@Hari raise a new topic for the MIME question…
installing flarum with plesk
-
today i have revisited this discussion and tried again, now i can call myself a certified flarum pleskian
installed 3 flarums and running without any issues, figured out how to run redis
I am feeling happy to use Plesk though virutalmin offers lot of other functionality to my intelligence level i feel like plesk is a good place for me to sit and use.
-
@Hari don’t celebrate too early Plesk can be the ultimate Achilles Heel when it comes to troubleshooting and resolving issues.
-
@phenomlab Today I have received this email
Important notice regarding a potentially misconfigured Redis instance on your Droplet plesk-ubuntu-s-2vcpu-4gb-amd-blr1-01:
Hello,
A recent network security scan suggests your Droplet plesk-ubuntu-s-2vcpu-4gb-amd-blr1-01 is running Redis and that it may be unintentionally exposing data or misconfigured to allow unauthorized access.
Redis listens for traffic from everywhere on port 6379, and you can validate this report by attempting to connect to your Redis on 6379 via a simple telnet command:
telnet 1.0.0.0 6379
If the connection is successful, you will receive output like the following, which will confirm that your Redis installation is visible to the public Internet:
Trying 1.0.0.0.... Connected to 1.0.0.0. Escape character is '^]'.
You will want to restrict outside access to your Redis instance to prevent outsiders from reading or obtaining your data.
Remediation of this issue will take just a few minutes and is relatively straightforward. You will need to open /etc/redis/redis.conf and uncomment (remove the “#”) or modify the line beginning with:
#bind 127.0.0.1 ::1
Afterwards, restart redis with:
sudo systemctl restart redis
You could find this information also in our community tutorial at: https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-redis-on-ubuntu-20-04
Regards,
Security Operations
DigitalOcean Security
i have tried following multiple guides as i see redis.conf file is empty there is no
supervised
directivewhat should i do to set this IP to local, what code i need to add?
-
@Hari is this the correct solution?
https://talk.plesk.com/threads/plesk-docker-redis-plesk-firewall-open-port-issue.352324/
-
@Hari File
redis.conf
should not be empty. If it were, then REDIS does not work - what’s the output oflocate redis.conf
? -
@phenomlab said in installing flarum with plesk:
locate redis.conf
root@admiring-goldwasser:~# su - site_sdxtjg95b7 site_sdxtjg95b7@admiring-goldwasser:~$ locate redis.conf Command 'locate' not found, but can be installed with: apt install mlocate Please ask your administrator. site_sdxtjg95b7@admiring-goldwasser:~$ exit logout root@admiring-goldwasser:~# apt install mlocate Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: plesk-py27-pycrypto Use 'apt autoremove' to remove it. Suggested packages: nocache The following NEW packages will be installed: mlocate 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 50.1 kB of archives. After this operation, 258 kB of additional disk space will be used. Get:1 http://mirrors.digitalocean.com/ubuntu focal/main amd64 mlocate amd64 0.26-3ubuntu3 [50.1 kB] Fetched 50.1 kB in 0s (326 kB/s) Selecting previously unselected package mlocate. (Reading database ... 146957 files and directories currently installed.) Preparing to unpack .../mlocate_0.26-3ubuntu3_amd64.deb ... Unpacking mlocate (0.26-3ubuntu3) ... Setting up mlocate (0.26-3ubuntu3) ... update-alternatives: using /usr/bin/mlocate to provide /usr/bin/locate (locate) in auto mode Adding group `mlocate' (GID 121) ... Done. Initializing mlocate database; this may take some time... done Processing triggers for man-db (2.9.1-1) ... root@admiring-goldwasser:~# locate redis.conf /var/lib/dpkg/info/plesk-php74-redis.conffiles /var/lib/dpkg/info/plesk-php80-redis.conffiles root@admiring-goldwasser:~#
-
@Hari How did you install Redis ?
-
@phenomlab using docker
site_sdxtjg95b7@admiring-goldwasser:~$ redis-cli 127.0.0.1:6379>
-
@Hari Ok, but this would denote that the service is already listening on
127.0.0.1
and not0.0.0.0
as originally stated ? -
@phenomlab i have mentioned 1.0.0.0 it is actually my server IP i masked it.
after receiving the email saying 111.111.111.111 is getting exposed i have deleted the existing redis docker and followed the above guide as mentioned in Plesk site.
do you think now everything is correctly running?
-
@Hari Yes, but the screenshot above shows
127.0.0.1
? -
@Hari said in installing flarum with plesk:
do you think now everything is correctly running?
One way to test would be to execute this command from any machine connected to the internet
telnet <ip address> 6379
If it appears to answer, then it’s still exposed. PM me the IP address if you’d like me to check
-
C:\Users\Hari>telnet 11.11.11.11 6379 Telnet Win32 v2.1b2, Copyright (C) 2000 Paul Brannan <pbranna@clemson.edu> and the team. This program comes with ABSOLUTELY NO WARRANTY; for details read LICENSE.TXT. This is free software, and you are welcome to redistribute it under certain conditions. Loading configuration options from R:\laragon\bin\telnet\telnet.ini. Loading ANSI from R:\laragon\bin\telnet\telnet.cfg. Use configuration: ANSI. keymap ansi There are 1 maps. Trying 11.11.11.11:6379... Connection timed out.
-
@Hari Yes, looks good
-
@phenomlab thanks a lot, have a nice day