Custom SELinux Policies For Their Cpanel Server

Apr 11, 2008

Has anyone wrote custom SELinux policies for their cpanel server?

View 1 Replies


ADVERTISEMENT

Is Anyone Here Using SElinux On A Web Server

Nov 6, 2009

Is anyone here using SElinux on a web server?

If so, how hard was that to setup?

View 1 Replies View Related

Server Wide Custom Error Pages W/ Whm/cpanel

Aug 13, 2008

i have a server with whm/cpanel and would love to have custom error pages that work server wide not just for a specific domain. I have tried adding the "ErrorDocument 404 errors/404.htm" to the httpd.conf file but it doesn't work.

I have no trouble getting custom errors to work for a specific domain but can't seem to get it to work server wide.

Has anyone else tried to tackle this and actually had success?

View 3 Replies View Related

IP Security Policies

Jul 16, 2009

I want to setup a Windows 2003 security policy to filter traffic.

I want to let most of the world through to port 80 so maybe just ban a few nuicance IP's.

But then I have a POP / IMAP server, VPN, SMTP, etc that I want to block all but UK IP addresses.

I know I can do this through the MMC snap in but this is 1000's of IP's.

Is there a way I can import a list/range of IP's that I want to block from a country IP database?

View 14 Replies View Related

Using IPSec Policies To Help Prevent DoS Attack

Apr 22, 2008

Is it possible to use IP Security policies in Windows Server 2003 to help prevent types of DoS attacks? Today my server was attacked by a single attacker who merely connected and disconnected on open ports at an incredibly fast rate. This was enough to eat the cycles of the server processes effectively creating a DoS attack. I was hoping IPSec could help prevent this, but I'm open to use any other software as well.

View 4 Replies View Related

Uploading Scripts And Hosting Policies

Feb 25, 2008

I'm working on a php app that will be publicly released at a later point, that includes uploading functionality, but on my testing account, I get acces to /temp denied for permission reasons.

How normal is it for this type of obstruction to occur with webspaceproviders in general? If this is a fairly common policy, I need a solution of somekind. Perhaps uploadig the file temporarily to a folder on the users own webspace, instead of the location on the hosting server, being used by PHP by default (/tmp)

View 6 Replies View Related

Email Bounces + Spamcop Policies

Mar 30, 2008

So I get this email today from SpamCop complaining about my server sending unsolicited bounce messages.

Well yea... thanks to spammers domain spoofing and sending spam to my server, my server finds that there's no address - so it replies to the spoofed address.

My question is.... what do I do about it? The spamcop site has this to say... Though if I setup the server to do something odd like not sending a bounce because it's "filed internally", how will legit people get the proper bounce response??

Problem: Misdirected bounces

Description: When a mail server accepts a message and later decides that it can't deliver the message, it is required to send back a bounce email to the sender of the original message. These bounce emails are often misdirected.

Solution: Upgrade and/or configure your mail server software so that this situation is never encountered. Configure your software to either reject messages during delivery or accept them permanently. Do not let your software make choices about delivery after it has accepted a message. If you must accept delivery before you know the status of a message, then file it internally - do not send, forward or bounce it outside your organization. The errant message can be placed in a special folder or routed to your postmaster.

View 2 Replies View Related

Webhosting Providers And Permissions Policies

Jan 26, 2008

I don't have too much experience with different providers, so I need to ask this:

I'm creating a set-up/installation script for an application I will be releasing to the public at some point where I would like to autogenerate it's set-up (tables, users etc.) to the largest extent possible. I just tried out my script on a testing account and the automated creation of a limited MySQL user with GRANT failed, due to lack of permissions for doing that with this particular provider. My question is this:

What can I safely - on average - automate through a set-up script for a webapplication running in a shared envrionment and what will usually be disallowed by the average provider? Plesk allows me to create a new user through it's web interface, but it doesn't (as far as I can see anyway) allow the individual setting of permisssions for that user, making it very hard to follow the security policy of "least priviledge"...

Stuff that I'm thinking of is: Table creation, folder, file- and user creation.

View 4 Replies View Related

Selinux (ping)

Jul 26, 2008

My server ping keeps disconnecting

However my ssh & website is smooth running!

When i type "service iptables stop", the ping runs just smoothly.

I have CSF installed in the server, like any other server using default configurations. I believe it has something to do with selinux? (or not?)

