Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
CentOS 7 Problems / Re: there is a cache on the server...
« on: Today at 07:45:30 AM »
Hard to say from here... Are you running redis, memcached, or varnish? All offer caching at various levels.
2
Information / Re: Service of update DDNS
« on: June 08, 2023, 02:01:19 PM »I've been watching CWP7 for a while and now I'm about to migrate 10 servers that currently use WHM/CPANEL to CWP7...You won't be sorry! Once cPanel increased their monthly fees with their great ca$h grab a few years back, I ditched them and migrated a dedicated server, a VPS, a reseller account account, and a couple of single cPanel accounts to CWP. I have not looked back!
You do realize your servers need to be on static IPs, right? And it's on the client side that you need DDNS? Many DDNS services have clients for any platform, or you can use a curl or wget script run by cron to update IPs. As Igor says, that's beyond the scope of CWP -- but shouldn't be a deal-killer as you can work around it.
3
Other / Re: cronjop problem
« on: June 06, 2023, 02:17:58 PM »
Note that running just "php" from a shell session will likely run it under the default CWP php 7.2 version with its modules and environment. You would likely want to run your cronjobs.php via whatever is your default PHP version. So if you are running 8.0 under php-fpm, then it would be:
Code: [Select]
/opt/alt/php-fpm81/usr/bin/php -q /home/uzman/public_html/coremio/cronjobs.php
4
MySQL / Re: User "Any" in phpmyadmin
« on: June 06, 2023, 02:12:50 PM »
Which DB? Probably an erroneous entry from an errant SQL query somewhere along the line...
5
Other / Re: cronjop problem
« on: June 05, 2023, 04:17:22 AM »
I'm still not sure what you're trying to accomplish -- are you adding a CMS PHP file (cronjobs.php) that should run periodically/daily? What is your normal PHP version?
6
Mod_Security / Re: Reseller panel - Login error
« on: June 03, 2023, 10:56:20 PM »
Disable Mod Security altogether and the CSF firewall and see if it works then. Then work your way backwards, re-enabling and testing each part in series. Are you for sure using the OWASP ruleset with Mod Security (as it looks by the logs)? Try the Comodo ruleset, as it is more friendly as a starting point.
7
Other / Re: cronjop problem
« on: June 03, 2023, 10:53:46 PM »
Need more info about what your configuration is like and what you are trying to accomplish...
8
CentOS-WebPanel Bugs / Re: Email and email forwarders
« on: June 03, 2023, 02:40:08 AM »
This is also true of other unescaped, illegal characters in the e-mail address. You can also fix this directly in the database if you need to. But it is very true the devs should give this some attention and sanitize the input and check for illegal characters.
(An interesting aside, on on LAMP server I tried to set a passphrase that ended with an ellipsis ... -- which the IMAP server interpreted as a full stop command -- so it would never accept the passphrase, even though it was typed correctly.)
(An interesting aside, on on LAMP server I tried to set a passphrase that ended with an ellipsis ... -- which the IMAP server interpreted as a full stop command -- so it would never accept the passphrase, even though it was typed correctly.)
9
CentOS-WebPanel Bugs / Re: Cant login to CWP User :2083
« on: June 03, 2023, 02:35:38 AM »
When I see errors re: "The encoded file... has expired" it makes me believe it is an IonCube problem, which is either a non up-to-date CWP installation or PHP version. Is your CWP fully up to date? Did you run
Code: [Select]
yum -y update
/scripts/update_ioncube
/scripts/update_cwp
10
E-Mail / Re: problems with spam, abuse
« on: June 03, 2023, 02:23:52 AM »
Who is "they"?
Do you have specific configuration information, more details, relevant logs, queue error messages, message rejection notices or anything else? It takes a lot of detail to sort these kinds of things out.
Do you have specific configuration information, more details, relevant logs, queue error messages, message rejection notices or anything else? It takes a lot of detail to sort these kinds of things out.
