• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Only subscribtion owner can view website statistics

Sergio Manzi

Regular Pleskian
Hello everybody... first post here, nice to meet you all!

I'm setting up two Plesk (12.5.30#40) instances under Centos 7.2 (comiing from cPanel, btw).

I have several issues, but one is becoming a real pain in the neck:

For a domain I have two Plesk users:
  • Domain owner (unix user xxx)
  • Webmaster
Webmaster has the following permissions:
  • Create and manage databases
  • View statistics
  • Upload and manage files
  • Create and manage mail accounts
  • Create and manage mailing lists
I also created an "FTP Access" with name "xxx_logs" and "Home directory" set to /

When webmaster tries to access "Web Statistics" (Awstats) he is asked for a username (as I've set the corresponding option to limit access to FTP users).

Now the problem: if webmaster tries to use the "xxx_logs" username/password he is denied access. Only using the "xxx" username/passwords he can see the Web statistics.

This obviously denies the the benefit of having the somehow-limited webmaster account as he must be given the xxx username/password to view statistics...

Is there anything wrong with the above configuration, or I'm facing a bug?

Thanks to whomever can help me!
 
I'm really really sorry bumbing this, but I think I made my homework reading whatever I could find about the issue and trying whatever I could conceive, but I've yet to find a solution.

Is there anybody that can help me with this:
  • Is it correct to assume that not only a subscription owner, but also other secondary users defined under a subscription can access the statistics (Awstats) via the Plesk control panel, given they have the correct authorizations and are also defined as FTP users?

  • If yes, how? Whatever I tried (see my previous post) and something more (like assigning a chrooted shell to the secondary users) have failed...

Thanks!
Sergio
 
Hi Sergio Manzi,

you could achieve your goal by adding additional htaccess - rights for an additional user at "/var/www/vhosts/system/YOUR-DOMAIN.COM/pd/d..httpdocs@plesk-stat" - the equivalent of a ".htpasswd" - file ( in this case for the protected Plesk-Stat - location, defined in your domain - specific apache2 configuration.
Example for german language:
Code:
        <Directory "/var/www/vhosts/system/YOUR-DOMAIN.COM/statistics">
            AuthType Basic
            AuthName "Domainstatistiken"
            AuthUserFile "/var/www/vhosts/system/YOUR-DOMAIN.COM/pd/d..httpdocs@plesk-stat"
            require valid-user
        </Directory>

Be aware that the password has to be encrypted and each line stands for an user and it's password.
Use for example "http://www.htaccesstools.com/htpasswd-generator/" to generate and manually add the user and it's password, or use your command line:

htpasswd /var/www/vhosts/system/YOUR-DOMAIN.COM/pd/d..httpdocs@plesk-stat NEWUSERNAME

This adds or modifies the password for user NEWUSERNAME - you will be prompted to add a password, when you use the above command over the command line and either the user and it's password will be added, or modified.

More informations to the "htpasswd" - usage can be read at: http://httpd.apache.org/docs/current/programs/htpasswd.html
 
Thanks, UFHH01, I think we are on the right path:

I managed to add the needed user to the domain's d..httpdocs@plesk-stat file using the htpasswd command (I tend not to use external services for this kind of things...), but I still have a stupid newbie question: where do I put the <Directory>...</Directory> code?
 
... ah, I see, there is no need for me adding that: it is probably already part of the virtual host configuration... :rolleyes:

Thanks again, UFHH01, it works!! Flagging your answer...

Cheers!

Sergio
 
it is probably already part of the virtual host configuration... :rolleyes:
Correct... pls. see: "/var/www/vhosts/system/YOUR-DOMAIN.COM/conf/httpd.conf" or "/var/www/vhosts/system/YOUR-DOMAIN.COM/conf/httpd_ip_default.conf"

I'm glad that you solved your issue. :)
 
Back
Top