Technischer Support ist unter allen folgenden Optionen verfügbar. Alle Support-Anfragen müssen in Englisch erfolgen. Sie müssen in unserem Kundenbereich eingeloggt sein, um ein Ticket mit den Support-, Abrechnungs- und Lizenzierungsabteilungen zu öffnen.

Die bevorzugte Unterstützung ist von Montag bis Freitag von 8:00 bis 17:00 Uhr verfügbar. MST.
Das aktuelle lokale Datum und die aktuelle Uhrzeit Thursday - 2021-01-21 06:52 am MST.




Installationsanleitung

Erfahren Sie, wie Sie das Produkt installieren.

Erste Schritte

Erfahren Sie, wie Sie das Produkt konfigurieren.

Problembehandlung

Haben Sie Probleme? Erfahren Sie, wie Sie Probleme diagnostizieren und debuggen.

Knowledgebase

Fragen und Antworten zur Selbsthilfe für den Produktsupport, einschließlich Pre-Sales-Fragen.


How to test SpamAssassin To test the spam filter, it is necessary to send a Gtube test spam email using the command below (Replacing emailonserver@example.com with a real email account on the server). If the Anti-spam is working correctly you will see it listed in the maillog and in Warden log under Warden -> Logs -> Message Log. While testing, note that Gtube test email gives +1000 scores to spam. So, even if a mailbox is in the whitelist, mail still be detected as spam because whitelisted email gets -100 scores. Disable Greylisting: If greylisting is enabled then you must disable it on the recipient domain before running these tests. /usr/local/psa/bin/grey_listing --update-domain example.com -status off Centos / RHEL / CloudLinux: echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" | mail -S smtp=localhost -r sender@example.com -s "Spam test example" emailonserver@example.com Debian / Ubuntu: apt-get install s-nail echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" | s-nail -S smtp=localhost -r sender@example.com -s "Spam test example" emailonserver@example.com How to test ClamAV
To test the virus filter, it is necessary to download the eicar test virus email and send it using the command below (Replacing emailonserver@example.com with a real email account on the server). If the Anti-virus is working correctly you will see it get blocked and it will be listed in the maillog and in Warden -> Logs -> Message Log. Disable Greylisting: If greylisting is enabled then you must disable it on the recipient domain before running these tests. /usr/local/psa/bin/grey_listing --update-domain example.com -status off Centos / RHEL / CloudLinux: wget http://www.eicar.org/download/eicar.com.txt echo "TEST MESSAGE w/ ATTACHMENT" | mail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com Debian / Ubuntu: apt-get install s-nail wget http://www.eicar.org/download/eicar.com.txt echo "TEST MESSAGE w/ ATTACHMENT" | s-nail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com
Vollständiger Artikel anzeigen...

Amavis with ClamAV will scan inside zip files by default. You can also extend the protection by using the sanesecurity foxhole databases.

The sanesecurity free ClamAV rules will cover this. Take a look at the Foxhole databases specifically

http://sanesecurity.com/foxhole-databases/

How to enable free ClamAV Third Party Signatures

https://www.danami.com/clients/knowledgebase/137/How-can-I-install-third-party-unofficial-signatures-for-ClamAV.html
Vollständiger Artikel anzeigen...

Uninstalling Warden is as easy as going to Extensions -> My Extensions -> Warden Anti-spam and Virus Protection -> Press the remove button. You can also uninstall the extension on the command line with: /usr/local/psa/bin/extension --uninstall warden
Vollständiger Artikel anzeigen...

1. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are: IPv4: 198.27.80.6 IPv6: 2607:5300:60:2106:: You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful. openssl s_client -connect www.danami.com:443 If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem): openssl s_client -connect www.danami.com:443 - returns: socket: Bad file descriptor connect:errno=9 2. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command: /usr/sbin/ntpdate -b -s time.nist.gov 3. Many times this error can be fixed by restarting the Plesk panel: /etc/init.d/psa restart 4. Lastly make sure your openssl and curl packages are up to date: // Centos / RHEL yum update openssl curl // Debian / Ubuntu apt-get update openssl curl 5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Vollständiger Artikel anzeigen...

