Author: The Geek Decoder

Restrict access to ftp and other services in WHM

October 13, 2014 The Geek Decoder No Comments cPanel, WHM

Source: https://documentation.cpanel.net/display/1142Docs/Host+Access+Control

You can use the Host Access Control feature to allow or deny clients’ access, based on the IP address, to the following services:
Daemon Name

Service Name
cpaneld cPanel
whostmgrd WHM
webmaild Webmail
cpdavd WebDisk
Allow access for an IP address

To allow an IP address to access a service, perform the following steps:

Enter the service name in the daemon text box. As you type, a list of suggestions will appear.
Enter the IP address or hostname in Access List text box.
You may enter wildcards in this text box.
You cannot enter a range of IP addresses with CIDR notation.
To specify a network range, add /255.255.255.0 to the IP address.
For example, 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use.
Enter allow in the Action text box.
Describe the rule in the Comment text box.
Click Save Host Access List.
Click Reload to delete any changes.

Note:
Icon

You can also enter ALL EXCEPT IP address in the Access List text box. When you enter allow as your action, all of the addresses except for the one that you entered in the Access List will be allowed.

For more information on this option, see the Notes and Additional Documentation sections below.
Deny access from an IP address

To deny access to a service from an IP address, perform the following steps:

Enter the service name in the daemon text box. As you type, a list of suggestions will appear.
Enter the IP address or hostname in Access List text box.
You may enter wildcards in this text box.
You cannot enter a range of IP addresses with CIDR notation.
To specify a network range, add /255.255.255.0 to the IP address.
For example 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use.
Enter deny in the Action text box.
Describe the rule in the Comment text box.
Click Save Host Access List.
Click Reload to delete any changes.

Note:
Icon

You can also enter ALL EXCEPT IP address in the Access List text box. When you enter deny as your action, all of the addresses except for the one that you entered in the Access List will be denied.

For more information on this option, see the Notes and Additional Documentation sections below.

Warning:
Icon

If you accidentally lock yourself out of WHM when you use Host Access Control, edit the /etc/hosts.allow file through the command line to unlock yourself.
Allow or deny IP addresses manually

For greater host access control flexibility, you can create rules in the command line. To do this, perform the following steps:

Log in to your server as root.
Open the /etc/hosts.allow file with your preferred text editor.
Follow this format: service : IP address : action.
For example: cpaneld : 192.168.0.0 : allow

Note:
Icon

When you configure your firewall directly, you can use CIDR notation.

On a CentOS or Red Hat Enterprise LInux® system, you can use the iptables utility to manage your firewall.

You can block a specific IP address on CentOS with iptables.
For example, to block 192.168.56.210, run the iptables -A INPUT -s 192.168.56.210 -j DROP command.
You can block a specific port for an IP address
For example, to block port 23 on 192.168.56.210, run the iptables -A INPUT -s 192.168.56.210 -p tcp –destination-port 23 -j DROP command.

Note:
Icon

WHM does not use a hosts.deny file. Deny statements should be added to the /etc/hosts.allow file.
Additional notes

You must enter your allow rules before your deny rules. For example, if you choose to allow access for two IP addresses, but you want to deny access from all other addresses, you can do either of the following:

Create two separate rules:
Create one rule that allows 192.168.0.0/255.255.255.0
Create a second rule that denies access to ALL IP addresses.
Create one rule:
Enter all except 192.168.0.0/255.255.255.0 in the Access List text box.
Enter deny in the Action text box.

Additional documentation

cPanel & WHM Application Catalog — This catalog lists utilities that can help you manage access control to your server.
IP Deny Manager — Use this feature to allow or deny access to an individual site.
ProFTPD Configuration for Host Access Control – This document provides the steps to configure FTP daemons to use Host Access Control

Setting up mail on iPhone/iPad/iOS

October 10, 2014 The Geek Decoder No Comments Apple, Email, IOS

Source:

http://www.one.com/en/support/guide/mail/setting-up-mail-on-iphone-ipad-ios

http://support.apple.com/kb/HT4810

If you use a common email provider, your device will load your email settings automatically. If your device doesn’t load these settings and you don’t know them, contact your email provider and ask for this information:

My Email settings
My email address:
My email provider:

Incoming Mail Server Settings
Account type (POP or IMAP): IMAP
Incoming Mail Server: For Incoming Mail Server enter imap.domain.com as Host Name, domain.com being your domain
User Name: Enter your full email address as User Name e.g. name@example.com
Password: Your email password
Incoming server port number: 993
Incoming server supports SSL? (yes or no): On

Outgoing Mail Server Settings
Outgoing mail server: or Outgoing Mail Server enter smtp.domain.com as Host Name.
User name: Enter your full email address as User Name e.g. name@example.com
Password: Your email password
Outgoing server port: In Server Port you should use port 465
Outgoing server supports SSL? (yes or no): On

Change Date/Time for CentOS 6

October 9, 2014 The Geek Decoder No Comments Administration, Date/Time

Need to set the data for Central Stabndard Time?

CentOS System Date/Time
PHP Date and Time Global
MySQL Data and Time

The Timezone can been set to MST by running the following:


mv /etc/localtime /etc/localtime.bak
ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime

#Sync with timeserver


service ntpd stop
ntpdate pool.ntp.org
service ntpd start

#Lock the file


chattr +i /etc/localtime

#MySQL uses the system date and time, so it just needed to be restarted to take effect
service mysqld restart

Added date.ini the following file to /etc/php.d/


[date]
date.timezone=America/Chicago

#Apache needs to be restarted afterwards


#service httpd restart

Add or Change IP’s Windows Server 2003/2008

October 9, 2014 The Geek Decoder No Comments Windows Server

Source: http://technet.microsoft.com/en-us/library/cc754203%28v=ws.10%29.aspx

Windows Server 2008

Membership in Administrators, or equivalent, is the minimum required to perform these procedures.
To configure a static IP address on a computer running Windows Server 2008

  1. Click Start, and then click Control Panel.
  2. In Control Panel, verify that Classic View is selected, and then double-click Network and Sharing Center.
  3. In Network and Sharing Center, in Tasks, click Manage Network Connections.
  4. In Network Connections, right-click the network connection that you want to configure, and then click Properties.
  5. In Local Area Connection Properties, in This connection uses the following items, select Internet Protocol Version 4 (TCP/IPv4), and then click Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box opens.
  6. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use the following IP address. In IP address, type the IP address that you want to use.
  7. Press tab to place the cursor in Subnet mask. A default value for subnet mask is entered automatically. Either accept the default subnet mask, or type the subnet mask that you want to use.
  8. In Default gateway, type the IP address of your default gateway.
  9. In Preferred DNS server, type the IP address of your DNS server. If you plan to use the local computer as the preferred DNS server, type the IP address of the local computer.
  10. In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If you plan to use the local computer as an alternate DNS server, type the IP address of the local computer.

Click OK, and then click Close.

Windows Server 2003

Membership in Administrators, or equivalent, is the minimum required to perform these procedures.
To configure a static IP address on a computer running Windows Server 2003

  1. Click Start, click Control Panel, right-click Network Connections, and then click Open.
  2. In Network Connections, right-click the network connection that you want to configure, and then click Properties.
  3. In Local Area Connection Properties, in This Connection uses the following Items, select Internet Protocol (TCP/IP), and then click Properties. The Internet Protocol (TCP) Properties dialog box opens.
  4. In Internet Protocol Version 4 (TCP/IPv4) Properties, on the General tab, click Use the following IP address. In IP address, type the IP address that you want to use.
  5. In Subnet mask, either accept the default subnet mask, or type the subnet mask that you want to use.
  6. In Default gateway, type the IP address of your default gateway.
  7. In Preferred DNS server, type the IP address of your DNS server.
  8. In Alternate DNS Server, type the IP address of your alternate DNS server, if any.

Click OK, and then click Close.

Qmail : Removing emails from queue having the specified Subject

October 8, 2014 The Geek Decoder No Comments Qmail

Identify the email header id from the queued emails.. I’m goingg to use “qmail-qstat” command to know the email header. ID will starts with # symbal eg. #1445826
[root@mail4 ~]# /var/qmail/bin/qmail-qread | more
4 Dec 2012 17:04:33 GMT #1442054 7146
remote admin@sample.com
4 Dec 2012 17:06:16 GMT #1442974 7048
remote admin@samplesouth.net
4 Dec 2012 17:08:47 GMT #1444078 7064
remote admin@sampleotmail.com

b. Find the messages associated with this email header.
[root@mail4 ~]# find /var/qmail/queue -iname 1445826
/var/qmail/queue/mess/0/1445826
/var/qmail/queue/info/0/1445826
/var/qmail/queue/remote/0/1445826

Now open the file to read the email body. Choose the file part contains message (/var/qmail/queue/mess/0/1445826)
[root@mail4 ~]# cat /var/qmail/queue/mess/0/1445826 | more
Received: (qmail 20473 invoked by uid 0); 4 Dec 2012 17:12:24 -0000
Date: 4 Dec 2012 17:12:24 -0000
Message-ID: <20121204171224.20472.qmail@mail4.test.com>
To: apet@aximo.com
Subject: Better than EQP
From: Uniline Promo Inc
Reply-To: Uniline Promo Inc
MIME-Version: 1.0
Content-type: multipart/alternative; boundary=”_d96476de58f15ff5cda2ac8a00860156″
This is a multi-part message in MIME format.
–_d96476de58f15ff5cda2ac8a00860156
Content-Type: text/plain; charset=”iso-8859-1″
Content-Transfer-Encoding: 7bit

Now you can see the email subject from the email message part. You may need to install another third party tool to remove the email having the specified the Subject from the queue.

C. Install qmail-remove script
Download this package from http://www.linuxmagic.com/opensource/qmail/qmail-remove/qmail-remove-0.95.tar.gz
#wget http://www.linuxmagic.com/opensource/qmail/qmail-remove/qmail-remove-0.95.tar.gz
#tar -zxvf mail-remove-0.95.tar.gz
#cd mail-remove-0.95
#make && make install
#ln -s /usr/local/sbin/qmail-remove /usr/bin/qmail-remove
#mkdir -p /var/qmail/queue/yanked/

/var/qmail/queue/yanked/ –> This folder would have store all the files those are moved through this script.

D. Delete the specified emails having the same subject
#/etc/init.d/qmail stop
#qmail-remove -r -p “email subject name”

How to check the email sending statistics

[root@mail4 yanked]# /var/qmail/bin/qmail-qstat
messages in queue: 30835
messages in queue but not yet preprocessed: 230
[root@mail4 yanked]#

If you want to remove all the email from a particular user “spamsender@serveridol.com”, just execute the command as shown below
[root@rc-025 test]#qmail-remove -r -p “spamsender@serveridol.com”

Also I found another useful tool (qmHandle) for listing the email headers including sender,receiver address along with the email subject. So that we can identify the whether the email is spam or not and also we can use these information for pattern match deletion.

[root@rc-025 test]#http://nchc.dl.sourceforge.net/project/qmhandle/qmhandle-1.3/qmhandle-1.3.2/qmhandle-1.3.2.tar.gz
[root@rc-025 test]# tar -zxvf qmhandle-1.3.2.tar.gz && cd qmhandle-1.3.2
[root@rc-025 qmhandle-1.3.2]# cp qmHandle /usr/bin

How to list the Queued emails
[root@rc-025 test]# qmHandle -R
402725179 (9, 9/402725179)
Return-path: kathy@asd.com
From: Kathy Keeton
To: “themoonga5@ail.com” Subject: Cheer registration
Date: Wed, 3 Apr 2013 08:42:18 -0400
Size: 1147 bytes
Total messages: 1
Messages with local recipients: 0
Messages with remote recipients: 1
Messages with bounces: 0
Messages in preprocess: 0

Reviewing the queued emails [How to store all queued email informations before delete]
[root@rc-025 test]#qmHandle -R > /tmp/remotequeue.txt

xencenter

October 8, 2014 The Geek Decoder No Comments Xen

Download xencenter

Windows

To download xencenter, go to the IP address of the server with your browser and download the client. This is the same as downloading vsphere.
Linux

1. Download OpenXenManager from following link

http://sourceforge.net/projects/openxenmanager/files/openxenmanager_rev6.tar.gz/download

2. Extract installation file

root@ws2:~# mv openxenmanager_rev6.tar.gz /opt
root@ws2:/opt# tar -xzvf openxenmanager_rev6.tar.gz

3. You need to install followings
pygtk, python-gtk-vnc, rrdtool

4. To launch openxenmanager,

# python /opt/openxenmanager/window.py

5. And add your xen server 😉
View running VMs from host

xe vm-list

Spam Check list

October 7, 2014 The Geek Decoder No Comments Email, Plesk, Spam

Check the mail queue in a plesk server:

# /usr/local/psa/admin/bin/mailqueuemng -s

mail queue is full of spam type messages like this:

Subject: Mr.: 14623c9d 65% off for you!
Sale Sale Sale!! Vigara – 0.54$, Cilias – 1.09$, Levtira – 1.15$.. and more more more… ”

Steps to take:

1. Check the mail queue for suspicious emails that are spam and remove them. Monitor the mail queue to see who is sending email and the content and locate the email account for spam delivery.

To remove all mail from the queue, enter:

# postsuper -d ALL

2. Check the passwords for the email accounts with this command logged in ssh as root:

# /usr/local/psa/admin/bin/mail_auth_view
Change all weak passwords to more secure passwords. (There are many simple email passwords).

3. Check any wordpress and joomla web sites for updates. Make sure all plugins and core software is up to date.

4. Check any forms on websites and ensure that they have captcha enabled so that they cannot be submitted automatically.

Here are some links to assist in installing an email wrapper to see if the sever is sending spam via a script:

If Postfix – http://kb.parallels.com/en/114845

Once the server is verified spam free you can contact us and we can help with any de-listing submissions.

Please let us know if you have any other questions.