• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Security on plesk 7.5.6 (default permission user Everyone from C:\)

K

kbknkt

Guest
Hi, all
I have tried your plesk 7.5.6 (install in windows server
2003), butI have something problem about your software
Is there a place where I can find a guide on how to harden the
server's security?
If I use webadmin.php utility, I can have access to all the files
(view everything in my hard disk) in the server (a desirable hacker
tool) yet,. as an Admin of the server,. I'm not really happy with
this.
I found that your plesk software use permission for user Everyone from
C:\. I don't like that (for security I must be remove permission for
user Everyone from C:\, Leave only Administrator on C:\ )

I have removed user Everyone from C:\, and then Install your plesk
7.5.6 but it error to operation and roll back the install process).

I use permission for user Everyone from C:\ (Administrators - full
control over this folder, subfolders and files.SYSTEM - full control
over this folder, subfolders and files.Everyone - read and execute
permission for this folder only).
I also check permission for the plesk folder and Vitual host folder
following your document (plesk-7.5.6-win-reconfigurator-guide) and run
tool plesk reconfigurator
But, If I use webadmin.php utility, I can have access to all the files
(view everything in my hard disk) in the server (a desirable hacker
tool) yet,. as an Admin of the server,. I'm not really happy with
this.

I want "Remove user Everyone from C:\"
I want "Leave only Administrator on C:\"

etc..?
for security

Thanks
 
hi,
I have installed plesk 7.6.1 for windows but the same plesk 7.5.6
hic hic
 
could you please describe what is "webadmin.php utility" and how it configured and explane what "all the files" you can see via "webadmin.php utility"?
 
It is hacker tool, if you want to known about it,I will send it to you.
But my probelem is Plesk require permission to Everyone on C:\ and It is not security. It must be remove permission to Everyone on C:\

Thank you
 
sir, you cannot see "all the files" by any "hacker tool" because it is impossible.
you don't need remove permissions Everyone from disk root because this permissions "this folder only".
 
Thank you for your reply
I will check permission from root folder "permission for this folder only". But I have used reconfigurator tool of Pesk to set permissions on root folder (c:\), every permissions is default by Plesk Software. Then I use hacker tool (hosting on one domain acount that I created). I can see (list) every files from root folder (c:\). It is true, believe me.
Thank
 
it's true but you can see only list of files.
it will be security hole only if you will save all own important data to disk root.
 
Oh,
All files from root folder (c:\) can be list. Flowing me, all files (c:\) cannot be list from domain account, only files belong to them can be list.
thank
 
You must log in or register to reply here.

Similar threads

AYamshanov
Input Your experience with "Mail delivery troubleshooting" in Plesk
Replies
4
Views
468
Kaspar
K
I
Question Permission for Plesk ssh User
Replies
1
Views
1K
scsa20
scsa20
B
Issue Permissions - [Move Domain]
Replies
0
Views
665
bd7
B
K
Issue Accidentally removed permissions from admin@localhost
Replies
4
Views
729
kyon147
K
S
Issue Mounting in multiple disks to one domain results in permission denied 404 on webpage
Replies
1
Views
791
Snix
S
Back
Top