Better toNote: if any confusion with the steps in this doc, then do not follow it. Re-confirm with me and then proceed. Also, some of the steps may be old and need to be redefined.
—-----------------------------------------------
Useful commands
To connect the server: s servername
Open the explorer for the particular server: \\ws116.win.arvixe.com\d$\InetPub\vhosts\
Reset the account password: hg-resetpass Maindomain.com
To get the current plesk password: HG-GetPasswords Maindomain.com
To check if the website app pool is stopped: HG-CheckStateIIS DOMAIN_NAME
To Restart the app pool: HG-CheckStateIIS DOMAIN_NAME -Start
Find the inodes usage: Navigate to the specified directory and use find . | wc -l
To log into the main plesk panel: s servername
plesk login
Disk space check - Poweshell
Get-PSDrive
Ex: Get-DiskUsage -path D:\hmailserver\data\domain\
last boot time or uptime
Powershell :
Get-CimInstance -ClassName win32_operatingsystem | select csname, lastbootuptime
TO GET RAM USAGE
(systeminfo | Select-String 'Total Physical Memory:').ToString().Split(':')[1].Trim()
Command to find out which SSL certificate is used for mail service (can be used for any other services too by replacing port number) [PLESK]
echo 'Q' | plesk sbin openssl s_client -connect localhost:465 -servername ws8.win.arvixe.com -showcerts 2>&1 | SLS -Pattern 'CN=[^/]+' | % { $_.Matches } | % { $_.Value } | Get-Unique
pa er mail emails path
\\ws136\d$\SmarterMail\Domains\bmc-eg.com\Users\Mahmoud.saad\Mail\Sent Items
To get hmail password;
EIGI-GetPasshMailServer
smartermail password
GetPass-SmarterMail
Get-SmarterMailPassword
To access the plesk panel for the server: EIGI-LoginPlesk rs1
Alternate method:
Powershell
s rs1
plesk login
Remove the file powershell:
Remove-Item D;Inetpub\vhosts\domain.com12-package/httpdocs/folder
Rename:
Rename-Item -Path "c:\logfiles\daily_file.txt" -NewName "monday_file.txt"
Scan:
HG-ClamScan D:\InetPub\vhosts\kolelkoora.com\ | Out-File -filepath D:\InetPub\vhosts\kolelkoora.com\malware2.txt
Zip
Compress-Archive -path D:\InetPub\vhosts\whbruckm-1163.package\consultando.net\wwwroot -Destination D:\InetPub\vhosts\whbruckm-1163.package\consultando.net\consultando.net.zip
unzip
Powershell: Expand-Archive c:\a.zip -DestinationPath c:\a
Copy the files between the folders
S ws123
Copy-Item -Path D:\InetPub\vhosts\setblue-16806.package\kakafabrics_2022-03-10_15-56-46.zip -Destination D:\MSSQL\MSSQL15.MSSQLSERVER\MSSQL\Backup\ -PassThru
Create new file or folder
New-Item -Name "TEST" -ItemType "directory"
New-Item -Name "test.txt" -ItemType "file"
https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/new-item?view=powershell-7.2
====================================================================
Confluence:
Make sure to completely read the confluence first and then try it. Also, there are third party links and before following the steps from them contact me for clarification.
https://docs.google.com/spreadsheets/u/3/d/1drCxq8HW6rJNOeC_brAgxDOXBSYK4bjorVQAbSj8aVs/edit#gid=0
===================================================================
Restore / Backup :
Plesk Restore SQL database from the backup server
Note down the server and database name.
Identify the CDP backup server and access it.
You can use the link https://docs.google.com/spreadsheets/d/1YYBk-8rg4d2YOmPNfkJd-gexOOP7OOFJOTRBOxVSVXE/edit#gid=0 to identify the backup server location OR you can use https://thegrove.asmallorange.com/?cdpPolicies
Log into the CDP server > Protected machine > Servername > Open Recovery Points > Browse the date > D > MSSQL > MSSQL server > MSSQL > Database > Locate the .mdf and .ldf file > Select the files > Restore selected .
Here if you select original location, it will override the existing database
If you want to have the separate backup, then select an alternative location and specify the path: D:\restores\ticketID
Once the process is done, copy the backup to customer directory in his package.
Ex path: \\ws116.win.arvixe.com\d$\InetPub\vhosts\sunilaut-6335.package\autoauctionindia.com\BACKUP
For restores (override): 1st create a backup of the database now and I like to name it the date with -prerestore. Then, got to CDP, find the backup and if it is available. If it is, turn the database "offline" in SSMS. Then Restore from the CDP to original location. Once done, turn database online and you will have completed the restore.
Generating backup, Scheduled Backups and Deleting Backups
https://support.arvixe.com/index.php?/Knowledgebase/Article/View/342/55/how-to-generate-a-backup---plesk
—-----------------------------------------------------------------------------------------------------------------------------
Windows Restore
https://confluence.endurance.com/display/ACS/Restores%3A+Windows
—-----------------------------------------------------------------------------------------------------------------------------
Backup an account in WSP
Login to your WebsitePanel.
Click on PersonalClass ASP to go to your Hosting Space.
Click on backup
Then select the location for the backup file.
RESTORATION VPS
https://confluence.endurance.com/display/ACS/Restores%3A+Windows
In case of VPS, very technically, you can restore individual files, but it would require you to restore the whole VHD, then attach it like a second drive to the VPS and grab files..
1. takes up too much space,
2. takes up way too much room, and we will only do it possibly if they are paying for CDP backups not if they are just asking. And usually only when a manager says to do it.
1 was supposed to be takes a lot of time ;)
We do not have backups for any of the dallasvps's unless the person is paying then you wouldn't search the node, you would search their server name
only the VPS100's etc are backing up really right now
—-----------------------------------------------------------------------------------------------------------------------------
Steps to locate backup servers for windows WSP and Plesk shared servers.
