Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - overseer

Pages: 1 ... 104 105 [106] 107 108 ... 127
1576
Postfix / Re: error on postfix rebuild
« on: April 08, 2023, 02:05:45 AM »
Yes, it's present on CWP CentOS systems:
Code: [Select]
[overseer@srv]$ ls -al /usr/bin/spfquery
-rwxr-xr-x. 1 root root 4598 Nov 10  2020 /usr/bin/spfquery
[overseer@srv]$ du -sh  /usr/bin/spfquery
8.0K /usr/bin/spfquery
So you would have to manually delete it or move it to the side before running the postfix rebuild routine.

1577
CentOS-WebPanel Bugs / Re: User php selector bug
« on: April 07, 2023, 08:16:08 AM »
And you reported the bug to the dev team? Or request support to help you with the issue?

1578
Apache / Re: apache strange behavior
« on: April 07, 2023, 07:59:20 AM »
Yes, it's normal:
Code: [Select]
ifconfig eth0or
Code: [Select]
ifconfig ens33Look for the "inet6" line.
and test via lsof:
Code: [Select]
[root@srv]# lsof -i :443
COMMAND    PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
httpd    15319 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    26197   root    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    26218 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    26219 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    26220 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    26310 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd    80303 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd   107496 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd   112527 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
httpd   128430 nobody    8u  IPv6 5287623      0t0  TCP *:https (LISTEN)
[root@srv]# lsof -i :80
COMMAND    PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
httpd    15319 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    26197   root    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    26218 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    26219 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    26220 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    26310 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd    80303 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd   107496 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd   112527 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)
httpd   128430 nobody    4u  IPv6 5287612      0t0  TCP *:http (LISTEN)

If you would like to disable IPv6, add these lines to /etc/sysctl.conf
Code: [Select]
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
and run
Code: [Select]
sysctl -pThen confirm with:
Code: [Select]
ifconfig eth0or
Code: [Select]
ifconfig ens33

1579
MySQL / Re: 413 Request Entity Too Large by phpmyadmin
« on: April 06, 2023, 02:48:09 PM »
I haven't actually encountered this myself, probably because I use the CLI for larger DB loading & backup tasks. But thanks for resurfacing this thread! I'll enact it on my servers for the sake of clients who live & die by phpMyAdmin.

1580
E-Mail / Re: Imap Folders
« on: April 03, 2023, 02:03:52 PM »
Did you confirm that they don't actually exist on the server, or just not subscribed in your IMAP client?
Do you want them to be created for all users on the server, or is this a one-off for one user?

1581
MySQL / Re: MariaDB crashes after DC incident
« on: April 02, 2023, 09:47:51 PM »
This is the default example configuration of /etc/my.cnf provided by MySQL. This config file was generated by MySQL running on CentOS 7. I am running the same CentOS version as you are, but I am running MariaDB 10.6 (long term support release).

Code: [Select]
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/8.0/en/server-configuration-defaults.html

[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove the leading "# " to disable binary logging
# Binary logging captures changes between backups and is enabled by
# default. It's default setting is log_bin=binlog
# disable_log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#
# Remove leading # to revert to previous value for default_authentication_plugin,
# this will increase compatibility with older clients. For background, see:
# https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin
# default-authentication-plugin=mysql_native_password

datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock

log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

1582
MySQL / Re: MariaDB crashes after DC incident
« on: April 02, 2023, 02:42:06 PM »
Here is a lightly tuned my.cnf for general purpose CMS use (WordPress, Drupal, Joomla)
Code: [Select]
[mysqld]
performance-schema=0
max_connections=100
max_user_connections=75
query_cache_size=32M
skip-external-locking
key_buffer_size=32M
table_open_cache=128
sort_buffer_size=512K
net_buffer_length=8K
read_buffer_size=256K
read_rnd_buffer_size=512K
myisam_sort_buffer_size=16M
tmp_table_size=32M
max_heap_table_size=32M
thread_cache_size=4
open_files_limit=10000
local-infile=0
max_allowed_packet=500M

# InnoDB
innodb_file_per_table=1
innodb_locks_unsafe_for_binlog=1
innodb_fast_shutdown = 1
# Recovery mode options
#innodb_force_recovery = 5
#innodb_purge_threads=0

#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

#
# include *.cnf from the config directory
#
!includedir /etc/my.cnf.d

1583
MySQL / Re: MySQL - BAD CONFIGURATION DETECTED
« on: April 02, 2023, 02:39:46 PM »
Is that the default Fedora my.cnf?

