• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Access denied for Admin user

B

benc@

Guest
Hi,

For some reason today, my plesk 7.5.2 control panel has decided it doesnt like my password anymore.

I try to login an it just gives me a javascript error box saying "Access Denied"

I can login to the control panel as other users.

I have checked /etc/psa/.psa.shadow and the password is as I expect it.

Can anyone shed some light on this?

Thanks in advance.

Ben
 
Hi,

maybe you have played arround with IP access control for admin?

Bernd
 
Hi thanks for the reply.

For some reason it just started working agian today :|

Thanks again.

Ben
 
Same here

I am facing the same problem.
When I try to login as a domains' administrator, a javascript popup says "Access Denied". On other domains on the same sarver there is no problem.
I found this topic, read that after some days it started working by itself, I waited ... nothing.
Today I deleted the domain, created again with different passwords etc .. it still doesn't let me login (ftp works fine).
Any help please?
 
plesk has an inbuilt security feature with account logins - basically you get 3 strikes and your out - That is get you password or username wrong 3 times and the server will lock you out. You can determine how long the server will lock you out - somewhere in the server cp. This is more than likely what is happening to you.
 
well, it started working again a little while later..i hadnt even attempted a login... however.. thats not to say someone was trying to gain entry to my server by guessing the password.

It hasnt happened since thankfully.
 
If it was a login lockout the error would say "Login has been locked". At least that is that it used to say. But I've seen this Access Denied thing three times now on new installs of 7.5.3. Methinks it's a bug.
 
I stand corrected. I just looked in /etc/psa/.psa.shadow and the pass had been changed. So I did:

mysql -u admin -p`cat /etc/psa/.psa.shadow`
use psa;
delete from lockout where login = 'admin';

And was able to login.
 
just to clraify

I'm having the same problem: Access Denied for admin, everything OK for any other user. Questions:
  • Does that mean that I have to wait until the "lock" expires and access will be granted again?
  • Does that mean that someone is playing around with the user/pass?
  • Does the lock affects only my IP, or does it affect the user that is being forced (for example 'admin')?
Thanks.
 
Several times I have received the message that the Administrator was already logged in.

After reading this thread I was thinking that PSA would store this session information somewhere. I had a look in the psa database and there's a table called "sessions".
I deleted the admin entry and login worked again.

Hope this helps some others aswell.

Best Regards,

Gerrie Brokke
LIQUIDSOLID
 
Re: just to clraify

Originally posted by interco
I'm having the same problem: Access Denied for admin, everything OK for any other user. Questions:
  • Does that mean that I have to wait until the "lock" expires and access will be granted again?
    See LiquidSolid's post. If you can't or don't know how to use mysql then you wait until the session times out, or you can SSH into the server and issue the mysql commands to delete the session records from the database as LiquidSolid posted.
  • Does that mean that someone is playing around with the user/pass?
    It means that there are 2 admin sessions logged in already, or it thinks there are. Of course, if someone else has your admin password, then you may want to change it... And you DO LOGOUT before closing the browser, right? If you don't then it leaves a session logged in in the database.
  • Does the lock affects only my IP, or does it affect the user that is being forced (for example 'admin')?
    It is not IP specific, but username 'admin' specific.
Thanks.
 
Back
Top