Quantcast
Channel: Forums | InterWorx CP
Viewing all 900 articles
Browse latest View live

New install backups failing

August 26, 2014, 4:54 pm
$
0
0
I attempted a restore following this link http://www.interworx.com/support/faq...ting-accounts/


Instructions from link above
Click the SiteWorx > Import menu item.
Click the Import Single Account button.
Choose from the list of available resellers in the dropdown labeled Reseller ID.
Click the Choose File button for a Local Backup File or the Use a file already on the system link for a Remote Backup File.
Choose Local Backup File if you have a backup file saved on your computer’s hard drive.
Choose Remote Backup File if you have a backup file saved on the server. You will need to type in the fully-qualified path to the file. For example, if you have a backup file named testaccount.tar.gz in /tmp/backups/, you would enter: /tmp/backups/testaccount.tar.gz




I used my backup info in the backup attempts and not testaccount :) I received the pink bar error on the Local Backup File: line with the error notice: File could not be read. I tried full backup. partial backup and structure backup all from a fresh backup via SiteWorx backup and restore all with the same results.


Then I tried a backup from my local computer and received the error below.


Anyone have an idea what I can check? Or am I doing something totally wrong?


» [32;1mFound --ipv4[0m
» 160.xxx.xxx.xxx
» Archive file : /usr/local/interworx/tmp/import_fgFiaZ/phpSIxxxx
» Working directory : /tmp/siteworxImport7gxxxx
» Symlink Hunting
» Done Symlink Hunting
» extract archive failed
» Could not extract archive : /usr/local/interworx/tmp/import_fgFiaZ/phpSIxxxx
Search

Simple Scripts and Softaculous

August 28, 2014, 1:11 am
$
0
0
Hello,

i just wanted to say that neither of does two works.

Simple Scripts install scripts but files are missing some files are created as folders?!


Softaculous

Name: Softaculous.jpg Views: 9 Size: 51.6 KB
Attached Images
 

Fail2ban

August 28, 2014, 7:59 pm
$
0
0
Adding support for Fail2ban is long over due and has been included in several other control panels like Plesk. This should be added and it's the individual choose. We need better tools to stop individuals from abusing our networks resources.

Weird 'TLS not available' error

September 2, 2014, 9:20 pm
$
0
0
Messages to a friend's me.com account eventually bounce after stacking in the remote queue for a week or so. i.e., One user; one fickle mail system I don't care about; the sky isn't falling and email is fine everywhere else. I've read about TLS/SSL version conflicts, as well as Qmail's patch history, wondering if either might throw light on this error happening only with one mail system. Common sense reasoning says I shouldn't care whatsoever but I'm curious about it... if anybody feels like explaining.

SHA-2 SSL certificates?

September 8, 2014, 2:28 pm
$
0
0
If your domain fails the SHA-2 SSL check at this site:

https://shaaaaaaaaaaaaa.com/

You can generate a new SSL key with your provider. I just did mine with godaddy. It's called Re-keying your SSL and you choose SHA-2 as the encryption algorithm instead of SHA-1.

By the end of 2014 chrome will start warning visitors if you still use SHA-1. You can use the same CSR (certificate signing request) generated by interworx to create a valid SHA-2 certificate, I just did it.

My original question was, will interworx support self-signed SHA-2 certificates soon?



Also-- anyone with server knowledge that wants to make your server rank "A" on Qualys SSL Labs test:
https://www.ssllabs.com/ssltest/

can install TLS Interposer plugin for Apache 2.2.26:
https://netfuture.ch/2013/11/upgradi...ls-interposer/

BFD is not blocking all the hack attempts

September 12, 2014, 5:14 pm
$
0
0
Bfd is set to block max of more then 10 attempts it should be adding the ip address to the iptables ban list but its not. I need this work for pop3, smtp and imap4, imap4-ssl. Please advise me why is not working please?


