Question Action log discloses potentially sensitive information

[Dmytro]

Server operating system version

Ubuntu 22.04.5 LTS

Plesk version and microupdate number

Plesk Obsidian 18.0.64

Hi. I'm not sure, but looks like it's not good practice to show for any user in it's Action log information about IP and Username used by provider to communicate with Plesk via API (WHMCS API user for exaple). What do you think?
Maybe we can use some blacklist/stop words to prevent to show some information in Action log?

 

[Maarten]

Hi,

Thanks for your question. Just to clarify, are you concerned about sensitive details like IP addresses or usernames being visible to end users in the Log Browser when providers (like WHMCS) use the API? If so, are you looking for a way to anonymize or hide specific parts of the log, such as certain IPs or usernames, for privacy reasons?

Just want to make sure I fully understand the scenario you're describing.

 

[Dmytro]

Yes, totally correct! I think it’s better to have some workaround to hide or anonymise api username and ip , in my case it’s whmcs
But it’s only one example of sensitive data , it would be great to have some blacklist what works like “grep -v someword”?

 

[Maarten]

Thank you for your suggestion. To get a more accurate answer, I’ll tag the project lead of this extension to see if there’s an existing solution or a potential workaround for this. It might take a little time, but I’ll keep you posted once we have more information.

@AYamshanov – could you please provide some insight here?

 

[Kaspar]

I personally think this (all) is useful information, as it exactly shows what actions have performed for a subscription/domain. Granted, this data might not mean much to end-users. But filtering it feels like degradation of transparency.

Anyway, just in case you're interested, it's possible to completely hide the action log for end users by adding the following configuration to the panel.ini file.

[actionLog]
actionLogForEndUsers = false

 

[Dmytro]

Thank you for your thoughts and especially for the workaround. Unfortunately it looks like “all or nothing” for me.
Action log is really very useful and one of the reason of using it - is to have clear view on all activities within user account.
In other hand I can find many examples of information you are hiding from enduser or filtering in Plesk interface.
But anyway, in this particular case I can’t understand Why any enduser should know my Api username that have administrative privileges? To make it easier to brute force my server?
For me it’s not a transparency, it’s a security breach. IMHO

 

[AYamshanov]

Hi everyone,

Thank you, Dmytro, for the feedback, and thank you, Maarten, for tagging me in this thread.

As an alternative to Kaspar's advice, you might disable NIS2 compliance if you do not need to follow the NIS2 directive requirements (for more information about the NIS2 directive, see NIS2 Directive Compliance). If I am not mistaken, it will disable logging API requests.

[actionLog]
nis2compliant = false

Also, it is possible to configure what exactly events should be saved to Plesk Action Logs ("Tools & Settings / Log Browser / Action Log / Settings"). When the `nis2compliant` option is disabled, it becomes possible to disable logging DNS changing events.
To increase security, you may configure only a specific set of IP addresses to manage Plesk via API (if it is applicable to your environment).

Unfortunately, there is no ability to mask or to find-and-replace records in the Plesk Action Logs. If this is still a feature you want to have in Plesk, I suggest creating a request in Plesk UserVoice and providing details about why it is important (like in the first post in the thread).