Posts by fluser

fluser · 2022-05-17T10:21:17+02:00

coolternet Please open a new thread and describe your problem - this one is quiet old

fluser · 2022-05-17T10:17:58+02:00

Edit the PHP settings for this customer directly in Shell and restart PHP. Check the timeout setting in the Apache2 virtualhost and adjust accordingly.

But this is only a workarround. Cleaner way would be to run the script directly in the shell/cron and not by curl/wget

fluser · Thursday, 10:05 pm

According to the docs: https://www.php.net/manual/en/…hp#ini.max-execution-time

In command line the max execution time is unlimited. Are you able to run the script through the shell?

If yes: You can list and edit the crontab for every I-MSCP user:

Code

crontab -l -u vu20XX
crontab -e -u vu20XX
[email protected]
13 * * * * /usr/bin/php7.0 /var/www/virtual/XXX/htdocs/script.php > /dev/null

fluser · Thursday, 9:57 pm

PHP-Curl und Curl unterscheiden sich und teilen sich die Einstellungen aus dem php.ini nicht.

Um Dein Problem lösen zu können, musst Du folgendes ausführen und prüfen:

Code

dpkg-reconfigure ca-certificates

Das folgende wird wohl abgewählt sein - das muss aber aktiv sein:

Code

mozilla/ISRG_Root_X1.crt

Debian Jessie ist aber auch schon in die Jahre gekommen und wird nicht mehr mit Support versorgt - ich würde Dir raten, mindestens auf Debian Stretch zu wechseln, wenn nicht sogar neuer, wenn es möglich ist.

"Quick and dirty" kannst Du curl auch mit "-k" aufrufen, dann wird die Zertifikats-Prüfung übersprungen.

fluser · Thursday, 12:35 pm

Welches OS setzt Du den ein? Und wenn Du von Curl schreibst: Meinst Du Curl in der Shell oder PHP-Curl?

fluser · May 6th 2022

Quote from fulltilt

how about the main.cf TLS settings, especially smtpd_tls_auth_only = yes?

Code

smtpd_tls_auth_only = yes

tls_preempt_cipherlist = yes

Should work too, but I did not test this setting.

fluser · May 6th 2022

You can use this listener to enforce TLS for submission:

https://github.com/i-MSCP/imsc…postfix_submission_tls.pl

This entry should be sufficient:

Code

-o smtpd_tls_security_level=encrypt

And I think, you do not want to use "tls_wrappermode" for submission - all latest mail clients are correctly using StartTLS.

fluser · May 6th 2022

The TLS-Connection (OpenSSL Output) seems ok. I had a look at your configuration and I don't think you need to configure:

Code

TLSCACertificateFile /etc/imscp/isrgrootx1.pem

I suggest to try it again after commenting out this entry.

fluser · May 4th 2022

Looks like it is working?

Code

openssl s_client -crlf -tls1_2 -connect malta1264.startdedicated.de:21 -starttls ftp

Did you forget to restart the service?

fluser · Feb 2nd 2022

CSF and LFD may be also an alternative: https://www.configserver.com/cp/csf.html

Pros:

* Easy to maintain

* Bruteforce detection

* Customizable with regex

* Build in Firewall, which is easy to configure

* Can work with any CMS which logs bad login attemptions (Custom Log and Custom Rules)

Cons:

* Firewall is limitted to in- and outgoing - not a blocker for I-MSCP

Posts by fluser

Roundcube Filter option

Max_execution_time change 86900.

Max_execution_time change 86900.

curl: (60) ssl certificate problem: certificate has expired

curl: (60) ssl certificate problem: certificate has expired

recommendation for buster - smtpd_tls_security_level in master.cf?

recommendation for buster - smtpd_tls_security_level in master.cf?

FTP Connection issues TLS "ECONNABORTED"

FTP Connection issues TLS "ECONNABORTED"

Botnet attacks - Fail2ban useless!