• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Can I stop Plesk creating tickets to Cloudlinux

C

Change Maker

Basic Pleskian
Server operating system version
Ubuntu 22.04.4 LTS
Plesk version and microupdate number
Version 18.0.60 Update #1
Hi
For a while now I've been trying to stop Wordpress Toolkit from creating Tickets with Cloud Linus.
I'm a licenced user of Imunify360 and for some reason I get tickets auto created which about plugin updates and security issues with WP.
Here's an example:
Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting (XSS) vulnerability discovered by Dimas Maulana (Patchstack Alliance) in WordPress Plugin GiveWP (versions <= 3.12.0)
Although they are helpful to me, I don't want it to create these tickets all the time.

I can't find out how to stop this happening? Does anyone know how to stop this creating the tickets please?

Thanks
 
Do you mean notifications? You can disable any type of notifications via Tools & Settings > Notifications.
 
Thanks. This is the only one I've got set and it's under the Administrator Column. Reseller and Customers have nothing.
WordPress site vulnerabilities found (administrator's digest)

It's the Ticket Creation that's a major issue. Cloudlinux must have had about 50+ tickets over the last 3 months.
I don't want that happening or they'll mis interpret me and my company wrongly.

I did have a couple of WP notifications flagged in Customer though. I thought I'd done them all.
Maybe it will stop the emails and the tickets. I'll keep an eye on it.
 
@Robert Alexander I'll reply here to you post from another thread as otherwise different topics get mixed up.

Robert Alexander said:
I've checked my server and it says I'm on WP Toolkit version: 6.4.0-8486
Why I've been looking at this, is that Cloud Linux who support me on Imunify360, suggest that WP Toolkit may be sending out emails to their support email address. Why this is a problem itself, is that it's creating tickets with them, via my account when there are Lets Encrypt Messages or Plugin Security Messages.
This results in quite a lot of unnecessary Tickets and I'm trying to find out what's causing it.
My Plesk Notification Settings are off and the only setting in WP Toolkit that is in force is "Allow Customers to use Sets when they install Wordpress"

I've run out of ideas at the moment?
Click to expand...
Any email notifications regarding WP Toolkit can be configured via Tools & Settings > Notifications. You can search in the mail log if such messages are sent via your server to CloudLinux support. You can find the mail log via Tools & Settings > Log Browser > Mail.

Can you post the body of one such email (removing any private information)?
 
Thanks Kaspar. I've never been into there before. Log Browser. Looks like there's stuff going on that could reveal some issues.
I can't find a way of exporting a report, but thought I'd share a couple of images that might help.
This one comes up regularly.
1718642819134.png
This one also comes up, but I've recently found there were 2 DNS Records for domain.uk and removed them and created one, so they may not come up any more. It's just been a couple of days for now.
1718643039049.png
So the reason why Tickets would be sent from plesk to Cloudlinux Support, is what's baffling me. I want to stop that and now seeing these logs, I could perhaps fix some of the thing. Or know where to go to.
My Plesk Notifications are at a minimum so I don't believe there's anything else I can do there to be honest.

Happy to be told otherwise of course. :)
 
@Robert Alexander those are screenshot from the Plesk log and don't reveal much that could help you to stop getting mails sent to CloudLinux support.

My assumption, because it's hard to know for sure without knowing your exact server configuration, is that somewhere on your server the CloudLinux support email address has been added as a recipient for email notifications. I assume unintentionally. This could have been done at several different locations.

What would help to know is:
a) What exact emails are sent CloudLinux support? I assume you're have access to those support tickets? What is the subject and content of those tickets? Knowing this would make it a whole lot easier to determine where to look on the server for these notifications.
b) Who (which email address) is the sender that creates tickets with CloudLinux support?
 
Thanks Kaspar. Been away for a couple of days..
So the emails that are sent are related to WP Toolkit.
Here's one to show you.
WP Toolkit has detected new vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WP Toolkit to perform automatic actions when vulnerabilities are detected.
The following vulnerabilities were found in deactivated assets and have to be addressed manually:

Site: xxxx.com Open in panel (https://xxxx:8443/modules/wp-toolkit/index.php/index/list/id/1/checkSecurity/1/activeTab/1)
Medium Divi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.25.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
This record contains material that is subject to copyright. (https://wordfence.com)
Source: Wordfence (Divi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site Scripting)
Click to expand...

So that one I knew about and updated to vs 4.25.2
But that creates a ticket with Cloudlinux, which then sends me an automated reply, plus another email. So the ticket is outstanding and that means another email in 2 days if there is no response.

Now I do want to know if something is causing a problem or a security risk, but I don't want it generating a ticket with Cloudlinux.

The mail header shows it's from support@cloudlinux.zendesk.com to my email address.

For me that's the issue I can't resolve.
Thanks
 
Like I said in my previous post, my assumption is that somewhere on your server the CloudLinux support email address has been added as a recipient for email notifications. This can be done on several different locations. You'll have to search on your sever where exactly.

Some places (settings) that come to mind you can check:
1) Tools & Settings > Notification > WordPress site vulnerabilities found
Check if there are any additional email address configured for the Wordpress notifications.

2) Tools & Settings > Additional Administrator Accounts
Check if there are additional administrator accounts added (which might use the CloudLinux support email address)

3) Your own profile (on the top bar in Plesk click your name and click edit profile)
Check if your profile doesnt use the CloudLinux support email address

4) Check if there are no email forwards added
Check if you don't have any email forwards or forwarding rules configured which forward the Wordpress notifications to CloudLinux support.

Lastly check can check the mail log to see if it reveals any details about the Wordpress notifications sent to CloudLinux support from your server.
 
Good shout. So there is a Temp Admin Account to help Cloudlinux investigate that it's not their Software.
They were investigating something else before and have so a few times. Recently I left it on, so it's got to be that.
I'll contact them and I'll switch it off. Does checking "Suspend" on the account switch that off?

I'll also look at using Keys for them to have future access. That should sort it.
Thanks
 
You must log in or register to reply here.

Similar threads

T
WordPress NextGEN Gallery Plugin <= 0.96 - XSS Vulnerability
Replies
0
Views
804
Tinpeas
T
meymigrou
Issue Unable to backup WordPress site in Plesk "Backup created with minor issues occurred"
Replies
3
Views
832
Sebahat.hadzhi
Sebahat.hadzhi
V
Issue WordPress Toolkit vulnerability report unclear
Replies
2
Views
2K
avatolin
avatolin
J
Plesk Wordpress Toolkit: Broken Website! (Pls Help!)
Replies
1
Views
3K
custer
custer
D
Forwarded to devs Wordpress Toolkit incompatible with CLoudlinux CageFS
Replies
9
Views
3K
Altha Technology
Altha Technology
Back
Top