Facebook
TwitterMust be a misconfiguration of mod_remoteip.
At the end of /etc/apache2/plesk.conf.d/server.conf, there needs to be 127.0.0.1 added to the line RemoteIPInternalProxy.
@Peter Debik is that enough to forward to dev or should I open a bug?
-
Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring. We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design. If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
-
The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
Resolved SECURITY - attack surface : ports 7080 and 7081
- Thread starter trialotto
- Start date
At the end of /etc/apache2/plesk.conf.d/server.conf, there needs to be 127.0.0.1 added to the line RemoteIPInternalProxy.
@Peter Debik is that enough to forward to dev or should I open a bug?
Please report as a bug report: https://talk.plesk.com/form/1/select
It makes things much faster and easier to handle.
danami
Silver Pleskian
Guys this is actually fixed in Plesk 18.0.56 Update 2 which was just released:
docs.plesk.com
Change Log for Plesk Obsidian
Find out about changes, additions and updates to Plesk Obsidian on an iteration to iteration basis.
docs.plesk.com
danami
Silver Pleskian
@Peter Debik Unfortunately in my testing it looks like there is another big issue with this change. After enabling "plesk bin apache --listen-on-localhost true" the PHP $_SERVER["SERVER_ADDR"] reports as "127.0.0.1" instead of the real server IP address. This means that any PHP applications that previously used the $_SERVER["SERVER_ADDR"] will be broken (like WHMCS license checks for example).
@danami I cannot derive an internal bug report from the post as it requires a more detailed description with steps to reproduce and an example. If you want it processed fast, please use a support ticket for it, else please report it here: Issue Report | Plesk Forum
danami
Silver Pleskian
@Peter Debik I opened a bug report:
talk.plesk.com
Running plesk bin apache --listen-on-localhost true breaks PHP $_SERVER["SERVER_ADDR"];
Username: TITLE Running plesk bin apache --listen-on-localhost true breaks PHP $_SERVER["SERVER_ADDR"]; PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Product version: Plesk Obsidian 18.0.56.2 OS version: AlmaLinux 9.2 x86_64 Build date: 2023/10/26 16:00 Revision...
talk.plesk.com
2dareis2do
Basic Pleskian
I am running Version 18.0.57 and I am getting similar behaviour with Drupal.
e.g. Version 18.0.57
You can see an example here streathamlife.co.uk/ venues
Similar thread here New Server is randomly adding port 7081 on HTTPS requests
You can see an examp
after running the following command `plesk bin apache --listen-on-localhost true` i get the cannot find this server which I think is correct now.
Thanks
e.g. Version 18.0.57
You can see an example here streathamlife.co.uk/ venues
Similar thread here New Server is randomly adding port 7081 on HTTPS requests
You can see an examp
after running the following command `plesk bin apache --listen-on-localhost true` i get the cannot find this server which I think is correct now.
Thanks
2dareis2do
Basic Pleskian
Forcing apache to only listen to localhost seems like a sensible default to me.
2dareis2do
Basic Pleskian
Ok I realise now that the recommended fix also has undesirable consequences such as breaking awstats.
It also makes me wonder about the accuracy of the awstats and other metrics when using a reverse proxy.
It also makes me wonder about the accuracy of the awstats and other metrics when using a reverse proxy.
No, it doesn't.
2dareis2do
Basic Pleskian
Ok I have enabled mod security and ip2ban now with the new settings. Seems to be working without issue. Thanks
