Category Archives: confixx/Plesk

Plesk Panel Remove Facebook and Promos from Panel

To get rid of the horrible facebook like button and promo’s in your plesk panel do the following.

1. Create or edit a file with you favourite editor called:

/opt/psa/admin/conf/panel.ini

And add the following content:


showLikeLink=false
[rating]
enabled=false
[promos]
enabled=off

Thats it no more facebook and rubbish in your admin interface enjoy.

Activate Webdav in Plesk

The Plesk interface does not support the webdav protocol. But Apache does support webdav. Webdav can be used as an iDisk under MacOS X. Webdav can also be used with Linux or Windows. Here are the steps to get webdav up and running. These instructions should work on Debian based system. But similar commands should work with all major Linux distributions:

First activate the webdav Apache modules and restart apache:

a2enmod dav
a2enmod dav_fs
service apache2 restart

Then create a vhost config for the domain you are using adding webdav. Please replace domain.tld with you domain. And check the directory line:

vi /var/www/vhosts/domain.tld/conf/vhost.conf

<Directory /var/www/vhosts/domain.tld/httpdocs>
DAV on
</Directory>

To get Plesk to include our custom configuration we must reconfigure the domain with the httpdmng.

/usr/local/psa/admin/sbin/httpdmng --reconfigure-domain domain.tld

This will make Plesk include the file vhost.conf in our Apache configuration adding the webdav directive.

You should be able to connect to the web share (webdav) now. Using the user name and password of the domain user in Plesk. You can either use the MacOS X finder (connect to server). Or you can also connect through most Linux desktops using Nautilus for example. If you experience any problems writing to the share. You may need to change the permissions on the folder so that the Apache user has write permissions:

chown -R www-data:www-data /var/www/vhosts/domain.tld/httpdocs/

Thats it you have created your own web share.

Plesk Change PHP Admin Values and Rebuild Vhost Config

Create a file called “vhost.conf” in the directory “/var/www/vhosts/example.com/conf/”

<Directory /var/www/vhosts/example.com/httpdocs>
php_admin_value safe_mode off
php_admin_flag register_globals on
</Directory>

Rebuild the domain config for the particular vhost with:

/usr/local/psa/admin/sbin/httpdmng --reconfigure-domain example.com

Or rebuild all vhosts if you changed more than one with:

/usr/local/psa/admin/sbin/httpdmng --reconfigure-all

You can also change other settings this way here are some examples:

php_admin_value post_max_size 20M
php_admin_value upload_max_filesize 20M
php_admin_value open_basedir none

Plesk panel 404 /relay after upgrade

After upgrading a plesk install yesterday. From 10.1 to 10.3.1 the admin panel started redirecting me from myserver.com:8443 to myserver.com:8443/relay. Which resulted in a 404 error with no plesk panel. During the upgrade plesk must have activated the sso component which stopped the webinterface from working. To fix this issue do the following:

/usr/local/psa/bin/sso --disable

frequently used SSL commands

generate a new private key and matching Certificate Signing Request (eg to send to a commercial CA)
openssl req -out MYCSR.csr -pubkey -new -keyout MYKEY.key

-add -nodes to create an unencrypted private key
-add -config if your config file has not been set in the environment

decrypt private key

openssl rsa -in MYKEY.key >> MYKEY-NOCRYPT.key

generate a certificate siging request for an existing private key

openssl req -out MYCSR.csr -key MYKEY.key -new

generate a certificate signing request based on an existing x509 certificate

openssl x509 -x509toreq -in MYCRT.crt -out MYCSR.csr -signkey MYKEY.key

create self-signed certificate (can be used to sign other certificates)

openssl req -x509 -new -out MYCERT.crt -keyout MYKEY.key -days 365

sign a Certificate Signing Request
openssl x509 -req -in MYCSR.csr -CA MY-CA-CERT.crt -CAkey MY-CA-KEY.key -CAcreateserial -out MYCERT.crt -days 365

-days has to be less than the validity of the CA certificate

convert DER (.crt .cer .der) to PEM

openssl x509 -inform der -in MYCERT.cer -out MYCERT.pem

convert PEM to DER

openssl x509 -outform der -in MYCERT.pem -out MYCERT.der

convert PKCS#12 (.pfx .p12) to PEM containing both private key and certificates

openssl pkcs12 -in KEYSTORE.pfx -out KEYSTORE.pem -nodes

add -nocerts for private key only; add -nokeys for certificates only

convert (add) a seperate key and certificate to a new keystore of type PKCS#12

openssl pkcs12 -export -in MYCERT.crt -inkey MYKEY.key -out KEYSTORE.p12 -name "tomcat"
check a private key

openssl rsa -in MYKEY.key -check

add -noout to not disclose the key

check a Certificate Signing Request

openssl req -text -noout -verify -in MYCSR.csr

check a certificate

openssl x509 -in MYCERT.crt -text -noout
check a PKCS#12 keystore

openssl pkcs12 -info -in KEYSTORE.p12

check a trust chain of a certificate

openssl verify -CAfile MYCHAINFILE.pem -verbose MYCERT.crt

-to check for server usage: -purpose sslserver
-to check for client usage: -purpose sslient

Confixx http special entries

Confixx is a fairly popular Admin Panel in Germany to change certain settings in Confixx you can use an option called http special. Here are a few examples of values you may modify:

PHP Safe Mode (this is not recommended):

php_admin_flag safe_mode Off

PHP Memory Limit:

php_admin_value memory_limit 128M

PHP Max Execution Time / Max Input Time:

php_admin_value max_execution_time 120
php_admin_value max_input_time 120

PHP Max Upload Size / Max File Size

php_admin_value upload_max_file_size 32M
php_admin_value post_max_size 32M

PHP Open Basedir:

php_admin_value open_basedir /path/##user##

PHP Session Save Path:

php_admin_value session.save_path /path/##user##/phptmp

Confixx Mod Rewrite:

<Directory /var/www/##user##/html>
Options +FollowSymLinks +SymLinksIfOwnerMatch +Multiviews
</Directory>

Disable PHP functions:

php_admin_value disable_functions popen,escapeshellcmd,system,exec,passthru

The variable: ##user## will match your current user if you are changing settings for more that one user this is extremely helpful

Howto Create a self signed SSL certificate

This howto shows you howto create a self signed SSL certificate without a passphrase. Using openssl with one single command:

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mykey.key -out mycert.crt

After you have answered all the questions you should have two files one key file and one crt file. Please make sure to enter your domain name when asked for your common name. This can also be an ip address if you don’t have a domain name to use. You can change how long the cert is valid for by changing the value days. If you prefer to have your cert and key in one file normally called a pem file please use the following command:

openssl req -x509 -nodes -days 1095 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem

As you can see the only thing i changed is instead of using two file names one for the key and one for the cert. You just repeat the first name which will create the cert and the key in one file called mycert.pem in our example.

Change Document Root Plesk

1. In the directory

/var/www/vhosts/example.com/conf create a file called vhost.conf

2. Edit the file with a text editor and add the following line:

Documentroot /my/new/DocumentRoot

3. Then execute the following command

/usr/local/psa/admin/sbin/websrvmng -–reconfigure-vhost -–vhost-name=example.com

4. Okay thats it reload the apache webserver

/etc/init.d/apache2 reload

Plesk drweb antivirus update cron mails

A cron is run every 30 minutes to check on virus database updates via /etc/cron.d/drweb-update, which sends an email every 30 minutes to the plesk server admin. Most of our customers don’t like the behavior.

To resolve, direct the output to /dev/null or to a log file instead if you need to keep a watch on the updates.

1. Edit /etc/cron.d/drweb-update redirecting the output to /dev/null

vi /etc/cron.d/drweb-update

2. Add the following line

*/30 * * * * drweb /opt/drweb/update.pl >/dev/null 2>&1

This would direct all out put from the drweb update script to /dev/null (trash)

Confixx + Postfix+ IMAP + Maildir

This howto describes howto get rid of the horrible mboxes for mail which confixx uses by default. Converting all your mailboxes to the maildir format also allows you to use imap. Please make backups of your confixx installation before you begin with this howto you have been warned:

1. Edit your confixx main.conf

vi /root/confixx/confixx_main.conf

When your finished this is what it should look like:

$maildrop = ‘HOMEDIR/Maildir/’;
$mailBoxName = ‘Maildir’;
$pop_homeDir = ‘/var/mail’; //specify folder where you want maildirs to be stored. the folder must exist
$mail_realHome = ’1?;

2. Edit your postfix main.cf

vi /etc/postfix/main.cf

And add the following line:

home_mailbox = Maildir/

3. Edit your procmailrc

vi /etc/procmailrc

And add the following line:

DEFAULT=”$HOME/Maildir/”

4. Run the confixx counterscript

/root/confixx/confixx_counterscript.pl –fa -dbg

5. Convert existing Mboxes to Maildir. Confixx provides a script for doing this. Run the script and make sure to answer all the questions. Or except the defaults which should be ok.

/root/confixx/admin/contrib/convert_mb2md.pl

6. If you are using qpopper uninstall it and install courier pop and imap if you need imap. This is for debian and ubuntu:

aptitude purge openbsd-inetd qpopper
aptitude install courier-pop
aptitude install courier-imap

Thats it check you log files send a test mail and enjoy.