List access or error log files with their sizes plesk hosting servers

/in , , , , , , /by

List all access log files;

find /var/www/vhosts/*/logs/error_log -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

List all error log files;

find /var/www/vhosts/*/logs/access_log -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

For access logs,there are also other access log files in that directory.For example,access_ssl_log,access_ssl_log.processed and more.So to list all files that starts with access,use wildcards like;

find /var/www/vhosts/*/logs/access* -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

Unable to change hosting php version in php selector for Cloudlinux

/in , , , , , , /by

In this case,problem is file permissions for php.ini file related that you want to switch php version.

Login to shell and change the group owner of related file.Sample command is for php 7.4

chgrp linksafe /opt/alt/php74/etc/php.ini

Change compression type for Plesk backups

/in , , , , , , , /by

As a new feature,Plesk picked up zstd compression method for backups.If you want to create backup files with classic method you can edit the panel.ini file in two way

1. Go to Extensions ->Install and activate panel editor extension and open the editor in my extensions section

Select the editor and add these;

[pmm]
compressionMethod = deflate

2.Login to shell.Open /usr/local/psa/admin/conf/panel.ini file with your favorite editor like nano or vi.Add theses line to the appropriate place

[pmm]
compressionMethod = deflate

Note.You may already see [pmm] section.In this case you just add compressionMethod = deflate

below the [pmm] section.

Most Used Linux Commands For File Compression

/in , , , /by

Gzip

Compress a file with gzip

$ gzip filename

Compress and keep the original file

$ gzip -c file > file.gz

Compress all files in a folder

$ gzip -r foldername

Tar.gz

$ tar -czvf filename.tar.gz directory

ZSTD Compression

Install first the package,

$ sudo apt install zstd (Debian/Ubuntu)

$ dnf install zstd (Centos,AlmaLinux,Fedora,Redhat)

Usage:

to compress a file :

zstd example.txt

Using with tar:

tar --zstd example.tar.zst example/

ZSTD Uncompression

tar --use-compress-program=unzstd -xvf archive.tar.zst

 

How to Install Maxmind Geoip module for Litespeed

/in , , , /by

Previously I wrote a document that how to install Maxmind module for Apache web server.

Also I wrote how to block requests from countries wherever you want.

After four years I think you might need to this for litespeed because lots of hosting companies use that.

First of all,before install,you need same thing :the maxmind country ip database here (You should login first to https://www.maxmind.com

 

First create a folder named GeoIP under /usr/local/share/

Download the gzip or tarball and extract to /usr/local/share/GeoIP/GeoLite2-Country.mmdb<–sample name.we will use this path in litespeed admin console.

After login to your litespeed admin console->Configuration->Server

In general tab,you will see geoip lookup setting.So you enable it.

And find the details of maxmind settings section

You see this is already configured.Yours will be empty.Ignore that.So you need to add some details like below;

File path must be true.DB name is really important and variable section is mandatory field.it is better to set as is.and save.Restart the litespeed server.

After you do that You verify it is installed correctly.Therefore you must see geoip variable in phpinfo page.So you upload a php file that includes phpinfo and load it from your browser.

If you see that server variable then you can create some rules about deny some requests;

Assume you use Centos or Cloudlinux,go to /etc/httpd/conf.d and create a file named maxmind.conf (name is optional but it should ends with .conf)

maxmind.conf

<IfModule LiteSpeed>
GeoIPEnable On
</IfModule>

<IfModule mod_geoip.c>

<FilesMatch “wp-login.php|xmlrpc.php”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All

</FilesMatch>

<LocationMatch “^/”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All

</LocationMatch>

<LocationMatch “^/admin”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All

</LocationMatch>

<LocationMatch “^/wp-admin”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All

</LocationMatch>

</IfModule>

1.First section enables the geoip lookup

2.Filesmatch directive matches request to your spesific file name regardless of where.So it can be / or /abc.

3.Locationmatch is a folder generally

So according to these directives Accessing outside of US to your site root /,/admin and /wp-admin will be blocked as well as wp-login.php and xmlrpc.php

You can allow multiple country by adding their iso codes with this syntax (I guess)

SetEnvIf GEOIP_COUNTRY_CODE ^(US|FR|DE) AllowCountry

After you finish your configuration file,save it and restart litespeed.

To verify,Opera browser or open proxies will help you.

PwnKit Local Privilege Escalation Vulnerability polkit’s pkexec (CVE-2021-4034)

/in , , , , , , , , , , , /by

A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges.

PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

Patch for Ubuntu is Available

https://ubuntu.com/security/notices/USN-5252-1

If you don’t have any patch please remove suid bit from pxexec tool with this command

chmod 0755 /usr/bin/pkexec

Cloudlinux Setting Global Php Directives

/in , , , , /by

When you want to apply one or more php directives like disable_functions,datetime.zone or something else to all your customers websites,you should write these to /etc/cl.selector/global_php.ini file.After you write your directives enter this command to apply

selectorctl –apply-global-php-ini

/usr/sbin/cagefsctl –setup-cl-selector

You can see the example below.

; This file provides global settings for php.ini of all alt-php packages
; The structure of this file:
; option = value
; To confirm changes (not affecting “date.timezone” and “error_log” options) please run:
; /usr/sbin/cagefsctl –setup-cl-selector
; To confirm changes (including “date.timezone” and “error_log” options) please run:
; /usr/bin/selectorctl –apply-global-php-ini
; or
; /usr/sbin/cagefsctl –apply-global-php-ini
; If you don’t want to change error_log, but want to change date.timezone, you can execute
; selectorctl –apply-global-php-ini date.timezone
; Similarly, command
; selectorctl –apply-global-php-ini error_log
; applies error_log and all other options specified in /etc/cl.selector/global_php.ini file, except date.timezone.
; So, you can specify 0, 1 or 2 parameters from the list: error_log, date.timezone
; using –apply-global-php-ini without arguments applies all global php options including two above
; Example:
; selectorctl –apply-global-php-ini error_log
; selectorctl –apply-global-php-ini date.timezone
; selectorctl –apply-global-php-ini date.timezone error_log
; The latter command has the same effect as /usr/bin/selectorctl –apply-global-php-ini
[Global PHP Settings] disable_functions = mail,system, dl, array_compare, array_user_key_compare, passthru, cat, exec, popen, proc_close, proc_get_status, proc_nice, proc_open,escapeshellcmd,escapeshellarg, show_source,posix_mkfifo, ini_restore, mysql_list_dbs, get_current_user, getmyuid,pconnect, link, symlink, fin, fileread, shell_exec, pcntl_exec, leak, apache_child_terminate,chown, posix_kill, posix_setpgid, posix_setsid, posix_setuid, proc_terminate, syslog, fpassthru, execute, shell, chgrp, passthru, socket_select,socket_create, socket_create_listen, socket_create_pair, socket_listen, socket_accept, socket_bind, socket_strerror, pcntl_fork, pcntl_signal, pcntl_waitpid,pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, openlog, apache_get_modules, apache_get_version,apache_getenv, apache_note, apache_setenv, virtual, eval, allow_url_fopen, pconnect, p_connect,posix_getpwuid,fileowner,symlink,readlink,stream_select,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority

Detect new hard disk without reboot

/in /by

To refresh all devices,Please type the command below as a root user

echo “- – -” | tee /sys/class/scsi_host/host*/scan