Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Netino

Pages: [1] 2 3 ... 17
1
Information / Re: Plans to support CentOS 8?
« on: November 16, 2019, 10:10:39 PM »
(...)
I looked into it, and the only solution is to upgrade to a newer Linux kernel above ______ (I forgot the version offhand) but as long as I'm stuck on CentOS 7, my CPU is going to run slow because the system thinks it's overheating. 2200 MHz per core instead of the usual max 3800 MHz per core!

So yes, we need CentOS 8.

It looks like you don't necessarily need a new Centos version, but a new kernel.

Check this:
https://computingforgeeks.com/install-linux-kernel-5-on-centos-7/

It's fairly simple to install.

Regards,
Netino


2
Information / Re: php7-fpm vulnerability CVE-2019-11043
« on: November 16, 2019, 10:04:03 PM »
If you installed it with Softaculous, you must to check the following page, to upgrade your installed software to latest version available:
http://www.softaculous.com/docs/enduser/how-to-upgrade-installations/

Regards,
Netino

3
Mod_Security / Re: ModSecure questions
« on: November 16, 2019, 09:59:09 PM »
This is not a mod_security related question.

Login with ssh as root to your server.
Type the following command to edit the php.ini:
======================================
# nano /opt/alt/php-fpm70/usr/php/php.ini
======================================
(or any other php.ini file you are using)

Find the following two values (with [CTRL]+W):
Code: [Select]
post_max_size = 100M
upload_max_filesize = 100M

Set them to any value you want.
Save and close the file. Where,

Restart Apache server:

$ systemctl restart apache2.service

Now you should able to upload bigger files.

4
E-Mail / Re: mail with php seen as spam
« on: October 16, 2019, 03:30:17 AM »
A simple bet: a relevant line here would be:
Code: [Select]
Received-SPF: neutral (google.com: 82.64.165.128 is neither permitted nor denied by best guess record for domain of progmail@ns1.domain.fr) client-ip=82.64.165.128;

Note, you domain is not set with SPF record, and this could be being classified by google as a low reputation server, hence the spam tag, and spam folder destination.

Regards,
Netino

5
CentOS 6 Problems / Re: Caused by SystemException in API_Linux.cpp
« on: October 07, 2019, 01:46:12 PM »
I already have CWPPro, and ALL of my sites are down, with this mesage.
Why my sites stopped to work..??

6
High Performance / Re: Is reseller panel available on CWP pro
« on: July 29, 2019, 11:49:56 PM »
Some tip to install it..??
Not find it in documentation.

7
Installation / Re: Two domains showing up
« on: May 10, 2019, 04:05:26 AM »
You have installed an additional domain.
We're thinking you've installed an account, and after that, you've installed this additional domain.

Therefore, in theory, the exclusion of the additional domain should to run the already installed account domain.
But if your account domain is not working, you should check your apache logs to find out the problem. (/usr/local/apache/logs/error_log)

Regards,
Netino

8
CentOS-WebPanel Bugs / Re: AutoSSL Does not Install Correct Domain
« on: May 10, 2019, 03:55:46 AM »
(...)
https://community.letsencrypt.org/t/how-can-i-easily-make-the-base-name-and-common-name-the-same/36998 (see Post 2). Does this really work? I don't want to mess it up.

Use /root/.acme.sh/acme.sh tool instead.
Is the installed tool.
To run help:
Code: [Select]
# /root/.acme.sh/acme.sh -h

To use certbot, you should to sure certbot tool will install the certs in same location.
I cannot assure that, perhaps someone else.

Regards,
Netino

9
CentOS 7 Problems / Re: Cannot access control panel
« on: May 10, 2019, 03:39:23 AM »
Seems you was blocked by firewall.
I can access the three adresses normally.

You need administrative access on your server, via ISP, to unblock your ip address.

