PHP 7.2.7 Release Announcement
The PHP development team announces the immediate availability of PHP 7.2.7. This is a primarily a bugfix release which includes a segfault fix for opcache.
PHP 7.2 users are encouraged to upgrade to this version.
DirectAdmin: Adding a DMARC record to help lower your spam score
What is DMARC?
DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.
Who Can Use DMARC?
DMARC policies are published in the public Domain Name System (DNS), and available to everyone. Because the specification is available with no licensing or similar restriction, any interested party is free to implement it.
Continue reading “DirectAdmin: Adding a DMARC record to help lower your spam score”
DirectAdmin 1.53.1 Release Candidate 1
Hello,
We’re pleased to announce the 1.53.1 release candidate for DirectAdmin:
Version: 1.53.1 RC1
All features and fixes are listed here:
https://www.directadmin.com/versions…rsion=1.531000
If you find any issues, please reply here with reports (rather than tickets or email, unless requested) to avoid duplicate reports.
The biggest new feature will be the LetsEncrypt wildcard certificates.
NOTE: To use it, you must enable dns_ttl=1 for per-record TTL settings, or else the LE Wildcard checkbox won’t show up.
If all goes well, the full/stable release is slated for June 26th.
To download this version, please grab the pre-release binaries:
https://help.directadmin.com/item.php?id=408
John
Failed to start Apply Kernel Variables
Hello
I’m running Debian 8 (Jessie).
Last week I updated the server and got an error:
● systemd-sysctl.service - Apply Kernel Variables
Loaded: loaded (/lib/systemd/system/systemd-sysctl.service; static)
Active: failed (Result: exit-code) since Thu 2018-06-07 17:47:02 EEST; 2min 1s ago
Docs: man:systemd-sysctl.service(8)
man:sysctl.d(5)
Process: 1907 ExecStart=/lib/systemd/systemd-sysctl (code=exited, status=1/FAILURE)
Main PID: 1907 (code=exited, status=1/FAILURE)
Jun 07 17:47:02 kvm1.prado.lt systemd[1]: systemd-sysctl.service: main process exited, code=exited, status=1/FAILURE
Jun 07 17:47:02 kvm1.prado.lt systemd[1]: Failed to start Apply Kernel Variables.
Jun 07 17:47:02 kvm1.prado.lt systemd[1]: Unit systemd-sysctl.service entered failed state.
then, I checked that the journald daemon has collected by using the journalctl command
journalctl -xn -- Logs begin at Thu 2018-04-19 01:13:40 EEST, end at Thu 2018-06-07 17:52:19 EEST. -- Jun 07 17:52:12 kvm1.prado.lt systemd-sysctl[2467]: Failed to write '262144' to '/proc/sys/vm/max_map_count': Permission denied Jun 07 17:52:12 kvm1.prado.lt systemd[1]: systemd-sysctl.service: main process exited, code=exited, status=1/FAILURE Jun 07 17:52:12 kvm1.prado.lt systemd[1]: Failed to start Apply Kernel Variables. -- Subject: Unit systemd-sysctl.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit systemd-sysctl.service has failed. -- -- The result is failed. Jun 07 17:52:12 kvm1.prado.lt systemd[1]: Unit systemd-sysctl.service entered failed state. Jun 07 17:52:19 kvm1.prado.lt systemd[1]: Starting Apply Kernel Variables... -- Subject: Unit systemd-sysctl.service has begun with start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit systemd-sysctl.service has begun starting up. Jun 07 17:52:19 kvm1.prado.lt systemd[1]: Failed to reset devices.list on /system.slice/systemd-sysctl.service: No such file or directory Jun 07 17:52:19 kvm1.prado.lt systemd-sysctl[2506]: Failed to write '262144' to '/proc/sys/vm/max_map_count': Permission denied Jun 07 17:52:19 kvm1.prado.lt systemd[1]: systemd-sysctl.service: main process exited, code=exited, status=1/FAILURE Jun 07 17:52:19 kvm1.prado.lt systemd[1]: Failed to start Apply Kernel Variables. -- Subject: Unit systemd-sysctl.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit systemd-sysctl.service has failed. -- -- The result is failed. Jun 07 17:52:19 kvm1.prado.lt systemd[1]: Unit systemd-sysctl.service entered failed state.
To load all configuration files manually, execute
sysctl --system
Once the command has been successfully executed, I found where the problem is.
