• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Security - Plesk & Ensim Differences

Z

zaph

Guest
We're looking at the Ensim to Plesk migration, and one concern we have is security. In Ensim, we use only high security sites that are chrooted to their own directories (including PHP and Perl scripts), but with Plesk this doesn't seem to be the case. Can anyone outline the current security in place between sites, and the main server files? If a site is compromised via PHP other another method, how is the damage limited to just that site? Does it rely solely on PHP's safe_mode and open_basedir for example?
 
Each domain has its own httpdocs dir on which only the domain's user has write permissions. Each domain by default has safe_mode on and an open_basedir path that only includes its httpdocs dir and /tmp. A PHP script running on domainA shouldn't be able to mess with files on domainB unless you start changing these defaults.

If you're looking for a nice security package for Plesk I can recommend checking out Atomic Secured Linux: http://www.atomicrocketturtle.com/Joomla/content/view/137/34/
 
Thanks breun. Can the scripts be run as the domain user (as CGI) rather than as apache/www? Is suPHP easy/possible to integrate? I've looked at Atomic Linux for some time, but it does seem to be focussed at the server level rather than securely running PHP or CGI scripts.

(Relying on safe_mode and open_basedir is a little worrying given the history of functions/extensions that have been shown to be able to be used to circumvent both over the years.)

Thanks again!
 
zaph said:
Thanks breun. Can the scripts be run as the domain user (as CGI) rather than as apache/www?
Click to expand...

CGI uses suexec, so CGI scripts use the domain user.

Is suPHP easy/possible to integrate?
Click to expand...

I believe it's possible, but not that easy right now. Search the forums for suPHP for more info on this. suPHP integration has been a much requested feature and it would be nice if Plesk used it.

I've looked at Atomic Linux for some time, but it does seem to be focussed at the server level rather than securely running PHP or CGI scripts.
Click to expand...

I'd argue that preventing people from exploiting your sites in the first place is even more important. It's a very good addition to your security setup I'd say.
 
Thanks for the info.

Prevention is obviously better, and lots can be done (keeping everything updated, mod_security, etc) but it's not possible to remove all risk with less than 100% control over hosting clients. People install/build insecure things all the time without realizing or caring, so minimizing/localizing the damage when it does occur is key. We haven't had a single incident that has gotten further than the site itself in years, so we're a little concerned about a system that relies on limits that have shown in the past unreliable at times.
 
If you're willing to work at it, plesk can be secure. You need to disable exec, etc allow_fopen_url, and about 30,000,000 other things in php. Basically, if php can't execute things from the command line, it can't get to other user's directories. sure, this isn't great, but it's better than the band aid mod security offers.


php is insecure. get used to it.
 
"Get used to it"

Yes, that seems to be the case with Plesk's implementation, unfortunately. It's not the case with Ensim.
 
Regarding Mod_suPHP there is in Atomic Blending (if I remember well) and is easy to install with yum install mod_suphp.
To manage the sites, based on mod_suphp read our How To and Power Toys can help to you visually.
Just use mod_suphp is not enough, ASL do the perfect job, we are use it and it is at a low price. mod_security, mod_dosevasive based on apache, other low level security measures and much more. Any server admin should use it in my opinion.
 
zaph said:
"Get used to it"

Yes, that seems to be the case with Plesk's implementation, unfortunately. It's not the case with Ensim.
Click to expand...


By get used to it, I mean get used to securing your machine. Even in ensim's implementation I bet I could find something I'd need to switch off. Never use a default install.
 
Indeed, given that your primary threats in a hosting environment are from the applications your users are installing (and never updating). The control panel is irrelevant.
 
su_php support in Plesk is scheduled for PSA 9.0 which I hear is scheduled for end of summer, which realistically means safe for use by end of Q4 (end of year).
 
You must log in or register to reply here.

Similar threads

F
Question Plesk Slave DNS & DNS Security
Replies
1
Views
2K
Peter Debik
P
S
Apache does not apply .htaccess directives for certain files after migration through Plesk Migrator
Replies
2
Views
3K
NewGate
N
S
Question open_basedir and WordPress, general consensus needed, configured or none?
Replies
6
Views
5K
Duarte N
D
michaeljoseph01
Question Imunify360 or fail2ban PLEASE give me your input
Replies
6
Views
4K
The 8th
The 8th
T
Question Fail2ban trying to setup a rule to ban ai bots
Replies
4
Views
4K
Bitpalast
Bitpalast
Back
Top