Facebook
TwitterMust be a misconfiguration of mod_remoteip.
At the end of /etc/apache2/plesk.conf.d/server.conf, there needs to be 127.0.0.1 added to the line RemoteIPInternalProxy.
@Peter Debik is that enough to forward to dev or should I open a bug?
Resolved SECURITY - attack surface : ports 7080 and 7081
- Thread starter trialotto
- Start date
At the end of /etc/apache2/plesk.conf.d/server.conf, there needs to be 127.0.0.1 added to the line RemoteIPInternalProxy.
@Peter Debik is that enough to forward to dev or should I open a bug?
Please report as a bug report: https://talk.plesk.com/form/1/select
It makes things much faster and easier to handle.
danami
Silver Pleskian
Guys this is actually fixed in Plesk 18.0.56 Update 2 which was just released:
docs.plesk.com
Change Log for Plesk Obsidian
Find out about changes, additions and updates to Plesk Obsidian on an iteration to iteration basis.
docs.plesk.com
danami
Silver Pleskian
@Peter Debik Unfortunately in my testing it looks like there is another big issue with this change. After enabling "plesk bin apache --listen-on-localhost true" the PHP $_SERVER["SERVER_ADDR"] reports as "127.0.0.1" instead of the real server IP address. This means that any PHP applications that previously used the $_SERVER["SERVER_ADDR"] will be broken (like WHMCS license checks for example).
@danami I cannot derive an internal bug report from the post as it requires a more detailed description with steps to reproduce and an example. If you want it processed fast, please use a support ticket for it, else please report it here: Issue Report | Plesk Forum
danami
Silver Pleskian
@Peter Debik I opened a bug report:
talk.plesk.com
Running plesk bin apache --listen-on-localhost true breaks PHP $_SERVER["SERVER_ADDR"];
Username: TITLE Running plesk bin apache --listen-on-localhost true breaks PHP $_SERVER["SERVER_ADDR"]; PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Product version: Plesk Obsidian 18.0.56.2 OS version: AlmaLinux 9.2 x86_64 Build date: 2023/10/26 16:00 Revision...
talk.plesk.com
2dareis2do
Basic Pleskian
I am running Version 18.0.57 and I am getting similar behaviour with Drupal.
e.g. Version 18.0.57
You can see an example here streathamlife.co.uk/ venues
Similar thread here New Server is randomly adding port 7081 on HTTPS requests
You can see an examp
after running the following command `plesk bin apache --listen-on-localhost true` i get the cannot find this server which I think is correct now.
Thanks
e.g. Version 18.0.57
You can see an example here streathamlife.co.uk/ venues
Similar thread here New Server is randomly adding port 7081 on HTTPS requests
You can see an examp
after running the following command `plesk bin apache --listen-on-localhost true` i get the cannot find this server which I think is correct now.
Thanks
2dareis2do
Basic Pleskian
Forcing apache to only listen to localhost seems like a sensible default to me.
2dareis2do
Basic Pleskian
Ok I realise now that the recommended fix also has undesirable consequences such as breaking awstats.
It also makes me wonder about the accuracy of the awstats and other metrics when using a reverse proxy.
It also makes me wonder about the accuracy of the awstats and other metrics when using a reverse proxy.
No, it doesn't.
2dareis2do
Basic Pleskian
Ok I have enabled mod security and ip2ban now with the new settings. Seems to be working without issue. Thanks