Grove > Hardware > CDP Backups > Policies > Search for that server.
Example: cascara
Open the backup host link: https://backup56.mysitehosted.com:8083/
https://thegrove.asmallorange.com/?cdpPolicies=&rpp=10&where=&search=cascara
—-----------------------------------------------------------------------------------------------------------------------------
Database and Backup:
** For Plesk, they have an option in the upper corner of their dashboard to setup backups. It will not allow of a single database, but they can choose all of their databases. Otherwise they will need to manually do it each time they are looking for.
https://support.arvixe.com/index.php?/Knowledgebase/Article/View/342/55/how-to-generate-a-backup---plesk
Plesk is the same as WSP. If he is wanting a backup. We can provide them with the MDF / LOG files. If they want us to restore it we can restore it. For just the files, go to CDP, find the server and restore to alternative location. Usually we do d:\restores\ticket# once restored to that location you can zip and place in customer's files.
For restores: 1st create a backup of the database now and I like to name it the date with -prerestore. Then, got to CDP, find the backup and if it is available. If it is, turn the database "offline" in SSMS. Then Restore from the CDP to original location. Once done, turn database online and you will have completed the restore.
https://confluence.endurance.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DACS%26title%3DRestores%253A%2BWindows%2B%253E%2BDatabase%2B%253E%2BPlesk&permissionViolation=true
—-----------------------------------------------------------------------------------------------------------------------------
Restore the email account if it is not there in WSP and it is there in HMAIL
Under Spaces, click on PersonalClass ASP (or whatever one it says)
Next step, Click one time see if you find the email in there to import. Otherwise, the only way to get it into WSP is to delete it in HMail and readd it, which will lose the email
I would ask for the user to backup the email, and then we can remove and readd the email account
—---------------------------------------------------------------------------------------------------------
VPS - check if R1soft is enabled
you can typically check c:\Program Files\Idera Server Backup\bin\CDPConfig.exe on the server to verify.
—---------------------------------------------------------------------------------------------------------
Logs :
Application pools Stops:
Logs:
For high Memory Usage: A worker process serving application pool 'seekvilcabamba.com v4.0 (Integrated)' has requested a recycle because it reached its private bytes memory limit.
For High CPU usage: A process serving application pool 'seekvilcabamba.com v4.0 (Integrated)' exceeded time limits during shut dowFn. The process id was '460716'.
So the first two are relevant here as both of indicate the application pool exceeding resources. In this case, the first is for memory and the second is for CPU usage
—---------------------------------------------------------------------------------------------------------
TO CHECK WHEN A FILE WAS MODIFIED
Get-Item $PATH_TO_FILE | Select LastWriteTime
—---------------------------------------------------------------------------------------------------------
IP logs
$RDPConn = @{
LogName = 'Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational'
ID = 131
StartTime = ($(Get-Date).AddDays(-1))
}
Get-WinEvent -FilterHashTable $RDPConn
That will get you the IPs that have initiated a connection to RDP in the last 24 hours. Change the .AddDays value to search further back.
Don't use $Failed, it does not show information only related to RDP
$FailedLogin = @{
LogName = 'Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational'
ID = 140
ProviderName = 'Microsoft-Windows-RemoteDesktopServices-RdpCoreTS'
StartTime = ($(Get-Date).AddDays(-5))
}
This one should get you any IPs that tried and failed to log in to RDP
Get-WinEvent -FilterHashTable $FailedLogin
$FailedLogin = @{
LogName = 'Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational'
ID = 140
ProviderName = 'Microsoft-Windows-RemoteDesktopServices-RdpCoreTS'
}
—---------------------------------------------------------------------------------------------------------
Emails :
Mail Queue
cd /cygdrive/d/hMailServer/Data
ls |grep eml |wc -l
(Get-ChildItem D:\hMailServer\Data *.eml).count
Not sure if it is D:\hmailserver or D:\hmail
Reset hmail server password (winodws VPS)
http://hgfix.net/paste/view/raw/bcff8041
WSP MAIL LOGS
================
cd d:/hmailserver/logs
Then grep mailbox log_file | wc -log_file,
also check the delivery logs
Those are formated as
Date, IP, ID, Authenticated As, Sender, Recipient, Subject
Emails are authenticated (like dovecot on Linux), but we can't tell if they are intentional or not. Judging by the subjects which appear to just be the name before @ in the email address, it's probably just a compromised email account.
k the wc -l is what we do to get the amount sending out. It is def spamming.
next if you want to get some info( not all because cygwin scrolls past what it can hold) you do this
grep -1 "@domain.com" delivery_2019-04-21.log
that will SCROLL all the emails from that domain/email for that day. After it scrolls, i right click on it and do select all, then copy, and move it to a text file to look at what email is doing it the most.
That is how to see the logs.
If grep dint work\
Get-ChildItem -Path d:/hmailserver/logs | Select-String -Pattern 'sara.zidan@atravel-eg.com'
This will check all the logs fles
Or to check the specific file
Get-ChildItem -Path d:/hmailserver/logs/hmailserver_2022-02-16.log | Select-String -Pattern 'sara.zidan@atravel-eg.com'
—------------------------------------------------------------------------------------------------
WSP - Auto Ban hmail server
hMailServer Administrator > Settings > Advanced > Auto-ban
to select the amount of attempts before an IP is banned.
—------------------------------------------------------------------------------------------------
SEND MAIL
Unfortunately, when using a mail form on our shared hosting, locally authenticated email accounts are required to be used. You would be unable to use email addresses provided by another provided.
For the security of all our customers, the requirements for sending email from our shared server environment are as follows.
