Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation / Re: I don't receive a single message from root..??
« on: July 04, 2025, 10:29:45 AM »Hi,
Thank you very much, I understood everything, just one last thing to clarify
When going through CWP, I go to the Postfix Mail Server Manager, and check the box where it is shown in the picture:
https://prnt.sc/TXLDNMUAot9p
In this case, when building the mail server, what exactly add or change in the entries in the main.cf file ?
Many thanks in advance!
BR
Venty
2
Installation / Re: I don't receive a single message from root..??
« on: July 03, 2025, 04:11:17 PM »
Hi,
Is it necessary to add a record to the file main.cf and what is it for:
smtp_helo_name = $myhostname
Thanks in advance!
BR
Venty
Is it necessary to add a record to the file main.cf and what is it for:
smtp_helo_name = $myhostname
Thanks in advance!
BR
Venty
3
Mod_Security / Re: OWASP CRS v4.15.0/ v4.16.0 Just Release
« on: July 03, 2025, 04:04:39 PM »Hi,
.............
Your configuration paths aren't showing how they where set.QuoteInclude /usr/local/apache/modsecurity-rules/custom-rules/startup/*.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/before/*.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/after/*.conf
/modsecurity-rules/custom-rules/before/global_disabled_rules.conf
has rules needed by CWP.
........................
Тhank you very much, I understood everything, just one last thing to clarify:
1. The permanent deactivation or bypass of rules happens again in the file global_disabled_rules.conf, which is in /usr/local/apache/modsecurity-rules/custom-rules/before/?
Thanks in advance!
BR
Venty
4
Installation / Re: I don't receive a single message from root..??
« on: June 29, 2025, 12:48:38 PM »Hi,
for me :
mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...
and no record smtp_helo_name = $myhostname
and as far as I can tell and test, DKIM works with localhost...
BR
Venty
and in fail main.cf no record: "smtp_helo_name"
5
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 29, 2025, 12:44:08 PM »Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/
From your screen shot, it looks like you stopped somewhere before Step 8.
In your owasp.conf, you want it to have those only those 3 lines listed:
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf
I can login and do this real quick if you want.
Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?
And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie
I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...
BR
Venty
6
Installation / Re: I don't receive a single message from root..??
« on: June 27, 2025, 10:19:53 AM »Hi,
for me :
mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...
and no record smtp_helo_name = $myhostname
and as far as I can tell and test, DKIM works with localhost...
BR
Venty
and in fail main.cf no record: "smtp_helo_name"
7
Installation / Re: I don't receive a single message from root..??
« on: June 27, 2025, 07:18:29 AM »
Hi,
for me :
mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...
and no record smtp_helo_name = $myhostname
and as far as I can tell and test, DKIM works with localhost...
BR
Venty
for me :
mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...
and no record smtp_helo_name = $myhostname
and as far as I can tell and test, DKIM works with localhost...
BR
Venty
8
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 27, 2025, 07:00:27 AM »Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/
From your screen shot, it looks like you stopped somewhere before Step 8.
In your owasp.conf, you want it to have those only those 3 lines listed:
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf
I can login and do this real quick if you want.
Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?
And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie
I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...
BR
Venty
9
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 26, 2025, 03:46:15 PM »
Hi,
Ok, I've done everything for version OWASP CRS v4.15.0, as in these instructions for version OWASP CRS v4.12.0...
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9
Please take a look:
https://prnt.sc/wNgzhHlIyj25
https://prnt.sc/6XE5ZHQpmNXU
How can I be sure that the security mod works with version OWASP CRS v4.15.0 of the rules?
Thanks in advance!
BR
Venty
Ok, I've done everything for version OWASP CRS v4.15.0, as in these instructions for version OWASP CRS v4.12.0...
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9
Please take a look:
https://prnt.sc/wNgzhHlIyj25
https://prnt.sc/6XE5ZHQpmNXU
How can I be sure that the security mod works with version OWASP CRS v4.15.0 of the rules?
Thanks in advance!
BR
Venty
10
Mod_Security / Re: Status engine is currently disabled, enable it by set SecStatusEngine to On..
« on: June 26, 2025, 03:37:21 PM »
11
Installation / Re: I don't receive a single message from root..??
« on: June 26, 2025, 02:58:02 PM »
Hi,
In step 4 of https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/dkim-not-working-on-almalinux-9-with-cwp /
you say to add the code:
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
Now in the same article, you say that if we have problems to add the following code :
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
What is the difference and which is better?
BR
Venty
In step 4 of https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/dkim-not-working-on-almalinux-9-with-cwp /
you say to add the code:
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
Now in the same article, you say that if we have problems to add the following code :
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
What is the difference and which is better?
BR
Venty
12
Installation / Re: I don't receive a single message from root..??
« on: June 26, 2025, 01:26:19 PM »
Hi,
The thing apparently happened when adding the code from step 4 - apparently I copied this code between the main one and the original file by mistake and I wasn't getting the messages...
I put the code back in the original file and then added the code from step 4 and now everything is fine...
BR
Venty
The thing apparently happened when adding the code from step 4 - apparently I copied this code between the main one and the original file by mistake and I wasn't getting the messages...
I put the code back in the original file and then added the code from step 4 and now everything is fine...
BR
Venty
13
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 26, 2025, 01:20:31 PM »You can use this guide, just change the version number.
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9/
Hi,
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/owasp-crs-ruleset-update-to-4-12-0-running-cwp-and-apache-on-almalinux-8-9
step 5 - Is it okay?
BR
Venty
14
Installation / Re: I don't receive a single message from root..??
« on: June 25, 2025, 03:29:24 PM »15
Installation / Re: I don't receive a single message from root..??
« on: June 25, 2025, 02:36:30 PM »
Hi,
Thank you very much for the answers...
Solved - I restored the original main.cf
Thanks...
BR
Venty
Thank you very much for the answers...
Solved - I restored the original main.cf
Thanks...
BR
Venty
