Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - iraqiboy90

Pages: 1 [2] 3 4 ... 18
16
MySQL / Re: phpMyAdmin Bruteforce From 127.0.0.1 ??
« on: December 20, 2022, 12:32:57 AM »
/usr/local/cwpsrv/conf/cwp_services.conf
/usr/local/cwpsrv/conf/cwpsrv.conf

I think these files will be reset with every CWP auto update. Double check to see if your edit is still there after an update. If it's not there anymore, you should look into another way of blocking these attempts WITHOUT editing CWP files.

I advice taking a look into fail2ban and its filters or create a filter in fail2ban that works with these attempts. Fail2ban can be told to read a specific log file and take actions based on the activity going on there.
Remember to change fail2ban's ban method to (So it will work correctly in conjunction with CWP firewall manager):

Code: [Select]
banaction = csf
banaction_allports = csf

and create file '/etc/fail2ban/action.d/csf.conf'
and add this to file:
Code: [Select]
# fail2ban action config for csf deny / unblock IP
# /etc/fail2ban/action.d/csf.conf

[Definition]
actionstart =
actionstop =
actioncheck =

# to deny an IP and add to /etc/csf/csf.deny
#actionban = csf -d <ip> Fail2ban - <name> [<bantime> seconds]
actionban = csf -td <ip> <bantime> -p <port> Fail2ban - <name>

# to unblock an IP and remove from /etc/csf/csf.deny
actionunban = csf -tr <ip>

[Init]
name = default


17
Installation / Re: Rocky Linux 8 too Rocky??
« on: December 20, 2022, 12:22:05 AM »
my question is regardless of what linux distro you have running.
I watched your video. You're getting a 403 error message and your file browser fails to load the directory of that subdomain.
Have you tried opening up that folder with an FTP client or manually with ssh and see if there is any .htaccess file?

18
E-Mail / Re: Email filters in CWP Web Panel?
« on: December 20, 2022, 12:10:36 AM »
If you have access to the root server with ssh then do this:

Disclaimer: This will have result on the entire server, not just for one domain like you asked for.

Edit postfix main.cf and add this under smtpd_sender_restrictions
Code: [Select]
check_sender_access hash:/etc/postfix/sender_accessCreate file '/etc/postfix/sender_access'
Add this to the file:
Code: [Select]
/\.TLD$/ REJECTor
Code: [Select]
/\.TLD$/ 550 BlacklistedThe second one will send a "550 Blacklisted" error message to the sender

Then run command:
Code: [Select]
postmap /etc/postfix/sender_access
then restart postfix

This will block the TLD from ever getting the message sent to your server.


OR

if you want for one domain/email account, I advice opening up the mail account with roundcube and edit the filter from there. The filter manager on CWP has been buggy in the past (user/file permissions issues), though I'm not sure if it's been fixed.

Here's an example:


and change actions to "delete message".
This will not block it, but it will delete it. Filters don't block. Filters works because it first has to receive the message to know what to do with it.

19
DNS / Re: going crazy please help!
« on: June 02, 2022, 09:19:18 AM »
Be careful to double check that nothing on the server itself (not the VMs) uses port 80, 443, DNS and any other port you are using on the VMs.
Double check that the firewall of the server does not block these as well. I've seen some conflict going on with someone else that has a server running multiple VMs since he only have one public IP for everything.

20
CentOS-WebPanel Bugs / Re: cron.daily falsely reporting problem
« on: May 02, 2022, 07:07:45 PM »
what OS is this?

21
This is actually one of the first questions I had when joining this forum for the first time.
https://forum.centos-webpanel.com/index.php?topic=11602.msg39624#msg39624

So, it should be included in your notes to remove the "any" account after installing a new server.

22
DKIM / Re: no DKIM record for any Domain [SOLVED]
« on: April 29, 2022, 05:01:15 AM »
I think this is a false positive thing that opendkim-tools solves the problem. I don't have this installed.

