This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
16
Postfix / Mail spamming or attack?
« on: April 30, 2016, 08:27:51 AM »
Hello everyone, I guess my VPS getting attacked by spammer. I noticed that within few hours time my mail log consists of numerous mail attempts from spammer.
My VPS has 2 core CPU with 4GB RAM; and has the clamav, spamassasin, amavis, & csf installed.
Anyone has the idea to get rid of this issue? Thanks.
My VPS has 2 core CPU with 4GB RAM; and has the clamav, spamassasin, amavis, & csf installed.
Anyone has the idea to get rid of this issue? Thanks.
Quote
Apr 29 21:50:19 server postfix/smtpd[20419]: disconnect from host-92-27-2-84.static.as13285.net[92.27.2.84]
Apr 29 21:50:20 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from LStLambert-657-1-68-104.w80-13.abo.wanadoo.fr[80.13.44.104]: 454 4.7.1 Service unavailable; Client host [80.13.44.104] blocked using dnsbl.sorbs.net; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml?80.13.44.104; from=<> to=<Marrero_Cecil@domain.com> proto=ESMTP helo=<EX16.SUR-INTERNET.COM>
Apr 29 21:50:21 server postfix/smtpd[20416]: disconnect from LStLambert-657-1-68-104.w80-13.abo.wanadoo.fr[80.13.44.104]
Apr 29 21:50:24 server postfix/smtpd[20419]: connect from exchange.swissfilms.ch[213.200.251.180]
Apr 29 21:50:25 server postfix/smtpd[20419]: setting up TLS connection from exchange.swissfilms.ch[213.200.251.180]
Apr 29 21:50:25 server postfix/smtpd[20416]: connect from mail.sadler.at[80.123.104.70]
Apr 29 21:50:25 server postfix/smtpd[20419]: Anonymous TLS connection established from exchange.swissfilms.ch[213.200.251.180]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:25 server postfix/smtpd[20709]: connect from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:25 server postfix/smtpd[20416]: setting up TLS connection from mail.sadler.at[80.123.104.70]
Apr 29 21:50:26 server postfix/smtpd[20709]: setting up TLS connection from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:26 server policyd-spf[20494]: None; identity=helo; client-ip=213.200.251.180; helo=exchange.swissfilms.ch; envelope-from=<>; receiver=numbers_danial@domain.com
Apr 29 21:50:26 server postfix/smtpd[20419]: NOQUEUE: reject: RCPT from exchange.swissfilms.ch[213.200.251.180]: 450 4.1.1 <numbers_danial@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<numbers_danial@domain.com> proto=ESMTP helo=<exchange.swissfilms.ch>
Apr 29 21:50:26 server postfix/smtpd[20416]: Anonymous TLS connection established from mail.sadler.at[80.123.104.70]: TLSv1 with cipher AES128-SHA (128/128 bits)
Apr 29 21:50:26 server postfix/smtpd[20709]: Anonymous TLS connection established from dataclarityinc.com[96.255.180.21]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:26 server postfix/smtpd[20718]: connect from smtpmail.mih.org.uk[82.69.46.97]
Apr 29 21:50:26 server postfix/smtpd[20419]: disconnect from exchange.swissfilms.ch[213.200.251.180]
Apr 29 21:50:27 server policyd-spf[20721]: None; identity=helo; client-ip=96.255.180.21; helo=nassaugrouper.dataclarityinc.com; envelope-from=<>; receiver=penn_jewell@domain.com
Apr 29 21:50:27 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from dataclarityinc.com[96.255.180.21]: 450 4.1.1 <Penn_Jewell@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Penn_Jewell@domain.com> proto=ESMTP helo=<NassauGrouper.DataClarityinc.com>
Apr 29 21:50:27 server policyd-spf[20723]: None; identity=helo; client-ip=80.123.104.70; helo=mail.sadler.at; envelope-from=<>; receiver=knox_gretchen@domain.com
