Uncategorized – Sérgio Henriques

Send A Welcome Email For Creating Maildir

When you create a new email account and try to fetch emails from it (with POP3/IMAP) you will probably get error messages saying that the Maildir doesn’t exist. The Maildir is created automatically when the first email arrives for the new account. Therefore it’s a good idea to send a welcome email to a new account.

First, we install the mailx package:

yum install mailx

To send a welcome email to sales@example.com, we do this:

mailx sales@example.com

You will be prompted for the subject. Type in the subject (e.g. Welcome), then press ENTER, and in the next line type your message. When the message is finished, press ENTER again so that you are in a new line, then press CTRL+D:

[root@server1 ~]# mailx sales@example.com
Subject: Welcome <-- ENTER
Welcome! Have fun with your new mail account. <-- ENTER
<-- CTRL+D
EOT
[root@server1 ~]#

Published by Sérgio on Setembro 2, 2019 | Permalink

Lets Encrypt: comandos certbot

Para gerar certificados uso este

$ sudo /path/to/certbot-auto --apache certonly

É possível consultar a lista de certificados existentes

$ sudo /path/to/certbot-auto certificates

Para eliminar um certificado que já expirou (por ex. para um domínio que já não é utilizado)

$ sudo /path/to/certbot-auto delete --cert-name MyDomain

Published by Sérgio on Fevereiro 18, 2019 | Permalink

Delete spam messages from sendmail queue

One website was hacked and was being used to send spam emails. Sendmail was making the server to halt because of high load!

After cleaning up the site and installing a Malware detector (maldet) I had to delete the messages from the sendmail queue so the server didnt kept getting a high load.

I created this simple bash script to work it out. Obviously you need to uncomment the rm command to make it work.

#!/bin/bash

ls -1 | while read fn
do
 if grep -E -q "Wrestling|Asian|pharma|sucking|masturbates|bondage|medic|experience|antidote|poison|presence|jerking|blowjob|boobies|mature|teen|loaded|virgin|noblefox.net|dong|hungers|brainwashing|heartfelt|slave|russian|mistress" "$fn"
 then
   if [[ "$fn" != "remove.sh" ]]
   then
     echo "would delete $fn"
     # rm $fn
   fi
 fi
done

Published by Sérgio on Fevereiro 10, 2017 | Permalink

Atualizar ICU para o php-intl no CentOS

I chose to install the latest version for CentOS 5 available on http://site.icu-project.org.

make sure we have the developer packages needed for procedure

# yum -y install php-devel php-pear

download and unpackage tar which code for relevant ICU lib version

# mkdir src
# cd src/
# wget http://download.icu-project.org/files/icu4c/58.1/icu4c-58_1-src.tgz
# tar zxf icu4c-58_1-src.tgz

build and install the library into /opt/icu4c-58_1

# cd icu/source/
# ./configure --prefix /opt/icu4c-58_1 && make && make install

build and install the php-intl version
enter /opt/icu4c-58_1 at prompt for ICU library location

# pecl install intl
# ldconfig

add an ini file wity contents: extension=intl.so

# vi /etc/php.d/intl.ini

you can now check to see if it’s loaded

# php -i | grep intl

restart the apache web server and you’re good to go

# service httpd restart

Published by Sérgio on Novembro 10, 2016 | Permalink

Lista de IPs públicos hosts PT

Major IP Address Blocks For Portugal (http://www.nirsoft.net/countryip/pt_total.html)

Calculadora de CIDR

Published by Sérgio on Outubro 26, 2015 | Permalink

CentOS 5: upgrade MySQL 5.0 to 5.5

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/ch-Migrating_from_MySQL_5.0_to_MySQL_5.5.html#ex-dump-restore_ugrading

Published by Sérgio on Outubro 19, 2015 | Permalink

MySQL fails to start

[ERROR] Fatal error: Can't open and lock privilege tables: Table 'host' is marked as crashed and last (automatic?) repair failed

MySQL 4.1.22 não arrancava… a tabela host, db, user estava marcada como danificada.

