Directadmin – instal imagick (ImageMagick PHP module) with pecl – multi php

It’s amazingly simple. If you have multi PHP instances installed, go to bin directory of the one for which you want to install imagick module. In this example, I’ll install it on php version 7.3. This is CentOS 7 with Directadmin. You don’t need custombuild in this procedure.

Go to PHP bin directory:
[root@wutang4eva ~]# cd /usr/local/php73/bin/

Then just install imagick module likeå this:
[root@wutang4eva bin]# ./pecl install imagick

If php_ini is not set, then add extension to your php.ini manualy:
Add extension=imagick.so to /usr/local/php73/lib/php.ini

Restart php-fpm for php version - if you are using fpm of coruse:
systemctl restart php-fpm73.service

Check if imagick is installed:
[root@wutang4eva bin]# ./php73 -m | grep imag
imagick

If you want on other PHP versions, just do the same for each version you need imagick on.

I hope this helps.

Mac OSX/MacBook Pro – sound on headphones stops working. How to fix

This one is a little different and somehow weird. For some time now, I noticed that without obvious reason, my headphones stopped working on my MacBook Pro. If I switched to other sound output (internal speakers …), sound worked fine. After that I usually rebooted my laptop what became really annoying.

Then Dalibor showed me trick. Just open your Activity Monitor and find process “coreaudiod”. Select it and click on X mark on top left corner of the window. This will kill this process. Process will automatically start again. This should fix your issue.

Invalid characters in mail autoresponder/vacation messages – DirectAdmin

One client complained about invalid characters that customers was getting on clients mail autoreply message. Because of special characters, mail was wrongly formated. When I try and enter correct text in autoresponder form, when save and opened again, wrong characters were shown.

This is simple to solve. You have to set correct encoding for Directadmin theme that is used. In my case, default “enhanced” theme was used so I edited accordingly:

vi /usr/local/directadmin/data/skins/enhanced/lang/en/lf_standard.html

Then find variable “LANG_ENCODING” and correct it to your needs. In my case:

LANG_ENCODING=UTF-8

Block wp-login and xmlrpc brute force attacks with CSF / cPanel

Another great counter attack to “flooders” on your WordPress installations. This time with CSF firewall. I had massive brute force attacks on WordPress installations on some cPanel server which were causing very high server loads.  Here is great way to block abusers with CSF firewall. Here is how.

First, create custom log from which CSF will be able to search for wp-login.php and xmlrpc.php requests. Edit your /etc/csf/csf.conf like bellow:

CUSTOM2_LOG = "/var/log/apache2/domlogs/*/*"

Because majority of those attacks are from some very well known country’s that are causing problems, you may want to white list country’s from which users shouldn’t be blocked. Add list of white list country’s in CC_IGNORE.

Then you must create custom functions for CSF so it will be able to block those attacks. Add this to your /usr/local/csf/bin/regex.custom.pm file. If it’s not there, create one. Then add this:

# XMLRPC
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET|POST) \/xmlrpc\.php.*" /)) {
return ("WP XMLPRC Attack",$1,"XMLRPC","5","80,443","1");
}

# WP-LOGINS
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET|POST) \/wp-login\.php.*" /)) {
return ("WP Login Attack",$1,"WPLOGIN","5","80,443","1");
}

Restart CSF and check if LFD is doing his new job. On success you should see something like this:

May 10 11:33:16 cp lfd[589350]: (WPLOGIN) WP Login Attack 4.4.4.4 (PL/Poland/s1.hekko.net.pl): 5 in the last 600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]
May 10 11:33:36 cp lfd[589587]: (WPLOGIN) WP Login Attack 5.5.5.5 (TR/Turkey/5.5.5.5.linuxhosting.com.tr): 5 in the last 600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]
May 10 11:34:24 cp lfd[590012]: (WPLOGIN) WP Login Attack 6.6.6.6 (DE/Germany/static.6.6.6.6.clients.your-server.de): 5 in the last 600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]83247]: (WPLOGIN) WP Login Attack 7.7.7.7 (VN/Vietnam/-): 5 in the last 600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]
...

Requests for ignored country’s should look like this:

May 10 11:45:36 cp lfd[591718]: WP Login Attack 1.1.1.1 - ignored
May 10 11:45:41 cp lfd[591718]: WP Login Attack 2.2.2.2 - ignored
...

I hope this helps. 🙂

Directadmin – Process failed (1) when writing error message to your@mail.com (frozen)

User complained about not being able to receive error messages from remote mail servers. When he sent to this email address from Gmail, error message return, but when he tried from Directadmin server, no error message arrived in inbox. I could see those messages in Exim’s mail queue as frozen.

