Archive for the ‘Plesk’ Category

Howto: Install mod_python on Plesk

Wednesday, May 10th, 2006

This is a simple guide to install/upgrade mod_python on a Plesk RHEL box, running Apache 2.0.x. You need to have at least Python version 2.2.1 installed for this to work.

I could not get mod_python version 3.2.8 running at the time of writing.

  1. Download and extract mod_python:

    cd /usr/local/src
    wget http://apache.mirrors.pair.com/httpd/modpython/mod_python-3.1.4.tgz
    tar zxvf mod_python-3.1.4.tgz

  2. Configure & install mod_python

    cd mod_python-3.1.4
    ./configure --with-apxs=/usr/sbin/apxs (check where your apxs is by typing: locate apxs)
    make
    make install

  3. Configure Apache:

    vi /etc/httpd/conf.d/pyhton.conf

    Locate your LoadModule – section and add the following line under the others:

    LoadModule python_module modules/mod_python.so

  4. Installation done, now time for testing:

    First go to a publicly accessible directory. Make a test directory for mod_python by typing:

    mkdir python

    Now open vi and write the following lines:

    AddHandler python-program .py
    PythonHandler testingpython
    PythonDebug O
    n

    save the file as .htaccess.

    Now open up vi again and copy/paste the following lines:

    from mod_python import apache

    def handler(req):
            req.send_http_header()
            req.write("Hello World!")
            return apache.OK

    close and save as testingpython.py. Those are tabs not spaces. If you left align everything you will get this error:

    IndentationError: expected an indented block (testingpython.py, line 4)"

    Now restart Apache by typing: service httpd restart

Take your browser to www.mydomain.com/python/testingpython.py and you should see “Hello World!” If you can see this message then you have succesfully installed mod_python.

Dr.Web, qmail & SpamAssassin on Plesk 7.5.4

Wednesday, May 3rd, 2006

For some reason the Dr.Web, qmail and SpamAssassin integration on Plesk sometimes does not work properly after an upgrade.

It is important to make sure that the binaries in the /var/qmail/bin directory have the following permissions, to enable Dr.Web, qmail and SpamAssassin to work together.

-r-s–x–x 1 drweb qmail 161024 Mar 19 01:34 qmail-queue
-r-s–x–x 1 drweb qmail 161024 Mar 19 01:34 qmail-queue.drweb
-r-s–x–x 1 qmailq qmail 15936 Aug 24 2005 qmail-queue.origin

The process runs as follows:

  1. Incoming mail will be delivered using the qmail-queue binary, which is a specially compiled version that allows qmail to scan the email for viruses.
  2. The qmail-queue binary will write a temporary file in the /var/drweb/spool/ directory. It is therefore important to check the permissions on the /var/drweb/spool/. They should be:

    drwxrwx— 2 drweb nofiles 4096 May 3 13:20 spool

  3. The qmail-queue binary will also read the /etc/drweb/drweb_qmail.conf file and it will execute the file found in the QmailQueue = tag, once virus scanning is complete. The QmailQueue = tag usually contains:
    /var/qmail/bin/qmail-queue.origin

  4. After the virus scanning process completes, the qmail-queue.origin binary will run. This binary will in turn run the SpamAssassin rules as defined in each users configuration.

The following files maybe useful in locating a problem:

  1. /usr/local/psa/var/log/maillog – This file contains the mail logs and you will quickly see if any errors are being generated in it.
  2. /var/drweb/log/drwebd.log - This file contains the Dr.Web logs for all scanned emails.

Plesk 7.5.4 Restore

Thursday, April 27th, 2006

Finally I had to do a Plesk restore. I think I may have developed an ulcer trying to prepare for this event, but I have survived it.

I had a full Plesk dump following the backup method mentioned here.

