How To Permanently Disable Http/ftp/mysql/courier With LXADMIN/KLAXO
Jun 30, 2009
I have a small VPS that is used only to send mail. It uses the HyperVM software, so I installed "Klaxo" (LXadmin) on it and set up the domain, etc..
I then went into the "Server : Linux --> Services" page and disabled everything except qmail. (I also set them so they are not auto-started at bootup.)
The problem is that after about 10 minutes or so... all the services are automatically restarted.
I have no idea what process is doing this, and it's driving me a little nutty.
Does anyone know how to permanently disable a service using the Klaxo/lxadmin control panel?
(Or at least, where I can find whatever monitoring system is checking if they are up, and then restarting them?)
I am trying to secure my VPS and one thing noted in a recent scan was SSL v2 and v3 being supported for SMTP, POP3 and IMAP. So a check of ‘Disabling SSLv3 Support on Servers’ and the Postfix configuration settings suggest:
Examining both only the copy in /etc/postfix/ is configured and at the end of this file I can find all the Plesk settings, including some RBLs I’ve defined via the UI. Hence I know this is the working config as of the two, it’s the only one actually configured. Hence I add the required commands to the config:
... smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_security_level = may smtpd_use_tls = yes smtp_tls_security_level = may
[Code] ....
I then go to the Plesk Tools & Settings > Services Management and restart:
Now what I should get back is an error as the attempt to connect with SSLv2 should fail as it's an excluded protocol, but instead what I get back is the Plesk cert and a connection:
# openssl s_client -connect x.x.x.x:25 -starttls smtp -ssl2 CONNECTED(00000003) depth=0 C = US, ST = Virginia, L = Herndon, O = Parallels, OU = Parallels Panel, CN = Parallels Panel, emailAddress = info@parallels.com verify error:num=18:self signed certificate ...
Why? What do I need to do to have Postfix use the updated config and refuse an SSL2 connection?
I seem to have the same issue with Courier having made similar changes to the /etc/courier-imap/pop3d-ssl file:
yesterday i setup my first vps system and now its hosting 2 forums of my. Thing is in evry 10 mints Mysql & courier-imap are restarting..? I know this from the lxadmin alert email. So is it normal or is it a problem in my configuration..? Im running cent os 5 now. And i also check the log.. there is entry like below in it..
Oct 6 13:43:07 vps_10013 pure-ftpd: (?@127.0.0.1) [INFO] Logout. Oct 6 13:43:07 vps_10013 xinetd[8020]: EXIT: ftp status=255 pid=21638 duration=0(sec) Oct 6 13:43:13 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=21637 duration=6(sec) Oct 6 13:43:48 vps_10013 xinetd[8020]: START: smtp pid=21679 from=63.247.94.194 Oct 6 13:43:49 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=21679 duration=1(sec) Oct 6 13:44:48 vps_10013 xinetd[8020]: START: smtp pid=21901 from=63.247.94.194 Oct 6 13:44:49 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=21901 duration=1(sec) Oct 6 13:45:49 vps_10013 xinetd[8020]: START: smtp pid=22163 from=63.247.94.194 Oct 6 13:45:50 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=22163 duration=1(sec) Oct 6 13:46:49 vps_10013 xinetd[8020]: START: smtp pid=22499 from=63.247.94.194 Oct 6 13:46:50 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=22499 duration=1(sec) Oct 6 13:47:49 vps_10013 xinetd[8020]: START: smtp pid=23668 from=63.247.94.194 Oct 6 13:47:50 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=23668 duration=1(sec) Oct 6 13:48:49 vps_10013 xinetd[8020]: START: smtp pid=23920 from=63.247.94.194 Oct 6 13:48:52 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=23920 duration=3(sec) Oct 6 13:49:49 vps_10013 xinetd[8020]: START: smtp pid=24173 from=63.247.94.194 Oct 6 13:49:53 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=24173 duration=4(sec) Oct 6 13:50:49 vps_10013 xinetd[8020]: START: smtp pid=26117 from=63.247.94.194 Oct 6 13:50:53 vps_10013 xinetd[8020]: EXIT: smtp status=1 pid=26117 duration=4(sec)
I have a series of web services that are exposed to the world via IIS. The problem is I only want users to have HTTPS access to these.
At the moment everything is working fine, however users can access services via HTTP (port 80) and HTTPS (port 443). Using the IIS manager I have attempted to remove port 80, however it will not allow me to do this.
So the question is, how can I close of HTTP access within IIS?
Hopefully I'm posting this in the correct area. Our server runs CentOS 4.4 on x86_64 arch.
So basically everything was going rather smoothly...
Problems began to arise at the point where I finished installing/configuring SquirrelMail. Upon logging in, I saw this:
[see attachment]
Ok, so I checked maillog and saw:
Feb 11 13:50:46 zeus imapd: LOGIN, user=alex, ip=[::ffff:127.0.0.1], protocol=IMAP Feb 11 13:50:47 zeus imapd: Failed to connect to socket /tmp/fam-- Feb 11 13:50:47 zeus imapd: Failed to create cache file: maildirwatch (alex) Feb 11 13:50:47 zeus imapd: Error: Input/output error Feb 11 13:50:47 zeus imapd: Check for proper operation and configuration Feb 11 13:50:47 zeus imapd: of the File Access Monitor daemon (famd). Feb 11 13:50:47 zeus imapd: DISCONNECTED, user=alex, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=21, sent=57, time=1
So I did some searching and determined it was a problem with Courier-IMAP being compiled with File Alteration Monitor support and famd not running (I built RPM directly from source tarball without any customization whatsoever per the instructions on the Courier website).
I found some possible solutions to be:
1) Install and run fam and be sure portmapper is running as well (problem being is that fam has since been replaced by gamin on CentOS, which is installed properly on my system). 2) Do a source install of Courier-IMAP and --disable-fam
Ok, so route 1 went like this: I uninstalled gamin, found fam-2.6.8, installed it, started it manually, made sure portmapper was running and tried again. This time, I still got the same errors in SquirrelMail, but the errors in maillog didn't show up. However, shortly after the page loaded, the famd process I had started manually promptly ended without my intervention. Ok, onto trying #2.
Route 2 went like this: reinstalled gamin, then I tried building a custom RPM by manually configuring with --disable-fam and then using rpmbuild -bc --short-circuit and rpmbuild -bi --short-circuit. That didn't change anything at all, I still had the same errors both with SquirrelMail and in maillog. Then I said ok, I'll just do a complete source install. ./configure --disable-fam && make && make install. Manually started that server, tried again, same deal, both errors.
So I've got problems. Either with Courier-IMAP, SquirrelMail, or both. The other daemons seem to run fine, I just mentioned them in case of the possibility of some kind of (unknown to me) conflict.
If you need to see any of my configs, let me know...any information greatly appreciated...I'm desperate.
I rebuilt my VPS (again) today and noticed something different. Instead of the usual "Install LxAdmin" icon in HyperVM I read "Install Kloxo."
I looked at the demo and everything looked the same. Has anyone noticed any definite differences between the two? Has anything significant changed apart from the name?
I installed the Google Authenticator extension, and the inevitable happened: my phone died.So now I am left without access to the Plesk panel.How can I disable the authentication in the SQL database, so I can login again?
I'm running centos 4.4 and i just installed another HD... seems like everytime I reboot the server, my mount is gone... This is what I have in my fstab:
I am using nginx exclusively for my websites/php stuff and I do not need apache anymore. I want to switch off Web Server (Apache) service permanently (see screenshot 1). But somehow or something turns it always back on. I am getting a lot of apache memory warnings lately. I just want to turn it off.
Very often the firewall automatically ban some of my customers IP who has fix IP to access to their webmail and website, because they have over 100 staffs, maybe that is why the IP was banned automatically for having too many connections to the server.
Everytime I unban the IP, it keeps being banned again. I have to stop / restart iptables to flush it.
I am using the following mod_rewrite rule for shortened SEO friendly links: RewriteRule ^blog/([^/]*).html$ /blog/blog.php?pid=$1 [R=301,L]
For Google SEO reasons, will the shortened rewritten link created from above be the permanent link, from the R=301? Even though the longer link is still functional? Or, do I need to create a rewrite match 301 rule to push the long URL to the shortened URL permanently?
I have a mail server which is courier, postfix, amavisd, using Mysql db and virtual mailboxes which I administer through postfixadmin.
I want to be able to add a set of default folders to all mailboxes created such as Possible Spam and some others.
I have investigated shared folders but this is not what i want, is there a way I can get courier/postfix to create a set of additional sub-folders when it creates a mailbox.