1. SMTP Authentication must be used.
2. The local mail server, or localhost must be used to send email via web script. (try ws105.win.arvixe.com, localhost, or 127.0.0.1 - port 25 or 26, or ws105securemail.win.arvixe.com - port 465 for secure mail)
3. The FROM email address, and SMTP Authentication email address, must be a local user on the local server.
If you have your email for the sending domain, hosted on a remote email server and intend to send emails via web script to email addresses that are local to that domain, then you will want to let us know, so we can make the necessary configuration changes. Otherwise any email going to that domain will be delivered locally and not to your remote server.
—------------------------------------------------------------------------------------------------
Enable domain/emails in hmail [cant access email with the correct password]
1. Login to RDP
2. Then Get the Hmail server password vie Powershell command 'EIGI-GetPasshMailServer'
3. Then login to HMAIL ADMIN [ If you are not able to find it, then kill explorer in task manager and run explorer as admin]
4. Then Click on Connect>> then enter the password..
5. Click on domains>> then Enable it.
we do not have individual email log files for each domain and do not provide full email log files, as this is a shared server.
—------------------------------------
Emails through schedule task
Unfortunately, the Scheduler Task doesn’t support authentication, so you can’t provide a username and password for your SMTP server. You can refer below link to use an alternative way to send an email from the scheduled task.
https://www.howtogeek.com/125045/how-to-easily-send-emails-from-the-windows-task-scheduler/
—------------------------------------------------------------------
Dropped as spam
1) Impersonate a user on the domain and send a test message to cubecitytest@gmail.com with the domain name (and nothing else) in the body.
2) Check if cloudmark dropped the message
3) If cloudmark did drop the message, find the test message in the user's Sent Items and view Raw Content.
4) Copy all of the raw content and save it in a .txt or .eml file on your workstation.
5) Go to https://cat.cloudmark.com
6) Choose "Check Message Content," upload the txt or eml file you created, and check the message.
7) After cloudmark reports the fingerprint, click Submit as Legit, wait 1 minute, and re-test. The message should now pass the test.
8) Send one more test message to cubecitytest@gmail.com to confirm that Cloudmark is no longer dropping the mail, and then let the customer know the issue has been resolved.
Also, if anyone gets one of these cases, please take screenshots and send them to me so this can be documented in confluence.
(the send them to me is Jarod Taylor)
Whitelisting due to Spam, I would reach out to @Casey Elston see if he knows more
—------------------------------------------------------
To get the subjects of the emails on WSP
$CSV = Import-CSV D:\hMailServer\Logs\delivery_2022-02-15.log
$CSV | ? Sender -eq info@mechtechcrane.com
SSL :
WSP - TO FIX THE ISSUE WHERE SSL SHOWS DIFFERENT CNAME
Launch PowerShell as administrator
When you have Powershell open, run the command Import-Module WebAdministration
That will load the IIS commands for Powershell
ping domain.com to get the IP address (143.95.252.2), and then run the command
Get-Webbinding -IPAddress 143.95.252.2 -Protocol https
This will show all https bindings for that IP address. On the far right, there is an sslFlags column. 1 means SNI is enabled, 0 means SNI is not enabled. If there are any bindings with a 0, they need to be fixed.
If it is set to 0, you want to open the bindings for that site in inetmgr, edit the binding that was 0, and enable SNI
For broken chain issues
—-------------------------------------------
SSL redirection
https://confluence.endurance.com/display/ACS/Support%3A+Adding+Redirects+%3E+ARVX+%3E+Plesk
—-------------------------------------------------
Import the SSL from .pfx format
first use https://www.sslshopper.com/ssl-converter.html
You can convert the PEM certificate to PFX/PKCS#12
once you've created the PFX file, you then follow those instructions and manually set the bindings for that SSL.
You will need to provide the path to the PFX, the password, and which certificate store the SSL should be placed in. Here's an example:
Certificate is located at C:\Scripts\temp\ssl.pfx
Password is 'P@ssw0rd'
Because this is for a website, we want to use the WebHosting SSL store
$Pass = 'P@ssw0rd' | ConvertTo-SecureString -AsPlainText -Force
$Path = "C:\Scripts\temp\ssl.pfx"
$Store = "Cert:\LocalMachine\WebHosting"
Import-PfxCertificate -FilePath $Path -Password $Pass -CertStoreLocation $Store -Exportable
Once the SSL is imported, you can enable SSL Support in the customcustomer's control panel to add the HTTPS bindings, and then edit the site bindings in IIS to use the SSL.
The biggest things to remember are:
1. The Password must be provided as a SecureString
2. The full path to the CertStore must be provided
—--------------------------------------------------------
VERIFY IF CSR IS GENERATED ON THE SERVER
C:\Windows\System32\certmgr.msc
wait that is current user and you need local system
certlm.msc
C:\Windows\System32\Certificate Store.msc
If the CSR is generated the domain name should be here..
—-------------------------------------------------------
FTP:
Error creating FTP account
Do not use this. Just for knowledge. Normally EMC will take care of this
Error:
Stack Trace: System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
with Filezilla, In the c:\programfiles\(x86)\filezilla server folder (not exact spelling)
there is ALWAYS a filezilla server.xml file this is important on Shared/VPS/any servers
this file has all the info.
so when all the users on a FTP account are not working on shared, it usually means this file is empty.
