Search found 40 matches
- Sat Oct 12, 2013 3:07 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: MODSEC_00_RBL blocks everything
- Replies: 2
- Views: 5759
Re: MODSEC_00_RBL blocks everything
It was in an old post I read here a few weeks ago. Can't remeber if it was you who replied but it said something along the lines of you use it here and there were 2 other options you turn on as well. Anyways, I'll give it another try. Thanks.
- Sat Oct 12, 2013 3:00 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Do I need to set the right permission on that file because it would be owned by root now. Integrity checksum changed for: `/var/ossec/etc/decoder.xmlSize changed from `97114` to `97144Ownership was `0`, now it is `10001Group ownership was `0`, now it is `505What changed708c70< <program_name>^pop3d|^...
- Sat Oct 12, 2013 2:56 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Done. Do I need to set any options in that file or in the gui? Will it stop the login attempts for mail or ftp?
- Sat Oct 12, 2013 5:56 am
- Forum: PHP Help and Discussion
- Topic: PHP-FPM 5.4 - Init.d script is missing
- Replies: 6
- Views: 11510
Re: PHP-FPM 5.4 - Init.d script is missing
Ah ha! It's working now. Cool Thanks smonteiro. A question. Do I need to run fcgi if I'm using fpm now? Could I uninstall the fcgi module from plesk alltogether or turn off the apache module in plesk if I wanted to?
- Sat Oct 12, 2013 5:51 am
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Sorry, yes it has a time stamp and allthe rest of it. -pop3d: Disconnected, ip=[::ffff:87.103.211.11] Oct 12 03:45:50 server courier-pop3d: LOGIN FAILED, user=admin, ip=[::ffff:87.103.211.11] Oct 12 03:45:50 server courier-pop3d: authentication error: Input/output error Oct 12 03:45:50 server courie...
- Fri Oct 11, 2013 2:34 pm
- Forum: PHP Help and Discussion
- Topic: PHP-FPM 5.4 - Init.d script is missing
- Replies: 6
- Views: 11510
Re: PHP-FPM 5.4 - Init.d script is missing
Bling!
[root@www ~]# rpm -qf /etc/init.d/php-fpm
error: file /etc/init.d/php-fpm: No such file or directory
[root@www ~]# rpm -qf /etc/init.d/php-fpm
error: file /etc/init.d/php-fpm: No such file or directory
- Fri Oct 11, 2013 2:31 pm
- Forum: PHP Help and Discussion
- Topic: PHP-FPM 5.4 - Init.d script is missing
- Replies: 6
- Views: 11510
Re: PHP-FPM 5.4 - Init.d script is missing
I was just having the same prob with my centOS 5. It wouldn't let me uninstall it with yum either and was spitting out errors about a script or something. I had to remove it with rpm --noscipts. Reinstalled it and more errors. Can't start the service, says unrecognised. Same thing in plesk too. How ...
- Wed Sep 25, 2013 2:09 pm
- Forum: Atomicorp Modsecurity Rules Support
- Topic: MODSEC_00_RBL blocks everything
- Replies: 2
- Views: 5759
MODSEC_00_RBL blocks everything
When I enable MODSEC_00_RBL it blocks all traffic to the server and logs all IP's as spam listed. Am I doing something wrong? I looked in the wiki and it said MODSEC_00_RBL should be on,along with some associated rules.
- Wed Sep 25, 2013 1:56 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Ok thanks, so I'm going to do this with --exclude-dir=^/var/clamav/ included to stop the false positives. I guess the --exclude-dir=^/var/www/vhosts/.*/statistics/logs/ means scan everything under that dir except /statistics/logs/ ? nice -n 20 ionice -c 3 clamscan --exclude-dir=^/var/clamav/ --exclu...
- Wed Sep 25, 2013 12:39 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
I think that was it. I ran that command and it found about 10 false alarms: /var/clamav/ASL-securiteinfohtml.hdb: Atomicorp.Linux.Suspicious.Code.2011121313401.UNOFFICIAL FOUND /var/clamav/ASL-securiteinfoelf.hdb: Atomicorp.Linux.Suspicious.Code.2011121313401.UNOFFICIAL FOUND /var/clamav/ASL-securit...
- Tue Sep 24, 2013 4:31 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Nothing shows up in the asl gui about it, only in the http access logs.
- Tue Sep 24, 2013 4:28 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
Re: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
No http. It requests random pages from my domains. Like someone is searching from those 2 servers or something. Banning the the server IP's does nothing. Still says it's coming from the same place. I did have someone or something trying to brute force my email server the other day for about 2 hours ...
- Tue Sep 24, 2013 7:24 am
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
- Replies: 13
- Views: 15175
ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND
Hi peeps. I keep getting this crap in my access logs with clamscan so I banned the ip address of the blekko.com server and now I get this as well, ASL.SpamDomain.erolove.in.UNOFFICIAL FOUND and ASL.MalwareBlacklist.blekkoz.com.UNOFFICIAL FOUND. I tried to ban the IPs of the servers but it had no aff...
- Tue Mar 26, 2013 3:31 pm
- Forum: Control Panel Support Help
- Topic: Unable to Delete Client / Domain / Application
- Replies: 15
- Views: 17583
Re: Unable to Delete Client / Domain / Application
You can also goolge "plesk can't delete domains". There should be an answer.
- Tue Mar 26, 2013 3:27 pm
- Forum: Control Panel Support Help
- Topic: Unable to Delete Client / Domain / Application
- Replies: 15
- Views: 17583
Re: Unable to Delete Client / Domain / Application
You can go into the psa database and delete them manually. There is a table in there that holds all the domain info. That will/should work. You should probably upgrade plesk too. It's at version 11. blah.blah now. The plesk forums should help you too. Plesk will come in there and fix it for you if y...