rolo2912

Hi all, Behind schedule on this but I am still running php v. 5.5.9.1 on my froxlor server. Having some "old" scripts running I would like to have v7 running site by site with the old, non-supported version. I am running php as FCGI so my question is how I can install v7. Unfortunatly I could not find anything in the wiki or documentation about it. Some information out on the web suggest to do the following: add-apt-repository ppa:ondrej/php apt-get update apt install php7.1 Will doing this keep the current php version running? How can the v7 be used in froxlor --> php configurations. At present php binary points to /usr/bin/php-cgi and file extension is php. Any information or hint is welcome. Thank you in advance.

Ok, very sorry for this. Running all the cron-jobs in the world did not restart the apache webserver because there was an error in one of the SSL config files. So no reload of the webserver was done and hence the cert request not updated. Fixed this temporarily and restarted apache manually and it worked again.

Bit clueless about this on. Have letsencrypt running for a good number of month. Works perfect so far. Now on domain is giving me trouble. At present the error message is: Connection not secure ... Advanced: https://www.pharmabrutscher.de/ Peer’s Certificate has expired. HTTP Strict Transport Security: false HTTP Public Key Pinning: false Checking the setting I found that the SSL Cert had expired. I have deleted the Cert, deleted the files in /etc/ssl/froxlor-custom and removed 2 alias domains (just in case that is giving troubles). Removing the SSL support and LetsEncrypt features in the domain and adding them again trigged the creation of a new cert and under SSL it apears to be valid. Still both firefox and chrome complain about an expired certificated. What am I missing here? Not too sure what is meant by Peers Certificate? All other Certs are running perfectly and get updated. Maybe someone can kindly give me a hint in the right direction. Very much appreciated. Thank you.

In an earlier post it was mentioned: not from within the panel...but just add something like this to a manually created config file that you are able to include in apache.conf I tried the following: In the apache2.conf I added this: IncludeOptional sites-enabled_froxlor/*.conf In the newly created folder I added a file froxlor.conf with the following content: <Directory "/var/www/froxlor/"> Options -Indexes AuthType Basic AuthName "Restricted Area" AuthUserFile /etc/apache2/froxlor_htpasswd/froxlor.htpasswd require valid-user </Directory> The password file is stored in the /etc/apache2/froxlor_htpasswd/froxlor.htpasswd file. However the Apache is not picking up the directions. It is reading the file froxlor.conf for sure. If for example the </Directory> is missing it gives an error message on restart. My guess is, that it is ignored, because the file 10_froxlor_ipandport_xx.xxx.xxx.xx.xx.conf contains the <Virtual Host> including the <Director> options for the var/www/froxlor directory and everything outside the Virtual Host is ignored. Is there any possibility to get the Baisc Authentification working for the froxlor directory? Thank you for any hint.

Is the setting causing problems when using the Email forwarding to an external email address? IE: email address abcdef@adomainonfroxlorserver.com forward to abcdef@gmail.com

Thanks for your quick response. I am using external nameservers, so can you tell me, please, what the standard TXT Record is that is used in froxlor?

Just wondering, is anyone using DMARC or SFP settings on the Nameservers to protect against spoofing. Never noticed it before but on gmail they seem to check against sfp settings. Before: Received-SPF: none (google.com: info@xxxxxxxxxxxxx.ie does not designate permitted sender hosts) client-ip=xx.xxx.xxx.xxx; Authentication-Results: mx.google.com; spf=neutral (google.com: info@xxxxxxxxxxxxx.ie does not designate permitted sender hosts) smtp.mail=info@xxxxxxxxxxxx.ie Received: from www.xxxxxxxxxxxx.ie (xxxxxxx.xxxxxxserver.net [xx.xxx.xxx.xxx]) After adding a TXT record to the Nameserver: TXT "v=spf1 mx -all" Authentication-Results: mx.google.com; spf=pass (google.com: domain of info@xxxxxxxxxxxxx.ie designates xx.xxx.xxx.xxx as permitted sender) smtp.mail=info@xxxxxxxxxxxx.ieReceived: from www.xxxxxxxxxxxx.ie (xxxxxxxxxx.xxxxxxxxserver.net [xx.xxx.xxx.xxx]) by xxxxxxxxxx.xxxxxxxxserver.net (Postfix) with ESMTPA id fsdasdsdafsfdxxsdfadsf My Questions: 1. Did anyone implement this on all the domains running on a froxlor server? 2. If Yes, what record did they use? 3. Is there anything to watch out for? IE. The sender domain is not the one specified in the Postfix-Configuration. Does this cause problems? Thank you for any feedback. Regards, rolo2912

Thanks so much for this link. Installed it.

That is the problem. No unusual activity. I have logwatch running and the outgoing emails reported are not a lot and all send to the typical receipient. My question is if there are modifications out there that bypass the standard MTA and use the server to send out spam? If yes, how can they be detected?

Got an email from my blacklist-monitoring service with the following content: Various sorts of open proxies. An open proxy is generally a web server that allows email sending to piggyback on a script that sends email. Dedicated Spam BOTs used to send spam. Worms/viruses that do their own direct mail transmission. Trojan-horse or "stealth" spamware. Did anyone else ever experience this? Checked the log-files but cant find any unusual activities. Could it be that the spam is sent out "under the radar" not loged in the logfiles? How can I check if the webserver is an open proxy? Thank you for any advice.

My 1 cent thoughts : google ads if needs to be. It is extremly pleasent to have a forum without any adds. Maybe 2 versions of the forum (with/without ads); pay for without. It would be interesting to see how many users (servers) are out there using froxlor. This would give an idea how much could be raised. pay for features, good idea. sponsers, yes. Is this option currently available ?