more conf.bfd
#!/bin/sh
#
# BFD 1.5-2 [bfd@r-fx.org]
# Copyright (C) 1999-2014, R-fx Networks <proj@r-fx.org>
# Copyright (C) 2014, Ryan MacDonald <ryan@r-fx.org>
# This program may be freely redistributed under the terms of the GNU GPL
#
# NOTE: This file should be edited with word/line wrapping off,
# if your using pico please start it with the -w switch.
# (e.g: pico -w filename)
#

# how many failure events must an address have before being blocked?
# you can override this on a per rule basis in /usr/local/bfd/rules/
TRIG="10"

# send email alerts for all events [0 = off; 1 = on]
EMAIL_ALERTS="0"

# local user or email address alerts are sent to (separate multiple with comma)
EMAIL_ADDRESS="root"

# subject of email alerts
EMAIL_SUBJECT="Brute Force Warning for $HOSTNAME"

# executable command to block attacking hosts
BAN_COMMAND="/etc/apf/apf -d $ATTACK_HOST {bfd.$MOD}"

######
# You should not need to edit any options below this line
######

# installation path
INSTALL_PATH="/usr/local/bfd"

# rule files path
RULES_PATH="$INSTALL_PATH/rules"

# track log script path
TLOG_PATH="$INSTALL_PATH/tlog"

# syslog kernel log path
KERNEL_LOG_PATH="/var/log/messages"

# syslog auth log path
AUTH_LOG_PATH="/var/log/secure"

# bfd application log path
BFD_LOG_PATH="/var/log/bfd_log"

# log all events to syslog [0 = off; 1 = on]
OUTPUT_SYSLOG="1"

# log file path for syslog logging
OUTPUT_SYSLOG_FILE="$KERNEL_LOG_PATH"

# template of the email message body
EMAIL_TEMPLATE="$INSTALL_PATH/alert.bfd"

# contains list of files to search for addresses that are excluded from bans
IGNORE_HOST_FILES="$INSTALL_PATH/exclude.files"

# grab the local time zone
TIME_ZONE=`date +"%z"`

# grab the local unix time
TIME_UNIX=`date +"%s"`

# lock file path
LOCK_FILE="$INSTALL_PATH/lock.utime"

# lock file timeout
LOCK_FILE_TIMEOUT="7200"



dir
asterisk_badauth courier exim_authfail openvpnas pure-ftpd sendmail vsftpd
asterisk_iax cpanel exim_nxuser postfix rh_imapd sshd vsftpd2
asterisk_nopeer dovecot modsec proftpd rh_ipop3d vpopmail




[root@fwh rules]# more postfix
# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
TRIG="10"

# file must exist for rule to be active
REQ="/usr/sbin/postfix"

if [ -f "$REQ" ]; then
PORTS="25,26"
LP="/var/log/mail.log"
TLOG_TF="postfix"

## Postfix dictionary attacks
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | egrep -w "SASL LOGIN authentication failed:|SASL PLAIN authenticatio
n failed:" | grep -E '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | awk -F '[' '{ print $3 }' | tr -d '[a-z][A-Z]\[\]\:'`
fi
[root@fwh rules]#




more dovecot
# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
# TRIG="30"

# uncomment to disable alerting for this rule
# SKIP_ALERT="1"

# file must exist for rule to be active
REQ="/usr/sbin/dovecot"

if [ -f "$REQ" ]; then
PORTS="110,143,993,995"
LP="/var/log/maillog"
TLOG_TF="dovecot"

## DOVECOT IMAP/POP3
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | egrep '(imap|pop3)-login.*(Authentication failure|auth failed|Aborte
d login|ried to use disabled)' | egrep -v 'no auth attempts' | sed -n -e '/auth failed/s/.*user=<\(.*\)>.*rip=\
([^ ]*\),.*/\2:\1/p' | egrep '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:.*$'`
fi
[root@fwh rules]#



more courier
# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
# TRIG="10"

