Plesk 12

Plesk 12

Plesk Documentation

Location of logs files and configuration files for every Plesk service.

To let admins easily access the currently used configuration file, Plesk stores the symlinks last_nginx.conf that point to the active files. The system re-generates the configuration files after each change of virtual host configuration (source). Also, it is the same as /etc/nginx/plesk.conf.d/vhosts/*

Plesk Virtual Host Configuration Files

Plesk + Wordpress

How to speed up WordPress

Increase cache expiry time for static files

Enter the following under Additional nginx directives to increase cache times for static files. It’s important to note that you must uncheck “Serve static files directly by nginx” when inserting this rule:

The nginx setting must be unchecked because this specifies the same thing — that nginx must respond to these types of files — along with the increased expiry time. If you leave the nginx rule enabled it will take precedence because it comes first, and thus your cache expiry entry will not apply.

Original configuration was:

And my new one is:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20

cat <<'EOF' > /var/www/vhosts/save-up.ch/conf.d/static-files.conf

# increase cache expiry time for static files
# regex includes almost every possible extension

location ~* .(ac3|atom|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mid|midi|mkv|mp3|mp4|mpeg|mpg|ogg|ogv|otf|pdf|png|ppt|pptx|qt|rar|rm|rss|rtf|svg|svgz|swf|tar|tgz|ttf|txt|wav|woff|xls|xlsx|zip)$ {
    expires max;
    log_not_found off;
    add_header X-Debug-Configuration "processed as static asset";
}

# plesk original directive was
#
# location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|swf|tar|tgz|txt|wav|xls|xlsx|zip))$ {
#    try_files $uri @fallback;
# }

EOF

Warning: Plesk option Serve static files directly in Web Server Settings for a domain must be DISABLED.

Note: Matching and precedence of nginx location rules is as detailed here.

Settings

Fix FTP
Passive mode

FTP server ProFTPd: Enable Passive FTP on Plesk 12

But with small change:

echo '<Global>PassivePorts 60000 65534</Global>' >/etc/proftpd.d/60-passive-mode.conf
1 hour time difference

FTP server ProFTPd: Enable Passive FTP on Plesk 12

But with small change:

echo '<Global>PassivePorts 60000 65534</Global>' >/etc/proftpd.d/60-passive-mode.conf

Don’t forget!

Timezone & 1hr problem

ProFTPD supports changing the timestamp on a file using the MDTM command, as part of mod_facts module. This module existence can be checked with

`proftpd --list | grep facts`

Pure-FTPd, the FTP server I am using on ISP Config on my servers also supports MDTM command.

ProFTPD and Timestamps

I decided to use the second solution. And I wanted to avoid edition /etc/proftpd.conf directly.

Solution:

# NO echo 'SetEnv TZ UTC' >/etc/proftpd.d/70-timezone-fix.conf
# SetEnv TZ :/etc/localtime
# echo 'TimesGMT on' >/etc/proftpd.d/70-timezone-fix.conf

TimesGMT option causes the server to report all ls and MDTM times in GMT and not local time. By default, it is turned off.

As on Plesk, ProFTPd is hooked into Xinet.d, we just need to restart xinet and ftpd will be restarted also.

service xinetd restart

Note: When synchronizing directories in Total Commander, both TC-sync options: mdtm and utc, MUST be set. Also, in advanced settings in FTP connection details, you can play with option Use MLSD ..., as sometimes turning this off solves the problem.


Location of mail accounts

Mail accounts are stored in these folders: /var/qmail/mailnames/<domain>/<email>/Maildir/


Reconfigure PHP

You can call executables like this:

/usr/local/psa/admin/bin/php_handlers_control --list
/usr/local/psa/admin/bin/httpdmng --reconfigure-domain domain.tld
/usr/local/psa/bin/php_handler --reread

But more elegant is with plesk command:

plesk sbin php_handlers_control --list
plesk sbin httpdmng --reconfigure-domain domain.tld
plesk bin php_handler --reread
plesk bin php_handler --list

Reconfigure directory permissions:

plesk bin repair --restore-vhosts-permissions

After some system change, type plesk sbin packagemng --set-dirty-flag to notify Plesk that you made some changes.

Reference for Command Line Utilities, Parallels Plesk 12.0 for Linux KB Parallels: How to enable multiple PHP versions in Parallels Plesk for Linux


Custom directives / Custom Plesk Templates

Location of nginx configuration files is illustrated here and it’s starting at /etc/nginx/nginx.conf.

