Welcome to Vastspace, provides Reliable Web Hosting since 2014

Welcome to Vastspace

Archive

Improve anti-virus and anti-spam in Plesk & cPanel

Recently, we have noticed an increase in unwanted emails attached to infected documents. These are things you can do on your Plesk and cPanel control panels

But I still reinstate that local protection on your computers and devices like smartphones are extremely important. Most malware remains inactive until users intervention. Thus, these protections are your last defense.

For Plesk, I suggest you buy the extension known as Premium anti-virus.  After you have obtained the addon license you need to install through your ‘updates & upgrades’. The add-on license is not too expensive and it is worthy especially you are in business and many mailboxes.

For cPanel, installing ClamAV is a must. However, if you are running a VPS with a Gb memory or below, you might want to think twice as ClamAV uses resources especially during updates ad you have plenty of emails.

You can enhance the ClamAV by using 3rd party rules, but again you will need memory. The next solution you might want to consider is the MailScanner from Configserver. I recommend the Front-End costs USD 55, one-tine fee for its license. Useful and it makes your jobs so much easier.

Fail2Ban in your Plesk

Bruteforce logins attack is common nowadays. If the ports are opened to the internet, they are prone to such attempts to gain access to the services. Using a strong password can reduce your risk but you cannot stop this kind of attack.

To stop totally unless you can limit or restrict access to certain IP addresses. This is not likely possible with the email service. So Fail2Ban can reduce and stop such attempts but it can too block a genuine use from accessing the service in some situations. However, if you are able to understand and fine tweak the module, false-positive can be reduced.

Today, we take a look at this module and neglected it by many Plesk users. One of the reason, this module is not adopted by many Plesk users, it is because this module is not set up by default.

Fail2BanIf you do not see this module in your Plesk under ‘Tools & Settings’ you can install from updates and upgrades under Plesk further down your screen. You will see this module after successfully installed. Likely you have to login again to see the just installed module.

Once it has installed successfully, we need to configure and turn on the module. I recommend placing your current IP address in the trusted IP section. This will avoid if you are blocked accidentally after you switched on the module.

fail2banNext, we will tell the module which are the services I want to use Fail2Ban. You might not need all but the important one like ssh, Plesk-proftpd. Plesk-panel, Plesk-postfix & Plesk-dovecot. These are the common services we have observed, receive most brute-force attacks. After you have decided which services, switch on and make sure they are active.

fail2banThe final step is the settings. Define how long you want to ban an IP, the number of failed logins within how long each interval. The default is 5 failed logins within 10 minutes and banned for 10 minutes if violated. I felt that the ban period can be longer, 3600 seconds is an hour. Lastly, we check the box to Enable intrusion detection and apply.

Congratulation, we have set up Fail2Ban on Plesk.

 

Some are using shared hosting?

Some are using shared hosting?

Actually, this question has bothered me, why people are using shared hosting while VPS are dirt cheap. Probably, you can get a VPS for just $5 a month and multiply by 12 months which is equal to $60. What $60? It is cheaper than a shared hosting plan.

But wait, we miss out a few things. There are a few reasons why they are still using and looking for shared hosting. If you look at a different angle or in their socks, VPS may not a good choice.

I have spoken to some, they have no idea what is a VPS, end of the day it is about price. In the past, VPS has a higher price than shared hosting, however, because of its popularity and server are cheaper nowadays, VPS’s price has fallen tremendously.

Price is probably the main factor. Secondly is the web panel like cPanel or Plesk, they are optional in a VPS. Unlike the shared hosting, basically, you do not have to think about it. Shared hosting is a web hosting ready to go. So it is simple, good for layman or people have little IT background.

Again, consumers must give themselves with choices and not limited to shared hosting. Hosting providers like us must be able to educate the consumers on the differences between VPS and shared hosting. Consumers will understand the pros and cons, and which types of web hosting are bettter.

Here are a few advantages of buying a VPS compares to shared hosting;

  • If you host more than one website, a VPS might save you more money.
  • Dedicated IP address comes default in a VPS. You never worry if your neighbour’s IP address is blacklisted in RBL.
  • You can update the kernel at your own schedule if it is a true VM.
  • Web service, mail service and others do not share with others. You have total control over these services.
  • You can root shell to your VPS.
  • You can modify the configuration of a VPS for the behaviour you wanted.
  • You can resell spare resources & more

However, there are cons like paying more for a control panel and it is likely you need to manage your web hosting if you faced any difficulty on a VPS. Only you have more time or you have the knowledge, it is worth considering buying a VPS for your website.

