Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - AlexG

Pages: [1]
1
Apache / [How To] Apache Ultimate Bad Bot Blocker for CWP
« on: December 27, 2019, 07:18:40 PM »
Hi there, previously I've written a post about this Apache Ultimate Bad Bot Blocker but for some reason I cannot edit/remove that post so I'm starting a new updated one.

1. First, login as root on your CWP server.



2. Make a new directory for the new rules:
Code: [Select]
mkdir -p /usr/local/apache/custom.d
3. Clone git
Code: [Select]
git clone https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker.git
4. Copy Apache rules
Code: [Select]
cd /root/apache-ultimate-bad-bot-blocker/Apache_2.4/custom.d && cp -r * /usr/local/apache/custom.d
5. Replace Apache path
Code: [Select]
sed -i "s|/etc/apache2/custom.d|/usr/local/apache/custom.d|g" /usr/local/apache/custom.d/globalblacklist.conf
6. Remove unnecessary files
Code: [Select]
cd /root && rm -rf /root/apache-ultimate-bad-bot-blocker
7. Add new rule to the Apache configuration file
Code: [Select]
nano /usr/local/apache/conf/httpd.confAfter the line:
Code: [Select]
#ServerName www.example.com:80Add:
Code: [Select]
<Location "/">
# AND-combine with preceding configuration sections 
AuthMerging And
# include black list
Include /usr/local/apache/custom.d/globalblacklist.conf
</Location>



Save file (Ctl+O). Exit (Ctl+X)

8. Restart Apache
Code: [Select]
service httpd restart
9. Testing
Code: [Select]
curl -A "80legs" https://your.domain.name


*** Works for CWP v0.9.8.924 Free & Pro. Have fun. ***

2
CSF Firewall / [How-To] Block SASL failed login attempts through CSF
« on: July 16, 2019, 05:07:59 PM »
Hi there,

Today I want to share a way to block failed login email attempts through CSF (Config Server Firewall) to avoid several attacks to your email accounts or clients email accounts in an automatic way.

Complete Post Here

---------------------------------------------------------------------
Works great with CWP v0.9.8.781+ (CentOS 7)
---------------------------------------------------------------------


Let me know if this method works on your end.

3
New Modules / Limit server resources (cgroups)
« on: March 01, 2019, 09:02:18 PM »
Hi everyone, I wonder if someone have issues with Limit server resources (cgroups) (CWP-PRO). I've setup a new policy and I tried to restart the service, there are the logs:

-------------------------
Restarting service..
cgclear failed with Device or resource busy
-------------------------

Service Status
-------------------------
Check:
cgred.service loaded active running CGroups Rules Engine Daemon
● cgconfig.service loaded failed failed Control Group configuration service
Groups:
memory:/
memory:/system.slice
memory:/system.slice/cgred.service
cpu,cpuacct:/
cpu,cpuacct:/system.slice
cpu,cpuacct:/system.slice/cgred.service
blkio:/
blkio:/system.slice
blkio:/system.slice/cgred.service
Rules:
-------------------------

Journalctl
-------------------------
Mar 01 15:48:33 my.website.com systemd[1]: Starting Control Group configuration service...
-- Subject: Unit cgconfig.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit cgconfig.service has begun starting up.
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.conf: Cgroup mounting failed
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-01.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-02.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-03.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-04.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-05.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-06.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-07.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-08.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-09.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-10.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-11.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-12.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-13.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.d/user-14.conf: Failed to remove a non-empty group
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: cannot mount cpu to /cgroup/cpu: Device or resource busy
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/01/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/01/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/02/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/02/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/03/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/03/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/04/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/04/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/05/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/05/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/06/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/06/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/07/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/07/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/08/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/08/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/09/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/09/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/10/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com systemd[1]: cgconfig.service: main process exited, code=exited, status=101/n/a
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/10/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/11/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/11/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/12/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/12/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/13/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/13/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/14/blkio.throttle.read_bps_device: No such device
Mar 01 15:48:34 my.website.com cgconfigparser[16185]: Error: failed to set /sys/fs/cgroup/blkio/14/blkio.throttle.write_bps_device: No such device
Mar 01 15:48:34 my.website.com systemd[1]: Failed to start Control Group configuration service.
-- Subject: Unit cgconfig.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit cgconfig.service has failed.
--
-- The result is failed.
-------------------------

Any fix or lead to fix, please let me know.