What is here? /var/www/vhosts/system/hostingtipp.ch/conf/vhost_nginx.conf

How to edit default templates for httpd.conf and ngnix.conf: Step by step guide to install and integrate Varnish with Plesk 12.x

Custom Plesk templates in a folder like http://download1.parallels.com/Plesk/PP12/12.0/Doc/en-US/online/plesk-linux-advanced-administration-guide/68820.htm#

Plesk itself never touches “custom” directives.

Plesk nginx config for every domain and subdomain


Parallels Plesk 12: Harden Up and Supercharge Your WordPress Site

Directory permissions

Set permissions:

cd /var/www/vhosts/save-up.ch/httpdocs
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;

Main HTTP directory must be a group of psaserv:

chown :psaserv /var/www/vhosts/*/httpdocs

List all the files not owned by group psacln:

find /var/www/vhosts/*/httpdocs/* \! -group psacln | xargs ls -ald

Typical file ownership is that user is saveupch and group is psacln:

ll -d /var/www/vhosts/*/httpdocs/index.php

So set it like this:

chown -R :psacln *

There must be no index.html file:

rm /var/www/vhosts/wettbewerbe365.ch/httpdocs/index.html

Warning: Is you type .* as argument, bash will expand to include .. also - and this is a huge problem.

Correct httpdocs permissions in Plesk

Wordpress directory permissions

A Complete Guide on WordPress FileSystem Permissions and Ownerships

Tricks

Search all of the nginx config files
grep -ri SEARCHTERM /etc/nginx/*.conf /etc/nginx/conf.d/*.conf /var/www/vhosts/system/*/conf/{last_nginx.conf,vhost_nginx.conf} /var/www/vhosts/*/conf.d/*.conf

502 Bad Gateway

This error reminds me that php5-fpm service is not restarted in Plesk when creating a new domain, or even the service is stopped.

Restarting the service with service php5-fpm restart will solve the issue.

It can also be too big headers (check in error.log): https://www.scalescale.com/tips/nginx/502-bad-gateway-error-using-nginx/


Allow upravitelj to edit these custom templates:

chown -R upravitelj:upravitelj /usr/local/psa/admin/conf/templates/custom/*

later, we should protect it again to root:root.

Test domain configuration with:

plesk sbin httpdmng --reconfigure-domain filterizavodu.com
less /var/www/vhosts/system/filterizavodu.com/conf/last_nginx.conf

Options to control everything is Serve static files directly by nginx and valid values are:

  • hhvm to use HHVM PHP instead PHP-FPM
  • no-location-blocks instructs Plesk not to create nginx location directives because I will add them by myself
  • refspam instructs Plesk to block any referer SPAM requests.
  • not used - spdy to add SPDY support

We could also change server-wide template

We won’t do that, as this affects only server, and not the domains. Anyway, to regenerate sever-wide configuration files:

plesk sbin httpdmng --reconfigure-server

File permissions

HHVM uses threads to serve each request, where PHP5 uses processes. Sadly with threads we can’t change UserID for each request.

grep "^RUN_AS_.*=" /etc/init.d/hhvm

In our case, HHVM is run as www-data:www-data, so www-data user should be a member of both psacln and psaserv groups.

Plesk user groups

The psaserv group is used for the server-side management scripts and also for parent-level directories that should not be shared between different websites. psacln group is used for client-side files, such as all of the files held within a website.

Check these groups, and ensure that both apache (or www-data, for running PHP as apache module), nginx and www-data (for HHVM) are members of both groups.

grep -E "psacln|psaserv" /etc/group

And that solves everything.

usermod -a -G psaserv www-data
usermod -a -G psacln www-data

And check user www-data with id www-data.


Problem: Different SSL domains on same site

Plesk has the solution out of the box.

In Plesk, domain under one subscription shares the same root, user permissions and etc. Just, when creating domain in that subscription, specify httpdocs as Document root and it will be the same as main domain in that subscription.

But everything else will be separated (SSL files, nginx.conf, etc).

Notes: Don’t worry when deleting such domain, as it will not really remove httpdocs folder if there are more existing domains.

In CLI, that would be donw with:

/usr/local/psa/bin/domain -c "newdomain.com"  -webspace-name "main-subscription-domain.ch" -hosting true -www-root "httpdocs"
date 01. Jan 0001 | modified 28. May 2021
filename: Plesk