In Exim mail log, this error was shown:

Process failed (1) when writing error message to your@mail.com (frozen)

After a while of digging online, I’ve found out that BlockCracking is causing this problem. We had BlockCracking version 1.8 which was apparently version with this issue. You’ll have to upgrade BlockCracking to version 1.10 or newer. Just go to your Directadmin’s custombuild directory, then follow this steps:

./build exim
./build dovecot_conf
./build spamassassin
./build blockcracking
./build update
./build exim_conf

After that, error messages should arrive in your inbox.

Postfix – OpenDKIM not signing outgoing email (not authenticated)

I had this weird issue. On CentOS 7 I set up mail server with Postfix, Dovecot, ClamAV, rspamd and OpenDKIM. Everything was working fine except all of my outgoing emails weren’t signed by DKIM.

In mail log this message was shown:

...
Mar 2 14:02:16 vps opendkim[10810]: 6FD942E30BB: not authenticated
Mar 2 14:02:16 vps opendkim[10810]: 6FD942E30BB: no signature data
...

After a lot of trying different configs an options, I googled answer on this forum. Apparently, opendkim thought that user wasn’t authenticated, but in reality, it was. This was due to Postfix configuration. There was missing milter macro. I added {auth_type} macro to milter_mail_macros. Then restarted Opendkim and Postfix and it started to work properly.

Now my postfix configuration (main.cf) for milters looks like this:

milter_protocol = 6
milter_default_action = accept
milter_connect_macros = j {daemon_name} v {if_name} _
milter_mail_macros="i {mail_addr} {client_addr} {client_name} {auth_type} {auth_authen}"
smtpd_milters = inet:localhost:11332 inet:localhost:8891 unix:/var/spool/postfix/clamav/clamav-milter.socket
non_smtpd_milters = $smtpd_milters

And emails are getting signed correctly:

...
Mar 2 14:15:56 vps opendkim[11513]: 8C5213E36D: DKIM-Signature field added (s=mail, d=domain.com)
...

CSF – whitelist user from SMTP_BLOCK

CSF features great option SMTP_BLOCK which block outgoing SMTP for all users except root, exim and mailman. I had a problem with one user which was using MailChimp as mass mailing within their application. Because of SMTP_BLOCK it wasn’t working. Disabling SMTP_BLOCK globally is not recommended, you can white list users for which you would like to allow sending.

Go to your CSF settings and find SMTP_ALLOWUSER. Then add user which should be allowed (users separated with coma). Don’t forget to restart CSF.

Disable OPcache for specific PHP script. Exclude from OPcache.

Sometimes accelerating with opcache can cause some problems with your application scripts. In those cases, when your script shouldn’t be accelerated, you can specify those scripts with opcache’s blacklist which will exclude this files from acceleration. Example bellow is done on CentOS 7.

First, find configuration file for your opcache php extension. You can do something like this:

[root@meow php.d]# php -i | grep opcache | grep ini
Additional .ini files parsed => /etc/php.d/10-opcache.ini,

Open 10-opcache.ini and you should see something like bellow. Path to opcache’s blacklist file.

; The location of the OPcache blacklist file (wildcards allowed).
; Each OPcache blacklist file is a text file that holds the names of files
; that should not be accelerated.
opcache.blacklist_filename=/etc/php.d/opcache*.blacklist

Close 10-opcache.ini and open file named opcache-default.blacklist which should be in same directory. If not, create one. This file will contain a list of php scripts which should be ignored by opcache. 

[root@meow php.d]# cat opcache-default.blacklist
; The blacklist file is a text file that holds the names of files
; that should not be accelerated. The file format is to add each filename
/path/to/ignored/script/ignoreThis.php
/path/to/another/ignored/script/ignoreThisToo.php
...

cPanel email problem – (13): Permission denied: failed to chdir to /home/username

I had this weird issue on one of our production cpanel servers where user’s email stopped working without any reason. Only error that was available was:

T=dovecot_virtual_delivery defer (13): Permission denied: failed to chdir to /home/username

From time to time users document root permissions were set to user nobody and execution privileges were removed. Because of this, email wasn’t working and I couldn’t find out why.

After a lot of headache I googled across this thread. Permissions were altered by cPanel’s File Protect. Somehow file protect recognized this accounts permissions weren’t right. After checking in users account, there was sub-domain created for which document root was set to “/”. This is not valid document root, and because of this, file protect altered users permissions.

I changed document root for this sub-domain and problem was solved. You should also correct user’s permissions on document root after fixing issue with file protect:

chmod +x /home/username
chown username:username /home/username

You should make sure that user accounts permissions are absolutely correct.

Hope this saves some sleep 🙂

© 2019 geegkytuts.net
Hosted by Hosterdam


About author