4
E-Mail / Google's reCaptcha on Roundcube's Login Form
« on: December 18, 2018, 06:31:42 PM »
Hi everyone, like the title say, let's add the Google's reCaptcha into the Roundcube's login form. First, this post is based on this article.

Here we go:

Open a terminal and connect to CWP server.

#Installing GIT

Code: [Select]
yum install git -y
#Clone the plugin through git

Code: [Select]
cd /usr/local/cwpsrv/var/services/roundcube/plugins/
git clone https://github.com/dsoares/rcguard.git rcguard

#Change directory permission

Code: [Select]
chown -R cwpsvc:cwpsvc rcguard/
#Rename the config file

Code: [Select]
cd rcguard
mv config.inc.php.dist config.inc.php

#Edit the config file and adding the Keys

Code: [Select]
nano config.inc.php
Once in there look for:

Code: [Select]
// Public key for reCAPTCHA<br>$config['recaptcha_publickey'] = '';
// Private key for reCAPTCHA<br>$config['recaptcha_privatekey'] = '';

Add your Keys, if you don't have any, you can generate them here

NOTE: to save changes in nano editor, press Ctrl+O and Ctrl+X to exit

#Like the original article say:

You can change other settings of the plugin per your needs. For example this one:

Code: [Select]
// Number of failed logins before reCAPTCHA is shown
$rcmail_config['failed_attempts'] = 5;

Change it to 0 (zero) to show the captcha always.

#Create a new table in the Roundcube database.

Go to PHPMyAdmin, selec the Roundcube database (roundcube), click the SQL tab and copy/paste the following code:

Code: [Select]
CREATE TABLE `rcguard` (
  `ip` VARCHAR(40) NOT NULL,
  `first` DATETIME NOT NULL,
  `last` DATETIME NOT NULL,
  `hits` INT(10) NOT NULL,
  PRIMARY KEY (`ip`),
  INDEX `last_index` (`last`),
  INDEX `hits_index` (`hits`)
) ENGINE = InnoDB CHARACTER SET utf8 COLLATE utf8_general_ci;

Then, click "Go"

-----------------------------------------------
Image for Reference:
-----------------------------------------------




#Last Step

Add 'rcguard' into Roundcube's config file. Should be something like this:

Code: [Select]
nano /usr/local/cwpsrv/var/services/roundcube/config/config.inc.php
Code: [Select]
$config['plugins'] = array(
    'plugin1',
    'plugin2',
    'rcguard',

That's all, now Roundcube's form login should look like this:

-----------------------------------------------
Image for Reference:
-----------------------------------------------



---------------------------------------------------------------------
Works great with CWP v0.9.8.753+ (CentOS 7)
---------------------------------------------------------------------

5
Hi everyone, it's a good idea to add this custom module to apache, right?

https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

Anyone interested?

6
PHP Selector / Upgrade buildconf 2.63
« on: January 30, 2017, 03:20:15 PM »
Hi, I'm trying to Compile PHP 7.x on the PHP Selector (NEW) and this is what I got:

buildconf: checking installation...
buildconf: autoconf version 2.63 (ok)
rebuilding aclocal.m4
rebuilding configure
configure.ac:276: error: Autoconf version 2.64 or higher is required
build/ax_check_compile_flag.m4:60: AX_CHECK_COMPILE_FLAG is expanded from...
autom4te: /usr/bin/m4 failed with exit status: 63
rebuilding main/php_config.h.in
configure.ac:276: error: Autoconf version 2.64 or higher is required
build/ax_check_compile_flag.m4:60: AX_CHECK_COMPILE_FLAG is expanded from...
autom4te: /usr/bin/m4 failed with exit status: 63
autoheader: '/usr/bin/autom4te' failed with exit status: 63
/usr/local/cwp/.conf/php_conf/php7.conf: line 1: ./configure: No such file or directory
make: *** No targets specified and no makefile found.  Stop.
make: *** No rule to make target `install'.  Stop.
Stopping httpd: [  OK  ]
Starting httpd: [  OK  ]

Build Completed
###################

Any Fix for this?

Pages: [1]