Suporte técnico
O suporte técnico está disponível a partir de qualquer uma das opções abaixo. Todos os pedidos de apoio devem ser feitos em Inglês. Você deve ser conectado à nossa área de clientes para abrir um bilhete com os departamentos de suporte, faturamento e licenciamento.
O suporte prioritário está disponível de segunda a sexta-feira das 8h às 17h MDT.
A data e a hora locais atuais são Sunday - 2022-10-02 06:29 am MDT.
Base de Conhecimento
Perguntas e respostas de auto-ajuda para suporte ao produto, incluindo perguntas de pré-vendas.
Documentação
Veja nossos manuais de produtos, alternar informações e documentação de suporte.
Bilhetes de suporte
Estamos aqui para ajudar, 24 horas por dia, 7 dias por semana. Suporte prioritário está disponível de segunda a sexta das 8h às 17h MDT
Downloads
Faça login na área do nosso cliente para acessar seus downloads de produtos.
Instruções de instalação
Saiba como instalar o produto.
Começando
Saiba como configurar o produto.
Solucionando problemas
Tendo problemas? Aprenda a diagnosticar e depurar problemas.
Base de Conhecimento
Perguntas e respostas de auto-ajuda para suporte ao produto, incluindo perguntas de pré-vendas.
Outdated Packages
1. Make sure your openssl, curl, and ca-certificates packages are up to date. Outdated packages can result in SSL errors when your server tries to communicate with our licensing server.:
// Centos/RHEL/CLoudLinux/AlmaLinux
yum update openssl curl ca-certificates
// Debian/Ubuntu
apt-get upgrade openssl curl ca-certificates
// You can test if your server can communicate properly with our licensing server using the wget command
// If you get an expired certificate error then your server packages are out of date.
wget https://www.danami.com
End of Life Operating Systems
If your server is end-of-life (Debian 8 or Ubuntu 16) then it will not be getting any type of package security updates so you can't update your openssl, curl, or ca-certificates packages . These outdated operating systems can no longer talk to any server that uses a Let's Encrypt certificate (like our licensing server). Users of end-of-life operating systems can use the fix below until they get their OS properly updated:
sed -i 's/mozilla\/DST_Root_CA_X3.crt/!mozilla\/DST_Root_CA_X3.crt/g' /etc/ca-certificates.conf
update-ca-certificates
/etc/init.d/psa restart
Restart Plesk Panel
2. Many times this error can be fixed by restarting the Plesk panel:
/etc/init.d/psa restart
Blocked Licensing Server IP Address
3. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are:
IPv4: 198.27.80.6
IPv6: 2607:5300:60:2106::
You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful.
openssl s_client -connect www.danami.com:443
If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem):
openssl s_client -connect www.danami.com:443 - returns:
socket: Bad file descriptor
connect:errno=9
Incorrect Time
4. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command:
Using ntpdate:
/usr/sbin/ntpdate -b -s time.nist.gov
Using chronyc:
chronyc -a makestep
Open a Ticket
5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Veja o artigo completo...
How to test SpamAssassin
To test the spam filter, it is necessary to send a Gtube test spam email using the command below (Replacing emailonserver@example.com with a real email account on the server). If the Anti-spam is working correctly you will see it listed in the maillog and in Warden log under Warden -> Logs -> Message Log. While testing, note that Gtube test email gives +1000 scores to spam. So, even if a mailbox is in the whitelist, mail still be detected as spam because whitelisted email gets -100 scores.
Disable Greylisting:
If greylisting is enabled then you must disable it on the recipient domain before running these tests.
/usr/local/psa/bin/grey_listing --update-domain example.com -status off
Centos/RHEL/CloudLinux/AlmaLinux:
echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" | mail -S smtp=localhost -r sender@example.com -s "Spam test example" emailonserver@example.com
Debian/Ubuntu:
apt-get install s-nail
echo "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X" | s-nail -S smtp=localhost -r sender@example.com -s "Spam test example" emailonserver@example.com
How to test ClamAV
To test the virus filter, it is necessary to download the eicar test virus email and send it using the command below (Replacing emailonserver@example.com with a real email account on the server). If the Anti-virus is working correctly you will see it get blocked and it will be listed in the maillog and in Warden -> Logs -> Message Log.