# uncomment to disable alerting for this rule
# SKIP_ALERT="1"

# file must exist for rule to be active
REQ="/usr/lib/courier-imap/libexec/couriertcpd"

if [ -f "$REQ" ]; then
PORTS="110,143,993,995"
LP="/var/log/maillog"
TLOG_TF="courier"

## courier imap|pop3
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | sed -e 's/::ffff://' | egrep '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | tr '=' ' '
| sed -n -e '/LOGIN FAILED/s/.*user \([^ ]*\)\(.*\) \([^ ]*\).*/\3:\1/p' | tr -d '[],'`
fi
[root@fwh rules]#

not installed

September 14, 2014, 5:33 am
$
0
0
sorry for the ambibuious title, but this forum wouldn't let me post with the openssh-client in the title as my first post!

Document Root

September 14, 2014, 7:54 am
$
0
0
How do I change a document root like in cpanel?

Name: subdomain document root.PNG Views: 10 Size: 27.4 KB
Attached Images
 
Search

Single Site Config

September 14, 2014, 3:15 pm
$
0
0
Hi,

I have a relatively busy forum at around 10000 concurrent users at all time, php/mysql heavily. I have a fairly sophisticated setup:

Email Server are handled by another server
DNS are handled by another service
MySQL Database are on other servers Master/Slave(s) replication
All other static files are being served from CDN.
No FTP Server necessary, no clam-av, no firewall (hardware firewall + arbor anti-ddos). No bandwidth/quotas checker
No analytic process necessary.

And is there anyway to disable everything I listed above without breaking the panel?

complex email password

September 14, 2014, 5:33 pm
$
0
0
How can I turn off the non-complex email password blocking? I have to set a password for an existing account and must use a non-complex password to match the existing password.

redirect smtp on one IP to another IP

September 14, 2014, 6:32 pm
$
0
0
I'm attempting to re-reoute smtp traffic that will come to my web server address to our new mail server. Both are Centos / Interworx systems. It does not seem to be working.

I've modified the /etc/afp/preroute.rules as follows:


eout "{glob} loading preroute.rules"

# place your custom routing rules below
iptables -t nat -A PREROUTING -p tcp -d [mywebserverip] --dport 25 -j DNAT --to-destination [myemailserverip]

any help would be appreciated.

Reposting Virtual host configs

September 15, 2014, 11:33 am
$
0
0
Hi, we have decided to implement RLimits in our web servers. Can someone describe how to republish or repost all of our existing vhost containers now that we have updated the vhost-base.conf?

Thanks.
--
Julian

How can I disable mail for a specific siteworx account?

September 16, 2014, 4:51 am
$
0
0
Hello!
I;m dealing with a client that has an outdated WordPress installation along with some outdated plugins. As a result spammers are using her site to send thousands of spam emails per minute, so I'm trying to find a way to disable all mail activity for that specific account until she upgrades her website.

I know that I can just disable the site but if I do that she wont be able to log in and update her installation.

Thanks!

Cpanel Import Problems... 4 days running Invalid Interworx-CP license

September 16, 2014, 7:54 am
$
0
0
I have tried every way interworx provides for importing from a cpanel, direct file (gui and cli), and ssh and I keep getting a license error. I have tried to import another account and it works, but this account just dies.

Here's what the cli reports:

~iworx/bin/import.pex --archive=/tmp/backup-9.15.2014_16-37-49_[sitename].tar.gz --control-panel=cpanel --ipv4 [IP Address] --db-server=localhost --reseller-id=3 --force
Found --ipv4
[this matches IP address above]
----- ASSERTION FAILED BEGIN -----
A system error has occurred. Please try your request again in a few minutes.
If the error persists, please contact support.
[root@centos6 /]#

Here's what ssh gui reports:
Name: failure_ssh.PNG Views: 13 Size: 47.2 KB


and finally here's what gui (from file) reports (at the end)

» Quota Sanity Checking
» Loaded package option : Secondary Domains => 4
» Increased slave domains quota : 0 => 4
» Setting Reseller ID : 1
» Invalid InterWorx-CP License
Attached Images
 

DNS resolve the new TLDs?

