store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Thu Aug 21, 2014 6:07 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 22 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: ASL 3.0.20
Unread postPosted: Tue Feb 28, 2012 5:32 pm 
Offline
Forum Regular
Forum Regular

Joined: Tue Aug 05, 2008 5:01 pm
Posts: 111
I am also getting 503 error in Plesk License Manager :S


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 05, 2012 11:18 am 
Offline
Forum Regular
Forum Regular

Joined: Sat Mar 28, 2009 6:58 pm
Posts: 851
Location: Germany
I did not totally understood what to do to make ASL protect against this vulnerability:
http://kb.parallels.com/en/113321

could you give some more details? thanks.


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 05, 2012 11:25 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
Upgrading Plesk to at least the micro update mentioned for your Plesk release should protect against the vulnerability.

After upgrading to ASL 3.0.20 you can also run /var/asl/bin/plesk-waf-setup to enable the ASL Plesk WAF which will also protect against this vulnerability (and a whole lot more).

I recommend doing both.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 05, 2012 11:31 am 
Offline
Forum Regular
Forum Regular

Joined: Sat Mar 28, 2009 6:58 pm
Posts: 851
Location: Germany
thanks breun.
I will do so.
But where do I get infos about what plesk-waf-setup does?
Is it added to the gui? Or does it just run in background and nothing needs to be done?
will it restart after a reboot? Of course I know how to check everything of that afterwards I have run
/var/asl/bin/plesk-waf-setup

But I prefer infos before I do something.

Thanks


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 05, 2012 11:38 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
The tortixd will be configured as a reverse proxy for Plesk so it can scan the traffic and protect it just like mod_security is protecting the Apache daemon that serves the websites. There is no additional GUI for it and it should restart automatically after a reboot. You should see security events in the ASL web interface just like before.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 05, 2012 11:44 am 
Offline
Forum Regular
Forum Regular

Joined: Sat Mar 28, 2009 6:58 pm
Posts: 851
Location: Germany
ok, thanks for the explanation and your help breun.


Top
 Profile  
 
 Post subject: Re: ASL 3.0.20
Unread postPosted: Mon Mar 12, 2012 11:58 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
breun wrote:
As far as I can see HTTPS access to Plesk (tcp/8443) is secured this way, but HTTP access (tcp/8880) isn't, so unless 8880 is specifically firewalled Plesk is still accessible without being protected by mod_security. I guess this is not too hard to add and otherwise this looks like a great addition to ASL, so thanks for that.


Since Plesk 10 there's also the autoinstaller HTTPS service on port 8447 that the ASL Plesk WAF maybe also should cover.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 22 posts ]  Go to page Previous  1, 2

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Yahoo [Bot] and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group