The restore was quite straight forward:
1. I had to create an ip map file. My file contained the following information, since I was restoring Plesk to the same server:
10.0.0.24 -> eth0 : 10.0.0.24 255.255.255.255 (Only this single line). The file was called: ipmap
2. The restore required a shells map file. My file contained the following information, since I was restoring Plesk to the same server:
/bin/sh => /bin/sh
/usr/local/bin/rbash => /usr/local/bin/rbash
/usr/bin/false => /usr/bin/false
/bin/csh => /bin/csh
/bin/bash => /bin/bash

The file was called: shellsmap

I then ran a test restore, using the following command:
cat <backup_file_base>.* | /usr/local/psa/bin/psarestore -t --force --restore-admin --restore-server -m ipmap -s shellsmap -f -

Finally I ran a full restore, using the following command:
cat <backup_file_base>.* | /usr/local/psa/bin/psarestore --force --restore-admin --restore-server -m ipmap -s
shellsmap -f -

During the restore I had a large number of errors, about:

sh: – : invalid option
Usage: sh [GNU long option] [option] …
sh [GNU long option] [option] script-file …

It would however appear as if these errors had very little impact on the over all restore.

The biggest problem I had after the restore was that no FTP account was working any more. Luckily I wrote a little script to extract the FTP usernames and passwords from the database and then used the information to reset the password on the system account. This fixed the problem.

Upgrading Plesk

Wednesday, March 1st, 2006

Since Plesk Reloaded version 7.5.3, one can disable the quotacheck for the upgrade procedure, which will increase the speed of the upgrade.

As per the documentation:

If PLESK_QUOTACHECK_OFF environment variable is not empty then quotacheck will be skipped during Plesk installation.

Plesk 7.5.4, MySQL 4.1.x and PHP 4.x.x

Wednesday, December 21st, 2005

Although it seems that Plesk 7.5.4 for Unix/Linux is almost compatible with MySQL 4.1.x, there is one problem with the PHP 4.x.x series, that still uses the old MySQL 3.23.x libraries to interface to MySQL. If you have the above scenario on your server you have to set MySQL 4.1.x to use the old password format or you will receive an error along the lines of:

Error (1251) : Client does not support authentication protocol requested by
server; consider upgrading MySQL client.

Adding the entry below to the [mysqld] section of your /etc/my.cnf file solves the problem:

old_passwords=1

File Manager cant access httpdocs

Wednesday, August 17th, 2005

You receive the following error when accesing httpdocs through the control panel,

Unable to change directory to /httpdocs/: Invalid file name.

The problem is caused by invalid charachters in the files names uploaded, so fat it seems that the following could
cause the problem,

“&”, “`”, “‘ “, ” [ and ]”

The solution is to change the filenames.

Unable to remove sub domains from Plesk for windows

Monday, August 15th, 2005

The normal cause of this is that IIS lost the sub domain entry.

Without this entry you won’t be able to manage the sub domain in your Plesk Control Panel.

The entry must be re-created in IIS.

When creating the sub domain in IIS, the default path for the sub domain to use,
C:\Inetpub\vhosts\domain.co.za\subdomains\test\httpdocs

Once added log into the control panel and remove or edit the sub domain.

Moving tomcat4 logging on Plesk

Monday, August 8th, 2005

To add logging on a Plesk-Tomcat 4 server, to a domain name, add the following code to the server.xml file.

<logger className="org.apache.catalina.logger.FileLogger" directory="/home/httpd/vhosts/mydomain.com/tomcat4" suffix=".log" timestamp="true"/>

Make sure that the /home/httpd/vhosts/mydomain.com/tomcat4 directory have the following permissions:

drwxrwxr-x 2 root tomcat4 4096 Aug 8 17:35 tomcat4

(24) Too many open files (errno: 24)

Monday, June 13th, 2005

When attempting to start apache, I received some errors indicating that I hav reached the maximum number of open files.

[error] System: Too many open files (errno: 24)

This is caused by apache and RedHat setting their open file limits too low. Be forwarned, an older system could see a serious degredation in performance by setting these limits too high. To correct this you will need to do the following:

Edit /etc/sysctl.conf. Add a new line with: fs.file-max = 8192 (The default is 1024) The change to the /etc/sysctl.conf will make the setting persistant over reboots.

To immediately increase the number of open files, use ulimit -n 8192.

To view all the current ulimit‘s. you my run: ulimit -a.

Tomcat 4 & Graphics

Monday, April 18th, 2005

It you are trying to use graphics on a server, that does not run X, you may run into all sorts of problems with the AWT toolkit. When the AWT toolkit is initialised it expects to find an X server, regardless of whether its needed for actual display.

If you are running JDK 1.4 or later, you should add -Djava.awt.headless=true to your Tomcat startup.

I achieved this by editing the /usr/bin/dtomcat4 file.

