Syed Ashik Mahmud - Pro System Admin and Malware Cleaner

Author: coderstent (Page 2 of 4)

Error: “WARNING: RESTRICT_SYSLOG is disabled. See SECURITY WARNING in Firewall Configuration”

If you are getting error “WARNING: RESTRICT_SYSLOG is disabled. See SECURITY WARNING in Firewall Configuration” after clicking on “configServer security and firewall” then you have to follow below steps. You just need to change the value of RESTRICT_SYSLOG from 0 to 3 and save changes. This step will remove your error. In this article we are further going to explain the step by step method to remove this error. You can easily solve this problem through WHM or can directly access the csf.conf file and make changes in it. Both ways are explained below:

Login to WHM.

Click on “configServer security and firewall” under plugins or search “firewall” in search box.

A new window will appear with this error “WARNING: RESTRICT_SYSLOG is disabled. See SECURITY WARNING in Firewall Configuration”. To solve this error click on “Firewall Configuration”.

Here set RESTRICT_SYSLOG to 3.

At last SAVE and Restart CSF (ConfigServer Security & Firewall).

You can also directly make changes in csf configuration file through vi editor.

You can open the file though this command :

Code:

# vi /etc/cfs/csf.conf

In this file search for “RESTRICT_SYSLOG” and set it to 3.

Change it to 3.

Code:

RESTRICT_SYSLOG = “3”

At last restart csf with this command :

Code:

# /etc/init.d/csf restart

How to enable/disable allow_url_fopen and allow_url_include functions

allow_url_fopen:

For security reason, in shared hosting account allow_url_fopen is disabled by default. If you want to enable this function, you need to modify the custom php.ini file.

allow_url_include:

This functions is also disabled and to use allow_url_fopen you need to turn on this function too in the same way as allow_url_fopen.

 

Steps to enable allow_url _fopen and allow_url_include functions:

Step 1: Create a custom php.ini file in your public_html folder

Step 2: Add these two lines in your php.ini file to enable these functions:

allow_url_fopen = on

allow_url_include = on

Save the file and you are done.

 

Steps to disable allow_url _fopen and allow_url_include functions:

Step 1: Create or open the custom php.ini file in your public_html folder

Step 2: Add these two lines in your php.ini file to disable these functions:

allow_url_fopen = off

allow_url_include = off

Save the file and you are done.


How to genearte a secure mail server addesses with SSL /TLS in cPanel and Cloudflare

1) Add cpcalendar, cpcontacts, mail and webmail A records pointing to your sever’s IP. make sure the Procy Status (Cloud) is OFF (DNS only)

2) Once this records are properly set up, back in cPanel we will open SSL/TLS Status, here we will generate an Auto SSL, but before remove any subdomains that are not going to be used.

For example if your domain is hosted somewhere else remove the main domain and the www subdoamin. you might find some weird addresses like www.domain.mailserver.com, you can also Exlude those before running the AutoSSL.

3) Once you have excluded all the unwanted addresses, click Run AutoSSL, this might take a while depending on how many domains you have so, prepare a coffee and sit tight.

If everything went well you will see green locks next to all your addresses:

4) Now we are ready to use the secure connections provided by Cpanel, go to Email Accounts -> and select the desired account and click on Connect Devices. There you will see all the necessary information to connect suing SSL/TSL

How to setup mail server’s records in cloudflare and cpanel (DKIM and SPF) ?

Many times we have a website but we are not using our domain to create email addresses. If that is the case the domain main A record is already pointing to a server where the website is hosted.

If you want to setup emails for your domain in a different server, there a few things that need to be done on the DNS. For this tutorial we will use cloudflare as our DNS manager, and a cPanel server as our mail server.

1) Add the doman to your server, in Cpanel this is done in the Domain Addons section. Simply add the domain. assign a subdomain and a path, cPanel will suggest one for you so you can go for that.

2) Identify the IP of your server because we will use it to set up a few records on the DNS, in Cpanel go back to the home page and it will be located on the right side

3) Next we need to add a few records to cloudflare so we can connect our domain to the server and also make to the have the right configuration for email deliverability. (Avoid Spam Box).

We will add 4 A records: mail, cpcontacts, cpcalendars, and webmail, all with the same IP address that we got before, make sure the cloud is turned off if using cloudflare. (cpalendars and cpcontacts are optional and used only if you will synchronize calendars and contacts).

Once all 4 are added it will look like this (plus any other records you might have):

Then we need to go back to Cpanel and get information about the DKIM and SPF records, these are standard records to ensure Email Deliverability and do not end up in the Junk mail.

4) In Cpanel look for Email Deliverability and click on manage next to your domain.

If you notriced Cpanel had a warning “Problems Exist (DKIM and SPF)” this is because we need to install the records on the DNS.

5) Copy the Name and Value for the DKIM TXT record and paste it in Cloudflare as TXT records. Do the same for the SPF record.

In Cloudfalre:

Once Both records are installed they will show like this

To make sure that the records were well instaled, we can go back to Cpanel and open again the Email Deliverability, if we have a VALID notification, then we successfully installed the records.

If you got to this point you have successfully setup the records and now you are ready to create new email accunots

6. From Cpanel, go to Email Accounts -> Create and select your domain, then assign a username, a password and a Storage Space. about 5Gb should be enough to start with.

Domain has outgoing email disabled

You can fix this through this command.

Code:
whmapi1 unsuspend_outgoing_email user=$USER

Ex : whmapi1 unsuspend_outgoing_email user=test

Here test is your cpanel account name

Ref :

https://forums.cpanel.net/threads/domain-has-outgoing-email-disabled.548681/
https://forums.cpanel.net/threads/suspend-sending-outgoing-email.651981/

Changing the SSH port number

To change the port for the SSH server, follow these steps:

  1. Log in to the server as root using SSH.
  2. Open the /etc/ssh/sshd_config file in your preferred text editor (nano, vi, etc.).
  3. Locate the following line:
    Port 7822
    Remember that for security reasons, A2 Hosting uses port 7822 for SSH connections instead of the default port 22.
  4. Change 7822 to the new port number that you want to use.
  5. Save the changes to the /etc/ssh/sshd_config file, and then exit the text editor.
  6. Restart the SSH service using the appropriate command for your Linux distribution:
    • For CentOS and Fedora, type:
      service sshd restart
      
    • For Debian and Ubuntu, type:
      service ssh restart
      
  7. While still logged in as root, in a new terminal window try to log in using the new SSH port number. If the login fails, check your settings. Do not exit your open root session until you are able to log in using the new configuration.

How To Find and Edit php.ini File Using SSH

This is very simple way to find php.ini file to make changes. You need to have access to these files, and SSH login.

Step 1: To quickly find the file type:

php -i | grep 'Configuration File'

It will show you the location of the file. For most VPS servers, the file is located is /usr/local/lib.

Step 2: Enter the following command to change the directory:

cd /usr/local/lib

Step 3: You can use ls command to confirm the location. This command will display list of all the files and directories in the current location.

ls

Step 4: To edit the file:

pico php.ini

That’s all!

« Older posts Newer posts »

© 2024 Coders Tent

Theme by Anders NorenUp ↑