upgrade MariaDB 5.5->10.3 CentOS 7

CentOS 7 is shipped with MariaDB. MariaDB 10.x version is a drop-in replacement for MySQL 5.5-5.7.

  1. Create a backup of all databases with the following command:

    # MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysqldump -u admin –all-databases –routines –triggers > /tmp/all-databases.sql

  2. Stop the MariaDB service:

    # service mariadb stop

    Note: Remove additional packages like mariadb-bench:

    # rpm -e mariadb-bench

  3. Copy a databases directory in a separate folder like this (for backup purposes also):

    # cp -a /var/lib/mysql/ /var/lib/mysql_backup

  4. Check if you already have mysql-server installed:

    # rpm -q –whatprovides mysql-server

    If it is installed and the command above gives output, it is required to be removed using the following command:

    # rpm -e –nodeps `rpm -q –whatprovides mysql-server`

  5. Configure MariaDB repository: open the Setting MariaDB repositories page, select OS distro, release and MariaDB version to see the configuration that should be added to /etc/yum.repos.d/MariaDB.repo file. Example for MariaDB 10.1:

    # vi /etc/yum.repos.d/MariaDB.repo

    [mariadb]
    name = MariaDB
    baseurl = http://yum.mariadb.org/10.1/centos7-amd64
    gpgkey = https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
    gpgcheck = 1

  6. Perform an upgrade with:

    # yum install MariaDB-client MariaDB-server

  7. Start the MariaDB service:

    # service mariadb start

    OR

    # service mysql start

  8. Upgrade MySQL databases:

    # MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql_upgrade -uadmin

  9. Restart mysql service:

    # service mariadb restart

    OR

    # service mysql restart

upgrade mysql 5.1->5.7 (CentOS 6)

first, upgrade from 5.1 to 5.5 https://support.plesk.com/hc/en-us/articles/213367429

 

  • Install the Atomicorp repository:

    wget -q -O – http://www.atomicorp.com/installers/atomic | sh

  • Upgrade MySQL:

    yum upgrade mysql

 

 

  • Restart the MySQL service:

    service mysqld restart

  • Upgrade MySQL databases:

    mysql_upgrade -uadmin -p`cat /etc/psa/.psa.shadow`

  • In case the message below appears, refer to the KB article Error during yum upgrade: Packages excluded due to repository protections:

    yum upgrade mysql
    ….
    881 packages excluded due to repository protections
    No Packages marked for Update

 

Next, update from 5.5->5.7 https://support.plesk.com/hc/en-us/articles/213403429-How-to-upgrade-MySQL-5-5-to-5-6-5-7-or-MariaDB-5-5-to-10-0-10-1-10-2-on-Linux

  1. Stop the MySQL service:

    # service mysqld stop

  2. Create a backup of databases:

    # cp -a /var/lib/mysql /var/lib/mysql_backup

    Note: Disable Atomic repository, if it is enabled:

    # vi /etc/yum.repos.d/atomic.repo
    enabled = 0

  3. Install the MySQL-community repository:

    # yum install https://dev.mysql.com/get/mysql80-community-release-el6-1.noarch.rpm

  4. Select a MySQL version:

    # vi /etc/yum.repos.d/mysql-community.repo
    [mysql56-community]
    enabled=0
    [mysql57-community]
    enabled=1

  5. Install MySQL packages:

    # yum update mysql

    If update of mysql package ends with Nothing to do message, make sure that mysql* packages are not added to excludes in yum.conf file and remove it if it is in the list:

    # cat /etc/yum.conf | grep exclude
    exclude=php-common php-cli php mysql* httpd* mod_ssl*

  6. Type y if this message appears:

    warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
    Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
    Importing GPG key 0x5072E1F5:
    Userid : MySQL Release Engineering <mysql-build@oss.oracle.com>
    Package: mysql57-community-release-el6-7.noarch (@/mysql57-community-release-el6-7.noarch)
    From : /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
    Is this ok [y/N]:

  7. Start the MySQL service:

    # service mysqld start

    If the service does not start, check the following article: MySQL fails to start: mysql.user table is damaged.

