Plesk 9.5 is coming

[BruceLee]

Parallels Plesk Panel 9.5.0
SOURCE: http://download1.parallels.com/Plesk/PP ... ed-os.html

1.[+] PCI Compliance: Parallels Plesk Panel can be made compliant with the Payment Card Industry Data Security Standard. This can be achieved by running a special PCI compliance resolver utility and additional tuning of system components, as described in the document Achieving PCI Compliance for Servers Managed by Parallels Plesk Panel 9.5. The document is available at http://www.parallels.com/products/plesk ... /index.htm.
2.[+] Compatibility with Microsoft Internet Explorer 8: Parallels Plesk Panel is now compatible with Microsoft Internet Explorer 8.
3.[+] CloudLinux support: Parallels Plesk Panel can now work under CloudLinux operating system.
4.[+] Google Services for Websites support (beta): Parallels Plesk Panel 9.5 can now be easily integrated with Google Services for Websites. To learn more, refer to Parallels Plesk Panel 9.5 Administrator's Guide at http://download1.parallels.com/Plesk/PP ... /64635.htm.
5.[+] Upgraded components: ProFTPD was upgraded to the version 1.3.2b, phpMyAdmin to the version 2.9.11, and Horde Application Framework to the version 3.3.6.
6.[+] More virtualization solutions supported: Parallels Plesk Panel 9.5 can operate in virtual environments created by the following virtualization solutions: Parallels Virtuozzo Containers, Microsoft Hyper-V, Xen, and VMWare. There are special licensing options for Parallels Panel software operating inside virtual environments. For more information about licensing options, contact your vendor or call Parallels sales team. The phone numbers are listed at http://www.parallels.com/contact/.
7.[-] Migration of websites from Plesk Control Panel 7.5.4 to Parallels Plesk Panel 9.2.1 failed if the SpamAssassin spam filter was configured to remove spam e-mail - issue resolved.
8.[-] A number of security issues were identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it - these issues were resolved.
9.[-] Cross-site scripting vulnerability was eliminated.
10.[-] ProFTPD 1.3.1 was prone to a security vulnerability that allowed attackers to perform cross-site request forgery types of attacks - to resolve this issue, ProFTPD was upgraded to the version 1.3.2b.
11.[-] If temporary directory on the server was full, FTP network error occurred on attempt to move a file from an FTP storage to the server repository - issue resolved.
12.[-] Migration failed if the /tmp file system was full - issue resolved. Now you can specify any other location for the temporary directory.
13.[-] If, in Parallels Plesk Panel, there is a domain with the same name as server's hostname, then a message sent to postmaster@$HOSTNAME is bounced back - issue resolved.
14.[-] During upgrade, the default client and domain template values were reset - issue resolved.
15.[-] Plesk 8.x key was not updated automatically to 9.x during product upgrade - issue resolved.
16.[-] After upgrade, var/qmail/control/me file contained only the hostname - issue resolved.
17.[-] Scheduled security scanning by Watchdog (System Monitoring) Module could not start - issue resolved.
18.[-] Postfix mail server occasionally failed to deliver some e-mail messages with the "Unprocessed command" errors - issue resolved.
19.[-] SpamAssassin spam filter incorrectly classified most of the messages delivered in the year 2010 as spam - issue resolved.
20.[-] After upgrading Parallels Plesk Panel from versions 8.x to 9.x, scheduled backups could stop working - issue resolved.
21.[-] Horde webmail did not open properly in Internet Explorer 8 - issue resolved.
22.[-] Web statistics were not calculated properly when the piped logs feature was switched on - issue resolved.
23.[-] The Watchdog (System Monitoring) Module showed security warnings (false positives) due to incorrect default configuration - issue resolved.

[Hultenius]

Wow, didn't expect Plesk 9.5 that fast!
And the updates actually make sense, at a first glance

[BerArt]

1.[+] PCI Compliance: Parallels Plesk Panel can be made compliant with the Payment Card Industry Data Security Standard. This can be achieved by running a special PCI compliance resolver utility and additional tuning of system components, as described in the document Achieving PCI Compliance for Servers Managed by Parallels Plesk Panel 9.5. The document is available at http://www.parallels.com/products/plesk ... /index.htm.