Warden requires that you use the ClamAV packages from the EPEL repository. In order to prevent the wrong packages from being installed you must add the line exclude=clam* to any conflicting repositories.
For example if you have the imunify360 repo installed edit the file /etc/yum.repos.d/imunify360.repo Before: [imunify360] name=EL-7 - Imunify360 baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/ username=defense360 password=nraW!F@$x4Xd6HHQ enabled=1 gpgcheck=1 gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux After: [imunify360] name=EL-7 - Imunify360 baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/ username=defense360 password=nraW!F@$x4Xd6HHQ enabled=1 gpgcheck=1 gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux exclude=clam* After this is done the extension installer will be able to complete successfully.
Vollständiger Artikel anzeigen...

Amavis will prepend to Subject (for local recipients only) if mail could not be decoded or checked entirely, e.g. due to password-protected archives. To disable this on Centos/RHEL edit the file /etc/amavisd/amavisd.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and add the line (before the last line 1;): $undecipherable_subject_tag = undef; After making the changes restart Amavis: // Centos/RHEL/Cloudlinux systemctl restart amavisd // Debian/Ubuntu systemctl restart amavis
Vollständiger Artikel anzeigen...

You can change the interface language under Settings -> Application Settings -> Locale   We are looking for volunteers to fix any errors with the machine translations in our Plesk extensions for the following languages: Español (Spain)
Français (France)
Português (Brazil)
Magyar (Hungary)
Русский (Russia)
Türkçe (Turkey)
Svenska (Sweden)
中文 (China)
中文 (Taiwan/Hong Kong)
日本語 (Japan) Volunteers will get a free license for every Plesk extension that they help translate. The translator must be a native speaker of the language they are translating. The license will remain free as long as they want to remain the translator for that language. Open a support ticket though our client area if you are interested.  
Vollständiger Artikel anzeigen...

By default mail with bad headers is quarantined for review but are still delivered to the users mailbox. If you would like to change this to discard mail with bad headers you can change the setting under Warden -> Settings -> Filter Settings -> Final bad header destiny from pass to discard. To disable all bad header tests: To disable all bad header tests on Centos/RHEL edit the file /etc/amavisd/warden.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and search for the @bypass_header_checks_maps option. Change from: @bypass_header_checks_maps = (\%bypass_header_checks, \@bypass_header_checks_acl, \$bypass_header_checks_re); Change to: @bypass_header_checks_maps = [1]; To disable all bad header tests for a specific policy bank: If we want to keep bad header tests enabled for incoming email but disable them for our own users. Edit the file /etc/amavisd/warden.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and add the bypass_header_checks_maps => [1] line to the SUBMISSION and SENDMAIL policy banks: ## POLICY BANKS # submission, SMTPS services $policy_bank{'SUBMISSION'} = { originating => 1, warnbadhsender => 0, terminate_dsn_on_notify_success => 0, bypass_header_checks_maps => [1], }; # sendmail, pickup services $interface_policy{'10027'} = 'SENDMAIL'; $policy_bank{'SENDMAIL'} = { originating => 1, warnbadhsender => 0, terminate_dsn_on_notify_success => 0, bypass_header_checks_maps => [1], }; To disable specific bad header tests: There is an $allowed_header_tests option by which you can define what should be looked up during the bad-header checks, and the list is as follows: other catchall for everything else - normally not used mime Bad MIME (sub)headers or bad MIME structure 8bit Invalid non-encoded 8-bit characters in header control Invalid control characters in header (CR or NUL) empty Folded header field made up entirely of whitespace long Header line longer than RFC 2822 limit of 998 characters syntax Header field syntax error missing Missing required header field multiple Duplicate or multiple occurrence of a header field To disable certain tests on Centos/RHEL edit the file /etc/amavisd/warden.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and search for the $allowed_header_tests option. Setting a test to 0 will disable that test: $allowed_header_tests{'multiple'} = 0; $allowed_header_tests{'missing'} = 0; After making these changes restart Amavis: // Centos/RHEL/Cloudlinux systemctl restart amavisd // Debian/Ubuntu systemctl restart amavis  
Vollständiger Artikel anzeigen...

Alle anzeigen...


Installationsanleitung

Erfahren Sie, wie Sie das Produkt installieren.

