By:
On:
In: General
With: 0 Comments

Do you see this error in your mail.log? “Please contact your Internet service provider since part of their network is on our block list (AS3140)” Go to this website to request Outlook team to remove your IP from their blocked list. https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0&wfname=capsub&productkey=edfsmsbl3&locale=en-us&ccsid=635611717755428181Read More →

By:
On:
In: General, Linux
With: 0 Comments

Web/Mail/Database can use the same certificate to allow its client to connect to the server. Postfix: postconf -e smtpd_tls_cert_file=’/etc/pki/tls/certs/cert.pem’ postconf -e smtpd_tls_key_file=’/etc/pki/tls/private/privkey.pem’ postconf -e smtpd_tls_CAfile=’/etc/pki/tls/certs/fullchain.pem’ Dovecot (POP3/IMAP server) SSL certificate settings are defined in Dovecot main config file, /etc/dovecot/dovecot.conf (Linux/OpenBSD) or /usr/local/etc/dovecot/dovecot.conf (FreeBSD): ssl = required ssl_cert = server.chained.crt Then update ssl_certificate parameter in /etc/nginx/conf.d/default.conf: ssl_certificate /etc/pki/tls/certs/server.chained.crt; Restarting Nginx service is required. MySQL, MariaDB If MySQL/MariaDB is listening on localhost and not accessible from external network, this is OPTIONAL. On Red Hat and CentOS, it’s defined in /etc/my.cnf On Debian and Ubuntu, it’s defined in /etc/mysql/my.cnf. Since Ubuntu 15.04, it’s defined in /etc/mysql/mariadb.conf.d/mysqld.cnf. On FreeBSD, it’s defined in /usr/local/etc/my.cnf. On OpenBSD, it’s defined in /etc/my.cnf. [mysqld] ssl-caRead More →

By:
On:
In: General
With: 0 Comments

Restrict User to FTP Only: A Guide for Enhanced Security and Access Control In any organization or server setup, securing user access is a critical component of maintaining data privacy, integrity, and overall system security. One common security measure is restricting users to only a specific service or protocol, such as FTP (File Transfer Protocol), to prevent unauthorized access to other parts of the system. If you are running an FTP server and need to ensure that a user has access to only FTP services, rather than providing full shell access to the system, this article will walk you through how to restrict a userRead More →

By:
On:
In: General, Linux
With: 0 Comments

NOTE: this is only if you can’t use apt to clean up due to a 100% full /boot Get the list of kernel images Get the list of kernel images and determine what you can do without. This command will show installed kernels except the currently running one $ sudo dpkg –list ‘linux-image*’|awk ‘{ if ($1==”ii”) print $2}’|grep -v uname -r You will get the list of images somethign like below: linux-image-3.19.0-25-generic linux-image-3.19.0-56-generic linux-image-3.19.0-58-generic linux-image-3.19.0-59-generic linux-image-3.19.0-61-generic linux-image-3.19.0-65-generic linux-image-extra-3.19.0-25-generic linux-image-extra-3.19.0-56-generic linux-image-extra-3.19.0-58-generic linux-image-extra-3.19.0-59-generic linux-image-extra-3.19.0-61-generic Prepare Delete Craft a command to delete all files in /boot for kernels that don’t matter to you using brace expansion to keepRead More →

By:
On:
In: General, Linux
With: 0 Comments

First of all, we need to order a certificate , this certificate is the same with normal web server certificate. The certificate will have 3 files: cert, key, cabundle. We use CentOS for example in below tutorial, please adjust the file to correct one on your server according to above description. Postfix (SMTP server) We can use postconf command to update SSL related settings directly: postconf -e smtpd_tls_cert_file=’/etc/pki/tls/certs/cert.pem’ postconf -e smtpd_tls_key_file=’/etc/pki/tls/private/privkey.pem’ postconf -e smtpd_tls_CAfile=’/etc/pki/tls/certs/fullchain.pem’ Restarting Postfix service is required. Dovecot (POP3/IMAP server) SSL certificate settings are defined in Dovecot main config file, /etc/dovecot/dovecot.conf (Linux/OpenBSD) or /usr/local/etc/dovecot/dovecot.conf (FreeBSD): ssl = required ssl_cert =Read More →