11
E-Mail / Re: Spamhaus
« on: June 03, 2023, 02:22:25 AM »
I'm not sure I'm understanding your question. SpamHaus is one of the "good guys" and I use their zen.spamhaus.org RBL on all my mail servers. They now require you have an account and generate a server-specific key, but you shouldn't have any trouble with their traffic usage levels for personal/small scale use. Are you running into a misconfiguration or are you getting bounce messages about your server being an open resolver?
12
E-Mail / Re: Fwd: Delayed Mail (still being retried)
« on: June 03, 2023, 02:20:05 AM »
Is Amavis not running on your mail server?
13
CentOS 7 Problems / Re: CWP PRO Panel White blank page cause of cron.php has expired.
« on: June 03, 2023, 02:17:27 AM »
You followed rcschaff's post, following the CentOS 7 steps (carefully)?
14
E-Mail / Re: I received email from my own email account
« on: June 03, 2023, 02:14:25 AM »
Do you need a generic e-mail address like "contact@yourdomain.com"? That is easily guessed and likely on many spammer e-mail lists, so you're better off with something more specialized to avoid high volumes of generic spam. Or you could implement an obfuscated e-mail like the DuckDuckGo @duck.com forwarders.
That IP resolves to Thailand. Do you (or anyone on your server) do business with Thailand? If not, consider blocking that country via the CSF firewall. Also consider blocking the other top 10 spam source countries if you don't need to communicate with them.
Do you have proper UCE (unsolicited commercial e-mail) settings on your postfix config? Consider implementing zen.spamhaus.org RBL, if not many more RBLs to shut down a large percentage of spam. SpamAssassin is farther down the chain so it is best to stop spam at the gate if it fails various helo or FQDN checks or is RBL-listed.
Another option I use on a high traffic mail server is ASSP (Anti-Spam SMTP Proxy). It sits on the edge as a dedicated anti-spam solution, running on ports 25, 465, and 587. It is HIGHLY configurable and not so resource intensive. I have trained its corpus and block about 75% of incoming, non-local mail. Then it passes mail onto Postfix which runs on an alternate SMTP port (1025 or whatever). And Postfix can still be set up to use RBLs and do HELO and FQDN and other checks, so you effectively have 2 high hurdles for spam to pass.
That IP resolves to Thailand. Do you (or anyone on your server) do business with Thailand? If not, consider blocking that country via the CSF firewall. Also consider blocking the other top 10 spam source countries if you don't need to communicate with them.
Do you have proper UCE (unsolicited commercial e-mail) settings on your postfix config? Consider implementing zen.spamhaus.org RBL, if not many more RBLs to shut down a large percentage of spam. SpamAssassin is farther down the chain so it is best to stop spam at the gate if it fails various helo or FQDN checks or is RBL-listed.
Another option I use on a high traffic mail server is ASSP (Anti-Spam SMTP Proxy). It sits on the edge as a dedicated anti-spam solution, running on ports 25, 465, and 587. It is HIGHLY configurable and not so resource intensive. I have trained its corpus and block about 75% of incoming, non-local mail. Then it passes mail onto Postfix which runs on an alternate SMTP port (1025 or whatever). And Postfix can still be set up to use RBLs and do HELO and FQDN and other checks, so you effectively have 2 high hurdles for spam to pass.
15
Other / Re: Updating cURL and OpenSSL/1.0.2k-fips
« on: June 02, 2023, 01:26:05 PM »
Do you mean you successfully updated OpenSSL to 1.1.1k but it didn't get rid of your curl error?
Or do you mean that updating to OpenSSL 1.1.1k hosed the whole system (too many dependencies, not compatible with the CWP stack)? I'm curious because I would upgrade my OpenSSL to 1.1.1 if I knew it worked with CWP. Then I would probably ride like that until I ditch CentOS 7 in spring of 2024.
Or do you mean that updating to OpenSSL 1.1.1k hosed the whole system (too many dependencies, not compatible with the CWP stack)? I'm curious because I would upgrade my OpenSSL to 1.1.1 if I knew it worked with CWP. Then I would probably ride like that until I ditch CentOS 7 in spring of 2024.