Did you run mysql_secure_installation?

Here is a sample my.cnf, lightly tuned for WP and other CMS platforms:
Code: [Select]
[mysqld]
performance-schema=0
max_connections=100
max_user_connections=75
query_cache_size=32M
skip-external-locking
key_buffer_size=32M
table_open_cache=128
sort_buffer_size=512K
net_buffer_length=8K
read_buffer_size=256K
read_rnd_buffer_size=512K
myisam_sort_buffer_size=16M
innodb_file_per_table=1
tmp_table_size=32M
max_heap_table_size=32M
thread_cache_size=4
open_files_limit=10000
local-infile=0
max_allowed_packet=500M

# InnoDB
innodb_locks_unsafe_for_binlog=1
innodb_fast_shutdown = 1
# Recovery mode options
#innodb_force_recovery = 5
#innodb_purge_threads=0

#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

#
# include *.cnf from the config directory
#
!includedir /etc/my.cnf.d

1584
MySQL / Re: MariaDB crashes after DC incident
« on: April 02, 2023, 02:35:08 PM »
You need MariaDB stable in order to use the server -- CWP depends on it, the Postfix mail transport needs it, Roundcube webmail needs it, and WP and other dynamic sites depend on it.

Did the host add or remove something in /etc/my.cnf ?
Did you run mysql_secure_installation ?

1585
Information / Re: Cloudflare Tunnel
« on: April 02, 2023, 02:27:33 PM »
I have run servers at 2 locations on business fiber, no problems -- worked great. And not just a static IP, they even gave me reverse DNS, which is critical for running a mail server! I too am about to get fiber in my rural town and will have fiber at my home and business location. I won't be testing the home location for server use, but will definitely employ the symmetric 250Mbit connection at the business location for a disaster recovery backup server (twin to my co-location hosted servers). FINALLY, after 20+ years on DSL (pronounced D-S-HELL)!

1586
CentOS 7 Problems / Re: Disk Quota Exceeded???
« on: April 01, 2023, 09:58:49 PM »
Can you create a Package with higher limits / preferably unlimited and try assigning that package to the user? Or try making the troublesome user a Reseller (less desirable, I'm sure)?

1587
Updates / Re: Upgrade Nginx
« on: April 01, 2023, 09:51:57 PM »

1588
iptables / Re: ssh brute force attacks to random ports/users
« on: April 01, 2023, 09:48:43 PM »
I fully agree with all the other advice given above.
i change my default server ssh port and i have one ssh user(root)
I would highly recommend NOT using root for SSH, unless you have a specific one-off case where you need it for a migration or rsync or the like. Once you leave a known user name provided for brute force attacks, that's 50% of the information needed for a successful hack. Consider creating a sudo user (with a strong passphrase) specifically for SSH duties and use that exclusively. So in /etc/ssh/sshd_config set:
Code: [Select]
PermitRootLogin noand
Code: [Select]
AllowUsers sudouseror create a group of allowed SSH users and set:
Code: [Select]
AllowGroups sshusersAnd of course, use keys instead of interactive passphrases...

1589
Information / Re: Cloudflare Tunnel
« on: April 01, 2023, 03:04:00 AM »
It sounds like it should; I use their other services, but not Cloudflare Tunnel. Does your ISP block ports 80, 443 and/or 25? Or does their EULA preclude running a home based server?

1590
CentOS 7 Problems / Re: Disk Quota Exceeded???
« on: April 01, 2023, 03:01:40 AM »
Can you try uploading with a regular system user, created outside of CWP? (I usually keep a sudo user in my back pocket...)

Pages: 1 ... 104 105 [106] 107 108 ... 127