Messages

1

Postfix / Re: URGENT PLEASE HELP *UID Tracking* 6 blocks for UID 89 (postfix)

« on: November 24, 2023, 06:16:12 PM »

In my firewall the settings are this, I don't remember What i have done wrong, my server was under Ddos attack so I changed many setting to lower the attempts. So if you have any idea what is this how to block it. Also need to know my Mail Queue is getting full as most of the mails are showing Connection timed out. So please help..

TCP_IN = 20,21,25,53,80,110,143,443,465,587,993,995,2031,2083,2087,2096,2304

TCP_OUT = 20,21,110,143,80,82,113,443,2030,2031,2082,2083,2086,2087,2095,2096,587,993,995,2080,2443,9999,2703,8000,3306

It points to the Login Failure Daemon (LFD) using a custom trigger. Did you put something in place that is accidentally blocking postfix? This seems to be atypical behavior, something I haven't experienced myself...

2

Postfix / URGENT PLEASE HELP *UID Tracking* 6 blocks for UID 89 (postfix)

« on: November 23, 2023, 01:37:31 PM »

My server is under attack, I have tried many ways to block other attempts but I don't know how to block this *UID Tracking* 6 blocks for UID 89 (postfix) the fld.log didn't have much details. But in the email alert i found the attempt to postfix are from some IP range below is the details if some one can help how to block this will be helpfull,  As incoming and outgoing emails are totally stuck now.

Email Log message :

Code: [Select]

Sample of port hits:
Nov 23 19:02:38 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63421 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:41 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39843 DF PROTO=TCP SPT=55732 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:45 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63424 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:49 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39844 DF PROTO=TCP SPT=55732 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:49 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=1159 DF PROTO=TCP SPT=55734 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:53 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63425 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
1. on the same time of UID Tracking this log are also coming some time

Code: [Select]

Nov 23 18:15:17 cbwh lfd[21967]: (WPLOGIN) WP Login Attack 62.149.0.23 (UA/Ukraine/0-23.mcom2.cc.colocall.com): 10 in the last 3600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]
2

Code: [Select]

Nov 23 18:00:14 cbwh lfd[19670]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:29 cbwh lfd[19704]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:39 cbwh lfd[19722]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:54 cbwh lfd[19764]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:01:09 cbwh lfd[19819]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:02:04 cbwh lfd[20005]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:02:34 cbwh lfd[20116]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:03:09 cbwh lfd[20216]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:04:45 cbwh lfd[20401]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:05:30 cbwh lfd[20574]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:07:30 cbwh lfd[20812]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:08:05 cbwh lfd[20879]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:08:35 cbwh lfd[20931]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:09:31 cbwh lfd[21030]: *UID Tracking* 6 blocks for UID 89 (postfix)


3

CentOS 7 Problems / Can we delete File and folders under tmp Folder ?

« on: September 01, 2023, 07:58:55 PM »

Hi,

My server disk usage was increased recently no it was showing 87% So I don't know why it was like that I didn't have much website hosted under my server. I noticed there are many files under tmp Folder. In windows we mostly remove %temp% , Prefetch etc. So I need to know If there are folder or files which we can delete which will not effect our server or services. Please help me..

4

CentOS 7 Problems / Re: Error 503 Backend fetch failed on all website hosted in our server

« on: July 05, 2023, 08:14:02 AM »

Hi tried many way the varnish logs are not in the log folder I also run it from the log manager but the file was not generating in the Var/varnishn folder. Now each and every time I need to restart Apache Webserver and Varnish Cache Server to the website back to online If some one can help me that will be helpfull.

You'll have to look at the varnish logs. Do you have a WP varnish plugin to expiry the cache?

5

CentOS 7 Problems / Re: Error 503 Backend fetch failed on all website hosted in our server

« on: July 02, 2023, 08:45:58 AM »

Any one have any idea to resolve this issue, please help

6

CentOS 7 Problems / Error 503 Backend fetch failed on all website hosted in our server

« on: July 01, 2023, 08:54:16 PM »

Hi,

Recently all website Hosted in my server are showing below error, its seems the error are because of Varnish Cache Serve.

I have tried many way to resolve this issue but nothing worked, Wordpress website are showing below error

Error 503 Backend fetch failed
Backend fetch failed
Guru Meditation:
XID: 262174
Varnish cache server

Other PHP websites are showing below error
Error 503 Backend fetch failed

Can some help me to resolve this issue, it will be helpful..