Apr 29 21:50:27 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from mail.sadler.at[80.123.104.70]: 450 4.1.1 <Knox_Gretchen@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Knox_Gretchen@domain.com> proto=ESMTP helo=<mail.sadler.at>
Apr 29 21:50:27 server postfix/smtpd[20709]: disconnect from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:27 server postfix/smtpd[20718]: setting up TLS connection from smtpmail.mih.org.uk[82.69.46.97]
Apr 29 21:50:27 server postfix/smtpd[20416]: disconnect from mail.sadler.at[80.123.104.70]
Apr 29 21:50:28 server postfix/smtpd[20718]: Anonymous TLS connection established from smtpmail.mih.org.uk[82.69.46.97]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:28 server policyd-spf[20725]: None; identity=helo; client-ip=82.69.46.97; helo=smtpmail.mih.org.uk; envelope-from=<>; receiver=ott_dawn@domain.com
Apr 29 21:50:29 server postfix/smtpd[20718]: NOQUEUE: reject: RCPT from smtpmail.mih.org.uk[82.69.46.97]: 450 4.1.1 <Ott_Dawn@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Ott_Dawn@domain.com> proto=ESMTP helo=<smtpmail.mih.org.uk>
Apr 29 21:50:29 server postfix/smtpd[20718]: disconnect from smtpmail.mih.org.uk[82.69.46.97]
Apr 29 21:50:30 server postfix/smtpd[20419]: connect from unknown[110.4.44.55]
Apr 29 21:50:30 server postfix/smtpd[20419]: NOQUEUE: reject: RCPT from unknown[110.4.44.55]: 450 4.7.1 Client host rejected: cannot find your hostname, [110.4.44.55]; from=<info@trainingzone.com.my> to=<cyrus@domain.com> proto=ESMTP helo=<server1trainingzonecommy>
Apr 29 21:50:30 server postfix/smtpd[20419]: disconnect from unknown[110.4.44.55]
Apr 29 21:50:30 server postfix/smtpd[20709]: connect from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:31 server postfix/smtpd[20709]: setting up TLS connection from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:31 server postfix/smtpd[20709]: Anonymous TLS connection established from dataclarityinc.com[96.255.180.21]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:31 server policyd-spf[20721]: None; identity=helo; client-ip=96.255.180.21; helo=nassaugrouper.dataclarityinc.com; envelope-from=<>; receiver=penn_jewell@domain.com
Apr 29 21:50:31 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from dataclarityinc.com[96.255.180.21]: 450 4.1.1 <Penn_Jewell@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Penn_Jewell@domain.com> proto=ESMTP helo=<NassauGrouper.DataClarityinc.com>
Apr 29 21:50:31 server policyd-spf[20721]: None; identity=helo; client-ip=96.255.180.21; helo=nassaugrouper.dataclarityinc.com; envelope-from=<>; receiver=penn_jewell@domain.com
Apr 29 21:50:31 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from dataclarityinc.com[96.255.180.21]: 450 4.1.1 <Penn_Jewell@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Penn_Jewell@domain.com> proto=ESMTP helo=<NassauGrouper.DataClarityinc.com>
Apr 29 21:50:32 server postfix/smtpd[20419]: warning: 88.98.35.173: hostname c.fairfieldhigh.tameside.sch.uk verification failed: Name or service not known
Apr 29 21:50:32 server postfix/smtpd[20419]: connect from unknown[88.98.35.173]
Apr 29 21:50:32 server postfix/smtpd[20709]: disconnect from dataclarityinc.com[96.255.180.21]
Apr 29 21:50:32 server postfix/smtpd[20419]: setting up TLS connection from unknown[88.98.35.173]