we normally just restore it 🙂 but this is a VPS and the file is empty
We may need to do that annoying restore just to get one file thing
or you can copy from other file…
—------------------------------------------------------------------------
IP BAN IN FTP
You can check the FTP logs at D filezilla service and restart Filezilla service to sort it
[10 failed attempts blocks the IP in FTP]
DISK:
Check the size of the Plesk account;
"{0:N2} GB" -f ((gci –force D:\InetPub\vhosts\mayalau-5365.package\hdlinker.com\wwwroot\ -Recurse -ErrorAction SilentlyContinue| measure Length -s).sum / 1Gb)
To check disk space of the particular folder in plesk:
Login to Plesk server:
1] Run Powershell as admin
2] s ws3
3] Run Below command:
"{0:N2} MB" -f ((Get-ChildItem D:\InetPub\vhosts\sukhbiragro.in\httpdocs\wImages -Recurse |
Measure-Object -Property Length -Sum -ErrorAction Stop).Sum / 1MB)
In GB:
"{0:N2} GB" -f ((gci –force D:\SmarterMail\Domains\gickuwait.com -Recurse -ErrorAction SilentlyContinue| measure Length -s).sum / 1Gb)
Check the size of the Plesk account in backup;
"{0:N2} GB" -f ((gci –force D:\Plesk\Backup\clients\ptgdiweb\domains\ptgdiweb-3529.package -Recurse -ErrorAction SilentlyContinue| measure Length -s).sum / 1Gb)
—---------------------------------------------------------------------
Checking disk space on WSP
Open Powershell in admin mode.
CD: go to the directory for which you wish to check the space.
Ex: cd E:\HostingSpaces\username
Then run the below command:
*check the size of individual folders
$colItems = Get-ChildItem $startFolder | Where-Object {$_.PSIsContainer -eq $true} | Sort-Object
foreach ($i in $colItems)
{
$subFolderItems = Get-ChildItem $i.FullName -recurse -force | Where-Object {$_.PSIsContainer -eq $false} | Measure-Object -property Length -sum | Select-Object Sum
$i.FullName + " -- " + "{0:N2}" -f ($subFolderItems.sum / 1MB) + " MB"
}
—---------------------------------------------------------------------
GET DISK SPACE OF SERVER
Get-PSDrive | ?{$_.Free -gt 1} | %{$Count = 0; Write-Host "";} { $_.Name + ": Used: " + "{0:N2}" -f ($_.Used/1gb) + " Free: " + "{0:N2}" -f ($_.free/1gb) + " Total: " + "{0:N2}" -f (($_.Used/1gb)+($_.Free/1gb)); $Count = $Count + $_.Free;}{Write-Host"";Write-Host "Total Free Space " ("{0:N2}" -f ($Count/1gb)) -backgroundcolor red}
—---------------------------------------------------------------------
INODES
Get-ChildItem | Measure-Object | %{$_.Count}
dir *.* /w /s
Get-ChildItem -recurse | Measure-Object -property length -sum
Recursively count all files and folders: Get-ChildItem -Recurse | Measure-Object | %{$_.Count}
Recursively count only folders: Get-ChildItem -Recurse -Directory | Measure-Object | %{$_.Count}
Recursively count only files: Get-ChildItem -Recurse -File | Measure-Object | %{$_.Count}
for i in `find /cygdrive/d/hMailServer/Data/megafema.com.mx/ -mindepth 1 -maxdepth 1 -type d`; do echo $(find $i | wc -l) $(echo $i | awk -F '/' '{print $7"@"$6}'); done
To check database size from MSSQL running query:
SELECT sys.databases.name,
CONVERT(VARCHAR,SUM(size)*8/1024)+' MB' AS [Total disk space]
FROM sys.databases
JOIN sys.master_files
ON sys.databases.database_id=sys.master_files.database_id
GROUP BY sys.databases.name
ORDER BY sys.databases.name
Website / Errors:
ENABLE ERRORS IN WINDOWS
https://confluence.endurance.com/display/ACS/Support%3A+Investigating+Windows+Errors+%3E+All+Brands+%3E+Windows
—--------------------------------------------
403 errors
When you see that and write is checked, Open up IIS on the server
go to the site and double click on IP address and Domain restrictions
If you hit edit features and the Access for unspecified clients is set to Deny. That means they probably have an abuse ticket somewhere
—------------------------
Parser Error Message: Could not load file or assembly
'Microsoft.ReportViewer.Common, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies. The system cannot find the file specified.
The report viewer version was set to 11.0.0.0 in the web.config file and we offer report viewer 12 on the wsX and ws1XX servers. Changing the version in web.config file resolves the issue.
The installed version can be found at below path:
\\ws9.win.arvixe.com\C-Drive\Windows\assembly\GAC_MSIL\Microsoft.ReportViewer.Common
Default web.config
DNS:
Windows VPS DNS error
1. Open network and sharing center.
2. Click on change adapter settings.
3. Right click on Ethernet and click on Properties.
4. Scoll down and select IP V4.
5. Change the preferred DNS to 8.8.8.8 and alternative dns to 4.4.8.8.
6. Save the changes and wait for 3-4 minutes.
7. Now can you please try pinging any websites.
ipconfig /flushdns
Used to flush DNS>..in case the website is busted
https://www.tomshardware.com/reviews/configure-dns-windows-server-2012,5589.html
—------------------------------------------------------------
DNS issues
ipconfig /flushdns
then ipconfig /registerdns
RDP:
Cant connect RDP for windows VPS:
https://docs.google.com/document/d/1faGYhmnKfUvZ0d3YRHivFo6aPtq3wc7DEmBvWKelRT8/edit
Reset RDP Password:
1. First login to server, then mount the ISO image from Media >> DVD drive >> Insert >> Select 'pcunlocker.iso' under C drive > reboot > press F8
1.b If that doesn't work, make sure to change the boot device to 'DVD drive' from
Settings>> Firmware
[Make sure to make a note of the boot order as you'd need to revert this after the RDP password reset]
2. Next boot the server >> press F8 >> select a key to boot from CD.
3. Here you will get a prompt. You'd need to select the user as 'administrator’ and click on "Reset Password".
4. Once you click on "Reset Password", make sure to revert the boot order from Settings >> Firmware.
5. Also, remove the ISO image Media >> DVD drive >> Eject Drive
6. Now restart the server.
7. Once the server is rebooted and online, directly access the server's RDP from Controller only. [Not using MSTSC, directly on the server panel]
8 Now, open command promt, and run the command:
net user administrator
9. Confirm if the new password is working by connecting the RDP
—------------------------------------------------------------------------------------------
IIS:
How to connect IIS on plesk
Jumpbox > win+r > inetmgr
Application pools Stops (Logs) Event viewer:
For high Memory Usage: A worker process serving application pool 'seekvilcabamba.com v4.0 (Integrated)' has requested a recycle because it reached its private bytes memory limit.
