WordPress updates

May 9th, 2011

The wordpress team distributes WordPress updates very often, the process is very simple, you unzip, FTP (upload) the update, and you are done.

I do this very often for many many websites, although the process is simple, it is time consuming, the reson is that on shared hosting, i can not upload a zip file, i have to upload 800+ files for every single website, the latency of uploading 800 * 10 files adds up, and i should not need to do this

the task look as simple as, create a system to upload the new version to all FTP destinations every time there is a new wordpress update.

This is also more secure than allowing wordpress to update itself, wordpress code files should not be writable to the web server, only to the FTP user.

Anyway, i will get to this project soon (Maybe it will take 10 hours work), and once done i will keep you posted on how to add your FTP details.

Till then, happy wordpressing

Posted in Uncategorized, Wordpress | No Comments »

Older wordpress installations get SEO Hacked

March 29th, 2011

Versions before 3.1 got hacked where only google sees a big bulk of text with plenty of text, this is so that the visitor does not get a sense of urgency into fixing the issue.

Surely, by the time the user updates the compromised WP install, Search engines would have visited his/her website a few times, and think the links are important, giving away the beloved rank to the spammer !

In any case, it seems WordPress are aware of the issue, and the update, followed by the DB update (You will see when you login as admin) resolves the issue !

Happy blogging !

Posted in php scripts, Wordpress | No Comments »

PHP PEAR on Windows and Plesk 9.5

January 3rd, 2011

While writing an application on my linux machine , i used the PHP function (getmxrr) to resolve MX records, the lovely function returns an array of all the MX records that are associated with a domain name, once i moved the application to a windows machine that ran PHP 5.2.13 on Plesk 9.5 , things went bam, getmxrr is only available on Windows when you are running PHP 5.3 and above, so what to do

The answer was the PEAR package (Net_DNS), here i will document how i installed and used it so that i don’t have to look around again later

Here are the exact steps i had to follow to get things working, including the code :)

1- Login to the windows server via remote desktop

2- Open the command line

3- on the command line

cd C:\Parallels\Plesk\Additional\Php

Once in that directory, you can execute (on the command line)

go-pear

You should now follow the instructions, install the extra package, and you have pear installed.

Now, a reg file should be in that same directory, double click it, enter it into the registry

Now you need to edit php.ini found at C:\Parallels\Plesk\Additional\PleskPHP5

in the path variable, add the pear folder

include_path = ".;./includes;./pear;C:\Parallels\Plesk\Additional\Php\PEAR"

Now, i restarted the server, you can restart IIS or do that IIS magic you know how to do (No, it is not /etc/init.d/IIS restart), i am just too lazy, it is probably very easy

Now, on the command line, i executed

pear install Net_DNS-1.0.7

i had to do it twice, and for some reason the first run did not find the package, second installed, very strange i think.

Now that the thing was installed, i simply ran the following code, and i got a result very similar to that of my beloved getmxrr

<?php

function extract_answers_mx($answerobj)
{
	//this one extracts the MX records !
	$innerobjary = $answerobj->answer;
	$numofrecs = count($innerobjary);//How many records ?
	$retary = array();//we store servers here...
	if((is_array($innerobjary)) && (count($innerobjary) > 0))
	{
		foreach ($innerobjary as $thisent)
		{
			//we have an entry from the array !
			$retary[] = $thisent->exchange;//put the exchange in the array
		}
	}
	return $retary;//could be an empty array !
}

require_once 'Net/DNS.php';
$resolver = new Net_DNS_Resolver();
$resolver->debug = 0; // Turn on debugging output to show the query
$resolver->usevc = 1; // Force the use of TCP instead of UDP
$resolver->nameservers = array(              // Set the IP addresses
                           '192.168.2.100',     // of the nameservers
                           '192.168.2.101'  // to query.
                           );
$response = $resolver->query('php.net', 'MX');
if (! $response)
{
  echo "\n";
  echo "ANCOUNT is 0, therefore the query() 'failed'\n";
  echo "See Net_DNS_Resolver::rawQuery() to receive this packet\n";
}
$retary = extract_answers_mx($response);
foreach ($retary as $thisary)
{
	print "{$thisary}\n";
}
?>

And now, i can go back to doing my magic :)

Posted in Uncategorized | No Comments »

Plesk subdomain safe mode

July 10th, 2010

Although plesk allows you to enable or dissable safe mode for a domain, there is no where you can dissable or enable safe mode for a sub domain !

The answer lies in the Plesk apache Config File, Safe mode can be switched off from within the file

/var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf

<Directory /var/www/vhosts/domain.com/subdomains/<subdomain-name>/httpdocs>
php_admin_flag safe_mode off
</Directory>

Then, as with every time you edit such a config file, you will need to tell plesk about the change

/usr/local/psa/admin/sbin/websrvmng –reconfigure-vhost –vhost-name=domain.com

And you will need to tell apache to reload it’s config files…
/etc/rc.d/init.d/httpd restart

You should now be good to go

Posted in Uncategorized | 1 Comment »

Apache config with PLESK and Linux

July 10th, 2010

The configuration files of Apache web server are overwritten by PLESK whenever a domain is added, a domain is deleted, a subdomain is added, or whenever needed, All the Apache config files related or unrelated are overwritten, so if you plan to Modify a domain or subdomain’s config, Plesk gives you the chance to do so by creating a new file and adding the settings to it.

The file you create is not overwritten and is loaded with all the other config files

So

DO NOT edit /home/httpd/vhosts/<domain-name>/conf/httpd.include because this file is overwritten whenever Plesk changes something about apache's config, Rather create the file vhost.conf and/or vhost_ssl.conf with necessary directives in the directory /home/httpd/vhosts/<domain-name>/conf/

For security reasons, only root can create the vhost.conf and vhost_ssl.conf files.

For the changes to take effect, you need to run the following:

/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=<domain_name>

The line above tells plesk to add the includes directive into the website’s configuration file, Plesk will probe for the file’s existence before including it.

For sub domains, the file that needs to be created is in

/var/www/vhosts/domain.com/subdomains/<subdomain-name>/conf/vhost.conf

Rules for the domain also apply to the subdomain, But this is particularly useful since plesk allows disabling safe mode for the domain, but not directly for the sub domain, to see how you can disable safe mode for a sub domain see here.

Posted in Apache, Plesk Linux CentOS 5 | 1 Comment »

Warning: The domain is still suspended for the following reason: Domain is expired.

May 4th, 2010

Plesk Windows issues

I have already extended a client account’s validity period, what i do not understand is, After un-suspending the client’s account, i try to un-suspend a domain name, and i get the following Warning

Warning: The domain is still suspended for the following reason: Domain is expired.

So, On the plesk website (Forums) they say

Log into the Plesk Control Panel, click <DOMAINS> then the domain in question then “Limits”. Look at the “validity period” You must have an expiration date set there.

And since there is not “Limits” i assumed they were talking about “Resource Usage”, Since this is the Limits new name since plesk 9 ( currently at 9.5.1 , but i am sure it has been like this at least in 9.2.3, 9.3.0, and this plesk)

Anyway, there is expiry for a domain name in there.

The question i can’t help but ask is, Why are domains under a user account not Valid forever by default where the account owner’s validity takes precedence ?

Posted in Uncategorized | No Comments »

reactivating websites

April 26th, 2010

On a PLESK for windows installation, there was a problem reactivating websites, everything seems fine when you activate, then you refresh the page and it is inactive, the answer was in activating the domains from the command line after activating the client’s account

cd c:\Parallels\Plesk\admin\bin

Then

domain.exe –on domainname.com

(Type it in yourself, and notice that — is 2 consecutive dashes)

You should see

SUCCESS: Changing status of domain ‘domainname.com’ completed.

Posted in Uncategorized | No Comments »

PLESK 9.5.1 is out

April 26th, 2010

Today, after logging in to the Linux Plesk server (CentOS), i found that PLESK 9.5.1 is out, before updating, i noticed that there is a new module, Parallels Premium Antivirus which turned out to be Dr. Web Antivirus.

Anyway, the complete list is as follows

You have an up-to-date version

Apache ASP support    Oct 8, 2008
Apache mod_python module    Jan 6, 2007
Bandwidth Limiter For Apache support (mod_bw)    Nov 7, 2007
Plesk billing    June 24, 2009    June 24, 2009
PostgreSQL server support    Oct 26, 2009    Oct 26, 2009
SiteBuilder module migration suite    Sept 8, 2008    Sept 8, 2008
SiteBuilder publishing support for Plesk    May 22, 2007    May 22, 2007
SSHTerm – SSH Terminal java applet    Nov 30, 2008    Nov 30, 2008

An update is available

Base packages of Plesk    Dec 29, 2009    April 14, 2010
ColdFusion support for Plesk    Dec 29, 2009    April 9, 2010
Horde webmail support    Dec 29, 2009    April 9, 2010
Kaspersky antivirus module    Dec 29, 2009    April 9, 2010
Mailman mailing list manager support    Dec 29, 2009    April 9, 2010
MIVA Empresa support    Dec 29, 2009    April 9, 2010
Parallels Premium Antivirus    Dec 29, 2009    April 9, 2010
Plesk API [former Plesk Agent]    Dec 29, 2009    April 9, 2010
Plesk Backup Manager    Dec 29, 2009    April 9, 2010
Plesk Firewall module    Dec 29, 2009    April 9, 2010
Plesk migration manager    Dec 29, 2009    April 9, 2010
Plesk Professional Web Site Editor    Dec 29, 2009    April 9, 2010
Plesk Updater    Aug 17, 2009    April 7, 2010
Plesk VPN module    Dec 29, 2009    April 9, 2010
Ruby on Rails support    Dec 29, 2009    April 9, 2010
SpamAssassin support    Dec 29, 2009    April 9, 2010
Tomcat Java Servlets support    Dec 29, 2009    April 9, 2010
Watchdog (System monitoring module)    Dec 29, 2009    April 9, 2010

Not installed

Application vault packages    9.5.1-cos5.build95100410.11    April 9, 2010
AtMail webmail support    1:1.02-cos5.build95100410.11    April 9, 2010
Chinese language pack for China    9.5.1-2010032917    Mar 29, 2010
Chinese language pack for Taiwan    9.5.1-2010032917    Mar 29, 2010
Dutch language pack for Netherlands    9.5.1-2010032917    Mar 29, 2010
French language pack    9.5.1-2010032917    Mar 29, 2010
German language pack    9.5.1-2010032917    Mar 29, 2010
Italian language pack    9.5.1-2010032917    Mar 29, 2010
Japanese language pack    9.5.1-2010032917    Mar 29, 2010
Plesk Battlefield 1942 game server module    1.0.0-cos5.build95100410.11    April 9, 2010
Plesk Battlefield2 game server module    1.0.0-cos5.build95100410.11    April 9, 2010
Plesk Counter-Strike game server module    2.0.0-cos5.build95100410.11    April 9, 2010
Plesk Fileserver module and SMB file server package    0:3.0.33-3.15.el5_4.1    April 9, 2010
Russian language pack    9.5.1-2010032917    Mar 29, 2010
Spanish language pack    9.5.1-2010032917    Mar 29, 2010

Upgrading from 9.3.0 to 9.5.1 went smooth, unlike what you see in the post below on upgrading from 9.2.3 to 9.3.0, in the upgrade below, i had not reinstalled application vault applications because of an MD5 checksum check error in the downloaded package.

Posted in Uncategorized | No Comments »

plesk update hell

April 11th, 2010

Again, Parallels gives me a hard day when there CP refuses to update, and it’s vulnerability is getting websites hacked.

My current installation of plesk is an outdated 9.2.3, the objective is to upgrade it to 9.3.0

Before jumping to upgrading 9_2_3 to 9_3_0, i will first try to bring 9.2.3 to latest then upgrade to 9.3.0

The reason i need to update now is that I got complaints about hacked websites that redirected elsewhere ( Bublik.biz
that redirects in turn to searchresultsdirect ).

So I go to the Web GUI / UI and click on the update / Upgrade, i find my release and the newer release, My release is 9.2.3 and the new release is 9.3.0 so i select the first 9.2.3 and upgrade, the process fails, but not only does the upgrade fail, but web hosting also fails, when opening any website, you will get the @mail (atMail) page in place of the website.

so clicking on My Release 9.2.3 and select everything with an update, right after the update, i get an unpleasant surprise.

it added to my problems that all websites were opening atmail (@mail) and the Web GUI updater to 9.3.0 did not work, now the situation was really bad.

Websites were down (compared to a few had been hacked), and now i had to start working fast, the challenge is to have them online in 5 minutes.

To begin with, Although now you find nothing to update when you open the Web GUI to update and click on the 9.2.3 release, packages (PHP5 and QMAIL) are not really up to date, we need to do that manually.

So i had to start with

/usr/local/psa/admin/sbin/autoinstaller --select-release-id PLESK_9_2_3 --show-components 2>1 | grep upgrade

Followed by

/usr/local/psa/admin/sbin/autoinstaller  --select-release-current --upgrade-installed-components

The above are what Parallels prescribed here

kb.parallels.com/en/6360

That put a tick beside the current plesk release in the Web GUI, and websites were opening again, but did not really resolve my problems, still, i can not update to 9.3.0

Here are some of the WEB UI attempts and the command line attempts (They yield same results and error messages)

Warning! Not all packages were installed.

Please check if your system services are operable.

Please, contact product technical support.

Then, to try and do the same thing from the command line, i run the command

/usr/local/psa/admin/sbin/autoinstaller –select-release-latest –install-everything

And again, the error messages are as follows

ERROR: Unable to install the requested packages because either there is
         not enough free disk space left, or there are package dependency problems.
         Warning! Not all packages were installed.
         Please check if your system services are operable.
         Please, contact product technical support.

So what i did now was Deleted all files in /var/lib/rpm/ , followed by the command “rpm -rebuilddb” without the quotes, then I deleted PSA_9.3.0 in /root/parallels/ , followed by the command

/usr/local/psa/admin/sbin/autoinstaller --select-release-latest --install-everything
         ERROR: The MD5 checksum of the
         /root/parallels/PSA_9.3.0/dist-rpm-CentOS-5-i386/opt/vault/psa-appvault-knowledgetreeoss-3.4.5-8200820080409010953.noarch.rpm
         file does not match the value specified in the configuration file.
         Not all packages were installed.
         Please, resolve the above problem and try installing the packages again.
         If you cannot resolve the problem on your own, contact product technical support for assistance.

And there is no use re-downloading the file, it is probably a problem on parallel’s side

And since it seems Qmail send is not working, I have attempted to set the permissionsas follows just in case

chmod 2511 /var/qmail/bin/qmail-queue

Now that the complete update all does not work, i tried to update each package alone, So i begin by requesting the latest version of the base system by issuing this command on the command line

/usr/local/psa/admin/sbin/autoinstaller –select-release-latest –install-component base

A big load of text is displayed in my terminal window, but generally the plesk messages are of one of the following formats

* Downloading the file…

*warning: /root/parallels/PSA_9.3.0/update-rpm-CentOS-5-i386/SOME_FILE: Header V3 DSA signature: NOKEY, key ID e8562897

*warning: /etc/PACKAGE/FILENAME created as /etc/PACKAGE/FILENAME.rpmnew

*Installing the package iproute-2.6.18-10.el5.i386

Warnings are probably no big deal, and emails i have been trying to send are arriving in my inbox as the process goes on, and finally, a message that reads.

Congratulations!
Plesk has been successfully installed on your server.
To complete the system configuration, please proceed to URL:
https://ip-97-74-196-212.ip.secureserver.net:8443/ or

https://97.74.196.212:8443/

Use the login name 'admin' and password '<YOUR ADMIN PASSWORD>'.

Further, use the following commands to start and stop Plesk:
"/etc/init.d/psa start" and
"/etc/init.d/psa stop" respectively.

All Plesk control panel documentation is available at

http://www.parallels.com/en/products/plesk/docs

*****************************************************************************
*                                                                           *
*      NOTE:   You have a default key file with limited functionality       *
*              currently installed for Plesk, which allows                  *
*              creating one client account, one domain, one mail name and   *
*              one web user.                                                *
*              To extend the limits of your license key and enable          *
*              additional features, please contact the Parallels sales      *
*              department: sales@parallels.com                              *
*                                                                           *
*      Thank you for choosing our products!                                 *
*****************************************************************************
Trying to register service psa...  using /sbin/chkconfig
done

GNow we probably want to check if the update shows in the Web UI,

To my surprize, most of plesk was not installed, i do not know what effect this has on existing ruby or python websites, but surely, they need to be installed again before we go any further

So i ran the AutoInstaller with no parameters as follows

/usr/local/psa/admin/sbin/autoinstaller

and then selected The auto installer package

Once the Auto installer is installed, i went on to install everything but the Application Vault packages since there is a problem with the MD5 sum of the downloaded file from parallels

vault/psa-appvault-knowledgetreeoss-3.4.5-8200820080409010953.noarch.rpm

Good luck with your plesk

Posted in Plesk Linux CentOS 5, Uncategorized | No Comments »

PLESK security certificate revoked

December 3rd, 2009

Today, i revoked a PLESK server’s security certificate and had to login via HTTP to make a new one.

First, if the server’s security certificate is revoked, you are in trouble, the reason is, you have to use plain HTTP as Mozilla Firefox, Internet Explorer and Google chrome will not let you in.

To get this out of the way, PLESK does allow you to login via HTTP (Not recommended), you can do that by visiting your server with PORT NUMBER 8880, so to open in plain HTTP (Plain text) you simply visit http://myserver.mydomain.com:8880/ but as you may well know, you are putting the server at risk of someone hijacking your server

So what i did is this

I assume you have putty, i SSHed to the server where i have set a tunnel using putty’s SSH tunnel feature, then logged in to the server via HTTP, this is how it works, when you browse the internet, you are actually asking your plesk server to get the pages for you, and therefore when you visit the http page via an ssh tunnel, your connection to the server is in reality encrypted (With the SSH tunnel).

Right after, you can visit settings => ssl certificates => Add SSL certificate => Add a certificate

Then you would go to settings => ssl certificates => put a tick beside the certificate you want to use for the server, then click on “Secure Control Panel” and you should be done and ready to go again

In some cases, you can self sign your certificate, meaning you do not need a third party to certify that you are you, but this will notify the visitors that there is no trusted authority on the certificate, so i only use a self signed certificate when i am the one who will be logging in, surely i do trust myself $25.99 (I get that price here)

Anyway, i hope this has got you a way around connecting via http in plain text, happy administrating

Posted in Uncategorized | No Comments »

« Older Entries