Search results

Actually the message shows you that your pfsense firewall is not blocking brute forces. Which I totally understand as it's another machine, but this does answer your question... Yes, keep csf running on the vm to keep blocking these brute force attempts.

Sorry, but no one in his right mind would RECOMMEND doing that on the same server.

Sure, if you have e.g. a /24 subnet you might get your hoster/provider to delegate it to your dns servers. If he's willing to do that depends on the provider. Not every provider wants to do that. For less than a /24 I wouldn't even bother to ask them, but if they do, you can simply add the...

Funny how people never seem to look at dates of the previous posts :)

Well, you can't 'scale' a DirectAdmin setup in any cluster environment like docker, kubernetes or simply multiple servers, but... you might go down this road: I presume you use kubernetes with docker. 1. create a docker DA instance and make sure you have some kind of shared storage from where...

I appreciate that, but i've seen al those 'solutions' already before I posted the question. I might switch a server to plesk or whatever to see if that solves it.

Easy, just start your own forum :)

Yeah, well, I have valid certs, up2date ca-certificates etc... and half of the answers state it's the clients fault in not sending the right cert/chain, others say it's the servers fault in checking the ca. But I'd like at least a 'they fucked up'/'you fucked up' answer.

That would only change the ciphers. But the error is about the CA. I think.. a secure client is sending an client-certificate and exim is unable the verify the ca of that certificate. So, e.g. your secure client sends an email and includes his Thawte certificate, my exim should be able to check...

Well, still not sure if it is a bug... I can find about zero usable solutions online about this. Tried a zillion thing with no luck...

Exim still drops secure mails on port 25 with 'tlsv1 alert unknown ca'. Even with 'tls_try_verify_hosts = *' which means that secure connections should still get accepted when the cert or chain is not valid. Really would like a solution to this as it looks like an error in the default exim config.

Uhm, well, it IS an admin... if you limit his/her functions, it's not an admin anymore.

Actually you should see more of an error, you're missing 6 seconds because of the 'grep'. Well, not 6 seconds... but you still miss something. If named fails to start it usually tells you why. Try running this: /usr/sbin/named-checkconf /etc/named.conf

check /var/log/messages for more details.

iirc this is done in /etc/httpd/conf/extra/httpd-cloudflare.conf remove the config and restart apache.

Yes, you DO need a reboot after converting to cloudlinux because you get another kernel and they say so themselves. Besides that I've had a converted centos 7 vm not booting with a cloudlinux kernel on xenserver 6.5 once.

Hmm, that second command should give the netmask, not the interface name. And you should fill in enp0s31f6 and not ifcfg-enp0s31f6. Check your /etc/sysconfig/network-scripts/ if you didn't accidently put something like DEVICE="ifcfg-enp0s31f6" instead of enp0s31f6.

It says so in the error 'integer expression required'. An ip-address is a string, not an integer. Check the output of: ip addr show ${ETH_DEV} | grep -m1 'inet ' | awk '{print $2}' | cut -d'/' -f2 Where ${ETH_DEV} is e.g. 'eth0' or whatever returns from: ip addr | grep " 176.xx.xx.xx/" | awk...

Maybe your /tmp dir is mounted with noexec?

xmlrpc in php 80 is installed using pecl (beta). Make sure you have popen removed from your disable_functions in the 8.x php.ini, then: /usr/local/php80/bin/pecl install xmlrpc channel://pecl.php.net/xmlrpc-1.0.0RC2 Next, add the extension to your php.ini and re-add the popen to...