1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Performing a Security Update?

Discussion in 'Plesk for Linux - 8.x and Older' started by ijob, Sep 22, 2007.

  1. ijob

    ijob Guest

    0
     
    How do I perform a security update, I am new to plesk and this is my first security update to perform. I've recieved a message from my company saying:

    Follow the step-by-step guide below to update your server:

    Step 1: Log in as root to your server using SSH. (HOW DO I DO THIS?)


    Step 2: Rename the old file /usr/local/psa/admin/plib/class.Session.php
    on your Plesk for example:

    #cp/usr/local/psa/admin/plib/class.Session.php
    /usr/local/psa/admin/plib/class.Session.php.old


    Step 3: Select the hotfix for your Plesk version:

    * For Plesk v8.0.0 and v8.0.1:

    http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.0.1/114298/class.Session.php

    * For Plesk v8.1.0:

    http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.1.0/114298/class.Session.php

    * For Plesk 8.2.0:

    http://download1.swsoft.com/Plesk/Hotfix/PleskUnix/8.2.0/114298/class.Session.php


    Step 4: Put the downloaded file in the appropriate folder, for example
    # cp ./class.Session.php /usr/local/psa/admin/plib/class.Session.php


    Step 5: Restart Plesk using the command below:
    # /usr/local/psa/admin/bin/httpsdctl restart
     
  2. ijob

    ijob Guest

    0
     
    Can anyone advise please?
     
  3. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    You can also upgrade to Plesk 8.2.1, which has the fix for the SQL injection bug.

    I do recommend learning a thing or two about your Linux distribution and maintaining it, as you'll really also need to update your operating system packages to keep everything patched (just updating Plesk is not enough).

    You'll need an SSH client (there are lots of them, if you're running Windows, take a look at PuTTY, most other OSes come with an ssh client), but since you'll be logging in as root, first make sure you know what you're doing.
     
  4. ijob

    ijob Guest

    0
     
    I'm on a VPS, are there recommendations when upgrading plesk on a VPS?

    Ps, I don't have SSH
     
  5. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    Nothing special that I know of. Maybe your provider controls the upgrades, but if the Plesk Updater allows you to do it, then you can just upgrade that way.

    What do you mean exactly? You don't have root SSH access to your server? Then you won't be able to manually install the patch as outlined in the KB article. If you also cannot upgrade Plesk using the Plesk Updater then your provider will have to perform the upgrade.

    I you mean you don't have an SSH client, then you can download one.
     
  6. ijob

    ijob Guest

    0
     
    Update (and a big thanks for the patience and support, its frustrating being new to this)

    I've logged on through 'Putty', how do I rename a file as advised in 'step 2' in my original post? and continue with the patch update?

    Thanks
     
  7. breun

    breun Golden Pleskian

    29
     
    Joined:
    Jun 28, 2005
    Messages:
    1,647
    Likes Received:
    0
    The step tells you the exact command.
     
Loading...