Search results

That depends. Do you use DMARC? If yes, remove that (or temporary remove it) and see if the issue persists. I would start to check the headers from the mail you received in Protonmail so you can investigate exactly at which point the issue occurs. My good guess is DMARC because of DKIM failing...

It depends on what you want. We just run Almalinux 9 which is EOL in 2032. It more that MariaDB and MySQL will be EOL next year (MariaDB in june) which might be a decision maker. Everything else will still work, so there is still time to move on to a regular subscribtion. I don't know how long...

Again, that is not from the admin backup/restore command. That is a user backup. Admin backup/transfer backups are not named like that. This is admin user level backup.

I know, the highest number which I've encountered in the logs was version 100. I'm blocking everything below version 115. But I don't use mod_security. @johannes I use this line in my .htaccess but it might get to my httpd-includes.conf with the other bad bots if other sites get attacked too...

Isn't granular another word for "detailed"? Because yes it's on or off. Off is the old way, I'm not native English and so don't understand what difference granular would be. As far as I understood Shanti was not aware he could easily put it off again, but ofcourse I could be wrong due to this...

Yes, but they are on their own vps or dedi, not on shared hosting. Cloudflare is no option for shared hosting. And I've already checked douzens of ip's which unfortunately came all over the world not mainly from Brazil, also for example from US datacenters. However, I managed to find a good...

Just say "modern license" because there is no pro pack anymore seperately. Was integrated in DA years ago already.

Right, because as you could read, changing the backup folder in Evo is not very clear. In Enhanced you see it at once. In Evo you have to push buttons again to find things. Less clear overview. That's the reason I advised to (temporarily) change to Enhanced where this is much clearer for this...

Oke then you might need to do the next step, move and remove some files first and then create a single backup and see if that is ok then or still have errors. If yes, we need to investigate further. Maybe @zEitEr also has some idea's about the cause of the errors otherwise.

Yes on the admin/backup transfer page where you can put if you want ftp or local backup you can also put the destination. Again a usefull option which can not be find easily in Evo. One of the reasons I really dislike the Evo skin. I couldn't find it that quickly otherwise I would have provide...

Oke 2 things, you can define the destination forum yourself. So it might be set to /home/admin/backups but then you best change that to /home/admin/admin_backups again. However, this does not change the fact that the filename you were showing is a user backup and not an admin backup/transfer...

That is not an admin backup/tranfer, that is a user backup. This can only be made at user level and you should restore that at user level. When using admin backup/transfer then a backup is made called something like user.admin.accountname.tar.zst for example. Still odd, as both the admin...

I have my company on 2 servers. As far as I know these are configured exactly the same. Now on the primary server my domain name is mycompany.nl and on the second server it's my-company.nl but now every time on the 2nd server SPF and DKIM pass, but there is a failure on DMARC and I can't...

Nice. But we use Apache. It seems a real phpBB issue with these attacks which is going on since beginning of this year. And if I read this blog the that guy managed to find how it's done but blocks first went in the 10 thousands and later even in the 100 thousands of blocked ip's do that is no...

We got a user which got automatically suspended twice this month for bandwidth overusage. However, in both cases his site was just not reachable, but no message was shown. Normally a suspended page is shown. What can be the cause of this? Bug?

Ehmz.. thank you. but can I also use that in my system somehow? So could I use this then? BrowserMatchNoCase "(?:^| )Chrome/(?:\d|[1-9]\d|1[01]\d)" bad_bot or does it need to be like this? BrowserMatchNoCase "Chrome/(?:\d|[1-9]\d|1[01]\d)" bad_bot? Ah well... I will just test it, thank you...

I guess not, these are put in there by default by DA: pexe:/usr/local/php../sbin/php-fpm pexe:/usr/local/php../sbin/php-fpm.. Do you have those too in the csf.pignore? If not, I would add them and restart csf and lfd. This is the complete list for php versions: exe:/usr/selector/lsphp...

Did you check the docs about this? https://docs.directadmin.com/changelog/version-1.680.html#%EF%B8%8F-sender-address-spoofing-protection You should be able to use the commands in there so sender spoofing is not done anymore and in fact so the change is reverted by a little customisation.

That might be a good idea too indeed. But if somebody could give the correct line to block everything below 120 I should be fine for the moment and then I'm going to have a look at crowdsecurity this week. Seems interesting.

Please start a new thread about your question, that is off-topic here.