Plesk 12
Location of logs files and configuration files for every Plesk service.
To let admins easily access the currently used configuration file, Plesk
stores the symlinks last_nginx.conf that point to the active files.
The system re-generates the configuration files after each change of
virtual host configuration
(source).
Also, it is the same as /etc/nginx/plesk.conf.d/vhosts/*
Plesk Virtual Host Configuration Files
Plesk + Wordpress
Increase cache expiry time for static files
Enter the following under Additional nginx directives to increase cache times for static files. It’s important to note that you must uncheck “Serve static files directly by nginx” when inserting this rule:
The nginx setting must be unchecked because this specifies the same thing — that nginx must respond to these types of files — along with the increased expiry time. If you leave the nginx rule enabled it will take precedence because it comes first, and thus your cache expiry entry will not apply.
Original configuration was:
And my new one is:
|
|
Warning: Plesk option Serve static files directly in Web Server Settings for a domain must be DISABLED.
Note: Matching and precedence of nginx location rules is as detailed here.
Settings
Fix FTP
Passive mode
FTP server ProFTPd: Enable Passive FTP on Plesk 12
But with small change:
echo '<Global>PassivePorts 60000 65534</Global>' >/etc/proftpd.d/60-passive-mode.conf
1 hour time difference
FTP server ProFTPd: Enable Passive FTP on Plesk 12
But with small change:
echo '<Global>PassivePorts 60000 65534</Global>' >/etc/proftpd.d/60-passive-mode.conf
Don’t forget!
Timezone & 1hr problem
ProFTPD supports changing the timestamp on a file using the MDTM command, as part of mod_facts module. This module existence can be checked with
`proftpd --list | grep facts`
Pure-FTPd, the FTP server I am using on ISP Config on my servers also supports MDTM command.
I decided to use the second solution. And I wanted to avoid edition
/etc/proftpd.conf directly.
Solution:
# NO echo 'SetEnv TZ UTC' >/etc/proftpd.d/70-timezone-fix.conf
# SetEnv TZ :/etc/localtime
# echo 'TimesGMT on' >/etc/proftpd.d/70-timezone-fix.conf
TimesGMT option causes the server to report all ls and MDTM times in
GMT and not local time. By default, it is turned off.
As on Plesk, ProFTPd is hooked into Xinet.d, we just need to restart xinet and ftpd will be restarted also.
service xinetd restart
Note: When synchronizing directories in Total Commander, both TC-sync
options: mdtm and utc, MUST be set. Also, in advanced settings in
FTP connection details, you can play with option Use MLSD ..., as
sometimes turning this off solves the problem.
Location of mail accounts
Mail accounts are stored in these folders:
/var/qmail/mailnames/<domain>/<email>/Maildir/
Reconfigure PHP
You can call executables like this:
/usr/local/psa/admin/bin/php_handlers_control --list
/usr/local/psa/admin/bin/httpdmng --reconfigure-domain domain.tld
/usr/local/psa/bin/php_handler --reread
But more elegant is with plesk command:
plesk sbin php_handlers_control --list
plesk sbin httpdmng --reconfigure-domain domain.tld
plesk bin php_handler --reread
plesk bin php_handler --list
Reconfigure directory permissions:
plesk bin repair --restore-vhosts-permissions
After some system change, type plesk sbin packagemng --set-dirty-flag
to notify Plesk that you made some changes.
Reference for Command Line Utilities, Parallels Plesk 12.0 for Linux KB Parallels: How to enable multiple PHP versions in Parallels Plesk for Linux
Custom directives / Custom Plesk Templates
Location of nginx configuration files is illustrated
here
and it’s starting at /etc/nginx/nginx.conf.
What is here?
/var/www/vhosts/system/hostingtipp.ch/conf/vhost_nginx.conf
How to edit default templates for httpd.conf and ngnix.conf: Step by step guide to install and integrate Varnish with Plesk 12.x
Custom Plesk templates in a folder like http://download1.parallels.com/Plesk/PP12/12.0/Doc/en-US/online/plesk-linux-advanced-administration-guide/68820.htm#
Plesk itself never touches “custom” directives.
