Tag Archives: Plesk 12.0.18

Plesk

Add DHParam to Plesk Panel

You can fix Logjam for the Plesk Panel by simply adding the standard Nginx dhparam directive to the plesk.conf file.
Very similar to previous posts on adding OCSP and HSTS to Plesk.

First you will need to create your dhparam, you can follow my guide Creating DH Parameters, and then locate the file and edit with your favourite editor…

/etc/sw-cp-server/conf.d/plesk.conf

And add the Nginx ssl_dhparam directive above the certificate entries like so…

ssl_dhparam /etc/ssl/dh/RSA2048.pem;
ssl_certificate /opt/psa/admin/conf/httpsd.pem;
ssl_certificate_key /opt/psa/admin/conf/httpsd.pem;

Save the file and restart the Plesk server…

service sw-cp-server restart

And you are good to go.
I hope that helps someone.

Ubuntu

Migrate Plesk to MariaDB

The guide at Plesk’s DevBlog results in dependency issues on Ubuntu 14.
Here’s what the command should be when migrating to MariaDB on Ubuntu 14.04.2 LTS with Plesk 12.0.18.

1. Log in as root and run…

apt-get update

2. And run the following updated command…

env DEBIAN_FRONTEND=noninteractive apt-get -o OrderList::Score::Immediate=1000 \
install libmariadbclient18 mariadb-client-5.5 mariadb-client-core-5.5 mariadb-common mariadb-server mariadb-server-5.5 mariadb-server-core-5.5

3. Check you have MariaDB installed with

mysql -V
mysql  Ver 15.1 Distrib 5.5.41-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

I hope that helps someone else.

Notes

Some problems you may encounter, these are in the order you may receive them…

dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/mariadb-server-5.5_5.5.41-1ubuntu0.14.04.1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Fix: 

# dpkg -i --force-overwrite /var/cache/apt/archives/mariadb-server-5.5_5.5.41-1ubuntu0.14.04.1_amd64.deb

Following the above error you will get this…

Errors were encountered while processing:
 mariadb-server-5.5

Fix: 

# dpkg --configure -a

And finally…

Error: dpkg: error processing package mariadb-server-5.5 (--configure):
 dependency problems - leaving unconfigured
 Errors were encountered while processing:
 mariadb-server-5.5

Fix: 

# apt-get install -f
Ubuntu

Migrate Plesk to ClamAV

2 Comments

Recently a client wanted a free alternative to Plesk’s DrWeb, I went with ClamAV.
Here’s what I did to migrate the system from DrWeb to ClamAV.

REMOVE DRWEB

1. Firstly lets remove DrWeb properly: 

/opt/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --remove-component drweb

INSTALL CLAMAV

2. Now we can install ClamAV: 

apt-get install clamav clamav-base clamav-daemon clamav-freshclam clamav-milter clamsmtp libclamav6

3. Edit /etc/clamav/clamav-milter.conf and set: 

MilterSocket /var/run/clamav/clamav-milter.ctl

to

MilterSocket inet:3381@localhost

4. Now edit /etc/postfix/main.cf and add: 

milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:12768, inet:127.0.0.1:12345, inet:127.0.0.1:3381
non_smtpd_milters = inet:127.0.0.1:12345, inet:127.0.0.1:3381

Where 12768 = psa-remote, 12345 = OpenDKIM, 3381 = ClamAV.

5. Now we need to restart postfix, clamav-milter and send a test mail and check for these headers..

X-Virus-Scanned: clamav-milter 0.98.6 at hostname
X-Virus-Status: Clean

Your mail should now be scanned by both Spamassasin and ClamAV.
If you are missing the Scanned by header check the file…/etc/clamsmtpd.conf, for

# A header to add to all scanned email
Header: X-AV-Checked: ClamAV using ClamSMTP

And uncomment it.

SET UP FRESHCLAM

6. ClamAV Freshclam, can be set up in several ways, I find it best to use cron for an hourly update.
To configure freshclam run…

dpkg-reconfigure clamav-freshclam

And select cron instead of daemon.

7. You should have a default cron job for freshclam in /etc/cron.d/clamav-freshclam, should you wish to manage the task in Plesk or crontab you should disable first by commenting it out, you can then add the task to crontab like so… 

crontab -e
30	*	*	*	*	/usr/bin/freshclam --quiet

8. Now restart freshclam with

service clamav-freshclam restart

And you should be good.
Any questions feel free to contact me.