* Applying /etc/sysctl.d/99-sysctl.conf ... * Applying /usr/lib/sysctl.d/elasticsearch.conf ... sysctl: permission denied on key 'vm.max_map_count' * Applying /etc/sysctl.conf ...
Now it’s time to open the file /usr/lib/sysctl.d/elasticsearch.conf where we will need to comment one line and problem should be solved.
We should change one line from
vm.max_map_count=262144
to
#vm.max_map_count=262144
Now we should to restart a service using the command
systemctl restart systemd-sysctl.service
And now we can make sure the service is up and running properly using the command
status systemd-sysctl.service
● systemd-sysctl.service - Apply Kernel Variables
Loaded: loaded (/lib/systemd/system/systemd-sysctl.service; static)
Active: active (exited) since Wed 2018-06-13 22:29:05 EEST; 5s ago
Docs: man:systemd-sysctl.service(8)
man:sysctl.d(5)
Process: 31532 ExecStart=/lib/systemd/systemd-sysctl (code=exited, status=0/SUCCESS)
Main PID: 31532 (code=exited, status=0/SUCCESS)
Enabling DNSSSEC on your DirectAdmin server
DNSSEC is a tool used to verify the validity of a dns lookup.
You can enable this feature in DirectAdmin 1.44.1 and newer by typing:
cd /usr/local/directadmin/scripts ./dnssec.sh install
After the command has been successfully executed. Please add the following to the ‘options { …. }’ section of your /etc/bind/named.conf.options:
dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; bindkeys-file "/etc/bind/named.iscdlv.key";
which should confirm if your named.conf is set, and will enable the dnssec=1 in the directadmin.conf automatically. If the script thinks you’re missing anything from your named.conf, it will tell you what to add.
To enable DNSSEC on a domain, go to:
Admin Level -> DNS Admin -> prado.lt
1. Click “Generate Keys”
2. then click “Sign”
3. You should now see values at the bottom of the zone. Copy the 2 DS records, and paste them into your domain registrar’s website.
If you have any subdomains created as full domains, you’ll need to follow extra steps to continue the chain of trust up the line into the main domain’s zone. For normal subdomains created under a domain, no extra action is required, as they’re part of the domain’s normal zone.
CentOS 7: Check if a system is vulnerable to a CVE
CVE stands for Common Vulnerabilities and Exposure. It’s a dictionary of publicly known information security vulnerabilities and exposures.
CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.
Continue reading “CentOS 7: Check if a system is vulnerable to a CVE”
Configure Fail2Ban for permanent and persistent bans
If you’re running server, you probably know its exposed services are constantly being probed and attacks are being attempted against it. Fortunately, an extremely useful, nice and nifty tool is here to help: Fail2Ban.
Fail2Ban scans service’s log files for patterns defined as regular expressions and, if an offending pattern is found a certain number of times within a given time frame, the corresponding source IP is banned for a configurable time, using local firewall rules such as iptables.
Continue reading “Configure Fail2Ban for permanent and persistent bans”
Security & bug fix releases PHP 7.1.18, 7.2.6
Security & bug fix releases
http://php.net/ChangeLog-7.php#7.1.18
http://php.net/ChangeLog-7.php#7.2.6
The PHP development team announces the immediate availability of PHP 7.2.6. This is a primarily a bugfix release which includes a memory corruption fix for EXIF. PHP 7.2 users are encouraged to upgrade to this version.
The PHP development team announces the immediate availability of PHP 7.1.18. All PHP 7.1 users are encouraged to upgrade to this version.
How to install Apache, PHP 7.2 and MySQL on CentOS 7.5 (LAMP)
This tutorial shows how to install an Apache web server on CentOS 7 server with PHP (mod_php) and MySQL database. The acronym LAMP is short for Linux, Apache, MySQL, PHP.
This tutorial shows the installation of the latest PHP version 7.2 on CentOS 7.5 Continue reading “How to install Apache, PHP 7.2 and MySQL on CentOS 7.5 (LAMP)”
How to set up software RAID1 on a running LVM system (incl. GRUB2 configuration) (Ubuntu 18.04)
This guide explains how to set up software RAID1 on an already running LVM system (Ubuntu 18.04). The GRUB2 bootloader will be configured in such a way that the system will still be able to boot if one of the hard drives fails (no matter which one).
I do not issue any guarantee that this will work for you!