  8. Upgrade MySQL databases:

    # MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql_upgrade -uadmin

  9. Restart mysql service:

    # service mysqld restart

 

setup gmail to POP your new account

Open Gmail.
In the top right, click Settings Settings and then Settings.
Click the Accounts tab.
In the 3rd section, click Add a mail account
Follow the steps on the screen
email address: you@yourdomain.com
(Next)
username: you@yourdomain.com (it will default to just part of your address – make sure you type the full email address)
password:
POP server: yourdomain.com
Port 110
Leave all other boxes unchecked
(Add Account)
Yes, I want to be able to send mail as you@yourdomain.com
(Next)
Name: you@yourdomain.com
Treat as an alias – leave checked
(Next Step)
SMTP Server: yourdomain.com
Port: 25
Username: you@yourdomain.com (it will default to just part of your address – make sure you type the full email address)
Password:
Unsecured connection
(Add Account)
You will get a popup screen asking that you enter a verification code that was sent to your you@yourdomain.com account – a bit of a catch22, huh? How can you get the verification code to setup gmail if gmail is not setup to get the code yet? Well, we have you covered…..just a few more steps. In a separate window:
go to http://webmail.yourdomain.com
username: you@yourdomain.com
password:
(login)
click the Mail link in the top left
you should see the email from gmail. Get the verification code.
Enter verification code into google screen and submit
If all went well – you should be done!

have .html files run as .php

A client ran into an interesting problem to get .html files parsed as .php. It was not enough to add a .htaccess directive for php-script because then the php.ini file was used out of the /etc directory instead of the domain’s custom php.ini file. He had to do the following.

I was researching the problem and finally figured out the answer. Just in case you ever get asked again, I added the following to my .htaccess file and now works with the right php.ini file.

AddHandler php-script .html

SetHandler fcgid-script
FCGIWrapper /var/www/cgi-bin/cgi_wrapper/cgi_wrapper .html
Options +ExecCGI

Originally I only had the “AddHandler php-script .html” in the .htaccess file which made it work, but did not pull in the right php.ini file.

Thanks Robert!

credit:
Robert Thaller | Net-Flow Corporation
1556 First Street, Suite 103, Napa, CA 94559
Phone 707-259-1233
Fax 707-255-7218
rthaller@net-flow.com

How to сhange the default certificates for SMTP, IMAP, and POP3 over SSL?

How to сhange the default certificates for SMTP, IMAP, and POP3 over SSL?
Plesk Article ID: 1062, created on Oct 6, 2008, last review on Aug 15, 2016

Applies to:
Plesk for Linux/Unix
Symptoms
How to change the default certificates for SMTP, IMAP, and POP3 over SSL?

Resolution
The certificate for SMTP over SSL is located in the following files:

For QMail MTA: /var/qmail/control/servercert.pem
For Postfix MTA: /etc/postfix/postfix_default.pem
For Dovecot: /etc/dovecot/private/ssl-cert-and-key.pem
Note: Only QMail MTA is used in Plesk 8.x and earlier. Use instructions from KB #5801 article to define which MTA is used in Plesk 9.x and later.

For IMAP4 and POP3 over SSL (only applicable for a Courier-IMAP server), the following certificate files are used:

/usr/share/imapd.pem
/usr/share/pop3d.pem
Or:

/usr/share/courier-imap/imapd.pem
/usr/share/courier-imap/pop3d.pem
By default, these are self-signed certificates for Plesk which are generated during the Plesk installation. If it is required to set up own certificates, copy and paste your certificate and Private Key into the appropriate files (create a backup before changing any files) and restart the qmail/postfix and courier-imap services:

For Plesk version 8.6 and earlier:

~# /etc/init.d/xinetd restart
~# /etc/init.d/courier-imap restart
For Plesk version 9.x and later:

~# /usr/local/psa/admin/sbin/mailmng –restart-service
It is important that the domain the certificate is issued for to be specified. This will allow to avoid a warning that the certificate name does not match that of the host you are connecting to. For example, if the certificate was issued for example.com, then example.com should be specified as the connection string in your mail client preferences for SMTP/POP3/IMAP servers.

NOTE: There is a single certificate for each of these services: SMTP, IMAP4, and POP3 over SSL. Multiple certificates cannot be used for multiple Plesk domains.

