• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question RK Hunter warnings ?

Pascal_Netenvie

Regular Pleskian
Hi all,
Happy new year !

Some of my servers have some warnings in RK hunter report, like those one :
Code:
[01:01:20] Warning: The command '/usr/local/bin/rkhunter' has been replaced and is not a script: /usr/local/bin/rkhunter: POSIX shell script, ASCII text executable

[01:01:49] Checking '/etc/xinetd.d/ftp_psa' for enabled services [ Warning ]
[01:01:49] Checking '/etc/xinetd.d/poppassd_psa' for enabled services [ Warning ]
[01:01:49] Checking for enabled xinetd services            [ Warning ]
[01:01:49] Warning: Found enabled xinetd service: /etc/xinetd.d/ftp_psa
[01:01:49] Warning: Found enabled xinetd service: /etc/xinetd.d/poppassd_psa

[01:01:53]   Checking if SSH root access is allowed          [ Warning ]
[01:01:53] Warning: The SSH and rkhunter configuration options should be the same:
[01:01:53] SSH configuration option 'PermitRootLogin': no
[01:01:53] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': unset

[01:01:54] Checking for hidden files and directories       [ Warning ]
[01:01:54] Warning: Hidden directory found: /etc/.java

[01:01:54] Warning: Application 'gpg', version '1.4.12', is out of date, and possibly a security risk.

[01:01:54] Warning: Application 'sshd', version '6.0p1', is out of date, and possibly a security risk.

Is there something serious in these warnings ?
 
It looks like that you use custom /usr/local/bin/rkhunter
By default Plesk uses /usr/local/psa/admin/bin/modules/watchdog/rkhunter file.
But for preventing this warning you can add to file /usr/local/psa/etc/modules/watchdog/rkhunter.conf line like

SCRIPTWHITELIST=/usr/local/bin/rkhunter
 
Hi Igor,
Thx for answer.
Ok i will do it despite i never changed anything about rkhunter config but perhaps it come from my hoster basic conf.

Nothing serious about other warnings ?
 
Warning is not Error. I think that nothing suspicious there.
 
Back
Top