Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1621
SSL / SSL certificate generator bash script
« on: December 01, 2013, 05:50:43 PM »
Here’s a handy shell script for creating SSL certs for use in things like Apache, Exim, Dovecot, etc – it can handle creating a local certificate authority to self-sign as well if you aren’t using an official CA. In typical usage one would run makekey, makecsr and send server.csr to a CA to get signed. After receiving server.crt back, run makedh and makepem to make a nice single PEM file that can be used with most software.
sslkeygen.sh
source:
http://tacticalvim.wordpress.com/2010/06/20/sslkeygen-sh-complete-ssl-cert-creation-helper-script/
One more even better script
gencert.sh
source:
https://gist.github.com/bradland/1690807
sslkeygen.sh
Code: [Select]
#!/bin/sh
if [ $# -lt 2 ]; then
echo "This script takes 2 params"
echo
echo "$0 <mode> <key filename>"
echo
exit 1
fi
SERVER=$2
case "$1" in
makeca)
/usr/bin/openssl genrsa -des3 -out ca.key 4096
/usr/bin/openssl req -new -x509 -days 1825 -key ca.key -out ca.crt
;;
makekey)
/usr/bin/openssl genrsa -des3 2048 > ${SERVER}.key.encrypted
/usr/bin/openssl rsa -in ${SERVER}.key.encrypted -out ${SERVER}.key
;;
makecsr)
if [ ! -f ${SERVER}.key ]; then
echo "${SERVER}.key missing, run \"$0 makekey\" first."
exit 1
fi
/usr/bin/openssl req -new -key ${SERVER}.key -out ${SERVER}.csr
;;
signcrt)
if [ ! -f ca.key ] || [ ! -f ca.crt ]; then
echo "ca.key missing, run \"$0 makeca\" first."
exit 1
fi
if [ ! -f ${SERVER}.csr ]; then
echo "${SERVER}.csr missing, run \"$0 makecsr\" first."
exit 1
fi
/usr/bin/openssl x509 -req -days 1825 -in ${SERVER}.csr -CA ca.crt \
-CAkey ca.key -set_serial 01 -out ${SERVER}.crt
;;
makedh)
/bin/dd if=/dev/urandom of=ssldh.rand count=1 2>/dev/null
/usr/bin/openssl gendh -rand ssldh.rand 512 > ${SERVER}.dh
;;
makepem)
if [ ! -f ${SERVER}.key ]; then
echo "${SERVER}.key missing, run \"$0 makekey\" first."
exit 1
fi
if [ ! -f ${SERVER}.crt ]; then
echo "${SERVER}.crt missing, obtain from CA or run \"$0 signcrt\" first."
exit 1
fi
cat ${SERVER}.key > ${SERVER}.pem
cat ${SERVER}.crt >> ${SERVER}.pem
;;
*)
echo
echo $"Usage: $0 {makeca|makekey|makecsr|signcrt|makedh|makepem} <key filename>"
echo
exit 2
esac
exit 0source:
http://tacticalvim.wordpress.com/2010/06/20/sslkeygen-sh-complete-ssl-cert-creation-helper-script/
One more even better script
gencert.sh
Code: [Select]
#!/bin/bash
# Bash shell script for generating self-signed certs. Run this in a folder, as it
# generates a few files. Large portions of this script were taken from the
# following artcile:
#
# http://usrportage.de/archives/919-Batch-generating-SSL-certificates.html
#
# Additional alterations by: Brad Landers
# Date: 2012-01-27
# Script accepts a single argument, the fqdn for the cert
DOMAIN="$1"
if [ -z "$DOMAIN" ]; then
echo "Usage: $(basename $0) <domain>"
exit 11
fi
fail_if_error() {
[ $1 != 0 ] && {
unset PASSPHRASE
exit 10
}
}
# Generate a passphrase
export PASSPHRASE=$(head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 128; echo)
# Certificate details; replace items in angle brackets with your own info
subj="
C=<COUNTRY>
ST=<STATE>
O=<COMPANY_NAME>
localityName=<CITY>
commonName=$DOMAIN
organizationalUnitName=<DEPARTMENT_NAME>
emailAddress=<ADMIN_EMAIL>
"
# Generate the server private key
openssl genrsa -des3 -out $DOMAIN.key -passout env:PASSPHRASE 2048
fail_if_error $?