Additional Information:

/var/qmail/control/servercert.pem should include:

The Private Key
The primary certificate
The intermediate certificate
The root certificate
Make sure that you include the begin and end tags of the key and each certificate, including the dash lines. The resulting text should look like:

—–BEGIN RSA PRIVATE KEY—–
……….
(Your Private Key here)
……….
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
……….
(Your Primary SSL certificate here)
……….
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
……….
(Your Intermediate certificate here)
……….
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
……….
(Your Root certificate here)
……….
—–END CERTIFICATE—–
The body of the SSL certificate in /usr/share/courier-imap/imapd.pem and /usr/share/courier-imap/pop3d.pem should look like:

—–BEGIN CERTIFICATE—–
MIIB8TCCAZsCBEUpHKkwDQYJKoZIhvcNAQEEBQAwgYExCzAJBgNVBAYTAlJPMQww
…………
…………
eNpAIeF34UctLcHkZJGIK6b9Gktm
—–END CERTIFICATE—–
—–BEGIN RSA PRIVATE KEY—–
MIICXgIBAAKBgQDv6i/mxtS2B2PjShArtOAmdRoEcCWa/LH1GcrbW14zdbmIqrxb
……….
……….
faXRHcG37TkvglUZ3wgy6eKuyrDi5gkwV8WAuaoNct5j5w==
—–END RSA PRIVATE KEY—–
Additional information:

The SSL certificate can only be installed together with the appropriate Private Key that was generated with Certificate Signed Request (CSR) used by the Certificate Authority to generate the certificate. The Private Key is only stored on the server, and this cannot be rebuilt to match an existing certificate.

If the Private Key has been lost, the certificate can no longer be installed.

To install the SSL certificate, find the Private Key. If this is not possible to locate the Private Key, contact the Certificate Authority who issued the certificate. They will reissue the SSL certificate.

Refer the following KB article to install SSL certificate issued for domain:

How to secure SMTP, POP and IMAP connections in Plesk

Plesk-LogoYou’ve installed an SSL Certificate to secure your Plesk Panel, you’ve tested it with an SSL checker and sure enough: the ugly warning window doesn’t bother you or your customers anymore.

But your email client still says that the server doesn’t have a valid certificate. What gives?

The secret is this: SMTP, IMAP and POP3 use their own certificates which are not related to the ones you setup in Plesk to secure https connections. By default the mail services use auto-generated self-signed certificates.

Sadly as of Plesk 12 there is still no way to manage those in the web interface – but it’s relatively easy to fix on the command line. Let’s go through this step by step.

These instructions are for Plesk 12 on CentOS 6 and CentOS 7, using the default Courier mail service. You can also install an alternative mail service called Dovecot in Plesk 12. I’m discussing how to install Dovecot over here.

Default Certificates
We need to replace the following three files (default permissions in brackets):

/etc/postfix/postfix_default.pem (600)
/usr/share/imapd.pem (400)
/usr/share/pop3d.pem (400)
Those are the culprits for SMTP, IMAP and POP3. We need to add our own private key and the certificate of a domain associated with this server and remove the default certificates.

Before we begin, make a safety copy of them like this:

mv /etc/postfix/postfix_default.pem /etc/postfix/postfix_default.old
mv /usr/share/imapd.pem /usr/share/imapd.old
mv /usr/share/pop3d.pem /usr/share/pop3d.old
Here we rename the original files to .old files – in case anything goes wrong, simply rename them back into .pem files.

Add your own certificate
We need the same file three times, so we’ll start by making one for the SMTP service. Create a new file like this:

vi /etc/postfix/postfix_default.pem
and paste first the private key, followed by your certificate into this file. It will look something like this:

—–BEGIN PRIVATE KEY—–
MIID1TCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG
EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM
IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0
l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e
6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb
ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8
N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5
HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd
gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC
St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w
EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js
Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw
JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B
AQUFAAOCAQEAq7y8Cl0YlOPBscOoTFXWvrSY8e48HM3P8yQkXJYDJ1j8Nq6iL4/x
/torAsMzvcjdSCIrYA+lAxD9d/jQ7ZZnT/3qRyBwVNypDFV+4ZYlitm12ldKvo2O
SUNjpWxOJ4cl61tt/qJ/OCjgNqutOaWlYsS3XFgsql0BYKZiZ6PAx2Ij9OdsRu61
04BqIhPSLT90T+qvjF+0OJzbrs6vhB6m9jRRWXnT43XcvNfzc9+S7NIgWW+c+5X4
knYYCnwPLKbK3opie9jzzl9ovY8+wXS7FXI6FoOpC+ZNmZzYV+yoAVHHb1c0XqtK
LEL2TxyJeN4mTvVvk0wVaydWTQBUbHq3tw==
—–END PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw
WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE
AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m
OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu
T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c
JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR
Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz
PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm
aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM
TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g
LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO
BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv
dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB
AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL
NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W
b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S
—–END CERTIFICATE—–
The exact same file can be used for both IMAP and POP3 so we can simply copy it to these two new locations:

cp /etc/postfix/postfix_default.pem /usr/share/imapd.pem
cp /etc/postfix/postfix_default.pem /usr/share/pop3d.pem
These two files had 400 permissions by default so that only root can read them, and no one can change them. Let’s adhere to this and apply the same permissions:

chmod 400 /usr/share/imapd.pem
chmod 400 /usr/share/pop3d.pem

Restart Plesk Mail Services
For the changes to take effect we’ll need to restart all Plesk mail services:

/usr/local/psa/admin/sbin/mailmng –restart-service
And that’s it! Now that pesky warning isn’t going to come up anymore when you access Plesk mail with an email client.

Adding CA Certificates
The above is enough to suppress the usual warning windows in email clients, however if you’re an avid SSL enthusiast you’ll notice that we’ve not added any CA Certificates to the above .pem files. In essence those tell a client that our certificate is valid – otherwise the client would only have our word for it.

You can add the combined CA Certificate to the end of the three .pem files in addition to the private key and your own certificate. It’s not strictly necessary, but doing this means you will pass strict SSL tests.

Thanks to Mike Yrabedra for this tip, and the test URL below!

Testing your mail services
Mike also found a wonderful service that lets you check an email address which will flag up certificate warnings and exceptions – courtesy of CheckTLS:

http://www.checktls.com/perl/TestReceiver.pl
Simply hack in your email address and you’ll see if your certificate is installed properly. Note that to pass the test, your email address must match the domain on the certificate. For example, if your address is you@domain.com, but your certificate is for yourdomain.com then the test will fail the “Cert OK” field.

Screen Shot 2014-12-04 at 12.49.23

Wait – where do I find my private key and certificate?
If you’re using the same certificate for mail that you’re using to secure Plesk, simply head over to

Tools and Settings (or the Server Tab)
Security Settings
SSL Certificates
click on your certificate from the list
scroll down to find plain text sections for your private key and certificate

Wait – where do I find that CA Certificate you speak of?
Your certificate provider will give that to you. Some providers call it “intermediate CA certificate”. They usually have several versions of the same thing. Look for a combined version. In essence it’s two plain text blocks, very similar to the ones I’ve shown you above.

For example, the RapidSSL CA certificates can be found here: https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=AR1548

Further Reading
http://kb.sp.parallels.com/en/1062
http://www.checktls.com/perl/TestReceiver.pl

Log files on CentOS Plesk server

Plesk

Logs
Error log: /var/log/sw-cp-server/error_log and /var/log/sw-cp-server/sw-engine.log
Access log: /usr/local/psa/admin/logs/httpsd_access_log
Panel log: /usr/local/psa/admin/logs/panel.log

Services
Stop: /etc/init.d/psa stop
Start: /etc/init.d/psa start
Restart: /etc/init.d/psa restart

Configuration
PHP config: /usr/local/psa/admin/conf/php.ini
Panel config: /usr/local/psa/admin/conf/panel.ini
Web server config: /etc/sw-cp-server/conf.d/plesk.conf

Web Presence Builder

Logs

Error log: /usr/local/psa/admin/logs/sitebuilder.log
Install/upgrade logs: /usr/local/sb/tmp/
No service control (working via sw-cp-server service)

Configuration
/usr/local/sb/config
/etc/sw-cp-server/conf.d/plesk.conf
/usr/local/psa/admin/conf/php.ini

