Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Information / Roundcube big security issue.
« on: July 28, 2023, 08:04:51 AM »
How do we secure these logs
https://cpanel.domain.com/roundcube/logs/errors.log
https://cpanel.domain.com/webmail/logs/errors.log
And all other files withing the logs folder.
Any one visiting above URLs (replace domain.com with your actual domain) can download these log files and use them for exploitation.
I can see there is one .htaccess file, but it's not being honoured by the cwp webserver, in my case Apache.
https://cpanel.domain.com/roundcube/logs/errors.log
https://cpanel.domain.com/webmail/logs/errors.log
And all other files withing the logs folder.
Any one visiting above URLs (replace domain.com with your actual domain) can download these log files and use them for exploitation.
I can see there is one .htaccess file, but it's not being honoured by the cwp webserver, in my case Apache.
2
DKIM / How to implement 2048 bit DKIM keys on CWP servers.
« on: March 09, 2023, 04:59:12 PM »
Any documentation or know how for implementing 2048 bit DKIM keys by default on Control Web Panel servers?
National Institute of Standards and Technology (NIST) recommends 2048 bit keys for DomainKeys Identified Mail (DKIM), so does a client of mine on a CWP VPS dedicated to this client only.
So is there a way to make 2048 bit DKIM keys installed by default on all accounts?
National Institute of Standards and Technology (NIST) recommends 2048 bit keys for DomainKeys Identified Mail (DKIM), so does a client of mine on a CWP VPS dedicated to this client only.
So is there a way to make 2048 bit DKIM keys installed by default on all accounts?
3
CentOS-WebPanel Bugs / User password limitation?
« on: May 28, 2022, 11:36:17 PM »
Just now I found that password for user can not have this special character
Any other such known limitations?
List of special characters that won't work?
My setup:-
CWPpro version: 0.9.8.1139
Distro Name: AlmaLinux release 8.6 (Sky Tiger)
Code: [Select]
~ no warning, account creation or password change finishes with success message, but login won't work.Any other such known limitations?
List of special characters that won't work?
My setup:-
CWPpro version: 0.9.8.1139
Distro Name: AlmaLinux release 8.6 (Sky Tiger)
4
Backup / What does the backup do?
« on: January 29, 2022, 05:27:59 PM »
So, in CWP 7 Pro what does the backup do?
Whether old or new backup option, does it take backup of database & emails too or just the content of the home folder of an account?
Does it keep a local & a remote copy of backup or just one of them?
Whether old or new backup option, does it take backup of database & emails too or just the content of the home folder of an account?
Does it keep a local & a remote copy of backup or just one of them?
5
E-Mail / How to preserve modifications in /etc/postfix/main.cf
« on: January 24, 2022, 02:54:56 AM »
As I am trying to make the server behave as per my requirements, currently specially mail server, I made some changes to /etc/postfix/main.cf, but on rebuilding mail server the same gets overwritten (it's been mentioned all over this forum.).
So, is there a proper method to preserve the changes made in configuration files?
May be a post rebuild script ?
So, is there a proper method to preserve the changes made in configuration files?
May be a post rebuild script ?
6
DNS / Slave DNS screwed up zones.
« on: January 19, 2022, 01:09:33 PM »
See the difference in the zone entries, first one is from the CWP7pro & second from the slave DNS.
Here's a catch, zones that were pushed before 15th Jan 2022 are fine.
Code: [Select]
; Generated by CWP
; Zone file for domain.com
$TTL 7200
@ 3600 IN SOA ns1.nameserver.com. postmaster.domain.com. (
2022011501 ; serial, todays date+todays
1200 ; refresh, seconds
7200 ; retry, seconds
1209600 ; expire, seconds
3600 ) ; minimum, seconds
@ 3600 IN NS ns1.nameserver.com.
@ 3600 IN NS ns2.nameserver.com.
@ IN A 111.222.333.444
localhost.domain.com. IN A 127.0.0.1
@ IN MX 0 mail.domain.com.
mail 7200 IN A 111.222.333.444
webmail 7200 IN A 111.222.333.444
cpanel 7200 IN A 111.222.333.444
cwp 7200 IN A 111.222.333.444
www 7200 IN CNAME domain.com.
ftp 7200 IN CNAME domain.com.