For High CPU usage: A process serving application pool 'seekvilcabamba.com v4.0 (Integrated)' exceeded time limits during shut down. The process id was '460716'.
So the first two are relevant here as both of indicate the application pool exceeding resources. In this case, the first is for memory and the second is for CPU usage
—------------------------------------------------------------------------------------------
Generating a Machine Key in plesk by loggin into IIS.
Login to IIS on the server via the INET MANAGER in JUMPBOX
File>>Connect to a server
Enter the Server Name
Enter your Logins:
Select the website under Sites
Double click on the website and select 'Machine Key'
Select the Validation Key and Run "Generate Keys"
Click on apply
—-------------------------------------
To grant permission for private keys to IIS_USER:
1] Open Console By running Run > mmc.exe >yes
2] Click on file
3] Click on Add/remove snap-in…
4] Double click on certificate
5] Computer Account
6] Next
7] Finish
8] Ok
9] Click on Certificates(Local Computer)
10] Click on Personal
11] Click Certificates
To give the permission:
12] Right Click on the name of certificate
13] All Tasks > Manage Private Key
14] Check the name by entering object name as SERVERNAME\AppPoolIdentity (Example: for stem server object name will appear as STEM\AppPoolIdentity). You can get AppPoolIdentity from the IIS > Application pool > Website Name > Right click on active Application pool > Advanced Settings > Check for name in Identity section.
15] Add and give the privilege.
—------------------------------------------------------------------------------------------
Connect IIS Manager in plesk
1. Log into plesk jumpbox
2. Open IIS manager (window+r > inetmgr)
3. Right click on File > Connect to the server
4. Enter the server name > enter your jumbox login details
5. When the pop-up appears, click yes/ok/install for all of the prompts
—------------------------------------------------------------------------------------------
idle timeout on plesk
Q: In plesk customer is trying to set the idle timeout for the application pool to 0. Can we set that? Because when we tried to set it to zero, gave the following details
"0" is not between "1" and "43200", inclusively
A: Idle timeout can be set anywhere from 5-60 minutes on shared. No more, no less.
Database
Connect SQL management studio plesk
1. Log into plesk jumpbox
2. Windows + r > ssms.exe or ssms
3 Enter the servername (ex: ws1)
4. Authentication should be: Windows Authentication
5 .Click on Connect
—------------------------------------------------------------------------------------------
MySQL password WSP
EIGI-GetPassMYSQL
—------------------------------------------------------------------------------------------
To asign the BACKUP database pemissions for multiple databases together
We are seeing multiple databases does not have the backup database permission. You can use the below query in SQL management studio to grant the permission together.
Database_name1, Database_name2 ...> name of the databases
user1 > user assigned to the database > normally it will be the same user. Verify connection info in plesk for the user1.
query:
---
USE DATABASE_NAME1;
GRANT BACKUP DATABASE TO user1;
GO
USE DATABASE_NAME2;
GRANT BACKUP DATABASE TO user1;
GO
USE DATABASE_NAME2;
GRANT BACKUP DATABASE TO user1;
GO
—------------------------
If you find db user is in connection info is same for all the database, then can use:
USE DATABASE_NAME1;
USE DATABASE_NAME2;
USE DATABASE_NAME3;
USE DATABASE_NAME4;
GRANT BACKUP DATABASE TO user1;
GO
DATABASE BACKUP
BACKUP DATABASE DB_NAME TO DISK = 'D:\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Backup\zunasys\mssql\DB_NAME.bak'
GO
SQL Database status is in progress
There are three different ways to recover the database.
1) Recover the database manually with following command.
RESTORE DATABASE database_name WITH RECOVERY
2) Recover the database with the last log file.
RESTORE LOG database_name FROM backup_device WITH RECOVERY
3) Recover the database when bak is restored
RESTORE DATABASE database_name FROM backup_device WITH RECOVERY
—------------------------------------------------------------------------------------------
Plesk - Could not allocate space for
Could not allocate space for object 'dbo.EventLog'.'PK_EventLogMaster' in database 'wayne_ste' because the 'PRIMARY' filegroup is full.
1. Log into the Jumpbox
2. Then open up SSMS,for RS106
3. Next, go to the database in question, "in the error is wayne_ste"
4. Right click on database and choose properties
5. Next select Files from the left size menu
6. Now in the two files listed you can see the problem.
7. Look at the Initial size (mb) that is the current size of the file, Next look at the Autogrow/max size block
The error is caused because the file has Hit the max size
8. Update the max size to sort this issue.
—------------------------------------
MySQL database process list
cd into 'C:\Program Files\MySQL\MySQL Server 5.6\bin'
HG-QueryMySQL -dbase mysql -query "SHOW PROCESSLIST"
Select concat('KILL ',id,';') from information_schema.processlist where user='media_brian2';
HG-QueryMySQL -dbase mysql -query "kill ID_FROM_PROCESSLIST"
—-----------------------------------------------------------------
Could not allocate space for object 'dbo.EventLog'.'PK_EventLogMaster' in database 'wayne_ste' because the 'PRIMARY' filegroup is full.
1. Log into the Jumpbox
2. Then open up SSMS,for RS106
3. Next, go to the database in question, "in the error is wayne_ste"
4. Right click on database and choose properties
5. Next select Files from the left size menu
6. Now in the two files listed you can see the problem.
7. Look at the Initial size (mb) that is the current size of the file, Next look at the Autogrow/max size block
The error is caused because the file has Hit the max size
8. Update the max size to sort this issue.
BACKUP DATABASE permission denied in database 'amig'.
