LinuxHostingSupport

You may come across with a “numiptent” error message while restarting iptables or whatever firewall (say csf) you have installed on your VPS. The error appear as follows:

The VPS iptables rule limit (numiptent) is too low (200/250) – stopping firewall to prevent iptables blocking all connections

There is a limit on the number of iptables packet filtering entries for a VPS and if the iptable rules added on a VPS exceeds the “numiptent” set, you will receive the given error message.

To make sure iptables works properly on a VPS, you need to increase the “numiptent” value in the VPS configuration file which is located at /etc/sysconfig/vz-scripts/veid.conf and have to restart the VPS.

Plesk offers an IP restriction policy which allows an administrator to restrict Plesk panel access to certain IPs. If your IP is not in the allowed list, you will receive the following error message while accessing the Plesk control panel:

Error: Access for administrator from address ‘xx.xx.xx.xx’ is restricted in accordance with IP Access restriction policy currently applied.

In order to enable Plesk panel access to everyone, you need to access the ‘psa’ database by logging to your server as root.

#First connect to your mysql server:
mysql -uadmin -p`cat /etc/psa/.psa.shadow ` psa

#List the IPs those are allowed to access the Plesk control panel.
mysql> select * from cp_access;

#Check the default access policy
mysql> select * from misc where param=’access_policy’;

#To remove all the IPs from ‘cp_access’ table:
mysql> delete * from cp_access;

#To change the default access policy to “allow” by default:
mysql> update misc set val=”allow” where param=’access_policy’;

You will now be able to access Plesk from any location without any problems.

While adding a cron job from cPanel, you may see an error message as

/usr/bin/crontab permissions are wrong (6755). Please set to 4755.

The reason is quite simple, the “crontab” executable have incorrect permissions as stated in the error message. The permissions of /usr/bin/crontab should be 4755.

root@server [~]# ls -la /usr/bin/crontab
-rwsr-xr-x 1 root root 208810 Jun 1 12:24 /usr/bin/crontab*

In order to set the required permissions, ssh to your server as user ‘root’ and use the the ‘chmod’ command to correct the permissions:

chmod 4755 /usr/bin/crontab
OR
chmod u+s /usr/bin/crontab

Once the permissions are corrected, you will be able to add the cronjobs from cPanel.

Your Ftp server rejects your access to the server on providing the username and do not prompt for a password as well and you may see the following error in the your server logs:

Jan 10 11:22:33 mai1 pure-ftpd: (?@xx.xx.xx.xx) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please
reconnect using SSL/TLS security mechanisms.

Ftp can accept three values:

# 0 : disable SSL/TLS encryption layer (default).
# 1 : accept both traditional and encrypted sessions.
# 2 : refuse connections that don’t use SSL/TLS security mechanisms.

If the “TLS” directive below these options is set to 2, you will receive the face the above stated problem. In order to overcome the issue, change the value of “TLS” from 2 to 1 and restart pure-ftpd service:

/scripts/restartsrv pure-ftpd

This will now allow you to access Ftp without using a SSL/TLS security mechanisms.

SwSoft install it’s own certificate during Plesk installation but because it’s a self-signed certificate it gives you a warning message while accessing Plesk control panel. If you wish, you can purchase your own SSL certificate and replace it with the default certificate.

Issue your new SSL certificate using the server hostname say ‘server.yourdomain.com’ and place it under the configuration directory of Plesk located at “/usr/local/psa/admin/conf/“.
The default certificate is named as “httpsd.pem”.
Name the new certificate as “httpsd-new.pem” and place it under the same configuration directory.
Edit the Plesk configuration file “httpsd.conf” and search for the following line:

SSLCertificateFile “/usr/local/psa/admin/conf/httpsd.pem”

SSLCertificateFile “/usr/local/psa/admin/conf/httpsd-new.pem”

Save the file and restart the ‘psa’ service:

service psa stop
service psa start

Once done, access Plesk using the hostname as https://server.yourdomain.com:8443. This will make sure you won’t receive a warning message while accessing Plesk control panel.