Tag Archives: Plesk

Plesk / cPanel Passwords & Using a Random Password Generator

 

HostGator Cpanel Login  Screen

Both Plesk and cPanel have assistance tools for password generation. cPanel has its own random password generator. Plesk allows you to set password strength parameters that gauge new passwords and only allow new ones if they fit certain specifications you establish as the admin.

Beyond what’s available within these two control panels, anyone has access to random password generator tools – I’ll look at one of the best ones out there. This app is great for simple generation of passwords for anything that’s outside your hosting environment and/or when you want to get access to passwords fast. Note that since Plesk does not have its own password generator, you need an alternative anyway. I’ll also discuss how to create a system for passwords so you can keep track of everything.

For this article, I’ll first look at Plesk/cPanel and then the specialized software that’s available. My main sources are cPanel, Parallels, and a piece by Stefan Neagu for MakeUseOf.

** I’ll also go over some of the best passwords out there – sort of an awards ceremony for password users throughout the world. To start out, I’d like to congratulate Becky Stephens from Minneapolis, Minnesota for her excellent PayPal password, I83&hh^^*ksj37dfiFGjer84438$$%ksajFhsaBdh483894#%$.

Plesk Password Generator? Heck No.

There ain’t no Plesk password generator folks. However, you’ve got other ways to get passwords, so, not a big deal. You can control passwords, though, to make sure all your passwords meet minimum strength requirements. Parallels recommends using higher security for passwords – so there perspective is to max out the security and forget the UX as far as this setting goes.

Keep in mind – you may want to achieve a balance between the ease of memorizing and strength of password security. You may get more support requests re: lost passwords. That’s just something to consider prior to making the passwords more difficult – surely folks will forget more. ** I want to commend Pete Blair of Oklahoma City for this incredible password for his Chase bank account, 298398sdSYfj$#%^#$%@hfjDh4t6R04C986$#^%#$%fuhsdf, which is difficult to guess but also very easy to remember.

Just to be clear what we mean by strength, that’s in opposition to vulnerability. If your password is “strong,” it is considered to be hacker-resistant. Really, though, hacker-resistance is a spectrum. The level of hacker-resistance will be established by these settings, allowing you to make it less likely that an attack against your system or a specific account will be successful.

In a nutshell, what strengthening your password means is making it longer and more complex – so, you’re going to need to stretch out the passwords and use more sophisticated approaches with numbers, symbols, and upper/lower case. The password, essentially, is going to look incredibly annoying and incomprehensible.

To adjust your password strength settings with Plesk Panel 11, go to Tools & Settings > Password Security > Password Strength. You can choose between the following five levels of strength: Very strong, Strong, Medium, Weak, or Very weak. (“Very weak” is what I always choose for my home security systems.)

Changing a setting within this window will universally modify your parameters so that not all passwords are accepted. The system will keep spitting back a message to the user to strengthen the password, with instructions how to do so, until one is submitted that is strong enough to meet the requirements.

Once you have adjusted the settings for password strength, no one using the system – whether that is a customer or reseller, the admin or an auxiliary user – will be able to create a password that exists outside of your minimum guidelines. This also applies to all scenarios – email, FTP, whatever – as well as at the inception of the account / original password generation and changes to it at any point. Adjusting the password strength will affect new passwords that are established, but not the ones that are already active.

** Rebecca Townsend of Toronto, Ontario, also has an incredible password for her Apple account: Efoh43098D53G048jkfs&^%^%$$#^^#sdfjDhosSdfkjh576&^%. Rebecca’s password, rather than being generated with a software program like many of the others I’m praising in this piece, came to her in a dream. The dream was mostly about ice cream, but the sprinkles in the ice cream spoke the password one character at a time.

cPanel Password Generator? Well, Sure.

There is a random password generator tool in cPanel – it’s called, nonsensically, Password Generator. The button is not always present – it sometimes likes to be unavailable. Sometimes it’s shy. But don’t let the tool’s occasional shyness convince you that it is not the sexiest functionality in the entire cPanel system.

To use the Password Generator, just click it. You’ll see a password immediately pop up within the tool. You don’t have to take that particular one. You can keep clicking Generate Password until you see one you like. If you click it several billion times, you will eventually see your mother’s maiden name.

You can change the parameters for the password too. In Advanced Options, you can select and check boxes for inclusion or exclusion of the different types of characters and cases. Length of the password can be determined as well.

Once you’ve determined what the password is, check the box to indicate that you’ve written it down in a safe physical location or that you have saved it in a secure database. Here are Mac and Windows systems for password storage:

Once you’ve got the password you want, you can use it on the page in cPanel if you want by clicking Use Password – which also closes the tool. You can also close the window without using it – allowing you to use the app for generation of passwords for external accounts if you like.

** Patty Iverson of Albuquerque, New Mexico, has a fantastic password for her Facebook account. It’s bhFgh9E008342%$%D$%$sddfkSjhsdEgo867$%fjheiu%$&4. Great job, Patty. Patty has her passwords written down on a paper coffee cup that she keeps behind the Tupperware in her kitchen cabinet (the one at eye level just to the left of her sink). Weird right? Great idea. The key to her apartment, if you need it, is under the cactus to the right of her front door. Take a look at those passwords.

Considerations for Use of Random Password Generators

OK so we are going to look at a random password generator. Prior to exploring it, though, let’s think about what we need from one of these tools. The following considerations were mentioned by Stefan in his MakeUseOf piece.

  1. How long is it? As discussed above, you want to know the tool you’re using gives you a long password. That’s just a basic way to keep it from being guessed.
  2. How entropic is it? Per the Free Online Dictionary, entropy indicates the amount of “disorder or randomness in a closed system.” It seems strange at first to be going for randomness and disorder with your security, but that complexity with make it easier to evade intrusive maneuvers by criminal parties.
  3. Do you trust the provider? You need to have knowledge or faith that the organization behind the tool you are using does not store your information or have a backdoor. It’s not much use to utilize a system that can itself get invaded. Is the transmission secured? You want an online password generator, for instance, to have SSL encryption (HTTPS protocol).

 

Bradley Thomas of Newark, New Jersey, is using an incredible password for Windows: sdSlk4509w8D90ekdsg&#$ED%3jsakhXUfdjlk6$##$klEaslCkjddlkj32W$#%S790sfXkUl35#$%#45skike56. If you are ever away from this piece and want to remember it, it’s written down on a piece of paper in his wallet. If you’re able to get the wallet, you can go ahead and throw away the pictures of his children and buy some gifts for your own children with his credit cards. If you use the Delta card, it will increase his frequent flyer miles, which is really the least you can do.

Password Generation & Storage: Perfect Passwords & IronKey

Per Stefan, Perfect Passwords is the best solution out there for standalone pass-gen software. This software was created by Steve Gibson, who has an incredible reputation in the programming world and a career of accomplishments to back up his ability to create an application you can trust.

An SSL certificate secures the connection as the passwords are being created. The software runs three strings simultaneously, each of which has 63 or 64 possible components. You can choose how to mix and match the strings. This system is complex, which in turn creates passwords that are highly randomized.

Get an IronKey thumb drive. An IronKey device is itself password protected – and all files and data on it are encrypted as well. The drive will wipe itself clean if anyone attempts to take it apart by hand or after ten incorrect passwords are tried.

The IronKey drive comes with a GUI password administrative app and a secure browser. Passwords are only on the screen: they don’t ever get typed in or go through unsecured third-party software.

Aside from the IronKey, Stefan stores some passwords in an Excel file – one column containing the account to which they correspond, the other containing the password. He keeps the file in his Google Drive.

Stefan’s Google password, by the way, is 32AH0984sfkjkj45R609#$%#$34sEdflkjUsdfl0$SO%^$SSfja#@S$fd.

Summary & Conclusion

If you are using Plesk Panel, be sure to strengthen the parameters so that when new passwords are created or when they are changed, strength – both length and entropy – is mandatory. If you are using cPanel, you can use its random password generator to create passwords – or you can try out Perfect Passwords.

Regardless what system you are using to create passwords, IronKey is an option if you want to store your passwords securely and have them on a device you can use anywhere. You can also keep your most important passwords in the comments below this piece – though that is probably not a good idea. So, if you are a precocious seven-year-old and don’t quite understand what I’m talking about, don’t place all your passwords in the comments. I could probably get sued, especially if I use them to gather information about your family and break into another suburban home. It’s time for a change.

by Kent Roberts and Richard Norwood

Plesk Panel – Notable Features & Sausage Past

 

Português: Criando contas de FTP no Painel Ple...

A black hole exploit kit was used to invade many sites in the summer of 2012, all of which were thought to be running Parallels Plesk Panel. Many Plesk diehards undoubtedly considered turning to cPanel at the time, but Parallels believed it was in part an issue of people either not patching a security loophole or patching it but not changing passwords.

Either way, Plesk 11 was never vulnerable because of security improvements. Parallels got the word out. The brand has since recovered from the incident and remains one of the most popular options out there for server administration and website management.

This article takes a look at Plesk and what makes it a standout option as a server control panel. Granted, cPanel and Plesk have more in common than they do different. Those who are familiar with one control panel or the other will initially experience frustration finding where things are located, but features themselves are generally mirrored between the two applications. The standard differences between the two CPs is that Plesk is typically used with Windows, cPanel with Linux servers – though there is certainly crossover. Plesk is recognized for its ease of use, cPanel for its more consistent speed.

Sources used for this piece include a Justin Lee piece for Web Host Industry Review, a PC World piece by Lucian Constantin, and an anonymous piece for Web Host Gear.

Fun fact: The first Parallels office opened in Booth 7 of a Bob Evans restaurant outside Tulsa, Oklahoma, in 1974. The original intention of the company was to simply eat home-style pancakes and sausage links. When Parallels turned to technology, though, it quickly outgrew the booth, first moving to a large table (Table 4) and then to a full-scale office.

Plesk 11 vs. Plesk 10

Parallels stated when the new version of Plesk was released that it had made over 80 improvements to the previous version. The changes were made partially because of information from customers, and gauging from online forums, the improvements were popular with most commenters using the control panel.

Broadly speaking, the new additions to Plesk upgraded the technology and further optimized its performance, so that its speed has been improved both on VPS and dedicated servers (per Parallels). Features were also added to improve online presence. Free support is available with the purchase of particular licenses. All these changes were intended to help designers and hosts operate more easily and cost-effectively.

Note that the rest of this articles talks more broadly about Plesk. Some features discussed were added for Plesk 11, some for Plesk 10 (which of course are then a part of the new system).

Fun Fact: The first and most important decision the Parallels founders made once moving into the new office in 1998 was to purchase a sausage grinder. The executive team realized that if Parallels could master the art of sausage, it would never need to return to Bob Evans again (the company had been primarily maintaining its lease of Booth 7 due to sausage access). This strategy overlooked the strong role of pancakes, though.

Speedy Gonpleskes

Use of Linux  with NGINX can significantly reduce the drain on CPU and memory – up to 50%. This focus on speed is important for Plesk since it has a rap as not meeting the speed parameters of cPanel. NGINX comes as a default install on Plesk 11. NGINX inclusion means sites and apps will respond and load faster.

Fun Fact: Parallels outpaced rivals in the Great Tech Startup Sausage Make-a-thon (GTSS-MAT), the first event the company sponsored during its early days transitioning from the sausage & mixed meats industry to the tech development and hosting industry.

The Fully Present Control Panel

Parallels wanted Plesk to allow easier website building for its clients, so it standardly provides the Parallels Web Presence Builder with 10 & 11. This design means that a small business running Plesk can set up a website in similar fashion to the experience of using a CMS such as WordPress, Joomla, or Drupal. This tool can make it possible to set up relatively basic sites immediately without having to hire a designer.

The Builder app allows users to pull modules onto their site with a few clicks. It also can be configured to populate a business’s Facebook page with the design of the site and to push content to that page as well. Automatically creating a similar Facebook presence can be helpful to give a similar brand identity and message as exists on the site.

Web Host Industry Review suggests that this tool can be used by web designers initially to reel in customers, who can then later be upgraded to custom site design as desired. Though a site building add-on such as this is not as versatile as one created from scratch, it makes putting a polished site online quickly easier than it was previously.