# Generate the CSR
openssl req \
-new \
-batch \
-subj "$(echo -n "$subj" | tr "\n" "/")" \
-key $DOMAIN.key \
-out $DOMAIN.csr \
-passin env:PASSPHRASE
fail_if_error $?
cp $DOMAIN.key $DOMAIN.key.org
fail_if_error $?
# Strip the password so we don't have to type it every time we restart Apache
openssl rsa -in $DOMAIN.key.org -out $DOMAIN.key -passin env:PASSPHRASE
fail_if_error $?
# Generate the cert (good for 10 years)
openssl x509 -req -days 3650 -in $DOMAIN.csr -signkey $DOMAIN.key -out $DOMAIN.crt
fail_if_error $?source:
https://gist.github.com/bradland/1690807
1622
Installation / Re: Can't Access Admin Panel After Installation
« on: December 01, 2013, 11:45:59 AM »
try to restart server and if this don't works then contact support on email with your ssh login details
1623
New Modules / Re: How to add custom built module to left menu?
« on: November 30, 2013, 02:36:22 PM »
For now there is no script installer this will be added later.
You can install manual wordpress or if you have some knowlage of php you can make script/wordpress installer.
For script installer you will need to use root/mysql password for making database & database user/pwd, wget latest wordpress installation and extract it and then run installer.
You can install manual wordpress or if you have some knowlage of php you can make script/wordpress installer.
For script installer you will need to use root/mysql password for making database & database user/pwd, wget latest wordpress installation and extract it and then run installer.
1624
E-Mail / Re: E-Main software fof Web Panel
« on: November 19, 2013, 10:57:29 AM »
we are working on new version that will have mysql, email managers for now you have postfixadmin that needs to be installed
New version is expected at end of the month.
New version is expected at end of the month.
1625
Addons / Team Speak 3 - Manager
« on: November 13, 2013, 10:08:46 PM »
TeamSpeak3 control panel module
We don't support TeamSpeak anymore and we also don't recommend others to use it.
Reason: If you get late with the payment you could get a penalty of $100 or more.
Now you can easily install TeamSpeak3 server with one click in CentOS WebPanel.
TeamSpeak3 control panel Features
- install & delete server (with one click)
- start, stop, restart & check teamspeak3 server status (with one click)
- display query admin login details and token (encrypted data for security)
How to install and start TS3 server?
Check that you do not have ts3 user installed on your linux system as TeamSpeak3 server creates ts3 user and runs server under ts3 username.
1. Click on install TeamSpeak3 server button
2. Click on start TeamSpeak3 server button
3. After you started Team Speak 3 server you can click on Check Admin Data button to get admin login details
*Admin login details are encrypted for security but they are all the time available by clicking on Check Admin Data button.
How to delete TeamSpeak3 server and ts3 user?
1. Click on Stop TeamSpeak 3 server button.
2. Click on Delete Team Speak 3 server button.
*this will delete server files and remove ts3 user from the server.
How to Team Speak3 module to CentOS-WebPanel menu?
It’s easy, go to include folder and make new file named 3rdparty.php ,in this file you add links one per line.
eg.
<a href="index.php?module=ts3_manager">TS3 Manager</a>
Files are included in installations from version 0.2
We don't support TeamSpeak anymore and we also don't recommend others to use it.
Reason: If you get late with the payment you could get a penalty of $100 or more.
Now you can easily install TeamSpeak3 server with one click in CentOS WebPanel.
