Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
PHP Selector / [Tutorial] Fix PHP-FPM file permission denial
« on: October 14, 2019, 11:46:15 AM »
As you might already know PHP-FPM "trial" has ended and now you have to pay to use it.
To continue using PHP/PHP-FPM Selector you need to have CWPpro.
If you have activated it and don't want to keep using it (since you have to pay for it), you have to disable it, otherwise your websites will be down after a couple of time (even if you fix the file permissions that the service requests).
This issue is due to a file permission change on file "/opt/alt/php-fpm72/usr/sbin/php-fpm" by something on the server that is taking down this pay-to-use-service, since you haven't paid to use it, you don't have the right to use it, which is fair enough.
[Proceed bellow at your own risck - this is how I've done it, follow along by your own choice]
Before you doing this, i highly recommend you to backup this folder, since this process will rebuild your vhosts and you might need to fix some configurations later:
/usr/local/apache/conf.d/vhosts
So to disable it, you need to go to the side menu called "WebServer Settings" - "WebServers Domain Conf" and select one of your users (you need to do this to every user you have)
After you select the user, select domains tab, check all your checkboxes you have on all your domains that you have on this user you have selected and then click on "Custom config all selected"
Then select apache->php-cgi. On "Apache Configuration" group options, leave it as default and make sure you select the option to rebuild webservers
Don't forget to do the same to your sub-domains, and domains of all users you have:
Then to test this, connect via SSH and send out these commands:
And take a look if your websites are now working again.
If you have "Internal Server Error" you might need to fix your new vhosts, based on your backup files.
Some other problems might occur, be ready to fix them
i just needed to do this.
To continue using PHP/PHP-FPM Selector you need to have CWPpro.
If you have activated it and don't want to keep using it (since you have to pay for it), you have to disable it, otherwise your websites will be down after a couple of time (even if you fix the file permissions that the service requests).
This issue is due to a file permission change on file "/opt/alt/php-fpm72/usr/sbin/php-fpm" by something on the server that is taking down this pay-to-use-service, since you haven't paid to use it, you don't have the right to use it, which is fair enough.
[Proceed bellow at your own risck - this is how I've done it, follow along by your own choice]
Before you doing this, i highly recommend you to backup this folder, since this process will rebuild your vhosts and you might need to fix some configurations later:
/usr/local/apache/conf.d/vhosts
So to disable it, you need to go to the side menu called "WebServer Settings" - "WebServers Domain Conf" and select one of your users (you need to do this to every user you have)
After you select the user, select domains tab, check all your checkboxes you have on all your domains that you have on this user you have selected and then click on "Custom config all selected"
Then select apache->php-cgi. On "Apache Configuration" group options, leave it as default and make sure you select the option to rebuild webservers
Don't forget to do the same to your sub-domains, and domains of all users you have:
Then to test this, connect via SSH and send out these commands:
Code: [Select]
service httpd reload
service httpd restart
service php-fpm72 stop
And take a look if your websites are now working again.
If you have "Internal Server Error" you might need to fix your new vhosts, based on your backup files.
Some other problems might occur, be ready to fix them
i just needed to do this.
2
New Modules / [module] PhpMyAdmin auto login
« on: May 18, 2015, 02:53:40 PM »
This helps you to login directly to phpMyAdmin with one click
Note: You might also be interested on: http://forum.centos-webpanel.com/new-modules/%28module%29-favorites-top-bar/msg2604/#msg2604
Please give a support message if you use this module
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Then create a new file called "phpMyAdmin_autologin.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
If you want to avoid that "unsecured access" message that pops up on your browser, just activate SSL on your phpmyadmin and also change the "action" in the form and you are ready to go
Note: You might also be interested on: http://forum.centos-webpanel.com/new-modules/%28module%29-favorites-top-bar/msg2604/#msg2604
Please give a support message if you use this module
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Quote
<li><a href="index.php?module=phpMyAdmin_autologin" target="_blank"><span class="icon16 icomoon-icon-arrow-right-3"></span>PhpMyAdmin auto login</a></li>
Then create a new file called "phpMyAdmin_autologin.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
Quote
<h3>Redirecting to phpMyAdmin...</h3>
This might take a few seconds.<br>
Click <a href="#" onclick="location.reload();">here</a> to try again.
<form method="post" id="phpMyAdmin_Form" action="http://<?php echo $_SERVER["SERVER_NAME"];?>/phpMyAdmin/" name="login_form" style="display:none">
<input type="text" name="pma_username" id="input_username" value="root" size="24" class="textfield"/>
<input type="password" name="pma_password" id="input_password" value="<?php echo $db_pass ?>" size="24" class="textfield" />
<input type="hidden" name="server" value="1" />
<input value="Exec" type="submit" id="input_go" />
<input type="hidden" name="target" value="index.php" />
</form>
<script>
$('#phpMyAdmin_Form').submit();
</script>
If you want to avoid that "unsecured access" message that pops up on your browser, just activate SSL on your phpmyadmin and also change the "action" in the form and you are ready to go
3
How to / [Tutorial][Windows users] How to test your server before putting it on-line
« on: April 28, 2015, 10:29:11 PM »
You might want to test your new server before pointing your domains to it because you are not sure if it was well configured, so you have to test it out before doing something that you might regret about it.
This tutorial is only for windows users (but you are able to do this on linux, try to search for similar)
---
First you need to simulate your domains and sub-domains on your computer, so edit:
C:\Windows\System32\drivers\etc\hosts (open it with notepad)
And imagine that your server IP is "192.168.30.133" and your domains are "fancydomain.com" and "awesomedomain.com", just add these lines
(You can test subdomains as well like: "192.168.30.133 subdomain.fancydomain.com")
Also clean your DNS cache by executing this windows console command:
I also recommend you to clear your internet browser cache.
Also ping your domains to see if they are correctly pointed to your server. On your windows console, type:
You should have something like
Also ping your subdomains!!!
