[tools] update.script
- Thread starter @how@
- Start date
SeLLeRoNe
Super Moderator
Hi man,
update clamav worked on debian without problem.
Im now passing to CentOS 5.5 64Bit and is working quite fine.
Just a thing, when i add clamav php mod the directadmin become very slow, does it happend to you too?
and, for best practice, what do you think are the MUST-INSTALL things on your script?
For now im using:
clamav
proftpd with clam mod
suhosin
eaccelerator
nobody check
mrtg
spamassassin
my doubt are about:
mailscanner (i already use spamblocker4)
mod_security
mod_antiloris
mod_evasive
php-modclam
apache-modclam
So, what about those are very nice and usefull to install for best security/speed/less spam?
Thanks in advance
update clamav worked on debian without problem.
Im now passing to CentOS 5.5 64Bit and is working quite fine.
Just a thing, when i add clamav php mod the directadmin become very slow, does it happend to you too?
and, for best practice, what do you think are the MUST-INSTALL things on your script?
For now im using:
clamav
proftpd with clam mod
suhosin
eaccelerator
nobody check
mrtg
spamassassin
my doubt are about:
mailscanner (i already use spamblocker4)
mod_security
mod_antiloris
mod_evasive
php-modclam
apache-modclam
So, what about those are very nice and usefull to install for best security/speed/less spam?
Thanks in advance
@how@
Verified User
i dont use clamav php cuz i dont have uplaoding site, mailscanner i think no need to install it, spam blocker work fine.
clean tmp folder from mod_security files daily if you have big site.
recommended:
clamav
proftpd with clam mod
suhosin
eaccelerator
nobody check
mrtg
spamassassin
mod_security
option:
mod_antiloris
mod_evasive
Wael
clean tmp folder from mod_security files daily if you have big site.
recommended:
clamav
proftpd with clam mod
suhosin
eaccelerator
nobody check
mrtg
spamassassin
mod_security
option:
mod_antiloris
mod_evasive
Wael
SeLLeRoNe
Super Moderator
thanks a lot,
just a fix for you, after installation on 64bit i made the http-include change as required and on restart i had this:
ive noticed that that lib was in /usr/local/lib/ and not in /usr/lib64/ so ive wrote in http-include the right path.
regards
just a fix for you, after installation on 64bit i made the http-include change as required and on restart i had this:
Code:
>/etc/init.d/httpd restart
Interruzione di httpd: [ OK ]
Avvio di httpd: httpd: Syntax error on line 168 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf/extra/httpd-includes.conf: Cannot load /usr/lib64/libxml2.so into server: /usr/lib64/libxml2.so: cannot open shared object file: No such file or directoryive noticed that that lib was in /usr/local/lib/ and not in /usr/lib64/ so ive wrote in http-include the right path.
regards
@how@
Verified User
SeLLeRoNe
Super Moderator
your right but some non-expert people should dont think to find out the name and change into the include-http
suggesto to correct the guild-line
suggesto to correct the guild-line
@how@
Verified User
i add "/usr/lib64/libxml2.so.2" 2nd line if there is no /usr/lib64/libxml2.so
SeLLeRoNe
Super Moderator
Hi Wael,
im facing a problem, ive noticed is a "know problem" and i found a fix but doesnt merge my needs.
i use to forward all wemail.DOMAIN to /var/www/html/webmail so my webmail urls arent domain/webmail but webmail.domain/
Ive tryed to add a rule in mod_security like this
but is not working...
the correct one ive found here on the forum solving the problem on domain/webmail is this one:
Have any suggestio to point me to the right direction?
Thanks
im facing a problem, ive noticed is a "know problem" and i found a fix but doesnt merge my needs.
i use to forward all wemail.DOMAIN to /var/www/html/webmail so my webmail urls arent domain/webmail but webmail.domain/
Ive tryed to add a rule in mod_security like this
Code:
#Rule to allow Roundcube html2text
SecRule REQUEST_FILENAME "/bin/html2text.php" \
"allow,phase:1,nolog,ctl:ruleEngine=Off"
#Rule to allow Roundcube to forward imbedded images and exclude from compression scanning
<LocationMatch 'webmail.*/'>
SecRuleRemoveById 950004,950019,960903
</LocationMatch>but is not working...
the correct one ive found here on the forum solving the problem on domain/webmail is this one:
Code:
#Rule to allow Roundcube html2text
SecRule REQUEST_FILENAME "/roundcube/bin/html2text.php" \
"allow,phase:1,nolog,ctl:ruleEngine=Off"
#Rule to allow Roundcube to forward imbedded images and exclude from compression scanning
<LocationMatch '^/roundcube/'>
SecRuleRemoveById 950004,950019,960903
</LocationMatch>Have any suggestio to point me to the right direction?
