I am testing plesk 9.2 on Windows server 2003. I tried hack this server by webshell (aspx & asp) Example: When i ran : <%@ Language=VBScript %> <% On Error Resume Next Dim oScript Dim gURL gURL = Request.ServerVariables("APPL_PHYSICAL_PATH") Set oScript = Server.CreateObject("WSCRIPT.SHELL") Call oScript.Run ("c:\\WINDOWS\\system32\\cmd.exe",1,True) %> Then task manager of server running file cmd.exe by users is : IWAM_Plesk(Default) Or when i used webshell (http://www.guru.net.vn/kshell_1.2.zip) , i can hacked website of other users in this server. I used plesk tools maked sure permission of server , but it is not fix that problems. I can't fix , who can secure , and fix that error ? Help me ? Thanks so much !