I also check command.
I make sure the password is correct.I another 1.3.0 imscp can't login mysql by root account with command.
try
mysql -u root -p -h 127.0.0.1 -P 3306
Posts by jacobvw
-
-
-
The problem i am having is the password is not escaped properly in /var/www/imscp/gui/public/tools/webmail/plugins/imscp_pw_changer/config.inc.php. If i run the installer and set the mysql roundcube password to something without ' the password changer works perfectly, but if i let the installer auto generate the password which in this case contained ' the password changer fails and you just get a blank screen
imscp 1.2.9
roundcube plugins 1.2.2
debian 7 -
What about adding "-m owner --uid-owner postfix" to your smtp-firewalling? It prevents anybody (scripts for example and even root) but postfix to send mails?
I didn't even know that feature existed. Thanks for the tip
-
I am also having trouble with the password changer. It shows the password link in roundcube but clicking the link redirects you to webmail/?_task=settings&_action=plugin.imscp_pw_changer which is a blank page
imscp version 1.2.9
roundcube plugins version 1.2.1
os debian 7 -
Display MoreHallo zusammen,
Da ich mich von Plesk verabschiedet habe, bin ich hier auf das tolle IMSCP gestoßen und bin gerade diesen auzuprobieren.
Meine Frage: Kann man auch die Firewall des Server damit verwalten?
I am currently using the following iptables rules. It all seems to be working so far but could be improved. May be a good starting point for you.POP3 - Allow pop3 access for both SSL and plain authentication (working)
iptables -A INPUT -i eth0 -p tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 110 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 995 -m state --state ESTABLISHED -j ACCEPTIMAP - Allow imap access for SSL and plain authentication (working)
iptables -A INPUT -i eth0 -p tcp --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 143 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 993 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 993 -m state --state ESTABLISHED -j ACCEPTSMTP MAIL SUBMISSION EG FROM EMAIL CLIENT - CONFIRMED AND WORKING
iptables -A INPUT -i eth0 -p tcp --dport 587 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 587 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 587 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 587 -m state --state NEW,ESTABLISHED -j ACCEPTSMTP MAIL SERVER TO MAIL SERVER - CONFIRMED AND WORKING
iptables -A INPUT -i eth0 -p tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPTSMTP TLS - CONFIRMED AND WORKING
iptables -A INPUT -i eth0 -p tcp --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 465 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 465 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPTSSHD - Allow outside ssh connections (working)
iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPTIMSCP NGINX - Allow outside control panel http connections to nginx (working)
iptables -A INPUT -i eth0 -p tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 8080 -m state --state ESTABLISHED -j ACCEPTIMSCP NGINX SSL - Allow outside control panel https connections to nginx (working)
iptables -A INPUT -i eth0 -p tcp --dport 4443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 4443 -m state --state ESTABLISHED -j ACCEPTHTTP - Allow outside http connections (working)
iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPTHTTPS - Allow outside https connections (working)
iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPTFTP - Allows both active & passive connections with or without SSL (needs further testing as ip_conntrack does not work with SSL)
ftp passive ports need to be edited. Need to make listener that does this
Requires
ip_conntrack
ip_conntrack_ftp
to be added to /etc/modulesiptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 20 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 49152:65534 --sport 49152:65534 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 49152:65534 --sport 49152:65534 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPTDNS - To allow lookup from outside in and inside out for both TCP & UDP protocols (Tested and seems to be working correctly)
iptables -A INPUT -i eth0 -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPTMYSQL - Allows outside connections to mysql server (needs to be tested)
iptables -A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPTPINGING - Allows outside to inside and inside to outside ping requests (working)
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPTLOOPBACK INTERFACE - Allow no restrictions for 127.0.0.1
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPTALLOWING SERVER TO CONNECT TO INTERNET - NEEDS IMPROVING
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED -j ACCEPT -
Has anyone tried KaziWhmcs 0.0.7 with the latest version of imscp 1.2.3? If so is it functioning correctly?
Edit: I have seen commits made on GitHub Regarding core changes for the plugin here. Anyone tested this version?
-
Did you perform the following as stated in the errata?
Services
You must stop all i-MSCP services manually before updating, else, some of them will be unable to restart at the end of process.
You can stop the i-MSCP services as follow:
# service imscp_panel stop
# service imscp_daemon stop
# service imscp_network stop -
Hi, I am having trouble with the data transfer statistics in imscp 1.2.2. In the administrator statistics overview i am getting approx 20gb data transfer a day for imap/pop out (Have checked servers actual data transfer and this is the correct figure), but if i go through each domains statistics and add them all up it is extremely lower. I have been looking through the imscp code to try and understand how it determines what domain to assign the traffic to but have been unsuccessful. It crossed my mind that maybe if the end user is using the servers hostname in there mail clients instead of there own domain name it wont add there data transfer to the their domain? Any help would be much appreciated.
Thanks