LinuxHostingSupport

Plesk offers an IP restriction policy which allows an administrator to restrict Plesk panel access to certain IPs. If your IP is not in the allowed list, you will receive the following error message while accessing the Plesk control panel:

Error: Access for administrator from address ‘xx.xx.xx.xx’ is restricted in accordance with IP Access restriction policy currently applied.

In order to enable Plesk panel access to everyone, you need to access the ‘psa’ database by logging to your server as root.

#First connect to your mysql server:
mysql -uadmin -p`cat /etc/psa/.psa.shadow ` psa

#List the IPs those are allowed to access the Plesk control panel.
mysql> select * from cp_access;

#Check the default access policy
mysql> select * from misc where param=’access_policy’;

#To remove all the IPs from ‘cp_access’ table:
mysql> delete * from cp_access;

#To change the default access policy to “allow” by default:
mysql> update misc set val=”allow” where param=’access_policy’;

You will now be able to access Plesk from any location without any problems.

While adding a cron job from cPanel, you may see an error message as

/usr/bin/crontab permissions are wrong (6755). Please set to 4755.

The reason is quite simple, the “crontab” executable have incorrect permissions as stated in the error message. The permissions of /usr/bin/crontab should be 4755.

root@server [~]# ls -la /usr/bin/crontab
-rwsr-xr-x 1 root root 208810 Jun 1 12:24 /usr/bin/crontab*

In order to set the required permissions, ssh to your server as user ‘root’ and use the the ‘chmod’ command to correct the permissions:

chmod 4755 /usr/bin/crontab
OR
chmod u+s /usr/bin/crontab

Once the permissions are corrected, you will be able to add the cronjobs from cPanel.

Your Ftp server rejects your access to the server on providing the username and do not prompt for a password as well and you may see the following error in the your server logs:

Jan 10 11:22:33 mai1 pure-ftpd: (?@xx.xx.xx.xx) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please
reconnect using SSL/TLS security mechanisms.

Ftp can accept three values:

# 0 : disable SSL/TLS encryption layer (default).
# 1 : accept both traditional and encrypted sessions.
# 2 : refuse connections that don’t use SSL/TLS security mechanisms.

If the “TLS” directive below these options is set to 2, you will receive the face the above stated problem. In order to overcome the issue, change the value of “TLS” from 2 to 1 and restart pure-ftpd service:

/scripts/restartsrv pure-ftpd

This will now allow you to access Ftp without using a SSL/TLS security mechanisms.

SwSoft install it’s own certificate during Plesk installation but because it’s a self-signed certificate it gives you a warning message while accessing Plesk control panel. If you wish, you can purchase your own SSL certificate and replace it with the default certificate.

Issue your new SSL certificate using the server hostname say ‘server.yourdomain.com’ and place it under the configuration directory of Plesk located at “/usr/local/psa/admin/conf/“.
The default certificate is named as “httpsd.pem”.
Name the new certificate as “httpsd-new.pem” and place it under the same configuration directory.
Edit the Plesk configuration file “httpsd.conf” and search for the following line:

SSLCertificateFile “/usr/local/psa/admin/conf/httpsd.pem”

SSLCertificateFile “/usr/local/psa/admin/conf/httpsd-new.pem”

Save the file and restart the ‘psa’ service:

service psa stop
service psa start

Once done, access Plesk using the hostname as https://server.yourdomain.com:8443. This will make sure you won’t receive a warning message while accessing Plesk control panel.

How to Password Protect a Directory using .htaccess?

You may need to password protect a directory in order to limit the sharing of files under it OR may need to protect a private area. You can password protect a directory using a .htaccess file which has to be placed under a directory which needs to be protected.

Create a .htaccess file

vi /home/username/.htaccess

Once created, add the following lines to it:

AuthUserFile /home/username/.htpasswd
AuthName “Private Area”
AuthType Basic
require valid-user

where, ‘username’ is the actual username of your domain. Now, create a .htpasswd file under the /home/username/ directory.

vi /home/username/.htpasswd

In order to grant access to the directory for specific users, you need to place all the users along with their passwords in the below format:

username1:encryptedpassword
username2:encryptedpassword

There is no limit in adding users to this file, just make sure each user should be on a separate line and you can encrypt passwords using any available tool on the internet.