Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - venty

Pages: [1] 2 3 ... 29
1
Installation / Re: I don't receive a single message from root..??
« on: July 04, 2025, 10:29:45 AM »

Hi,

Thank you very much, I understood everything, just one last thing to clarify :)

When going through CWP,  I go to the Postfix Mail Server Manager, and check the box where it is shown in the picture:

https://prnt.sc/TXLDNMUAot9p

In this case, when building the mail server, what exactly add or change in the entries in the main.cf file ?

Many thanks in advance!

BR
Venty

2
Installation / Re: I don't receive a single message from root..??
« on: July 03, 2025, 04:11:17 PM »
Hi,

Is it necessary to add a record to the file main.cf and what is it for:

smtp_helo_name = $myhostname

Thanks in advance!

BR
Venty

3
Mod_Security / Re: OWASP CRS v4.15.0/ v4.16.0 Just Release
« on: July 03, 2025, 04:04:39 PM »

.............

Your configuration paths aren't showing how they where set.
Quote
Include /usr/local/apache/modsecurity-rules/custom-rules/startup/*.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/before/*.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/after/*.conf

/modsecurity-rules/custom-rules/before/global_disabled_rules.conf
has rules needed by CWP.
........................
Hi,

Тhank you very much, I understood everything, just one last thing to clarify:

1. The permanent deactivation or bypass of rules happens again in the file global_disabled_rules.conf, which is in /usr/local/apache/modsecurity-rules/custom-rules/before/?

Thanks in advance!

BR
Venty

4
Installation / Re: I don't receive a single message from root..??
« on: June 29, 2025, 12:48:38 PM »
Hi,

for me :

mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...

and no record smtp_helo_name = $myhostname

and as far as I can tell and test, DKIM works with localhost...

BR
Venty

and in fail main.cf no record: "smtp_helo_name"

5
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 29, 2025, 12:44:08 PM »
Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?

And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie


I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...

BR
Venty

6
Installation / Re: I don't receive a single message from root..??
« on: June 27, 2025, 10:19:53 AM »
Hi,

for me :

mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...

and no record smtp_helo_name = $myhostname

and as far as I can tell and test, DKIM works with localhost...

BR
Venty

and in fail main.cf no record: "smtp_helo_name"

7
Installation / Re: I don't receive a single message from root..??
« on: June 27, 2025, 07:18:29 AM »
Hi,

for me :

mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...

and no record smtp_helo_name = $myhostname

and as far as I can tell and test, DKIM works with localhost...

BR
Venty

8
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 27, 2025, 07:00:27 AM »
Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?

And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie


I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...

BR
Venty

9
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 26, 2025, 03:46:15 PM »
Hi,

Ok, I've done everything for version OWASP CRS v4.15.0, as in these instructions for version OWASP CRS v4.12.0...
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9

Please take a look:

https://prnt.sc/wNgzhHlIyj25
https://prnt.sc/6XE5ZHQpmNXU

How can I be sure that the security mod works with version OWASP CRS v4.15.0 of the rules?

Thanks in advance!

BR
Venty

11
Installation / Re: I don't receive a single message from root..??
« on: June 26, 2025, 02:58:02 PM »
Hi,

In step 4 of https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/dkim-not-working-on-almalinux-9-with-cwp /

you say to add the code:

milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Now in the same article, you say that if we have problems to add the following code :

smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept

What is the difference and which is better?

BR
Venty

12
Installation / Re: I don't receive a single message from root..??
« on: June 26, 2025, 01:26:19 PM »
Hi,

The thing apparently happened when adding the code from step 4 - apparently I copied this code between the main one and the original file by mistake and I wasn't getting the messages...

I put the code back in the original file and then added the code from step 4 and now everything is fine...

BR
Venty

15
Installation / Re: I don't receive a single message from root..??
« on: June 25, 2025, 02:36:30 PM »
Hi,

Thank you very much for the answers...

Solved - I restored the original main.cf

Thanks...

BR
Venty

Pages: [1] 2 3 ... 29