Apr 29 21:50:33 server postfix/smtpd[20419]: Anonymous TLS connection established from unknown[88.98.35.173]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:33 server postfix/smtpd[20419]: NOQUEUE: reject: RCPT from unknown[88.98.35.173]: 450 4.7.1 Client host rejected: cannot find your hostname, [88.98.35.173]; from=<> to=<Bowden_Jeanie@domain.com> proto=ESMTP helo=<exchange.fairfieldhs.local>
Apr 29 21:50:34 server postfix/smtpd[20419]: disconnect from unknown[88.98.35.173]
Apr 29 21:50:40 server postfix/smtpd[20718]: connect from mail.medizin-hst.de[92.79.186.50]
Apr 29 21:50:40 server postfix/smtpd[20416]: connect from mona.bmstech.com.au[203.33.248.10]
Apr 29 21:50:40 server postfix/smtpd[20416]: setting up TLS connection from mona.bmstech.com.au[203.33.248.10]
Apr 29 21:50:41 server postfix/smtpd[20718]: setting up TLS connection from mail.medizin-hst.de[92.79.186.50]
Apr 29 21:50:41 server postfix/smtpd[20416]: Anonymous TLS connection established from mona.bmstech.com.au[203.33.248.10]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:41 server policyd-spf[20723]: None; identity=helo; client-ip=203.33.248.10; helo=mail.bmstech.com.au; envelope-from=<>; receiver=raymond_elmo@domain.com
Apr 29 21:50:41 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from mona.bmstech.com.au[203.33.248.10]: 450 4.1.1 <Raymond_Elmo@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Raymond_Elmo@domain.com> proto=ESMTP helo=<mail.bmstech.com.au>
Apr 29 21:50:41 server postfix/smtpd[20718]: Anonymous TLS connection established from mail.medizin-hst.de[92.79.186.50]: TLSv1 with cipher AES128-SHA (128/128 bits)
Apr 29 21:50:41 server policyd-spf[20723]: None; identity=helo; client-ip=203.33.248.10; helo=mail.bmstech.com.au; envelope-from=<>; receiver=raymond_elmo@domain.com
Apr 29 21:50:41 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from mona.bmstech.com.au[203.33.248.10]: 450 4.1.1 <Raymond_Elmo@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Raymond_Elmo@domain.com> proto=ESMTP helo=<mail.bmstech.com.au>
Apr 29 21:50:42 server postfix/smtpd[20416]: disconnect from mona.bmstech.com.au[203.33.248.10]
Apr 29 21:50:42 server policyd-spf[20725]: None; identity=helo; client-ip=92.79.186.50; helo=mail.medizin-hst.de; envelope-from=<>; receiver=cummins_susie@domain.com
Apr 29 21:50:42 server postfix/smtpd[20718]: NOQUEUE: reject: RCPT from mail.medizin-hst.de[92.79.186.50]: 450 4.1.1 <Cummins_Susie@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Cummins_Susie@domain.com> proto=ESMTP helo=<mail.medizin-hst.de>
Apr 29 21:50:43 server postfix/smtpd[20718]: disconnect from mail.medizin-hst.de[92.79.186.50]
Apr 29 21:50:56 server postfix/smtpd[20709]: connect from polara1.lnk.telstra.net[165.228.174.43]
Apr 29 21:50:56 server postfix/smtpd[20416]: connect from static-198-181.grapevine.transact.net.au[121.127.198.181]
Apr 29 21:50:57 server postfix/smtpd[20416]: setting up TLS connection from static-198-181.grapevine.transact.net.au[121.127.198.181]
Apr 29 21:50:57 server postfix/smtpd[20709]: setting up TLS connection from polara1.lnk.telstra.net[165.228.174.43]
Apr 29 21:50:57 server postfix/smtpd[20416]: Anonymous TLS connection established from static-198-181.grapevine.transact.net.au[121.127.198.181]: TLSv1 with cipher AES128-SHA (128/128 bits)
Apr 29 21:50:57 server postfix/smtpd[20419]: connect from exchange.leupamed.at[80.123.184.238]
Apr 29 21:50:57 server postfix/smtpd[20709]: Anonymous TLS connection established from polara1.lnk.telstra.net[165.228.174.43]: TLSv1 with cipher AES128-SHA (128/128 bits)
Apr 29 21:50:57 server policyd-spf[20723]: None; identity=helo; client-ip=121.127.198.181; helo=remote.patriotalliance.com.au; envelope-from=<>; receiver=robles_robt@domain.com