 

 

Do you need a web control panel?

Do you need a web control panel?

This question is more for the VPS and the dedicated server users. A web control panel is likely an option when you order one of these web hostings.

The popular control panels are Plesk Onyx and cPanel with WHM. cPanel can hosts unlimited domains while Plesk Onyx comes in 3 variants support up to 10, 30 and unlimited domains. And if you are a reseller or managing a lot of users for a different domain, you should order Web Pro edition and above.

This has happened to be an option when you are ordering a VPS or dedicated server. You might be saving up to $20 every month if you are not installing a licensed control panel. There are free one but they have limited functions.

In my opinion, you can do most things without a control panel. But how soon? How fast? Who is or are using? Alright, we need to find out who are the users. If your users are business users and you are reselling, you need a control panel. If you are the administrator, you can do without in these conditions;

  • Do you have the knowledge to do it? Like to create a website, mailbox or an SSL certificate.
  • Do you have the resources? Like installing a mail server or an FTP server.
  • Do you have the time? If you need to repeatedly do the same task frequently,

 

To save the money without a control panel might require you t spend more time managing websites. Unless you are confident to do it quickly and the steps are correct, otherwise a control panel makes your life easier and you can get things done quickly.

Plesk Onyx vs cPanel

I have used both web control panels on VPS and dedicated server.l. Even you are expert in your operating system. These control panels make your job easier and organised. If someone is asking, which control panel is better? My answer can be confusing, I will say it depend.

Yes, it depends on what you are planning to host and do. We put the monthly licence expense aside. These control panels have served the general purposes but in depth, there are differences. And these control panels have their strong and weak points. As a provider, here are my experiences.

  • in terms of UX and the layout, I will give the credit to Plesk. The login panel, the layout and the icons are much easier to navigate. Layman will find the essential functions after they logged in.
  • if you have an old website is using only PHP5.2 and cannot upgrade, I will suggest Plesk in this case The PHP select has a wider range.
  • backup function in cPanel has greater flexibility, offer more choices on the repository.
  • PHP extension with Apache in cPanel is compiled using Easy Apache with better compatibility.
  • more users and restrictions can be created in Plesk, ideal for the owner has engaged a 3rd party who need to access the control panel.
  • cPanel has only 1 license type on unlimited for both VPS and dedicated server. Plesk starts with 10 domains onward, can be confusing,
  • cPanel has more thleskPings and modules to install, thus it takes longer time.
  • Anti-virus is ClamAV on cPanel which is free. Plesk premium AntiVirus is free for 1st 10 and you need to pay for the license for additional mailboxes.
  • You get better settings on Anti-Spam for cPanel.
  • Plesk has firewall settings out of the box
  • Plesk is using postfix and cPanel s Exim for the mail server. Personally found postfix is less confusing.
  • cPanel has more security settings and better protection.
  • cPanel has more choice on using the different type of service like DNS, FTP etc.

These are some of the differences for both control panels. For a novice user, I will strongly recommend Plesk. However, cPanel has better control, especially you had been working with shell. Now, you can probably use cPanel to accomplish.

Multiple PHP versions in Plesk 12

With Plesk 12.0.18 onwards, multiple PHP 5.x versions (PHP Select) can be installed and this is a new feature built by Plesk team. Via Plesk panel, without any additional third-party repositories or building PHP from sources by yourself anymore.

The new Plesk PHP packages do not conflict with or replace other PHP packages, so you can continue using your current PHP builds or third-party PHP packages.

Currently, PHP packages from the Plesk team are available on CentOS 6, CentOS 7, and Ubuntu 14. In Plesk 12.1, Plesk will extend this to Ubuntu 12, Debian 6, Debian 7, and RHEL 6, 7 operating systems

PLESK Subscription expiration

Since PLESK 10, I’ve observed that one of the most common mistake made on Plesk is the subscription expiration. This is usually neglected when PLESK is created under service provider view. Any subscription created with default settings has a 12 month validity period and will be automatically suspended by PLESK when it is expired. If you are seeing website returns a 503 page or service unavailable and this is likely the cause.

To verify your settings, sign in as admin, root or administrator to your Plesk Panel. From the menu on left hand side, select Subscription. Now, select the subscription highlighted in “RED” with an exclamation mark and choose “Customize”.

Scroll all the way down, you will find the expiration date section. To rectify, check on unlimited or select a later date and “Update”.

Remember to hit on the “Activate button” if your subscription has been suspended.