• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Plesk servers below 8 can be easely hacked, for v8 and above other problems!

M

Markus@

Guest
For people readed my other post, as you see the Plesk server 7.5.4 and below can easely beign hacked via php because it is not secured by Plesk.

What happends now in Plesk 8, all sites standard run php safe mode on.
This can be changed via setup but i have thousands of customers and cannot undo this in one time.

BEFORE NO SECURITY, NOW TO MUCH SECURITY.

Now with safe mode on on, people cannot upload files anymore, disabling safe mode makes uploading possible.

But with safe mode on you can upload files IF PLESK DID ITS JOB PERFECTLY.

PLESK, READ http://pkp.sfu.ca/support/forum/viewtopic.php?p=2875&sid=95402bc8f8234b50b1119333f1b617f1

IF YOU STANDARD ENABLE SAFE MODE PEOPLE CANNOT UPLAOD FILES ANYMORE.
WHEN USING THE TRICKS ON http://pkp.sfu.ca/support/forum/viewtopic.php?p=2875&sid=95402bc8f8234b50b1119333f1b617f1

PEOPLE ARE ABLE TO UPLOAD AGAIN.

WHY INSTALL SAFE MODE STANDARD ON WHEN ALL SITES FUNCTIONALITY WILL FAIL, while you complete your job by using http://pkp.sfu.ca/support/forum/viewtopic.php?p=2875&sid=95402bc8f8234b50b1119333f1b617f1 so people there sites works again???????????

I refuse to pay any invoice for Plesk from now on.

First no security, then way to much.

I AM NOW BUSY MONTHS WITH MY CUSTOMER SUPPORT INSTEAD OF SELLING.

6 MONTHS DAY AND NIGHT HASSLE.

I AM QUITTING IT NOW.

I REFUSE TO PAY ANY INVOICE I HAVE HAD IT AND START MY OWN PANEL.
 
First, and foremost, let me be the umpteenth person to tell you... IT IS YOUR JOB TO SECURE YOUR SERVER, NOT SW-SOFT'S. With that said, and the previous interactions I've had either with your statements, or just my reactions to your statements blaming someone else for the insecurities you left open, I'll be the first to tell you...

GOOD BYE

While this may be harsh in some peoples' eyes, I'm sure a majority of those who frequent the forums, and have seen you repeatedly blaming plesk for your server being hacked, will see it my way. Now, they may not say it, but they're probably shaking their heads right now in agreement.

With that said, comes the following. I'm sorry you're not pleased with the product. But, as anyone will tell you, if you're not happy with what you've got, get something else. You'll find out fast why it was the way it was. The grass is greener on the other side... -- Words to live by.

Good luck with your project, and best wishes to you, and I'll leave it at that.

-John
 
I must say I completely agree with Who-m3. Plesk is here to help you offer your clients an easy, effective way to run their businesses on the web. It's a control panel - not a security product. It's YOUR responsibility to secure the server - that's why your clients pay you. Your blaming Plesk because you are inadequate in locking down your server is a bit much. I have used Plesk for over 4 years and have never been hacked or had spam delivered from my servers. That's not a tip of the cap to SW-Soft, I take the responsibility and make sure I know enough to secure my servers. Either that or I hire someone with more expertise.

And why are you venting on this forum? This forum is made up of users helping users, there are no SW-Soft people listening to you here. We sure don't need your "yelling" in caps and directing us to other sites to validate what you are saying. Please - purchase a C-Panel license and go bother them for a while.

As you have been told a few times on this forum - GOOD BYE!
 
Not one Control Panel is perfect. Each one have some small bugs, issues, but regarding PLESK, I never heard that have security bug THE PLESK, not the PHP or MySQL or other soft on server.
If you have up2date and also you secure your server against attacks, you will be safe.
Of course is never enough, but you are in hosting business, not just sell, some work required too.

In my signature you can see a small HOW TO, maybe help you to setup your server.

PS: phoenixisp Can you check our HOW TO and see if you can extend, comment it? TX
 
lvalics - great job, no kidding! The only thing that I can see missing (or I missed it) is in the port configuration of APF. If memory serves me, port 5224 must be open for Plesk to check the status of the key. Other than that - an excellent HOW TO!
 
You must log in or register to reply here.

Similar threads

G
How hosting companies can respond to customers expectations
Replies
0
Views
2K
Guest Author
G
J
Plesk Onyx – Designed for Vultr.com
Replies
0
Views
3K
Joerg Strotmann
J
J
Plesk Onyx – Designed for Vultr.com
Replies
0
Views
3K
joerg
J
L
Migrate to Plesk on AWS from Plesk, cPanel or DirectAdmin
Replies
0
Views
5K
Lukas Hertig
L
A
How can an e-mail user change its own password?
Replies
17
Views
11K
DaveKay
D
Back
Top