Apr 29 21:50:57 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from static-198-181.grapevine.transact.net.au[121.127.198.181]: 450 4.1.1 <Robles_Robt@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Robles_Robt@domain.com> proto=ESMTP helo=<remote.patriotalliance.com.au>
Apr 29 21:50:58 server postfix/smtpd[20419]: setting up TLS connection from exchange.leupamed.at[80.123.184.238]
Apr 29 21:50:58 server postfix/smtpd[20416]: disconnect from static-198-181.grapevine.transact.net.au[121.127.198.181]
Apr 29 21:50:58 server policyd-spf[20721]: None; identity=helo; client-ip=165.228.174.43; helo=mail.orbitaltraffic.com.au; envelope-from=<>; receiver=howe_shelley@domain.com
Apr 29 21:50:58 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from polara1.lnk.telstra.net[165.228.174.43]: 450 4.1.1 <Howe_Shelley@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Howe_Shelley@domain.com> proto=ESMTP helo=<mail.orbitaltraffic.com.au>
Apr 29 21:50:58 server postfix/smtpd[20718]: connect from static-84-9-16-58.vodafonexdsl.co.uk[84.9.16.58]
Apr 29 21:50:58 server postfix/smtpd[20419]: Anonymous TLS connection established from exchange.leupamed.at[80.123.184.238]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:58 server policyd-spf[20721]: None; identity=helo; client-ip=165.228.174.43; helo=mail.orbitaltraffic.com.au; envelope-from=<>; receiver=howe_shelley@domain.com
Apr 29 21:50:58 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from polara1.lnk.telstra.net[165.228.174.43]: 450 4.1.1 <Howe_Shelley@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Howe_Shelley@domain.com> proto=ESMTP helo=<mail.orbitaltraffic.com.au>
Apr 29 21:50:58 server postfix/smtpd[20416]: connect from static-100-0-172-19.bstnma.fios.verizon.net[100.0.172.19]
Apr 29 21:50:58 server policyd-spf[20721]: None; identity=helo; client-ip=165.228.174.43; helo=mail.orbitaltraffic.com.au; envelope-from=<>; receiver=howe_shelley@domain.com
Apr 29 21:50:58 server postfix/smtpd[20709]: NOQUEUE: reject: RCPT from polara1.lnk.telstra.net[165.228.174.43]: 450 4.1.1 <Howe_Shelley@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Howe_Shelley@domain.com> proto=ESMTP helo=<mail.orbitaltraffic.com.au>
Apr 29 21:50:58 server postfix/smtpd[20718]: setting up TLS connection from static-84-9-16-58.vodafonexdsl.co.uk[84.9.16.58]
Apr 29 21:50:59 server postfix/smtpd[20797]: connect from diy2247803.lnk.telstra.net[139.130.128.94]
Apr 29 21:50:59 server postfix/smtpd[20416]: setting up TLS connection from static-100-0-172-19.bstnma.fios.verizon.net[100.0.172.19]
Apr 29 21:50:59 server postfix/smtpd[20709]: disconnect from polara1.lnk.telstra.net[165.228.174.43]
Apr 29 21:50:59 server postfix/smtpd[20718]: Anonymous TLS connection established from static-84-9-16-58.vodafonexdsl.co.uk[84.9.16.58]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:59 server policyd-spf[20494]: None; identity=helo; client-ip=80.123.184.238; helo=exchange.leupamed.at; envelope-from=<>; receiver=hendricks_garth@domain.com
Apr 29 21:50:59 server postfix/smtpd[20419]: NOQUEUE: reject: RCPT from exchange.leupamed.at[80.123.184.238]: 450 4.1.1 <Hendricks_Garth@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Hendricks_Garth@domain.com> proto=ESMTP helo=<exchange.leupamed.at>
Apr 29 21:50:59 server postfix/smtpd[20797]: setting up TLS connection from diy2247803.lnk.telstra.net[139.130.128.94]
