• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Performing a Security Update?

I

ijob

Guest
How do I perform a security update, I am new to plesk and this is my first security update to perform. I've recieved a message from my company saying:

Follow the step-by-step guide below to update your server:

Step 1: Log in as root to your server using SSH. (HOW DO I DO THIS?)


Step 2: Rename the old file /usr/local/psa/admin/plib/class.Session.php
on your Plesk for example:

#cp/usr/local/psa/admin/plib/class.Session.php
/usr/local/psa/admin/plib/class.Session.php.old


Step 3: Select the hotfix for your Plesk version:

* For Plesk v8.0.0 and v8.0.1:

http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.0.1/114298/class.Session.php

* For Plesk v8.1.0:

http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.1.0/114298/class.Session.php

* For Plesk 8.2.0:

http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.2.0/114298/class.Session.php


Step 4: Put the downloaded file in the appropriate folder, for example
# cp ./class.Session.php /usr/local/psa/admin/plib/class.Session.php


Step 5: Restart Plesk using the command below:
# /usr/local/psa/admin/bin/httpsdctl restart
 
You can also upgrade to Plesk 8.2.1, which has the fix for the SQL injection bug.

I do recommend learning a thing or two about your Linux distribution and maintaining it, as you'll really also need to update your operating system packages to keep everything patched (just updating Plesk is not enough).

You'll need an SSH client (there are lots of them, if you're running Windows, take a look at PuTTY, most other OSes come with an ssh client), but since you'll be logging in as root, first make sure you know what you're doing.
 
I'm on a VPS, are there recommendations when upgrading plesk on a VPS?

Ps, I don't have SSH
 
I'm on a VPS, are there recommendations when upgrading plesk on a VPS?

Nothing special that I know of. Maybe your provider controls the upgrades, but if the Plesk Updater allows you to do it, then you can just upgrade that way.

Ps, I don't have SSH

What do you mean exactly? You don't have root SSH access to your server? Then you won't be able to manually install the patch as outlined in the KB article. If you also cannot upgrade Plesk using the Plesk Updater then your provider will have to perform the upgrade.

I you mean you don't have an SSH client, then you can download one.
 
Update (and a big thanks for the patience and support, its frustrating being new to this)

I've logged on through 'Putty', how do I rename a file as advised in 'step 2' in my original post? and continue with the patch update?

Thanks
 
Back
Top