Disable Greylisting:
If greylisting is enabled then you must disable it on the recipient domain before running these tests.
/usr/local/psa/bin/grey_listing --update-domain example.com -status off
Centos/RHEL/CloudLinux/AlmaLinux:
wget http://www.eicar.org/download/eicar.com.txt
echo "TEST MESSAGE w/ ATTACHMENT" | mail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com
Debian/Ubuntu:
apt-get install s-nail
wget http://www.eicar.org/download/eicar.com.txt
echo "TEST MESSAGE w/ ATTACHMENT" | s-nail -S smtp=localhost -r sender@example.com -s "A/V test example" -a eicar.com.txt emailonserver@example.com
Veja o artigo completo...
As of ClamAV 0.103.2 the SafeBrowsing config option was deprecated. See here for more information. To fix the error edit the file freshclam.conf and comment out the SafeBrowsing line in the config file. You can use the command:
Centos/RHEL/Cloudlinux/AlmaLinux
sed -i -e "s/^SafeBrowsing /#SafeBrowsing /" /etc/freshclam.conf
Debian/Ubuntu
sed -i -e "s/^SafeBrowsing /#SafeBrowsing /" /etc/clamav/freshclam.conf
This has been fixed in Warden 2.08-1 and Sentinel 1-14-1 which was published to the Plesk extension directory.
Veja o artigo completo...
ClamAV Problems
First check and see that the ClamAV daemon is running properly. See: How can I check the status of ClamAV and fix any problems?
Password Protected Archives
Amavis will prepend to Subject (for local recipients only) if mail could not be decoded or checked entirely, e.g. due to password-protected archives.
To Disable the UNCHECKED Header
To disable this on Centos/RHEL edit the file /etc/amavisd/amavisd.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and add the line (before the last line 1;):
$undecipherable_subject_tag = undef;
After making the changes restart Amavis:
// Centos/RHEL/CloudLinux/AlmaLinux
systemctl restart amavisd
// Debian/Ubuntu
systemctl restart amavis
Veja o artigo completo...
Reject log
In the Warden reject log you see the message: Service unavailable - try again later.
In the /var/log/maillog
Nov 6 02:57:42 el7p17 postfix/smtpd[18663]: 1934840B4BF3: milter-reject: DATA from localhost.localdomain[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; from=<sender@example.com> to=<test@example.com> proto=SMTP helo=<localhost.localdomain>
Nov 6 02:57:44 el7p17 postfix/smtpd[18663]: A914C40B4BF3: milter-reject: DATA from localhost.localdomain[127.0.0.1]: 451 4.7.1 Service unavailable - try again later; from=<sender@example.com> to=<test@example.com> proto=SMTP helo=<localhost.localdomain>
This is normal behaviour when you have greylisting spam protection enabled. This option can be found under Tools & Settings -> Mail -> Spam Filter.
What is Greylisting?
Greylisting is a powerful Anti-Spam technology that is used to detect if the sending server of a message is RFC compliant. This is done through temporarily blocking unknown senders and caching details of the initial message. Since a majority of SPAM Servers or SPAMBots are not, large volumes of unwanted emails can potentially be filtered during SMTP transmission. Compliant Sending Mailservers, however, will resend the message after a short delay and it will be permitted.
How does Greylisting work?
When a message from an unknown sender arrives, it will be initially blocked by Greylisting. This block is in the form of a temporary 451 Error being returned to the Sending Server. This temporary error is considered by this server to be a "Delivery Delayed" notification and will resend the message after a period of time.
Veja o artigo completo...
By default mail with bad headers is quarantined for review but are still delivered to the users mailbox. If you would like to change this to discard or reject mail with bad headers you can change the setting under Warden -> Settings -> Filter Settings -> Final bad header destiny from pass to discard or reject.
To disable all bad header tests:
To disable all bad header tests on Centos/RHEL/CloudLinux/AlmaLinux edit the file /etc/amavisd/warden.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and search for the @bypass_header_checks_maps option.
