3/28/2024 0 Comments Edit a file using ssh plesk server![]() ![]() You would then be able to edit it using File Manager of FTP. Tell you what - if there's a particular file you really want to edit, and editing or overwriting the file isn't possible within the application (e.g Wordpress or whatever it might be) itself (which will have permission to edit files owned by apache if in mod_php mode), then you could chown that individual file to your ftpusername. I don't want to be even indirectly responsible problems you might encounter. I'm therefore reluctant to go into any detail here. Also possible is that the application you have installed could stop working. You could really screw things up with a single mistyped letter (not really - I'm exaggerating - but I suppose anything is possible). And any new files created by php will be owned by the FTP username and not Apache due to the use of php_fcgi mode.īut although the words are simple and the commands to achieve them are easy enough, to blindly do so would be potentially inviting trouble. This will make everything owned by the ftp username, allowing you to use FTP and also the file manager to edit/delete them, and all will be well under most circumstances. To rectify this, I'd change the PHP mode to php_fgci, then chown -R all the website files and directories in httpdocs to your-ftp-username.psacln. Using FTP or the Plesk File Manager, you then can't edit/delete/overwrite any of the files. When run as mod_php, any files that php created are owned by apache and NOT the ftp username for this Subscription. I don't know what to suggest here without risking damage to your website and even your VPS. On AWS LightSail they have 'networks' where you can do so.ĥ) Add Google Authenticator Multi Factor Authentication (MFA) for both Plesk (using Google Authenticaiton Plesk extension), WordPress Domains (using miniorange plugin), and AWS builtin option.Ħ) Scan the Plesk FireWall once in few days, to see it was not hacked to add permissions, possibly by the Plesk Installer hacked, and injection of IPs that way.ħ) Move on to set email DKIM (this is a server encryption for emails, and replace the Plesk generated key with your own), SPF (this is your declaration that email from your domain or sub domain mail.example should come only from your IPs and possibly AWS SES sending emails on your behalf) for the 4 fixed IPs you have set, and DMARC policy (this is your instruction set on a DNS record, telling other servers what to do if SPF or DKIM fail, and includes your email to receive reports) to call other servers to reject emails pretending to come from you, and found not to pass the SPF and DKIM tests.ĩ) Possibly add nginx rules, to block various access according to rules and IPs.OK, look - this is complicated. This is possible on AWS.ģ) Write down the IPs for the above two, as well as the Server's private and public IP, and restrict on the Plesk FW almost all services (not including ' range used for this).Ĥ) Add the main port restriction also on the hosting level, which is a higher level from the Plesk server. What I highly recommend is the following:ġ) Obtain a service of PRIVATE IP, for BOTH your cellular and fixed home internet connection.Ģ) Set the server to use a static IP. I find changes Plesk recently did the the Plesk FW as likely IMHO containing Bugs (product defects). After reinstating it, click the 'enable' and start on a new fresh beginning. What I would have done instead of you, is I REMOVE the Plesk FW using the Plesk -> Tools -> Update tool, and then reinstate it. # /usr/local/psa/bin/modules/firewall/settings -c # /usr/local/psa/bin/modules/firewall/settings -aīack to the SSH window B, confirm the changes within 60 seconds: # /usr/local/psa/bin/modules/firewall/settings -s -name 'My rule' -direction input -action deny -ports '2222/tcp,2222/udp' -remote-addresses "203.0.113.2" On the SSH window A, create a new rule and apply it: # /usr/local/psa/bin/modules/firewall/settings -confirmĪll predefined by Plesk rules that are required for Plesk functionality will be enabled.īelow is an example of adding a new rule with the name "My rule" which will deny incoming connections from 203.0.113.2 on ports 2222/tcp, 2222/udp:Ĭonnect to a Plesk server via SSH in 2 separate SSH windows. On the SSH window B, confirm the changes within 60 seconds: # /usr/local/psa/bin/modules/firewall/settings -e ![]() On the SSH windows A, enable the firewall:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |