Recent content by ccto

Yes, when iOS users setup mail account with that self signed cert in the past, it seems it stucks with that key/cert file. If we change /etc/exim.key , /etc/exim.cert , they have no ways to connect to server (unless delete email account in iOS, and re-configure mail account in iOS) So, we keep...

IMHO - No matter it is a valid certificate or self-signed certificate , changing Apache SSL certificate, FTP SSL certificate are of little impact. --- However, we are very cautious when changing Exim (and Dovecot) default SSL (i.e. /etc/exim.key and /etc/exim.cert) From our experience, for...

We encountered the same issue for 2 VMs - failed to start Apache 2.4.59 (Both AlmaLinux 9.3 and Apache 2.4.59) ---- After updating Apache 2.4.59 One is /etc/httpd/conf/ssl.crt/server.crt.combined becomes 0 filesize We simply run cd /etc/httpd/conf/ssl.crt/ cat server.crt server.ca >...

We use this strategy to move data from old server to new server. Inside directadmin.conf - skip_hometargz_in_backups=1 skip_domains_in_backups=1 skip_imap_in_backups=1 skip_databases_in_backups=1 skip_uebimiau_in_backups=1 service directadmin restart

ref.: https://almalinux.org/blog/2024-04-02-xz-and-cve-2024-1086/ https://nvd.nist.gov/vuln/detail/CVE-2024-1086 https://access.redhat.com/security/cve/CVE-2024-1086

I prefer borg backup (incremental backup + deduplication + compression + retention) Also, it is possible to restore individual file using borg backup. First, mount borg repository into (e.g.) /mnt/ , then you can browse/copy the backup archives with individual files, then unmount borg...

F.Y.I. - @smtalk ☝️☝️ It may, or may not, be correct. RHEL said MariaDB is under RHEL 8/9 Full Life Application Streams Release Life Cycle. However, in RHEL 8, RHEL 9. Not yet sure it will backport fix or not yet. I tried to look more - In RHEL 7/CentOS 7, MariaDB 5.5.68 was the last one...

My concern is MariaDB 10.5 in RHEL ones shall contain update till 2032 (instead of 2026). Not sure AlmaLinux one follow or not. (Update: It may not work. No MariaDB update in CL7 since 2020)

@fln , may I know, within a single DirectAdmin server (running with legacy license), does DirectAdmin allow we install MariaDB from distro RPM package (from RHEL/RockyLinux/AlmaLinux), instead of CustomBuild one? "Allow" means we (as admin and as end-users) can manage database inside DA panel...

EL 7, 8, 9 are not affected , according to redhat.com (RockyLinux / AlmaLinux shall probably share the same version of glibc) ref.: https://access.redhat.com/security/cve/cve-2023-6246

In the past, in a few circumstance, we encountered similar case for Apache - "Couldn't create the rewrite-map mutex" not sure it relates to your case or not. We run the following to clear semaphore service httpd stop ipcs -s | grep apache | awk ' { print $2 } ' | xargs ipcrm sem service httpd start

Do you know the difference for the following 2 - clear_blacklist_ip_time unblock_brute_ip_time Basically, I want - if being brute forced over 65 times within a hour, then block that IP for 1 hour. ref...

This is a patch release of 4.97 containing fixes for CVE-2023-51766. ref.: https://bugs.exim.org/show_bug.cgi?id=3063 https://nvd.nist.gov/vuln/detail/CVE-2023-51766 https://bugzilla.redhat.com/show_bug.cgi?id=2255852

From my understanding, it seems - Q1) DirectAdmin does not compile mod_sftp into ProFTPd by default. Q2) sFTP runs on port 22 by default, am I right? am I right?

It worked. ref.: https://forum.directadmin.com/threads/legacy-code-base-does-not-support-rhel9-system.69643/#post-369031