cPanel: Your server does not support the connection encryption type you have specified

If you’re getting message like “Your server does not support the connection encryption type you have specified” when try to set up email in your Outlook, then chances are that your cPanel mail server has disabled some needed encryption types.

By default, cPanel disables all those protocols: SSLv2, SSLv3, TLSv1, TLSv1.1. SSL2 and SSL3 should be disabled at all costs, but you may not get away with TLS 1.1 or even TLS 1 being disabled.

To enable TLS 1 and TLS 1.1 in your Exim, login as admin in your cpanel and then: Home -> Service Configuration -> Exim Configuration Manager. Select second option so you can insert your own directives and add this:

 +no_sslv2 +no_sslv3

WordPress returning 404 Error on all subpages

In this case I used NGINX as reverse proxy for ssl offloading in front of Apache. On this WordPress installation I was getting 404 on all subpages. Htaccess syntax was correct as it was nginx configuration. In this case, problem was caused because of missing “AllowOverride” Apache directive which didn’t allow htaccess to be processed. I added “AllowOverride ALL” in apache configuration for this virtual host. Subpages started to work.

Example:

<VirtualHost *:8080>
DocumentRoot /var/www/mysite.com/
ServerName mysite.com
ServerAlias www.mysite.com

<Directory "/var/www/mysite.com/">
AllowOverride All
</Directory>
</VirtualHost>

WordPress: Too Many Redirects Issue when NGINX reverse proxy to Apache

I installed NGINX and put it in front of Apache for SSL offloading and caching static content. Traffic is proxied from Nginx to Apache.  When I tried to open site via https, it returned this painful error “Too Many Redirects”.

Try to add this in your wp-config.php – if you have everything else configured correctly, it should work:

$_SERVER['HTTPS'] = 'On';

MySQL/MariaDB – [ERROR] Plugin InnoDB registration as a STORAGE ENGINE failed error

I was migrating server and rsync all databases to new mariadb server. When tried to start mariadb on new server, I was getting this error:

Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' init function returned error.
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [Note] Plugin 'FEEDBACK' is disabled.
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Unknown/unsupported storage engine: InnoDB
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Aborting

Solution is to generate new ib_logfile0 and ib_logfile1 files. Just try steps bellow.

[root@lol ~]# cd /var/lib/mysql
[root@lol mysql]# mv ib_logfile0 ib_logfile0-backup 
[root@lol mysql]# mv ib_logfile1 ib_logfile1-backup
[root@lol mysql]# systemctl start mysql
[root@lol mysql]# mysql
Welcome to the MariaDB monitor.

It should work.

Pure-FTPd: install valid SSL certificate / solve untrusted localhost certificate problem on CentOS 7

If you installed Pure-FTPD on your CentOS 7 machine and trying to install SSL certificate on it, chances are that you added your pem file to “/etc/ssl/private/”. I installed valid certificate in this directory and still getting untrusted warning for localhost certificate. Later, I found out that this path is wrong and self signed certificate was being used. Right path on CentOS 7 is “/etc/pki/pure-ftpd/”.

Here is how to do it right on Centos.

  • Create pem certificate that contains your key, crt and intermediate all in one file – pure-ftpd.pem
  • Move this certificate to /etc/pki/pure-ftpd/ as this is the right directory on CentOS.
  • In your pure-ftpd.conf, set TLS to 2.
  • Enable PassivePortRange from 30000 – 65000.
  • Restart pure-ftpd.

It should work.

Directadmin – Proxy Error: DNS lookup failure for php-fpm56 …

If you changed php handler for your Directadmin installation to php-fpm, rewrite all configs and then get error like this:

Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /index.php.
Reason: DNS lookup failure for: php-fpm56.domainname

It is almost certainly that apache templates that are used for generating user http configuration files are wrong. Probably you have custom templates.

Go to /usr/local/directadmin/data/templates/custom and check if there are files like files virtual_host2.conf … . If they are, just rename custom directory to something new:

[root@lol ~]# cd /usr/local/directadmin/data/templates/
[root@lol templates]# mv custom custom-bak

Directadmin will then use default templates when creating new Apache configs. Rewrite your apache config files:

[root@lol ~]#  cd /usr/local/directadmin/custombuild
[root@lol custombuild]# ./build rewrite_confs

It should solve the problem. Also, make sure that php-fpm for all php versions are working.

SFTP: Command failed

If you try to connect via SFTP with some FTP/SFTP client and you are getting error “Command failed”, you’re sftp-server path in sshd_conf is wrong.

Open your sshd_config file and edit sftp-server path accordingly to your OS.

Ubuntu:

Subsystem sftp  /usr/lib/openssh/sftp-server

CentOS:

Subsystem sftp /usr/libexec/openssh/sftp-server

Restart your ssh and it should work.

Linux: restore all system permissions of your server

If you ever found your self in situation when you accidentally overwrite all permissions of your system, and everything stops working, then solution bellow may do the trick. This CentOS server was overwritten by wrong permissions through the whole system. Quick solution is to set up right permissions back. If you have backup of server that’s great. Otherwise you’ll have to set up new server with similar installation or do this on some other server with similar installation.

On “new” server, copy permissions of the whole system and save it to a file. You can also exclude dirs that you don’t need also.

find / -not -path "/proc*" -not -path "/dev*" -not -path "/sys*" -not -path "/var/www*" -exec stat -c "chmod %a %n;" {} \; > permissions.txt

On your “broken” server, rewrite all permissions:

cat permissions.txt | bash

RoundCube: Could not save new password. Connection error. Recv failure: Connection reset by peer

If you’re having trouble when try to change your email password in Roundcube on your Directadmin installation, than error will be probably something like this:

Could not save new password. Connection error. Recv failure: Connection reset by peer

Solution is simple. Just open Roundcube configuration file (/var/www/html/roundcube/plugins/password/config.inc.php) and find:

$rcmail_config['password_directadmin_host'] = 'tls://localhost';

then, change it to:

$rcmail_config['password_directadmin_host'] = 'ssl://localhost';

It should work.

Create and password protect/encrypt zip archive from command line / stored 0% message

When sending zip archives that contains risky/secure content, you should always encrypt and password protect them. Especially when sending them to clients via email, Dropbox or some other public sharing method. To do that on Linux is very simple. You can do it with commands bellow. When executed you’ll be prompted to enter password.

When adding file, just do this:

zip --encrypt myarchive.zip myfile.txt

But when adding directory with subdirectorys and files, than you should always include “-r” flag to tell zip to use recursion. Otherwise you’ll end up with empty directory and see message like this “adding: behaviour.exchange/ (stored 0%)”

To add directory recursively:

zip --encrypt -r myarchive.zip mydir/

 

© 2018 geegkytuts.net
Hosted by Hosterdam


About author