Step 1:
a. In Plesk panel go to the customer account and then databases.
b. Note down the first user assigned to the database. Reference: http://spam.hgfix.net//3441507_Capture.JPG
Point B: instead of the first user, click on ‘Connection info’ and note down the user.
Step2:
a. Log into plesk jumpbox.
b. Search for SQL Management studio.
c. Connect to the server.
d. Expand the database and right-click on the database.
e. Click on properties and then click on permission.
f. select the primary user in the top interface.
g. In the bottom section, scroll down a bit till find the option: Backup database
i. select the option under the grant and click ok.
Reference: http://spam.hgfix.net//596668_Capture.JPG
Step 3:
Go back to Plesk panel and click on export dump and you or the customer should be able to generate the backup. Reference: http://spam.hgfix.net//4719536_Capture.JPG
Importing SQL DB from different version.
cx trying to import my database backup file from the "Import Dump" tool when trying to import database to hosting server. It shows the following message ..... " The database was backed up on a server running version 13.00.4001. That version is incompatible with this server, which is running version 12.0 server
A: it wasn't done by the correct version we have, We have server 12.0 so they need to try and export the database locally (wherever they got the backup from) and choose the lower version.
—------------------------------------
MySQL version WSP
C:\Program Files\MySQL\MySQL Server 5.6\bin\
—------------------------------------
To check mysql process list for a particular db:
In powershell, hit s ws104
(that puts you in the server), then
cd into 'C:\Program Files\MySQL\MySQL Server 5.6\bin'
HG-QueryMySQL -dbase mysql -query "SHOW PROCESSLIST"
(will show you the process list)
—------------------------------------
To check database size from MSSQL running query:
SELECT sys.databases.name,
CONVERT(VARCHAR,SUM(size)*8/1024)+' MB' AS [Total disk space]
FROM sys.databases
JOIN sys.master_files
ON sys.databases.database_id=sys.master_files.database_id
GROUP BY sys.databases.name
ORDER BY sys.databases.name
To change MSSQL database collation:
https://ppolyzos.com/2016/12/07/change-sql-server-database/
https://docs.microsoft.com/en-us/sql/relational-databases/collations/set-or-change-the-database-collation?view=sql-server-2017
—----------------------------
PHP
Other
Unzip the file on pleks
Goto D drive (\\ws116.win.arvixe.com\d$\) > inetpub > vhosts > select username > seclect zip file > right click > 7zip > Extract here
Powershell: Expand-Archive c:\a.zip -DestinationPath c:\a
Copy the files between the folders
S ws123
Copy-Item -Path D:\InetPub\vhosts\setblue-16806.package\kakafabrics_2022-03-10_15-56-46.zip -Destination D:\MSSQL\MSSQL15.MSSQLSERVER\MSSQL\Backup\ -PassThru
ZIP on WSP
Compress-Archive -path E:\HostingSpaces\runhong E:\HostingSpaces\runhong\runhong.back.zip
—------------------------------------------------------------------------------------------
Verify if the windows vps is provisioned
https://thegrove.asmallorange.com/?wspManager
—------------------------------------------------------------------------------------------
.exe files
Plesk does not allow the use of executables
if full errors and asp errors are enabled for the site in IIS then it would show you for group policy
Plesk we do not allow it, if they used to have it. We tell them the site needs to be fully compiled and then uploaded.
—------------------------------------------------------------------------------------------
Microsoft.ReportViewer
Error: Parser Error Message: Could not load file or assembly 'Microsoft.ReportViewer.Common, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies. The system cannot find the file specified.
Solution:
The report viewer version is 12.0.0 on plesk server.
Try duplicating the web.config and test the site with a file explicitly referencing the newer version of report viewer.
The installed version can be found at below path:
\\ws9.win.arvixe.com\C-Drive\Windows\assembly\GAC_MSIL\Microsoft.ReportViewer.Common
—------------------------------------------------------------------------------------------
WSP icons just refreshes (FTP users, email users, Databases, domains, websites)
You click on an email or FTP user and WSP thinks, then goes back to previous screen not bringing up what it's supposed to.
This usually means that the email account is missing/deleted from Hmailserver. If customer is attempting to delete that account, readd it to Hmailserver INSIDE the server and then you should be able to control it from WSP.
FTP User, same, usually mean the user was removed from the FTP Server. Log into Filezilla Server and add user back.
—------------------------------------------------------------------------------------------
WSP password
icm white.htx.arvixe.com {ipmo sqlps -dis;eigi-getpasswsp}
—------------------------------------------------------
VPS Change RDP port
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
make sure that is set to the port and server has been rebooted.
-------------------------------------------------------------------------------------------------------------------------------------
Enable parent path
Control Panel > Websites and Domains tab > Virtual Directories > Directory Properties
There will be a checkbox for Allowing Parent Paths
-------------------------------------------------------------------------------------------------------------------------------------
Migration
Please note that due to the intricacies of moving accounts from one windows environment to another, we do not provide a fully managed transfer per our transfer policies at www.arvixe.com/ftp.php.
They would need to order a new space, Create the account, use IMAP to move over email, FTP to move over files etc and then when they are finished with the MIgration they can contact our billing, cancel their old account, and billing can CREDIT any unused time to their new account (No refunds)
to move the emails, they can refer: https://blog.arvixe.com/how-to-use-imapsize-to-backup-and-restore-your-imap-email-account/
-------------------------------------------------------------------------------------------------------------------------------------
Images not working in virtual Directory
Question: cx is using virtual directory https://www.thinscen.com/images/ and initially he was getting 403 error while accessing https://www.thinscen.com/images/ we have enabled Directory browsing and now https://www.thinscen.com/images/ is working fine however cx doesn't want list the files . He just wish to access images directly with the image path and do not want folders to display list of images. Sever : ws1.win.arvixe.com https://thegrove.asmallorange.com/helpdesk/ticket/view/ARVX/VAQ-199-67229
Fix:
Turn of directory browsing,
Click on Virtual Directories on the dashboard,
Click on the Directory Properties of the virtual folder
make sure write is check marked and allow parent paths is check marked and apply.
