Introduction What are the goals of this course? * Introduce the Parallels Plesk control panel product for Linux. * Explain the benefits for our clients and staff of the product. * Provide training for operations in the Plesk web-based GUI. * Establish a baseline competency for technicians and administrators who are responsible for supporting Plesk/Linux. * Enable participants of this course to pass the Plesk/Linux level 1 certification test and gain certification.
Introduction What is the subject material for this course? * This class will cover operating within the Plesk control panel GUI environment. More advanced topics (including command-line operations) are covered in the level II course.
Plesk Panel Introduction What is a control panel? * “control panel” in the context of web hosting software is a software package that provides centralized management/provisioning of hosting accounts and simplified system administration tools. This includes all services needed to host a website on the Internet (web service, mail service, DNS service, database services, FTP service, application installers, etc.).
Plesk Panel Introduction What services does Plesk manage? * FTP (proftpd) * Mail (qmail OR postfix) * DNS (BIND) * HTTP & HTTPS (Apache) * MySQL and/or PostgreSQL * Webmail (Horde) * Plesk web services
Installation -What options are available for installing Plesk? * Full package archive (RPM/DEB) * Autoinstaller script * Preloaded system images with Plesk installed (suitable for VMs)
Installation Which is the most effective way of handling installations in our environment? * For ease of installation, and the ability to customize installs to suit the clients' individual needs the autoinstaller script is the preferred install method. * You may obtain the latest autoinstaller for specific distributions at the following URL: http://www.parallels.com/download/plesk9/
Installation Which is the most effective way of handling installations in our environment? Input your bullet points here
Installation -What steps are necessary after the initial install? * Verify that Plesk is accessible via a web browser by entering the following URL: https://ip-address:8443 The default login credentials are user “admin” and password “setup”. * Purchase a Plesk license for the client and ideally send a copy to the client via attachment to a support ticket, and if time permits uploading the license key to the control panel.
Installation How are Plesk licenses obtained at Superb? * Plesk licenses are managed online. You may find and practice the full licensing procedure by following the steps at the following URL: https://staff.superb.net/wiki/Plesk_Licensing_Procedures
Installation How is a Plesk license key installed & validated? * From the homepage click “License Management”. If you wish to upload a key for an additional Parallels Plesk Panel feature, select the Additional License Keys tab. * Click the “Upload Key” icon. * Specify the location of the license key by entering the path into the text box provided, or click “Browse” to browse for the location. * Select the “Replace the currently installed license key with the selected one” check box if you are overwriting an existing key. * Click “OK” to submit. Parallels Plesk Panel will upload the given license key file to your Parallels Plesk Panel.
Plesk Panel Overview Account & Permissions * Plesk management is provided in the form of a hierarchy of accounts with varying permissions/access levels. From the most privileged to the least they are: --Administrator – A single account with access to all operations within the system. This account has the username “admin”. --Reseller – A customer who can sign up their own clients and re-sell webhosting services. Resellers have unique login names. --Client – An owner of one or more domains. Some clients are allowed to create additional domains depending on permissions granted. --Domain Administrator – An optional account that manages one single webhosting domain. The login is the same as the domain name (IE testdomain1.com). --Email User – A user of a single mail account. These accounts may manage their own mailboxes and other mail-related settings (autoresponders, redirects, etc.). Logins are the full email address (IE email@example.com).
Plesk Panel Overview Domains & Services * Plesk allows managing domains and services at the server and domain levels. Domains are owned by resellers, clients, and domain users. Clients, Resellers, and Administrators can add new domains, configure web hosting and other services, create domain user accounts to delegate domain management permissions, etc. * Domain users may manage a single domain. They may also (depending on permissions): – Create subdomains under their own domain. – Schedule tasks (cron jobs). – Backup and restore domain files. – Manage services and applications for the domain.
Plesk Panel Overview Control Panel Access * The Plesk interface is web-based and only works via SSL. Thus every account, regardless of permission level, must access via https using the following URL format: – https://<ip address>:8443 * The default SSL certificate will generate a warning in most browsers since it is self-signed. This is normal and any warnings should be ignored. * Once successfully logged in, there will be a navigation frame on the left that provides menu-style access to various functions, and a content frame taking up the entire right-hand side of the screen. There is also a navigation string across the top of the content frame that can be used for quick navigation between previously-visited areas.
Plesk Panel Overview Control Panel Customization * Plesk is highly customizable. To access these options, click the Settings link on the left navigation bar. The following options are available for customization: – A standard set of interface skins is provided with the default installation. Additonally, users may create their own custom skins and upload them. – Language packs are provided for using Plesk in different languages. – The logo image and title bar text may be replaced. – Custom buttons allow creating additional interface elements. An example of this would be a button to a 3rd-party billing system or webmail system.
