Why gaining Facebook Access to the Servers Plesk Admin Panel?

[netsetter]

.
.
.
Shouldn't this be an absolute "no go" to have Facebook scripts on every page of the servers plesk admin panel by default (since Plesk 11.5) ?
.
.
.

 

[Sven L.]

? what are you talking about?

i have a clean centos 6.4 and a clean plesk 11.5 install and there is nothing from facebook anywhere and much less "by default"

maybe you have some browser trojan virus or maybe your hosting company inserted something to your plesk installation?

 

[craigh]

There is an active Facebook "like" icon in the bottom, left-hand corner of my screen when I'm logged into Plesk as admin (version 11.0.9 still, because it seems 11.5 will never be stable), so I see it too and I'm pretty sure my machine is clean. Can't speak for the Parallels partner from whom I have licensed this installation, but I doubt that they would insert a "like" icon to advertise for Parallels and not themselves.

 

[Sven L.]

correct, there is a "like" button which is a very simple and clean code that does absolutely nothing to your server...

do you think that's what the OP means when he sais "Why gaining Facebook Access to the Servers Plesk Admin Panel" in his title?

 

[craigh]

correct, there is a "like" button which is a very simple and clean code that does absolutely nothing to your server...

do you think that's what the OP means when he sais "Why gaining Facebook Access to the Servers Plesk Admin Panel" in his title?

Yes, that was my interpretation of his question. I tend to have facebook.com blocked on my machine anyway, so I usually don't see it (just a grey rectangle where it would be). I'm also happy to report that (last time I looked) it doesn't appear in clients' control panels; only the admin control panel.

You're right that it's not a risk to the server, but having already given Parallels my money, I really don't think they should be advertising inside *my* control panel and also allowing Facebook to track me. (I suspect that's really the OP's issue, actually.) At least it's not as bad as it was when version 8 came out a few years ago, which is why I didn't upgrade from 7 at that time.

 

[netsetter]

About "gaining access" in the title, it wasn't my intention to irritate someone.

It's perhaps not like giving facebook a direct key for the door, but you will open a window.
The facebook script is blocked on my system as well, but thinking forward, some server admins still have no scripts blocked in their browser, or if they have to use another browser just for some reason.
Everone knows (or should) that Facebook is creating shadow profiles of everyone and everything, so also inclusive the IP of the server, the web url + port of the admin panel, your ip, your system information and what else is being submitted by default without even pressing this button. Then collecting this information and merging it with already collected data from "partners" (which may already include some of your passwords and what you've eaten today, and so on...)

And haven't spoke yet about the friendship of facebook and the NSA and their cyber world war and this is not the forum about such a debate I think, so to keep things focused the question was about if it's really a good idea to have this spy-script right in an admin control panel?

 

[Nikolay.]

FYI: http://kb.parallels.com/en/114040

 

[Sven L.]

FYI: http://kb.parallels.com/en/114040

well Nikolay.

it seems that the KB talks about HIDING the button... but what I have seen so far in this post is that they want to DELETE IT COMPLETELY

 

[Nikolay.]

Did you bother to check whether embedding code doesn't go away?

 

[Sven L.]

No, I did not bother. for 2 reasons

1) I don't mess with config files unless I know 100% what it will actually do, and that's what I asked

2) I am not even the person interested in that, it's netsetter. I just pointed out that the KB you linked said "hide" instead of "remove"

 

[netsetter]

When the administrator clicks the Like button in Panel, a story appears in the user's friends' News Feed with a link back to page.

The question is, what's submitted already to facebook when the administrator just loads the admin panel?
I mean, as administrator, when I see Javascript + iFrame + Facebook then I have already 3 reasons to think that the security is on a low level somehow.