Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - martexx

Pages: [1]
1
Apache / include file
« on: March 02, 2017, 04:02:13 PM »
Please create interface in GUI for end user to edit vhost

# Include "/usr/local/apache/conf/userdata/%username%/%domain_name%/*.conf

2
Information / add domains to same user account folder structure
« on: March 02, 2017, 03:52:53 PM »
Hi

When adding new domain the default is to use the default public_html folder.

I would suggest to make the folder structure as such:

/home/user/domains/XXX.TLD/public_html/

In that way u have a default and files outside of the webroot still can easily be placed in the right domain folder if belonging to specific domain,
its easy to implement in the function into existing folder creation upon adding domain.

3
CSF Firewall / csf issues
« on: February 24, 2017, 09:45:06 PM »
the default install of csf seems to lack the regex.pm file and thus does not filter imap, pop 3 and such.
I posted this on the configserver forum already

But that means that we are not secure by default

i also notices that the regex used by cwp in regex.custom.pm to block failed login to cwp is not correct anymore.
On an updated system the regex does not catch the failed logins for as far as i can see

(maybe my problem ))

4
Information / redirect all requests and non www to http://www.
« on: February 24, 2017, 01:41:33 PM »
In 2017 someone may require secure connections as its good, and especially for SEO

There is now visual way to achieve this in cwp

lets asume u use apache

disable any redirect u may have right now as they will interfere with the lets encrypt module
so in vhost.conf or .htaccess remove any redirects

But only for the domain u dont use or want to change
delete the folders in
 /etc/letsencrypt/live
 /etc/letsencrypt/archive
 /etc/letsencrypt/renewal

Then via the cwp gui create the certificates again with the www alias checked

Now add in  /usr/local/apache/conf.d/vhosts-ssl-letsencrypt.conf (per domain)
or in .htaccess in webroot of domain (per domain)

Or add
RewriteOptions InheritDown
RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

to httpd.conf (then all domains will redirect to https://www.

5
Information / install and configure Spamassassin
« on: February 24, 2017, 11:53:53 AM »
It seems that spamassasin gets installed by centos web panel but not used.

To enable it do the following on your own risk!:

(Im on Centos 6, clean install)

yum -y update
yum -y install spamassassin
groupadd spamfilter
useradd -g spamfilter -s /bin/false -d /usr/local/spamassassin spamfilter
chown spamfilter: /usr/local/spamassassin

echo "## Required_hits: This determines the filter balance; the lower the score the more aggressive the filter.
# A setting of 5.0 is generally effective for a small organisation or a single user.
# Adjust the strictness score to your organization's needs - a large medical organisation might want  to let email items
# through that are trying to sell pharmaceuticals, so we might increase the level to a more modest 8.0.
required_hits 5
## Report_safe:  This line determines whether to delete the item or to move the item to the inbox whilst appending
# a spam notice to the subject line. The levels for this line are set to either a 1 or 0. A score of 1 will delete the spam item,
# whereas a score of 0 will send the item to the inbox and rewrite the subject line.
report_safe 0
rewrite_header Subject [**SPAM**]
## Required_score: This line sets the spam score for all email allowed through to your domain, with levels of certainty set from 0 to 5.
# Zero would be classified as a legitimate email item, whereas 5 would be an definite 'SPAM' item.  If we set the score to 3 we would catch a
# lot of unsolicited emails but quite a few false positives would still get through. For our example email server we will use the score of 5,
# but you can of course set this value according to your preference.
required_score 5.0" > /etc/mail/spamassassin/local.cf


echo "# Options to spamd
SAHOME="/usr/local/spamassassin"
SPID_DIR="/var/run/spamassassin"
SUSER="spamfilter"
SPAMDOPTIONS="-d -c -m5 --username ${SUSER} -H ${SAHOME} -s ${SAHOME}/spamfilter.log" > /etc/sysconfig/spamassassin

service spamassassin start
chkconfig spamassassin on


#edit /etc/postfix/master.cf and replace:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ***** Unused items removed *****
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
  -o content_filter=smtp-amavis:127.0.0.1:10024
  -o receive_override_options=no_address_mappings
#
## Enable SMTP on port 587 only for authenticated/TLS clients
submission inet n       -       n       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject


#With :

#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ***** Unused items removed *****
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
  -o content_filter=smtp-amavis:127.0.0.1:10024
  -o receive_override_options=no_address_mappings
smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin
spamassassin unix -     n       n       -       -       pipe user=spamfilter argv=/usr/bin/spamc -f -e  /usr/sbin/sendmail -oi -f ${sender} ${recipient}


#
## Enable SMTP on port 587 only for authenticated/TLS clients
submission inet n       -       n       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

save the file and then restart postfix



To test if SpamAssassin actually works, you can simply send an email with subject XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X to some of your email accounts (from an external one!) and once the email is received, check itís headers and you should notice something like this:

X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=1000.0 required=5.0 tests=GTUBE,RCVD_IN_DNSWL_NONE,
    TVD_SPACE_RATIO autolearn=no version=3.3.1
....
This means that SpamAssassin is doing itís job.

Maybe the developer can inlcude smth like this to his setup when installing, or just dont install spamassassin ))

6
Information / location of letsencrypt vhost template wanted
« on: February 23, 2017, 08:06:46 PM »
hi

i am searching for the location of the letsencrypt ssl vhost template so that i can add a redirect to them

7
Information / php Date Time
« on: February 23, 2017, 07:40:45 PM »
on new install Roundcube does  not show date and time as the timezone is not set in php.ini
please fix the installer so that its fixed on install or ask for input after install

8
CentOS-WebPanel GUI / ssl vhost config with lets encrypt
« on: February 23, 2017, 03:14:14 PM »
hi

it would be nice to have a visual editor for the ssl vhosts templates.
If u use lets encrypt the vhosts are written but not easily editable.
I wanted to rewrite all requests to https://www. and could not find where to do it.

Now to do it manually it should happen in /usr/local/apache/conf.d/vhosts-ssl-letsencrypt.conf  but that seems not to be templates so would get overwritten with an update.

is there a simple way to edit that configuration or did i miss a point?

i cant seem to find the templates file locations

Pages: [1]