Apr 29 21:50:59 server postfix/smtpd[20416]: Anonymous TLS connection established from static-100-0-172-19.bstnma.fios.verizon.net[100.0.172.19]: TLSv1 with cipher AES256-SHA (256/256 bits)
Apr 29 21:50:59 server policyd-spf[20494]: None; identity=helo; client-ip=80.123.184.238; helo=exchange.leupamed.at; envelope-from=<>; receiver=hendricks_garth@domain.com
Apr 29 21:50:59 server postfix/smtpd[20419]: NOQUEUE: reject: RCPT from exchange.leupamed.at[80.123.184.238]: 450 4.1.1 <Hendricks_Garth@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Hendricks_Garth@domain.com> proto=ESMTP helo=<exchange.leupamed.at>
Apr 29 21:50:59 server postfix/smtpd[20797]: Anonymous TLS connection established from diy2247803.lnk.telstra.net[139.130.128.94]: TLSv1 with cipher AES128-SHA (128/128 bits)
Apr 29 21:51:00 server policyd-spf[20725]: None; identity=helo; client-ip=84.9.16.58; helo=server2008.surveyassociatesltd.local; envelope-from=<>; receiver=peterson_jackson@domain.com
Apr 29 21:51:00 server postfix/smtpd[20718]: NOQUEUE: reject: RCPT from static-84-9-16-58.vodafonexdsl.co.uk[84.9.16.58]: 450 4.1.1 <Peterson_Jackson@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Peterson_Jackson@domain.com> proto=ESMTP helo=<server2008.surveyassociatesltd.local>
Apr 29 21:51:00 server policyd-spf[20723]: None; identity=helo; client-ip=100.0.172.19; helo=rxa-srv1.rxadvance.com; envelope-from=<>; receiver=jack_rosemarie@domain.com
Apr 29 21:51:00 server postfix/smtpd[20416]: NOQUEUE: reject: RCPT from static-100-0-172-19.bstnma.fios.verizon.net[100.0.172.19]: 450 4.1.1 <Jack_Rosemarie@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Jack_Rosemarie@domain.com> proto=ESMTP helo=<RXA-SRV1.RxAdvance.com>
Apr 29 21:51:00 server postfix/smtpd[20419]: disconnect from exchange.leupamed.at[80.123.184.238]
Apr 29 21:51:00 server postfix/smtpd[20709]: connect from remote.lowercolumbiacap.org[74.85.50.138]
Apr 29 21:51:00 server postfix/smtpd[20416]: disconnect from static-100-0-172-19.bstnma.fios.verizon.net[100.0.172.19]
Apr 29 21:51:00 server postfix/smtpd[20718]: disconnect from static-84-9-16-58.vodafonexdsl.co.uk[84.9.16.58]
Apr 29 21:51:00 server postfix/smtpd[20709]: setting up TLS connection from remote.lowercolumbiacap.org[74.85.50.138]
Apr 29 21:51:00 server policyd-spf[20808]: None; identity=helo; client-ip=139.130.128.94; helo=mail.diytiles.com.au; envelope-from=<>; receiver=drake_emil@domain.com
Apr 29 21:51:00 server postfix/smtpd[20797]: NOQUEUE: reject: RCPT from diy2247803.lnk.telstra.net[139.130.128.94]: 450 4.1.1 <Drake_Emil@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<> to=<Drake_Emil@domain.com> proto=ESMTP helo=<mail.diytiles.com.au>
Apr 29 21:51:00 server postfix/smtpd[20709]: Anonymous TLS connection established from remote.lowercolumbiacap.org[74.85.50.138]: TLSv1 with cipher AES256-SHA (256/256 bits)
17
SSL / Re: Short Let's Encrypt guide on CentOS 6.x
« on: April 20, 2016, 07:03:49 AM »
I did play around with the letsencrypt SSL few days ago, taking me quite some times to get it installed.
First, you must make sure you have at least the Python v2.7.x or above, and also the virtualenv installed.
Install the letsencrypt.
And if you get the following error, please refer to the link, https://www.digitalocean.com/community/tutorials/how-to-set-up-python-2-7-6-and-3-3-3-on-centos-6-4, to get the virtualenv installed.
In fact, I still got the error (not virtualenv error, could not remember thou) when running ./letsencrypt-auto command. So, I did in manual method to generate the SSL.
Then, copy the SSL into /etc/pki/tls directory.
