If you use the apache mod_security module on your apache server, you might encounter wrong 403 errors for several URL's of the cms systems. Here are some exception rules to avoid that:
For WordPress Blogs
For the ModX CMS
SecRuleRemoveById 300013 300014 300015 300016
SecRuleRemoveById 300013 300016
Add these rules inside the vhost file of the website. If you use ISPConfig to manage the server, then add the rules in the apache directives field of the website settings in ispconfig.
Many thanks to PlanetFox for providing the rules.
If you have a local mail server installed and change your server controlpanel to ISPConfig 3, having used ISPConfig 2 in the past, you may have to change the value that defines the form field observed by all functions in need of the address that mails are supposed to be delivered to (catchalls, etc.) on your mail server preferences since the identifier has changed from X-Delivered-To to Delivered-To in ISPConfig 3; otherwise the system won't be able to find the necessary information in the mails' headers.
Restart the server afterwards and you should find it working again.
Thanks to Alexander Fox for this post!
The ISPConfig 2 controlpanel installs its own copy of Spamassassin in the folder /home/admispconfig/ispconfig/tools/spamassassin . To update the Spamassassin filter rules in ISPConfig 2, run this command as root user:
To test if Spamassassin works with the new ruleset, run this command:
If it does not return an error message, then Spamassassin is working correctly.
The Webalizer package in Debian 6 has currently small bug as the required package for the GeoIP database is not installed automatically when Webalizer is installed. The symptoms are that Webalizer statistics was not created and this error message is displayed when Webalizer is run:
Error Opening file /usr/share/GeoIP/GeoIP.dat
The solution is to install the missing package manually:
apt-get install geoip-database
When a server has more then one IP address, then postfix will use all IP addresses randomly to send out emails. This can cause your emails to be listed as SPAM on other servers because the sending IP does not match the reverse IP of the server hostname. The solution is to bind postfix to the primary IP address of the server.
Edit the postfix main.cf file:
and add the line:
smtp_bind_address = 192.168.0.1
were 192.168.0.1 has to be replaced with the primary IP address of the server. Then restart postfix:
I've got the following error message on Debian Linux (6.0) with Courier IMAP server:
Filesystem notification initialization error -- contact your mail
administrator (check for configuration errors with the FAM/Gamin library)
when I tried to access a IMAP share. The resaon for the problem seems to be that the "fam" package was not working correctly. The solution is to install the gamin package which can replace fam in a courier setup:
apt-get install gamin
Dont worry when you get a message from apt that libfam0 gets uninstalled but is required by courier. This had no geative effects on my server.
The following guide explains the installation of the apache module "mod_evasive". Mod_evasive tracks the number of requests of files at the apache webserver and blocks the delivery in case that a certain limit has been reached.
apt-get install libapache2-mod-evasive
Create the log directory for mod_evasive
mkdir -p /var/log/apache2/evasive
chown -R www-data:root /var/log/apache2/evasive
Now we add the configuration for the module at the end of the file /etc/apache2/mods-available/mod-evasive.load
so that it looks like this:
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
and restart apache:
If you get the error "/dev/zero: No space left on device" in the apache error.log on a OpenVZ virtual machine, then the shared memory size in the xcache.ini is too high or the xcache.mm_path is set wrong.
Edit the file /etc/php5/conf.d/xcache.ini
and check the mm_path. On a OpenVZ virtual machine it should be set to "/tmp/xcache" as /dev/zero might not work correctly in a virtual machine:
xcache.mmap_path = "/tmp/xcache"
Then restart apache2:
and check if the error has been resolved.
If the roor still occurs after some time, you will have to reduce the xcache.size.
Edite the xcache.ini file:
and set xcache.size to e.g. 8 MB
xcache.size = 8M
Then restart apache2:
The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started.
I will use VPSID as placeholder for the ID of the virtual machine in the commands and the script. Replace VPSID with the id of the virtual machine that you want to create the script for, e.g. replace VPSID with 101.
Create the script:
and insert the following lines:
mount -n --bind -onosuid,noexec /vz/vps/VPSID/tmp /vz/root/VPSID/tmp
mount -n --bind -onosuid,noexec /vz/vps/VPSID/shm /vz/root/VPSID/dev/shm
now make the sscript executable:
chmod 700 /etc/vz/conf/VPSID.mount
In case you plan to virtualize your server infrastructure and migrate physical servers to OpenVZ virtual machines, you may find this tutorial helpful:
I used this to migrate a ISPConfig Debian system to OpenVZ successfully.