Wednesday, February 20, 2019
outbound attack articles
https://www.transip.eu/knowledgebase/entry/504-what-about-abuse-originating-from/
https://forums.cpanel.net/threads/abuse-coming-from-my-server.588323/
https://forums.cpanel.net/threads/locate-ftp-abuse-user.646113/
http://www.webhostingtalk.com/showthread.php?t=1390984
https://forums.cpanel.net/threads/keeping-a-log-of-all-outgoing-http-s-connections.500991/
https://forums.cpanel.net/threads/outbound-wp-login-php-brute-force-attack-from-my-cpanel-server.397791/
https://www.nixtree.com/blog/detecting-wordpress-outbound-bruteforce-attack-from-server/
https://forums.cpanel.net/threads/outbound-wp-login-php-brute-force-attack-from-my-cpanel-server.397791/
https://forums.cpanel.net/threads/checking-which-domain-is-sending-unwanted-http-requests-to-a-specific-destination.397241/
Tuesday, October 30, 2018
Time not displaying correctly in cPanel webmail (SquirrelMail)
It was found that the server timezone was set correctly and time was synchronized with an NTP (network time protocol) server, however it was not displaying correctly for clients when they logged into cPanel webmail, specifically SquirrelMail that shows the time in the top left corner. It was off by an hour (indicating a timezone difference in calculation somewhere).
SquirrelMail says that this issue is not in the code but whatever the underlying php provides is displayed there. The reason was that cPanel’s php engine was not calculating the timezone correctly. To fix this issue, edit the php.ini file located at
/usr/local/cpanel/3rdparty/php/53/etc
Uncomment the line that starts with date.timezone:
date.timezone = "TIMEZONE"
And replace the TIMEZONE in above line from one of the supported timezone settings in php documentation e.g. “Australia/Sydney”. And enclose the string in quotes. Save the file and refresh the webmail interface to view correct time.
Wednesday, October 3, 2018
htaccess code for leverage browser caching and gzip compression
<IfModule mod_deflate.c> # Compress HTML, CSS, JavaScript, Text, XML and fonts AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-otf AddOutputFilterByType DEFLATE application/x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf
Mixed Content Error - Wordpress
https://wordpress.org/plugins/ssl-insecure-content-fixer/#description
Error - ClamAV socket [] not found
Hello All,
You must install ClamAV (Clamavconnector on cPanel) or ensure clamd is running to use this product correctly.
If the clamd socket is not automatically detected, and to clear this message, you must set clamdsock=/path/to/socket in /etc/cxs/cxs.defaults to the live socket location
Enter the following command in terminal to resolve the issue:
/usr/local/cpanel/3rdparty/bin/clamd
Monday, September 3, 2018
SQLite Error when creating and deleting accounts
https://snag.gy/oY3fNT.jpg
https://documentation.cpanel.net/display/CKB/_HordeDataBehavior1150
Thursday, August 16, 2018
Initial default/catch-all forwarder destination = FAIL
If you set this to "Fail", then emails sent to non-existing email accounts on the domain will be bounced back to the sender rather than try to deliver to the user's default email account. This will only apply to new accounts. Any previously existing accounts will need to have this changed in /etc/valiases from the following:
To the following:
Please note that username above represents the cPanel username.
The following commands should do this for you (please note that I'm having a backup created of /etc/valiases before the command to ensure that you have a method to covert back to the previously working files):
This basically takes all instances of *: username and replaces them with *: :fail: No Such User Here instead.
Next, anyone who has set their default email catchall to something else such as an email account will not be changed. The users who have done this likely do want to receive those emails.
Code:
*: username
Code:
*: :fail: No Such User Here
The following commands should do this for you (please note that I'm having a backup created of /etc/valiases before the command to ensure that you have a method to covert back to the previously working files):
Code:
cp -R /etc/valiases /etc/valiases.bak110510 for i in `ls /var/cpanel/users/`;do replace "*: $i" "*: :fail: No Such User Here" -- /etc/valiases/*;done
Next, anyone who has set their default email catchall to something else such as an email account will not be changed. The users who have done this likely do want to receive those emails.
Subscribe to:
Posts (Atom)