At your CWP, go to Apache settings >> SSL cert manager, on your right hand side form, choose the cert, user & enter your domain; then install SSL. Done.
Note: Make sure you have the 443 port open in firewall & listen to port 443.
You may test the score of SSL cert at https://www.ssllabs.com/ssltest.
At the beginning, I got the score C and after did some researches, I added the following lines onto this file /usr/local/apache/conf.d/vhosts-ssl.conf.
I got the score A now. Hope this guide will help you. Cheer.
First, you must make sure you have at least the Python v2.7.x or above, and also the virtualenv installed.
Install the letsencrypt.
Quote
cd /root
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto
And if you get the following error, please refer to the link, https://www.digitalocean.com/community/tutorials/how-to-set-up-python-2-7-6-and-3-3-3-on-centos-6-4, to get the virtualenv installed.
Quote
virtualenv: command not found
In fact, I still got the error (not virtualenv error, could not remember thou) when running ./letsencrypt-auto command. So, I did in manual method to generate the SSL.
Quote
./letsencrypt-auto certonly --webroot -w /home/your_domain/public_html -d your_domain.com -d www.your_domain.com
Then, copy the SSL into /etc/pki/tls directory.
Quote
cp -f /etc/letsencrypt/live/your_domain/cert.pem /etc/pki/tls/certs/your_domain.cert
cp -f /etc/letsencrypt/live/your_domain/fullchain.pem /etc/pki/tls/certs/your_domain.bundle
cp -f /etc/letsencrypt/live/your_domain/privkey.pem /etc/pki/tls/certs/your_domain.key
At your CWP, go to Apache settings >> SSL cert manager, on your right hand side form, choose the cert, user & enter your domain; then install SSL. Done.
Note: Make sure you have the 443 port open in firewall & listen to port 443.
You may test the score of SSL cert at https://www.ssllabs.com/ssltest.
At the beginning, I got the score C and after did some researches, I added the following lines onto this file /usr/local/apache/conf.d/vhosts-ssl.conf.
Quote
....Restart the apache.
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"
....
I got the score A now. Hope this guide will help you. Cheer.
18
Information / Re: How to Secure CWP webserver
« on: April 20, 2016, 06:26:35 AM »
I did play around with the letsencrypt SSL few days ago, taking me quite some times to get it installed.
First, you must make sure you have at least the Python v2.7.x or above, and also the virtualenv installed.
Install the letsencrypt.
And if you get the following error, please refer to the link, https://www.digitalocean.com/community/tutorials/how-to-set-up-python-2-7-6-and-3-3-3-on-centos-6-4, to get the virtualenv installed.
In fact, I still got the error (not virtualenv error, could not remember thou) when running ./letsencrypt-auto command. So, I did in manual method to generate the SSL.
Then, copy the SSL into /etc/pki/tls directory.
At your CWP, go to Apache settings >> SSL cert manager, on your right hand side form, choose the cert, user & enter your domain; then install SSL. Done.
Note: Make sure you have the 443 port open in firewall & listen to port 443.
You may test the score of SSL cert at https://www.ssllabs.com/ssltest.
At the beginning, I got the score C and after did some researches, I added the following lines onto this file /usr/local/apache/conf.d/vhosts-ssl.conf.
I got the score A now. Hope this guide will help you. Cheer.
First, you must make sure you have at least the Python v2.7.x or above, and also the virtualenv installed.
Install the letsencrypt.
Quote
cd /root
git clone https://github.com/letsencrypt/letsencrypt10
cd letsencrypt
./letsencrypt-auto
And if you get the following error, please refer to the link, https://www.digitalocean.com/community/tutorials/how-to-set-up-python-2-7-6-and-3-3-3-on-centos-6-4, to get the virtualenv installed.
Quote
virtualenv: command not found
In fact, I still got the error (not virtualenv error, could not remember thou) when running ./letsencrypt-auto command. So, I did in manual method to generate the SSL.
Quote
./letsencrypt-auto certonly --webroot -w /home/your_domain/public_html -d your_domain.com -d www.your_domain.com
Then, copy the SSL into /etc/pki/tls directory.
