Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - itmonitor

Pages: [1]
1
Information / Installing cypher suites (keys)
« on: April 04, 2020, 10:08:16 PM »
Hello, I could not find information on how to install cypher keys in CWPanel. Any advice pointing me to the right information is welcome. :-)

2
E-Mail / Where is the Roundcube webmail folder in CWPanel Pro?
« on: April 04, 2020, 10:30:58 AM »
Hi! :-)

Please, where is the Roundcube webmail folder in CWPanel Pro?

Rgs

IM

3
SSL / CWP serves old SSL to Outlook 2016
« on: June 11, 2019, 11:57:25 AM »
Hi!

At the domain registrar, one of my domains, mydomain.com, is pointing correctly to my CWP Panel Pro server's IP.

My old SSL for the subdomain xxx.mydomain.com expired a couple of days ago. It did not renewed automatically. I go to CWP>AutoSSL and renewed it. It renewed successfully. But still when starting Outlook 2016, Outlook will warn me the SSL is expired. Also, my server which is at xxx.mydomain.com is not under HTTPS anymore.

Steps I did:
1. I deleted the AutoSSL certificate from CWP and reinstalled it from scratch and rebooted the server
2. I deleted all the Let's Encrypt SSL certs from my Windows 10 PC
3. I deleted all the Let's Encrypt SSL certs from my browsers
4. I erased Outlook 2016 cache
5.  I flushed my Windows 10 DNS cache resolver

Seems like the issue is not with my PC but with the CWP server. Every time I boot Outlook 2016 it will show me the warning that the SSL at the server is expired.

Please, CWP Pro people, let me know how to fix this issue.

Rgs

IM
 

4
Information / CWP "Danger hidden processes" message will not go away
« on: April 23, 2019, 07:28:14 AM »
Hi!

Every time I log into CWP Panel, there is this message "Danger: Hidden Processes - SECURITY ISSUE". I click on the hyperlink "here" and it opens a page where I click the green button "Enable Protection". I do this for every user listed in the drop-down menu in this CWP Panel page. I click on the X to close the warning message "Danger: Hidden Processes - SECURITY ISSUE" will never go away. On testing each user, all have Status Active Permanent Enabled.

However, when I login into the CWP Panel the next day, there it is again the warning message "Danger: Hidden Processes - SECURITY ISSUE". I check the users, all are Permanent Enabled.

Please, any advice to fix this issue is welcome.

rgs.

5
Information / How to enable CWP Panel packages auto update
« on: April 13, 2019, 09:24:23 AM »
Hi, please how to enable packages autoupdate for CWP Panel?

6
Apache / HSTS in CWP
« on: April 10, 2019, 03:21:43 PM »
Hi! Not sure this is the right forum. Could anybody point me to instructions on how to setup HSTS in CWP?

Any advice is welcome.

Rgs

IM

7
Hello. We are trying to install AutoSSL certificates through CWP. After some trials and with the help of the Let's Encrypt support, seems like CWP is merging the cert.pem and fullchain.pem . This results in duplicate SSL installs for a domain and increases website load time. Please, see the thread here https://community.letsencrypt.org/t/lets-encrypt-outlook-office-365-target-principal-name-is-incorrect/88942/6

also, when installing an AutoSSL certificate through CWP, it will install but will not display in the CWP SSL cert list page.

On my side, I am ready to cooperate with CWP to find/solve any bugs - if any.

Any advice to solve those issues is welcome.

IM

8
Mod_Security / OWASP is triggering on Roundcube login in CWP
« on: March 14, 2019, 08:39:20 PM »
Hi!

OWASP triggers on a xss attack and blocks email sending/forwarding in Roundcube. It will work only when I disable mod_security. Please, any advice to sole this issue is welcome.

Code: [Select]
[Thu Mar 14 21:17:20.802643 2019] [:error] [pid 22926:tid 140178286909184] [client 95.90.228.143:1153] [client 95.90.228.143] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\ballowscriptaccess\\\\b|\\\\brel\\\\b\\\\W*?=" at ARGS:_message. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "304"] [id "973301"] [rev "2"] [msg "XSS Attack Detected"] [data "Matched Data: rel= found within ARGS:_message: <p>test</p>\\x0d\\x0a<div id=\\x22_rc_sig\\x22>&nbsp;</div>\\x0d\\x0a<p>&nbsp;</p>\\x0d\\x0a<p>el 2019-03-14 13:27, ;:</p>\\x0d\\x0a<blockquote><!-- html ignored --><!-- head ignored --><!-- meta ignored -->\\x0d\\x0a<div class=\\x22pre\\x22>gracias, cual es el numero del booking del cami&oacute;n y el numero del contenedor? no los encuentro en el fichero que me enviaste.<br /> <br /> <br /> j. sobota <br /> aksert <br /> t: +49 6132 977197 | f: +4..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "www.www.www
"] [uri "/webmail/"] [unique_id "xxx"], referer: http://xxx.xxx.xxx/webmail/?_task=mail&_action=compose&_id=15578827575c8ab6cb5ce70

9
Postfix / force postfix email to SSL
« on: March 14, 2019, 07:47:59 PM »
Hi,

is there a way to force SSL for all emails in Postfix? The present config is below, but I can still setup and use a non-SSL email:

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

Any help is appreciated.


10
Information / CWP email send on login
« on: March 13, 2019, 11:59:35 PM »
Hello,

please, how to setup CWP to send an email every time someone login into it?

rgs

IM

11
Installation / Adding CAA record on CWP
« on: March 11, 2019, 09:00:48 PM »
Hello,

How to add a CAA record on CWP? Is it through a CNAME, TXT, PTR or other? Where do I add it in CWP.

Any advice is welcome

rgs

12
Installation / Splitting Email with CWP
« on: March 08, 2019, 09:58:51 AM »
Hello.

We are thinking about moving from WHM into CWP. However, our emails have a particular setting: from the 10 emails we have 9 are processed in the server using Exim and 1 is split and goes through Office 365 as we have a plan there for this one email.

The email split is done at Exim level at WHM. CWP has no Exim, I think. Questions:

1. Does Exim can be installed with CWP?
2. Alternatively, is there a way to split emails using the CWP native email services?

Any advice is welcome.

Rgs

IM

Pages: [1]