TeamSpeak3 control panel Features
- install & delete server (with one click)
- start, stop, restart & check teamspeak3 server status (with one click)
- display query admin login details and token (encrypted data for security)
How to install and start TS3 server?
Check that you do not have ts3 user installed on your linux system as TeamSpeak3 server creates ts3 user and runs server under ts3 username.
1. Click on install TeamSpeak3 server button
2. Click on start TeamSpeak3 server button
3. After you started Team Speak 3 server you can click on Check Admin Data button to get admin login details
*Admin login details are encrypted for security but they are all the time available by clicking on Check Admin Data button.
How to delete TeamSpeak3 server and ts3 user?
1. Click on Stop TeamSpeak 3 server button.
2. Click on Delete Team Speak 3 server button.
*this will delete server files and remove ts3 user from the server.
How to Team Speak3 module to CentOS-WebPanel menu?
It’s easy, go to include folder and make new file named 3rdparty.php ,in this file you add links one per line.
eg.
<a href="index.php?module=ts3_manager">TS3 Manager</a>
Files are included in installations from version 0.2
1626
Information / Version 0.2 BUG
« on: November 13, 2013, 09:58:34 PM »
Version 0.2 has litle mistake it's displays as version 0.1, this problem will be fixed with version 0.3
Version 0.3 is expected to be published at 01/12/2013.
Upgrade option will be avaliable in your Control Panel when new version is released.
CRON Bug
Cron Autoupdate and Backups don't works in version 0.1 - 0.2 you need to chmod +x cron file
chmod +x /etc/cron.daily/webpanel
Version 0.3 is expected to be published at 01/12/2013.
Upgrade option will be avaliable in your Control Panel when new version is released.
CRON Bug
Cron Autoupdate and Backups don't works in version 0.1 - 0.2 you need to chmod +x cron file
chmod +x /etc/cron.daily/webpanel
1627
Installation / Re: How to update CentOS Web Panel
« on: November 12, 2013, 09:10:14 PM »
When new version will be avaliable then you can update it,
for now there is only version 0.2 but it's displayed as 0.1
version 0.3 is comming at end of this month with many new features.
for now there is only version 0.2 but it's displayed as 0.1
version 0.3 is comming at end of this month with many new features.
1628
Installation / Re: How to install CentOS Web Panel?
« on: November 10, 2013, 06:35:15 AM »
for now nginx is used only for displaying CWP, but you can configure it to and add it as proxy for apache if you want.
With some new versions maybe we will add this option, but there is a lot of other work for now.
With some new versions maybe we will add this option, but there is a lot of other work for now.
1629
DNS / Securing BIND with DNSSEC on EL6 and bind 9
« on: November 07, 2013, 08:40:15 PM »
How to Secure BIND with DNSSEC on EL6 ( CentOS 6 )
https://www.crc.id.au/configuring-dnssec-on-el6-and-bind-9/
https://www.crc.id.au/configuring-dnssec-on-el6-and-bind-9/
1630
DNS / securing DNS server BIND (open DNS resolver)
« on: November 06, 2013, 09:27:44 PM »
Simple way to secure dns server using one line comand.
Bind 9.x Authoritative
For BIND 9.x authoritative servers, apply the following global options, config file /etc/named.conf :
Bind 9.x Caching
For BIND 9.x caching servers, additionally create access control lists and use "views" to explicitly permit a limited set of source addresses from your trusted network issue queries to your caching server:
Code: [Select]
sed -i 's/recursion yes/recursion no/g' /etc/named.conf
Bind 9.x Authoritative
For BIND 9.x authoritative servers, apply the following global options, config file /etc/named.conf :
Code: [Select]
options {
recursion no;
additional-from-cache no;
};Bind 9.x Caching
For BIND 9.x caching servers, additionally create access control lists and use "views" to explicitly permit a limited set of source addresses from your trusted network issue queries to your caching server:
Code: [Select]
# example only, replace 192.0.2.0/24 a list of your CIDR blocks
acl "trusted" {
192.0.2.0/24;
};
options {
recursion no;
additional-from-cache no;
allow-query { none; };
};
view "trusted" in {
match-clients { trusted; };
allow-query { trusted; };
recursion yes;
additional-from-cache yes;
};
1631
New Modules / Re: How to add custom built module to left menu?