Quote
cp -f /etc/letsencrypt/live/your_domain/cert.pem /etc/pki/tls/certs/your_domain.cert
cp -f /etc/letsencrypt/live/your_domain/fullchain.pem /etc/pki/tls/certs/your_domain.bundle
cp -f /etc/letsencrypt/live/your_domain/privkey.pem /etc/pki/tls/certs/your_domain.key
At your CWP, go to Apache settings >> SSL cert manager, on your right hand side form, choose the cert, user & enter your domain; then install SSL. Done.
Note: Make sure you have the 443 port open in firewall & listen to port 443.
You may test the score of SSL cert at https://www.ssllabs.com/ssltest.
At the beginning, I got the score C and after did some researches, I added the following lines onto this file /usr/local/apache/conf.d/vhosts-ssl.conf.
Quote
....Restart the apache.
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA!RC4:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS"
....
I got the score A now. Hope this guide will help you. Cheer.
19
CSF Firewall / Re: Suspicious File Alert?
« on: April 19, 2016, 07:27:22 AM »
You might want to refer this post: http://forum.centos-webpanel.com/apache/suspicious-file-alert-mail-every-night/
20
MySQL / Re: MySQL error (MySQL server has gone away) on restart
« on: January 29, 2016, 08:04:56 AM »
This happened to my servers as well. Some of my client's websites stop working because of the database did not return any data from server. Before this, all these are working just fine.
Anyone got clue about this issue?
Anyone got clue about this issue?
21
MySQL / Re: Error message when restarting mysql
« on: January 29, 2016, 08:01:01 AM »
I had the same problem occurred. CWP version: 0.9.8.11. Restart mysqld from command line no error shown. Any idea?
Warning: Error while sending SET_OPTION packet. PID=31857 in /usr/local/cwpsrv/htdocs/resources/admin/include/functions.php(1) : eval()'d code(1) : eval()'d code on line 5
MySQL server has gone away
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /usr/local/cwpsrv/htdocs/resources/admin/include/functions.php(1) : eval()'d code(1) : eval()'d code on line 5
Warning: Error while sending SET_OPTION packet. PID=31857 in /usr/local/cwpsrv/htdocs/resources/admin/include/functions.php(1) : eval()'d code(1) : eval()'d code on line 5
MySQL server has gone away
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /usr/local/cwpsrv/htdocs/resources/admin/include/functions.php(1) : eval()'d code(1) : eval()'d code on line 5
22
E-Mail / Re: Change E-Mail Password
« on: January 07, 2016, 01:32:42 PM »Hello, Did it work for anyone? I tried the settings as described, including this one "$config['password_query'] = 'UPDATE mailbox SET password=%c,modified=NOW() WHERE username=%u LIMIT 1';"
But I still get the error cannot save new password. I also tried with the default value for this config. $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';
Still did not work for me.
Is there anything that I am missing, do you think? Would really love to have this option.
Thanks.
I just done it on another server for my client and it still worked for me.
The password query should work if you never set or change the default webmail database. Make sure you have the right settings on those config files OR you may check the error stated on log file.
Hope this help.
23
PHP / Re: Lib JPEG Support php-gd
« on: October 22, 2015, 07:10:01 AM »
I have the same problem after upgraded to php 5.5.11.
Now it is being resolved. Thanks for the solution provided.
Now it is being resolved. Thanks for the solution provided.
24
PHP / Re: PHP Version Switcher
« on: October 22, 2015, 07:07:32 AM »
Is okay. I had updated to the version 5.5.11 anyway. Thanks.
25
PHP / Re: PHP Version Switcher
« on: October 18, 2015, 02:42:21 PM »
I guess the latest CWP version still having the same issue where I did the php recompilation from 5.4 to 5.3 and from 5.3 back to 5.4 again. On php -v it showed 5.4 but the php info page still showing 5.3.
26
Postfix / Re: Freshclam DB update fail
« on: October 18, 2015, 01:39:36 PM »
The weird thing that I noticed on the old CWP version & the new CWP version is that the user & usergroup of the folders i.e. /var/log/clamav & /var/lib/clamav are different; the old one using "clamav" while the new one using "clam". Why??
