Symptoms
-
An attempt to perform one of the following operations in Plesk might fail:
-
Creating a Subscription
-
Changing the password of the main Subscription system user in example.com > Web Hosting Access
-
Deploying an application (e.g., WordPress)
-
Settings Permanent SEO-safe 301 redirect from HTTP to HTTPS at Plesk > Domains > example.com > Hosting settings
The operations might fail with the following error:
Error: no secure shell available
-
Cause
The pre-defined shell set in the file /usr/local/psa/admin/conf/site_isolation_settings.ini overrides the settings configured at the Service Plan level:
# egrep "shell.*=" /usr/local/psa/admin/conf/site_isolation_settings.ini
shell = /bin/bash
Resolution
Note: The solution described in this article needs to be applied by the Plesk server administrator via SSH. If server access is not possible, please contact the service provider.
-
Connect to the server via SSH
-
Back up the configuration file
/usr/local/psa/admin/conf/site_isolation_settings.ini:# cp -a /usr/local/psa/admin/conf/site_isolation_settings.ini{,.backup}
-
Comment out the forced
shellparameter from the configuration file/usr/local/psa/admin/conf/site_isolation_settings.ini:# sed -i.bak 's/shell.*=/;shell =/g' /usr/local/psa/admin/conf/site_isolation_settings.ini
-
Control the SSH access permissions in the corresponding Service Plan or per-subscription:
-
Service Plan: Log in to Plesk GUI > Service Plans > Service Plan Name > Permissions > Management of access to the server over SSH > Can allow access only to a chrooted environment or Can allow access to any type of shell > Update & Sync
-
Subscription: Log in to Plesk GUI > Subscriptions > example.com > Customize (Right-sidebar) > Permissions > Management of access to the server over SSH > Can allow access only to a chrooted environment or Can allow access to any type of shell > Update & Lock
-
-
In case the issue persists, enable the Setup of potentially insecure web scripting options that override provider's policy option in the corresponding Service Plan or per-subscription:
-
Service Plan: Log in to Plesk GUI > Service Plans > Service Plan Name > Permissions > Enable Setup of potentially insecure web scripting options that override provider's policy option > Update & Sync
-
Subscription: Log in to Plesk GUI > Subscriptions > example.com > Customize (Right-sidebar) > Permissions > Enable Setup of potentially insecure web scripting options that override provider's policy option > Update & Lock
-
with