« on: November 02, 2013, 09:35:24 PM »
You can add modules only under 3rdParty!
How to new module to CentOS-WebPanel menu?
It’s easy, go to /etc/webpanel/panel/include folder and make new file named 3rdparty.php ,in this file you add links one per line.
eg.
<a href=”index.php?module=test2″>TEST 2</a>
<a href=”index.php?module=test3″>TEST 3</a>
reload web panel and module will be added to the menu.
Mudule file needs to uploaded in /etc/webpanel/panel/modules folder
if filename is my_module.php then in menu you need to set link as this example without extension
<a href=”index.php?module=my_module″>TEST 3</a>
How to new module to CentOS-WebPanel menu?
It’s easy, go to /etc/webpanel/panel/include folder and make new file named 3rdparty.php ,in this file you add links one per line.
eg.
<a href=”index.php?module=test2″>TEST 2</a>
<a href=”index.php?module=test3″>TEST 3</a>
reload web panel and module will be added to the menu.
Mudule file needs to uploaded in /etc/webpanel/panel/modules folder
if filename is my_module.php then in menu you need to set link as this example without extension
<a href=”index.php?module=my_module″>TEST 3</a>
1632
MySQL / Re: Affter restart of mysql web panel don't works?
« on: November 02, 2013, 03:51:55 PM »
You need to connect to ssh and check problem with mysql if mysql don't works.
if mysql don't works centos web panel restarts automaticly myslq but if there is problem with mysql then you need to check this problem.
you can use ssh command and check for error that you get
service mysqld restart
if mysql don't works centos web panel restarts automaticly myslq but if there is problem with mysql then you need to check this problem.
you can use ssh command and check for error that you get
service mysqld restart
1633
E-Mail / How to track and stop outgoing SPAM?
« on: November 01, 2013, 08:50:06 PM »
How to track and stop outgoing SPAM?
For outgoing mail you can track it with this script
save file as: spam_track.sh
If you find that spam sender is php user than you can track this user and PHP SPAM file location with script
save file as: php_spam_track.sh
run script: php_spam_track.sh
Check posible spam files
Download script
wget http://cbl.abuseat.org/findbot.pl
Run script
perl findbot.pl FOLDER_LOCATION
eg. perl findbot.pl /home/testuser1/public_html
For outgoing mail you can track it with this script
save file as: spam_track.sh
Code: [Select]
while true
do
sudo lsof -i | grep smtp
sleep 5
donerun script: sh spam_track.shIf you find that spam sender is php user than you can track this user and PHP SPAM file location with script
save file as: php_spam_track.sh
Code: [Select]
while true
do
ps -aux|grep USERNAME
sleep 1
donedon't forget to replace USERNAME in script with username you think sends spam!run script: php_spam_track.sh
Check posible spam files
Download script
wget http://cbl.abuseat.org/findbot.pl
Run script
perl findbot.pl FOLDER_LOCATION
eg. perl findbot.pl /home/testuser1/public_html
1634
CentOS 6 Problems / Re: panel not working
« on: November 01, 2013, 06:50:30 AM »
first you need to check that your internet provider don't blocks ports except web port eg. 80, 443
if your ports are not blocked then you can try to restart server.
if your ports are not blocked then you can try to restart server.
1635
CentOS-WebPanel GUI / Re: What are login details for web panel?
« on: November 01, 2013, 06:47:54 AM »
Login details if you have installed CentOS WebPanel for first time are:
login link is: http://SERVER_IP:2030
username: root
password: admin123
You need to change this password on your first login for security reasons.
login link is: http://SERVER_IP:2030
username: root
password: admin123
You need to change this password on your first login for security reasons.