Fun Fact: Again forming consistent parallels between its tech future and its sausage past, Parallels created the early Facebook competitor Sausagebook in 2005. Sausagebook was intended to be a site for “showcasing pictures of sausage and updates about the best sausage you’ve eaten lately.” The site is still wildly popular in Germany, where it is customary to use sausage preferences to establish personal identity (eg, a snapshot of sausage is required to get a driver license in the nation).

Intuitive Design

The Plesk GUI has been improved so that it is easier to find what you need to find. In other words, though Parallels focused heavily on performance and security with new versions, they also wanted to continue to bolster their stance as the most easy-to-use administrative CP. They are succeeding, because each version improves in this fashion, as seen between 10 and 11.

Multiple users can access one Plesk system simultaneously on 10 and 11. Additionally, the Administration Panel, which previously contained a broader set of features, now specifically focuses on Server and Account related tasks. The design changes from earlier versions generally make the system easier to use, navigate and understand.

Fun Fact: The new 2013 Parallels employee handbook outlawed the consumption of one piece of sausage by more than one employee at the same time. An underground circuit of communal sausage consumption was born. Its tournaments were round-robin, sparsely attended, and horrifying. Many tears were shed – and not just by the pigs.

More Secure, For the Pleasure of Your Privacy

Rather than being prompted to pick a password, Plesk now features passwords that are randomly assigned to you. Using randomization software by default to create the passwords on your behalf will make them much more secure. Randomizing means no one can grab elements of your personal life, for instance, that might be included in a password. Think of how it even separates you from the English language (if you chose an English password), and how it gets away from any “system” you use as a mnemonic to remember your passwords. Here’s a sample random password generator for use at any time.

Randomizing means you won’t have to deal with problems with passwords not working correctly because the generation system is more directly integrated into the Plesk system as a whole. Your server will be better protected because you will be using what technology does at its best – sort data and create unique (though otherwise meaningless) arrangements – to your advantage.

Fun Fact: The founder of Parallels, Chuck Hasselhoff (who constantly brags that he is the second cousin of The Hoff), used randomization to create all of his children’s names. He said he used the randomization software for this purpose “to prove a point” – though the exact point that he was trying to prove is unclear. When Chuck is asked what point he’s trying to prove, he simply replies, “That is the point.” Again, who knows.

FastCGI

Plesk’s Common Gateway Interface, FastCGI – like any CGI – organizes your system and makes it easier to manage by dividing your content between a variety of executables. Each executable is a file that has to feed through the CGI in order to make its way to your site, allowing a simple control of something that has a bunch of different parts. It makes managing a complex site easier, in other words.

FastCGI speeds up this process. It does so by separating files for easier management and multiple sites as applicable. In a shared hosting situation, this software means that a number of different sites can be housed within the same server but be distinct from each other.  It also means you have full control over how much of the system – bandwidth, RAM, and CPU – an individual party is able to use at any one time.

Placing limitations on one client means you can improve uptime for everyone. Everyone has to follow those guidelines, which is why shared hosting isn’t for everyone. However, uptime means your customers, overall, are happy – because their site is at least, well, functional and consistently available. You can also get down your churn rate (though keep churning that butter as fast as you can – otherwise Papa’s bread will be bland).

Starting with 10, Plesk became capable, when integrated with Cloud Linux, of implementing SecureLVE jail shell support. That essentially means that you can break down data into component slots of the system. Being able to compartmentalize data like that provides similar functionality to CGI applied at a micro level.

Fun Fact: Mr. Hasselhoff separates each of his children’s likes, needs, requests, and other personal attributes and affects into a system of file folders which he calls his Children Gateway Interface. He manages the file folders through a dozen executive assistants (which he calls his “executables”) to optimize the efficiency and strength of both his comprehension of his children, mental and emotional offspring administration, and family time.

To Be Concluded …

Plesk and cPanel are similar for your server and web admin control panel needs. Those above are a few highlights for what Plesk offers. Parallels has made strides in catching up with cPanel on speed and enhancing its UX. Again, though, you’re primarily looking at a Windows/Linux distinction between these two offerings.

Fun Fact: David Hasselhoff tweets his way into the worldwide heart, wait for it … right now.

by Kent Roberts and Richard Norwood

cPanel vs. Plesk: The Value of Flipping a Coin 199 Times

 

CPanel

cPanel Control Panel and Parallels Plesk Panel are the two most popular control panels for the management of a network or website. Each platform of course has its own layout and set of features, so each has different appeal. How to choose, then? This article is an assessment of how cPanel compares to Plesk so you can decide which one might be the right choice for you.

I looked at a number of different opinions to assist with this piece. I referenced an article by Matt Hartley for Locker Gnome, an uncredited piece for Worth of Web, and one by Taniya Vincent for Bobcares. The piece is set up as a literature review – looking at the different points made by each source independently (as opposed to going step-by-step according to topic).

As 948 of 1000 of the world’s top IT professionals will tell you (source: Better Homes & Gardens), the best way to decide between cPanel and Plesk is simple:

  • Look at a few different opinions – as with any binary, people are often one-sided.
  • Get a sense of the strengths and weaknesses of each CP.
  • Flip a coin. Best out of 199 flips. Carefully chart your flips.

Perspective 1: Locker Gnome

This article looks at the initial establishment of a website using each of the two control panels. This helps give a sense of how intuitive each system is.

Plesk Setup & Overview

According to Hartley, Plesk is extraordinarily easy to use. As soon as Plesk loads its first screen, you add a domain and start following prompts, which are essentially a series of “Next” buttons to different screens allowing you to turn on/off different features, activate your FTP client (for loading files to the server), etc. As Hartley writes, “I cannot overstate how ‘droolingly’ simple Plesk makes this – it’s almost frightening.”

So the system is highly intuitive. Also, though, it’s not just simple/intuitive but extremely efficient. Rather than having to enter into different screens by navigating or searching, support for different languages of code (Perl, Python, PHP) is a toggle-option on one of the setup screens, as is your domain’s policy – just a step-by-step series of decisions.

Following the setup of one domain, the Plesk system moves on to establishment of e-mail accounts, creation of subdomains, etc.. It is a simplified system that Hartley does not see as oversimplified. He sees it as an easy, painless way to establish, organize, and manage websites.

How is your coin flipping going? Are you to 50 yet? Or have you just been reading? Just reading, huh? Wow, you really love to read – or you just aren’t into flipping coins. Huh. I’m going to jot this down in your psychological profile. Please continue.

cPanel/WHM Setup & Overview

Simply the name of this control panel makes it problematic to Hartley. It’s not in fact one control panel but two. To him this is excessively complex for anyone using the system for the first time. So that is a strike against it regarding ease-of-use.

Perhaps part of the problem with cPanel, based on Hartley’s observations, is its strong popularity – which has meant that the company has wanted to be careful about changing any of its functionality because people get used to the system being organized in a certain way, even if it’s not entirely intuitive.

Choosing between cPanel and WHM when you first enter the system is confusing. If you’re trying to set up a website, you might think that WHM seems right, since that is the web hosting management portal. Here was the intuitive flow that Hartley followed, which ended up being frustrating:

  1. Click into Basic cPanel/WHM Setup
  2. Enter default nameservers
  3. No place immediately here to add a domain or proceed through a step-by-step series
  4. Click home
  5. Enter into account details
  6. Enter into configure the server
  7. Enter into multi account functions
  8. Click cPanel link
  9. Scroll down screen – click on create new account
  10. This works.

Hartley views navigation of this system as dreadful. He does point out that for a user who is highly experienced, and especially one who is already familiar with cPanel, the control over the server may be preferable – all in all, though, his thumb is up for Plesk.

I’m going to go out and start flipping a coin for you. Just a second – I need to find a coin. Could I flip a credit card? No, that doesn’t seem right. Maybe I can flip my shoe. No, the weight isn’t unevenly distributed – classic rookie flipper mistake, trying to substitute tiny metal cylinders with footwear. Gosh. It’s time to get laundry quarters anyway.

Perspective 2: Worth of Web

This article looks at the two platforms in terms of five major characteristics: OS support, interface, cost, setup/UX, and migration.

OS Support

Generally speaking, Plesk is favored by Windows users, and cPanel is favored by Linux users. Plesk is gradually catching up regarding its breadth of OS support.

