Put your message here! Contact me for more information
 

 







« Bug Day: Internet Explorer 7 SELECT element innerHTML bug
Slashdot Comments vs MySQL medium int »

 

Bug Day: Configure Plesk Control Panel Access as Subdomain (A.K.A. change plesk admin port) - Plesk 8.0 & vhost_ssl.conf

November
08
2006

Server
Tutorials
Web Technolgy

view comments
permalink

Last nite, I was surfing around and found this page at the ThePlanet.com forum. Someone has configured a subdomain to proxy to the Plesk admin page. This way, in stead of accessing Plesk admin page via port 8443 (which I forget half of the time), I can access the page via https//plesk.mydomain.com (still encrypted with SSL for your privacy and security). In case I am behind a firewall that blocks most incoming/ outgoing ports, I still can access my plesk control panel page via the standard SSL port of 443.

From the forum thread (see the link above), the setup is pretty straightforward, but for some reasons, a few people could not configure the subdomain to act as a proxy to the Plesk control panel. The reason is there is a bug in how Plesk 8.0 writes the domain/ subdomain configuration files for Apache. And as there were a few people asking for a more detailed step-by-step tutorial, here is my take on it.

Let’s first go over the setup and configuration, then we can talk about the bug in Plesk. I assume that you have root access to your box because the Plesk manual explicitly states that you have to be root to create the vhost_ssl.conf file, which is the file we need to create to turn the subdomain into the proxy to the Plesk control panel.

The setup

  • Create a subdomain in Plesk. Remeber to enable SSL support, PHP support, and CGI support. By checking these 2 options, we are forcing Plesk to add an “include” directive to the configuration file of the domain. We discuss more on this later. I created a subdomain called “plesk” so that I can use it like https://plesk.alexle.net/ to access to the Plesk CP. From now on, let’s use “plesk” as our subdomain and alexle.net as our main domain.
  • Next, SSH to your box as root, then cd to the configurations folder of the newly created subdomain:
    #cd /var/www/vhosts/alexle.net/subdomains/plesk/conf/
  • Create a vhost_ssl.conf file ins this conf folder using your favorite text editor. The content of this file should be

    SSLProxyEngine on
    ProxyRequests off
    ProxyPass / https://www.alexle.net:8443/
    ProxyPassReverse / https://www.alexle.net:8443/

    What we are doing is to turn on the SSLProxyEngine for this particular subdomain. In order for this to work, we have to turn the ProxyRequests off. Next, we tell Apache to pass all traffics (or requests) from the root / access of the subdomain to the destination URL (which means all future requests from https://plesk.alexle.net/ will be “ProxyPass“ed to https://www.alexle.net:8443/) . Then with ProxyPassReverse, we tell Apache to redirect the response from https://www.alexle.net:8443/ back to /, our “https://plesk.alexle.net”. (By the way, you will have to use your own domain/ subdomain instead www.alexle.net in the above configuration)

  • Finally, for Apache to pickup the the new configuration file, we need to restart the httpd service
    #/etc/init.d/httpd restart
  • Surf to htps://plesk.alexle.net/. Humh, it doesn’t work yet? Here is the Plesk bug.

The Bug

Plesk BugThe way Plesk generates and stores configurration files are covered in the Plesk Manual Page. Basically there’s a master Apache config file at /etc/httpd/conf. This master Apache configuration file will include a whole bunch of other specific configuration files for each domains (located in /var/www/vhosts/domain_name/conf/httpd.include) and subdomains (/var/www/vhosts/domain_name/subdomains/your_subdomains/conf/vhost.conf or vhost_ssl.conf). Phew.

