Facebook
Twitter
Noturns
Regular Pleskian
Yesterday (sunday afternoon) i created two new subscriptions with wordpress. Today (monday afternoon) i noticed that these two new Wordpress directories where corrupted.
In (Plesk) Wordpress Installations panel (where i manage WP installations) it said Wordpress directory was not found with both of the site subscriptions. I'm unsure if this was caused by the Wordpress secure-tool or my weekly watchdog scan.
Watchdog performs this weekly scan at every monday morning
- Pleask Web Server
- Web Server (Apache)
- SMTP Server (Postfix)
- Courier POP3 Server
- Courier POP3 Server with SSL/TLS support
- Courier IMAP server
- Courier IMAP server with SSL/TLS support
- Courier Authentication daemon
- DNS Server (BIND)
- MySQL
- Plesk SpamAssassin
- Parallels Premium Antivirus
- Plesk Postfix milter filter
- Fail2Ban authentication failure monitor
I looked at my watchguard log files. The only strange thing that i found was this:
[01:01:28] Checking for passwd file changes [ Warning ]
[01:01:28] Warning: Users have been added to the passwd file:
[01:01:28] systele1:x:10019:503::/var/www/vhosts/***site1***:/bin/false
[01:01:28] syspex1:x:10020:503::/var/www/vhosts/***site2***:/bin/false
[01:01:28] Warning: Users have been removed from the passwd file:
[01:01:28] syspex1:x:10015:503::/var/www/vhosts/***site2***:/bin/false
I have no idea where to start the diagnose/troubleshooting. For now i have fixed it by removing the current wordpress DB and reinstalling wordpress again. I want to avoid that next week i need to rebuild wordpress again. I look forward in reading your replies. Please advise - thanks in advance.
Update: The CentOS server is still running good and no strange incident have occurred since the previous incident.
In (Plesk) Wordpress Installations panel (where i manage WP installations) it said Wordpress directory was not found with both of the site subscriptions. I'm unsure if this was caused by the Wordpress secure-tool or my weekly watchdog scan.
Watchdog performs this weekly scan at every monday morning
- Pleask Web Server
- Web Server (Apache)
- SMTP Server (Postfix)
- Courier POP3 Server
- Courier POP3 Server with SSL/TLS support
- Courier IMAP server
- Courier IMAP server with SSL/TLS support
- Courier Authentication daemon
- DNS Server (BIND)
- MySQL
- Plesk SpamAssassin
- Parallels Premium Antivirus
- Plesk Postfix milter filter
- Fail2Ban authentication failure monitor
I looked at my watchguard log files. The only strange thing that i found was this:
[01:01:28] Checking for passwd file changes [ Warning ]
[01:01:28] Warning: Users have been added to the passwd file:
[01:01:28] systele1:x:10019:503::/var/www/vhosts/***site1***:/bin/false
[01:01:28] syspex1:x:10020:503::/var/www/vhosts/***site2***:/bin/false
[01:01:28] Warning: Users have been removed from the passwd file:
[01:01:28] syspex1:x:10015:503::/var/www/vhosts/***site2***:/bin/false
I have no idea where to start the diagnose/troubleshooting. For now i have fixed it by removing the current wordpress DB and reinstalling wordpress again. I want to avoid that next week i need to rebuild wordpress again. I look forward in reading your replies. Please advise - thanks in advance.
Update: The CentOS server is still running good and no strange incident have occurred since the previous incident.
Last edited:
