Log files on CentOS Plesk server

Plesk

Logs
Error log: /var/log/sw-cp-server/error_log and /var/log/sw-cp-server/sw-engine.log
Access log: /usr/local/psa/admin/logs/httpsd_access_log
Panel log: /usr/local/psa/admin/logs/panel.log

Services
Stop: /etc/init.d/psa stop
Start: /etc/init.d/psa start
Restart: /etc/init.d/psa restart

Configuration
PHP config: /usr/local/psa/admin/conf/php.ini
Panel config: /usr/local/psa/admin/conf/panel.ini
Web server config: /etc/sw-cp-server/conf.d/plesk.conf

Web Presence Builder

Logs

Error log: /usr/local/psa/admin/logs/sitebuilder.log
Install/upgrade logs: /usr/local/sb/tmp/
No service control (working via sw-cp-server service)

Configuration
/usr/local/sb/config
/etc/sw-cp-server/conf.d/plesk.conf
/usr/local/psa/admin/conf/php.ini

 

SSO

Logs
Error log: /var/log/sw-cp-server/error_log
SSO log: /var/log/sso/sso.log

Services
No service control (works via sw-cp-server service)
Manage settings: /usr/local/psa/bin/sso

Configuration
/etc/sso/sso_config.ini
/etc/sw-cp-server/conf.d/sso.inc

 

Backup Manager

Logs
Backup logs: /usr/local/psa/PMM/logs/backup-
Restore log: /usr/local/psa/PMM/logs/restore-
Functionality is controlled by the Plesk control panel service

Configuration
/etc/psa/psa.conf

 

Plesk Migrator

Configuration
/usr/local/psa/var/modules/panel-migrator/conf/

Logs
/usr/local/psa/var/modules/panel-migrator/logs/

 

Migration Manager

Logs
/usr/local/psa/PMM/logs/migration-
Functionality is controlled by the Plesk control panel service.

 

Health Monitor Manager

Logs
/usr/local/psa/admin/logs/health-alarm.log

Services
Stop: /etc/init.d/sw-collectd stop
Start: /etc/init.d/sw-collectd start
Restart: /etc/init.d/sw-collectd restart

Configuration
/usr/local/psa/admin/conf/health-config.xml
/usr/local/psa/var/custom-health-config.xml
/etc/sw-collectd/collectd.conf

 

Health Monitor Notification Daemon

Logs
/usr/local/psa/admin/logs/health-alarm.log

Services
Stop: /etc/init.d/psa-health-monitor-notificationd stop
Start: /etc/init.d/psa-health-monitor-notificationd start
Restart: /etc/init.d/psa-health-monitor-notificationd restart

Configuration
/usr/local/psa/admin/conf/health-config.xml
/usr/local/psa/var/custom-health-config.xml

 

MySQL

Logs
/var/log/mysqld.log

Services
Stop: /etc/init.d/mysqld stop
Start: /etc/init.d/mysqld start
Restart: /etc/init.d/mysqld restart

Configuration
/etc/my.cnf
/etc/mysql/my.cnf (Debian/Ubuntu)

 

PostgreSQL

Logs
/var/lib/pgsql/pgstartup.log

Services
Stop: /etc/init.d/postgresql stop
Start: /etc/init.d/postgresql start
Restart: /etc/init.d/postgresql restart

Configuration
/var/lib/pgsql/data/postgresql.conf

 

Apache

Logs
Global Access and Error logs: /var/log/httpd/
Domain logs: /var/www/vhosts//logs

Services
Stop: /etc/init.d/httpd stop
Start: /etc/init.d/httpd start
Restart: /etc/init.d/httpd restart

Configuration
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/zz010_psa_httpd.conf (includes generated configuration files with the rest of the vhosts and server configuration)
NOTE: On SuSE, Debian, and Ubuntu, the service is called “apache2”. The path to its logs is /var/log/apache2 and the path to configs is /etc/apache2.

 

NGINX

Logs
Error log: /var/log/nginx/error.log
Access log: /var/log/nginx/access.log
Domain logs: /var/www/vhosts//logs/proxy_access*_log

Services
Stop: /etc/init.d/nginx stop
Start: /etc/init.d/nginx start
Restart: /etc/init.d/nginx restart
NOTE: To disable nginx, go to “Tools & Settings > Services Management” and stop nginx from there.

Configuration
/etc/nginx/nginx.conf
/etc/nginx/conf.d/zz010_psa_nginx.conf (includes generated configuration files with the rest of the vhosts’ and server configuration)

 

Tomcat

Logs
/var/log/tomcat5/*

Services
Stop: /etc/init.d/tomcat5 stop
Start: /etc/init.d/tomcat5 start
Restart: /etc/init.d/tomcat5 restart

Configuration
/etc/tomcat5/server.xml

 

FTP

Logs
/usr/local/psa/var/log/xferlog
/var/log/secure
No service control (works via xinetd service)

Configuration
/etc/xinetd.d/ftp_psa
/etc/proftpd.conf
/etc/proftpd.include

 

Xinetd

Logs
/var/log/messages

Services
Stop: /etc/init.d/xinetd stop
Start: /etc/init.d/xinetd start
Restart: /etc/init.d/xinetd restart

Configuration
/etc/xinetd.conf
/etc/xinetd.d/* (files with “.” in the name are ignored)

 

BIND

Logs
/var/log/messages

Services
Stop: /etc/init.d/named stop
Start: /etc/init.d/named start
Restart: /etc/init.d/named restart

Configuration
/etc/named.conf
NOTE: In Debian/Ubuntu, the service is called “bind9.”

 

Courier-IMAP

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/courier-imap stop
Start: /etc/init.d/courier-imap start
Restart: /etc/init.d/courier-imap restart

Configuration
/etc/courier-imap/imapd
/etc/courier-imap/imapd-ssl
/etc/courier-imap/pop3d
/etc/courier-imap/pop3d-ssl

 

Postfix

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/postfix stop
Start: /etc/init.d/postfix start
Restart: /etc/init.d/postfix restart

Configuration
/etc/postfix/master.cf
/etc/postfix/main.cf

 

Qmail

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/qmail stop
Start: /etc/init.d/qmail start
Restart: /etc/init.d/qmail restart

Configuration
Control files in /var/qmail/control/
/etc/xinetd.d/smtp_psa
/etc/xinetd.d/smtps_psa
/etc/xinetd.d/submission_psa

 

Horde

Logs
Error log: /var/log/psa-horde/psa-horde.log
No service control (works via Apache web-server)

Configuration
/etc/psa-webmail/horde/horde.conf
/etc/psa-webmail/horde/horde/conf.php

 

Roundcube

Logs
Error log: /var/log/plesk-roundcube/errors
No service control (works via Apache web-server)

Configuration
/etc/psa-webmail/roundcube/*

 

Mailman

Logs
/var/log/mailman/*

Services
Stop: /etc/init.d/mailman stop
Start: /etc/init.d/mailman start
Restart: /etc/init.d/mailman restart

Configuration
/etc/httpd/conf.d/mailman.conf
/usr/lib/mailman/Mailman/mm_cfg.py
/etc/mailman/sitelist.cfg

 

SpamAssassin

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/spamassassin stop
Start: /etc/init.d/spamassassin start
Restart: /etc/init.d/spamassassin restart

Configuration
/etc/mail/spamassassin/local.cf
/var/qmail/mailnames///.spamassassin/user_prefs

 

Parallels Premium Antivirus

Logs:
/usr/local/psa/var/log/maillog
/var/drweb/log/*

Service control:
Stop: /etc/init.d/drwebd stop
Start: /etc/init.d/drwebd start
Restart: /etc/init.d/drwebd restart

Configuration:
/etc/drweb/*

 

Kaspersky Antivirus

Logs:
/usr/local/psa/var/log/maillog

Service control:
Stop: /etc/init.d/kavehost stop
Start: /etc/init.d/kavehost start
Restart: /etc/init.d/kavehost restart

Configuration:
/opt/kav/sdk8l3/etc/kav-handler.cfg
/etc/kavehost.xml

 

phpMyAdmin

Logs:
Error log: /var/log/sw-cp-server/error_log
No service control (working via sw-cp-server service).

Configuration:
/usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/libraries/config.default.php

 

phpPgAdmin

Logs
Error log: /var/log/sw-cp-server/error_log
No service control (working via sw-cp-server service).

Configuration:
/usr/local/psa/admin/htdocs/domains/databases/phpPgAdmin/conf/config.inc.php

 

Logrotate

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/usr/local/psa/etc/logrotate.conf
/usr/local/psa/etc/logrotate.d/*

 

Webalizer

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/srv/www/vhosts/system//conf/webalizer.conf

 

AWstats

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/usr/local/psa/etc/awstats/awstats.-*.conf

 

Watchdog (monit)

Logs:
/usr/local/psa/var/modules/watchdog/log/wdcollect.log
/usr/local/psa/var/modules/watchdog/log/monit.log

Service control:
Stop: /usr/local/psa/admin/bin/modules/watchdog/wd –stop
Start: /usr/local/psa/admin/bin/modules/watchdog/wd –start
Restart: /usr/local/psa/admin/bin/modules/watchdog/wd –restart

Configuration:
/usr/local/psa/etc/modules/watchdog/monitrc
/usr/local/psa/etc/modules/watchdog/wdcollect.inc.php

 

Watchdog (rkhunter)

Logs:
/var/log/rkhunter.log

Service control:
Start: /usr/local/psa/admin/bin/modules/watchdog/rkhunter

Configration:
/usr/local/psa/etc/modules/watchdog/rkhunter.conf

 

Plesk Firewall

Service control:
Stop: /etc/init.d/psa-firewall stop
Start: /etc/init.d/psa-firewall start
Restart: /etc/init.d/psa-firewall restart

Configuration:
/usr/local/psa/var/modules/firewall/firewall-active.sh
/usr/local/psa/var/modules/firewall/firewall-emergency.sh
/usr/local/psa/var/modules/firewall/firewall-new.sh

 

Plesk Firewall (IP forwarding)

Service control:
Stop: /etc/init.d/psa-firewall-forward stop
Start: /etc/init.d/psa-firewall-forward start
Restart: /etc/init.d/psa-firewall-forward restart

Configuration:
/usr/local/psa/var/modules/firewall/ip_forward.active
/usr/local/psa/var/modules/firewall/ip_forward.saved

 

IP Address Banning (Fail2Ban)

Service control:
Stop: /etc/init.d/fail2ban stop
Start: /etc/init.d/fail2ban start
Restart: /etc/init.d/fail2ban restart

Configuration: A set of IPTables rules. By default:-
iptables -N fail2ban-plesk-login
iptables -A fail2ban-plesk-login -j RETURN
iptables -A INPUT -p tcp -m multiport –dports 8880,8443 -j fail2ban-plesk-login

sqldumpscript

Here is a good script for backing up all mysql database on a Plesk server. Add a cron entry so that it runs everyday. Change the ‘-mtime +7’ value to determine how many days of backups you will keep.

vi /usr/local/sbin/sqldumpscript
chmod 755 /usr/local/sbin/sqldumpscript


#! /bin/bash

TIMESTAMP=$(date +"%F")
BACKUP_DIR="/var/www/vhosts/mysqldumps/$TIMESTAMP"
MYSQL=/usr/bin/mysql
MYSQLDUMP=/usr/bin/mysqldump
find /var/www/vhosts/mysqldumps/ -maxdepth 1 -type d -mtime +7 -exec rm -rf {} \;

mkdir -p "$BACKUP_DIR"

databases=`$MYSQL -uadmin -p\`cat /etc/psa/.psa.shadow\` -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema)"`

for db in $databases; do
$MYSQLDUMP --force --opt --skip-events --skip-lock-tables -uadmin -p`cat /etc/psa/.psa.shadow` --databases $db | gzip > "$BACKUP_DIR/$db.gz"
done

create crontab entry
39 3 * * * /usr/local/sbin/sqldumpscript

netstat one liners

Active over port 80

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

 

Sorted by type

netstat -plant | awk '{print $6}' | sort | uniq -c | sort -n

How to block IP address in Linux via ssh:

The following command will drop any packet coming from the IP address 1.2.3.4:

iptables -I INPUT -s 1.2.3.4 -j DROP

or

iptables -A INPUT -s 1.2.3.4 -j DROP

(-I inserts into config, -A appends)

Use the following syntax to block 10.0.0.0/8 on eth1 public interface:
iptables -i eth1 -A INPUT -s 10.0.0.0/8 -j DROP

Use the following command to view:
iptables -L -v

Use the following command to save:
service iptables save

Add virtuozzo to Centos 6

Create partitions as follows:

/ 10GB
/vz remaining space
swap – 2GB + total memory

Login as root, and cd
wget http://download.pvc.parallels.com/47/lin/vzinstall-linux-x86_64.bin
chmod +x vzinstall-linux-x86_64.bin
yum install vzkernel (needed for mkinitrd install – find a better way?)
cd /etc/yum.reposd/
wget ftp://ftp.muug.mb.ca/mirror/centos/6.6/os/x86_64/Packages/compat-libstdc++-33-3.2.3-69.el6.x86_64.rpm
rpm -ivh compat-libstdc++-33-3.2.3-69.el6.x86_64.rpm
./vzinstall-linux-x86_64.bin (install pva agent at end, reboot, and wait for startup (around 10 minutes)).
cd
yum update

Additional notes:

counting inodes

I like this script:  https://raw.githubusercontent.com/tripflex/inodes/master/inodes

Installation

wget -O ~/bin/inodes https://raw.githubusercontent.com/tripflex/inodes/master/inodes
chmod +x ~/bin/inodes

Usage

Directory path is not required. If nothing is provided the present working directory is used.

Argument Example Description
-d inodes -d /path/to/dir Specify path to directory to scan. Optional, will use pwd if not specified.
-t inodes -t 50000 Display tree output for directories with over 50,000 inodes. Optional.
-e inodes -e 100 Exclude directories that are below 100 inodes. Optional

 

wordpress – plesk error Call to undefined function is_admin()

In the Plesk under the subscription we are seeing the following error and we can not apply the Plesk security settings. 

Error: PHP Fatal error: Call to undefined function is_admin() in /usr/share/plesk-wp-cli/php/wp-cli.php(18) : eval()’d code on line 87

Parallels identifies this in a KB article:

 http://kb.sp.parallels.com/en/123569

They say:

Cause:

Modified wp-config.php file inside a WordPress installation document root. Function is_admin() could be handled properly while it evaluated from CLI.

Resolution

Either remove his function from the wp-config.php or modify it, as it shown on example below:

if(function_exists(‘is_admin’))

We compared the config against another new installation and removed the following lines from it.

============================================================

if(is_admin()) {

    add_filter(‘filesystem_method’, create_function(‘$a’, ‘return “direct”;’ ));

    define( ‘FS_CHMOD_DIR’, 0751 );

}

if(is_admin()) {

    add_filter(‘filesystem_method’, create_function(‘$a’, ‘return “ftpext”;’ ));

    define( ‘FS_CHMOD_DIR’, 0755 );

}

============================================================

Then in the subscriptions control panel we clicked the Plesk to refresh button for WordPress security scan and all appears to be fine now.

Activate mod_deflate on plesk server

On a Plesk server, the mod_deflate module is installed by default, however it may be disabled in the Apache configuration file. To enable the module edit the Apache configuration file

vi /etc/httpd/conf/httpd.conf

Search for the line

#LoadModule deflate_module modules/mod_deflate.so

and uncomment it i.e. remove the ‘#’ mark

LoadModule deflate_module modules/mod_deflate.so

Save the file and restart the httpd service

service httpd restart

Now, create a .conf file under the /etc/httpd/conf.d/ directory since Apache reads all the .conf files from that directory on a Plesk server

vi /etc/httpd/conf.d/deflate.conf

and place the following code in it

<Location />
SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI .(?:gif|jpe?g|png)$ no-gzip dont-vary
</Location>

Save the file and restart the httpd service. The compression code will compress all the files except the .gif, .jpe, .jpeg and .png files. To test the compression, use the tool

http://www.whatsmyip.org/mod_gzip_test/

To enable compression for a specific directory or domain, specify the directory path in the <Location> directive in deflate.conf and restart the Apache server.