7

CentOS 7 Problems / Laravel hosted user unable to send mail from ssh using php artisan

« on: February 08, 2023, 08:16:45 PM »

Hi,

One of my hosting user was unable to execute a command line in laravel through ssh.

command : php artisan make:mail TestEmail

while executing it getting this error message. " bash: php: command not found "

I have searched every where but didn't know how to resolve it ..

8

Installation / Re: Disk quota setup and mysql quota not calculated

« on: January 06, 2023, 07:33:29 PM »

You can see th disk quota usage from the CWP panel
you cant just capslock asking help without checking it
we talk about server not voodoo mambo jambo

9

CentOS-WebPanel GUI / Re: Question: Reseller File Manager

« on: January 06, 2023, 07:31:17 PM »

you cant just capslock asking help without any data
we talk about server not voodoo mambo jambo

10

CentOS 7 Problems / Warning: mail(): Multiple or malformed newlines found in additional_header in

« on: December 17, 2022, 08:45:04 PM »

getting a error message while sending an from mail_queue, any one can help me ?

error message
Warning: mail(): Multiple or malformed newlines found in additional_header in mail_queue/usr/local/cwpsrv/htdocs/resources/admin/modules/mail_queue.php

11

CentOS 7 Problems / Re: Host or domain name not found. type=MX: Host not found, try again

« on: November 29, 2022, 09:12:10 PM »

ANY ONE HELP ME ON THIS ISSUE.. PLEASE

12

CentOS 7 Problems / Host or domain name not found. type=MX: Host not found, try again

« on: November 28, 2022, 04:52:24 PM »

From the past three weeks iam some of the email send from domain names are still in the Postfix Mail Queue
when we try to Process the Queue still it will be gone to deferred list. I found those domains are using google Gsuite (Google work space) all the dns of these domain name's are correct and successfully fetching in mx tool box and google dig tools. If any body have any idea of this issue please help me asap other wise i will loose some customers.

Error message :

(Host or domain name not found. Name service error for name=abcd.com type=MX: Host not found, try again)

13

E-Mail / Mail sending Issue : connect to alt1.aspmx.l.google.com: Network is unreachable

« on: June 08, 2022, 10:46:09 PM »

Hi,

From today none of the email are sending out to gmail. Past days i was able to receive Firewall logs mail (LFD) but now i can see more than 50 emails are in Mail Queue. Did any one have similar issue or any idea why it was not sending default and automatic emails out from server.

Please help URGENT..

14

CentOS 7 Problems / Re: No more access to CWP Dashboard - PolicyKit1,poolikit-error-quark

« on: February 02, 2022, 10:01:42 PM »

Do this: my problem resolved

Code: [Select]

getent group polkitd >/dev/null && echo -e "\e[1;32mpolkitd group already exists\e[0m" || { groupadd -r polkitd && echo -e "\e[1;33mAdded missing polkitd group\e[0m" || echo -e "\e[1;31mAdding polkitd group FAILED\e[0m"; }then this:

Code: [Select]

getent passwd polkitd >/dev/null && echo -e "\e[1;32mpolkitd user already exists\e[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "\e[1;33mAdded missing polkitd user\e[0m" || echo -e "\e[1;31mAdding polkitd user FAILED\e[0m"; }then this

Code: [Select]

rpm -Va polkit\* && echo -e "\e[1;32mpolkit* rpm verification passed\e[0m" || { echo -e "\e[1;33mResetting polkit* rpm user/group ownership & perms\e[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }then take a screenshot and paste it here
then do this:

Code: [Select]

shutdown -r now

15

CentOS 7 Problems / Re: ALL WEBSITES ARE DOWN

« on: February 02, 2022, 09:53:13 PM »

Hi thank you for the immediate reply.. Iam using ultra VNC it was very tuff to copy and past the line so i manually need to enter each letter over there finally inter three command and restart is remaining before restart iam posting the screenshot below.

Do this:

Code: [Select]

getent group polkitd >/dev/null && echo -e "\e[1;32mpolkitd group already exists\e[0m" || { groupadd -r polkitd && echo -e "\e[1;33mAdded missing polkitd group\e[0m" || echo -e "\e[1;31mAdding polkitd group FAILED\e[0m"; }then this:

Code: [Select]

getent passwd polkitd >/dev/null && echo -e "\e[1;32mpolkitd user already exists\e[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "\e[1;33mAdded missing polkitd user\e[0m" || echo -e "\e[1;31mAdding polkitd user FAILED\e[0m"; }then this

Code: [Select]

rpm -Va polkit\* && echo -e "\e[1;32mpolkit* rpm verification passed\e[0m" || { echo -e "\e[1;33mResetting polkit* rpm user/group ownership & perms\e[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }then take a screenshot and paste it here
then do this:

Code: [Select]

shutdown -r now