Please refer to this post as well regarding the same issue reported lately.
Please refer to this post as well regarding the same issue reported lately.
Quote
http://forum.centos-webpanel.com/centos-6-problems/clamav-update-problem/
27
CentOS 6 Problems / Re: CLAMAV update problem
« on: October 18, 2015, 04:52:25 AM »
I have the same problem since after rebuilt the postfix.
Found the solution by myself.
Make sure the /var/lib/clamav & /var/log/clamav with the right user & group.
Open the file /etc/freshclam.conf and make sure the lines are set to as below:
Also make sure the lines at file /etc/clamd.conf been set to:
Then, restart the clamd service and update the database.
It should works, at least for me yes.
Found the solution by myself.
Make sure the /var/lib/clamav & /var/log/clamav with the right user & group.
Quote
chown -R clam:clam /var/lib/clamav
chown -R clam:clam /var/log/clamav
Open the file /etc/freshclam.conf and make sure the lines are set to as below:
Quote
DatabaseDirectory /var/lib/clamav
DatabaseOwner clam
Also make sure the lines at file /etc/clamd.conf been set to:
Quote
DatabaseDirectory /var/lib/clamav
User clam
Then, restart the clamd service and update the database.
Quote
service clamd restart
freshclam
It should works, at least for me yes.
28
E-Mail / Re: Change E-Mail Password
« on: October 11, 2015, 03:38:15 PM »Quote
That is also what I'd like to know:
I changed the following:
- in main.inc.conf $rcmail_config['plugins'] = array('password');
- I changed config.inc.conf.dist in config.inc.php and enabled the following lines:
$rcmail_config['password_db_dsn'] = 'mysql://mypassword@localhost/roundcube';
taken from DB.inc.conf $rcmail_config['db_dsn'] = 'mysqli://roundcube:mypassword@localhost/roundcube';
$rcmail_config['password_query'] = "UPDATE mailbox SET password=CONCAT('{PLAIN-MD5}', MD5(%p)),modified=NOW() WHERE username=%u LIMIT 1";
I restarted httpd but I get the password line in Roundcube, the 3 lines with current password, new password and repeat new password but when I want to change the password it says password can't be saved, What Am I doing wrong here? please any help?
These are steps I did for the change password plugin on roundcube:
1. Edit the line on /usr/local/apache/htdocs/roundcube/config/config.inc.php into
Quote
$config['plugins'] = array('password');
2. Open up the file /usr/local/cwpsrv/htdocs/resources/admin/include/postfix.php and note down the password.
3. Next, open up the file /usr/local/apache/htdocs/roundcube/plugins/password/config.inc.php and set the following
Quote
$config['password_driver'] = 'sql';
Quote
$config['password_db_dsn'] = 'mysql://postfix:password@localhost/postfix';
** Replace the password with the password you have noted down earlier.
Quote
$config['password_query'] = "UPDATE mailbox SET password=CONCAT('{PLAIN-MD5}', MD5(%p)),modified=NOW() WHERE username=%u LIMIT 1";
That's it. It worked for me. Cheers.
29
CentOS 6 Problems / Re: Centos web panel ip changed but cwp not work
« on: October 07, 2015, 06:36:32 AM »
I also changed the IP of my VPS lately, and few things you need to look into:
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/hosts
/usr/local/apache/conf/sharedip.conf
/usr/local/cwpsrv/conf.d/cwp-ssl.conf
And, you might also need to regenerate the self-signed SSL, rebuild the vhost, and rebuild your web server & mail services. Hope this help.
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/hosts
/usr/local/apache/conf/sharedip.conf
/usr/local/cwpsrv/conf.d/cwp-ssl.conf
And, you might also need to regenerate the self-signed SSL, rebuild the vhost, and rebuild your web server & mail services. Hope this help.
30
E-Mail / Re: Email rejected: Quota exceeded (mailbox for user is full)
« on: July 10, 2015, 08:03:31 AM »
Had sent a ticket to support but no any solution being advised very bad support.