Search results

  1. johannes

    Need Help With Installing & Configuring ModSecurity in DirectAdmin

    @2>: i`m using comodo ruleset for years and all few monthes i take a customer domain out of the list, because it blocks something wrong (aka "false positive"). I have no time to check all rulesets and changes ongoing and manually. I heard that OWASP may could be better, but have no experience...
  2. johannes

    DNS protocol changes or what

    Hey folks, sorry i dont know if this is important or not, so i wanted it to bring to your attention and - please - tell me, is this something important or not? I`m not so familiar with DNS and have only basic knowledge, so I`d love to hear your feedback on this article, thank you...
  3. johannes

    After DA Update - Brute-Force Attack from localhost on User root

    Hello guys, strang thing after DA autoupdate: at 4:22 Directadmin autoupdated itself, 1 Minute at 4:23 later I got this systemmessage: Brute-Force Attack detected in service log from IP(s) localhost on User(s) root IP localhost has 2263 failed login attempts: mysql1=2263 User root has 21...
  4. johannes

    FastCGI_Cache with Apache-Nginx

    Hi, is it possible to use FastCGI_Cache when using Nginx-Apache (proxied)? I got contradictory answers so far. According to an article here https://www.ryadel.com/en/cache-website-nginx-fastcgi-centos-7-php-fpm/ "FastCGI-Cache is currently considered the most efficient way to implement a...
  5. johannes

    How to download my backups without me starting the downloads

    A few monthes ago I did a comparison, find it attached, look for FTP column :)
  6. johannes

    Pure-FTP - how to see running config

    Hi, please is it possible to show the running config from pure-ftp on command line? I am not sure if my pureftp is running from /etc/rc.d/init.d/pure-ftpd (as it should be) or from /etc/pure-ftpd.conf Reason: I was blocked by my firewall limit with 600 connections to ftp, but in the...
  7. johannes

    Black Mondey - new WIFI flaw - all devices affected - decrypt WPA2 possible

    Black Monday - new WIFI flaw - all devices affected - decrypt WPA2 possible Vulnerability is in the Wi-Fi standard itself, not in WPA2. It concerns all WIFI devices, computers, mobil phones, routers, printers... --> read more here: https://www.wordfence.com/blog/2017/10/krack-and-roca/ ...
  8. johannes

    Developer Creates Rootkit That Hides in PHP Server Modules

    Just wanna share this new sec info https://www.bleepingcomputer.com/news/security/developer-creates-rootkit-that-hides-in-php-server-modules/ as I think it could be important for developers.
  9. johannes

    Is this kernel hole concerning CentOS ?

    Hi, exploit given, is this kernel hole dangerous for CentOs or our systems in any fasion? http://seclists.org/oss-sec/2016/q4/607 http://seclists.org/oss-sec/2016/q4/621 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c...
  10. johannes

    feed OpCache

    Hi there, does anybody knows a script or tool to initially feed opcache with all websites (e.g. /home dir/.. public_html)? I think i remember i saw this as a module in a cms or shop system, but cant remember where it was. I have a big new customer shop and want to speed it up from beginning...
  11. johannes

    Binary Webshell Through OPcache in PHP 7

    jfyi http://blog.gosecure.ca/2016/04/27/binary-webshell-through-opcache-in-php-7/
  12. johannes

    BIND DNSSEC - new DOS Vulnerability

    https://kb.isc.org/article/AA-01267 https://www.debian.org/security/2015/dsa-3304
  13. johannes

    pure-ftpd 1.0.39 remote denial of service in glob_()

    http://cxsecurity.com/issue/WLB-2015060101 Version 1.0.40 of pure-FTPd fixes a potential denial of service issue.
  14. johannes

    how to show email accounts with max used space

    Hello Alex, hmm thats strange. In DA it shows correctly the 2 big mailboxes with together about 1gb, but with 0 in the script output, please see att. screenshots. Andrea told me he would take a look into this a little bit later, i will hold you updated what is coming out.
  15. johannes

    how to show email accounts with max used space

    Hi, i`m sorry if i did not found this in the forum, maybe its here and someone can direct me. I need to know which emailaccounts for one given user are using the most space. Example: i have 1 user with 300mb, 30 domains and he has some 50 emailaccounts and cant remember wich one is using all...
  16. johannes

    Search combination opcode and filecache

    Search combination opcode and filecache - SOLVED Hi, i`m searching a senseful combination of opcode and filecache for a development server with CentOS 6.6, Php 5.4.40 (mod_php, php-fpm) and ZendLoader. eAccelerator doesnt work with php5.4, APC is EOL, opCache doesnt work with Zendloader, and...
  17. johannes

    SSL is dead, what now

    I got today this newsletterinfo from my CERT: SSL Is Officially Declared Dead --------------------------------------------- On January 30, 2015, QSAs received the latest edition of the Council's Assessor Newsletter. Buried in that edition was the following statement. "The impacting change is...
  18. johannes

    Offtopic - German Surveillance Trojan Finfisher leaked

    JFYI: https://wikileaks.org/spyfiles4/ https://wikileaks.org/spyfiles4/documents.html
  19. johannes

    freshclam as service - why

    why is freshclam running as service, wouldnt it be enough to call daily per cron? if yes, where do i can configure it? thx
  20. johannes

    DA-login for Subdomainaccount

    Hi, how is it possible to create an own DA-login for the subdomain from an existing domain, which belongs to another user. example: user A have domainA, here lets make a subdomain sub.domainA --> now lets give another new user B an own DA-account for subdomainA - how to? Thank you
Top