Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-28, 15:22:25

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - lenawaii

Pages: 1 [2]
16
Hi,

I saw on Spamdyke documentation that this is possibly to customize rejection message. So I tried to add lines in my /etc/spamdyke.conf file following this way!

#REJECTION MESSAGES
rejection-text-ip-blacklist=my personal message 1
rejection-text-unresolvable-rdns=my personal message 2

But Qmail does not work proprely after restart. Any idea to resolve this?

Thanks for your help.


17
Hi there,

I want to secure my VPS with IPtables and I have an issue to apply the firewall rules. Before that I wanted to be sure about the open ports on Kloxo MR, so I installed nmap and with the command # nmap localhost, i get the list below :

--------------------

Starting Nmap 5.51 ( http://nmap.org ) at 2015-03-05 10:20 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000011s latency).
Other addresses for localhost (not scanned): 127.0.0.1
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 988 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
143/tcp  open  imap
443/tcp  open  https
465/tcp  open  smtps
587/tcp  open  submission
993/tcp  open  imaps
995/tcp  open  pop3s
3306/tcp open  mysql

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

--------------------

To create all my firewall rules, i create an executable file /etc/sysconfig/iptables with the content below :

--------------------

#!/bin/sh

# Vider les tables actuelles + personnelles
iptables -t filter -F
iptables -t filter -X
echo "Clear rules : OK"

# Interdire toute connexion entrante et sortante
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT DROP
echo "Block all connections : OK"

# SYN-Flood Protection
iptables -N syn-flood
iptables -A syn-flood -m limit --limit 10/second --limit-burst 50 -j RETURN
iptables -A syn-flood -j LOG --log-prefix "SYN FLOOD: "
iptables -A syn-flood -j DROP
echo "SYN-Flood Protection : OK"

# Ne pas casser les connexions etablies
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
echo "Established connections : OK"

# Autoriser loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
echo "Loopback : OK"

# ICMP (Ping)
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT

# SSH In/Out
iptables -t filter -A INPUT -p tcp --dport 6490 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 6490 -j ACCEPT
echo "SSH : OK"

# DNS In/Out
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
echo "DNS : OK"

# NTP Out
iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
echo - NTP : OK

# HTTP + HTTPS Out/In
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
echo "HTTP/HTTPS : OK"

# FTP Out/In
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 30000:50000 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 30000:50000 -j ACCEPT
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
echo "FTP : OK"

# Mail SMTP/SMTPS
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 465 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 456 -j ACCEPT
echo "SMTP/SMTPS : OK"

# Mail Submission
iptables -t filter -A INPUT -p tcp --dport 587 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 587 -j ACCEPT
echo "Submission : OK"

# Mail POP3/POP3S
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 995 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 995 -j ACCEPT
echo "POP/POP3S : OK"

# Mail IMAP/IMAPS
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 993 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 993 -j ACCEPT
echo "IMAP/IMAPS : OK"

# MySQL
iptables -t filter -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 3306 -j ACCEPT
echo "MySQL : OK"

# Kloxo
iptables -t filter -A INPUT -p tcp --dport 7777:7778 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 7777:7778 -j ACCEPT
echo "Kloxo : OK"

--------------------

The problem is when i want to apply my rules with the command #/etc/init.d/iptables start, I want the error below:

iptables: Applying firewall rules: iptables-restore: line 4 failed  [FAILED]

I've tried to resolve it by myself but no way. I'll appreciate any help, thanks.



18
Kloxo-MR Technical Helps / SSL certificate bug after cleanup
« on: 2015-02-25, 09:42:13 »
Hi guys,

I recently added a new ssl certificate on Kloxo MR Panel 6.5.0.f and it worked fine. But After this command # sh /script/cleanup, the old ssl certificate that was deleted is still on and I can't not make the new one work on the server.

Do you know how to fix this?

Thank for your help.

19
Kloxo-MR Technical Helps / SSL certificate issue
« on: 2015-02-03, 19:06:45 »
Hi everyone,

I used to have no problem with old kloxo but with kloxo MR, I have trouble, may someone help me :-)

- I have a multi-domains ssl certificate and 2 IPs on kloxo MR 6.5
 -no issue to add the ssl certificate in kloxo MR
- I have assigned one IP to an exclusive client

1/ If I map this IP to my domain1, domain1 works fine with https but webmail.domain1.fr show domain1's content instead of Roundcube.

2/ If I do not map this IP to my domain1, https does not work for domain1.

3/ https don't  not work for domain2 in the two cases above.

I don't know how to fix this.

Thank for help.

20
Kloxo-MR Technical Helps / IPv6 on Kloxo MR 6.5.0
« on: 2014-12-11, 02:14:45 »
Hi Mustapha,

Is it possible to add an IPv6 address to Kloxo MR 6.5.0?

My hoster provides me illimited IPv6 addresses on my VPS and I would like to assign exclusive IPv6 to Kloxo customers and also install SSL certificates to each IPv6.

Thank you for advice.

21
Hi,

I would like to report a spam action on my web server running Kloxo MR, My web server has been blacklisted by Barracuda and I wanted to discover why so I found a way to follow scripts using PHP mail function. So to get this, I used an easy way:

Adding two line in /etc/php.ini in [Mail Function] part:
- mail.add_x_header = On
- mail.log = /var/log/phpmail.log

I created a file phpmail.log at the good place with CH777 to report all the PHP scripts that uses PHP mail function and then restarted Apache.

After this, I could read the scripts and found the spam source: It's a script on a website in China with IP 124.173.132.30 => http://www.faret.cn/anzo.txt

How is it possible to send spam from an external script?

I wanted to blacklist spammer IP with "Blocked Hosts" option in Kloxo Panel but this option does not work as I reported here in this post => http://forum.mratwork.com/kloxo-mr-technical-helps/blocked-hosts-for-localhost-do-not-blacklist-ip-in-kloxo-mr/

What do you suggest to protect my server from external scripts like this one? Is Spamdyke useful for this?

Thanks for helping :-)

Here is below the spam sent by spammer to many recipients: this mail is blocked in mail queue by the way.

mail() on [http://www.faret.cn/anzo.txt????:193]: To: bin@iptransit.net -- Headers: From: Kenneth Williams <kwilliams174@yahoo.com>  Reply-To: kwilliams174@yahoo.com  MIME-Version: 1.0  Content-Type: text/plain  Content-Transfer-Encoding: 7bit    Hello ,  My name is Mr.Kenneth Williams,A America citizen that live in Liberia ,Am  sick for Ebola Virus Disease , Am an oil business man that  made so much wealth in Africa,Right here my family and associate cannot come to see me because of the disease , Doctor has  confirm to me that i will be death in 9 days time,I have wrote to my  bank account officer to transfer $10 million to you ,so that you will  take 20% and help me donate 80% to the charity home,This is my last wish  as doctor has confirmed that i cannot live any more, Please kindly  contact her now on Ms.Helen Adams Email: helenadams842@yahoo.com ,I have  instructed her to work out the modalities and you will disburse the funds to various charity home in the world.May God bless you as you work with my instruction,You may not hear  from me again as am very weak,Just manage to type this message,cooperate with  my account officer Ms.Helen,Bye Kenneth Williams

22
Hi,

I have done a test, I wanted to block one address IP from accessing my server. I identified a spammer on my website and I wanted to blacklist his IP, so I used the following option in Kloxo MR > admin > security > Blocked Hosts for localhost and I added my mobile IP address with 3G connexion not my Internet box IP and apparently i still can access :
- Kloxo MR panel
- All website in the panel

So blacklisting does not work, what's wrong? If you have the solution, i'll take it. If no solution, what do you suggest to secure my web server?

This is really important to fix this so that I protect my webserver from spammers.

Thank you guys for helping  ;)

Pages: 1 [2]

MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix
Click Here

Page created in 0.069 seconds with 18 queries.

web stats analysis