Important Advisor Extension

[Gherardo]

Hi,
how to install inside plesk onyx ModSecurity & Fail2ban and Plesk Firewall?
if I click on install a new page opens (about: blank) and after about one minute I receive this error:
Connection time is out

SO ‪Ubuntu 16.04.5 LTS‬
Plesk Onyx
Versione 17.8.11 Aggiorna #24, ultimo aggiornamento il 6/Ott/2018 10.15

 

[JohnBee]

Hello again, I recently installed a trial version of Plesk on Ubuntu 16.04 and discovered that if I choose the "Apply Multiple Recommendations" from the Advisor, that the interface will hang and never return.

PS. never may be a bit of a stretch, as I only kept the page open approximately 90 minutes. Though I'm thinking it should have taken much less time, as I was able to manually carry out the recommendations in less than 5 mins.

- hope this helps

 

[Ruslan Kosolapov]

Hello.

We’ve just released Advisor 1.4: Advisor - Plesk Extensions

Changelog:

1.4.0 (24 October 2018)

• [+] Added the recommendation to use up-to-date WordPress and WordPress plugins.
• [+] Added the recommendation to use the Google PageSpeed Insights Pro extension.
• [+] Added the recommendation to use the Speed Kit extension.
• [+] Added the recommendation to use the Revisium Antivirus extension.
• Renamed Symantec to DigiCert.
• On Debian 9 and Ubuntu 18, Advisor recommends using the OWASP ModSecurity rule set.
• [-] The recommendation "Secure WordPress Websites" is no longer placed lower if WordPress Toolkit is not installed. (EXTADVISOR-540)
• [-] Scrolling the "Apply Multiple Recommendations" window no longer changes which checkboxes were selected. (EXTADVISOR-539)
• [-] Applying the recommendation "Secure Websites With SSL/TLS Certificates" no longer adds PHP notices to the Plesk log. (EXTADVISOR-538)
• [-] The Advisor icon is no longer shown for no-hosting domains. (EXTADVISOR-520)
• [-] Applying the recommendation "Configure Scheduled Backups" now activates backups scheduling with configured backup rotation. (EXTADVISOR-512)
• [-] Blacklisted recommendations will no longer be applied when applying recommendations via CLI. (EXTADVISOR-424)
• [-] On Linux servers, the recommendations "Enable HTTP/2" and "Secure Websites With SSL/TLS Certificates" can now be applied at once. (EXTADVISOR-440)

 

[Ruslan Kosolapov]

@JohnBee thanx. What's your web-browser and platform (mac, win, lin)?

 

[Ruslan Kosolapov]

Hi @Gherardo.
If the issue still exists, could you send me 'ps uaxwww | grep installer'?

 

[trialotto]

Hello.

We’ve just released Advisor 1.4: Advisor - Plesk Extensions

Changelog:

1.4.0 (24 October 2018)

• [+] Added the recommendation to use up-to-date WordPress and WordPress plugins.
• [+] Added the recommendation to use the Google PageSpeed Insights Pro extension.
• [+] Added the recommendation to use the Speed Kit extension.
• [+] Added the recommendation to use the Revisium Antivirus extension.
• Renamed Symantec to DigiCert.
• On Debian 9 and Ubuntu 18, Advisor recommends using the OWASP ModSecurity rule set.
• [-] The recommendation "Secure WordPress Websites" is no longer placed lower if WordPress Toolkit is not installed. (EXTADVISOR-540)
• [-] Scrolling the "Apply Multiple Recommendations" window no longer changes which checkboxes were selected. (EXTADVISOR-539)
• [-] Applying the recommendation "Secure Websites With SSL/TLS Certificates" no longer adds PHP notices to the Plesk log. (EXTADVISOR-538)
• [-] The Advisor icon is no longer shown for no-hosting domains. (EXTADVISOR-520)
• [-] Applying the recommendation "Configure Scheduled Backups" now activates backups scheduling with configured backup rotation. (EXTADVISOR-512)
• [-] Blacklisted recommendations will no longer be applied when applying recommendations via CLI. (EXTADVISOR-424)
• [-] On Linux servers, the recommendations "Enable HTTP/2" and "Secure Websites With SSL/TLS Certificates" can now be applied at once. (EXTADVISOR-440)

@Ruslan Kosolapov

To be honest, the current (and previous) version of Plesk Advisor is not really sufficient due to a very odd algoritm to calculate the server rating.

The following will illustrate something that is actually not a bug, but a matter of choice during development and/or a matter of opinion.

Consider a setting

[ext-advisor]
blacklist = SymantecSsl,SpeedKit

in /opt/psa/admin/conf/panel.ini and a server rating of 3236 (out of 4000), with PageSpeed extension not installed (and this is noted correctly by the Advisor extension).

Now change before mentioned setting to

[ext-advisor]
blacklist = SymantecSsl,SpeedKit,PageSpeed

and you will suddenly get a server rating of 3386 (out of 4000).

The increase in the server rating exactly equals the number of points assigned by the Advisor extension to the PageSpeed extension (i.e. 150 points).

In conclusion, all of the above applies that server ratings increase by excluding extensions from detection by Advisor extension.

In my humble opinion, this is NOT an indication of a good method to identify the degree to which a server is configured properly.

I would really recommend to take another approach, amongst others

- allowing Plesk users to blacklist specific extensions from detection by Advisor extension: most of those (paid-for) extensions are not really adding value,
- creating a server rating that is more adequate: server ratings should NOT increase when extensions are blacklisted for the Advisor extension,
- creating a server rating that is more flexible: the maximum score (i.e. 4000 currently) should be flexible and reflecting that specific extensions or settings are blacklisted,

and so on.

Hope the above provides you with some valuable feedback.

Kind regards..........

 

[IgorG]

 

[daanse]

when will juggernaute firewall will be
considered in this rating? Everything red here ....

 

[B_P]

It is extremely annoying that the advisor tries to advertise all these paid add-ons.
There should be a clear option to disable the advise to install paid add-ons (NOT ONLY in panel.ini!). Is there finally a documentation on which settings I can make in panel.ini (I asked for a full documentation of panel.ini before but that was declined so far...).
Seems like the company behind Plesk really is only about money today. First they massively increase the monthly license fee and now they even annoy us with more paid subscriptions.

In addition: it should be stated (according to GDPR) which data is exchange with foreign servers if I install extensions. For example: which information is shared when I install ImmunifyAV? This should clearly be documented in the extension system!

 

[daanse]

......
In addition: it should be stated (according to GDPR) which data is exchange with foreign servers if I install extensions. For example: which information is shared when I install ImmunifyAV? This should clearly be documented in the extension system!

i must agree, this would be helpful ! And in my opinion this advisor seems more advertising then helpful.

 

[B_P]

What is missing for instance is to disable the warning for the paid ModSecurity rule set!

 

[danami]

when will juggernaute firewall will be considered in this rating? Everything red here ....

Sorry about that. I contacted the developer via forum chat many many months ago and he said that he was going to fix it (It would take 5 minutes) but it looks like they still haven't bothered.

 

[daanse]

Sorry about that. I contacted the developer via forum chat many many months ago and he said that he was going to fix it (It would take 5 minutes) but it looks like they still haven't bothered.

@IgorG what about this?

 

[Azurel]

Plesk 17.8.x have a nice tool "Advisor" that shows possibilities to improve the server settings. BUT I missing here:

1. Its shows extension with a very short description. Why ist here no link to the extension page for more informations about it? Like "Use the ImunifyAV Extension" have no link to ImunifyAV extension - Plesk Why not? Its really required to use Google to find this page?

2. There is neither in Advisor or extension page an information what is the differents between free version and paid version. So why I should buy it, when there is no information what benefit I get? Why should I use the free version for testing this extension, when I not knows which restriction it have?


I like the idea for the Advisor and would like to use it more and buy useful extensions, but I don't install or buy random extension into the blue.

 

[TomBoB]

Fail2ban clearly running on the server. Yet the Advisor says it's not running...

I'm starting to tire of this piece of software...

3 backups options, one enabled (obviously), but the advisor makes it look like (to the not-so-knowledgable) that you need all three... for more money... who's brain fart idea was that?
oh, and regarding acronis, we tested it a while back. It caused major disruption by changing settings (incl. the servers default language [!]) all on its own. When commenting / asking for help on here, we were told: ask acronis. But even that failed as they only provide support AFTER you BOUGHT one of their products. No support not even during trial.

IMHO, advisor: shouldn't be needed by most admins anyway as they know what to do on a server. For those that are yet to become good admins, it's an exploiting tool as it pushes sales of stuff that isn't needed in most cases. Beware.

And with this, it will get removed from all our servers. Have had it.

 

[trialotto]

@TomBoB

It might be the case that I share some of your strong opinions - but I am a bit more mild about the Advisor extension : in essence, it is a good reminder for everyone (!).

Sure, there a lots of annoying features and some of them might be pushing sales of other (good or mostly not so good) extensions.

However, you can use Advisor extension AND reduce the "noise" in the messages / advices communicated by Advisor extension - just tweak panel.ini!

In the panel.ini file, one can disable or hide a lot of the default Advisor advices or other things that might annoy you.

Try that first, try to tweak the panel.ini file ....... and then conclude whether Advisor extension adds some value to your Plesk eco-environment.

Kind regards......

 

[mow]

Hello.
[+] Added the recommendation to synchronize server time.

Does not recognize systemd-timesyncd.
(see `service systemd-timesyncd status`)

By the way, it would be really nice if advisor could show what exactly the buttons "Install", "Switch on" etc. are going to do when pressed.

 

[H.W.B]

Hello,
The advisor doe not recongnize the Imunify360 app. In this app are several apps intergrated like ImunifyAV and KernalCare.
But he does not recognize that. So he is pushing to install this. Please update

Henk

 

[Mark@beeldr]

Same here, it doesn't actually do anything but its nice to see the score go up by 300 points This also Applies to the plesk firewall being disabled, the Immunify360 has a far superior firewall but as you cant run both at the same time the plesk firewall has to be disabled.

Hello,
The advisor doe not recongnize the Imunify360 app. In this app are several apps intergrated like ImunifyAV and KernalCare.
But he does not recognize that. So he is pushing to install this. Please update

Henk

 

[agarzon]

Hi.

Anyone knows what is the name of the extension: Plesk Email Security ? so I can add it to my blacklist.

This is my current blacklist if anyone is looking for somethig similar:

[ext-advisor]
allowCovid19Recomendation = off
blacklist = GoogleAuthenticator, KernelCare, SeoToolkit, SpeedKit, CloudPro, Imunify360, Acronis, WpToolkit_SmartUpdates, SymantecSsl, ImunifyQuickPatch