Plesk only serves website to some IPs

[ss94]

This has probably been happening for a while, so thank God a customer finally brought it to my attention because Google Adwords won't serve them Ads when their website tools show the site is loading the default plesk panel page. (AKA the "This domain has just been registered for one of our customers")

When I go to the site on my home or work PC I see my sites just fine. However, on my phone's LTE network it pulls the plesk panel default page.

One of the sites on this server is http://www.dfwgaragedesign.com

The DNS is correct. The forwarding is set to neither for www and nonwww so they both exist, I should probably work on that later. But that shouldn't be the issue. The firewall is set the same as the firewall on another server I have that runs plesk and it doesn't have this issue.

Using a site like http://www.gtmetrix.com if you put my site into it you'll see that the tool pulls the default plesk page. Clearly there is some kind of redirection error. And it's not just this site, it's any of the 300+ sites on this server.

Where should I start to look to figure out what's going on? 1and1 my hosting provider is stumped and has submitted a ticket (how helpful right..).

 

[UFHH01]

Hi ss94,

might it be, that some sites still have the standard "index.html" ( created by Plesk, when installing the domain ) and possible content starts with "index.php"? Depending on your nginx - settings, the standard location definition is as followed:

    location ~ /$ {
        index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
    }

... which will result in serving "index.html" before "index.php", because "index.php" is listed 5th and as well behind "index.html".
If this is the case and you would like to change the standard configuration here, please consider using a custom template for "nginxDomainVirtualHost.php" at "/opt/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php" and change the corresponding line

    location ~ /$ {
        <?php echo $VAR->domain->physicalHosting->proxySettings['directoryIndex'] ?>
    }

to your needs.


In addition, please have a look at: https://www.ssllabs.com/ssltest/analyze.html?d=dfwgaragedesign.com&s=74.208.152.177
Your server is highly vulnerable and insecure.

 

[ss94]

1) Nginx is not installed on the server. Even so, When I upload sites I make sure to remove the index.html or index.htm files. Only index.php exists on my local and server side FTP.

2) The server is up to date, I'm not a server guru. Just use it as I need it. What should I do to make it more secure?

 

[ss94]

Ok So I just spoke with 1and1 support and think I got this figured out.

this server uses both IPV4 and IPV6 and only IPV4 was setup. Thus some were being directed to IPV6 and not getting the correct address.

Can I disable IPV6 so I don't have to manually change over 300 websites? Or do I Need to just go and update all the subscriptions to use IPV6?

 

[UFHH01]

Hi ss94,

sure, you may disable IPv6 at any time. If you need a tutorial for this, it might help to read: http://ask.xmodulo.com/disable-ipv6-linux.html
After you changed and rebooted the whole server, consider using "bootstrapper repair", because it will find old configurations for all services managed over Plesk, which had previous included IPv6 settings... and it will automatically change them to the IPv4-only use now. At the same time, your Plesk database will be updated to the current settings and in the end, all webserver - configurations files will be rebuild.

The server is up to date, I'm not a server guru. Just use it as I need it. What should I do to make it more secure?

You don't have to be a "server guru", but please consider to secure your server, even if that means, that you have to raise your server administrations skills. A start could be to follow:

[Plesk] CVE-2014-3566: POODLE attack exploiting SSL 3.0 fallback ( KB - article: 123 160 )​

In some cases you might experience issues with incompatibilities for some browser and/or eMail - clients, after you followed the KB - article 123 160. It might help to read:

SSL POODLE / SSLv3 bug ( Odin / Parallels Forum - Link )​

... to solve such issues, because there are several additional solutions provided in this thread.​

 

[ss94]

[Plesk] CVE-2014-3566: POODLE attack exploiting SSL 3.0 fallback ( KB - article: 123 160 )​

Looking at KB 123 160, It says it applies to xxxx Linux etc... I'm running Plesk 12.0.18, does it still apply if it doesn't list plesk 12.0?

 

[UFHH01]

Hi ss94,

you might like the idea, that the Odin Knowledge Base has as well a SEARCH OPTION on the top... if you would like to see only KB's for a specific OS, or a specific Odin product, please define your search options to your very own, specific needs. As for example: http://kb.odin.com/?q=POODLE&qprod=...mber=20&displayPublic=&qOp=AND&qEngine=Google
As suggested before, please consider to raise your server administration skills, while securing your server. You will notice, that the mentioned KB and it's suggestions, as well as the suggestions in the mentioned thread will work for Plesk 11.5 AND Plesk 12.0. It would be great, if you read the thread, before going to the securing actions... you will then notice as well "Parallels Plesk 11.5 and later" and as well "For all sites in Parallels Plesk 12.0 for Linux:" - suggestions.