Messages

151

Installation / Re: Two domains showing up

« on: May 10, 2019, 04:05:26 AM »

You have installed an additional domain.
We're thinking you've installed an account, and after that, you've installed this additional domain.

Therefore, in theory, the exclusion of the additional domain should to run the already installed account domain.
But if your account domain is not working, you should check your apache logs to find out the problem. (/usr/local/apache/logs/error_log)

Regards,
Netino

152

CentOS-WebPanel Bugs / Re: AutoSSL Does not Install Correct Domain

« on: May 10, 2019, 03:55:46 AM »

(...)
https://community.letsencrypt.org/t/how-can-i-easily-make-the-base-name-and-common-name-the-same/36998 (see Post 2). Does this really work? I don't want to mess it up.

Use /root/.acme.sh/acme.sh tool instead.
Is the installed tool.
To run help:

Code: [Select]

# /root/.acme.sh/acme.sh -h

To use certbot, you should to sure certbot tool will install the certs in same location.
I cannot assure that, perhaps someone else.

Regards,
Netino

153

CentOS 7 Problems / Re: Cannot access control panel

« on: May 10, 2019, 03:39:23 AM »

Seems you was blocked by firewall.
I can access the three adresses normally.

You need administrative access on your server, via ISP, to unblock your ip address.

Regards,
Netino

154

E-Mail / Re: Restrict outgoing email for some users

« on: May 08, 2019, 08:54:41 PM »

Check this:

http://www.postfix.org/RESTRICTION_CLASS_README.html

...on the section "Restricting what users can send mail to off-site destinations".

But in my opinion, this could be not effective, as descripted:

Note: this scheme does not authenticate the user, and therefore it can be bypassed in several ways:

By sending mail via a less restrictive mail relay host.

By sending mail as someone else who does have permission to send mail to off-site destinations.

Regards,
Netino

155

E-Mail / Re: Port 25 blocked, Im not using port 25

« on: May 08, 2019, 08:35:30 PM »

I could not understand too.
You're having a problem with a mail received in your server, or you have problem with your mail reader trying to send mail through your server..??

Regards,
Netino

156

MySQL / Re: Not Log file for Mysql

« on: May 08, 2019, 08:30:05 PM »

What kind of logs..??
Of mariadb service..??
Of errors..??
Of database queries..??

(You have sufficient disk space to log database queries..??)

Regards,
Netino

157

CentOS 7 Problems / Re: SMTP Server Has Been Hacked

« on: May 08, 2019, 08:27:44 PM »

I'm unable to upload 2.3GB & 2.7 GB of the mail log file.
https://i.snag.gy/Cm9j3M.jpg

You really don't need to download that files, although you could rotate them (urgently recommended) and compact them.

You could use live tools in root ssh shell.
You cannot defend your server simply using the panel.
There are innumerable task tools you must run daily, and check results.
All of them run through ssh shell.

For example, you must check the virtual harassment level your server has, checking how much attempts to hack your server, and react them, blocking some addresses, or implementing new blockings in csf firewall to stop hacking attempts.
Ssh shell is indispensable.
May be you thinking one user was hacked, but not, maybe was another.
Just one user in your server could send mail identified as any other user in your server.
And block one user cannot deter the attack, if was another.

I'm wondering how did they know such email exist, test (at) peakpoint.my

No one else would know that my website wasn't indexed and the SMTP were freshly created at the end of March, this account was created by the freelancer alone.

This is not difficult.
Maybe you published that mail in SOA register of your DNS domain name. (yes, all of SOA records have a mail address, maybe your user)
Maybe you have suffered a sniff in your (or the user) local network.
Maybe you had mentioned to another mail.
Mailbe you mentioned it in this forum.
There are too many innumerable other possibilities.

I tried sending an email and I got blacklisted, I think I should change a new set of IP that probably would get me out from that.

Yes, be prepared, this is common to 400K level of mail sent.
You must need check WHEN these mails begin, and check WHO logged in your server to stop the attack.
You have no other alternative, to be sure.

And never let your users use a simple password: this is a real serious problem.

158

SSL / Re: Deleted CSR file

« on: May 08, 2019, 04:43:09 AM »

CSR (Certificate Request Sign) is used to the certificate authority (CA) to sign your certificate request.
If you already submitted your certificate to the CA to sign it, and if the CSR was deleted, but you already get the certificate, is not problem.
The problem would be if you lost the key.

If you didn't still submitted it, just generate another CSR to submit to the CA.

Regards,
Netino

159

CentOS 7 Problems / Re: SMTP Server Has Been Hacked

« on: May 08, 2019, 04:31:45 AM »

Any other evidence of your server has been hacked..??
You just put "LOGIN authentication failed" messages, so, some people could not login on your server, nothing more.

The fact that you had 10,000 return messages just means that someone used your email address to send messages to other people.

But, likewise, it would just have been someone getting login access to only one email account of yours, and the damage is done. The person can send thousands of messages from your server.

But, these mail was sento from your server..??
Check you '/var/log/maillog' file.
There was any account was logged in..??

If so, check the beggining of that sending, and take action about that account.
If it was just an email account that logged in, then the damage possibly is just small.

Regards,
Netino

160

CentOS-WebPanel GUI / Re: admin panel slow to load

« on: May 06, 2019, 04:40:23 AM »

Well, if your server is not being attacked, with so little information on what the problem is, I could also only recommend an equally simple solution, which would be to reinstall CWP.
Any additional detail that we could help and justify not doing this ..?

Regards,
Netino

161

CentOS-WebPanel GUI / Re: Blesta Module Suspended/Cancelled CWP User Account. How do i override this?

« on: May 06, 2019, 04:31:36 AM »

Try to run directly an API function 'unsp'.
If not works, you can try to change mysql table directly, but this could affect some services.
So, you can change mysql tables, and after that, suspend the site again via panel, then unsuspend again.

If you don't know what I saying, so go to support, could be dangerous you change directly mysql tables without knowledge it.

Regards,
Netino

162

Updates / Re: Help, wont start server

« on: May 06, 2019, 04:14:17 AM »

What error messages..?

Regards,
Netino

163

Information / Re: Hostname and https

« on: May 06, 2019, 04:12:46 AM »

Check this:

[Tutorial] How to install SSL on hostname
http://forum.centos-webpanel.com/how-to/(tutorial)-how-to-install-ssl-on-hostname/msg23057/?topicseen#msg23057

Regards,
Netino

164

Postfix / Re: spam issue: Need help regarding mail server

« on: May 06, 2019, 04:09:03 AM »

So, your mail is being received, but classified as spam, or is being rejected..?

165

Postfix / Re: spam issue: Need help regarding mail server

« on: May 04, 2019, 07:58:44 PM »

It's no use you want to show mailtester email, would help just the rejection message from yahoo/hotmail/aol.

These ISP are using ReturnPath, maybe you have low reputation on that blocklist.
You must register for that service, to can deliver mail to that ISPs, here:

https://www.senderscore.org/register/

You are having problems too in your dns blocklists, you are using a public DNS to query them.

Code: [Select]

   *  0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
   *      blocked.  See
   *      http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
   *      for more information.
   *      [URIs: jxxextxxhxy.com]

You must to use at least one the three:
1) using your own non-forwarding caching nameserver to avoid being lumped together with other users queries;
2) setting up your own mirror of the DNS-blocklist;
3) or paying to use the blocklist. The choice is up to the DNS-Blocklist administrator.

Regards,
Netino