Category Archives: Tips & Tricks

Major Price Reductions on Popular Domain Name Extensions

 

To help you be more successful in your business, we have made major price reductions on many of the most popular domain name extensions and numerous complementary online services. Whether you are an existing Parallels Domain Name Network reseller or want to join, you can now get the most competitive rates available.

 

Here are just a few examples of the new price cuts:

 

 

By signing up through Parallels Domain Name Network reseller program, you can enjoy all the benefits of being an eNom reseller without paying any setup fees! Sign-up for free to get volume-based pricing, access to 24/7 eNom tech support, a dedicated account manager, and easy-to-use tools to manage and grow your business. Sign up.

 

If you already have a Parallels Domain Name Network Account, you can benefit even more. For the first time ever, we are offering a special $8.88/year rate on .COM transfers until 12/31/2013. Consolidate your portfolio now to save money on every .COM transferred to eNom. Transfer now or contact sales at sales@enom.com.


Are You Out of the Loop?

 

Parallels offers Service Providers an easy, effective way to receive important news and information – the Parallels Service Provider Subscription Center.

 

Through the Subscription Center, you can select opt-in email subscriptions customized to your needs.

 

Choose from:

  • Security and Technical Product Updates – information on critical issues, security notifications, important fixes and product releases
  • Parallels Service Provider Newsletter – a monthly e-newsletter providing the latest service provider news, helpful tools, support tips and tricks and other valuable information
  • Product News and Updates – news about product features and enhancements, new developments, learning opportunities and special offers

For these Parallels product groups:

– Parallels Plesk Panel, Parallels Plesk Automation and related products
– Parallels Web Presence Builder
– Parallels Cloud Server, Parallels Cloud Storage and Parallels Containers
– Parallels Business Automation Standard
– Parallels Automation

 

We encourage everyone in your organization to sign up for the type of news that is relevant to them. After all, when something is so good, why not share it with those you love work with?

 

Head on over to the Parallels Subscription Center and subscribe today. It only takes 2 minutes, and you’ll be glad you did!

 

 

Variation of previously reported vulnerability in older versions of Parallels Plesk Panel

 

A variation is being reported of a previously-reported zero-day vulnerability in older versions of Parallels Plesk Panel. Since the original vulnerability was first reported, the majority of Parallels Plesk Panel customers took the necessary steps to upgrade to a non-vulnerable version of the product.

 

Today only 4% of servers running Parallels Plesk Panel are potentially impacted. This means 96% of Parallels Plesk Panel servers have been updated to a non-vulnerable version of Parallels Plesk Panel.

 

If you are still running Parallels Plesk Panel 9.0 to 9.2, please take the action to upgrade today. There are multiple version options to upgrade to in order to help you secure and protect your customers.

 

How to upgrade

+ The best version to upgrade to is Parallels Plesk Panel 11.0. It has been available for over a year and is the version with the highest deployment rate, lowest support cost, best performance and, of course, highest security.

+ On June 13, 2013, Parallels will launch Parallels Plesk Panel 11.5. This new version will come with additional usability, performance and security benefits.

+ If you cannot upgrade to the latest version, you can update now to Parallels Plesk Panel 9.5.4. This is a direct upgrade through the AutoInstaller. On June 13 you can then upgrade to version 11.5.

 

If you are unable to upgrade at this time, you can apply a script to automatically update your Parallels Plesk Panel for Linux 9.0-9.2.3 server.  You can download that script (wrapper.zip) from the “Attachments” section of http://kb.parallels.com/116241.

 

Details about the vulnerability

 

This vulnerability is not new.  It is a variation of the long-known CVE-2012-1823 vulnerability related to the CGI mode of PHP in selected older and end-of-life versions of Parallels Plesk Panel. The exploit for this vulnerability uses a combination of two issues:

 

+ PHP vulnerability CVE-2012-1823 related to CGI mode used in older versions of Parallels Plesk Panel (http://kb.parallels.com/en/113818)

+ Parallels Plesk Panel phppath script alias usage in Parallels Plesk Panel versions 9.0-9.2

 

All currently supported versions of Parallels Plesk Panel 9.5.4, 10.x and 11.x, as well as Parallels Plesk Automation, are NOT vulnerable. Also, Parallels Plesk Panel 8.x (now end-of-life) is NOT vulnerable.

 

There also are some additional resources to insure that your Parallels Plesk Panel installation is secure, and malware, if present, is removed:

 

+ Parallels has created a comprehensive page on securing Parallels Plesk Panel at http://kb.parallels.com/en/114396

+ Parallels has created a malware removal tool at http://kb.parallels.com/en/115025

 

To stay on top of Parallels security communications please subscribe to our support e-mails by clicking here, subscribe to our RSS feed here and add our Knowledge Base browser plug-in here

 

Adam Bogobowicz, Sr. Director of Product Marketing