Messages

16

PHP / Re: PHP Warning: PHP Startup: Unable to load dynamic library 'intl'

« on: June 29, 2025, 02:24:26 PM »

This is for the built-in CWP PHP (7.2 that is labeled 7.1)?
I have these files for intl (different dating than the version yours is calling):

Code: [Select]

/usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20170718/intl.so
/usr/local/src/intl-3.0.0/.libs/intl.so
/usr/local/src/intl-3.0.0/modules/intl.so

17

Mod_Security / Re: OWASP CRS v4.15.0 Just Release

« on: June 29, 2025, 02:20:57 PM »

Why do you quote your posts that are directly above with nothing new to add?

18

Installation / Re: I don't receive a single message from root..??

« on: June 29, 2025, 02:18:36 PM »

I don't have the directive on my CWP servers, nor on a dedicated server I maintain. These are the closest I have:

Code: [Select]

# smtpd_helo_restrictions
smtpd_helo_restrictions =
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_helo_required = yes

19

How to / Re: [Howto] Install Rspamd

« on: June 27, 2025, 07:00:00 PM »

Note there is one formatting error in the first part of the instructions above (these two were grouped together in the instructions but are separate files/code blocks):

- file /etc/rspamd/local.d/worker-proxy.inc

Code: [Select]

bind_socket = "127.0.0.1:11332";
milter = yes;
timeout = 120s;
upstream "local" {
 default = yes;
 self_scan = yes;
}

- file /etc/rspamd/local.d/logging.inc

Code: [Select]

type = "file";
filename = "/var/log/rspamd/rspamd.log";
level = "error";
debug_modules = [];

20

How to / Re: Installing ARC on ALMA 8/9

« on: June 27, 2025, 06:56:57 PM »

Just note one formatting error in his instructions (these two were grouped together in his instructions but are separate files):

- file /etc/rspamd/local.d/worker-proxy.inc

Code: [Select]

bind_socket = "127.0.0.1:11332";
milter = yes;
timeout = 120s;
upstream "local" {
 default = yes;
 self_scan = yes;
}

- file /etc/rspamd/local.d/logging.inc

Code: [Select]

type = "file";
filename = "/var/log/rspamd/rspamd.log";
level = "error";
debug_modules = [];

21

How to / Re: Installing ARC on ALMA 8/9

« on: June 27, 2025, 01:31:29 PM »

You can follow Netino's guide for rspamd -- it works on Alma 8 and will get you ARC headers.

22

Mod_Security / Re: OWASP CRS v4.15.0 Just Release

« on: June 27, 2025, 01:30:19 PM »

It used to be the better option, but Comodo is in an identity crisis and hasn't updated its definitions since Jan 2024, so it is now effectively dead. Best to go with the OWASP-old which is current. Follow Starburst's guide to update to Mod Security 2.9.8 and then get the latest 4.15 OWASP definitions.

23

Installation / Re: Which os to choose?

« on: June 27, 2025, 01:27:53 PM »

You do want MariaDB 10.11.13 (an LTS version), not the crusty EOL 10.5 installed by default.
https://www.alphagnu.com/topic/23-upgrade-mariadb-1011-in-cwp-centos-7-centos-8-stream-almalinux-78-rockylinux-78/#comment-25

Good to hear the login.defs is getting handled by default now, otherwise you would not be able to log in to CWP.

24

Installation / Re: I don't receive a single message from root..??

« on: June 26, 2025, 11:38:21 PM »

CWP systems are as you described, mydestination = $myhostname = name.hostname.com

On a dedicated server I maintain (non-CWP), it is more clasically set:

Code: [Select]

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, host.domain.com, mail.domain.com

25

Installation / Re: Which os to choose?

« on: June 26, 2025, 02:42:50 PM »

For EL9, this is an immediate must do:

We are working on resolving this issue, a quick fix is ​​to go to this file

Code: [Select]

nano /etc/login.defs


and comment out the following line

Code: [Select]

SHA_CRYPT_MAX_ROUNDS 5000


to

Code: [Select]

#SHA_CRYPT_MAX_ROUNDS 5000

After this you can change the user's password from the cwp administration panel and you will be able to login.

[/quote]

26

Installation / Re: Which os to choose?

« on: June 26, 2025, 10:47:52 AM »

But if you don't need CWP Migration nor PHP 5.6 legacy, then you could start with Alma 9, which would give you the longest window -- almost 7 years without having to worry about upgrades:
https://endoflife.date/almalinux

27

Installation / Re: Which os to choose?

« on: June 25, 2025, 11:53:06 PM »

I would (and do) start with AlmaLinux 8 -- fully supported, best experience -- no real caveats or gotchas. Then there is a clear path forward to upgrade to AlmaLinux 9 at any point in your 4 year window, as long as the security update phase is appropriate for your use case. (It is for mine!) CWP's EL9 support it in a workable beta state at this point and the bugs should be ironed out by the time you need to upgrade -- probably likewise into the security update phase of AlmaLinux 9!

28

Installation / Re: I don't receive a single message from root..??

« on: June 25, 2025, 02:38:00 PM »

Postfix?

29

E-Mail / Re: Postfix, SpamAssassin, or something else

« on: June 25, 2025, 01:16:15 PM »

Forgeries. You should lock down Postfix more to prevent this kind of backscatter. And block Malaysia if you have no need for traffic from there.
https://www.awsmonster.com/how-to-secure-postfixdovecot-on-cwp

If you wanted to block ALL of LeaseWeb, you could add their netblocks to your blocklists, but you might block legitimate traffic:
https://ipinfo.io/AS7203

30

CentOS 7 Problems / Re: Unable to Access CWP Panel : 500 Error

« on: June 25, 2025, 01:05:45 PM »

You need to update your CWP version. Older files that are IonCube encoded will expire and throw these kinds of errors.

Code: [Select]

yum -y update
yum clean all
yum check-update
yum update
sh /scripts/update_cwp