• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Search results

  1. M

    Question Using Imunify360 with Atomic Advanced

    No recommendations?
  2. M

    Question Using Imunify360 with Atomic Advanced

    Hello, I've bought Atomic Advanced on my Plesk Server yesterday. Also, since I want to harden my security, I bought Imunify360 today. But Imunify360 uses its own ModSecurity rule set. So, my Atomic Advanced rule set has gone. Is there a way to use these two extensions at the same time? Or what...
  3. M

    Issue Layer 7 DDos Protection

    Hello, I've been using "mod_evasive" and "mod_qos" modules for Apache2. But recently, they're not able to handle all the traffic for no reason: I saw attackers can open a page 100 times in a seconds. Some gets banned, some gets nothing. So, I want to build a simple Layer 7 DDos protection...
  4. M

    Question How to force users to use HTTP2?

    Thanks for answer. I've read them before opening a post. But they're actually not forcing to use HTTP2.0 as it can easily seen on access log: They're all HTTP1.1
  5. M

    Question How to force users to use HTTP2?

    Hello, How can I force every connection to HTTP2 ? (It's currently opened on Plesk. SSL enabled.) Also, would it be a problem for me? Regards.
  6. M

    Question Different Servers for Mail and Web

    I didn't actually understand how to configure Plesk to manage my @mydomain.com on mymailhosting.com with Plesk since Plesk is only able to create mail server and mails for existing domains such as [email protected].
  7. M

    Question Different Servers for Mail and Web

    Hello, I'd like to close all my ports where my web server is alive (exc. 80 and 443). So that I'd have to change my mail server's host. But I don't know whether it's possible to do. Example: mydomain.com (on IP XX.XX.XX.XX) (opened ports 80, 443) mail.mydomain.com (on IP YY.YY.YY.YY) (opened...
  8. M

    Question Ban IP with ModSecurity

    Edit: Someone with 100+ request hasn't been banned via Fail2Ban, I think, I should make some arrangements. Where can I find these kind of instructions about ModSecurity.
  9. M

    Question Ban IP with ModSecurity

    Thanks for your answer. I've activated all jails, and enabled detection. Should I do anything else?
  10. M

    Question Ban IP with ModSecurity

    Hello, I'm using "ModeSecurity" extension with "Comodo (Free)". I'm bored to check logs and manually ban suspicious IPs that violate ModeSecurity rules hundreds of times. Is there a way to Ban IP's automatically, if the IP violates ModeSecurity rules (for example XSS or SQLMap Attack) more than...
  11. M

    Issue Session Timeout

    By the way, I want to extend the session time.
  12. M

    Issue Session Timeout

    I'm editing this PHP.ini and every change effects my website but session timeout. (There's only 1 available, that's why I'm saying one PHP.ini file) Also, I use sessions as following @session_start(); Means, every request creates a session, if they don't have one.
  13. M

    Issue Session Timeout

    I'm talking about my website, not Plesk. I've edited the only PHP.ini available on my server.
  14. M

    Issue Session Timeout

    Hello, I've been using Plesk for at least 3-4 years. But still haven't understood anything about the mechanism behind sessions. I've edit php.ini as following session.cookie_lifetime = 28800 session.gc_maxlifetime = 28800 session.gc_probability = 0 session.gc_divisor = 1000 But users log out in...
  15. M

    Issue Dashboard Not Found

    Rebooted as well. Nothing changed.
  16. M

    Issue Dashboard Not Found

    Yes, I've reinstalled it but still getting same error message.
  17. M

    Issue Dashboard Not Found

    Hello, I upgraded my Plesk from Onyx to Obsidian but Advanced Monitoring doesn't work properly (actually not working at all) Current version: Plesk Obsidian 18.0.20 Screenshot attached. Thanks for your help.
  18. M

    Resolved FTP_user consumes 25% of Ram

    - I've deactivated all PHP-FPM versions (except one that I use) - I've removed all PHP versions (except one that I use) And the result is:
  19. M

    Resolved FTP_user consumes 25% of Ram

    Thanks for your answer. I have some questions after you. - Is that possible to detect which php script uses much more resources? - How can I detect these kindof bots. Edit: Screenshots added. (apache ram usage)
  20. M

    Resolved FTP_user consumes 25% of Ram

    This is why I wrote "FPM application served by Apache with PHP 7.0.33 is used. Nginx Proxy Mode is enabled. piped logs feature is disabled." at the end of my post. Means, I've applied these before: High CPU and memory usage by website High CPU usage by Apache is shown in Health Monitor
Back
Top