Let me know if that doesn't work or if you need more guidance
-------------------------------------------------------------------------------------------------------------------------------------
Enable ports on shared
Question: cx want us to open port 1976 on the server doghorn.arvixe.com
We do not modify the ports on shared hosting. If they need access over custom ports, they need a VPS.
even the outgoing port?
Correct. Even if we were able to make the changes, they would be reverted in the next day by puppet.
-------------------------------------------------------------------------------------------------------------------------------------
Update log file size.. for r error related to:
LOG_FILE_MAX_SIZE_TRUNCATE".
cd $env:windir\system32\inetsrv
.\appcmd.exe set config -section:system.applicationHost/sites "/[name='SyncService.bbsportal.online'].traceFailedRequestsLogging.maxLogFileSizeKB:1024" /commit:apphost
-------------------------------------------------------------------------------------------------------------------------------------
WEB STATICS
plesk sbin statistics --calculate-one --domain-name=$domain
plesk sbin statistics --generate-domain-webstat --domain-name=$domain
-------------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------------
Plesk:
reconfigure the domain with repair
Push-Location $env:plesk_cli
.\repair.exe --reconfigure-web-site -web-site-name $domain1
$domain1 = "webcomesoftware.com"
Push-Location $env:plesk_cli
.\repair.exe --reconfigure-web-site -web-site-name $domain1
Pop-Location
Push-Location $env:plesk_cli
.\repair --repair-webspace-system-users -webspace-name $domain1
Note: since (.\repair.exe --reconfigure-web-site -web-site-name $domain1) reconfigures the account user security, that will only work for Primary domains. So if an addon domain needs to be reconfigured, you can use (.\repair.exe --reconfigure-web-site -web-site-name $domain1) but to reconfigure the security (.\repair --repair-webspace-system-users -webspace-name $domain1) on the user, you must use the Primary Domain.
-------------------------------------------------------------------------------------------------------------------------------------
To check if particular TLS version is enabled or not:
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server" -Name Enabled
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -Name Enabled
If Enabled = 0, TLS1.x is not enabled.
If Enabled either 1 or 4294967295, it is enabled
Controller:
If the VPS server is not tied up in the controller then:
1] Go to controller WSP
2] Create User for the customer (Username should be the first part of the servername)
3] Then create a space (ex: VPS ASP Pro )
4] Click on users hosting space and click "Virtual Private Servers" on the left
Note: VPS if you do not see the Node server in the virtual server, it probably can't be added.
5] From there in the options in the middle of the page, click "Import VPS"
6] Fill in the drop-down boxes appropriately - first should be "DallasVPS132 on My Server" and the second should be the VM's hostname.
*** DallasVPS132 can be any node on which the server is provisioned.
7] Check the following boxes for their actions:
"Start, Turn off and Shutdown", "Reboot", "Pause, Resume"
and fill in the External Network dropdown.
-------------------------------------------------------------------------------------------------------------------------------------
Windows VPS Upgrade Requests
o Connect to VM from Hyper-V
o File >> Settings
o IDE Controller >> Hard Drive
o Edit
o Next >
o Radio button next to Expand
If this option is grayed out, the VM has to be shut down to make the change
o Enter new disk size
Always increment RAM by 1024MB (If memory is added, and then it fails to boot that generally means the node is out of memory)
o Click "Finish"
o RDP into VPS (Need Administrator password from customer or would need to reset it)
Launch Computer Management
Left Sidebar >> Disk Management
Right click on C Drive >> Extend Volume…
-------------------------------------------------------------------------------------------------------------------------------------
WSP password reset Wndows VPS
Function EIGI-SetPassWSP{
param([string]$NewPass)
CryptoCheck
#Write in backup function
$Key = $(Select-Xml -Path 'C:\WebsitePanel\Enterprise Server\Web.config' -XPath /configuration/appSettings/add | Select -exp Node | ? {$_.key -match 'Crypto'} | Select -exp Value)
if ($Key) {
$NewEncryptedPass = C:\Scripts\Utilities\CryptoTool.exe /E $NewPass $Key
if ($NewEncryptedPass) {
Invoke-Sqlcmd -ServerInstance localhost -Query "UPDATE websitepanel.dbo.users SET password = '$NewEncryptedPass' where username = 'serveradmin'"
}
}
}
—--------------------
Script to reset or get wsp password
http://hgfix.net/paste/view/raw/ded59370
-------------------------------------------------------------------------------------------------------------------------------------
To find Servername with IP address
[CONTROLLER100: CONTROLLER100.HTX.ARVIXE.COM]
[08/13/2019 11:06:29] PS C:\USERS\JAREDTAYLOR> HG-LocateServer -IPAddress 50.116.121.222 |ft -a
Warning: This function will not work on Linux servers, those that do not include installation of the Hyper-V utilities or offline servers.
ComputerName VMName IPAddresses
-------------------------------------------------------------------------------------------------------------------------------------
To find server IP’s
Users\Administrator> ipconfig | findstr IPv4
IPv4 Address. . . . . . . . . . . : 23.91.73.137
IPv4 Address. . . . . . . . . . . : 129.121.26.155
-------------------------------------------------------------------------------------------------------------------------------------
WebsitePanel Error Windows VPS
WebsitePanel Error
Sorry, an error occurred while processing your request.