What you needed to do was enable DKIM in the email configuration and rebuild. Then if the DKIM records are in not present in the DNS records, then you just rebuild the DNS record or all of them with:
Code: [Select]
/usr/local/cwp/php71/bin/php /scripts/cwp_api account rebuild_var_named_all
it's like drinking apple juice for being dehydrated. You didn't need the apple part, you needed the water.. It wasn't the apple part that solved your problem.

23
E-Mail / Re: too much mail from
« on: April 28, 2022, 01:27:09 PM »
can you paste the exact error message of this limit warning from the logs?

24
CentOS 7 Problems / Re: PHP Defender/snuffleupagus fecks up PHP
« on: April 20, 2022, 11:27:27 PM »
I have tried today to install it too, on a CWP Pro 0.9.8.1135, Rocky Linux 8.5, Webserver main Nginx,varnish,apache, and site config is nginx, php-fpm. I tried the basic php defender configuration and i got 502 bad getaway error. If i delete the config and reload the page it`s working.

Check the error domlogs for which rule is making you get a 502, and then remove/disable that specific rule or whitelist the specific file that is getting flagged by snuffleupagus

25
Information / Re: Posfix Increase Attachment size
« on: April 13, 2022, 09:54:09 PM »
Not sure how, probably hard coded, but attachment size in Roundcube will always be 75% of what $config['max_message_size'] is. The rest of 25% is for the rest of the message, like the text.

Remember that there are other settings restricting bigger file sizes, like php.ini of the php that is controlling CWP and Roundcube, the htaccess file that's inside the roundcube folder, and the main.cf settings restricting the total message size.

26
Is it possible that the virus is irrelevant in a linux environment?
By the way, ESET (aka NOD32) is an old antivirus that's used to be popular but then concluded with just being bad and provides a lot of false positives. I wouldn't recommend taking the result of this antivirus any seriously. Use other reputable anti viruses.

27
Postfix / Re: how to stop spam
« on: April 13, 2022, 12:18:08 AM »
i change port 25 to 26

There is no such thing as changing port 25 to something else. It will not matter.
No email server accepts sending to any other email server on anything other than port 25.
To close port 25, just simply block it with the firewall.

Try looking into these links:
simple info:
http://wiki.centos-webpanel.com/tracking-php-script-spam
http://wiki.centos-webpanel.com/track-spam-infected-scripts

28
Updates / Re: CWP repo issue
« on: April 12, 2022, 10:08:08 PM »
fixed it by:
Code: [Select]
dnf reinstall centos-stream-repos
dnf update centos-gpg-keys

then reapply the stable repo
Code: [Select]
sh /scripts/el8_stream_convert_to_cwp_stable

29
Updates / CWP repo issue
« on: April 12, 2022, 11:10:41 AM »
Hello

Im getting this message trying to update my Centos 8 Stream Delayed
Code: [Select]
Problem: problem with installed package centos-stream-repos-8-4.el8.noarch
  - package centos-stream-repos-8-4.el8.noarch requires centos-gpg-keys = 1:8-4.el8, but none of the providers can be installed
  - cannot install both centos-gpg-keys-1:8-5.el8.noarch and centos-gpg-keys-1:8-4.el8.noarch
  - cannot install the best update candidate for package centos-gpg-keys-1:8-4.el8.noarch
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

I managed to update the rest with "--nobest", but this last package is having problems.

Anyone else having the same problem?

30
CentOS Configuration / Re: server time : timezone not applied
« on: April 05, 2022, 11:28:03 AM »
if this is a centos distro, try this:
https://linuxize.com/post/how-to-set-or-change-timezone-on-centos-7/

If this doesnt help. Try removing the cronjob from the panel and add it manually through the command line "crontab -e". This will make the cron run as root

also confirm your issue by manually checking the "modified time" with an FTP dedicated client or through the command line.
also confirm in the cron logs what time the cron is running (/var/log/cron)

you will need to come at this from several angles to confirm/fix your issue.

Pages: 1 [2] 3 4 ... 18