View 2 Replies View Related

Disabling SeLinux Enforcing

Apr 7, 2007

I am not expert in linux box.... Actually I have found a problem in my machine, our clients are not able to access their sites from server, when I checked the system log it was related to Permission Denied. Someone told me to disable SELinux enforcing, Now after that my problem resolved.

But I am curious that what exactly Selinux is and what kind of issue it may create for my box if I disable it?

View 4 Replies View Related

Selinux/Adaptec Driver

Oct 21, 2007

I am having quite a challenge getting openvz to work on centos 5 with a adaptec RAID card.

The driver likes the plain jane kernel..but then...

Configuration [OpenVZ (2.6.18-8.1.14.el5.028stab045.1)]

***NOTICE: /boot/vmlinuz-2.6.18-8.1.14.el5.028stab045.1 is not a kernel. Skipping.

There is also another issue not being able to disable Selinux.
I have tried the normal routes and even attempted disabling it in rc.sysinit..still...this "security framework" is able to load it..and cause problems.

Openvz and SeLinux don't get along..even a little bit.

So..those are the two probably seperate issues...that prevent the poor server from booting.

View 1 Replies View Related

[Review] SameerHosting SCAM COMPANY, BREAKS PRIVACY POLICIES

Apr 21, 2009

SameerHosting has been the biggest mistake I have ever made as far as purchasing a service online is concerned. This fake company and more importantly their Owner/Employee/[Insert Job Title Here] Jordan has been the most nasty, hard to work with, and distasteful person I have ever dealt with in my life. I recommend anyone to stay as far away from this company and child as possible. Below are parts of an initial post of mine at DP Forums. There are so many posts, threads, reviews and this kid and his fake company out there that you shouldn't have any trouble finding out everything that has occurred in the past 1-2 months. Thanks for your time:

I had purchased a dedicated server with this guy not realizing he was a 14 year old kid with a bad temper and poor spelling. I paid for the server and he managed to get into an argument with my tech about something (its in that thread). He then got mad at me and took out his anger on me even though I had no idea anything had happened until after the fact. He involved me in something I had no part in.

I have discussed this guy so many times that I am tired of talking about it but will give you a summary of what recently happened. Jordan pmed me through this forum through one of his other (now banned) accounts. This kid knows he will be banned from most forums and makes a handful of accounts to fall back on. He offered to give me a refund if I tell my tech to stop posting about him. Of course I did what he had asked me to do.

I have been honest and given him far to many chances to make right. Well, he ended up telling me I am no longer getting a refund from him because my tech keeps messing with his servers (which I doubt is actually happening). I am being punished again for something that does not have anything to do with my actions. He has now block me from yahoo messenger,msn messenger, his live chat.

Since I posted this on DP I have been in contact with his legal guardians and they have been no help.
Jordan has messaged my Personal Billing details to many of his customers and others along with edited defamatory pictures of someone that is supposed to be myself. That is totally illegal and childish. He did this because I spoke against his scam company and illegal wrongdoings.

If anyone has had bad dealings with this company please post everything that has happened in this thread and also PM me and I can give you the e-mail of the people who take care of him and you can tell them what he has done. He needs to be stopped.

Again, it is very important to post in this thread with information about what he has done to you, the more info the better as these people will possibly listen to me and others.

View 14 Replies View Related

Custom Cpanel Backup

Jun 7, 2009

I have a server that has Cpanel doing nightly backups using the built in auto backup tool in WHM. However, I have one account on the server with a 7 GB database. Everytime this database was dumped to the backup it would lock the database from users accessing it for about 30 minutes.

So instead, I'm now using a slave/master replication setup to do the database backup incrementally and have excluded this account from being backed up every night.

However, I would still like to be able to back up the account itself. Is there a way to setup a unique cron task to backup just this one account and skip the mysql database export?

Does cpbackup do anything more than just zipping up the account's folder in the home directory? Or are there other files it needs to keep in order to do a restore?

View 3 Replies View Related

SELinux Is Preventing Apache/PHP From Loading Modules

Jul 28, 2008

I can't get SELinux to let httpd load the IonCube module for PHP. I've given the CentOS 5 forum a try (here: http://www.centos.org/modules/newbb/...15403&forum=42), talked with WHMCS's support (the app I'm using that needs it), and even opened a ticket with IonCube. Unfortunately nobody seems to know how to tell SELinux to let httpd "exec" modules.