--
This configuration overwrites your hosts locally, so the domains that you are using, doesn't even need to exist, you just need to create and configure them on your server so when they exist, your server will know how to handle them.
After all the tests, and your domains are directly pointed to your server, i recommend you to remove this configuration or just comment every line you added it with an "#" - otherwise you might start not to see the same as your visitors.
-------------
You might also need to test your email accounts, but this configuration above is not going to do anything for you, since this is configured locally and gmail (for example) is not going to know your local configurations - so gmail is not going to send out emails to your server.
But we can simulate the same gmail steps that gmail (or any other email provider) does, for this i recommend you to use windows telnet (if you are using Windows 7 or above you need to activate telnet since it doesn't came installed anymore - see here how to)
After you have Telnet installed, open your Windows Console and execute:
Then execute these commands:
If you want to test if your server is sending emails, you can send it throw roundcube to a gmail account (i use gmail, it doesn't complain too much) and always take a look at your gmail spam folder because it might get there.
Also take a look on your server mail queue (go to: Email - Manage Mail Queue) for details if it gets queued.
Also be aware that if you have "Reject Unknown Hostname" configured on your "Postfix Manager", you'll not be able to send emails from your computer to your server, because you might not have a known hostname, so disable that option and test it without it, and in the future, you can active it if you want to.
I always recommend you to test all domains when talking about emails.
-------------
Hope it helped, it's how i do it every time i need to
This tutorial is only for windows users (but you are able to do this on linux, try to search for similar)
---
First you need to simulate your domains and sub-domains on your computer, so edit:
C:\Windows\System32\drivers\etc\hosts (open it with notepad)
And imagine that your server IP is "192.168.30.133" and your domains are "fancydomain.com" and "awesomedomain.com", just add these lines
Quote
#Simulate my server("www." doesn't need to be configured but you might need to access throw "www." to your websites and without this configuration you'll not able to access it, because "www." is a sub-domain and it needs to be configured)
192.168.30.133 fancydomain.com
192.168.30.133 www.fancydomain.com
192.168.30.133 awesomedomain.com
192.168.30.133 www.awesomedomain.com
(You can test subdomains as well like: "192.168.30.133 subdomain.fancydomain.com")
Also clean your DNS cache by executing this windows console command:
Quote
ipconfig /flushdns
I also recommend you to clear your internet browser cache.
Also ping your domains to see if they are correctly pointed to your server. On your windows console, type:
Quote
ping fancydomain.com
You should have something like
Quote
Pinging fancydomain.com [192.168.30.133] with 32 data bytes:If it returns your server IP (in this case "192.168.30.133", everything is right)
Reply from 192.168.30.133: bytes=32 tempo=63ms TTL=53
Reply from 192.168.30.133: bytes=32 tempo=63ms TTL=53
Reply from 192.168.30.133: bytes=32 tempo=63ms TTL=53
....
Also ping your subdomains!!!
--
This configuration overwrites your hosts locally, so the domains that you are using, doesn't even need to exist, you just need to create and configure them on your server so when they exist, your server will know how to handle them.
After all the tests, and your domains are directly pointed to your server, i recommend you to remove this configuration or just comment every line you added it with an "#" - otherwise you might start not to see the same as your visitors.
-------------
You might also need to test your email accounts, but this configuration above is not going to do anything for you, since this is configured locally and gmail (for example) is not going to know your local configurations - so gmail is not going to send out emails to your server.
But we can simulate the same gmail steps that gmail (or any other email provider) does, for this i recommend you to use windows telnet (if you are using Windows 7 or above you need to activate telnet since it doesn't came installed anymore - see here how to)
After you have Telnet installed, open your Windows Console and execute:
Quote
telnet 192.168.30.133 25(192.168.30.133 is your SMTP server IP - usually is the same as your server IP)
Then execute these commands:
Quote
---- SMTP COMMANDS TO EXECUTE------
HELO this_is_me.com
mail from: pedro@this_is_me.com
rcpt to:<pedromidiasf@domain_to_test.com> always add "< >" to the email you want to test
data
From: pedro@this_is_me.com
Subject: test email
(blank paragraph)
this is an email
.
---- END OF SMTP COMMANDS------
If you want to test if your server is sending emails, you can send it throw roundcube to a gmail account (i use gmail, it doesn't complain too much) and always take a look at your gmail spam folder because it might get there.
Also take a look on your server mail queue (go to: Email - Manage Mail Queue) for details if it gets queued.
Also be aware that if you have "Reject Unknown Hostname" configured on your "Postfix Manager", you'll not be able to send emails from your computer to your server, because you might not have a known hostname, so disable that option and test it without it, and in the future, you can active it if you want to.
I always recommend you to test all domains when talking about emails.
-------------
Hope it helped, it's how i do it every time i need to
4
Installation / [Tutorial] How to configure your server
« on: April 28, 2015, 08:25:20 PM »
Read everything first before doing something wrong
You might also be interested on this tutorial: http://forum.centos-webpanel.com/how-to/%28tutorial%29%28windows-users%29-how-to-configure-test-your-server/
----
After you proceed with these steeps:
http://centos-webpanel.com/installation-instructions
You'll have a fresh installation and you will need to configure your server step-by-step.
The following tutorial explains how to configure more than 1 domain with different domain accounts.
Usually i configure every domain with a different account, so i have everything split and if i need to give access to someone i don't give them access to everything - altho you can create 1 Main account with your main domain and add add-on domains, but i don't recommend you to do it this way, because of what i explained above.
User advise:
I'm not responsible for your actions and configurations, everything that you do based on my tutorial it's your own responsibility.
These are the steeps that i make every time i have to format and reinstall my server - this was tested before.