_dmarc 7200 IN TXT "v=DMARC1; p=none"
@ 7200 IN TXT "v=spf1 +a +mx +ip4:111.222.333.444 ~all"
default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; long//longl/ongdomain/key"
mysubdomain 14400 IN A 111.222.333.555 ; #subdomain mysubdomain
www.mysubdomain 14400 IN A 111.222.333.555 ; #subdomain mysubdomain
@ 7200 IN TXT "google-site-verification=long_code"
@ CAA 0 issuewild "letsencrypt.org"
@ CAA 0 issue "letsencrypt.org"
Code: [Select]
$ORIGIN .
$TTL 3600 ; 1 hour
domain.com IN SOA ns1.nameserver.com. postmaster.domain.com. (
2022011501 ; serial
1200 ; refresh (20 minutes)
7200 ; retry (2 hours)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
NS ns1.nameserver.com.
NS ns2.nameserver.com.
$TTL 7200 ; 2 hours
A 111.222.333.444
MX 0 mail.domain.com.
TXT "v=spf1 +a +mx +ip4:111.222.333.444 ~all"
$ORIGIN domain.com.
_dmarc TXT "v=DMARC1; p=none"
$TTL 14400 ; 4 hours
default._domainkey TXT "v=DKIM1; k=rsa; long//longl/ongdomain/key"
$TTL 7200 ; 2 hours
cpanel A 111.222.333.444
cwp A 111.222.333.444
ftp CNAME domain.com.
$TTL 14400 ; 4 hours
mysubdomain A 111.222.333.444
$ORIGIN mysubdomain.domain.com.
www A 111.222.333.444
$ORIGIN domain.com.
$TTL 7200 ; 2 hours
localhost A 127.0.0.1
mail A 111.222.333.444
webmail A 111.222.333.444
www CNAME domain.com.
Here's a catch, zones that were pushed before 15th Jan 2022 are fine.
7
E-Mail / Mail Forwarders #BigBlunder
« on: January 18, 2022, 10:57:50 PM »
The way Control Web Panel handles email forwarders is a big big nightmare.
Recently, I migrated accounts from cPanel to CWP7pro, all email accounts having forwarders stopped receiving emails in their mailbox while emails were getting delivered to the forwarded account.
On checking I found that here in CWP7pro you have to add the forwarding address too to the forwarded address along with the other forwarded address, else the forwarding email account will stop receiving mails in their inbox.
This behaviour make no sense, in last three decades I have not seen a single mail server behaving like this, imagine dealing with thousands of mail accounts going defunct.
Hopefully CWP dev team will be able to fix this in upcoming versions.
For now, where & how can we fix the existing mail boxes in a quick & fast manner?
Recently, I migrated accounts from cPanel to CWP7pro, all email accounts having forwarders stopped receiving emails in their mailbox while emails were getting delivered to the forwarded account.
On checking I found that here in CWP7pro you have to add the forwarding address too to the forwarded address along with the other forwarded address, else the forwarding email account will stop receiving mails in their inbox.
This behaviour make no sense, in last three decades I have not seen a single mail server behaving like this, imagine dealing with thousands of mail accounts going defunct.
Hopefully CWP dev team will be able to fix this in upcoming versions.
For now, where & how can we fix the existing mail boxes in a quick & fast manner?
8
CentOS-WebPanel GUI / UserPanel Home -> Mail Box accounts list #NotLoading
« on: January 18, 2022, 10:10:15 PM »
CWPpro version: 0.9.8.1120
Distro Name: AlmaLinux release 8.5 (Arctic Sphynx)
This is a new setup, done on 15th of Jan 2022 on an OpenVZ 7 VPS.
Migrated few accounts from a cPanel server,
Initially these sections were working fine, but since yesterday, these two section stopped working
UserPanel Home -> Mail Box accounts list
UserPanel Home -> Mail Forwarders list
This account has 282 email accounts & 86 mail forwarders, it just keep showing loading animation.
In CWP7pro.admin "mail_list -> List of MailBox Accounts" & "mail_list_alias -> Mail Alias Accounts" is working fine.
Any idea/suggestion how to fix this issue?
Distro Name: AlmaLinux release 8.5 (Arctic Sphynx)
This is a new setup, done on 15th of Jan 2022 on an OpenVZ 7 VPS.
Migrated few accounts from a cPanel server,
Initially these sections were working fine, but since yesterday, these two section stopped working
UserPanel Home -> Mail Box accounts list
UserPanel Home -> Mail Forwarders list
This account has 282 email accounts & 86 mail forwarders, it just keep showing loading animation.
In CWP7pro.admin "mail_list -> List of MailBox Accounts" & "mail_list_alias -> Mail Alias Accounts" is working fine.
Any idea/suggestion how to fix this issue?
Pages: [1]
