Skip to main content

Posts

How to Secure/Harden CWP Nginx Server ( Admin, Client & Webmail Panel ) with Strong Ciphers ?

By Default CWP Server is using Modified Nginx server which is called CWP server and It is used for Admin, Client & Webmail Panel Login. I am also using Let's Encrypt SSL for my CWP Admin, Client & Webmail Panel .
Follow This Article : ( Part 1)
CWP: How to Configure Let's Encrypt SSL Certificate for your server Hostname/FQDN on CWP7.admin
N.B: I am using the below cipherlist
https://cipherli.st/
https://mozilla.github.io/server-side-tls/ssl-config-generator/
https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate&openssl-version=1.0.2k-fips
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
https://ssldecoder.org/

CWP Admin Panel Link (by hostname)
CWP Admin Panel Link: http://server1.datahead.biz:2030
CWP Admin Panel Link: http://server1.datahead.biz:2086
CWP Admin Panel SSL Link: https://server1.datahead.biz:2031
CWP Admin Panel SSL Link: https://server1.da…

How to Enable logging of Email’s Subject Line in Postfix Maillog ?

By default Postfix MTA only capture ‘From’ and ‘To’ details in the log file (/var/log/maillog). There are some scenarios where we want that email’s subject should be capture in the maillog. This will very useful for email administrators when performing troubleshooting of problems related with email. There are simple steps to enable logging of the email subject in postfix maillog.

We are assuming that postfix is already up and running and will make below changes.
Step:1 Edit ‘/etc/postfix/main.cf’ file & uncomment below line:
#header_checks = regexp:/etc/postfix/header_checksStep:2 Append the below line in ‘/etc/postfix/header_checks’ [at the bottom]
/^Subject:/ WARNStep:3 Run postmap to apply the new configuration in /etc/postfix/header_checks
[root@server1 ~]# postmap /etc/postfix/header_checksStep:4 Restart or Reload the postfix server
[root@server1 ~]# systemctl restart postfix [root@server1 ~]# postfix reloadStep:5 Login to your Roundcube webmail and send an test with the subj…

CWP: How to install CSF Webmin module on CWP in CentOS 7 ?

This perl module is required for Statistical Graphs available from the csf UI. It is dependent on graphical libraries being installed for your OS (e.g. libgd, libpng, etc. which is beyond the scope of this document)

The perl module itself can be installed in a variety of ways, e.g.:

RedHat/CentOS/CloudLinux:
# yum install perl-GDGraph

Direct from cpan.org:
# perl -MCPAN -e shell
cpan> install GD::Graph

Webmin Module Installation/Upgrade
Webmin > Webmin Configuration > Webmin Modules >
From local file > /usr/local/csf/csfwebmin.tgz > Install Module


Uninstallation : Removing csf and lfd is even more simple:
# cd /etc/csf
# sh uninstall.s

The Article Based on:
https://download.configserver.com/csf/install.txt

PostfixAdmin: Invalid query: Table 'postfix.vacation_notification' doesn't exist,

Bug Fix: After login, click on “Fetch email” I got error “Invalid query: FUNCTION postfix.FROM_BASE64 does not exist” To fix it, edit /home/username/public_html/postfixadmin/model/PFAHandler.php at line 572:
# vi /home/datahead/public_html/postfixadmin/model/PFAHandler.php $base64_decode = "###KEY###"; Unable to Delete any Email Address:When I am trying to delete any email address, I'm getting below the error
Login to PhpMyAdmin using root user  and select the postfix database from left side and Select SQL and paste the below code then click on go button .
CREATE TABLE `vacation_notification` ( `on_vacation` varchar(255) NOT NULL, `notified` varchar(255) NOT NULL, `notified_at` timestamp NOT NULL default CURRENT_TIMESTAMP, PRIMARY KEY (`on_vacation`,`notified`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual Vacation Notifications';

Helpful Link:
Link 1
Link 2

CWP: How to Integrate Postfix Admin 3.1 with CentOS WebPanel on CentOS 7

Postfix Admin is a web based interface which allows users to configure and manage a Postfix based email server. With Postfix Admin you can create and manage multiple virtual domains, users and aliases and many more.

I have installed CWP7.admin on CentOS 7 and It's working fine with Postfix but i want to use PostfixAdmin with CentOS WebPanel .
Login to your user panel : https://host.datahead.biz:2083/ and create a sub-domain like postfixadmin.datahead.biz . Go to Domains >> Sub Domains >> Add a New SubDomain

Now Restart Apache & DNS server from your admin panel. If you get any error or unable browse your subdomian then fix the permission (Go to User Accounts >> Fix Permission) . Install AutoSSL for that subdomain. Now Login to your server using SSH
# cd /usr/local/src/ # VERSION=3.1 # wget -q https://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin-${VERSION}/postfixadmin-${VERSION}.tar.gz # tar xzf postfixadmin-${VERSION}.tar.gz # mv po…

How to Secure MariaDB for VestaCP and CWP ?

If you are using VestaCP or CentOS Webpanel then this tutorial will guide you through some basic steps you can take to secure your MariaDB or MySQL databases, and ensure that they are not an open door into your VPS. However, like most software, these tools can be security liabilities if they are configured incorrectly.

For the sake of simplicity and illustration, we will use the MariaDB 10.1 server on a CentOS 7.6 VPS instance.
Now run the script called "mysql_secure_installation". This will guide us through some procedures that will remove some defaults that are dangerous to use in a production environment.
# mysql_secure_installation
It will first prompt you for the root password you set up during installation. Immediately following, you will be asked a series of questions, beginning with if you'd like to change the root password.

This is another opportunity to change your password to something secure if you have not done so already.
You should answer "Y" (for…

How to find out & Change VestaCP MySQL/MariaDB root Password ?

If you forget the MySQL/MariaDB root password, no worries to find out the mysql root password.
The password is stored at: /usr/local/vesta/conf/mysql.conf and /root/.my.cnf
Before do anything , create a backup file.
# cp /usr/local/vesta/conf/mysql.conf /usr/local/vesta/conf/mysql.conf.bak # cp /root/.my.cnf /root/.my.cnf.bak Use this syntax to change MySQL/MariaDB root password
# mysqladmin -u root -pOLDPASSWORD password 'NEWPASSWORD' Change the root password
# mysqladmin -u root -pgX7wlY5V3F password 'gR7wlY6V9A' Now Update the newly changed password
# vi /usr/local/vesta/conf/mysql.conf HOST='localhost' USER='root' PASSWORD='gR7wlY6V9A' CHARSETS='UTF8,LATIN1,WIN1250,WIN1251,WIN1252,WIN1256,WIN1258,KOI8' MAX_DB='500' U_SYS_USERS='admin,datahead' U_DB_BASES='3' SUSPENDED='no' TIME='15:10:16' DATE='2019-04-17' # vi /root/.my.cnf [client] password='gR7wlY6V9A'