• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Resolved Plesk panel apache fallowsymlink close

GiRGiN

GiRGiN

New Pleskian
This problem is inevitable especially in dealer accounts where the Plesk panel can be a bit of a hassle to turn off fallowsymlink on a server basis.
Attackers can create and read files on other accounts.

To turn off the fallowsymlink directive on a server-by-server basis, follow these steps.


Open the file via SSH or ftp.
Code: 
nano /etc/httpd/conf.d/userdir.conf

Add the following commands to the last line.
Code: 
<Directory "/var/www/vhosts/*/httpdocs">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

<Directory "/var/www/vhosts/*/*/">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

Reload the Apache server.
Code: 
service httpd reload
 
You must log in or register to reply here.

Similar threads

D
Resolved mysql: Deprecated program name. It will be removed in a future release, use '/usr/bin/mariadb' instead
Replies
3
Views
5K
Dagalidis
D
Bod
Question Upstream Apache directive blocking .htaccess file directives
Replies
5
Views
9K
Bod
Bod
D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
8
Views
9K
Isolde
I
TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
4K
aslotta
aslotta
F
Resolved FastCGI PHP 500 Internal Server Error cgi_wrapper failed to setgid
Replies
1
Views
5K
Fabrizio
F
Back
Top