Below is a downloadable patch file. Tomcat 4 Patch

Securing /tmp directory

Saturday, April 9th, 2005

If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Following the method descriped below, you will learn how to create a secure /tmp partition even while your server is already up and running.

Recently, I found out it would be worthwhile to give /tmp it’s own partition and mount it using noexec. This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.

What we are doing it creating a file that we will use to mount at /tmp. So log into ssh and su to root so we may begin!

In your /dev directory create an empty 250MB file. You may need more space on a busier system. To increase the size of the empty file make the count parameter larger.

cd /dev
dd if=/dev/zero of=tmppart bs=1024 count=250000

We will now create an ext3 filesystem for in our tmppart file. If it asks you if you want to proceed, since the destination is not a block device, say yes (y).

/sbin/mkfs.ext3 /dev/tmppart

Backup your /tmp diretory since you may have files in there that is needed by certain programs. Some programs may use it to store cache files or other temporary information.

cd /
cp -R /tmp /tmp_backup

Now, mount the new /tmp filesystem with noexec, nosuid and rw options, and set the correct permissions on the new partition:

mount -o loop,noexec,nosuid,rw /dev/tmppart /tmp
chmod 1777 /tmp

Restore the old /tmp data and remove backup directory:

cp -R /tmp_backup/* /tmp/
rm -rf /tmp_backup

We now need to add this to /etc/fstab so it mounts automatically on reboots. Add the following line to your /etc/fstab file.

/dev/tmppart /tmp ext3 loop,noexec,nosuid,rw 0 0

You are done! /tmp is now mounted as noexec, nosuid and rw. You can sleep a little bit safer tonight.

To test the setup, you may copy an executable to the /tmp directory and then try and execute it. It should fail with a Permission denied error message.

Running Plesk on Port 443

Saturday, March 5th, 2005

By default Plesk is installed to run on port 8443. Some companies have very restrictive firewalls, which might lead to clients not being able to access the Plesk control panel. I have found that most companies will happily allow a connection on port 443, the standard port for SSL connection. Luckily you can configure Plesk to listen on a second IP address for connections to port 443.

This method describled below has been tested on Plesk for Linux version 6.0.x, 7.1.x and Plesk for Windows version 7.5.x.

Step 1: Add a secondary IP address to your server. The way to do this depends on the OS and is left as an excercise to the reader. We assume that our secondary IP address is: 10.0.0.1
Step 2: Edit the httpsd.conf file. In this file add the following entry: Listen 10.0.0.1:443.
Step 3: If on Linux, edit the ssl.conf file, to only Listen on the the main IP address’s SSL port.
Step 4: Restart the Plesk control panel
Step 5: Test the setup, by connecting to: https://10.0.0.1/

If everything was done properly the Plesk control panel will now be running on port 443.

Speeding UP SMTP on Plesk 7.1.7

Saturday, March 5th, 2005

Some clients might experience a very slow SMTP connection on a Plesk 7.1.7 server running qmail. The main reason for the delay is cuased by a Reverse DNS lookup performed on each IP address connection to the SMTP server on port 25. If your server does not have good DNS connectivity or the owner of the IP address’s DNS servers are overloaded, you may notice a delay of up to 60 seconds (the default) to be able to send mail.

I suggest that you update your /etc/xinetd.d/smtp_psa and /etc/xinetd.d/smtps_psa files.

Update the server_args key in both files, as suggested below:
server_args = -Rt0 /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org -r bl.spamcop.net ......

You may want to replace sbl-xbl.spamhaus.org and/or bl.spamcop.net with your favourite RBL list. You may also add additional RBL entries by specifying additional -r parameters.

Upgrading phpMyAdmin on Plesk 7.1.7

Saturday, March 5th, 2005

Thanks to G.L. DATA it is now possible to upgrade the default phpMyAdmin installed in the Plesk control panel under the DB WebAdmin icon. According to G.L. DATA the upgrade will work on version 7.1.x and 7.5.x of Plesk for Linux. We have been able to confirm that it definitely does run on Plesk 7.1.7 for Linux.

For more information see G.L. DATA Plesk page

Plesk for Windows 7.5.0 & MySQL

Sunday, February 27th, 2005

There are two instances of MySQL running, one on port 3306 (default) and one on port 8306. The instance running on port 8306 is the intstance that is used by the Plesk contol panel.

