• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Control Panel - forgot password feature

Z

Zevo

Guest
I've had some targeted attempts to gain access to the Plesk control panel. These attempts are targeting specific users who have access to the control panel for their email. They have requested passwords using the control panel, which are in turn sent to the legit recipient.

My question: is there a log file that would show these requests (not the login itself like you can find in the action log). I'd like to see where these requests are coming from...I suspect a disgruntled employee.

Thanks.
 
If you know the approximate time the mails were sent (look at the headers) then you can probably correlate it to an http request in /usr/local/psa/admin/logs/httpsd_access_log
 
You must log in or register to reply here.

Similar threads

A
Question Plesk Admin - Bad Bot protection
Replies
4
Views
550
Alban Staehli
A
K
Forwarded to devs No password reset for additional admin accounts
Replies
2
Views
1K
Kaspar
K
T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
2K
thespark
T
S
Resolved Roundcube - remove option to change inital password
Replies
4
Views
3K
seqoi
S
L
Issue Being logged out of Plesk after nearly every page (error 400)
Replies
2
Views
3K
Himanshu Goyal
H
Back
Top