• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Plesk panel apache fallowsymlink close

GiRGiN

GiRGiN

New Pleskian
This problem is inevitable especially in dealer accounts where the Plesk panel can be a bit of a hassle to turn off fallowsymlink on a server basis.
Attackers can create and read files on other accounts.

To turn off the fallowsymlink directive on a server-by-server basis, follow these steps.


Open the file via SSH or ftp.
Code: 
nano /etc/httpd/conf.d/userdir.conf

Add the following commands to the last line.
Code: 
<Directory "/var/www/vhosts/*/httpdocs">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

<Directory "/var/www/vhosts/*/*/">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

Reload the Apache server.
Code: 
service httpd reload
 
You must log in or register to reply here.

Similar threads

Bod
Question Upstream Apache directive blocking .htaccess file directives
Replies
5
Views
7K
Bod
Bod
D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
7
Views
6K
grizlyadams
G
TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
3K
aslotta
aslotta
F
Resolved FastCGI PHP 500 Internal Server Error cgi_wrapper failed to setgid
Replies
1
Views
4K
Fabrizio
F
E
Issue Script alias cgi change doesn't work
Replies
3
Views
2K
Erwan
E
Back
Top