=====
Solution:
1] Reset password of user WPEnterpriseServer , WPPortal and WPServer from computer management
Go to Computer Management > Local Users and Groups > Users > Reset password of user WPEnterpriseServer , WPPortal and WPServer
2] Then set the same password for the Application Pool in Advance settings of all 3 Pools
Particular Application pool -->Go to Advance settings --> idenitity -->Click on Set and assigne the Username and Password newly set in computer management.
3] Then open command prompt as Administartor and then run iisreset /stop after its successfully ran, then run iisreset /start . This should fix the issue.
TOS/ABUSE/SPAM:
Uncommon, escalated, and advanced disk ToS issues: https://docs.google.com/document/d/1NkJPzJLeT3FZURegr1r4dVyMyoj0IisQNZF0IH9ghY8/edit
Outbound Attack Posibilities : https://docs.google.com/document/d/1yXULYyJdBMYDqn3LE6iI2YJkU-2ZVCS2hN9En5PaSS0/edit
VIP Customers: https://docs.google.com/document/d/1GzY-HCe_TOID4ioIb1xDENpBlCDaLrHo4bIVohTX9NQ/edit
Windows abuse: https://docs.google.com/document/d/1Tx8dJjy2XqY1MnsWLHwiByu4JXHbdzTHYtxNzCbKvjE/edit
Spamming:
Usually, we change the password to that user in WSP, change the password to that email account, and create an abuse ticket for the user and shoot it to them, then note the abuse ticket in the notes of this ticket and close it.
https://confluence.endurance.com/pages/viewpage.action?spaceKey=ASWS&title=Needs+EC+-+Abuse%3A+Spam+Reports+%3E+Windows
https://confluence.endurance.com/display/ACS/Abuse%3A+Spam+Reports
https://confluence.endurance.com/display/ACS/Abuse%3A+Report+Policy+%3E+All+Brands
these two are from Abuse. We were just helping TOS Windows, though it is not ours
When we get those reports, we just adjust the passwords for the account and create an abuse ticket.
We use grep and cygwin
and Hmailserver is very limited. You can only grep the email address or the domain and it will list all things from that log, and not separate it from spam/etc, just all emails sent in like a list text document
=======================================
to find the closest thing to a cause, you would need to look though the Event Viewer logs for stem.arvixe.com. This can be reached from the jumpbox by opening event viewer (eventvwr.exe) and connecting to stem.htx.arvixe.com. The logs are located under Windows Logs > System.
Typically, 5 unhandled exceptions in 5 minutes will cause the app pool to start
---------------------------------------------------------------
To add restrictions, you can do something like this in cygwin
disablesite() { appcmd="/cygdrive/c/windows/syswow64/inetsrv/appcmd.exe" ; [ $# -ne 1 ] && return 1 ; domain="$1" ; [ "$( $appcmd list site $domain | wc -l)" -eq 0 ] && return 1 ; $appcmd set config $domain -section:system.webServer/security/ipSecurity /allowUnlisted:false /commit:apphost && ($appcmd list sites $domain /xml | $appcmd list apps /in /xml | $appcmd recycle apppools /in ; $appcmd stop site $domain && $appcmd start site $domain) ; }; disablesite infolab.ba
Where $domain at the end is the domain you want to restrict
---------------------------------------------------------------
Enable the site
enablesite() { appcmd="/cygdrive/c/windows/syswow64/inetsrv/appcmd.exe" ; [ $# -ne 1 ] && return 1 ; domain="$1" ; [ "$( $appcmd list site $domain | wc -l)" -eq 0 ] && return 1 ; $appcmd set config $domain -section:system.webServer/security/ipSecurity /allowUnlisted:true /commit:apphost && ($appcmd stop site $domain && $appcmd start site $domain) ; }; enablesite $domain
cygwin
To launch cygwin(only available on WSP servers and not on Plesk):
RDP into the server, launch Task manager, kill the explorer process under your login session and launch Explorer again. Go to start and search for cygwin (may take a while to launch fully, be patient)
Cygwin paths:
Hosting spaces path to site files:
# /cygdrive/e/HostingSpaces//
FTP logs:
# /cygdrive/d/FileZilla\ Server/Logs/fzs-2022-02-16.log
hMail delivery logs:
# /cygdrive/d/hMailServer/Logs/delivery_2022-02-16.log
Cygwin restrictions:
# disablesite() { appcmd="/cygdrive/c/windows/syswow64/inetsrv/appcmd.exe" ; [ $# -ne 1 ] && return 1 ; domain="$1" ; [ "$( $appcmd list site $domain | wc -l)" -eq 0 ] && return 1 ; $appcmd set config $domain -section:system.webServer/security/ipSecurity /allowUnlisted:false /commit:apphost && ($appcmd list sites $domain /xml | $appcmd list apps /in /xml | $appcmd recycle apppools /in ; $appcmd stop site $domain && $appcmd start site $domain) ; }; disablesite $domain
Where $domain at the end is the domain you want to restrict
# enablesite() { appcmd="/cygdrive/c/windows/syswow64/inetsrv/appcmd.exe" ; [ $# -ne 1 ] && return 1 ; domain="$1" ; [ "$( $appcmd list site $domain | wc -l)" -eq 0 ] && return 1 ; $appcmd set config $domain -section:system.webServer/security/ipSecurity /allowUnlisted:true /commit:apphost && ($appcmd stop site $domain && $appcmd start site $domain) ; }; enablesite $domain
To remove nul.*.cer files:
Go to the affected site path: cd /cygdrive/e/HostingSpaces//
To list the nul files:
# find -type f -name 'nul.*.asp' ; find -type f -name 'nul.*.cer'
To delete the listed files:
# find -type f -name 'nul.*.asp' | xargs rm -fv; find -type f -name 'nul.*.cer' | xargs rm -fv