Domain Level Management Domain Creation & Configuration * Account creation is a process that covers the following steps: – In the Accounts panel select “Create Client Account”. You will enter the new client's name & contact information. – Select a template for the account settings (optional). – Select resource usage limits for the account. – Select control panel permissions. – Designate which IP addresses are allocated to the client's IP pool. * Note on IP allocations: addresses are classified under two categories: – Exclusive IP: may only be used by one client. This is the ideal configuration for domains requiring SSL certificates. – Shared IP: can be given to/used by multiple clients. This is the ideal settings for most clients/domains that do not require SSL functionality.
Domain Level Management Domain Templates * Client templates are used for quick creation of fully configured Client accounts. Each client template contains a predefined set of permissions, restrictions, and other options. This enables automatic provisioning of accounts and greatly simplifies the account creation process by providing consistency and preventing manual administrator mistakes. * To access the template editing section of Plesk, navigate to the Clients > Client Account Templates > Create Client Account Template area in the navigation pane.
Domain Level Management <ul><li>Creating Subdomains </li></ul><ul><li>* Subdomains are commonly used to assign a unique name to a department, function, or service related to an organization. Subdomains may have their own unique login/password, resources, and will have DNS records in the parent's DNS zone. </li></ul><ul><li>* To add a subdomain, navigate to Domains > (domain name) > Subdomains > Add New Subdomain. </li></ul>
Server Level Management System Management * To reboot or shut down the server, navigate to the Server pane. Note that this option is limited to the admin user. * To adjust the date/time settings, you may input the parameters manually or enter an NTP (Network Time Protocol) host. Navigate to these settings via Home > Server > System Time. * Under the Interface Preferences page you may configure system-wide settings including the server's hostname, log retention policies, and DNS zone restrictions.
Server Level Management SSL Certificates * The admin user may add SSL certificates to the SSL certificate repository via Home > Security > SSL Certificates . Any of these certificates may be assigned as the default for an IP address. * Each certificate may be self-signed or provided by a Certification Authority (CA). Self-signed certificates use a public/private keypair generated on the server. CA certificates are more trustworthy as the domain ownership is confirmed before the signed certificate is provided.
Server Level Management IP Addresses * IP address management is provided in several key functions: – Add/remove IP addresses from the server's network configuration. – Configure the type of IP address (Shared / Exclusive). – Assign an SSL certificate to a specific IP address. – Assign or remove an IP address to a Client's IP pool. – Assign a default domain to an IP address.
Server Level Management DNS Zone Configuration * Plesk provides two levels of DNS management: – Template-driven automatic DNS zone creation. – Individual DNS zone editing (adding/removing resource records). * To edit the DNS zone template, navigate to Home > DNS zone template . – Templates are used for creation of a DNS zone file when a new domain is added or when domains are restored manually to a default state (in case of client zone mismanagement). – Placeholders ( <domain> and <ip> ) are replaced with the actual domain name and IP address when the DNS zone is created.
Hosting Configuration Web Hosting * In Plesk you may configure three types of hosting: – Physical hosting: the most commonly used type of hosting in which the files for the website are hosted on the server and directly managed by the client via FTP. – Standard forwarding: all requests to for the domain are forwarded to another URL; the address in the end-user's web browser also updates to reflect the forwarding. – Frame forwarding: all requests for the domain are forwarded to another URL; however, instead of rewriting the URL in the end-user's web browser, the content is displayed within a frame. The only problem with this type of forwarding is some engines do not properly index these frame pages. * Clients may also configure subdomains, password protect directories (via .htaccess/.htpasswd), and add web user accounts for their Domains.
Hosting Configuration Physical Hosting * Setting up physical hosting for a domain provides all necessary functions for creating a web site. While setting up physical hosting you may configure account options such as IP address assignment, SSL certificate assignment, disk space quota, and server-side hosting technologies (PHP, SSI, ASP, ASP.NET, web statistics, etc.).
Hosting Configuration Web Users * A web user is an account within the web server. It is used to provide access to specific content via FTP and has no relation or ability to login to the Plesk control panel. * Web users may access their FTP account by connecting to the following URL format: domain.com/~username * Note that web users are created within the operating system so they may not share usernames and may not use reserved system names (apache, mailman, etc.).
Hosting Configuration File Management Tools * Web documents may be managed three ways: – Directly by the administrator via SSH / SFTP on the filesystem ( /var/www/vhosts/<domain name> ). – Via FTP. – Via the Plesk File Manager tool (a graphical PHP FTP client) accessed under Domains > (domain name) > Files. * The File Manager tool is a fully function web-based FTP client and provides the same functions one would find in a normal FTP client (file upload/delete, directory creation/deletion, permissions management).
Security Management What is protected? * Plesk offers several security features that help increase system security: – Firewall (iptables) management enables traffic filtering and logging. – SSL certificates ensure login credentials and session data are encrypted when transmitted from clients to the server and back. – Session idle times ensure any sessions opened by users and left unattended are automatically logged out. – .htaccess management provides basic user authentication to protect sensitive files and directories. – Mail is secured via SPAM filtering and antivirus modules.