Erste Schritte

Erfahren Sie, wie Sie das Produkt konfigurieren.

Problembehandlung

Haben Sie Probleme? Erfahren Sie, wie Sie Probleme diagnostizieren und debuggen.

Knowledgebase

Fragen und Antworten zur Selbsthilfe für den Produktsupport, einschließlich Pre-Sales-Fragen.


To permanently disable all low level kernel messages (iptables etc) from flooding the console do the following changes (as root):

Edit the file /etc/sysctl.conf Add the following line: kernel.printk = 4 1 1 7 The above changes will be effective at reboot or immediately using the following command: /sbin/sysctl -p /etc/sysctl.conf To make the changes only temporarily: echo "4 1 1 7" > /proc/sys/kernel/printk You can check the current setting with: cat /proc/sys/kernel/printk
Vollständiger Artikel anzeigen...

Maxmind pulled public access to the GeoLite2 databases as of Dec 31/2019. You can read about the changes here: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ For now you will have to register on the Maxmind site and setup a free license key: Signup
https://www.maxmind.com/en/geolite2/signup Create a free license key (When asked - Will this key be used for geoipupdate? Choose: no)
https://www.maxmind.com/en/accounts/current/license-key Then in Juggernaut go to Settings -> Geolocation Settings -> enter the MaxMind license key option.
Vollständiger Artikel anzeigen...

Yes we support blocking attacks like these very easily. See the howto for how to enable a custom login failure trigger:
https://docs.danami.com/juggernaut/how-tos/enable-login-failure-triggers
Vollständiger Artikel anzeigen...

This error means that your service provider is limiting the amount if iptables rules (numiptent)  that your VPS is allowed to create. Your provider can easily raise this limit using the command below on the hardware note (it can't be run inside your VPS). If your provider refuses to raise this limit then it's time to look for a new service provider as they do not really care about your security. vzctl set CID --numiptent 10000 --save Users using Virtuozzo with a limit set will not be able to use the country or blocklists as they will usually put them over their limit. Users can limit the amount of rules that Juggernaut will create by setting the deny permanently limit and deny temporarily limit under Juggernaut -> Settings -> General Settings. Juggernaut will rotate out older entries to stay under the limit set unless the entry is marked with "do not delete". You can also try to limit the number of iptables rules used for country block lists under Juggernaut -> Settings -> Country Settings -> Ignore CIDR blocks smaller than (set it to something like /24). This will allow you to still block the majority of the country while ignoring the smaller networks. Note
Virtuozzo 6 and below is not the ideal VPS because it does not support ipset for high performance firewall blocking. Most of the larger VPS providers like OVH, Digital Ocean, and Linode have long switched away from using Virtuozzo and now use KVM which fully supports ipset. Even Virtuozzo themselves have switched over to using KVM in Virtuozzo 7.
Vollständiger Artikel anzeigen...

Maxmind pulled public access to the GeoLite2 databases as of Dec 30/2019. You now need a free license key before you can download them. You can read about the changes here:

https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ Instructions for how to sign up for the free license key can be found below: Warden Anti-spam and Virus Protection
https://docs.danami.com/warden/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key Juggernaut Firewall
https://docs.danami.com/juggernaut/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key Sentinel Anti-malware
https://docs.danami.com/sentinel/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key
Vollständiger Artikel anzeigen...

You can disable and enable the firewall from the command line using the following commands:

To disable the firewall: csf -x To re-enable the firewall: csf -e To get the list of all command line options: csf --help
Vollständiger Artikel anzeigen...

1. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are: IPv4: 198.27.80.6 IPv6: 2607:5300:60:2106:: You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful. openssl s_client -connect www.danami.com:443 If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem): openssl s_client -connect www.danami.com:443 - returns: socket: Bad file descriptor connect:errno=9 2. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command: /usr/sbin/ntpdate -b -s time.nist.gov 3. Many times this error can be fixed by restarting the Plesk panel: /etc/init.d/psa restart 4. Lastly make sure your openssl and curl packages are up to date: // Centos / RHEL yum update openssl curl // Debian / Ubuntu apt-get update openssl curl 5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Vollständiger Artikel anzeigen...

You can change the interface language under Settings -> Application Settings -> Locale   We are looking for volunteers to fix any errors with the machine translations in our Plesk extensions for the following languages: Español (Spain)
Français (France)
Português (Brazil)
Magyar (Hungary)
Русский (Russia)
Türkçe (Turkey)
Svenska (Sweden)
中文 (China)
中文 (Taiwan/Hong Kong)
日本語 (Japan) Volunteers will get a free license for every Plesk extension that they help translate. The translator must be a native speaker of the language they are translating. The license will remain free as long as they want to remain the translator for that language. Open a support ticket though our client area if you are interested.  
Vollständiger Artikel anzeigen...

Alle anzeigen...


Installationsanleitung

Erfahren Sie, wie Sie das Produkt installieren.

Erste Schritte

Erfahren Sie, wie Sie das Produkt konfigurieren.

Problembehandlung

Haben Sie Probleme? Erfahren Sie, wie Sie Probleme diagnostizieren und debuggen.

Knowledgebase

Fragen und Antworten zur Selbsthilfe für den Produktsupport, einschließlich Pre-Sales-Fragen.


1. Double check that the default_monitor_mode is set: Edit /usr/local/maldetect/conf.maldet and find and set: default_monitor_mode="users" 2. Some users may also need to increase their inotify file watch limit on their systems before the maldet monitoring daemon will start. To view your current limit: cat /proc/sys/fs/inotify/max_user_watches To raise your limit: echo fs.inotify.max_user_watches=524288 > /etc/sysctl.d/sentinel.conf
sysctl -p /etc/sysctl.d/sentinel.conf Start the service:

service maldet restart
Vollständiger Artikel anzeigen...

Maxmind pulled public access to the GeoLite2 databases as of Dec 30/2019. You now need a free license key before you can download them. You can read about the changes here:

https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ Instructions for how to sign up for the free license key can be found below: Warden Anti-spam and Virus Protection
https://docs.danami.com/warden/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key Juggernaut Firewall
https://docs.danami.com/juggernaut/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key Sentinel Anti-malware
https://docs.danami.com/sentinel/settings/panel-application/geolocation-settings#how-to-get-a-maxmind-license-key
Vollständiger Artikel anzeigen...

There is a bug in the Linux Malware Detect v1.6.4 daily cron script. You can fix the error by changing line 69 in /etc/cron.daily/maldet From: elif [ $cron_daily_scan == "1" ]; then To: elif [ "$cron_daily_scan" == "1" ]; then
Vollständiger Artikel anzeigen...

1. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are: IPv4: 198.27.80.6 IPv6: 2607:5300:60:2106:: You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful. openssl s_client -connect www.danami.com:443 If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem): openssl s_client -connect www.danami.com:443 - returns: socket: Bad file descriptor connect:errno=9 2. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command: /usr/sbin/ntpdate -b -s time.nist.gov 3. Many times this error can be fixed by restarting the Plesk panel: /etc/init.d/psa restart 4. Lastly make sure your openssl and curl packages are up to date: // Centos / RHEL yum update openssl curl // Debian / Ubuntu apt-get update openssl curl 5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Vollständiger Artikel anzeigen...

Warden requires that you use the ClamAV packages from the EPEL repository. In order to prevent the wrong packages from being installed you must add the line exclude=clam* to any conflicting repositories.
For example if you have the imunify360 repo installed edit the file /etc/yum.repos.d/imunify360.repo Before: [imunify360] name=EL-7 - Imunify360 baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/ username=defense360 password=nraW!F@$x4Xd6HHQ enabled=1 gpgcheck=1 gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux After: [imunify360] name=EL-7 - Imunify360 baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/ username=defense360 password=nraW!F@$x4Xd6HHQ enabled=1 gpgcheck=1 gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux exclude=clam* After this is done the extension installer will be able to complete successfully.
Vollständiger Artikel anzeigen...

