Search

Language:  
Search for:

Available article translations:

Securing Parallels Plesk Panel: Best Practices to Prevent Threats

APPLIES TO:
  • Parallels Plesk Panel

A critical component to securing any software product you use from security threats is to engage in preventative measures.  We have identified these security best practices that help protect your Parallels Plesk Panel installations:
 
·         When applying security patches (such as that issued in February 2012 for Parallels Plesk Panel), reset passwords.  It is particularly important to reset passwords if your server had an intrusion, or was at risk of an intrusion. Parallels provides a Mass Password Reset Script for Hosters to help do this in an automated way.
 
·         Clean sessions after passwords are reset. After changing passwords, remove any active sessions using:
# php -d open_basedir= -d safe_mode=0 plesk_password_changer.php `cat /etc/psa/.psa.shadow` --clean-up-sessions

NOTE:  More details are in the KB article http://kb.parallels.com/113391.
 


·         If you experience a security intrusion, review your published web content for integrity, removing any malicious scripts:

Linux:
# grep -ilr 'km0ae9gr6m' /var/www/vhosts/ | while read arq; do echo $arq; echo $arq >> /root/infected.txt; sed -ni '1h;1!H;${x;s/km0ae9gr6m.*qhk6sa6g1c/virus removed/;p}' $arq; done;

You can then find the list of infected files in /root/infected.txt.
 
Windows: 
1) Download Sed from http://sourceforge.net/projects/gnuwin32/files/sed/4.2.1/sed-4.2.1-setup.exe/download
2) Install it by running the .exe file;    
3) Launch the command:
cd "C:\Program Files (x86)\GnuWin32\bin"
findstr /S /I /M /C:km0ae9gr6m %plesk_vhosts%* >> C:\infected.txt & for /F "usebackq tokens=*" %i in (`type "C:\infected.txt"`) do @echo off && sed -ni "1h;1!H;${x;s/km0ae9gr6m.*qhk6sa6g1c/virus removed/;p}" "%i" & echo on

4) You can then find the list of infected files in C:\infected.txt.



·         If you experience a security intrusion, it is possible backdoor was installed on your server.  Set up a new clean server, download and install a clean instance of Parallels Plesk Panel on that server, and transfer customer and account data to that new server.
 
·         Instruct customers to not reset passwords from the new ones back to the previous (potentially compromised) passwords.  Compromised user/password combinations can potentially be used for future security intrusions and so must never be reused.
 
·         Keep operating system and 3rd party software applications up-to-date and patched.  Most software vendors issue security updates that you should track and install. 
 
·         If you are running in a virtualized environment, it is important to set up the environments to apply patches.  For example, if you are running Parallels Virtuozzo Containers for Windows, it is important to read http://kb.parallels.com/114363 and http://kb.parallels.com/114364
 
·         Stay up to date on Plesk versions and MicroUpdates (MUs). The most recent Plesk version gets any patches pro-actively – with constant monitoring for possible future vulnerabilities.  Plus, stability and ease of upgrades (based on # of Support tickets) are greatly improved – so the added security is well worth upgrading for.

·         Parallels has created a Malware Removal tool. More details you can find in corresponding article http://kb.parallels.com/en/115025

If you think you’ve experienced a security intrusion you can send Parallels your server credentials for us to analyze. The best protection, though, is prevention. Customers who have used the best practices noted here had no issues with security intrusions even during recent reports of potential vulnerabilities.



49af2da0f2dd4c81e962790bbbd0c2b4 56797cefb1efc9130f7c48a7d1db0f0c

FEEDBACK
Was this article helpful?
Tell us how we may improve it.
Yes No
 
 
 
 
 
 
Desktop Virtualization
- Parallels Desktop 9 for Mac
- Parallels Transporter
- Parallels Desktop Switch to Mac Edition
- Parallels Desktop for Mac Enterprise Edition
- Parallels Management-Mac for Microsoft SCCM
Server Virtualization
- Parallels Cloud Server
- Parallels Containers for Windows 6.0 Beta
- Parallels Virtuozzo Containers
Automation
- Parallels Automation
- Parallels Automation for Cloud Infrastructure
- Parallels Business Automation Standard
- Parallels Virtual Automation
- Parallels Plesk Panel Suite
- Web Presence Builder
- Parallels Plesk Automation
- Parallels Small Business Panel
- Value-added Services for Hosters
- Parallels Partner Storefront
Services & Resources
- Cloud Acceleration Services
- Professional Services
- Support Services
- Training & Certification