Search results

I know how fail2ban works. And i found the answer myself: Yes they are needed. imap registers these logins as coming from [::1] (localhost), and localhost is whitelisted so hackers/scriptkiddies/password guessers that try via a webmail will never get banned. regards Jan

Fail2ban takes cpu cycles that websites can't use, so there is no point in having unneeded fail2ban jails. This made we wonder: is there a point to fail2ban-roundcube and fail2ban-horde? we also use mod_evasive. As i see it: - scripts that try to "guess" passwords will be banned by the imap...

First of all: you need to establish what your question is and from that you can start finding out what the problem is. Is it postfix or dovecot ? These are 2 very different servers that do very different things, yet you mix them as if they are one and the same. Why can't you adjust your...

If the filter says digest-md5 is not permitted and you try to connect with digest-md5 then it is not the filters fault. Just the opposite, the filter works perfect and as intended. You keep saying its wrong, while the filter only does what it is told to do, and while we keep giving the answer...

Wrong settings NEVER work, thats why they are called wrong. Its just that they will get banned after 5 times seen in the log. I am pretty sure "auth failed" is a wrong setting. As i sayd in an earlier post: You need to compare the logs with the jails/filters to see what triggered the filter...

@daanse Fail2ban checks the logs for paterns. I am pretty sure the writers of the filters have examined the logs extensive and created filters that only ban what is really wrong. The best thing you can do (as i suggested earlier) is to check the logs on who and why this jail gets triggered...

But it is mentioned, it is supported. The problem is that the requirement page says upto 10.1 and in the example on the support page 10.2 is installed. So i was wondering which one is the maximum supported version. regards Jan

I am a bit confused Software Requirements for Plesk says How to upgrade MySQL 5.5 to 5.6/5.7 on Linux says Is 10.2 supported or only up to 10.1? If 10.2 is supported, then please update onyx software page regards Jan

have you looked at this? SMTP authorization does not work with Postfix MTA: "SASL login authentication failed" check also the smtpd_tls_security_level = may setting in /etc/postfix/main.cf as discribed in Postfix TLS Support I have smtpd_tls_security_level = may smtpd_use_tls = yes...

You need to look at /var/log/fail2ban.log to see what rule gets triggered, postfix or dovecot then look into /var/log/maillog the reason it gets triggered here is an example of postix that gets triggered by a hacker /var/log/fail2ban.log 2017-05-04 11:16:45,093 fail2ban.filter [2903]...

I am a bit experimenting with the app vault and i came across this: Drupal Click Scan to add this WordPress installation to the WordPress Toolkit. Joomla Click Scan to add this WordPress installation to the WordPress Toolkit. Whatever is installed, it always wants to add it to the wordpress...

@UFHH01 thanks for that answer, but this was not the question. I know how to generate a csr for a domain, i want to know how to generate a csr for multiple domains, or if this is even possible via plesk. SAN = Subject Alternative Name In a csr with SAN domains, all the names need to be in...

It is now possible to secure a domain and its aliases via let's encrypt, but how do i secure a domain and its aliases via a "normal" certificate? For a webshop i need to get a EV certificate for a domain and a few aliases (via SAN), but how do i generate the csr for this via plesk? regard Jan

To add to this: a fail2ban rule for mod_security is a bad idea that breaks more then it solves. Both do the same thing: stop bad people from doing bad things on a website. But if a legit user makes a mistake (like yourself now), like making a normal posting that has words like "insert into...

you can unban yourself via plesk. If you get yourself banned via fail2ban, you can always enter via another way. fail2ban works on the port it bans you for. If you trigger a rule that bans you for apache, it only bans you on port 80. You can enter via plesk or ssh then and unban yourself. The...

Do you have the mod security rule enabled in fail2ban? Regards Jan

There are a lot anti-spam options for plesk. Some are open source, some are not, but they all cost money is some form. Either you pay someone else for there time and expertise, or you have to invest your own time learning it. There is no free solution that you can forget about after installation...

I find greylisting not worth the effort and sometimes it brakes more then it solves. Let me explane. Greylisting "remembers" the ip, gives an error the first time and whitelist the ip the second time the sending mailserver tries to send the mail. This only works if every valid sender re-sends...

I am blind or it is not in the documentation: how to turn 1 modsecurity rule off - in reseller documentation - in customers documentation all i could find was how to disable rules in the Administrator's Guide via tools & settings, but that link is offcourse of no use for customers or...

Update 23 are php security updates, i would not recommend reverting this. If the board ran fine before with the same configuration then there is a good change that IP.Board isnt compatible with the new php version. If rebooting the server and cleaning /var/run/mod_fcgid/sock/ doesn't help then...