September 16, 2014, 8:16 am
$
0
0
Hello,

Does anyone know that the Interworx dns resolve the new tlds ex: ".london"?

Yesterday I added one ".london" to my server, and still not working.. :(

sorry for my english.
Search

whitelist domain in RBL

September 16, 2014, 12:24 pm
$
0
0
My clients reports me a problem. There is a free email service in Hungary what is like gmail or yahoo or outlook.com. No emails are recived from this service in the past two weeks.

I checked my logs and the problem is the free email service server's IP addresses are on RBL list, marked as spammers.

I know this is good, my server is protected against spams but I need temporary to allow the connections from this servers (this is a well known free email service in Hungary, I think now there is no spam problems with it).

Is is possible to whitelist an IP or domain in Realtime (SBL) Blacklists?

Thanks, Gabor.

Best way to go about setting up Gmail with main domain

September 17, 2014, 6:44 am
$
0
0
Before I attempt this, I was just curious what the best method for doing this is.

I currently have my maindomain.com, it is being used for two servers...my main business server (no clients) as well as a shared client server (hq.maindomain.com and shared1.maindomain.com hostnames respectively).

I still want my servers to handle the mail, so I need to have them reroute the mail just for maindomain.com to the gmail servers.

My question is, since all of the domains on the shared server also use mail.maindomain.com or shared1.maindomain.com as valid MX records...would changing the MX record at the siteworx level for maindomain.com to route email to google work while still allowing all other domains to process email correctly?

Hopefully that makes sense.

Right now email is routed to my servers (which I will hopefully be switching to use Mandrill as soon as I get around to it).

Current route:
maindomain.com - direct to hq.maindomain.com
clientdomains.com - direct to shared.maindomain.com

Desired:
maindomain.com - direct to hq.maindomain.com then routed to google
clientdomains.com - direct to shared.maindomain.com

I just don't want MX record changes to maindomain.com to have an affect on the shared server since it is using the same top level domain for it's mailserver. Is this possible, or am I going to need to just whitelabel all my shared servers with a new mailserver domain?

Server is only serving default page, for all sites

September 17, 2014, 10:48 am
$
0
0
I originally deployed my InterWorx system with an internal IP, behind a NAT. Unfortunately, it doesn't appear to come with the RPAF apache module (to translate client IP headers from the load balancer in to logged IPs), so I moved it out to it's own public IP.

I added the public IP to the system, moved all domains to the public IP and verified the private IP has no domains associated. I also checked the vhost files to ensure each domain is referencing the correct IP.
Now, when I access any domain (secondary, or subdomain) I'm getting the root default page associated with the IP. If I turn default pages off, it falls over to the first site in the alpha list, and never reaches the actual target domain site.

Pointer sites are redirecting as desired, but, if they reference another domain on the system, back to the default page you go.

Short of manually updating Apache config files, which could potentially be overwritten by InterWorx, I'm not sure what else to review on the system to return my sites back to service.

Any ideas/comments are greatly appreciated.

Thank you.

Require SMTP-AUTH on port 25

September 17, 2014, 3:37 pm
$
0
0
Is there a way somehow to set the SMTP sending on port 25 to always require authentication?
I know only 127.0.0.1 can relay but anybody can enter smtp commands via telnet and in this way of course send emails without authentication.
Don't you think it is a security risk?

Thanks, Gabor.

Configure Over quota mailboxes to bounce messages

September 19, 2014, 7:48 am
$
0
0
Hi,

We have some users who are not checking their mailboxes regularly enough to prevent their mailboxes from reaching quota. This is causing the mail queue to get backed up with status "To Be Delivered". Can anyone point us in the direction of how to get the mail server to simply bounce messages back to the sender if the recipient's mailbox is full?

Thanks.
Viewing all 900 articles
Browse latest View live
Search