Wednesday, August 1, 2012

plesk control panel events

if you want to have a way to produce some stats about control panel usage of your parallels plesk cp, you can do a number of things.
  • you can populate a database,
  • you can write to log files
Parallels plesk control panel gives two environment variables that hold the  CONTACT_NAME of the user that just logged in or logged out.

The Environment  variable to use for an event for control panel:

  •  login    would be  ${NEW_CONTACT_NAME}
  •  logout  would be  ${OLD_CONTACT_NAME}

 one simple script to save some information in database and log some info in /var/log/syslog follows.


#!/bin/bash

LANG=en_US.UTF-8
LC_CTYPE=en_US.UTF-8

myTimeStamp=$(date +%Y-%m-%d-%T--%N)
myFullPath=/var/log/events.log/client-cp-login-$myTimeStamp.eml

echo ""--------------"" >> $myFullPath
/bin/date >> $myFullPath
/usr/bin/id >> $myFullPath
echo ""client just logged in"" >> $myFullPath
echo ""name: ${NEW_CONTACT_NAME}"" >> $myFullPath
echo ""--------------"" >> $myFullPath

dbuser='username';
dbpass='secret';

LOG=$(mysql -u$dbuser -p$dbpass psa --batch -N -e "SET NAMES 'utf8'; SELECT  CONCAT('user ',s.login,' logged in from ', s.ip_address,' moreUserInfo: ', c.pname) FROM sessions s join clients c WHERE s.login=c.login AND c.pname ='${NEW_CONTACT_NAME}' LIMIT 1;")

logger -t "plesk-client-login" "$LOG"

echo $LOG  >> $myFullPath

myTimeStamp=$(date +%Y-%m-%d-%T)
#mail -a "Content-Type: text/plain; charset=UTF-8" -s "PLESK CP LOGIN: ${NEW_CONTACT_NAME} - $myTimeStamp" -b jkara@ccf.auth.gr -c fpapaste@ccf.auth.gr     gkougiou@ccf.auth.gr < $myFullPath
mail -S sendcharsets=utf-8  -s "PLESK CP LOGIN: ${NEW_CONTACT_NAME} - $myTimeStamp" -b jkara@ccf.auth.gr -c fpapaste@ccf.auth.gr     gkougiou@ccf.auth.gr < $myFullPath
Posted by at No comments:

add level of security mod_itk to your plesk installation

There a lot's of different ways to protect your linux server (apache httpd processes) in a way that if a domain is compromised, all other domains will remain unaffected, and protect the server for unauthorized access as well.

System file protectionUse mod_security to confine all apache vhosts to a specific subdirectory  i.e. /var/www/vhosts/

Domain protection
Replace apache worker with apache2-mpm-itk or mod-ruid.

System File and Domain protection in the same time
Use apparmor changehat for each domain.(not yet implemented I am afraid)

The first two methods are somewhat easy to implement, and I will try to do my best in laying out some easy instructions to help you apply them to your system.

stay tuned more to come.
Posted by at No comments:
Subscribe to: Posts (Atom)