• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Server Hacked - Root Accounts Created

R

RaymondP

Guest
Hello,

I am helping to support an old Plesk box that was hacked earlier today. The owner upgraded their license and should be able to upgrade from 8.1.1 to 9.x now. I need to get the OS reinstalled first. The original operating system was debian linux. I have support licenses available for Red Hat Enterprise Linux. I'm a little uncertain about how well Plesk will handle the change in OS? Do I need to reinstall the same debian that was on the server before the problems started? Can I install RHEL, restore the plesk paths (what are they?), and then run an upgrade to get plesk up to the current version? How do I contact support? A new upgraded license was purchased today but the support form is rejecting my support requests? Any guidance on the best process for getting both the os and plesk upgraded to current would be appreciated. Thank you,

-Raymond
 
Youre in luck, all you need to do is back the system up with the psa backup utilities. This puts the plesk data into a distro-neutral format which you can use to restore on radically different OS's if you need to.

What I would recommend you do is if you can, do this on a second server and use the plesk migration manager or if thats not an option do a test run in a virtual machine. So you know what could go wrong in advance, SSL certificates for example, or if you're dealing with UTF-8 conversions on 8.1 to 9.x. All the kinds of things that you'll only find out when you're actually doing it :p

I have documented the restoration procedure we use on a compromised system here:

http://www.atomicorp.com/wiki/index.php/Compromised_System
 
The Plesk specific commands in steps 2 and 5 are what I was missing. Thanks!
 
The step 2 command for Pesk 8 and higher needs a fix:

/usr/local/psa/bin/pleskbackup --split=1G all /backups

The split and all commmands need to be reversed for it to work.

It complains of the --split is before the all.

FYI,

-Raymond
 
You must log in or register to reply here.

Similar threads

learning_curve
Resolved Permissions on some of the files packaged by Plesk are incorrect[ERROR] - Post 18.0.69 Upgrade
Replies
19
Views
1K
learning_curve
learning_curve
TimReeves
Issue Messages from a Plesk component appearing on root ssh console
Replies
9
Views
1K
TimReeves
TimReeves
Daerik
Issue Error Upgrading Plesk Obsidian 18.0.63 to 18.0.64: HTTPS Error 404 - Not Found (MaxScale Repo)
Replies
6
Views
3K
Daerik
Daerik
C
Question VM with Plesk and Ubuntu: Ubuntu Upgrade 22.04-LTS to 24.04-LTS fails
Replies
3
Views
1K
chris-taylor
C
Polli
Resolved Debian 12 upgrade not completed. Whats next?
Replies
6
Views
2K
Polli
Polli
Back
Top