------------------------------ Let's proceed ----------------------------
Every action as index.php?module=bla-bla-bla this refers to the page that you need to access, so, for example, if your CWP webpage is https://37.100.200.100:2031/ you'll need to access to the link: https://37.100.200.100:2031/index.php?module=bla-bla-bla
------
I'm using dynadot as my DNS provider, so i have to configure this (if you are using other DNS provider, please take your time to ask them what should be your DNS domains):
index.php?module=nameservers - Name servers configuration (DNS Functions - Edit Nameservers IPs)
NS1 SubDomain: ns1.dynadot.com
NS2 SubDomain: ns2.dynadot.com
NS1 IP: 127.0.0.1
NS2 IP: 127.0.0.1
Overwrite DNS Zone file: Check
Restart DNS Server: Check
If you want to use Centos DNS configurations, just leave it as it is
------
index.php?module=settings - Server settings (CWP Settings - Edit Settings)
Shared IP: (same as default)
Apache Port: 80
Root Email: (some email that you use, it can be an email that is going to be created in the previous future on your server - it should be created or exist already because you might want to receive important emails from it)
Forward root emails: (It's up to you, if you check it, you'll receive Cronjobs emails daily, and this might not be usefull for you, i leave it un-checked)
------
index.php?module=change_hostname - Hostname (Server Settings - Change Hostname)
hostname: (Every server has a main domain, for example: mycompanny.com, you have to configure this based on that, usually i add "srv1." before my main domain, example: svr1.mycompanny.com - also mycompanny.com should be registered already and you should have control of it, otherwise your emails are going to be sent with an invalid hostname
- I also recommend you to add an A record to your DNS based on your hostname, for example: svr1.mycompanny.com > A > 37.100.200.100 (your server IP address that you are configuring)
- Never add "http://" or "www"
- Always add a sub-domain to your hostname like "srv1." or whatever you feel right (don't forget the "." on your sub-domain).
- Make sure you don't mess with this configurations, because it's going to ruin your email configurations.
------
/index.php?module=edit_package&id=1 - Edit your main packadge (Packages - List Packages - [Edit Package])
- Since my server is to be used just by me, and i have total control of it, i configure it with almost no restrictions, but take care on my notes.
Disk Quota: This is the quota of diskspace that every sever user should have (maximum) - you have to install disk quota before if you want to make this work, i don't need it so i just ignore this and leave it as it is or just configure it as 0 (zero))
Bandwidth: 9999999
FTP Accounts: 100
Email Accounts: 300
Email Lists: 500
Databases: 500
Sub Domains: 500
Parked Domains: 500
Addon Domains: 500
Hourly Emails: 500 (I don't recommend you to configure it like 9999999, because you might one day have an hacker on your server destroying your email reputation blacklisting it, by sending spam out of it, mining emails accounts, etc.)
Update Quota: Check
------
index.php?module=new_account - Creating a new account (User Accounts - New Account)
- If you have more than one domain, i recommend you to repeat this step over and over for each domain, before proceed to the next steps (altho you can do this in the future any time, but keep yourself organized).
domain: mycompanny.com
username: mycomp
email: (usually i use the same as i've configured on the host name)
Shell Access: uncheck (usually i access to my server as root user, but if you want to give SSH access to other people, check it! It's more secure!)
Processes: 40
(the other fields, leave them as they are)
-----
index.php?module=postfix_manager - configure your email (Email - Postfix Manager)
AntiSpam/AntiVirus: Uncheck - If you check this, you'll have to remove manually the spam that you get on your server (spam get email queue) - usually i don't check this option, i let the other people clean their own spam by themselves - but this is up to you.
rDNS Check: Check - But take in mind that every email that doesn't complain with this, will get mail queued as well
Install DKIM & SPF: Check - This is very useful and you should have this! So you can sign and verify your emails so they never go to spam
Reject Unknown Hostname: Check - But take in mind that every email that doesn't complain with this, will get mail queued as well
Hostname: (don't change this!!)
Domain: (don't change this!! It must be equal to the hostname but without the subdomain, for example if your hostname is "svr1.mycompanny.com", your domain should be "mycompanny.com" (in this case, without "srv1."))
(Althow by my needs i just check: Install DKIM & SPF)
1) Press: Rebuild Mail Server
2) Press: Restart All Mail Server Services
-----
Go to your webserver directory /etc/postfix/ and edit the file: main.cf
> Edit the line:
mydestination = $myhostname, localhost.$mydomain, localhost
> To:
mydestination = localhost.$mydomain, localhost
> Add to the end of the file:
spamass_destination_recipient_limit = 1
dovecot_destination_recipient_limit = 1
(this fix a lot of problems on having multiple domains on your server, sometimes you can't receive emails on some domains - with this modification everything will work just fine)
- If you "Rebuild Mail Server" again, you'll need to reconfigure this once again!
------
index.php?module=mail_add-new - Create email accounts or email alias (Email - Add Email Account)
> Now you can create every email account or email alias you need to
------
index.php?module=phpini_editor - Edit PHP configurations (PHP Settings - PHP Simple Editor)
- If you need to import mysql Databases and they have more than 150MB, i recommend you to change this values first, based on your databases' size, then i recommend you to configure them as they were before, for security reasons.
upload_max_filesize = 500M
post_max_size = 500M
> Now you can import all databases you have throw phpmyadmin or other fancy way you use.
> When you finish importing databases, make sure you configure this values back again to their default values, to avoid security problems.
-----
index.php?module=file_editor&file=/usr/local/php/php.ini - Edit PHP main configurations (PHP Settings - PHP.ini Configuration)
> Search for "date.timezone", if this line starts with ";", remove the semicolon.
Configure it with your timezone, for example: date.timezone="Europe/Lisbon"
> Search for "disable_functions", if this line starts with ";", remove the semicolon.
Configure it as: disable_functions=system,exec,shell_exec,passthru,popen,proc_open,parse_ini_file,show_shource,symlink,chmod
This way, you'll increase your server security, avoiding an hacker to use some insecure php functions, but take in mind if you'll need some of those functions! If so, just remove them from the configuration!
-----
Restart your apache server at this point, you can do it by shell command "service httpd restart" or go to your CWP main page and restart it from there
-----
Now access to "/home/some user that you have created/public_html" and clean every file that you see there - do this for each user
-----
index.php?module=add_subdomain - Add new sub-domains (Domains - Add SubDomain)
- Create all sub-domains you need
- Make sure you configure the field "Path: /home/USERNAME" correctly, and always take a look on index.php?module=list_subdomains to see if everything is going as planned.
Note: You can also add domains, but i recommend you to create an individual account for each domain you have as mentioned on steep "Creating a new account"
-----
Now you can import every website file you have to each individual folder you have configured on your sub-Domains.
Do this with your FTP client.
> Note: You have created an account for each individual domain right? So if you want to import an website with a specific domain, you have to access with that specific account. But you can also access with root user, upload every website file and then fix every folder ownership permissions after the importation (next steep bellow) - if you don't do this, you'll see a server error.
-----
index.php?module=fix_acc_perm - Fix ownership permissions (User Accounts - Fix Permissions)
Sometimes you forget and you access with the root user and you upload files and your websites stop working (you see a server error instead), so i recommend you to fix permissions to each user you see on that combo box.
This option fix all folder permissions and ownership and everything starts working again.
----
If you need roundcube to allow users to store their passwords on their browser:
> Go to this directory "\usr\local\apache\htdocs\roundcube\config\" open "main.inc.php" with an editor
> And edit this $rcmail_config['login_autocomplete'] = 1
----
Every-time you send a php email throw mail() function, the email used there are based on your root user and your hostname, so if you want to change that to a new fancy email.
/index.php?module=file_editor&file=/usr/local/php/php.ini - Main php configurations (PHP Settings - PHP.ini Configuration)
> Search for "sendmail_path", if this line starts with ";", remove the semicolon.
And edit it by:
sendmail_path = /usr/sbin/sendmail -t -i -f fancyName@myFancyDomain.com
> The email name can be anything you want to, and it doesn't need to exist on your server, but the domain used on that email should exist on your server - you cant just create an fancy domain like that young boy! Otherwise, your PHP emails are going to the spam folder.
----
Now you should configure your domain redirections
> Go to this directory "/usr/local/apache/conf.d/" open "domain-redirects.conf" with an editor
I recommend you to remove everything, for security reasons
> Then add these 2 lines:
RewriteEngine on
Alias /mail /usr/local/apache/htdocs/roundcube
> This allows you to redirect to roundcube every-time you access to http://www.anyone_of_my_domains.com/mail
> Note, i don't recommend you to access to roundcube with your server IP, like: https://37.100.200.100/roundcube because your emails are not going to be sent out with a specific domain, because roundcube doesn't know your domains so roundcube always send your emails based on your URL, and those emails might get into the spam folder.
> Go to this directory "/usr/local/apache/conf.d/" open "system-redirects.conf" with an editor
I recommend you to remove everything, for security reasons
> Add this line:
Redirect permanent /roundcube http://my_main_domain.com/mail
> my_main_domain.com - should be your main domain
----
/index.php?module=crontab - Cron jobs (Server Settings - Crontab)
If you need to create a specific job that is executed various times in time, you can use this option here.
You can, for example: reboot your server at 0AM of every day, for this:
> Area: "Add Common Cron Jobs"
> Settings: Once a day (0 0 * * *)
> Command: reboot
>This is recommended to be done, you can specific the day and the month you need to reboot your server, just follow the scheme on the right side
If you are receiving cronjob emails
> You can avoid it by adding (To "Add Full Custom Cron Jobs" area):
MAILTO=""
> Or you can specify another email, for example: MAILTO="myfancyemail@gmail.com" (it can be whatever email you need to)
If you want to edit this area manually, the file you should edit are stored on: "/var/spool/cron/" and it's called "root"
> Restart your crontab at this point, you can do it by shell command "service crond restart" or go to your CWP main page and restart it from there
----
If you access your server with your IP address, or access to a bad configured domain or subdomain - you'll see the centos-webpanel main page, if you want to change it or redirect users to elsewere when that happens, just go to "/usr/local/apache/htdocs" and edit the file "index.html"
-----
WebFTP is a Centos-Webpanel feature, i don't use it and for security reasons i disallow access to it, if you want to do the same
> Go to "/usr/local/apache/htdocs/" directory
> This website is stored on "webftp_simple" folder, you can simply change its name to anything else.
-----
PhpMyAdmin has a security rule of 1400 seconds per session, if you get inactive for that time, you lose your session and you have to re-login, and that is annoying, if you want to chose that
> Go to "/usr/local/apache/htdocs/phpMyAdmin/" directory, and edit the file "config.inc.php"
> Add this line to the bottom of your file:
$cfg['LoginCookieValidity'] = 10000;
> 10000 are the total of seconds for interaction, in this case: 2,78 hours
> Configure this value based on the value you feel better for yourself.
> 3600 - 1 hour | 7200 = 2 hours | 10 800 - 3 hours | ...
------
I'm using OVH services, and they allow me to have a backup storage for free (in this case i use NFS), this is basically an external server that is used only for cloud service proposes.
If you want to configure this, you just need to execute this commands on your SSH (i use putty)
Now you might have an OVH email with your NFS data, for example:
Then you need to mount a virtual folder by executing this SSH command:
mount -t nfs ftpback-blabla.ovh.net:/export/ftpbackup/myOvhHostName.eu /backup_storage
ftpback-blabla.ovh.net - FTP server
/export/ftpbackup/myOvhHostName.eu - Login
/backup_storage - Your destination server folder
Then you need to go to "/etc/" directory and edit "fstab" file with an editor
> Add this line to the bottom
ftpback-blabla.ovh.net:/export/ftpbackup/myOvhHostName.eu /backup_storage nfs rw 0 0
----
/index.php?module=backups - Configure backups (CWP Settings - Backup Configuration)
Enable Backup: Check
Backup Folder Location: /backup_storage (here i configure the NFS folder)
Daily Backup Retention: Check
Weekly Backup Retention: Check
Monthly Backup Retention: Check
MySQL Backup: Check
Backup All Users: Check
----
Reboot your server now
You might also be interested on this tutorial: http://forum.centos-webpanel.com/how-to/%28tutorial%29%28windows-users%29-how-to-configure-test-your-server/
----
After you proceed with these steeps:
http://centos-webpanel.com/installation-instructions
You'll have a fresh installation and you will need to configure your server step-by-step.
The following tutorial explains how to configure more than 1 domain with different domain accounts.
Usually i configure every domain with a different account, so i have everything split and if i need to give access to someone i don't give them access to everything - altho you can create 1 Main account with your main domain and add add-on domains, but i don't recommend you to do it this way, because of what i explained above.
User advise:
I'm not responsible for your actions and configurations, everything that you do based on my tutorial it's your own responsibility.
These are the steeps that i make every time i have to format and reinstall my server - this was tested before.
------------------------------ Let's proceed ----------------------------
Every action as index.php?module=bla-bla-bla this refers to the page that you need to access, so, for example, if your CWP webpage is https://37.100.200.100:2031/ you'll need to access to the link: https://37.100.200.100:2031/index.php?module=bla-bla-bla
------
I'm using dynadot as my DNS provider, so i have to configure this (if you are using other DNS provider, please take your time to ask them what should be your DNS domains):
index.php?module=nameservers - Name servers configuration (DNS Functions - Edit Nameservers IPs)
NS1 SubDomain: ns1.dynadot.com
NS2 SubDomain: ns2.dynadot.com
NS1 IP: 127.0.0.1
NS2 IP: 127.0.0.1
Overwrite DNS Zone file: Check
Restart DNS Server: Check
If you want to use Centos DNS configurations, just leave it as it is
------
index.php?module=settings - Server settings (CWP Settings - Edit Settings)
Shared IP: (same as default)
Apache Port: 80
Root Email: (some email that you use, it can be an email that is going to be created in the previous future on your server - it should be created or exist already because you might want to receive important emails from it)
Forward root emails: (It's up to you, if you check it, you'll receive Cronjobs emails daily, and this might not be usefull for you, i leave it un-checked)
------
index.php?module=change_hostname - Hostname (Server Settings - Change Hostname)
hostname: (Every server has a main domain, for example: mycompanny.com, you have to configure this based on that, usually i add "srv1." before my main domain, example: svr1.mycompanny.com - also mycompanny.com should be registered already and you should have control of it, otherwise your emails are going to be sent with an invalid hostname
- I also recommend you to add an A record to your DNS based on your hostname, for example: svr1.mycompanny.com > A > 37.100.200.100 (your server IP address that you are configuring)
- Never add "http://" or "www"
- Always add a sub-domain to your hostname like "srv1." or whatever you feel right (don't forget the "." on your sub-domain).
- Make sure you don't mess with this configurations, because it's going to ruin your email configurations.
------
/index.php?module=edit_package&id=1 - Edit your main packadge (Packages - List Packages - [Edit Package])
- Since my server is to be used just by me, and i have total control of it, i configure it with almost no restrictions, but take care on my notes.
Disk Quota: This is the quota of diskspace that every sever user should have (maximum) - you have to install disk quota before if you want to make this work, i don't need it so i just ignore this and leave it as it is or just configure it as 0 (zero))
Bandwidth: 9999999
FTP Accounts: 100
Email Accounts: 300
Email Lists: 500
Databases: 500
Sub Domains: 500
Parked Domains: 500
Addon Domains: 500
Hourly Emails: 500 (I don't recommend you to configure it like 9999999, because you might one day have an hacker on your server destroying your email reputation blacklisting it, by sending spam out of it, mining emails accounts, etc.)
Update Quota: Check
------
index.php?module=new_account - Creating a new account (User Accounts - New Account)
- If you have more than one domain, i recommend you to repeat this step over and over for each domain, before proceed to the next steps (altho you can do this in the future any time, but keep yourself organized).
domain: mycompanny.com
username: mycomp
email: (usually i use the same as i've configured on the host name)
Shell Access: uncheck (usually i access to my server as root user, but if you want to give SSH access to other people, check it! It's more secure!)
Processes: 40
(the other fields, leave them as they are)
-----
index.php?module=postfix_manager - configure your email (Email - Postfix Manager)
AntiSpam/AntiVirus: Uncheck - If you check this, you'll have to remove manually the spam that you get on your server (spam get email queue) - usually i don't check this option, i let the other people clean their own spam by themselves - but this is up to you.
rDNS Check: Check - But take in mind that every email that doesn't complain with this, will get mail queued as well
Install DKIM & SPF: Check - This is very useful and you should have this! So you can sign and verify your emails so they never go to spam
Reject Unknown Hostname: Check - But take in mind that every email that doesn't complain with this, will get mail queued as well
Hostname: (don't change this!!)
Domain: (don't change this!! It must be equal to the hostname but without the subdomain, for example if your hostname is "svr1.mycompanny.com", your domain should be "mycompanny.com" (in this case, without "srv1."))
(Althow by my needs i just check: Install DKIM & SPF)
1) Press: Rebuild Mail Server
2) Press: Restart All Mail Server Services
-----
Go to your webserver directory /etc/postfix/ and edit the file: main.cf
> Edit the line:
mydestination = $myhostname, localhost.$mydomain, localhost
> To:
mydestination = localhost.$mydomain, localhost
> Add to the end of the file:
spamass_destination_recipient_limit = 1
dovecot_destination_recipient_limit = 1
(this fix a lot of problems on having multiple domains on your server, sometimes you can't receive emails on some domains - with this modification everything will work just fine)
- If you "Rebuild Mail Server" again, you'll need to reconfigure this once again!
------
index.php?module=mail_add-new - Create email accounts or email alias (Email - Add Email Account)
> Now you can create every email account or email alias you need to
------
index.php?module=phpini_editor - Edit PHP configurations (PHP Settings - PHP Simple Editor)
- If you need to import mysql Databases and they have more than 150MB, i recommend you to change this values first, based on your databases' size, then i recommend you to configure them as they were before, for security reasons.
upload_max_filesize = 500M
post_max_size = 500M
> Now you can import all databases you have throw phpmyadmin or other fancy way you use.
> When you finish importing databases, make sure you configure this values back again to their default values, to avoid security problems.
-----
index.php?module=file_editor&file=/usr/local/php/php.ini - Edit PHP main configurations (PHP Settings - PHP.ini Configuration)
> Search for "date.timezone", if this line starts with ";", remove the semicolon.
Configure it with your timezone, for example: date.timezone="Europe/Lisbon"
> Search for "disable_functions", if this line starts with ";", remove the semicolon.
Configure it as: disable_functions=system,exec,shell_exec,passthru,popen,proc_open,parse_ini_file,show_shource,symlink,chmod
This way, you'll increase your server security, avoiding an hacker to use some insecure php functions, but take in mind if you'll need some of those functions! If so, just remove them from the configuration!
-----
Restart your apache server at this point, you can do it by shell command "service httpd restart" or go to your CWP main page and restart it from there
-----
Now access to "/home/some user that you have created/public_html" and clean every file that you see there - do this for each user
-----
index.php?module=add_subdomain - Add new sub-domains (Domains - Add SubDomain)
- Create all sub-domains you need
- Make sure you configure the field "Path: /home/USERNAME" correctly, and always take a look on index.php?module=list_subdomains to see if everything is going as planned.
Note: You can also add domains, but i recommend you to create an individual account for each domain you have as mentioned on steep "Creating a new account"
-----
Now you can import every website file you have to each individual folder you have configured on your sub-Domains.
Do this with your FTP client.
> Note: You have created an account for each individual domain right? So if you want to import an website with a specific domain, you have to access with that specific account. But you can also access with root user, upload every website file and then fix every folder ownership permissions after the importation (next steep bellow) - if you don't do this, you'll see a server error.
-----
index.php?module=fix_acc_perm - Fix ownership permissions (User Accounts - Fix Permissions)
Sometimes you forget and you access with the root user and you upload files and your websites stop working (you see a server error instead), so i recommend you to fix permissions to each user you see on that combo box.
This option fix all folder permissions and ownership and everything starts working again.
----
If you need roundcube to allow users to store their passwords on their browser:
> Go to this directory "\usr\local\apache\htdocs\roundcube\config\" open "main.inc.php" with an editor
> And edit this $rcmail_config['login_autocomplete'] = 1
----
Every-time you send a php email throw mail() function, the email used there are based on your root user and your hostname, so if you want to change that to a new fancy email.
/index.php?module=file_editor&file=/usr/local/php/php.ini - Main php configurations (PHP Settings - PHP.ini Configuration)
> Search for "sendmail_path", if this line starts with ";", remove the semicolon.
And edit it by:
sendmail_path = /usr/sbin/sendmail -t -i -f fancyName@myFancyDomain.com
> The email name can be anything you want to, and it doesn't need to exist on your server, but the domain used on that email should exist on your server - you cant just create an fancy domain like that young boy! Otherwise, your PHP emails are going to the spam folder.
----
Now you should configure your domain redirections
> Go to this directory "/usr/local/apache/conf.d/" open "domain-redirects.conf" with an editor
I recommend you to remove everything, for security reasons
> Then add these 2 lines:
RewriteEngine on
Alias /mail /usr/local/apache/htdocs/roundcube
> This allows you to redirect to roundcube every-time you access to http://www.anyone_of_my_domains.com/mail
> Note, i don't recommend you to access to roundcube with your server IP, like: https://37.100.200.100/roundcube because your emails are not going to be sent out with a specific domain, because roundcube doesn't know your domains so roundcube always send your emails based on your URL, and those emails might get into the spam folder.
> Go to this directory "/usr/local/apache/conf.d/" open "system-redirects.conf" with an editor
I recommend you to remove everything, for security reasons
> Add this line:
Redirect permanent /roundcube http://my_main_domain.com/mail
> my_main_domain.com - should be your main domain
----
/index.php?module=crontab - Cron jobs (Server Settings - Crontab)
If you need to create a specific job that is executed various times in time, you can use this option here.
You can, for example: reboot your server at 0AM of every day, for this:
> Area: "Add Common Cron Jobs"
> Settings: Once a day (0 0 * * *)
> Command: reboot
>This is recommended to be done, you can specific the day and the month you need to reboot your server, just follow the scheme on the right side
If you are receiving cronjob emails
> You can avoid it by adding (To "Add Full Custom Cron Jobs" area):
MAILTO=""
> Or you can specify another email, for example: MAILTO="myfancyemail@gmail.com" (it can be whatever email you need to)
If you want to edit this area manually, the file you should edit are stored on: "/var/spool/cron/" and it's called "root"
> Restart your crontab at this point, you can do it by shell command "service crond restart" or go to your CWP main page and restart it from there
----
If you access your server with your IP address, or access to a bad configured domain or subdomain - you'll see the centos-webpanel main page, if you want to change it or redirect users to elsewere when that happens, just go to "/usr/local/apache/htdocs" and edit the file "index.html"
-----
WebFTP is a Centos-Webpanel feature, i don't use it and for security reasons i disallow access to it, if you want to do the same
> Go to "/usr/local/apache/htdocs/" directory
> This website is stored on "webftp_simple" folder, you can simply change its name to anything else.
-----
PhpMyAdmin has a security rule of 1400 seconds per session, if you get inactive for that time, you lose your session and you have to re-login, and that is annoying, if you want to chose that
> Go to "/usr/local/apache/htdocs/phpMyAdmin/" directory, and edit the file "config.inc.php"
> Add this line to the bottom of your file:
$cfg['LoginCookieValidity'] = 10000;
> 10000 are the total of seconds for interaction, in this case: 2,78 hours
> Configure this value based on the value you feel better for yourself.
> 3600 - 1 hour | 7200 = 2 hours | 10 800 - 3 hours | ...
------
I'm using OVH services, and they allow me to have a backup storage for free (in this case i use NFS), this is basically an external server that is used only for cloud service proposes.
If you want to configure this, you just need to execute this commands on your SSH (i use putty)
Code: [Select]
yum install nfs-utils rpcbind
/etc/init.d/rpcbind startNow you might have an OVH email with your NFS data, for example:
Code: [Select]
Login: myOvhHostName.eu
Password: *******
FTP server: ftpback-blabla.ovh.netThen you need to mount a virtual folder by executing this SSH command:
mount -t nfs ftpback-blabla.ovh.net:/export/ftpbackup/myOvhHostName.eu /backup_storage
ftpback-blabla.ovh.net - FTP server
/export/ftpbackup/myOvhHostName.eu - Login
/backup_storage - Your destination server folder
Then you need to go to "/etc/" directory and edit "fstab" file with an editor
> Add this line to the bottom
ftpback-blabla.ovh.net:/export/ftpbackup/myOvhHostName.eu /backup_storage nfs rw 0 0
----
/index.php?module=backups - Configure backups (CWP Settings - Backup Configuration)
Enable Backup: Check
Backup Folder Location: /backup_storage (here i configure the NFS folder)
Daily Backup Retention: Check
Weekly Backup Retention: Check
Monthly Backup Retention: Check
MySQL Backup: Check
Backup All Users: Check
----
Reboot your server now
5
Updates / Disable auto-updater
« on: April 12, 2015, 12:48:01 PM »
How can i disable it? I want to do it manually when i feel right.
I'm making changes on my server (installing and configuring other things), and i don't want an update to destroy my configurations.
I'm making changes on my server (installing and configuring other things), and i don't want an update to destroy my configurations.
6
E-Mail / Relay access denied
« on: April 09, 2015, 09:03:02 PM »
I'm configuring a new email and i'm getting this STMP message:
- Relay access deniedts
220 xxxxxxxxxxxxxxxxxxx ESMTP Postfix
HELO yyyyyyyyyyyyyyyyyyyyyyy
250 ns348267.ip-37-187-253.eu
mail from: pedro@yyyyyyyyyyyyyyyyyyyyyyy
250 2.1.0 Ok
rcpt to:<pedro.ferreira@new_domain.com>
454 4.7.1 <pedro.ferreira@new_domain.com>: Relay access denied
The other domain works just fine (it's a primary domain), i tried to add a new primary domain with this domain but it's still the same.
Do you want me to share some files or configures? Please let me know
- Relay access deniedts
220 xxxxxxxxxxxxxxxxxxx ESMTP Postfix
HELO yyyyyyyyyyyyyyyyyyyyyyy
250 ns348267.ip-37-187-253.eu
mail from: pedro@yyyyyyyyyyyyyyyyyyyyyyy
250 2.1.0 Ok
rcpt to:<pedro.ferreira@new_domain.com>
454 4.7.1 <pedro.ferreira@new_domain.com>: Relay access denied
The other domain works just fine (it's a primary domain), i tried to add a new primary domain with this domain but it's still the same.
Do you want me to share some files or configures? Please let me know
7
New Modules / [module] Clear memory ram
« on: April 08, 2015, 07:44:19 PM »
This helps you to clear your memory ram avoiding your server to overload.
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Then create a new file called "clear_memory_ram.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Quote
<li><a href="index.php?module=clear_memory_ram"><span class="icon16 icomoon-icon-arrow-right-3"></span>Clear memory ram</a></li>
Then create a new file called "clear_memory_ram.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
Quote
<?php
exec('sync; echo 3 > /proc/sys/vm/drop_caches');
echo "Done!!";
?>
8
New Modules / [module] Favorites top bar
« on: April 05, 2015, 02:42:30 PM »
This module lets you add favorites to the top of your page
Add these lines to the bottom of: /usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
The red lines above are the options you can add to that dropdown menu, if you want to add more, just follow this rules:
<a class="op" href=" [URL goes here - with no spaces between quotes] "> [Text goes here] </a>
Add as much as you want
Tip: if you want every time to open a specific option on a new page, just add: target="_blank" before the >text option</a>
<a class="op" href="http://www.google.pt" target="_blank">Google</a>
Add these lines to the bottom of: /usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Quote
<!-- Fast access -->
<style>
.fast_access .items .op{
display:inline-block;
padding:5px;
padding-bottom: 0px;
width:100%;
}
.fast_access .items {
position:absolute;
background:#FFF;
padding-bottom: 5px;
display:none;
}
</style>
<li class="inactive fast_access">
<a href="#" class="bt">
<span class="icon16 icomoon-icon-star"></span> <span class="txt">Favorites</span>
<span class="hasDrop icon16 icomoon-icon-arrow-down-2"></span>
</a>
<div class="items">
<a class="op" href="index.php?module=postfix_queue">Mail Queue</a>
<a class="op" href="http://www.google.pt" target="_blank">Google</a>
</div>
</li>
<script>
$(".fast_access").appendTo(".navbar .nav:first");
$('.fast_access .bt').click(function(){
if($('.fast_access .items').is(':visible'))
$('.fast_access .items').hide();
else
$('.fast_access .items').show();
});
</script>
<!-- //Fast access -->
The red lines above are the options you can add to that dropdown menu, if you want to add more, just follow this rules:
<a class="op" href=" [URL goes here - with no spaces between quotes] "> [Text goes here] </a>
Add as much as you want
Tip: if you want every time to open a specific option on a new page, just add: target="_blank" before the >text option</a>
<a class="op" href="http://www.google.pt" target="_blank">Google</a>
9
New Modules / [module] Last Modified files
« on: March 23, 2015, 12:33:18 AM »
This helps you to see if someone hacked your server and has changed or created new files.
You are able to choose between 2 dates
Features:
- Highlight executable files such as 'sh', 'asp', 'cgi', 'php', 'php3', 'ph3', 'php4', 'ph4', 'php5', 'ph5', 'phtm', 'phtml'
- Date and time of modification
- MD5 checksum of each file
- All information is from "/home" directory
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Then create a new file called "last_files_changed.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
You are able to choose between 2 dates
Features:
- Highlight executable files such as 'sh', 'asp', 'cgi', 'php', 'php3', 'ph3', 'php4', 'ph4', 'php5', 'ph5', 'phtm', 'phtml'
- Date and time of modification
- MD5 checksum of each file
- All information is from "/home" directory
Add this line to:
/usr/local/cwpsrv/htdocs/resources/admin/include/3rdparty.php
Quote
<li><a href="index.php?module=last_files_changed"><span class="icon16 icomoon-icon-arrow-right-3"></span>Last Modified files</a></li>
Then create a new file called "last_files_changed.php" on:
/usr/local/cwpsrv/htdocs/resources/admin/modules
with this content:
Quote
<h1>Last Modified files</h1>
<form action="" method="post" class="form-horizontal">
<input name="ifpost" size="0" value="yes" type="hidden">
<table><tbody><tr><td>
<table align="left" border="0" cellpadding="5" cellspacing="1" width="650px">
<tbody><tr class="oddrowcolor">
<td colspan="1">Filter from:</td>
<td colspan="1"><input class="uniform-input text" name="start" value="<?php echo date('Y-m-d'); ?>" size="30" type="text"></td>
</tr>
<tr class="oddrowcolor">
<td colspan="1">to:</td>
<td colspan="1"><input class="uniform-input text" name="end" value="<?php echo date('Y-m-d',strtotime("+1 days")); ?>" size="30" type="text"></td>
</tr>
</tbody></table>
</td></tr>
<tr><td>
<br>
<div class="form-group">
<div class="col-lg-offset-3 col-lg-9">
<button type="submit" class="btn btn-info">Filter</button>
</div>
</div>
</td></tr></tbody></table>
</form>
<?php
if(isset($_POST['start'])){
$files = shell_exec("find /home -type f -newermt ".$_POST['start']." ! -newermt ".$_POST['end']);
$files = preg_split("/\n/", $files);
foreach ($files as $file){
if(trim($file) !=''){
$ext = pathinfo($file, PATHINFO_EXTENSION);
if(in_array(strtolower($ext),['sh', 'asp', 'cgi', 'php', 'php3', 'ph3', 'php4', 'ph4', 'php5', 'ph5', 'phtm', 'phtml']))
echo '<font color="red"><b>'.date ("F d Y H:i:s", filemtime($file)).'</b> '.$file.' <b>('.$ext.' file)</b></font>';
else
echo '<b>'.date ("F d Y H:i:s", filemtime($file)).'</b> '.$file;
echo ' - <b>checksum</b> ('.md5_file($file).')';
echo '</br>';
}
}
}
?>
10
DKIM / I'm a bit lost
« on: March 21, 2015, 09:42:54 PM »
I configured DKIM, I did this:
Over the panel:
(1) Email - DKIM & SPF Manager
(2) I selected my domain and i generated a DKIM key
(3) Then i took a look at: "/var/named/my_domain.com.db" and i found:
default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyPJGm1OFopzv9zfPm7DQfQP4CDSe1iNS0BAogvXqaX/viXOVgMDJmra2FaCm2h4BE3XNLBEhaR+iap3GwFCuRNM3EihL6RlpIT6zxUl4CDQSY0Mu3vCDcV59ycWoQvebanqQPKwU1fHH6dZkq22/ncwxW/rUENke2qXKLxybkrwIDAQAB"
(4) Then i went to DynaDot (my dns provider) and i added the TXT record
DOMAIN: default._domainkey.my_domain.com
TARGET:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyPJGm1OFopzv9zfPm7DQfQP4CDSe1iNS0BAogvXqaX/viXOVgMDJmra2FaCm2h4BE3XNLBEhaR+iap3GwFCuRNM3EihL6RlpIT6zxUl4CDQSY0Mu3vCDcV59ycWoQvebanqQPKwU1fHH6dZkq22/ncwxW/rUENke2qXKLxybkrwIDAQAB
I sent an email over roundcube to gmail but it's still not signed, what did i miss?
What else should i do?
Thanks for your time
Over the panel:
(1) Email - DKIM & SPF Manager
(2) I selected my domain and i generated a DKIM key
(3) Then i took a look at: "/var/named/my_domain.com.db" and i found:
default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyPJGm1OFopzv9zfPm7DQfQP4CDSe1iNS0BAogvXqaX/viXOVgMDJmra2FaCm2h4BE3XNLBEhaR+iap3GwFCuRNM3EihL6RlpIT6zxUl4CDQSY0Mu3vCDcV59ycWoQvebanqQPKwU1fHH6dZkq22/ncwxW/rUENke2qXKLxybkrwIDAQAB"
(4) Then i went to DynaDot (my dns provider) and i added the TXT record
DOMAIN: default._domainkey.my_domain.com
TARGET:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDyPJGm1OFopzv9zfPm7DQfQP4CDSe1iNS0BAogvXqaX/viXOVgMDJmra2FaCm2h4BE3XNLBEhaR+iap3GwFCuRNM3EihL6RlpIT6zxUl4CDQSY0Mu3vCDcV59ycWoQvebanqQPKwU1fHH6dZkq22/ncwxW/rUENke2qXKLxybkrwIDAQAB
I sent an email over roundcube to gmail but it's still not signed, what did i miss?
What else should i do?
Thanks for your time
Pages: [1]