Security Management SSL Features * Each domain has an SSL certificate repository to store and manage certificates. The server-wide administrator repository is managed by the admin user. * The repository grant access to tools for generating Certificate Signing Requests (CSRs) and creating self-signed certificates. * Certificates may also be uploaded in independent parts (CSR, private key, public key, CA chain certificates) if an SSL certificate was previously purchased. * Note that SSL certificates are assigned to IP addresses in order to take effect. This is an important distinction for Plesk and must be kept in mind (separation between managing certificates for a client/domain and actively configuring & activating the certificate). * To access the SSL repository, navigate to Domains > (domain name) > SSL Certificates.
Security Management Directory Protection * In the Files > Password Protected Directories area you may create password-protected directories. * Note that before the directory is properly protected, a user with proper permissions/access must also be created and assigned to the appropriate directory.
Security Management Spam Protection * Plesk offers many current technologies that assist in stopping/mitigating SPAM: – DNS blackhole lists: third party DNS databases that prevent SPAM delivery by verifying that the sending host is not a known spammer. – DomainKeys: a technology that incorporates SSL style DNS records for signing outbound email. Properly configured DomainKeys hosts can verify authentic mail by a simple DNS record lookup. – Sender Policy Framework (SPF): DNS-based method of preventing email forgeries. – SpamAssassin: open-source software which uses a wide variety of local and network tests to identify SPAM signatures. – Black/white lists: standard features for identifying mail domains that should never/always deliver messages. – Greylisting: technology which temporarily rejects mail from unknown senders. This takes advantage of the general principle that valid MTAs will re-send mail after a temporary error. Spammers usually give up after one rejected attempt. * To access these features, navigate to Home > Mail Server Settings.
Services and Resources Mail Service * Email accounts are used in the standard familiar way (via webmail or with a 3 rd party email client using POP3/IMAP protocols). * Configurable email parameters include the following: – Create, edit, or deleting mailboxes. – Setting mailbox quotas. – Configuring email aliases. – Email redirection. – Convert a mail user into an email group used for forwarding mail to a number of email addresses. – Setting up vacation/autoresponders. – Configuring antispam/antivirus settings.
Services and Resources Database Service * Plesk supports integration with two database engines: MySQL and PostgreSQL. The default engine is MySQL, with the necessity to explicitly install PostgeSQL if so desired. * A database server must be registered to the control panel before clients may interact with it. This is performed under Home > Database Servers > Add Database Server . Note that MySQL is added by default in new Plesk installs. * Clients may interact with the database server in the following ways: – Create new databases. – Create new database users and assign permissions. – Manage databases via the web (DB WebAdmin AKA PHPMyAdmin).
Services and Resources Application Vault * The purpose of the Application Vault is to provide web application management as an integrated part of the Plesk panel. This eases installation and management of popular software packages (WordPress, phpBB, etc.). * Available options for configuration/management of the Application Vault include: – Installing new applications from local storage or the web-based APS catalog. – Removing installed packages. – Checking for updates on installed packages. – Monitoring installed application packages. * The Application Vault may be accessed via Home > Application Vault .
Services and Resources Task Management (Cron Jobs) * The Plesk administrator has the ability to schedule execution of tasks via the crontab management utility included in Plesk. * To schedule a cron job, navigate to Home > Scheduled Tasks. – Select the system account under which the task will run. – Click Add New Task and specify the timing interval by inputting the standard UNIX crontab parameters. * Clients may also configure cron jobs under their user accounts. These are highly useful to perform periodic actions like reporting on the latest version of software packages, ensuring backups are properly running, and checking disk quotas.
System Maintenance Notifications * The notification system is a detailed alert system that sends emails to users/administrators when events are triggered. * The following events can be monitored using the notification system: – Account creation, expiration warnings, expirations. – Resource usage limit events. – Ticket creation, commented, closed, or re-opened events. * Users may be subscribed to notifications by account type or by configurable, specific email accounts. * The text in a notification email may also be edited/changed by the administrator.
System Maintenance Backup/Restore * The backup/restore tool included within Plesk is use to easily manage backups of client and server data. The web interface provides controls for configuring which data is backed up, scheduling, and local/remote storage options. * Using the backup/restore options, you may perform the following levels of data backup: – Individual domains (websites). – Customer accounts along with domains. – The entire server. * To access these features, navigate to Home > Server > Backup Settings . * To access restore features, navigate to Domains > (domain name) > Backup Manager:Server Repository.
System Maintenance Migration Manager * Transferring accounts/data from an existing server to another can be facilitated using the Plesk Migration Manager . * To perform a migration, follow these steps: – Navigate to Home > Migration Manager under the Help & Support group and click Start New Migration. – Enter the IP address and login credentials of the remote server. – Specify the local directory where temporary migration data will be stored. – Select which accounts will be migrated. – Select settings for how to resolve timing conflicts & resource usage conflicts. – Begin the migration and monitor the progress in the real-time updating log that displays in the web interface.