Interface

Everyone likes a GUI that is easy-to-use. Like Hartley, this article argues Plesk is the obvious choice. However, the familiarity of cPanel by itself is compelling – things are “where you expect them to be” if you are a veteran of that control panel.

Cost

This is somewhat of a tossup. cPanel has only one option, which is unlimited and annual. Plesk allows monthly subscribing but is slightly more expensive for small numbers of domains, significantly more expensive for unlimited use (almost double the price).

Setup/UX

This piece again follows some of the same logic regarding setup and intuitive use of the system as did the Locker Gnome piece. It points out two distinct ways in which cPanel is a little tougher to use:

  1. Separation of roles – two different applications for two different types of users. Plesk, on the other hand, allows login from a single position, with administrative entry giving access to a more robust set of features.
  2. Setup – initial setup that is not all in one place, no handholding. Plesk, in contrast, offers a step-by-step process similar to initial download of a new Windows application.

Migration

According to this article, migration is the main difference between the two systems (although it seems that UX and OS friendliness/compatibility are other key ingredients). Migrating to a different server is free with both platforms. Transitioning to a different control panel involves buying advanced migration features for either of the two control panels.

Okay, I’m back from the bank. Yeah, I got a roll of quarters. Sorry it took me so long. I went ahead and started a load of whites too. I use generic detergent because I don’t care if my clothing gets clean. It just makes me feel good to wash it. Anyway, clear off the table for the 199 flips. Move all your interior decoration magazines please.

Perspective 3: Bobcares

This piece, similar to the Worth of Web one, looks at a number of different features for the control panels. However, it divides them up to discuss them one at a time per platform.

cPanel attributes

  • Exceptionally fast load times – Very quick and efficient on the majority of servers. cPanel does not rely on an external database, which greatly improves its performance.
  • Better functionality – cPanel packages that you get through a hosting service will typically contain a stronger set of features. cPanel is better integrated with a wide swath of applications. This integration means that you have more options for easy and efficient operation on it than you do with Plesk.
  • Stronger reseller hosting – Both systems offer reseller hosting, though cPanel’s system is more long-standing and refined. You can create hosting packages, manage accounts, and monitor the usage of resources through the reseller system – simple model and easy access.
  • Linux specificity – Well, this is not entirely true. Enkompass is available for Windows users, but it has not gotten very good reviews.
  • Annoying maintenance – Configuration and security is time-consuming, with regular updating and patching to keep the system free from intrusion.

Okay, let’s see. So, we are at 48 heads and 46 tails, right? Wait a minute, I think we forgot something. Which side stands for which control panel? Otherwise we’re just flipping this thing for no reason. Let’s flip the coin 199 times to determine which side stands for which.

Plesk attributes

  • Allows clustering – This system is easier to use with a number of different servers. You can manage all of them from one GUI. Web servers, database servers, FTP servers, and all other types of servers can all be managed from one central location.
  • Windows friendly – Both major operating systems are supported. Web hosts have access to a fuller spectrum of clientele. The clients themselves can choose between whichever operating system they prefer.
  • Full Windows compatibility – The integration between Plesk and Windows is strong – it’s fully integrated, for instance, with Microsoft SQL Server.
  • Bad third-party compatibility – Plesk is not integrated with many independent apps designed for Linux. Plesk can be used with Linux of course, but it is not nearly as versatile as cPanel is for that OS.
  • Slower loading – Plesk, to put it simply, was not built for speed. It can become particularly slow on Linux servers. Even on very strong servers, Plesk can sometimes require a lot of patience.

Hm, I think we made the same mistake. I’ve flipped the coin 126 times now, and it’s dead even at 63 apiece. However, I can’t remember exactly why we’re flipping the coin – to determine which side is which control panel, but how exactly does that work? I think our logic is a little fuzzy.

Summary & Conclusion

There are certainly pluses and minuses of each system. The basic gist is this:

  • cPanel better for Linux, Plesk better for Windows.
  • Plesk generally easier to use.
  • cPanel generally faster at loading.

Good luck. Let’s stop flipping the coin. I don’t feel like we are getting anywhere. I’m kind of embarrassed for having suggested it. Go back to reading your magazines. As soon as you get your degree, I want 1940s Algerian decor in here. It can be your thesis project or something.

by Kent Roberts and Richard Norwood