Change from:
@bypass_header_checks_maps = (\%bypass_header_checks, \@bypass_header_checks_acl, \$bypass_header_checks_re);
Change to:
@bypass_header_checks_maps = [1];
After making these changes restart Amavis:
// Centos/RHEL/CloudLinux/AlmaLinux
systemctl restart amavisd
// Debian/Ubuntu
systemctl restart amavis
To disable all bad header tests for a specific policy bank (outgoing email only):
Go to Warden -> Settings -> Policy Banks and set the Disable bad header filter to Yes for the policy you want to disable it on.
To disable specific bad header tests:
There is an $allowed_header_tests option by which you can define what should be looked up during the bad-header checks, and the list is as follows:
other catchall for everything else - normally not used
mime Bad MIME (sub)headers or bad MIME structure
8bit Invalid non-encoded 8-bit characters in header
control Invalid control characters in header (CR or NUL)
empty Folded header field made up entirely of whitespace
long Header line longer than RFC 2822 limit of 998 characters
syntax Header field syntax error missing Missing required header field
multiple Duplicate or multiple occurrence of a header field
To disable certain tests on Centos/RHEL/CloudLinux/AlmaLinux edit the file /etc/amavisd/warden.conf or on Debian/Ubuntu edit the file /etc/amavis/conf.d/99-warden and search for the $allowed_header_tests option. Setting a test to 0 will disable that test:
$allowed_header_tests{'multiple'} = 0;
$allowed_header_tests{'missing'} = 0;
After making these changes restart Amavis:
// Centos/RHEL/CloudLinux/AlmaLinux
systemctl restart amavisd
// Debian/Ubuntu
systemctl restart amavis
Veja o artigo completo...
When trying to start Amavis you see this in the mail log:
Oct 02 03:20:15 condor3648 systemd[1]: Starting LSB: Starts amavisd-new mailfilter...
Oct 02 03:20:16 condor3648 amavis[1697]: starting. /usr/sbin/amavisd-new at condor3648.startdedicated.com amavisd-new-2.11.0 (20160426), Unicode aware, LC_ALL="C", LANG="en_US.UTF-8"
Oct 02 03:20:16 condor3648 amavis[1705]: (!)Net::Server: 2020/10/02-03:20:16 Can't connect to TCP port 10024 on ::1 [Cannot assign requested address]\n at line 64 in file /usr/share/perl5/Net/Server/Proto/TCP.pm
Oct 02 03:20:16 condor3648 amavis[1690]: Starting amavisd: amavisd-new.
Oct 02 03:20:16 condor3648 systemd[1]: Started LSB: Starts amavisd-new mailfilter.
To fix this edit the file /etc/amavisd/warden.conf on Centos/RHEL/Cloudlinux/AlmaLinux or /etc/amavis/conf.d/99-warden on Debian/Ubuntu and add the following line:
$inet_socket_bind = '127.0.0.1';
Now restart Amavis:
Centos/RHEL/CloudLinux/AlmaLinux
systemctl restart amavisd
Debian/Ubuntu
systemctl restart amavis
Veja o artigo completo...
Lots of people seem to be confused by the "autolearn=no" statement in the default X-Spam-Status header. There are usually questions regarding whether or not "no" means SpamAssassin is not autolearning at all. What it actually means is that the specific message which includes the "autolearn=no" part was not autolearned, not that autolearning is disabled or somehow broken.
The three values that can be displayed are "no" (autolearning did not occur), "ham" (the message was learned as ham), and "spam" (the message was learned as spam).
If a message has already been learned by SpamAssassin, then that message will not be learned again. Therefore, if you run a message through SpamAssassin to see why it was classified as spam or ham, and it has already been learned, you will always get the result "autolearn=no". (To see this more clearly, use the "-D" flag, and you will see debug output explaining that the message has already been learned.)
Furthermore, the score used to trigger autolearning is somewhat different than the one reported in the final score; therefore a score displayed in the headers that ostensibly should trigger autolearning will not do so. Again, use the "-D" flag to SpamAssassin, and you will see the score that is used to determine whether or not autolearning will be triggered.