Regards,
Netino

10
E-Mail / Re: Restrict outgoing email for some users
« on: May 08, 2019, 08:54:41 PM »
Check this:

http://www.postfix.org/RESTRICTION_CLASS_README.html

...on the section "Restricting what users can send mail to off-site destinations".

But in my opinion, this could be not effective, as descripted:

Quote
Note: this scheme does not authenticate the user, and therefore it can be bypassed in several ways:

By sending mail via a less restrictive mail relay host.

By sending mail as someone else who does have permission to send mail to off-site destinations.

Regards,
Netino

11
E-Mail / Re: Port 25 blocked, Im not using port 25
« on: May 08, 2019, 08:35:30 PM »
I could not understand too.
You're having a problem with a mail received in your server, or you have problem with your mail reader trying to send mail through your server..??

Regards,
Netino

12
MySQL / Re: Not Log file for Mysql
« on: May 08, 2019, 08:30:05 PM »
What kind of logs..??
Of mariadb service..??
Of errors..??
Of database queries..??

(You have sufficient disk space to log database queries..??)

Regards,
Netino

13
CentOS 7 Problems / Re: SMTP Server Has Been Hacked
« on: May 08, 2019, 08:27:44 PM »
Quote
I'm unable to upload 2.3GB & 2.7 GB of the mail log file.
https://i.snag.gy/Cm9j3M.jpg

You really don't need to download that files, although you could rotate them (urgently recommended) and compact them.

You could use live tools in root ssh shell.
You cannot defend your server simply using the panel.
There are innumerable task tools you must run daily, and check results.
All of them run through ssh shell.

For example, you must check the virtual harassment level your server has, checking how much attempts to hack your server, and react them, blocking some addresses, or implementing new blockings in csf firewall to stop hacking attempts.
Ssh shell is indispensable.
May be you thinking one user was hacked, but not, maybe was another.
Just one user in your server could send mail identified as any other user in your server.
And block one user cannot deter the attack, if was another.

Quote
I'm wondering how did they know such email exist, test (at) peakpoint.my

No one else would know that my website wasn't indexed and the SMTP were freshly created at the end of March, this account was created by the freelancer alone.

This is not difficult.
Maybe you published that mail in SOA register of your DNS domain name. (yes, all of SOA records have a mail address, maybe your user)
Maybe you have suffered a sniff in your (or the user) local network.
Maybe you had mentioned to another mail.
Mailbe you mentioned it in this forum.
There are too many innumerable other possibilities.

Quote
I tried sending an email and I got blacklisted, I think I should change a new set of IP that probably would get me out from that.
Yes, be prepared, this is common to 400K level of mail sent.
You must need check WHEN these mails begin, and check WHO logged in your server to stop the attack.
You have no other alternative, to be sure.

And never let your users use a simple password: this is a real serious problem.

14
SSL / Re: Deleted CSR file
« on: May 08, 2019, 04:43:09 AM »
CSR (Certificate Request Sign) is used to the certificate authority (CA) to sign your certificate request.
If you already submitted your certificate to the CA to sign it, and if the CSR was deleted, but you already get the certificate, is not problem.
The problem would be if you lost the key.

If you didn't still submitted it, just generate another CSR to submit to the CA.

Regards,
Netino

15
CentOS 7 Problems / Re: SMTP Server Has Been Hacked
« on: May 08, 2019, 04:31:45 AM »
Any other evidence of your server has been hacked..??
You just put "LOGIN authentication failed" messages, so, some people could not login on your server, nothing more.

The fact that you had 10,000 return messages just means that someone used your email address to send messages to other people.

But, likewise, it would just have been someone getting login access to only one email account of yours, and the damage is done. The person can send thousands of messages from your server.

But, these mail was sento from your server..??
Check you '/var/log/maillog' file.
There was any account was logged in..??

If so, check the beggining of that sending, and take action about that account.
If it was just an email account that logged in, then the damage possibly is just small.

Regards,
Netino

Pages: [1] 2 3 ... 17