Plesk nginx config for every domain and subdomain
Parallels Plesk 12: Harden Up and Supercharge Your WordPress Site
Directory permissions
Set permissions:
cd /var/www/vhosts/save-up.ch/httpdocs
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
Main HTTP directory must be a group of psaserv:
chown :psaserv /var/www/vhosts/*/httpdocs
List all the files not owned by group psacln:
find /var/www/vhosts/*/httpdocs/* \! -group psacln | xargs ls -ald
Typical file ownership is that user is saveupch and group is psacln:
ll -d /var/www/vhosts/*/httpdocs/index.php
So set it like this:
chown -R :psacln *
There must be no index.html file:
rm /var/www/vhosts/wettbewerbe365.ch/httpdocs/index.html
Warning: Is you type .* as argument, bash will expand to include ..
also - and this is a huge problem.
Correct httpdocs permissions in Plesk
Wordpress directory permissions
A Complete Guide on WordPress FileSystem Permissions and Ownerships
Tricks
Search all of the nginx config files
grep -ri SEARCHTERM /etc/nginx/*.conf /etc/nginx/conf.d/*.conf /var/www/vhosts/system/*/conf/{last_nginx.conf,vhost_nginx.conf} /var/www/vhosts/*/conf.d/*.conf
502 Bad Gateway
This error reminds me that php5-fpm service is not restarted in Plesk
when creating a new domain, or even the service is stopped.
Restarting the service with service php5-fpm restart will solve the
issue.
It can also be too big headers (check in error.log): https://www.scalescale.com/tips/nginx/502-bad-gateway-error-using-nginx/
Allow upravitelj to edit these custom templates:
chown -R upravitelj:upravitelj /usr/local/psa/admin/conf/templates/custom/*
later, we should protect it again to root:root.
Test domain configuration with:
plesk sbin httpdmng --reconfigure-domain filterizavodu.com
less /var/www/vhosts/system/filterizavodu.com/conf/last_nginx.conf
Options to control everything is Serve static files directly by nginx and valid values are:
hhvmto use HHVM PHP instead PHP-FPMno-location-blocksinstructs Plesk not to create nginx location directives because I will add them by myselfrefspaminstructs Plesk to block any referer SPAM requests.- not used -
spdyto add SPDY support
We could also change server-wide template
We won’t do that, as this affects only server, and not the domains. Anyway, to regenerate sever-wide configuration files:
plesk sbin httpdmng --reconfigure-server
File permissions
HHVM uses threads to serve each request, where PHP5 uses processes. Sadly with threads we can’t change UserID for each request.
grep "^RUN_AS_.*=" /etc/init.d/hhvm
In our case, HHVM is run as www-data:www-data, so www-data user
should be a member of both psacln and psaserv groups.
Plesk user groups
The psaserv group is used for the server-side management scripts and
also for parent-level directories that should not be shared between
different websites. psacln group is used for client-side files, such
as all of the files held within a website.
Check these groups, and ensure that both apache (or www-data, for
running PHP as apache module), nginx and www-data (for HHVM) are
members of both groups.
grep -E "psacln|psaserv" /etc/group
And that solves everything.
usermod -a -G psaserv www-data
usermod -a -G psacln www-data
And check user www-data with id www-data.
Problem: Different SSL domains on same site
Plesk has the solution out of the box.
In Plesk, domain under one subscription shares the same root, user
permissions and etc. Just, when creating domain in that subscription,
specify httpdocs as Document root and it will be the same as main
domain in that subscription.
But everything else will be separated (SSL files, nginx.conf, etc).
Notes: Don’t worry when deleting such domain, as it will not really
remove httpdocs folder if there are more existing domains.
In CLI, that would be donw with:
/usr/local/psa/bin/domain -c "newdomain.com" -webspace-name "main-subscription-domain.ch" -hosting true -www-root "httpdocs"