AWS Monster | Your Technical Partner

A computer hostname represents a unique name that gets assigned to a computer in a network in order to uniquely identify that computer in that specific network. The hostname is set at the time when the CentOS operating system is installed or if you are spinning up a virtual machine it is dynamically assigned to the instance at startup. The hostname is used by many of the networking programs (such as sendmail, Apache servers) to identify the machine. By default, your server is started with the server’s given name as the hostname. Some software, such as cPanel, CWP requires a valid Fully Qualified Domain Name (FQDN) for the hostname. Types of hostnames (The hostname can be configured as follows): Static host name assigned by sysadmin. For example, “server1”, “wwwBot2”, or “host.datahead.biz”. Transient/dynamic host name assigned by DHCP or mDNS server at run time. Pretty host name assigned by sysadmin/end-users and it is a free-form UTF8 host name for presentation to the user.

CentOS 7 comes with firewalld by default. So disable firewalld because Cpanel & CWP uses CSF Firewall & LFD with IPTables. Here CSF - ConfigServer Security & Firewall LFD - Login Failure Daemon # systemctl stop firewalld.service # systemctl disable firewalld.service Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. # systemctl mask firewalld.service Created symlink from /etc/systemd/system/firewalld.service to /dev/null. Reboot your server so that all updates can take affect and then check your Firewalld Status. # reboot # systemctl status firewalld In EFA , FirewallD & Fail2Ban Intrusion Detector comes with by default. But I prefer to use CSF. So i will disable firewalld services.  

SELinux is an acronym for Security-enhanced Linux. It is a security feature of the Linux kernel. It is designed to protect the server against misconfigurations and/or compromised daemons. In the Linux kernel, SELinux relies on mandatory access controls (MAC) that restrict users to rules and policies set by the system administrator. MAC is a higher level of access control than the standard discretionary access control (DAC) , and prevents security breaches in the system by only processing necessary files that the administrator pre-approves. SELinux was initially released as a collaborative between Red Hat and the National Security Agency . SELinux receives periodic updates and additions as new Linux distributions are released. SELinux modes There are three modes of SELinux: Enforcing, Permissive and Disabled. Enforcing mode is the default mode at installation of SELinux. It will enforce the policies on the system, deny access and log actions. Permissive mode is the most com

I have successfully added Let's Encrypt SSL certificate for my Sever Hostname/FQDN but the issue is that When I am logging on my Roundcube mail , The messages is not showing on a same Frame. Open the file # vi /usr/local/apache/conf.d/ssl.conf Header always set X-Frame-Options DENY and can be changed to # vi /usr/local/apache/conf.d/ssl.conf Header always set X-Frame-Options SAMEASORIGIN Now login to your webmail and check .

I'm getting problem after CWP mail server migration from existing server to new server. It's showing   Connection to storage server failed , General Troubleshooting Tips Run “postfix check” to make Postfix look for obvious configuration errors. If it returns no output then no problem was found. Read your /var/log/dovecot.log & /var/log/mail.log and look for warnings and errors. I'm getting the following information from  /var/log/dovecot.log I get “Permission denied” from Dovecot in the mail.log file. You have the permissions wrong. Run the following command # chown -R vmail:mail /var/vmail Finally all user's of that domain can login successfully . This post is based on this article. Link 1 Link 2

I am going to show you that How to check Roundcube All Configuration using Roundcube Webmail Installer. In this way you will see all the details about PHP version, missing PHP extensions, available databases, required 3rd party libs, php.ini/.htaccess settings and many more details. Image 1 Let's do the following [root@host ~]# cd /usr/local/src/ [root@host src]# git clone https://github.com/roundcube/roundcubemail.git Cloning into 'roundcubemail'... remote: Enumerating objects: 210, done. remote: Counting objects: 100% (210/210), done. remote: Compressing objects: 100% (141/141), done. remote: Total 117796 (delta 72), reused 130 (delta 63), pack-reused 117586 Receiving objects: 100% (117796/117796), 57.28 MiB | 1.62 MiB/s, done. Resolving deltas: 100% (81855/81855), done. Go to the following directory [root@host src]# cd roundcubemail/ [root@host roundcubemail]# pwd /usr/local/src/roundcubemail [root@host roundcubemail]# cp -rvf installer /usr/local/cwpsrv/var/s

Few users doesn't satisfied with default Rouncube feature's , Sometimes they demand more features that's why we will change the default setting as we want . I'm showing some changes in below : Edit the file as follows # vi /usr/local/cwpsrv/var/services/roundcube/config/defaults.inc.php // Log successful/failed logins to /userlogins or to syslog $config['log_logins'] = true; // Log IMAP conversation to /imap or to syslog $config['imap_debug'] = true; // Log SMTP conversation to /smtp or to syslog $config['smtp_debug'] = true; // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! $config['enable_installer'] = false; // provide an URL where a user can get support for this Roundcube installation // PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! $config['support_url'] = 'https://datahead.biz/support/'; // repl