Recent Posts

21

Mod_Security / Re: OWASP CRS v4.15.0 Just Release

« Last post by overseer on June 29, 2025, 02:20:57 PM »

Why do you quote your posts that are directly above with nothing new to add?

22

Installation / Re: I don't receive a single message from root..??

« Last post by overseer on June 29, 2025, 02:18:36 PM »

I don't have the directive on my CWP servers, nor on a dedicated server I maintain. These are the closest I have:

Code: [Select]

# smtpd_helo_restrictions
smtpd_helo_restrictions =
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_helo_required = yes

23

Installation / Re: I don't receive a single message from root..??

« Last post by venty on June 29, 2025, 12:48:38 PM »

Hi,

for me :

mydestination = $myhostname = name.hostname.com
where name.hostname.com is replaced with my ...

and no record smtp_helo_name = $myhostname

and as far as I can tell and test, DKIM works with localhost...

BR
Venty

and in fail main.cf no record: "smtp_helo_name"

24

Mod_Security / Re: OWASP CRS v4.15.0 Just Release

« Last post by venty on June 29, 2025, 12:44:08 PM »

Did you follow the initial link at the top of the article and update ModSecurity to 2.9.8?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-2-9-8-running-cwp-and-apache-on-almalinux-8-9/

From your screen shot, it looks like you stopped somewhere before Step 8.

In your owasp.conf, you want it to have those only those 3 lines listed:

Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/crs-setup.conf
Include /usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.12.0/rules/*.conf
Include /usr/local/apache/modsecurity-rules/custom-rules/global_disabled_rules.conf

I can login and do this real quick if you want.

Hi,
To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... To perform the update to 2.9.8, but after installation of mod security and updating to 2.9.8, everything is OK, I have the entry "ModSecurity for Apache/2.9.8 (http://www.modsecurity.org/) configured.", but I also have the entry "ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On."... What should I do..?

And then perform all the steps, not only up to step 8, please see:
https://prnt.sc/KeSRfdW2nphb
https://prnt.sc/eXDRn9GCDBlx
https://prnt.sc/FN0twkI-TC-A
https://prnt.sc/dyXLr7rwtqK7
https://prnt.sc/-9TIbLitg9ie


I'm sure you'll do it quickly, but let me struggle, someone figure it out, please ...

BR
Venty

25

PHP / PHP Warning: PHP Startup: Unable to load dynamic library 'intl'

« Last post by Starburst on June 28, 2025, 11:40:09 PM »

You know it's usually bad when I ask a question.

Getting the error:

PHP Warning:  PHP Startup: Unable to load dynamic library 'intl' (tried: /usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20190902/intl (/usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20190902/intl: cannot open shared object file: No such file or directory), /usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20190902/intl.so (/usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20190902/intl.so: cannot open shared object file: No such file or directory)) in Unknown on line 0

Intl is now built-in to PHP, tried building PHP even without the extension, and am still getting the error, which is weird.

Anyone have any thoughts?

@cyberspace

26

Installation / Re: Which os to choose?

« Last post by Starburst on June 28, 2025, 10:03:58 AM »

Just keep the server updated with updates using:

Code: [Select]

dnf --refresh update
If you are going to use Apache, just make sure it the latest version, as well as the ionCube loaders.
CWP only install 12.x, and 14.4.1 is the current version out.

Use the CWP Wiki and Forums (here).

Gotta toot my own horn, you also can use Knowledge Bases like starburst.help, and I think InMotion has a good CWP KB.
Another great source is AlphaGNU.com

27

Installation / Re: Which os to choose?

« Last post by its_me_rbk on June 28, 2025, 02:32:05 AM »

I've updated MariaDB to 10.11.13. Is there anything apart from this to be updated? If someone can provide everything in a single message, it'll be useful for everyone who views this thread.

28

How to / Re: Installing ARC on ALMA 8/9

« Last post by Starburst on June 28, 2025, 01:11:20 AM »

I just looked at a test email from our domain name to a google account, and it has ARC headers. 


FOIA - I'll see your header, and raise you a Sharpie... 

And I'm not using rspamd or OpenARC

29

How to / Re: [Howto] Install Rspamd

« Last post by overseer on June 27, 2025, 07:00:00 PM »

Note there is one formatting error in the first part of the instructions above (these two were grouped together in the instructions but are separate files/code blocks):

- file /etc/rspamd/local.d/worker-proxy.inc

Code: [Select]

bind_socket = "127.0.0.1:11332";
milter = yes;
timeout = 120s;
upstream "local" {
 default = yes;
 self_scan = yes;
}

- file /etc/rspamd/local.d/logging.inc

Code: [Select]

type = "file";
filename = "/var/log/rspamd/rspamd.log";
level = "error";
debug_modules = [];

30

How to / Re: Installing ARC on ALMA 8/9

« Last post by overseer on June 27, 2025, 06:56:57 PM »

Just note one formatting error in his instructions (these two were grouped together in his instructions but are separate files):

- file /etc/rspamd/local.d/worker-proxy.inc

Code: [Select]

bind_socket = "127.0.0.1:11332";
milter = yes;
timeout = 120s;
upstream "local" {
 default = yes;
 self_scan = yes;
}

- file /etc/rspamd/local.d/logging.inc

Code: [Select]

type = "file";
filename = "/var/log/rspamd/rspamd.log";
level = "error";
debug_modules = [];