Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
CentOS-WebPanel GUI / Varnish Conf
« on: June 27, 2025, 09:53:37 AM »
When I go to cwp - admin - select webservers
Nginx & Varnish & Apache ([Varnish Conf]) option
On clicking "Varnish Conf" link, I see the message
Should I do anything to fix this or is this okay?
Nginx & Varnish & Apache ([Varnish Conf]) option
On clicking "Varnish Conf" link, I see the message
Quote
Varnish NOT installed or conf file /etc/varnish/varnish.params does not exist
On CentOS 8 you can edit file: /usr/lib/systemd/system/varnish.service
Should I do anything to fix this or is this okay?
2
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« on: June 27, 2025, 07:05:52 AM »
I am using Comodo WAF as CWP alerts "We recommend using Comodo WAF rules as they are much simpler and easier for beginners."
Can you please highlight the difference and which option is better?
Can you please highlight the difference and which option is better?
3
E-Mail / Re: Postfix, SpamAssassin, or something else
« on: June 25, 2025, 05:31:55 AM »All 3 from LeaseWeb in the Netherlands. Consider reporting to their abuse@ address with the full headers. Also block those offending IPs, but it's 3 for 3 different messages, so likely there is a larger pool of source addresses used in this campaign.
Both from and to doesnt belong to this server.
Quote
From: "KetoProbiotix" <yvcaztn@firengerme.de>
To: <proiecte@centrade.ro>
Why is this email landing to this server?
4
MySQL / Re: MySQL - BAD CONFIGURATION DETECTED
« on: June 24, 2025, 11:26:12 AM »Check the config file (or its directories) isn't group or other writeable but also make sure the file is readable by the mysql user. The easy way to check the last bit is withCode: [Select]sudo -u mysql my_print_defaults --mariadbdso see what configuration options are read. Also runCode: [Select]journalctl -u mariadb.service -n 30-- failing to read configuration files is normally a warning.
Quote
[root@hosting ~]# sudo -u mysql my_print_defaults --mariadbd
--bind-address=127.0.0.1
Code: [Select]
journalctl -u mariadb.service -n 30
Jun 24 06:10:35 servername mariadbd[831]: 2025-06-24 6:10:35 785765 [Warning] Aborted connection 785765 to db: 'postfix' user: 'postfix' host: 'loc>
I realise that yesterday configserver suggested my to bind mysql to IP. I commented it now.
How to check if this is resolved now?
5
E-Mail / Re: Postfix, SpamAssassin, or something else
« on: June 24, 2025, 11:14:52 AM »
Had similar issue. Emails were bouncing and sitting in postfix que (in 100s)
On checking the arrival info of one these emails, I could see that sender was an user in my system.
I changed the password and informed that user.
Problem stopped.
On checking the arrival info of one these emails, I could see that sender was an user in my system.
I changed the password and informed that user.
Problem stopped.
6
Updates / Re: Roundcube vulnerability
« on: June 21, 2025, 06:29:00 AM »A new security vulnerability was found in Roundcube:
https://nvd.nist.gov/vuln/detail/CVE-2025-49113
The effected versions:
all versions before 1.5.10
all 1.6.x versions before 1.6.11
The most recent versions of Roundcube include the patch:
https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10
CWP uses Roundcube 1.4.x therefore it is highly recommended to update Roundcube
Instructions how to update Roundcube to 1.5.11:Code: [Select]cd /usr/local/cwpsrv/var/services
cp -R roundcube roundcube_backup
wget https://github.com/roundcube/roundcubemail/releases/download/1.5.11/roundcubemail-1.5.11-complete.tar.gz
tar -xvzf roundcubemail-1.5.11-complete.tar.gz
cd roundcubemail-1.5.11
bin/installto.sh /usr/local/cwpsrv/var/services/roundcube
cd ..
chown -R cwpsvc:cwpsvc roundcube
rm -rf roundcubemail-1.5.11*
Please note you do it on your own risk.
Got server error in roundcube after following the instructions. Maybe some step is missing.
7
Updates / Re: Roundcube vulnerability
« on: June 21, 2025, 06:27:45 AM »Yes, saw that a couple of weeks ago. Other updating directions are here, just update the version number from 1.5.8 to 1.5.11 (LTS version):
https://www.alphagnu.com/topic/33-update-cwp-roundcube-mail-version-158-%E2%80%93-control-web-panel/#comment-35
Worked perfectly on AL 8.10 installation
Used the "Centos 8 stream/EL8" instructions
8
E-Mail / Re: SpamHause x SpamAssassin
« on: June 18, 2025, 07:30:43 AM »Not really any steps apart from integrated it in your / etc / postfix / main.cf:Code: [Select]smtpd_recipient_restrictions =
#check_policy_service inet:127.0.0.1:10031,
permit_sasl_authenticated,
permit_mynetworks,
check_client_access hash:/etc/postfix/sender_whitelist,
check_client_access hash:/etc/postfix/sender_blacklist,
check_client_access hash:/etc/postfix/rbl_override,
reject_unauth_destination,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_rbl_client YOURDQAPIKEYHERE.zen.dq.spamhaus.net=127.0.0.[2..11],
reject_rbl_client cn.country.spameatingmonkey.net,
reject_rbl_client kp.country.spameatingmonkey.net,
reject_rbl_client ng.country.spameatingmonkey.net,
reject_rbl_client ru.country.spameatingmonkey.net,
reject_rbl_client tr.country.spameatingmonkey.net
Thank you. Done
9
E-Mail / Re: SpamHause x SpamAssassin
« on: June 17, 2025, 07:28:46 AM »SpamAssassin is a locally-run spam filter that processes, scores, and can act (tag, move to another mailbox, delete) on incoming mail.
Spamhaus is a remote, cloud run RBL (real-time blacklist) that you can integrate in your mail delivery chain (SMTP server). Spamhaus requires a free API key to use it, so you must sign up for an account from them.
I use both in my servers since each serves an important part of the anti-UCE battle. (On another dedicated mail server, I employ ASSP -- Anti-Spam SMTP Proxy and it blocks 75% of incoming non-local mail; highly effective!)
Can you share the exact steps wrt cwp for implementing Spamhaus. I have signed up.
10
CentOS-WebPanel GUI / Re: Notification - Available updates - SECURITY ISSUE
« on: June 16, 2025, 12:38:41 PM »Do you clear alerts?
https://yourserver.com:2031/cwp_SESSIONID/admin/index.php?module=notifications_list
Didnt
Will do. Hope it will be automated sometyime
11
CentOS-WebPanel GUI / Notification - Available updates - SECURITY ISSUE
« on: June 16, 2025, 05:32:45 AM »
Popup notification which alerts about new updates has some issues
1. Even after updates are completed, the popup keeps coming back when logging as admin again
2. No of updates shown in popup quite often dont match with actual updates
Not critical but wastes admin time many a times
1. Even after updates are completed, the popup keeps coming back when logging as admin again
2. No of updates shown in popup quite often dont match with actual updates
Not critical but wastes admin time many a times
12
E-Mail / Re: incoming email not getting delivered
« on: June 14, 2025, 11:08:26 AM »
Rebuilding the mail server resolved the issue.
I removed the SSL for that domain and re installed. Not sure if it helped the cause
I removed the SSL for that domain and re installed. Not sure if it helped the cause
13
E-Mail / incoming email not getting delivered
« on: June 14, 2025, 07:04:51 AM »
Trying to send email from abc@outlook.com to me@mydomain.com (my VPS email)
Email not visible in my inbox / junk / SPAM
Can someone help resolve this?
Quote
Jun 14 15:56:18 server postfix/smtpd[322142]: connect from mail-koreacentralazolkn19013081.outbound.protection.outlook.com[52.103.74.81]
Jun 14 15:56:19 server postfix/smtpd[322142]: TLS SNI mydomain.com from mail-koreacentralazolkn19013081.outbound.protection.outlook.com[52.103.74.81] not matched, using default chain
Jun 14 15:56:19 server postfix/smtpd[322142]: Anonymous TLS connection established from mail-koreacentralazolkn19013081.outbound.protection.outlook.com[52.103.74.81]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (2048 bits) server-digest SHA256
Jun 14 15:56:20 server postfix/cleanup[322873]: 146A32A014E: discard: header ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;? s=arcselector10001;? h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCou from mail-koreacentralazolkn19013081.outbound.protection.outlook.com[52.103.74.81]; from=<abc@outlook.com> to=<me@mydomain.com> proto=ESMTP helo=<SEYPR02CU001.outbound.protection.outlook.com>
Jun 14 15:56:20 server postfix/smtpd[322142]: disconnect from mail-koreacentralazolkn19013081.outbound.protection.outlook.com[52.103.74.81] ehlo=2 starttls=1 mail=1 rcpt=1/2 bdat=1 quit=1 commands=7/8
Email not visible in my inbox / junk / SPAM
Can someone help resolve this?
14
E-Mail / Re: Extending CWP with nextCloud
« on: June 09, 2025, 06:55:54 AM »I've always found VPS memory lacking and storage too pricey.
Agree
15
E-Mail / Extending CWP with nextCloud
« on: June 07, 2025, 06:23:31 AM »
NextCloud is a good open source fully free cloud platform
An integration of CWP with NextCloud would be a great addition
My taughts
Have next cloud at https://hostname/cloud or https://domain.tld/cloud or something similar
Admin set a default NextCloud Space. Give option to set this at package level
Each email created in CWP will have an account in nextcloud instance
An integration of CWP with NextCloud would be a great addition
My taughts
Have next cloud at https://hostname/cloud or https://domain.tld/cloud or something similar
Admin set a default NextCloud Space. Give option to set this at package level
Each email created in CWP will have an account in nextcloud instance