Are they in your territory now? ASL is working on this feature I recall? Maybe ASL can use this feature?

[scott]

Nah, PCI compliance is way more than just changing the SSL settings.

[Highland]

This can be achieved by running a special PCI compliance resolver utility and additional tuning of system components

This is the important part of it. It sounds like Plesk now includes a PCI scanner utility. So it scans your site for vulnerabilities and you get to fix them. It's probably a simple widget like McAfee's and the other "PCI scanners"

[spaceout]

18.[-] Postfix mail server occasionally failed to deliver some e-mail messages with the "Unprocessed command" errors - issue resolved.

Might Postfix finally work properly?

[scott]

Its definitely not going to scan the site for vulnerabilities. That kind of assessment requires a skilled operator to perform, although there are tools out there they can aide the process (WebInspect, Accunetix, W3af, etc). I suspect best case you might find something like nikto in the mix, but more likely this is just looking at basic server level settings like SSL.

If you are looking for a good open source scanner to aide in your testing, check out w3af. Its a few hundred megs, but well worth the download.

[nobody]

Try to update to 9.5.1 today just failed ...

1. First updated the base packages of 9.3. Done ...

2. Then tried to update to 9.5.1 but got an error that it couldnt retrieve the keys.

3. Firewall shut down.

4. Updating keys. Double check and got key is up to date..

** 5. Trying to update to 9.5.1 :
Mail says everything is up to date. System is still showing plesk 9.3 and based on what i saw on top it still is 9.3.
Then I get 2 mails one says key retrieve problem and the other says everything is up to date.

Now also this came from OSSEC and looks weird to me.

Apr 15 00:51:24 box kernel: grsec: From my.ip.: denied untrusted exec of /etc/sw/keys/restart/plesk-key-handler by /usr/bin/sw-engine-cgi[sw-engine-cgi:27427] uid/euid:501/501 gid/egid:500/500, parent /usr/bin/sw-engine-cgi[sw-engine-cgi:27393] uid/euid:501/501 gid/egid:500/500

And actually I have been getting a key update error on my mails for around 20 days now but never gave it too much thought. Thought it was just the firewall...

Any ideas why plesk won't actually update and thinks I have updated ?

[scott]

Thats a parallels side problem, they arent responding to key updates since its not officially out yet.

[aus-city]

It's out

if you got problems as the auth server seems overloaded, run the autoinstaller from shell and update. Say yes to the key warning and complete the update.

You can then log in and retrieve keys and get a new key and your in business.

Report also that ASL works perfectly on Fedora 11 with plesk 9.5.1

[spaceout]

I just installed Plesk 9.5.1 on a RHEL 5.5 box running ASL 2.2.5.

Now, I'm not able to FTP into the box as it looks like I'm running into the problem outlined in this thread: http://www.atomicorp.com/forum/viewtopic.php?f=3&t=3423

When trying to install the ART copy of ProFTP I get this error in:

Code: Select all

Transaction Check Error:
  package psa-proftpd-1.3.2e-rhel5.build95100409.18.i586 (which is newer than psa-proftpd-1.3.2a-1.el5.art.i386) is already installed

So far, that seems to be the only hang up. How do I go about getting the correct version of ProFTP installed?

[scott]

Try upgrading to whats in the asl-2.0-testing channel

[spaceout]

Thanks, Scott. That worked great for the FTP issue.

I've noticed another issue I'm having with 9.5.1 as well. The Plesk interface shows Apache as being down, yet it is actually running. When I try to restart Apache I get an error (yet it stays running) and when trying to start Plesk I see the following...

Code: Select all

[warn] module ssl_module is already loaded, skipping
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
websrvmng: Service /etc/init.d/httpd failed to restart
websrvmng: Service /etc/init.d/httpd failed to restart

Anyone know what might be causing this? I haven't tried killing off the existing apache processes in fear that it won't start back up.

[BruceLee]

what do the logs say?

[spaceout]

What log should I be checking? I looked in /var/log/httpd/error_log and there was nothing in there.