I'm running CentOS 5, and the error I'm getting in /var/log/messages is:

Jul 23 10:15:30 host kernel: audit(1216833330.905:1249): avc: denied { execheap } for pid=22055 comm="httpd" scontext=root:system_r:httpd_t:s0 tcontext=root:system_r:httpd_t:s0 tclass=process

I can disable SELinux and it works fine (setenforce 0), but that's not the solution I'm looking for. Can someone please tell me how to do this the *right* way?

View 11 Replies View Related

Making SELinux And Apache Play Nicely

Feb 15, 2007

Is it possible to make these two work together? I can't seem to find any way to let Apache read /home/<username>/public_html without disabling selinux entirely.

I know you can do "chcon -t httpd_sys_content_t -R $HOME/public_html", but it seems like it would be a pain when adding users, especially if someone decides to delete their public_html and make a new directory.

Is it possible to create an exception to let httpd do whatever it wants?

View 0 Replies View Related

Custom Routers/Transports W/ CPanel

Apr 4, 2008

I have a lot of dedicated IP accounts that I want Exim to send mail from (in other words, not to use the shared/primary IP of the server).

Has anyone successfully configured cPanel/Exim to do such a thing, such as this:

[url]

View 0 Replies View Related

Custom Icon Groups In Cpanel

Jun 24, 2008

how you create a custom icons/plugins group in cpanel. I know you can make new icons like one for Domain Registration or whatever, by using the cpanel plugin creation tool at cpanel's website. But, I was wanting to create a whole new 'category' of icons, like how "Domains", "mail", etc.. has it's own categories.

View 14 Replies View Related

How To Custom Cpanel New Account Email

Oct 13, 2007

I have a limited access to WHM because I'm with a resellet account, but I want to change the new account email that sends cpanel. Server has installer RVSkin if this helps...

I've looking in WHM but I didn't see anything...

Can you tell me where is this option? then I check out if I have it...

View 6 Replies View Related

Custom Server Builds

Jun 14, 2007

I got a good response last time with suggestions on where to go for co-location, and I've made a choice where I'll be co-locating within the next month or two. So now is the time to look into buying a server. Does anyone know of any good places to custom build 1U Servers online to get a quote and buy one?

I've looked at a few different places and tried searching on here, maybe the words I used in the search weren't right as all I found was dedicated server prices or resellers.

View 10 Replies View Related

Creating Custom NameServers With My Domain On WHM/cPanel

Oct 28, 2009

As the title says.. can anyone guide me on how I could do this?

View 4 Replies View Related

Plesk 12.x / Linux :: Change Location Of Mail / Maildirs And SELINUX

Mar 2, 2015

I have changed the maildir in Plesk according to [URL] ..... Everything works like a charm, however selinux doesn't allow access to the new directory. That means we get a permission denied and no mail is received at the server anymore.

Old location: /var/qmail/mailnames/
New location: /mnt/bigstorage/mailnames/

tail -f /var/log/maillog:
Mar 2 13:38:42 srv2 postfix-local[5983]: postfix-local: from=example@example.com, to=example@example.com, dirname=/mnt/bigstorage/mailnames/
Mar 2 13:38:42 srv2 postfix-local[5983]: cannot chdir to mailnames dir /mnt/bigstorage/mailnames: Permission denied

If we disable selinux, everything works, however this is not the best practice.

How can I fix this error without disabling selinux?

View 1 Replies View Related

Custom Server Spec Opinion

Oct 7, 2007

I'm considering building the following 1U rack server for colocation. I'm completely new to rack servers and colocation so I would be very grateful to hear your opinions:

Intel Core 2 Quad Q6600 CPU
ASUS P5B-VM SE Motherboard
8GB PC5300 667MHz Non-ECC RAM
500GB HDD
345W Power Supply

I also have a few specific questions:Are there any differences between the Q6600 and it's Xeon equivalent? (especially power wise?)

Are there any disadvantages using a desktop motherboard in a (1U) server? (again, especially power wise?)

I've read that non-ECC memory is a lot more acceptable for servers now than it was a few years ago, is this true?

Does a 500GB drive use much more power than a 160GB drive?

How many watts of power can I expect the server to use?

Does a 1U chassis usually come with uATX mounting points?

View 10 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved