Messages

1

CentOS 9 Problems / Re: The mail-SSL doesn't work

« on: September 15, 2024, 07:36:37 PM »

According to the provided log records there are no errors. The log records say the message from "

Code: [Select]

root@vmi1911643.contaboserver.net" was accepted and delivered to "

Code: [Select]

root@vmi1911643.contaboserver.net".

Your previous screeshot indicates you sends emails from the email address like "

Code: [Select]

noreply@...."

Send one more email using your application/script and then check logs again to be sure you check the correct mail records.

vmi1911643.contaboserver.net in this case is the hostname...I didn't changed it. Is the default one from my hosting provider...
the last logo show the settings with TLS that you gave me with port 465..
I want to use SSL, with port 587 but I don't know how to remove the SSL from mail as you told me to do as a solution.

2

CentOS 9 Problems / Re: The mail-SSL doesn't work

« on: September 15, 2024, 06:59:20 PM »

You use port 587 (unsecure SMTP). So you need to disable "SSL" support in your mail application. The mail session will be secured automatically after the command "STARTTLS" (see logs).

In case you want to explicit TLS session. Then you need to use the port 465.

If I use 465 I get this eror:

Code: [Select]

Sep 15 20:54:13 vmi1911643 postfix/pickup[162519]: 5AACBA401FE: uid=0 from=<root>
Sep 15 20:54:13 vmi1911643 postfix/cleanup[168525]: 5AACBA401FE: message-id=<20240915185413.5AACBA401FE@vmi1911643.contaboserver.net>
Sep 15 20:54:13 vmi1911643 postfix/qmgr[10331]: 5AACBA401FE: from=<root@vmi1911643.contaboserver.net>, size=733, nrcpt=1 (queue active)
Sep 15 20:54:13 vmi1911643 postfix/local[168534]: 5AACBA401FE: to=<root@vmi1911643.contaboserver.net>, orig_to=<root>, relay=local, delay=0.24, delays=0.2/0.03/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)
Sep 15 20:54:13 vmi1911643 postfix/qmgr[10331]: 5AACBA401FE: removedAnd the message is not sent.

Can you tell me how I remove the SSL for mail?
If I come here, and press apply will not remove, doesn't work: https://ibb.co/JyVPvxj

3

CentOS 9 Problems / The mail-SSL doesn't work

« on: September 15, 2024, 06:22:37 PM »

Hi Guys,

I have a problem sending emails, my configurations are:
https://ibb.co/kXrHPzY

And doesn't work to send emails, I have the SSL activated and I get those errors:

Code: [Select]

Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: connect from vmi1911643.contaboserver.net[86.48.7.222]
Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: warning: TLS SNI from vmi1911643.contaboserver.net[86.48.7.222] is invalid: 86.48.7.222
Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: SSL_accept error from vmi1911643.contaboserver.net[86.48.7.222]: -1
Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: warning: TLS library problem: error:0A000418:SSL routines::tlsv1 alert unknown ca:ssl/record/rec_layer_s3.c:1600:SSL alert number 48:
Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: lost connection after STARTTLS from vmi1911643.contaboserver.net[86.48.7.222]
Sep 15 20:05:26 vmi1911643 postfix/smtpd[22674]: disconnect from vmi1911643.contaboserver.net[86.48.7.222] ehlo=1 starttls=0/1 commands=1/2
Sep 15 20:08:47 vmi1911643 postfix/anvil[22676]: statistics: max connection rate 1/60s for (submission:86.48.7.222) at Sep 15 20:05:26
Sep 15 20:08:47 vmi1911643 postfix/anvil[22676]: statistics: max connection count 1 for (submission:86.48.7.222) at Sep 15 20:05:26
Sep 15 20:08:47 vmi1911643 postfix/anvil[22676]: statistics: max cache size 1 at Sep 15 20:05:26
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: connect from vmi1911643.contaboserver.net[86.48.7.222]
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: warning: TLS SNI from vmi1911643.contaboserver.net[86.48.7.222] is invalid: 86.48.7.222
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: SSL_accept error from vmi1911643.contaboserver.net[86.48.7.222]: -1
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: warning: TLS library problem: error:0A000418:SSL routines::tlsv1 alert unknown ca:ssl/record/rec_layer_s3.c:1600:SSL alert number 48:
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: lost connection after STARTTLS from vmi1911643.contaboserver.net[86.48.7.222]
Sep 15 20:13:24 vmi1911643 postfix/smtpd[24953]: disconnect from vmi1911643.contaboserver.net[86.48.7.222] ehlo=1 starttls=0/1 commands=1/2
I really don't know how to solve, I read some topics from different forums but nothing work...
I have those settings for other websites that I have and work very well, like the default stuff from Cpanel...but for this script doesn't work at all.
Please heeeelp
Thank you!

4

CentOS 9 Problems / Re: mod_security not allow to upload files

« on: September 15, 2024, 01:56:51 PM »

Make sure the rule is disabled, make a new attempt to upload the file and then check the error log file of the website:

Code: [Select]

/usr/local/apache/domlogs/domlogs/DOMAIN.COM.error_log
if the new attempt fails.

I solve it!
Was from 2 option settings, I had to add in mod_security.conf

Thank you!

5

CentOS 9 Problems / mod_security not allow to upload files

« on: September 15, 2024, 06:54:21 AM »

Hi,
When I enable mod_security with Comodo WAF, when I try to upload files on my website I get this from website script:
https://ibb.co/ccFthQB
But my PHP upload limit is higher then the file that I want to upload...is like mod_Security ignore the php settings.

I don't get any errors in mod_security log... just this one:

 

Code: [Select]

ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "86.48.7.222"] [uri "/.env"] [unique_id "ZuXGOVr11PHxbzo61HtErgAAAIY"]
But I disabled the rules for id 210492...and now I don't get this error anymore, nothing in the logs...when I disable mod_security is working to upload files...
Someone know from where it is?

Thank you!

6

CentOS 9 Problems / Re: How to allow domain in firewall?

« on: September 14, 2024, 05:58:21 PM »

Hi,

It should be:

Code: [Select]

/etc/csf/csf.dyndnsAdditionally read and update the section "Global Lists/DYNDNS/Blocklists" of the file:

Code: [Select]

/etc/csf/csf.confaccording to your requirements.

Don't forget to restart CSF when the changes are done.

I am just a f noob, I don't know how to do it.
I read the readme.txt but here it say :

Code: [Select]

# TCP connections inbound to port 22 from Dynamic DNS address
# www.configserver.com (for use in csf.dyndns only)
tcp|in|d=22|s=www.configserver.comI don't get it where I should put it.

Can you give me an example where to add endpoint.domain.com for all the traffic? Pleasee

7

CentOS 9 Problems / How to allow domain in firewall?

« on: September 14, 2024, 05:11:52 PM »

Hi Guys,

I have a problem on my server.
I have a file hosting website with S3 Compatible Cloud Object Storage, but when I enabled the firewall the files are not transferred to that cloud storage because the endpoint (domain) is blocked by the firewall.
Where I should white listed the domain for example endpoint.domain.com in the firewall to be able to allow all ingoing and outgoing from that domain ?

Thank you!

8

Mod_Security / Re: Forbidden access to the email confirmation link

« on: August 26, 2024, 05:03:53 AM »

Was id 210730
You are the best, now is working.

Thank you for the support!

9

Mod_Security / Forbidden access to the email confirmation link

« on: August 25, 2024, 08:06:35 PM »

Hi guys,

I have a problem, when I enable the mod_security module, when new username register on my website and they get email with link confirmation like this one:
https://ibb.co/kgNSWL8
If they access the link confirmation (when mod security is enabled with those options: https://ibb.co/r5YRPs0) they get forbidden access like this: https://ibb.co/85VtTG4 and the account is not activated.
If I disable mod_security the link working with no problem.

Can someone help me with this problem please?

10

CSF Firewall / Re: How can I give automatically the permission to visitors to upload files

« on: August 02, 2024, 12:36:39 PM »

CSF won't block a PHP script from uploading to your server, and you can control the max upload file size in the php.ini.

CWP pretty well has the FTP server locked down, so doing anonymous FTP uploads or downloads isn't really feasible.
I looked into trying to get anonymous FTP downloads working for our mirror servers, and gave up.

Giving anyone anonymous upload access to a server is just inviting trouble though.

I have antiviruses on my server, is not a problem this, but my website is a share video online so cannot restrict access to people to upload videos...

11

CSF Firewall / Re: How can I give automatically the permission to visitors to upload files

« on: August 01, 2024, 03:47:13 PM »

pure-ftpd is very flexible to configure. You can enable anonymous users, allow just upload, change the umask of uploaded files, etc. You could exempt it from the CSF firewall, too as an ignored process. Or are you wanting to use a web form to upload files?

I like the idea with CSF, how I except it from CSF firewall? Where I need to go and with option ?
Just for you guys to know, I started 2 days ago to work with the firewall (on linux).

12

CSF Firewall / Re: I cannot upload files when I enable the firewall

« on: August 01, 2024, 02:13:14 PM »

Maybe lookup the IP allocation, and you can just whitelist that.

You can use https://myip.ms/

Enter 1 IP, and it will give you that IP upstream block (e.g. /24, /16, etc.)

As long as they don't have IP scattered, that should be the easiest way.

I managed because they gave me a list of all the IPs

13

CSF Firewall / How can I give automatically the permission to visitors to upload files

« on: August 01, 2024, 01:29:52 PM »

Hi again guys,

I come with my last unsolved problem that I couldn't find on internet or I don't know how I should search for.
My business and system details are in this post https://forum.centos-webpanel.com/csf-firewall/i-cannot-upload-files-when-i-enable-the-firewall/

I want to know how can I give access to firewall to visitors only to be able to upload videos on my website.
At this moment I am the only one that can upload videos because I put my IP into the white list in firewall, otherwise is not possible at this moment.

So my questions is, how can I do others visitors/registered users to be able to upload videos into my video share website?

Would be great if someone know this 

Thank you!!

14

CSF Firewall / Re: I cannot upload files when I enable the firewall

« on: August 01, 2024, 01:25:12 PM »

Fair 

The problem was that I use a cloud through FTP to storage the videos, I don't store them in my VPS, so all the 400 IP's that the cloud firm have for their server I had to put them in the white list.
Otherwise the videos couldn't be uploaded.

15

CSF Firewall / Re: I cannot upload files when I enable the firewall

« on: August 01, 2024, 11:12:10 AM »

I have another questions if someone can help me with that:

I can upload videos only if my IP is on the white list, good.
But what I should do with the other visitators/registered users on my website that want to upload videos by their own?
How I could set the restrictions as people to be able to upload videos without being added to white list ?

Would be great if someone know this.