Thanks
SeLLeRoNe
Super Moderator
try to redownload...
Code:
cd /usr/local/updatescript
rm -rf *
wget http://tools.web4host.net/update.script
chmod 755 update.script@how@
Verified User
SeLLeRoNe
Super Moderator
ok, so how should i create a rule for webmail?
i try to install mod_clamav but have this error
1) Starting httpd: httpd: Syntax error on line 19 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/apache/mod_clamav.so into server: libclamav.so.6: cannot open shared object file: No such file or directory
2) After I install Proftpd with mod_clamav, how do i know it is working. Where the virus detection logs? I try upload it and still the eicar file go through
1) Starting httpd: httpd: Syntax error on line 19 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/apache/mod_clamav.so into server: libclamav.so.6: cannot open shared object file: No such file or directory
2) After I install Proftpd with mod_clamav, how do i know it is working. Where the virus detection logs? I try upload it and still the eicar file go through
SeLLeRoNe
Super Moderator
find / -name mod_clamav.so
when you find where is that mod do
nano /etc/httpd/conf/httpd.conf
and edit the path of the mod with the correct one
nano /etc/proftpd.conf
and search if <IfModule mod_clamav.c>
is present, if not add after <Global> the following
<IfModule mod_clamav.c>
ClamAV on
ClamServer localhost
ClamPort 3310
ClamMaxSize 5 Mb
</IfModule>
Save, exit, restart proftpd.
The messages of virus found prolly will be in this file:
/var/log/proftpd/access.log
Regards
[root@get05 ~]# find / -name mod_clamav.so
/usr/lib/apache/mod_clamav.so
the path is correct and still giving problem
[root@get05 ~]# proftpd -vv
ProFTPD Version: 1.3.3c (maint)
Scoreboard Version: 01040003
Built: Thu Dec 9 2010 04:47:30 MST
Loaded modules:
mod_cap/1.0
mod_readme.c
mod_ratio/3.3
mod_ident/1.0
mod_facts/0.1
mod_delay/0.6
mod_site.c
mod_log.c
mod_ls.c
mod_auth.c
mod_auth_file/0.8.3
mod_auth_unix.c
mod_xfer.c
mod_core.c
i follow the instructions and not seen mod_clamav
SeLLeRoNe
Super Moderator
check if you got libclamav.so.6 on your system.
regarding proftpd mine is:
im using the update.script proftpd with clamav mod, seems that you are using the directadmin version one, thats why you dont have the mod
do:
So you will have same update version as mine.
By the way, ive tested mod_clam on http and website become very slow, so, i suggest you to dont use that mod.
Regards
regarding proftpd mine is:
Code:
>/usr/sbin/proftpd -vv
ProFTPD Version: 1.3.4rc1 (devel)
Scoreboard Version: 01040003
Built: dom dic 19 2010 14:27:50 CET
Loaded modules:
mod_cap/1.0
mod_qos/0.1
mod_deflate/0.5.4
mod_copy/0.2
mod_clamav.c
mod_wrap2_file/1.2
mod_wrap2/2.0.6
mod_wrap/1.2.3
mod_readme.c
mod_ratio/3.3
mod_ident/1.0
mod_facts/0.1
mod_delay/0.6
mod_site.c
mod_log.c
mod_ls.c
mod_auth.c
mod_auth_file/0.8.3
mod_auth_unix.c
mod_xfer.c
mod_core.cim using the update.script proftpd with clamav mod, seems that you are using the directadmin version one, thats why you dont have the mod
do:
Code:
cd /usr/local/updatescript/
./update.script UPDATEME
./update.script PROFTPMODCLAMAVSo you will have same update version as mine.
By the way, ive tested mod_clam on http and website become very slow, so, i suggest you to dont use that mod.
Regards
SeLLeRoNe
Super Moderator
prolly yes aswell...
btw, ive tested the update.script on a debian box, and it install the 1.3.3c without mod_clamav while on a centos box install the 1.3.4rc1 with clam mod without problem.
what os are you using?
btw, ive tested the update.script on a debian box, and it install the 1.3.3c without mod_clamav while on a centos box install the 1.3.4rc1 with clam mod without problem.
what os are you using?