Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - itmonitor

Pages: 1 [2] 3
Installation / Re: Adding CAA record on CWP
« on: April 14, 2019, 05:27:47 PM »
it works. Thank you.  :)

Apache / Re: HSTS in CWP
« on: April 14, 2019, 01:33:01 PM »
Hi, thank you.

thank you.

Information / How to enable CWP Panel packages auto update
« on: April 13, 2019, 09:24:23 AM »
Hi, please how to enable packages autoupdate for CWP Panel?

Apache / Re: HSTS in CWP
« on: April 13, 2019, 09:19:22 AM »
Hi, please, any advice is welcome. Looking forward to your replies.

Apache / HSTS in CWP
« on: April 10, 2019, 03:21:43 PM »
Hi! Not sure this is the right forum. Could anybody point me to instructions on how to setup HSTS in CWP?

Any advice is welcome.



Information / Re: CWP email send on login
« on: March 18, 2019, 02:19:06 PM »
Login in what services..??
Login at CWP.

Hello. We are trying to install AutoSSL certificates through CWP. After some trials and with the help of the Let's Encrypt support, seems like CWP is merging the cert.pem and fullchain.pem . This results in duplicate SSL installs for a domain and increases website load time. Please, see the thread here

also, when installing an AutoSSL certificate through CWP, it will install but will not display in the CWP SSL cert list page.

On my side, I am ready to cooperate with CWP to find/solve any bugs - if any.

Any advice to solve those issues is welcome.


Mod_Security / OWASP is triggering on Roundcube login in CWP
« on: March 14, 2019, 08:39:20 PM »

OWASP triggers on a xss attack and blocks email sending/forwarding in Roundcube. It will work only when I disable mod_security. Please, any advice to sole this issue is welcome.

Code: [Select]
[Thu Mar 14 21:17:20.802643 2019] [:error] [pid 22926:tid 140178286909184] [client] [client] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\ballowscriptaccess\\\\b|\\\\brel\\\\b\\\\W*?=" at ARGS:_message. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "304"] [id "973301"] [rev "2"] [msg "XSS Attack Detected"] [data "Matched Data: rel= found within ARGS:_message: <p>test</p>\\x0d\\x0a<div id=\\x22_rc_sig\\x22>&nbsp;</div>\\x0d\\x0a<p>&nbsp;</p>\\x0d\\x0a<p>el 2019-03-14 13:27, ;:</p>\\x0d\\x0a<blockquote><!-- html ignored --><!-- head ignored --><!-- meta ignored -->\\x0d\\x0a<div class=\\x22pre\\x22>gracias, cual es el numero del booking del cami&oacute;n y el numero del contenedor? no los encuentro en el fichero que me enviaste.<br /> <br /> <br /> j. sobota <br /> aksert <br /> t: +49 6132 977197 | f: +4..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "www.www.www
"] [uri "/webmail/"] [unique_id "xxx"], referer:

Postfix / force postfix email to SSL
« on: March 14, 2019, 07:47:59 PM »

is there a way to force SSL for all emails in Postfix? The present config is below, but I can still setup and use a non-SSL email:

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

Any help is appreciated.

Installation / Re: Splitting Email with CWP
« on: March 14, 2019, 12:02:20 AM »
Thank you. The issue is solved.

Installation / Re: Adding CAA record on CWP
« on: March 14, 2019, 12:00:55 AM »
Thank you. How to do it manually?

Information / CWP email send on login
« on: March 13, 2019, 11:59:35 PM »

please, how to setup CWP to send an email every time someone login into it?



Installation / Adding CAA record on CWP
« on: March 11, 2019, 09:00:48 PM »

How to add a CAA record on CWP? Is it through a CNAME, TXT, PTR or other? Where do I add it in CWP.

Any advice is welcome


Installation / Re: Splitting Email with CWP
« on: March 11, 2019, 08:59:03 PM »
Thank you. As explained in the OP, all our emails should use CWP Exim or Postfix except one that is using Office 365 Exchange.

Pages: 1 [2] 3