– Instalar uma versão nova

– na instalação atual renomear os ficheiros das tabelas (ex. host.frm, host.MYD, host.MYI p/ host_.frm, host_.MYD, host_.MYI)

– copiar os ficheiros das tabelas da versão nova para o local da danificada

– iniciar o servidor MySQL

– aceder ao MySQL administrator e reparar as tabelas renomeadas

– desligar o servidor MySQL

– remover as tabelas copiadas

– renomear as tabelas originais para o nome original (ex. host_.frm, host_.MYD, host_.MYI p/ host.frm, host.MYD, host.MYI)

– iniciar o servidor MySQL

– reparar todas as base de dados/tabelas

mysqlcheck -u root -p -o -c --auto-repair --all-databases

Eventualmente pode também ser necessário alterar as definições do MySQL (my.ini) para incluir a opção innodb_force_recovery = 1. Mais info aqui: http://dev.mysql.com/doc/refman/4.1/en/forcing-innodb-recovery.html

Published by Sérgio on Agosto 25, 2014 | Permalink

Bloquear bots no Apache

Code:

#Joomla com_jce exploit
SecRule HTTP_User-Agent "BOT for JCE" "deny,status:500,id:5000218,msg:'Joomla com_jce code exec'"

#Joomla com_jce exploit
SecRule REQUEST_URI "/images/stories/.+\.php" "deny,status:500,id:5000219,msg:'Joomla com_jce code exec'"

The first blocks the user agent. That exploit puts PHP files into site.com/images/stories/something.php if it is successful, so the 2nd rule blocks access to those in case they change user agent.

Even with the .htaccess or this first rule, you should still use the 2nd rule. Changing user agents is very simple.

Outra sugestão:

https://github.com/bluedragonz/bad-bot-blocker

Published by Sérgio on Janeiro 29, 2014 | Permalink

ModSecurity: No action id present within the rule quando se utiliza whitelist por IP

A resolução está aqui: http://cpanel.net/modsecurity-changes/

Quando tiver tempo faço o artigo…

Published by Sérgio on Janeiro 1, 2013 | Permalink

Instalar drivers da placa rede Intel X520-T2 no CentOs

O driver para a placa Intel X520-T2 é o ixgbe. Para instalar este driver é necessário ter um CentOs com a kernel 2.6

Driver aqui:
http://downloadcenter.intel.com/SearchResult.aspx?lang=eng&ProductFamily=Network+Connectivity&ProductLine=Intel%C2%AE+Server+Adapters&ProductProduct=Intel%C2%AE+Ethernet+Server+Adapter+X520-T2

Instruções de instalação:
http://www.intel.com/support/network/adapter/pro100/sb/CS-032530.htm

Listar todos os dispositivos PCI:

# lspci
...
0d:00.0 Ethernet controller: Intel Corporation Unknown device 151c (rev 01)
0d:00.1 Ethernet controller: Intel Corporation Unknown device 151c (rev 01)
...

Neste exemplo a placa foi reconhecida como Ethernet controller: Intel Corporation Unknown device 151c (rev 01). Isto acontece porque a placa não está na base de dados de pci-id.

/usr/share/hwdata/pci.ids ficheiro com a lista de todos os ID’s conhecidos utilizadas nos dispositivos PCI: ID’s dos fornecedores, dispositivo, subsistemas e classes de dispositivos. Para atualizar esta base de dados basta executar na shell:

# update-pciids

Listar novamente todos os dispositivos PCI:

# lspci
...
0d:00.0 Ethernet controller: Intel Corporation 82599EB 10 Gigabit TN Network Connection (rev 01)
0d:00.1 Ethernet controller: Intel Corporation 82599EB 10 Gigabit TN Network Connection (rev 01)
...

Published by Sérgio on Outubro 22, 2012 | Permalink