• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk slow

F

ferrisr

Guest
ever since i upgraded, plesk on port 8443 is deadly slow... any ideas why?
 
Also, the load average is over 20, and there are over 100 apache zombie processes. Hundreds of defucnt httpds, shes from apache user, and stuff... what is going on.
 
It's a bug, should be fixed with 7.5.2 (whenever they get around to releasing it).
The Admin panel is checking the rpm versions of all your server software before loading the page, instead of only checking when you ask it to.
 
ahh ok.

Found the slow + load average problem. One of my customers had one of the buggy phpBB versions. I checked the error logs and saw it downloading a perl bot to /tmp, i read the comment on it and it said what it was!
 
I suggest either diabling that user's domain until they upgrade their phpBB, mounting /tmp on it's own partition with noexec, mass-patching the viewtopic.php file, and/or installing mod_security on your server.
mod_security is of course one of the better ways to go, as it will patch several things going on with php right now... cross scripting, the bb exploit, so on and so forth.
The Process Resource MOnitor I was mentioning has a step-by-step at the Ev1 forum (http://forum.ev1servers.net/showthread.php?s=&threadid=25376)
eth0 from the Ev1 forum also has several "How-Tos" on his site... most notably are:
mod_security: http://eth0.us/?q=node/17
PHP Security (quick fix): http://eth0.us/?q=node/22
Securing tmp directory: http://eth0.us/?q=node/11

There's some other stuff there too, but these are the basics you should look into.
Also, on a side-note... look into a yum upgrade of PHP... atomicrocketturtle keeps pretty up to date on the archives he offers, and puts them through some pretty rigerous testing before making them "public stable"... upgrading your servers php to 4.3.10 (not the Plesk php, but the server PHP) might also help to prevent some of the exploits that are happening on your server.
Also look into rkhunter.. what's happening now can count as a server compromise, and could be more serious than it initially looks. Check over your server to make sure that all that has happened is a few files getting downloaded into tmp.
 
thanks. I will look into mod security. My server is running apache 2.0.52 and php 5.0.2 which i installd myself.
 
Plesk? No... not exactly.
Atomicrocketturtle released an updated version of phpbb for the Application Vault a month or two before the exploit was announced... you can get the update from his website in the yum repository.
I'm hoping that when they release the patch for 7.5.2, they take the time to include updated applications for the vault.
 
how can i tell plesk to block all ports under port 1024 except port 21 and port 80?
 
You must log in or register to reply here.

Similar threads

K
Question How to prevent Plesk Panel Slow
Replies
3
Views
237
Peter Debik
P
M
Issue New domains view very slow and confusing
Replies
1
Views
476
Peter Debik
P
S
Issue Mailman3, cpu near 100% all the time
Replies
0
Views
93
SalvadorS
S
L
Question Plesk backup over SFTP consumes the bandwidth of the network Interface.
Replies
5
Views
516
linuxman1
L
panelfront
Issue plesk-12.2.0/lib64/libstdc++.so.6: file too short
Replies
2
Views
211
Peter Debik
P
Back
Top