Remeber when we created the subdomain, we have selected PHP support and CGI support. By doing this, we have forced Plesk to write an “include” directive in the configuration file of the main domain to include the configuration file of the subdomain. To clarify, if you now open up the file httpd.include (in my case, at /var/www/vhosts/alexle.net/conf/httpd.include), find the VirtualHost section for your newly created subdomain, you will find a line similar to this

#file: /var/www/vhosts/alexle.net/conf/httpd.include
Include /var/www/vhosts/alexle.net/subdomains/plesk/conf/vhost.conf

However, there are 2 VirtualHost sections for the plesk subdomain: one is for port 80, and the other is for port 443, SSL. Moreover, both sections include the same vhost.conf file. This is wrong. Based on the Plesk’s Manual, the VirtualHost section for the SSL at port 443 should include the vhost_ssl.conf instead of the vhost.conf. So that’s the Plesk 8.0 bug. I’ve tried a couple times and was able to reproduce the Include bug.

The fix

Now we know why our configuration file for SSL access via the subdomain is not picked up. We need to change the Include directive of the VirtualHost SSL section for the subdomain to use the vhost_ssl.conf file instead. Then restart apache (#/etc/init.d/httpd restart) and everything should works fine.

The catch

We are modifying the main domain’s httpd.include file, which Plesk will overwrite everytime we make changes to this particular domain. Once that happens, you will have to re-modify the httpd.include file so that the correct vhost_ssl.conf file is used.

I hope that this short article helps you work and understand Plesk better. Thanks for the thread from ThePlanet.com forum to inspire me for this article. Comments are welcome as always.

Entry posted at 11:46 pm on Wednesday, November 8th, 2006, and it is filed under Server, Tutorials, Web Technolgy

You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

 Subscribe in a reader. Enjoy reading my blog? Subscribe to my RSS to read new post whenever I publish something new.

 

9 Responses to “Bug Day: Configure Plesk Control Panel Access as Subdomain (A.K.A. change plesk admin port) - Plesk 8.0 & vhost_ssl.conf



Kay
1:42 pm
March 29, 2007
#20520

If you use “websrvmng” with the following options:

–reconfigure-vhost –vhost-name=plesk.domain.com

and then restart apache, the config will be written into httpd.include and wont be overwritten every time you start the server




snotigr
2:21 am
June 19, 2007
#40068

Swsoft have a new article about this from Feb 2007: http://kb.swsoft.com/article_16_1694_en.html




hidayath
9:38 am
March 6, 2008
#125898

my server is windows2003 how i can do that in my windows server




Ryan
10:44 am
March 20, 2008
#131658

Well I found this on the Plesk blog:

‘Limited customization – It’s very hard to efficiently implement per-tenant database schema customization in a single database, and it’s not possible to use standard DBMS tools – like built-in indexing. Plus, the multi-tenant application cannot use script-based customization of the internal logic – what if a buggy script loops infinitely?

SmoothSpan Bob Warfield and Unreasonable Men argued that customization capabilities are often excessive and there is little harm in removing much of that flexibility. For newly written applications, it might even be true. But if an ISV has a customer base to migrate to SaaS model, telling customers that their solutions will be broken because some of the customizations don’t work anymore is hardly an option.’

Apparently Plesk is not heading their own blog…LOL because we all are doing nothing but loosing functionality and the ability to see what is going on, on our sites.

I’m paying an extra 10 bucks a month for this Plesk thing which basically has reduced my site to nothing.
1. AwStats which is just as important as Apache does not function at all.
2. Customizable httpd.include per domain does not work with
vhost.conf and since Plesk is an unsecured script, (because it must run with open base directory on), we have lost HUGE functionality. You do not see this problem with or like this Cpanel at ALL!
In the past 10 years I have had only 2 problems with Cpanel both related to the file manager and editor, very minor and were fixed in the next version. When I say fixed I don’t mean they said it was fixed and it wasn’t, it means it was fixed and has worked perfectly ever since.
3. If you change your MySql Passwords in phpMyAdmin i.e. outside of Plesk then you can not reach MySql any more. This implies that Plesk is storing your passwords outside the data base in unsecured fashion.
There are many more too.

I guess Plesk is like windows 3.1 and Cpanel is like linux

Now if you think I’m a little more than perturbed with Plesk you’d be correct. However, I have spent the last three weeks messing around with Plesk because it doesn’t work rather than having my attention on my business and customers where it belongs. Can Plesk comprehend the ramifications of placing UNTESTED, UVALIDATED and weak performing code (Plesk) on a server and claiming it to be a management utility?

Plesk should not be recommended for any server under any conditions until Plesk can function properly




Ben
2:11 pm
May 10, 2008
#153606

It sounds like Ryan has to go back to Webmaster school.

A couple of points of note:

1.) Your HOST has a lot to do with how Plesk is set-up. You have incorrectly assumed that the folks at Parallels just drop off a ready-made piece of hardware with CentOS installed and everything is ready to go. That’s not at all how it happens; your host is fully responsible for a major share of the set-up. The problems you are complaining about are either your host’s fault, or your own.

2.) Regarding your comment about the MySQL databases — again, this is your host’s fault, not Plesk’s. My host is mediaTemple, they use Plesk 8.3, and I can’t even change MySQL passwords through phpMyAdmin. Your host improperly configured MySQL and phpMyAdmin, not Plesk.

3.) What do you mean in your comment numbered “2″? You say that “Customizable httpd.include per domain does not work with
vhost.conf”. What are you even talking about? The two files ARE linked together and DO work together. My guess is that you modified one of these files AND FORGOT TO REFRESH THE PLESK CONFIGURATION:

/usr/local/psa/admin/bin/websrvmng -a

See this URL for more details (valid through at least Plesk 8.3): http://www.gadberry.com/aaron/2006/02/09/plesk_vhost/

With respect to your open_base_dir comment, you HAVE TO SPECIFY WHICH DIRECTORIES SHOULD BE CONSIDERED ALLOWED. It would be a major security oversight if the default was to have NO open_basedir restriction! All you had to do was specify the proper path to your scripts in the base_dir area of your vhost.conf file. furthermore, those scripts can be MOVED outside of the httpdocs root and include()’d by a file that is not nearly as revealing. Your vhost.conf would thus include something like this:

php_admin_value open_basedir “/var/www/vhosts/yoursite.com/protected_scripts”

(don’t forget to refresh the Plesk configuration with the command referenced above).

Basically, it sounds like you’re new to Plesk, you’re lost, unwilling to consult the help files (or use a search engine), and unwilling to hold your host accountable for any of it.

Somehow, I’m not surprised.




Floogy
5:25 am
January 17, 2009
#242384

This bug doesn’t happen if you create a top-level Domain named e.g. subdomain.example.com (rather than creating a subdomain in Plesk), and leave PHP and CGI support unchecked.




Armando
8:43 pm
February 23, 2009
#248404

Hi! I need your help.
I use plesk 8.3 (Windows) and I want to connect mysql that way:
http://mysql.domainname.com
Do you know how I do that? I have add a “A” record on DNS settings of the domain like mssql, but didn’t work. Do you have any ideas?
Thank You!




Alex le
11:12 pm
February 23, 2009
#248416

@Armando,

By “connect mysql that way”, you mean you want to (1) access PhpMyAdmin thru a subdomain, or you want to (2) assign the subdomain to point to a different server running MySQL ?

for (1), you will need to create a new subdomain within Plesk and then modify the apache’s configuration of the subdomain to point to a copy of phpMyAdmin (essentially just modify the DocumentRoot)

for (2), you will need to create a new subdomain and modify the DNS to point to whichever server that runs MySQL. This step should be relatively straightforward within Plesk.

Hope this helps.




Armando
12:56 am
February 24, 2009
#248427

Well, sorry for my poor domain of the english language (I will try to improve that).
I believe the answer (2) is more approriate in my case.
My VDS is running on a windows server with IIS7. There’s no apache server.
I tried to do that on plesk but nothing happen. Do you mind in make a little walktrough for me?

Thank you again!




 

Leave a Reply