and exploit CVE-2023-5631

That is better then I initially expected but since we are seeing active exploits mid November is not good enough. I'll raise a ticket now to increase urgency.

This sounds great! Any news?

@Peter Debik this Roundcube update is urgently needed. Can you escalate this internally? I will also open a ticket tomorrow. Please also see: https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/

Aha! Thanks.

Apologies for reviving this old thread but I am having sort off the same issue as @Visnet. We have about 40 Plesk servers. Most of our Plesk servers update to newer versions just fine, but some don't. On updating server A we see: [2023-08-10 04:22:57.365742] The getBestBuild function has...

Some improvements on the above script (can't edit post..): added hostname variable to be easily deployable to multiple servers added better logging # Don't work to quick sleep 5 # Set some variables hostname=`hostname` # Get the WordPress ID for id in $(plesk ext wp-toolkit --list | grep...

I think I figured it out! We have another WAF that is already blocking the requests, lmao.

Thanks for your reply! Unfortunately it did not help. In my situation the wordpress jail/filter is not triggered. Here is some more information: we have piped logs enabled we see WARNINGS in fail2ban.log which might give a clue: Please check jail has possibly a timezone issue. Line with odd...

Did you ever manage to fix this?

Allright , thank you very much @Kaspar ! To enable automatic core, plugin and theme updates in Plesk: Get a API Key and at step 2 replace YOURAPIKEY: plesk bin secret_key -c Create a file called /usr/local/psa/bin/auto_updates_wordpress.sh with the following content: # Don't work to quick...

I know, I wrote it ;-) Does anyone know where in the database Plesk stores the "Autoupdate all plugins" and "Autoupdate all themes" settings?

The above solution is far from perfect. It only works for currently installed plugins and themes. So quite pointless. I'm going to dig further to see how we can influence "Autoupdate all plugins" and "Autoupdate all themes" via CLI.

To enable automatic plugin and theme updates in Plesk: Create a file called /usr/local/psa/bin/auto_updates_wordpress.sh for domain in $(plesk ext wp-toolkit --list | grep "${NEW_DOMAIN_NAME}" | awk {'print $1'}); do plesk ext wp-toolkit --wp-cli -instance-id $domain -- plugin...

I was being dumb. The test domain within Plesk was configured for different IP addresses :rolleyes:

We installed SOGo on Plesk 18.0.50. On one domain SOGo works fine but on a additional domain we are greeted with a 404 error. I am not sure how to start debugging this issue. Anyone has any idea what the cause of this might be?

By the way this is our custom plesk-wordpress filter: [Definition] failregex = ^<HOST>.* "POST .*(wp-login.php|xmlrpc.php)([/\?#\\].*)? HTTP/.*" 200|401 ignoreregex =