Blogs

How to use a Microsoft Access database on Windows Plesk Hosting.

Uploading your database Login to your the Plesk Control Panel and open the File Manager. Open the private folder and select Add New Folder. Click the Browse button and location the database file (*.mdb) file from your local computer. Press the OK button to upload it. Setting up a database connection Click on Home to return to the Home page and select ODBC Settings under Services. Click on the “Add new ODBC DSN” button Enter the name of the new connection for the database uploaded in the previous steps (You must only use letters and numbers – no spaces). You can also add an optional description. From the drop down, select “Microsoft Access Driver (*.mdb)” and click OK. Enter the Database File Path, this will be in a format similar to: E:\inetpub\vhosts\<example.com*gt;\private\<uploaded_database.mdb> (See the section Finding the Database Path below) where example.com is your domain name and uploaded_database.mdb is the name of the database uploaded to the site. Normally the domain name will not include the www part. The rest of the fields are optional and are normally not needed. Click on the “Test” button and if the connection has been created correctly you will be shown the message “Connection Successful”. If you do not see “Connection Successful” please check you have specifed the correct path (without the www). If you need to enter a password to open the database enter the appropriate username and password details. Finding the Database Path Save the attachment shown below “showpath.asp” and upload this to the ‘httpdocs’ folder for your website. Browse to this page in your web browser http://www.example.com/showpath.asp (replacing www.example.com) This should show you a path similar to C:\inetpub\vhosts\<example.com*gt;\httpdocs\showpath.asp To create the path to your database remove the portion “httpdocs\showpath.asp” from the end and add “private\<uploaded_database.mdb>. Once this is working, please remove the file showpath.asp from your website as it is no longer needed
Read more

How do set the database permissions for a Microsoft Access file (*.mdb) on Windows Plesk.

Microsoft Access Database Permissions Login to the Plesk control panel and open the File Manager and locate your database file (normally in private Click on the padlock icon next. Select the “Plesk IIS User” account which is shown on the left. Then select the option to Allow Full Control from the right hand side of the screen and click OK (You must give “Full Control” permissions on the folder the Microsoft Database (*.mdb) file is located in). Your database should now have the correct permissions set
Read more

How to enable remote connections to MS SQL server on a Plesk server?

This article describes How to enable remote connections to MS SQL server on a Plesk server? Connect to the server via RDP. Press the Start button, go to Microsoft SQL Server XXXX (where XXXX is the MSSQL version) and click the SQL Server XXX Configuration Manager. Open the SQL Server Configuration Manager (Local) > SQL Server Network Configuration menu and click the Protocols for MSSQLSERVERXXXX (where XXXX is the MSSQL version). Make sure that the TCP/IP protocol has the Enabled status: 5. Double-click the TCP/IP protocol, go to the IP Addresses tab and scroll down to the IPAll section. 6. Specify 1433 in the TCP Port field (or another port if 1433 is used by another MS SQL Server) and press the OK button: Note: the specified port, e.g, 1433, must be opened in the firewall. 7. Go to SQL Server Configuration Manager (Local) > SQL Server Services, right-click the SQL Server (MSSQLSERVER) service and press the Restart button to apply made changes:   8. Log in to Plesk. 9. Go to Tools & Settings > Database Servers > MSSQLSERVER > Settings and click OK to reset cached connection settings.
Read more

How to use Microsoft SQL Server Management Studio

This article describes how to use Microsoft SQL Server Management Studio with your Windows Hosting account. CREATING A MICROSOFT SQL SERVER ACCOUNT Before you can use SQL Server Management Studio, you must first create a SQL Server account in Plesk. To do this, follow these steps: Log in to Plesk. In the left sidebar, click Databases. In the right sidebar, click User Management: On the Database Users page, click Add Database User: 1. On the Adding Database User page, in the Database server list box, select the SQL cluster server for your account: 5. In the Database user name text box, type a username.  6. In the New password and Confirm password text boxes, type a password for the new user. Alternatively, you can click Generate and Plesk generates a random, strong password for you. (Make sure you click Show so you can see what the password is!) 7. In the Database list box, select Any. 8. Click OK. ACCESSING YOUR MICROSOFT SQL SERVER MANAGMENT STUDIO ACCOUNT After you create a Microsoft SQL Server account in Plesk, you are ready to connect to it using SQL Server Management Studio. To do this, follow these steps: Start Microsoft SQL Server Management Studio. On the File menu, click Connect Object Explorer. The Connect to Server dialog box appears: In the Server type list box, select Database Engine. In the Server name text box, type the name of the SQL cluster server for your account. In the Authentication list box, select SQL Server Authentication. In the Login text box, type the Microsoft SQL Server username you created in the previous procedure. In the Password text box, type the password for the Microsoft SQL Server username you created in the previous procedure. If you do not want to re-type the password every time you connect to the server, select the Remember password check box. Click Connect. After a few seconds SQL Server Management Studio connects to the server. Click the plus (+) sign next to Databases to expand the view, and then click the plus (+) sign next to your username to view the objects in your account.
Read more