 

SSO

Logs
Error log: /var/log/sw-cp-server/error_log
SSO log: /var/log/sso/sso.log

Services
No service control (works via sw-cp-server service)
Manage settings: /usr/local/psa/bin/sso

Configuration
/etc/sso/sso_config.ini
/etc/sw-cp-server/conf.d/sso.inc

 

Backup Manager

Logs
Backup logs: /usr/local/psa/PMM/logs/backup-
Restore log: /usr/local/psa/PMM/logs/restore-
Functionality is controlled by the Plesk control panel service

Configuration
/etc/psa/psa.conf

 

Plesk Migrator

Configuration
/usr/local/psa/var/modules/panel-migrator/conf/

Logs
/usr/local/psa/var/modules/panel-migrator/logs/

 

Migration Manager

Logs
/usr/local/psa/PMM/logs/migration-
Functionality is controlled by the Plesk control panel service.

 

Health Monitor Manager

Logs
/usr/local/psa/admin/logs/health-alarm.log

Services
Stop: /etc/init.d/sw-collectd stop
Start: /etc/init.d/sw-collectd start
Restart: /etc/init.d/sw-collectd restart

Configuration
/usr/local/psa/admin/conf/health-config.xml
/usr/local/psa/var/custom-health-config.xml
/etc/sw-collectd/collectd.conf

 

Health Monitor Notification Daemon

Logs
/usr/local/psa/admin/logs/health-alarm.log

Services
Stop: /etc/init.d/psa-health-monitor-notificationd stop
Start: /etc/init.d/psa-health-monitor-notificationd start
Restart: /etc/init.d/psa-health-monitor-notificationd restart

Configuration
/usr/local/psa/admin/conf/health-config.xml
/usr/local/psa/var/custom-health-config.xml

 

MySQL

Logs
/var/log/mysqld.log

Services
Stop: /etc/init.d/mysqld stop
Start: /etc/init.d/mysqld start
Restart: /etc/init.d/mysqld restart

Configuration
/etc/my.cnf
/etc/mysql/my.cnf (Debian/Ubuntu)

 

PostgreSQL

Logs
/var/lib/pgsql/pgstartup.log

Services
Stop: /etc/init.d/postgresql stop
Start: /etc/init.d/postgresql start
Restart: /etc/init.d/postgresql restart

Configuration
/var/lib/pgsql/data/postgresql.conf

 

Apache

Logs
Global Access and Error logs: /var/log/httpd/
Domain logs: /var/www/vhosts//logs

Services
Stop: /etc/init.d/httpd stop
Start: /etc/init.d/httpd start
Restart: /etc/init.d/httpd restart

Configuration
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/zz010_psa_httpd.conf (includes generated configuration files with the rest of the vhosts and server configuration)
NOTE: On SuSE, Debian, and Ubuntu, the service is called “apache2”. The path to its logs is /var/log/apache2 and the path to configs is /etc/apache2.

 

NGINX

Logs
Error log: /var/log/nginx/error.log
Access log: /var/log/nginx/access.log
Domain logs: /var/www/vhosts//logs/proxy_access*_log

Services
Stop: /etc/init.d/nginx stop
Start: /etc/init.d/nginx start
Restart: /etc/init.d/nginx restart
NOTE: To disable nginx, go to “Tools & Settings > Services Management” and stop nginx from there.

Configuration
/etc/nginx/nginx.conf
/etc/nginx/conf.d/zz010_psa_nginx.conf (includes generated configuration files with the rest of the vhosts’ and server configuration)

 

Tomcat

Logs
/var/log/tomcat5/*

Services
Stop: /etc/init.d/tomcat5 stop
Start: /etc/init.d/tomcat5 start
Restart: /etc/init.d/tomcat5 restart

Configuration
/etc/tomcat5/server.xml

 

FTP

Logs
/usr/local/psa/var/log/xferlog
/var/log/secure
No service control (works via xinetd service)

Configuration
/etc/xinetd.d/ftp_psa
/etc/proftpd.conf
/etc/proftpd.include

 

Xinetd

Logs
/var/log/messages

Services
Stop: /etc/init.d/xinetd stop
Start: /etc/init.d/xinetd start
Restart: /etc/init.d/xinetd restart

Configuration
/etc/xinetd.conf
/etc/xinetd.d/* (files with “.” in the name are ignored)

 

BIND

Logs
/var/log/messages

Services
Stop: /etc/init.d/named stop
Start: /etc/init.d/named start
Restart: /etc/init.d/named restart

Configuration
/etc/named.conf
NOTE: In Debian/Ubuntu, the service is called “bind9.”

