Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - overseer

Pages: 1 ... 18 19 [20] 21 22 ... 57
286
How to / Re: how to secure CentOS server using CWP features
« on: August 18, 2023, 02:37:54 AM »
Make sure you have DKIM/DMARC set up:
https://www.youtube.com/watch?v=DiYoUltNszU
Are your SPF records correct?
SASL authentication required?
Are any of your accounts compromised (with weak passwords)? Check your log files and look for suspicious activity.
Do you have any insecure scripts that use php's mail function?
Are you blocking spammy countries (CN,RU,KP) with the CSF firewall?

288
Do you mind starting your own thread to address your particular problem? It seems off-topic to the Polkit error addressed in this thread.

289
CentOS 7 Problems / Re: Email gets sent to gmail junk
« on: August 17, 2023, 10:35:52 PM »
Use Google's Postmaster Tools:
https://gmail.com/postmaster/
Getting started guide:
https://support.google.com/mail/answer/9981691?hl=en

Do you have valid a rDNS / PTR record for your server, set up by your provider? It's absolutely critical for mail delivery.

290
For Unix ODBC:
Code: [Select]
--with-pdo-odbc=unixODBC,/usr/localOr are you wanting IBM DB2 or generic ODBC flavors?
https://www.php.net/manual/en/ref.pdo-odbc.php

291
CentOS-WebPanel GUI / Re: CWP Pro not activated after changing IP
« on: August 15, 2023, 02:39:16 PM »
Did you try temporarily disabling your CSF firewall?
I had a problem like yours 2-3 years ago and a regular support request resolved it in 24 hours. Maybe support lead times have slipped.

(As for the other suggestion, a new pro license to CWP is cheaper than paying for premium support...)

292
CentOS 7 Problems / Re: PHP version Switcher not working
« on: August 10, 2023, 11:51:12 PM »
Good to know the nuclear option works! Nuke php, then reinstall.
Or pay the devs a few shekels and get a much better PHP switcher, or better yet, use php-fpm for maximum performance and flexibility.

293
CentOS 7 Problems / Re: CWP7-PR0+wordpress+Plugin WebP
« on: August 10, 2023, 11:49:34 PM »
If you do try to DIY, then start by following this Nginx recipe:
https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/
I run several WP installs using this basic recipe, with perhaps only a few small tweaks. And as Starbust intimated, I would suggest removing Varnish from your toolchain. It only adds complexity for relatively little benefit, unless you have fast storage or ample RAM to throw at caching. I usually recommend people only use if they really, really need to milk that last 10-20% out of their server and have the resources to throw at it. Better is a WP cache paired with Cloudflare, but that's best done after the install & development phase when you transition over to performance tuning.

294
CentOS-WebPanel GUI / Re: Cannot create new mailbox CWP USER GUI
« on: August 08, 2023, 10:30:50 PM »
Are you able to see the domain in the root_cwp DB under the domains table? Also, are the e-mail accounts present in the postfix DB, under the domain and/or mailbox table? There could be an illegal/unsanitized character in one that is causing the web GUI display to bomb out.

295
E-Mail / Re: rogue script using php mail function
« on: August 08, 2023, 01:07:19 PM »
Head slap -- yes, I forget about to mention that one because I have php mailer functionality disabled on all my servers as a matter of course during setup. To me it's lazy coding and from a bygone era to rely on the convenience but total lack of accountability and compartmentalization with the php mail function. I require all clients to create a dedicated outbound SMTP user which they can then plug in those authentication details into whatever CMS or contact form requires outbound mail sending. So then you have accountability and proper logging, as well as proper postscreen controls and rate limits in place with Postfix.

296
CentOS-WebPanel GUI / Re: Cannot create new mailbox CWP USER GUI
« on: August 07, 2023, 11:37:57 PM »
What OS distribution & version? I haven't seen this under CentOS 7.9.

297
E-Mail / Re: There is a CWP server vulnerability. Please help me.
« on: August 07, 2023, 06:54:35 PM »
Maybe in the other thread you should just post your whole main.cf and master.cf so we can take a look and offer suggestions. Have you followed the AWS Monster guide to hardening Postfix with CWP? Are you running SpamAssassin?

298
The trailing "permit" isn't necessary, strictly speaking, because there's an earlier "permit_mynetworks.". I just put it there because it makes it clear that whatever passes the earlier "check" and "reject" tests will be permitted.

FYI, you need an API key to use zen.spamhaus.org these days, so you need to obtain one and reconfigure that line. Right now it's not benefiting you at all. Here's a few suggested tweaks:
Code: [Select]
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unlisted_recipient
reject_unauth_destination
check_client_access hash:/etc/postfix/rbl_override
check_recipient_access regexp:/etc/postfix/recipient_checks
check_helo_access hash:/etc/postfix/helo_checks
check_sender_access hash:/etc/postfix/sender_checks
check_client_access hash:/etc/postfix/client_checks
reject_rbl_client cn.country.spameatingmonkey.net
reject_rbl_client kp.country.spameatingmonkey.net
reject_rbl_client ng.country.spameatingmonkey.net
reject_rbl_client ru.country.spameatingmonkey.net
reject_rbl_client dnsbl.sorbs.net
reject_rbl_client b.barracudacentral.org
reject_rbl_client bl.spamcop.net
reject_rhsbl_sender dsn.rfc-clueless.org

299
Information / Re: Unknown user in cwp user quota
« on: August 07, 2023, 02:00:49 PM »
You should delete them from a shell -- they are just vestiges from the migration that the quota module is picking up on.

300
CentOS-WebPanel GUI / Re: Cannot create new mailbox CWP USER GUI
« on: August 07, 2023, 01:59:31 PM »
As a test, can you add it from the CWP Admin side (rather than the user panel)?

Pages: 1 ... 18 19 [20] 21 22 ... 57