Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-04-20, 06:53:52

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - zmatrix

Pages: 1 2 [3] 4
31
Kloxo-MR Technical Helps / my sever is used as a spam server - help -
« on: 2014-03-23, 15:36:44 »
hello

2 days ago I found a high continuous load about ( 1.5 to 2.0 ) in my vps , and I didn't do any thing or changed any thing the last 3 weeks
I checked my logs, one of my clients website is hacked and I found 2 Trojan files and I removed them
then I disabled his account

the load now is very low between .02 to .1
but I still find unknown queue emails in my email queue
all of this emails sent from the email ( root@mail.serverdomain.com )
I don't know how to stop these ?

my server now banned from yahoo and Google :(

is the vps still hacked or it's a bug or what ?

I don't have much experience with kloxo , so I want to give me a totorial to learn how to make a necessary steps to secure and monitor my vps

I heard about
maldet , csf and clamAV but I don't know how to install them together to protect my vps
all my sites uses wordpress with the latest update

I hope we can make a good guide for kloxo-mr to be used in how to install and secure it the best way

If any body can help me please replay to this topic

32
Kloxo-MR Technical Helps / the hacker code and files
« on: 2014-03-22, 00:49:38 »
hello

I have bean hacked

I downloaded the backup and scaned it then now I removed the infected files

I still have new records in the http log file such

92.53.96.55 - - [22/Mar/2014:01:37:30 +0200] "POST /wp-content/themes/twentyfourteen/js/index2WUY.php HTTP/1.1" 404 330 "-" "-"

but the file index2WUY.php which is already was a trojan had been deleted

is that ok now or what ?

the hacker is trying to access the file bu it already deleted

so is now safe or no ?
and have you ever saw case like this ?

33
Kloxo-MR Technical Helps / how to know the sent email on the server ?
« on: 2014-03-21, 20:31:21 »
hello

I want to know the sent email from the server

sent from ( email ) to ( Email ) At (time )

34
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 19:39:02 »
now it almost working fine

but I have released that my vps Ip is blacklisted from gmail due to the spaming during the hacker was using my vps to spam emails

how to remove my server ip from the gmail blacklist ?

35
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 19:18:17 »
now I used this

/script/cleanup
then

sh /script/fixmail-all; qmailctl stop; killall -9 qmail-send; qmailctl start

and tried again then I got


[root@khdmaty ~]# qmailctl cdb
Reloaded /etc/tcprules.d/tcp.smtp
Reloaded /var/qmail/control/badmimetypes.cdb
Reloaded /var/qmail/control/badloadertypes.cdb





36
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:39:49 »
thanks again  :)


[root@khdmaty ~]# qmailctl cdb
-bash: qmailctl: command not found
[root@khdmaty ~]#

37
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:27:54 »

when using

sh /script/fixmail-all

I get

Preparing Horde database
- Fix MySQL commands in import files of Horde
cp: cannot stat `/home/kloxo/httpd/webmail/horde/scripts/sql/horde_groupware.mysql.sql': No such file or directory
cp: cannot stat `/home/kloxo/httpd/webmail/horde/config/horde_conf.php': No such file or directory
- Generating password
- Add password to configuration file
- Database installed
Initialize Horde files
- Initialize process
Preparing RoundCube database
- Fixing MySQL commands in import files
- Generating password
- Add Password to configuration file
- Database installed
Initialize Roundcube files
- Initialize process
T-Dah webmail no exists
Preparing Afterlogic database
- Fixing MySQL commands in import files
- Generating password
- Add Password to configuration file
- Database installed
Initialize Afterlogic files
- Initialize process
Preparing Squirrelmail Database
- No need database
Initialize Squirrelmail files
- Initialize process
Preparing Telaen Database
- No need database
Initialize Telaen files
- Initialize process
Install Webmail chooser
- Install process

38
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:26:01 »
when using

yum install *-toaster  -y


I get

--> Finished Dependency Resolution
vpopmail-toaster-5.4.33-1.4.3.mr.el5.i386 from mratwork-release-version-arch has depsolving problems
  --> vpopmail-toaster conflicts with vpopmail
ezmlm-cgi-toaster-0.53.324-1.3.6.i386 from lxcenter-updates has depsolving problems
  --> Missing Dependency: control-panel-toaster >= 0.2 is needed by package ezmlm-cgi-toaster-0.53.324-1.3.6.i386 (lxcenter-updates)
Error: vpopmail-toaster conflicts with vpopmail
Error: Missing Dependency: control-panel-toaster >= 0.2 is needed by package ezmlm-cgi-toaster-0.53.324-1.3.6.i386 (lxcenter-updates)
 You could try using --skip-broken to work around the problem
 You could try running: package-cleanup --problems
                        package-cleanup --dupes
                        rpm -Va --nofiles --nodigest

39
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:20:39 »
thanks for your replay

I use nginx proxy so it appear that http and nginx  is working

40
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:04:05 »
# sh /script/restart-services
Stopping Djbdns for:
  - axfrdns    [  OK  ]
  - tinydns    [  OK  ]
Starting Djbdns for:
  - axfrdns    [FAILED]
  - tinydns    [FAILED]
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
Stopping nginx:.                                           [  OK  ]
Starting nginx:                                            [  OK  ]
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
[root@khdmaty /]#

41
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:03:12 »

[root@khdmaty /]# sh /script/fixdomainkey
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127
/bin/sh: tcprules: command not found
make: *** [tcp.cdb] Error 127

42
Kloxo-MR Technical Helps / Re: errors qmail
« on: 2014-03-21, 18:02:09 »
--> Processing Conflict: vpopmail-toaster conflicts vpopmail
--> Finished Dependency Resolution
vpopmail-toaster-5.4.33-1.4.3.mr.el5.i386 from mratwork-release-version-arch has depsolving problems
  --> vpopmail-toaster conflicts with vpopmail
ezmlm-cgi-toaster-0.53.324-1.3.6.i386 from lxcenter-updates has depsolving problems
  --> Missing Dependency: control-panel-toaster >= 0.2 is needed by package ezmlm-cgi-toaster-0.53.324-1.3.6.i386 (lxcenter-updates)
Error: vpopmail-toaster conflicts with vpopmail
Error: Missing Dependency: control-panel-toaster >= 0.2 is needed by package ezmlm-cgi-toaster-0.53.324-1.3.6.i386 (lxcenter-updates)
 You could try using --skip-broken to work around the problem
 You could try running: package-cleanup --problems
                        package-cleanup --dupes
                        rpm -Va --nofiles --nodigest

43
Kloxo-MR Technical Helps / errors qmail
« on: 2014-03-21, 17:26:19 »
hello

I face this error every time I run a script like fixweb

exist
svc: warning: unable to control /var/qmail/supervise/send/log: file does not exist
svc: warning: unable to control /var/qmail/supervise/smtp/log: file does not exist
svc: warning: unable to control /var/qmail/supervise/submission/log: supervise not running
.
Starting qmail-toaster: svscan.
Stopping xinetd: id: vpopmail: No such user
id: vpopmail: No such user
id: vpopmail: No such user
id: vpopmail: No such user

44
Kloxo-MR Technical Helps / Re: how can I kow which account , domain or file causing cpu load ?
« on: 2014-03-21, 14:31:04 »
can you please tell me how to remove the queue mail from the admin panel ?
cause in the processes I see alot of emails that I can't recognize

45
Kloxo-MR Technical Helps / Re: how can I kow which account , domain or file causing cpu load ?
« on: 2014-03-21, 14:29:05 »
i DOWNLOADED THE SITE FILES ,and I found 2 Trojan files
I removed them and re-installed the wordpress again
I will keep watching the load in my server to see if it still high or return to the normal values

I have a problems with my server

I can't access the ftp
I can't access the emails from web or pop3 :(

I hope that will be a new update soon cause my server now is shit

so any one can suggest a plugin or so for wordpress that the files in my website ?


Pages: 1 2 [3] 4

MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix
Click Here

Page created in 0.031 seconds with 17 queries.

web stats analysis