Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature currently requires accessing the site using the built-in Safari browser.
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread: CentOS2Alma discussion
Inviting everyone to the UX test of a new security feature in the WP Toolkit For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.
Jan 19 12:09:15 h1980282 sshd[27961]: Accepted publickey for bmweb from xxx.xxx.xxx.xxx port 12493 ssh2
Jan 19 12:09:15 h1980282 sshd[27961]: pam_unix(sshd:session): session opened for user bmweb by (uid=0) Jan 19 12:09:15 h1980282 sshd[27961]: error: ssh_selinux_setup_pty: security_compute_relabel: Invalid argument
Jan 19 12:09:15 h1980282 sshd[27964]: Received disconnect from xxx.xxx.xxx.xxx: 11: disconnected by user
Jan 19 12:09:15 h1980282 sshd[27961]: pam_unix(sshd:session): session closed for user bmweb
how come uid for this user is 0 ?
users that are configured to have chroot access will be unable to login via ssh "/bin/bash (chrooted)"
yeah sure...
i made a new policy that allows bash and integrated it in selinux
just like this...take a look into /var/log/messages (on RH Based Linux)
Jan 19 12:46:43 h1980282 plesk-chrootsh[4300]: execv("/bin/bash") failed
Jan 19 12:46:43 h1980282 plesk-chrootsh[4300]: system error: Permission denied
Jan 19 12:46:45 h1980282 setroubleshoot: SELinux is preventing /usr/local/psa/bin/chrootsh from execute access on the file /var/www/vhosts/***/lib64/ld-linux-x86-64.so.2. For complete SELinux messages. run sealert -l d0a4c45a-b7c6-4472-b299-37087e8e0018
execute the command sealert -l d0a4c45a-b7c6-4472-b299-37087e8e0018
For Example you will get some output like:
SELinux is preventing /usr/local/psa/handlers/hooks/dk_check from read access on the fifo_file fifo_file.
If you believe that dk_check should be allowed read access on the fifo_file fifo_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep dk_check /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
If you want to ignore dk_check trying to read access the fifo_file fifo_file, because you believe it should not need this access.
Then you should report this as a bug.
You can generate a local policy module to dontaudit this access.
Do
# grep /usr/local/psa/handlers/hooks/dk_check /var/log/audit/audit.log | audit2allow -D -M mypol
# semodule -i mypol.pp
do both commands but be sure to use a more specific policy name than just mypol
the following semodule command will take some seconds to finish.