Severe security leak on old Plesk servers The combination of the outdated Operating System CentOS 4 with the Plesk version 9.5.4 was found to be open for hackers, using the Plesk FastCGI module, on the 10th of November. As a quick fix, we immediatly disabled on all servers with that CentOS/Plesk combination the FastCGI module. Since that time, we upgraded on all those servers the Operating System from CentOS 4 to CentOS 5.11, which is secured against that attack.
The upgrade was finished today.
Possible implications: 1. Websites might show placeholders instead of special characters like ë Solution: - Edit the file /etc/httpd/conf/httpd.conf - search for "AddDefaultCharset UTF-8" - replace it with "# AddDefaultCharset UTF-8" - restart Apache with the command "service httpd restart"
2. Websites are not showing, if the index file is named index.htm Solution: - Edit the file /etc/httpd/conf/httpd.conf - search for a line starting with "DirectoryIndex" - add " index.htm" at the end of the line - restart Apache with the command "service httpd restart"
|