 

Courier-IMAP

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/courier-imap stop
Start: /etc/init.d/courier-imap start
Restart: /etc/init.d/courier-imap restart

Configuration
/etc/courier-imap/imapd
/etc/courier-imap/imapd-ssl
/etc/courier-imap/pop3d
/etc/courier-imap/pop3d-ssl

 

Postfix

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/postfix stop
Start: /etc/init.d/postfix start
Restart: /etc/init.d/postfix restart

Configuration
/etc/postfix/master.cf
/etc/postfix/main.cf

 

Qmail

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/qmail stop
Start: /etc/init.d/qmail start
Restart: /etc/init.d/qmail restart

Configuration
Control files in /var/qmail/control/
/etc/xinetd.d/smtp_psa
/etc/xinetd.d/smtps_psa
/etc/xinetd.d/submission_psa

 

Horde

Logs
Error log: /var/log/psa-horde/psa-horde.log
No service control (works via Apache web-server)

Configuration
/etc/psa-webmail/horde/horde.conf
/etc/psa-webmail/horde/horde/conf.php

 

Roundcube

Logs
Error log: /var/log/plesk-roundcube/errors
No service control (works via Apache web-server)

Configuration
/etc/psa-webmail/roundcube/*

 

Mailman

Logs
/var/log/mailman/*

Services
Stop: /etc/init.d/mailman stop
Start: /etc/init.d/mailman start
Restart: /etc/init.d/mailman restart

Configuration
/etc/httpd/conf.d/mailman.conf
/usr/lib/mailman/Mailman/mm_cfg.py
/etc/mailman/sitelist.cfg

 

SpamAssassin

Logs
/usr/local/psa/var/log/maillog

Services
Stop: /etc/init.d/spamassassin stop
Start: /etc/init.d/spamassassin start
Restart: /etc/init.d/spamassassin restart

Configuration
/etc/mail/spamassassin/local.cf
/var/qmail/mailnames///.spamassassin/user_prefs

 

Parallels Premium Antivirus

Logs:
/usr/local/psa/var/log/maillog
/var/drweb/log/*

Service control:
Stop: /etc/init.d/drwebd stop
Start: /etc/init.d/drwebd start
Restart: /etc/init.d/drwebd restart

Configuration:
/etc/drweb/*

 

Kaspersky Antivirus

Logs:
/usr/local/psa/var/log/maillog

Service control:
Stop: /etc/init.d/kavehost stop
Start: /etc/init.d/kavehost start
Restart: /etc/init.d/kavehost restart

Configuration:
/opt/kav/sdk8l3/etc/kav-handler.cfg
/etc/kavehost.xml

 

phpMyAdmin

Logs:
Error log: /var/log/sw-cp-server/error_log
No service control (working via sw-cp-server service).

Configuration:
/usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/libraries/config.default.php

 

phpPgAdmin

Logs
Error log: /var/log/sw-cp-server/error_log
No service control (working via sw-cp-server service).

Configuration:
/usr/local/psa/admin/htdocs/domains/databases/phpPgAdmin/conf/config.inc.php

 

Logrotate

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/usr/local/psa/etc/logrotate.conf
/usr/local/psa/etc/logrotate.d/*

 

Webalizer

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/srv/www/vhosts/system//conf/webalizer.conf

 

AWstats

No service control. Executed by the daily maintenance task: /etc/cron.daily/50plesk-daily

Configuration
/usr/local/psa/etc/awstats/awstats.-*.conf

 

Watchdog (monit)

Logs:
/usr/local/psa/var/modules/watchdog/log/wdcollect.log
/usr/local/psa/var/modules/watchdog/log/monit.log