Use the -P option of the mysql.exe client tool to specify the port:

mysql -u admin -p -P 8306

Plesk 7.1.6’s psadump and MySQL version

Saturday, February 12th, 2005

The psadump utility that is shipped with Plesk 7.1.6, expect the version number of the MySQL server to always be in the format x.x.x, where x is a digit. We have however had cases where the MySQL version was x.x.xX, where x is a digit and X is a letter. Below is a hack on the regex to make psadump work properly again.

In the {PSA_BASE_DIRECTORY}/lib/perl5/BU/PSA/Const.pm file, change:

$mysql_version_str =~ m/[Vv][Ee][Rr]\s+[0-9\.]+\s+Distrib\s+([0-9\.]+)[\s,]/;

to:

$mysql_version_str =~ m/[Vv][Ee][Rr]\s+[0-9\.]+\s+Distrib\s+([0-9\.\w]+)[\s,]/;

UPDATE:
This problem has been resolved in Plesk for Linux version 7.1.7.

Plesk 7.1.6 & rpm errors

Saturday, February 12th, 2005

RedHat Enterprise Linux 3 (RHEL3), Update 4, in certain cases breaks your Plesk 7.1.6 installation. When you attempt to login you might get the following error message:

Unable to exec utility packagemng: packagemng: Unable to open rpm db: cannot
open Packages using index db3 (-30982)

System error 2: No such file or directory

Below is my WORKAROUND for the problem, until a permanent solution can be found.

I have edited my /etc/sysconfig/rhn/up2date file so that the pkgSkipList entry reads as follows: pkgSkipList=kernel*;rpm*;.

up2date will now, no longer upgrade the rpm system.

If you have already upgraded your rpm system, you could run the following commands:

up2date --get rpm-4.2.3-10 rpm-python-4.2.3-10 rpm-build-4.2.3-10 rpm-devel-4.2.3-10 rpm-libs-4.2.3-10
cd /var/spool/up2date/
rpm -Uvh --oldpackage rpm-4.2.3-10.i386.rpm rpm-build-4.2.3-10.i386.rpm rpm-devel-4.2.3-10.i386.rpm rpm-libs-4.2.3-10.i386.rpm rpm-python-4.2.3-10.i386.rpm
rm /var/lib/rpm/__db.00*

The above commands should get you up and running with the older rpm system.

RedHat did release the updated rpm system, due to a bug, as explained by in this Errata.

Mail Enable 1.8 on Plesk 7.0.3 & the default email message

Saturday, February 5th, 2005

When creating a new email address (mailbox) on Plesk 7.0.3 for Windows, you will recieve a default email in the mailbox. This default email is stored in the following locations:

Filename: DEFAULT.MAI
System default: C:\Program Files\SWsoft\Plesk\Mail Enable\Config\Postoffices
Domain default: C:\Program Files\SWsoft\Plesk\Mail Enable\Config\Postoffices\<domainname>

To alter the email is very easy. All you need to do is to create the email message as you would like it to appear to your clients and then send it to one of the defined email addresses on the system. You will be able to retrieve the email from the location below.

Email file locaton: C:\Program Files\SWsoft\Plesk\Mail Enable\Postoffices\<domainname>\MAILROOT\<mailbox>\Inbox\*.MAI

Plesk backups and psadump

Wednesday, February 2nd, 2005

/usr/local/psa/bin/psadump -F -z --nostop --nostop-domain --tar-ignore-failed-read --do-not-dump-logs -f - | split -b 1000m - /backup/psa-`cat /usr/local/psa/version | cut -d ' ' -f 1`-backup-`date +%Y%m%d%H`.

Basically it does a full dump and doesn’t stop services, doesn’t switch a domain off, ignores misread files (files which are being modified whilst psadump is backing them up), doesn’t backup logfiles (waste of time/space/resources) and splits the backup into 1000MB chunks, labeling them with the Plesk version and that date and hour of the backup.

Plesk and CentOS

Wednesday, February 2nd, 2005

Plesk will run fine on RedHat Enterprise Linux 3 (RHEL 3). CentOS is a distibution based on the RHEL 3 source RPMS and is almost totally compatible with RHEL 3. Plesk does however not recognise the OS identification string, to fix it do the following:

cp /etc/redhat-release /etc/redhat-release_original
echo "Red Hat Enterprise Linux ES release 3 (Taroon Update 4)" > /etc/redhat-release