Search results

Unless DirectAdmin is somehow maintaining their own version of the Comodo ruleset, the actual ruleset from Comodo has been dead for ages. https://forums.comodo.com/c/free-modsecurity-rules-comodo-web-application-fi/34

Is anyone else having issues bringing Roundcube contact information from a cPanel server to a DirectAdmin server using the cpanel_to_da.sh? It actually looks like this is more of an issue with the DirectAdmin restore function than the cpanel_to_da.sh script. It would seem that the...

Automatic email forwarding (as you would set up in your DirectAdmin control panel) will always fail SPF. If the directadmin.com domain sends an email to your example.tld email address and your example.tld email address forwards that message on to your protonmail.com email address (or any...

One of the things that has haunted DirectAdmin is scattered or outdated documentation. Since taskqueue was brought into the directadmin binary several versions ago, I wasn't sure if /usr/local/directadmin/data/task.queue was still in use and whether or not the documentation given on that page...

What is the proper way to restore a user's backup from an admin-level backup, from the command line?

curl -s https://files.directadmin.com/services/csf-15.02.tar.gz | tar -zxOf - csf/changelog.txt | less If you want a one line command to view the changelog.

I think this speaks to my main concern. I'm not faulting DirectAdmin for having bugs in each new release - this is just part of software development. But rapid release schedules means that we either have to skip over several versions to insure stability or experience those bugs on our systems...

You need to get a timestamp for when the files were added. Then scour your logs to see what was being done around that time on the account. A lot of times this leads to another "file that shouldn't be there", so you have to timestamp it and scour the logs... rinse repeat until you come upon...

Meh! I'll withhold the rest of my opinions on this. But I will add this... and maybe other administrators of larger number of production servers will chime in (maybe they chime in stating they don't have a problem with this). Rapid release schedules, frequent updates, or just updates in...

What new features have been added since 1.680? It looks like most of the changes in recent updates are fixes or updates. Could 1.681, 1.682, 1.683, and 1.684 all just be "hotfix" releases for 1.680? I would probably concede that 1.681 introduced the web based installer, so maybe 1.682, 1.683...

Can I go on record and say that I'm not a fan of this new rapid release schedule?

I suppose the first question to ask is how are hackers getting into your WordPress script? I don't know the answer to that. You'll have to discover that yourself. You have stated that you are using outdated and abandoned plugins and themes, so it's reasonable to assume that an exploit or...

You can keep using the theme. But you have to understand that this is going to be the cost of doing so. An abandoned theme (or plugin) that has a security hole, isn't going to be patched. So you are going to be perpetually open to exploitation through this security hole. This is why it is so...

Not going to say that I'm right in all of this, this is more of my opinion... You can sometimes license yourself to death. Purchasing all kinds of software and paying a lot of money per month for all of the license without ever seeing a lot of benefits. I've never been a huge fan of...

SMTP_PORTS in this context, is defining what ports CSF should block underprivileged users from connecting to directly. In the olden days, there was a script called Dark Mailer (I'm sure there were a lot of others) that worked by connecting directly to mail exchange servers on port 25 to send...

Is PHP-FPM suppose to operate in a jailed environment? Or are you referring to running PHP from a shell, when that shell is /usr/bin/jailshell?

Checking the logs will likely reveal more information than any GUI tool. Some of this may be in what email addresses you are using, and it's hard to tell with your obfuscation (not complaining about obfuscation, just stating that it's difficult to tell). Are you by chance sending out emails...

PHP's mail() function - by default - will send mail by parsing it directly to the sendmail binary. If you load up a phpinfo() page from your server and view it in a browser, look for sendmail_path or Path to sendmail This should be set to /usr/sbin/sendmail -t -i If it's not, then that may be...

/etc/exim.variables.conf.custom isn't included in the /etc/exim.conf file because it is used by build_exim to build the /etc/exim.variables.conf file, which is included in the /etc/exim.conf file. I suppose /etc/exim.strings.conf.custom is listed in the /etc/exim.conf file because it can be...

Well... I mean... consider the AUTH_BLOCK_SENDER_SPOOFING added in DirectAdmin 1.680. Remove or insure that no AUTH_BLOCK_SENDER_SPOOFING is mentioned in /etc/exim.variables.conf.custom and then run an exim_conf rebuild. Check the /etc/exim.variables.conf file. Is AUTH_BLOCK_SENDER_SPOOFING...