Using External Mail Servers in Plesk

If you need to configure an external mail server to handle mail for your domain, do the following:   Go to Mail, open the Mail Settings tab. Click the checkbox next to the domain for which you need to configure external mail server, click Activate/Deactivate Services. Select Disable from the menu, and click OK. Go to the Websites & Domains tab, find the domain name whose DNS settings you want to manage, and click DNS Settings. Click the hyperlink in the Host column corresponding to the MX resource record. Type the domain name of your external mail server into the Mail exchange server field. If you are running a remote mail server named ‘mail.myhostname.com’, type ‘mail.myhostname.com’. Specify the external mail server priority, where 0 is the highest and 50 is the lowest. Click OK, and then click Update
Read more

Protection Against Brute Force Attacks (Fail2Ban)

IP address banning (Fail2Ban) is an automated way to protect your server from brute force attacks. Fail2Ban uses regular expressions to monitor log files for patterns corresponding to authentication failures and other errors that are considered suspicious. If an IP address makes too many login attempts within a time interval defined by the administrator, this IP address is banned for a certain period of time. Fail2Ban can also update firewall rules and send email notifications. When the ban period is over, the IP address is automatically unbanned. Note: To use Fail2Ban, administrators who upgrade from Plesk 11.5 must obtain a new license key for Plesk 12 from Odin or their vendor. To set up Plesk to automatically ban IP addresses and networks that generate malicious traffic: Go to Tools & Settings > IP Address Banning (Fail2Ban) (in the Security group). The Fail2Ban component has to be installed on your server. Select the Enable intrusion detection checkbox. Specify the following settings: IP address ban period – the time interval in seconds for which an IP address is banned. When this period is over, the IP address is automatically unbanned. Time interval for detection of subsequent attacks – the time interval in seconds during which the system counts the number of unsuccessful login attempts and other unwanted actions from an IP address. Number of failures before the IP address is banned – the number of failed login attempts from the IP address.      4. Click OK. Now all active Fail2Ban jails will be used to monitor the log files and to ban suspicious IP addresses. Fail2Ban in Plesk has the following limitations and peculiarities: Fail2Ban must not be restarted manually as a Plesk service, since all accumulated statistics data, including currently banned IP addresses, will be lost. Fail2Ban does not provide protection against attackers with an IPv6 address. Fail2ban in Plesk relies solely on IPs (without hostname lookups) unless reconfigured. Fail2Ban cannot protect from distributed brute force attacks, since it identifies intruders by their IP address. If you have your Plesk installed on a VPS, the VPS iptables records limit (numiptent) might affect the work of Fail2Ban. When this limit is exceeded, Fail2Ban will stop working properly and in the Fail2Ban log you will find a line such as:fail2ban.actions.action: ERROR iptables -I fail2ban-plesk-proftpd 1 -s 12.34.56.78 -j REJECT --reject-with icmp-port-unreachable returned 100In this case, contact your VPS hosting provider to solve the issue. If you had Fail2Ban installed on your server before upgrading to Plesk 12, the package will be replaced by Plesk’s Fail2Ban package. If your already installed package is newer than the one provided with Plesk, the upgrade might fail. Existing jails will not be overwritten and you can manage them in Plesk together with Plesk 12 jails. If an IP address should not be blocked: Go to Tools & Settings > IP Address Banning (Fail2Ban) > Trusted IP Addresses > Add Trusted IP. In the IP address field, provide an IP address, an IP range, or a DNS host name, and click OK. You can view and download Fail2Ban log files in Tools & Settings > IP Address Banning (Fail2Ban) > the Logs tab. You can view the list of banned IP addresses, unban them, or move them to the list of trusted addresses in Tools & Settings > IP Address Banning (Fail2Ban) > the Banned IP Addresses tab. You can view the list of IP addresses that will never be banned, add IP addresses to and remove from this list in Tools & Settings > IP Address Banning (Fail2Ban) > the Trusted IP Addresses tab.
Read more
06 May, 20

Acunetix Partner & Distributor in Pakistan

YISolutions,  is proud to announce its appointment as the exclusive distributor & Partner of the complete range of Acunetix products & Services in Pakistan.   About  Acunetix Acunetix is a global web security leader. As the first company to build a fully dedicated and fully automated web vulnerability scanner, Acunetix carries unparalleled experience in the field. The Acunetix web vulnerability scanner has been recognized as a leading solution multiple times. It is also trusted by customers from the most demanding sectors including many fortune 500 companies. Core Service / Product; Acunetix Vulnerability Scanner About  YISolutions YISolutions is a key player in IT Consultancy, Cyber Security and IT Managed Services. YISolutions was established in 2002-2003 and our Pakistan Registered Office is located in Karachi at Clifton. And our Principle Registered office is located in the US at Herndon.   Core Services; IT Managed Services Cyber Security & Protection Cloud Solution Digital & Social Media Marketing Software Solution Web Solution For more information please email us at  support@yi.com.pk   You can also visit Acunetix e-Store in Pakistan 
Read more

