Dev {Tricks}

You are here: Home / Archives for Server and Hosting / Web Control Panel

by

MariaDB Upgrade to the new version | CWP

 

    • Check installed MariaDB version on your server 
      rpm -qa|grep -i maria
    • MariaDB Repository Changes
      Modify repo file to the version you want to upgrade

      vi /etc/yum.repos.d/mariadb.repo
    • Output 
      [mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.2/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
enabled=1
    • Modify 10.2 with the version you want to upgrade
      Example for upgrade to MariaDB 10.5

      [mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
enabled=1
    • Stop and remove the old version of MariaDB (Databases will not be removed) 
      service mysql stop
service mariadb stop
systemctl disable mariadb
rpm --nodeps -ev MariaDB-server
  • Install the new version of MariaDB 
    yum clean all
yum -y update "MariaDB-*"
yum -y install MariaDB-server
systemctl enable mariadb
service mariadb start
mysql_upgrade
  • Check for the custom configuration 
    diff -Bw /etc/my.cnf.d/server.cnf.rpmsave /etc/my.cnf.d/server.cnf
  • Verify upgraded packages 
    rpm -qa|grep -i maria
  • That’s All

Yum repository list of the available versions
http://yum.mariadb.org/

by

How to Install Zip/Unzip

How to Install Zip/Unzip in Debian/Ubuntu/Mint

apt install zip
apt install unzip

How to Install Zip/Unzip in RedHa/CentOS/Fedora

dnf install zip
dnf install unzip

How to Install Zip/Unzip in Arch/Manjaro Linux

pacman -S zip
pacman -S unzip

How to Install Zip/Unzip in OpenSUSE

zypper install zip
zypper install unzip

 

by

Hardening Postfix For ISPConfig 3

Reverse DNS, (DNS PTR Record)

You can check your rdns with the command host:

host YOUE-IP

SPF For Your Domain (DNS TXT Record)

Copy the spf result, then go to ISPConfig -> dns -> zones ->click on your domain name -> click on records tab -> and click on TXT

Hostname -> example.com. (with dot at the end!)

Text -> Paste here the spf result

Example:

v=spf1 a mx ptr ip4:YOUR.IP.ADDRESS -all

Click on Save.

Postfix main.cf

Let’s add/change something to /etc/postfix/main.cf

Helo restrictions:

smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname

Strict rfc:

strict_rfc821_envelopes = yes

Clients restrictions:

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_client_hostname, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf

Recipient restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unknown_recipient_domain

Data restrictions:

smtpd_data_restrictions = reject_unauth_pipelining

Smtpd delay:

smtpd_delay_reject = yes

Reload postfix:

/etc/init.d/postfix reload

SPF Check For Postfix (Debian And Ubuntu)

Intstall spf package:

apt-get install postfix-policyd-spf-python

or

apt-get install postfix-policyd-spf-perl

Add this to /etc/postfix/main.cf :

policy-spf_time_limit = 3600s

and add check_policy_service unix:private/policy-spf at the end of smtpd_recipient_restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf

Now edit master.cf and add at the end this (for the python version):

policy-spf unix – n n – – spawn
user=nobody argv=/usr/bin/policyd-spf

or this for the perl version:

policy-spf unix – n n – – spawn
user=nobody argv=/usr/sbin/postfix-policyd-spf-perl

…reload postfix.

/etc/init.d/postfix reload

Greylist

Greylisting is a method of defending email users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the email will be accepted.

Installing postgrey (Debian, Ubuntu):

apt-get install postgrey

The configuration options are in /etc/default/postgrey ( default delay is 5 min).

Edit main.cf and add check_policy_service inet:127.0.0.1:10023 to the end of smtpd_recipient_restrictions:

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_unknown_recipient_domain, check_policy_service unix:private/policy-spf,check_policy_service inet:127.0.0.1:10023

…reload postfix:

/etc/init.d/postfix reload

DNSBL (DNS Based Blacklist/Blocklist)

by

ISPConfig Checklist

How to install ISPConfig 3

How to Update ISPConfig 3

Update Instructions

To install the latest ISPConfig update, run this command on the shell of the server as root user:

ispconfig_update.sh

The ISPConfig updater will then check for new releases and guide you through the update process.
A detailed update guide is available here