• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Protect plesk panel 11.5 with htaccess(auth basic)

Azurel said:
Where I can find nginx config
Click to expand...

Code: 
/usr/local/psa/admin/

NB: Do not meddle with plesk system files (this could break your plesk or even changes be overwritten on the next upgrade), unless you are sure you know what you are doing :)
 
I'm the only one with access to plesk 11.5.x on my server. For me this gives a feeling of much more security.

A todo to protect plesk with htaccess auth would be great!
 
.htaccess isnt so secure as you may think, it can too be broken ..

However, sure way would be to use the firewall module to BLOCK all access to port 8443 except for the networks you define (your own networks). The danger of this is you could easily lock your self out ..

But if you have SSH access to your server I would recommend installing CSF to do the limitations on ports and extra firewall / restrictions features that ship with it ..If you need professional support installing and configuring it, see by signature :)
 
Thanks, but my last info is:
Panel now uses nginx as the internal web server (used to host the Panel GUI) instead of lighttpd.
Click to expand...

So I think .htaccess have nothing to do with this. A htaccess file is (only in my eyes) a bad practice. nginx not support this for performance reason, all setting must store in config file. I have disable htaccess in my vhosts.conf and set all in my vhost.conf of each domain. :)
 
Can anybody help here to protect plesk gui with a basic auth?

Where is the config file for plesk intern nginx server?


This is not working, I have test it.
abdi said:
In that case go to

Code: 
/usr/local/psa/admin/htdocs

And password protect it ...
Click to expand...
 
Azurel,

You can try to use next steps to get expected result:

# Create /etc/sw-cp-server/conf.d/protect-plesk.inc with content:
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/sw-cp-server/conf.d/passwd;
}

# Generate passwd file
htpasswd -c /etc/sw-cp-server/conf.d/passwd admin

# Set correct permissions:
chown sw-cp-server:psaadm /etc/sw-cp-server/conf.d/passwd
chmod 640 /etc/sw-cp-server/conf.d/passwd

# Restart panel web server
/etc/init.d/sw-cp-server restart

Don't shy to ask if you need more info!
 
SergeyUgdyzhekov said:
# Create /etc/sw-cp-server/conf.d/protect-plesk.inc with content:
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/sw-cp-server/conf.d/passwd;
}

# Generate passwd file
htpasswd -c /etc/sw-cp-server/conf.d/passwd admin

# Set correct permissions:
chown sw-cp-server:psaadm /etc/sw-cp-server/conf.d/passwd
chmod 640 /etc/sw-cp-server/conf.d/passwd

# Restart panel web server
/etc/init.d/sw-cp-server restart
Click to expand...

This working perfectly! Thank you so much. :praise:

I changed creating password to
Code: 
htpasswd -cm /etc/sw-cp-server/conf.d/passwd [I]username[/I]
added parameter -m for "-m Force MD5 encryption of the password.". Default (here with me) is Crypt and not MD5. Crypt is very old and only use first 8 chars of your password. I want a very long password. :)

Thanks!
 
does this solution stay active with future updates?


SergeyUgdyzhekov said:
Azurel,

You can try to use next steps to get expected result:

# Create /etc/sw-cp-server/conf.d/protect-plesk.inc with content:
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/sw-cp-server/conf.d/passwd;
}

# Generate passwd file
htpasswd -c /etc/sw-cp-server/conf.d/passwd admin

# Set correct permissions:
chown sw-cp-server:psaadm /etc/sw-cp-server/conf.d/passwd
chmod 640 /etc/sw-cp-server/conf.d/passwd

# Restart panel web server
/etc/init.d/sw-cp-server restart

Don't shy to ask if you need more info!
Click to expand...
 
It should stay with just minor updates...(even with major updates as long as they don't change the folder structure)
 
You must log in or register to reply here.

Similar threads

N
Question Add basic auth to login_up.php
Replies
6
Views
8K
kpushkarev
K
duy13
[AntiDDoS] for Plesk Panel with vDDoS Proxy Protection
Replies
0
Views
2K
duy13
duy13
IronDonDon
Plesk+LiteSpeedENT+WP Tookit rules
Replies
0
Views
992
IronDonDon
IronDonDon
WebHostingAce
Input Magento 2 | Plesk | Varnish Setup in a Docker
Replies
1
Views
5K
WebHostingAce
WebHostingAce
G
Question basic question nginx proxy with apache
Replies
0
Views
580
gijsbert
G
Back
Top