Securing WordPress in Plesk 12.5

To check and secure WordPress installations: Go to Websites & Domains > WordPress. Do one of the following: To check the security of all WordPress installations, click Check Security. To secure a single WordPress installation, click the icon in the S column next to the name of the desired WordPress installation. To secure two or more WordPress installations, select the checkboxes for the corresponding WordPress installations, then click Check Security. Select the checkboxes corresponding to the security improvements you want to apply, then click Secure.   Caution: Keep in mind that not all security improvements can be rolled back. It is recommended to back up the corresponding subscription before securing WordPress installations. The complete list of WordPress security improvements The wp-content folder. The wp-content directory may contain insecure PHP files that can be used to damage your site. After WordPress installation, PHP files can be executed from the wp-content directory. The security check verifies that the execution of PHP files in thewp-content directory is forbidden. Note that custom directives in the .htaccess or web.config files might override this security measure. Also note that some of your plugins might stop working after securing the wp-content folder. The wp-includes folder. The wp-includes directory may contain insecure PHP files that can be used to damage your site. After WordPress installation, PHP files can be executed from the wp-includes directory. The security check verifies that the execution of PHP files in thewp-includes directory is forbidden. Note that custom directives in the .htaccess or web.config files might override this security measure. Also note that some of your plugins might stop working after securing the wp-includes folder. The configuration file. The wp-config.php file contains credentials for database access and other sensitive information. After WordPress installation, the wp-config.php file can be executed. If, for some reason, processing of PHP files by the web server is turned off, hackers can access the content of the wp-config.php file. The security check verifies that unauthorized access to the wp-config.phpfile is blocked. Note that custom directives in the .htaccess or web.config files might override this security measure. Directory browsing permissions. If directory browsing is turned on, hackers can obtain information about your site (what plugins you use and so on). By default, directory browsing is turned off in Plesk. The security check verifies that directory browsing on the WordPress installation is turned off. Database prefix. WordPress database tables have the same names in all WordPress installations. When the standard wp_ database table name prefix is used, the whole WordPress database structure is not a secret and anyone can obtain any data from it. The security check changes the database table name prefix to something other than wp_. The maintenance mode is turned on, all plugins are deactivated, the prefix is changed in the configuration file, the prefix is changed in the database, the plugins are re-activated, the permalink structure is refreshed, and then the maintenance mode is turned off. Security keys. WordPress uses security keys (AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY, and NONCE_KEY) to encrypt information stored in the user’s cookies. A good security key should be long (60 characters or longer), random and complicated. This security check verifies that the security keys are set up and that they at least contain both alphabetic and numeric characters. Permissions for files and directories. If permissions for files and directories do not comply with the security policy, these files can be used to hack your site. After WordPress installation, files and directories can have various permissions. The security check verifies that the permissions for the wp-config.php file are set to 600, for other files to 644, and for directories to 755. Administrator’s username. When a WordPress copy is installed, by default there is a user with administrative privileges and the username admin. As a user’s username cannot be changed in WordPress, one only needs to guess the password to access the system as the administrator. The security check verifies that there is no user with the administrative privileges and the username admin. Version information. There are known security vulnerabilities for each WordPress version. For this reason, displaying the version of your WordPress installation makes it an easier target for hackers. The version of an unprotected WordPress installation can be seen in the pages’ meta data and readme.html files. The security check verifies that all readme.html files are empty and that every theme has afunctions.php file which contains the line: remove_action(\'wp_head\', \'wp_generator\');.
Read more

How To Create MySQL Database In cPanel

Almost all web software require a database to operate and one of the most popular RDMS (Relational Database Management Software) is MySQL. A web server is pre-installed with LAMP, but if yours do not, you can refer to our earlier tutorials on how to install LAMP on your server for CentOS and Ubuntu.   1) Login into your server’s cPanel main page and look for “Databases”.   2) Click on “MySQL Database Wizard”, a guided process to assist you with the process of creating a new database.   3) Give your new database a name and click “Next Step” when you are done.   4) You now have to create a new user for the database. Your username can be the same name as your database. It is advisable to create a password using “Password Generator” as a complex password will safeguard and reduce the risk of your database being hacked and compromised. Next, click “Create User”.   5) Remember to assign all privileges to your newly created user and click “Next Step”.   6) Your new database and user are now created and ready to be used.
Read more
Cart

No products in the cart.