Service control:
Stop: /usr/local/psa/admin/bin/modules/watchdog/wd –stop
Start: /usr/local/psa/admin/bin/modules/watchdog/wd –start
Restart: /usr/local/psa/admin/bin/modules/watchdog/wd –restart

Configuration:
/usr/local/psa/etc/modules/watchdog/monitrc
/usr/local/psa/etc/modules/watchdog/wdcollect.inc.php

 

Watchdog (rkhunter)

Logs:
/var/log/rkhunter.log

Service control:
Start: /usr/local/psa/admin/bin/modules/watchdog/rkhunter

Configration:
/usr/local/psa/etc/modules/watchdog/rkhunter.conf

 

Plesk Firewall

Service control:
Stop: /etc/init.d/psa-firewall stop
Start: /etc/init.d/psa-firewall start
Restart: /etc/init.d/psa-firewall restart

Configuration:
/usr/local/psa/var/modules/firewall/firewall-active.sh
/usr/local/psa/var/modules/firewall/firewall-emergency.sh
/usr/local/psa/var/modules/firewall/firewall-new.sh

 

Plesk Firewall (IP forwarding)

Service control:
Stop: /etc/init.d/psa-firewall-forward stop
Start: /etc/init.d/psa-firewall-forward start
Restart: /etc/init.d/psa-firewall-forward restart

Configuration:
/usr/local/psa/var/modules/firewall/ip_forward.active
/usr/local/psa/var/modules/firewall/ip_forward.saved

 

IP Address Banning (Fail2Ban)

Service control:
Stop: /etc/init.d/fail2ban stop
Start: /etc/init.d/fail2ban start
Restart: /etc/init.d/fail2ban restart

Configuration: A set of IPTables rules. By default:-
iptables -N fail2ban-plesk-login
iptables -A fail2ban-plesk-login -j RETURN
iptables -A INPUT -p tcp -m multiport –dports 8880,8443 -j fail2ban-plesk-login

libarchive error after upgrade to plesk 12.5

Error:

Fatal error during packages installation: Test Transaction Errors: package libarchive-2.8.4-11082614.x86_64 (which is newer than libarchive-2.8.4-6.el5.i386) is already installed

YumTestTransactionError: Test Transaction Errors: package libarchive-2.8.4-11082614.x86_64 (which is newer than libarchive-2.8.4-6.el5.i386) is already installed

Error: Failed to run the Yum utility.
The Yum utility failed to install the required packages.
Attention! Your software might be inoperable.
Please, contact product technical support.

Fix:


rpm -e --nodeps libarchive
wget -q https://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm
rpm -Uvh epel-release-latest-5.noarch.rpm
yum install libarchive
/usr/local/psa/admin/bin/autoinstaller

Enable Nginx support


/usr/local/psa/admin/bin/nginxmng -e

CT-4968585-bash-4.1# service nginx reload
Reloading nginx: [FAILED]
CT-4968585-bash-4.1# /usr/local/psa/admin/bin/nginxmng -d
CT-4968585-bash-4.1# /usr/local/psa/admin/bin/nginxmng -e
CT-4968585-bash-4.1# service nginx restart
Starting nginx: [ OK ]

http://kb.odin.com/en/119053

Some of the selected subscriptions were not suspended. MySQL query failed: Unknown column ‘fp’ in ‘field list’

Some of the selected subscriptions were not suspended.
MySQL query failed: Unknown column ‘fp’ in ‘field list’

Create backup of psa database:
# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` psa > psa.sql

Login to database:
# mysqldump -uadmin -p`cat /etc/psa/.psa.shadow ` psa > psa`date +%F_%H.%M`.sql

Add required fields to table, e.g.:
# mysql -uadmin -p`cat /etc/psa/.psa.shadow ` psa


ALTER TABLE psa.hosting ADD fp enum('false','true') NOT NULL default 'false';
ALTER TABLE psa.hosting ADD fp_ssl enum('false','true') NOT NULL default 'false';
ALTER TABLE psa.hosting ADD fp_enable enum('false','true') NOT NULL default 'false';
ALTER TABLE psa.hosting ADD fp_adm varchar(20) NOT NULL;
ALTER TABLE psa.hosting ADD fp_pass varchar(20) NOT NULL;