Posts by gabesz86


    Are you using the stable or latest RC? Is SSL with a self signed certificate activ?


    I'm using latest RC and I want to use mey slef cert. I have a *.pem file. Should I re-run the i-mscp install script? :)


    You are a little bit tightfisted with your information. Where do you want to install the certificate? For all services or for a customer (web page)?


    I'd like to know this too. I have a working installation, and I'd like to install my cert for all services.


    Thanks your advice

    Yeah I read it but not worked for me until now :P


    I'm using Ubuntu 12.04LTS what doesn't use dkim-filter, but using opendkim so I changed your code
    from:

    Code
    1. aptitude install libaprutil1-dbd-mysql razor libnet-dns-perl libmailtools-perl spamc spamassassin libmail-dkim-perl dkim-filter clamsmtp libtie-cache-perl libdbd-mysql-perl pyzor


    to:

    Code
    1. aptitude install libaprutil1-dbd-mysql razor libnet-dns-perl libmailtools-perl spamc spamassassin libmail-dkim-perl opendkim clamsmtp libtie-cache-perl libdbd-mysql-perl pyzor


    After the mysql can't create these sql-s
    mysql -u spamassassin -p spamassassin < /usr/share/doc/spamassassin/sql/awl_mysql.sql
    mysql -u spamassassin -p spamassassin < /usr/share/doc/spamassassin/sql/userpref_mysql.sql
    mysql -u spamassassin -p spamassassin < /usr/share/doc/spamassassin/sql/bayes_mysql.sql


    because the spamassassin user doesn't have create right, so i modified your script
    from:

    Code
    1. insert into db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) values('localhost','spamassassin','spamassassin','Y','Y','Y','Y');


    to:

    Code
    1. insert into db (Host, Db, User, Create_priv, Select_priv, Insert_priv, Update_priv, Delete_priv) values('localhost','spamassassin','spamassassin', 'Y','Y','Y','Y','Y');


    after the import the mysql said there is an error in mysql syntax (not your fault) so i chaged the TYPE=MyISAM to ENGINE=MyISAM in evry .sql files.


    Now the installing OK however I installed Amavis instead of ClamSMTP :P


    Ps: I attached the modified sqls, so you can download it and just copy over usr/share/doc/spamassassin/sql/

    Files

    • sql.zip

      (1.17 kB, downloaded 32 times, last: )


    In /var/log/xferlog or something like that you can see all ftp connections to your server and uploaded/downloaded files. If your server was infected via ftp, it's also possible, that your client computer is unsecure. There are some trojan horses which are searching for filezilla/eclipse/etc. ftp passwords and using them to attack your server.
    Check your computer and change all passwords. Because of this attack scenario ftp accounts should just used by one person. So later you can check which computer was infected with a trojan horse.


    I checked my log and yes infected my files via ftp. I don't know what happening now but some of friends said that happening with too. Now I reinstalled two another website which not stored on my server. Anyway I try to make a SFTP with pro ftpd. I checked google and I'm going to try it. I hope this will make more security. If I have make it I will contact the dev team and make a wiki doc :D


    I'm using fail2ban to secure my ftp and ssh. I seen the fail2ban log file, the ssh was attacked but blocked the attacker's IP but the proftpd didn't attacked (no ftp attack entry in the fil2ban log). After I saw the proftpd log files and I seen the attacker knew the ftp names and passwords. This datas stored only the i-MSCP database and the users know this data too. The IP what attacked the ssh and the IP's (more than one) what login the ftp accounts doesn't match.