You can change the interface language under Settings -> Application Settings -> Locale   We are looking for volunteers to fix any errors with the machine translations in our Plesk extensions for the following languages: Español (Spain)
Français (France)
Português (Brazil)
Magyar (Hungary)
Русский (Russia)
Türkçe (Turkey)
Svenska (Sweden)
中文 (China)
中文 (Taiwan/Hong Kong)
日本語 (Japan) Volunteers will get a free license for every Plesk extension that they help translate. The translator must be a native speaker of the language they are translating. The license will remain free as long as they want to remain the translator for that language. Open a support ticket though our client area if you are interested.  
Vollständiger Artikel anzeigen...

Enabling ClamAV Third Party Signatures The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Yara-Rules Project, etc. The clamav-unofficial-sigs script will also generate and install cron, logrotate, and man files. See: clamav-unofficial-sigs for more information. Important
• Rysnc requires that port 873 TCP OUT be opened if you are using a firewall. It must be opened in order to use the script.
• The ClamAV daemon will use over 1GB RAM when enabling the all the signatures together.
• The new signatures will be downloaded to the /var/lib/clamav directory. Centos/RHEL/Cloudlinux There are packages in the EPEL repo that make it easy to install the third party signatures. Signatures will be updated automatically using a cron that the package installs. yum install rsync wget unzip bind-utils clamav-unofficial-sigs // the config file is located at /etc/clamav-unofficial-sigs/user.conf // run the command once to test (run as root) /usr/sbin/clamav-unofficial-sigs.sh // you can view the log using the command tail -f /var/log/clamav-unofficial-sigs/clamav-unofficial-sigs.log You should see the new signatures downloaded to the /var/lib/clamav directory. Debian/Ubuntu There are no up-to-date packages for Debian/Ubuntu so we must install it manually. apt-get install rsync wget unzip dnsutils wget https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip unzip master.zip cd clamav-unofficial-sigs-master/ cp -f clamav-unofficial-sigs.sh /usr/local/bin/ chmod 755 /usr/local/bin/clamav-unofficial-sigs.sh mkdir /etc/clamav-unofficial-sigs/ cp -r config/* /etc/clamav-unofficial-sigs/ cd /etc/clamav-unofficial-sigs/ // Copy /etc/clamav-unofficial-sigs/os/os.your-distro.conf to the parent directory as /etc/clamav-unofficial-sigs/os.conf where your-distro is your distribution and version e.g. cp /etc/clamav-unofficial-sigs/os/os.ubuntu.conf /etc/clamav-unofficial-sigs/os.conf Edit the file /etc/clamav-unofficial-sigs/user.conf and uncomment your user config options making sure to set default_dbs_rating to LOW, MEDIUM, or HIGH and uncomment the user_configuration_complete
option after you are done. # Default dbs rating # valid rating: LOW, MEDIUM, HIGH default_dbs_rating="MEDIUM" # Uncomment the following line to enable the script user_configuration_complete="yes" Run the script once as your superuser to set all the permissions and create the relevant directories: /usr/local/bin/clamav-unofficial-sigs.sh --force Install the cron, log rotate and man pages: /usr/local/bin/clamav-unofficial-sigs.sh --install-cron /usr/local/bin/clamav-unofficial-sigs.sh --install-logrotate /usr/local/bin/clamav-unofficial-sigs.sh --install-man You should see the new signatures downloaded to the /var/lib/clamav directory. Signatures Requiring Registration: MalwarePatrol Free
- We do not recommend using MalwarePatrol due to the high number of false positives from that signature provider.  
Vollständiger Artikel anzeigen...

Normally running nightly scans should not be necessary after doing your first full scan because all changed files in your vhosts tree are scanned automatically when the anti-malware monitor is enabled. If you would like to switch to nightly scans instead you should disable the anti-malware monitoring. When the anti-malware monitoring is disabled Sentinel will run the nightly cron /etc/cron.daily/maldet which will scan the entire vhosts tree nightly. To disable the anti-malware monitoring and switch to nightly scans: systemctl disable maldet systemctl stop maldet After the anti-malware monitoring is disabled you will see it marked as "Inactive" in the Sentinel dashboard: To re-enable the anti-malware monitoring and switch back to real-time monitoring: systemctl enable maldet systemctl start maldet After the anti-malware monitoring is enabled you will see it marked as "Active" in the Sentinel dashboard:  
Vollständiger Artikel anzeigen...

Alle anzeigen...