Finally, SpamAssassin requires at least 3 points from the header and 3 points from the body, to auto-learn as spam. If either section contributes fewer points, the message will not be auto-learned.
Possible Autolearn States
ham: the message was learned as ham (non-spam)
spam: the message was learned as spam
no: the specific message didn't achieve the proper threshold values and requirements to be learned
disabled: the configuration specifies bayes_auto_learn 0 or use_bayes 0 and so no autolearning is attempted
failed: autolearning was attempted, but couldn't complete. This happens if SpamAssassin can't gain a lock on the Bayes database files, etc.
unavailable: autolearning not completed for any reason not covered above. It could be the message was already learned.
Reasons why Autolearn isn't Working
1. In order for autolearn to work you need at least 200 trained messages in the ham and spam category.
2. If using Redis Bayes storage your Bayes Token TTL might be too low so the spam entries expire before they reach the 200 trained messages threshhold. Try raising the Bayes Token TTL to 180d
Veja o artigo completo...
Instruções de instalação
Saiba como instalar o produto.
Começando
Saiba como configurar o produto.
Solucionando problemas
Tendo problemas? Aprenda a diagnosticar e depurar problemas.
Base de Conhecimento
Perguntas e respostas de auto-ajuda para suporte ao produto, incluindo perguntas de pré-vendas.
Outdated Packages
1. Make sure your openssl, curl, and ca-certificates packages are up to date. Outdated packages can result in SSL errors when your server tries to communicate with our licensing server.:
// Centos/RHEL/CLoudLinux/AlmaLinux
yum update openssl curl ca-certificates
// Debian/Ubuntu
apt-get upgrade openssl curl ca-certificates
// You can test if your server can communicate properly with our licensing server using the wget command
// If you get an expired certificate error then your server packages are out of date.
wget https://www.danami.com
End of Life Operating Systems
If your server is end-of-life (Debian 8 or Ubuntu 16) then it will not be getting any type of package security updates so you can't update your openssl, curl, or ca-certificates packages . These outdated operating systems can no longer talk to any server that uses a Let's Encrypt certificate (like our licensing server). Users of end-of-life operating systems can use the fix below until they get their OS properly updated:
sed -i 's/mozilla\/DST_Root_CA_X3.crt/!mozilla\/DST_Root_CA_X3.crt/g' /etc/ca-certificates.conf
update-ca-certificates
/etc/init.d/psa restart
Restart Plesk Panel
2. Many times this error can be fixed by restarting the Plesk panel:
/etc/init.d/psa restart
Blocked Licensing Server IP Address
3. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are:
IPv4: 198.27.80.6
IPv6: 2607:5300:60:2106::
You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful.
openssl s_client -connect www.danami.com:443
If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem):
openssl s_client -connect www.danami.com:443 - returns:
socket: Bad file descriptor
connect:errno=9
Incorrect Time
4. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command:
Using ntpdate:
/usr/sbin/ntpdate -b -s time.nist.gov
Using chronyc:
chronyc -a makestep
Open a Ticket
5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Veja o artigo completo...
To permanently disable all low level kernel messages (iptables etc) from flooding the console do the following changes (as root):
Edit the file /etc/sysctl.conf Add the following line:
kernel.printk = 4 1 1 7
The above changes will be effective at reboot or immediately using the following command:
/sbin/sysctl -p /etc/sysctl.conf
To make the changes only temporarily:
echo "4 1 1 7" > /proc/sys/kernel/printk
You can check the current setting with:
cat /proc/sys/kernel/printk
Veja o artigo completo...
This error means that your service provider is limiting the amount if iptables rules (numiptent) that your VPS is allowed to create. Your provider can easily raise this limit using the command below on the hardware note (it can't be run inside your VPS). If your provider refuses to raise this limit then it's time to look for a new service provider as they do not really care about your security.
vzctl set CID --numiptent 10000 --save
Users using Virtuozzo with a limit set will not be able to use the country or blocklists as they will usually put them over their limit.
Users can limit the amount of rules that Juggernaut will create by setting the deny permanently limit and deny temporarily limit under Juggernaut -> Settings -> General Settings. Juggernaut will rotate out older entries to stay under the limit set unless the entry is marked with "do not delete".
You can also try to limit the number of iptables rules used for country block lists under Juggernaut -> Settings -> Country Settings -> Ignore CIDR blocks smaller than (set it to something like /24). This will allow you to still block the majority of the country while ignoring the smaller networks.
Note
Virtuozzo 6 and below is not the ideal VPS because it does not support ipset for high performance firewall blocking. Most of the larger VPS providers like OVH, Digital Ocean, and Linode have long switched away from using Virtuozzo and now use KVM which fully supports ipset. Even Virtuozzo themselves have switched over to using KVM in Virtuozzo 7.
Veja o artigo completo...
Yes we support blocking attacks like these very easily. See below for more information:
How can I enable a custom login failure trigger for an application?
https://www.danami.com/clients/knowledgebase/174/How-can-I-enable-a-custom-login-failure-trigger-for-an-application.html
Login Failure Custom Triggers
https://docs.danami.com/juggernaut/user-guide/login-failure-custom-triggers
Veja o artigo completo...
Maxmind pulled public access to the GeoLite2 databases as of Dec 31/2019. You can read about the changes here:
https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
For now you will have to register on the Maxmind site and setup a free license key:
Signup
https://www.maxmind.com/en/geolite2/signup
Create a free license key (When asked - Will this key be used for geoipupdate? Choose: no)
https://www.maxmind.com/en/accounts/current/license-key
Then in Juggernaut go to Settings -> Geolocation Settings -> enter the MaxMind license key option.
Veja o artigo completo...
You can disable and enable the firewall from the command line using the following commands:
To disable the firewall:
csf -x
To re-enable the firewall:
csf -e
To get the list of all command line options:
csf --help
Veja o artigo completo...
ConfigServer Security & Firewall (csf) currently only supports using iptables so when upgrading to Debian 11, Ubuntu 20.04 LTS, or Ubuntu 22.04 LTS which uses nftables by default you must switch back to iptables.
Make sure that the iptables packages are installed:
# apt-get install iptables
Their are two variants of the iptables command:
1. legacy: Often referred to as iptables-legacy.
2. nf_tables: Often referred to as iptables-nft.
The newer iptables-nft command provides a bridge to the nftables kernel API and infrastructure and is recommended if it is supported by your OS. You can find out which variant is in use by looking up the iptables version. For iptables-nft, the variant will be shown in parentheses after the version number, denoted as nf_tables:
# iptables -V
iptables v1.8.4 (nf_tables)
1. To view your alternatives for running iptables you can run the command update-alternatives --config iptables
# update-alternatives --config iptables
There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).
Selection Path Priority Status
------------------------------------------------------------
* 0 /usr/sbin/iptables-nft 20 auto mode
1 /usr/sbin/iptables-legacy 10 manual mode
2 /usr/sbin/iptables-nft 20 manual mode
Press <enter> to keep the current choice[*], or type selection number:
2. Run the following commands to re-link any symbolic links:
ln -s /etc/alternatives/iptables /sbin/iptables 2>/dev/null
ln -s /etc/alternatives/iptables-save /sbin/iptables-save 2>/dev/null
ln -s /etc/alternatives/iptables-restore /sbin/iptables-restore 2>/dev/null
ln -s /etc/alternatives/ip6tables /sbin/ip6tables 2>/dev/null
ln -s /etc/alternatives/ip6tables-save /sbin/ip6tables-save 2>/dev/null
ln -s /etc/alternatives/ip6tables-restore /sbin/ip6tables-restore 2>/dev/null
3. Go to the Juggernaut Firewall -> Settings -> Binary Settings and press the default button at the bottom of the page to apply the correct iptables binary locations.
Now everything should be switched over to iptables and CSF should function correctly.
Veja o artigo completo...
To get your free Maxmind license key
Signup for the free license key here: https://www.maxmind.com/en/geolite2/signup
Generate a license key here (When asked - Will this key be used for geoipupdate? Choose: no)
Navigate to your Extension -> Settings -> Panel Application -> Geolocation Settings and enter the license key under MaxMind license key. (It might take 30 minutes before MaxMind will recognize a newly created key).
Press the update button to save your settings.
Veja o artigo completo...
Instruções de instalação
Saiba como instalar o produto.
Começando
Saiba como configurar o produto.
Solucionando problemas
Tendo problemas? Aprenda a diagnosticar e depurar problemas.
Base de Conhecimento
Perguntas e respostas de auto-ajuda para suporte ao produto, incluindo perguntas de pré-vendas.
Outdated Packages
1. Make sure your openssl, curl, and ca-certificates packages are up to date. Outdated packages can result in SSL errors when your server tries to communicate with our licensing server.:
// Centos/RHEL/CLoudLinux/AlmaLinux
yum update openssl curl ca-certificates
// Debian/Ubuntu
apt-get upgrade openssl curl ca-certificates
// You can test if your server can communicate properly with our licensing server using the wget command
// If you get an expired certificate error then your server packages are out of date.
wget https://www.danami.com
End of Life Operating Systems
If your server is end-of-life (Debian 8 or Ubuntu 16) then it will not be getting any type of package security updates so you can't update your openssl, curl, or ca-certificates packages . These outdated operating systems can no longer talk to any server that uses a Let's Encrypt certificate (like our licensing server). Users of end-of-life operating systems can use the fix below until they get their OS properly updated:
sed -i 's/mozilla\/DST_Root_CA_X3.crt/!mozilla\/DST_Root_CA_X3.crt/g' /etc/ca-certificates.conf
update-ca-certificates
/etc/init.d/psa restart
Restart Plesk Panel
2. Many times this error can be fixed by restarting the Plesk panel:
/etc/init.d/psa restart
Blocked Licensing Server IP Address
3. Make sure that you are not blocking the licensing server IP addresses on the servers firewall. Imunify360 is known to block our server IPs for some reason. Our licensing server IP addresses are:
IPv4: 198.27.80.6
IPv6: 2607:5300:60:2106::
You can run the following command to see if your server can connect to the licensing server. You should get a response of Verify return code: 0 (ok) if the connection was successful.
openssl s_client -connect www.danami.com:443
If you get the error below that means that your server cannot connect to our licensing server (usually that means there is a firewall or connection problem):
openssl s_client -connect www.danami.com:443 - returns:
socket: Bad file descriptor
connect:errno=9
Incorrect Time
4. Make sure that the date and time on the server is correct (The wrong time will cause the SSL certificate connection to fail). Install a NTP time sync daemon on your server like Chrony or if ntpdate is installed on the server you can sync your server time using the command:
Using ntpdate:
/usr/sbin/ntpdate -b -s time.nist.gov
Using chronyc:
chronyc -a makestep
Open a Ticket
5. If you have tried all of the above steps and you are still not able to connect to the licensing server please open a support ticket and include your servers IP address. The tech will run some additional tests on our side to see what the problem is.
Veja o artigo completo...
1. Double check that the default_monitor_mode is set:
Edit /usr/local/maldetect/conf.maldet and find and set:
default_monitor_mode="users"
2. Some users may also need to increase their inotify file watch limit on their systems before the maldet monitoring daemon will start.
To view your current limit:
cat /proc/sys/fs/inotify/max_user_watches
To raise your limit:
echo fs.inotify.max_user_watches=1048576 > /etc/sysctl.d/sentinel.conf
sysctl -p /etc/sysctl.d/sentinel.conf
Start the service:
systemctl restart maldet
Check the logs for any errors:
tail -f /usr/local/maldetect/logs/event_log
Example error of when max_user_watches is too low:
Please increase the amount of inotify watches allowed per user via `/proc/sys/fs/inotify/max_user_watches'.
Veja o artigo completo...
As of ClamAV 0.103.2 the SafeBrowsing config option was deprecated. See here for more information. To fix the error edit the file freshclam.conf and comment out the SafeBrowsing line in the config file. You can use the command:
Centos/RHEL/Cloudlinux/AlmaLinux
sed -i -e "s/^SafeBrowsing /#SafeBrowsing /" /etc/freshclam.conf
Debian/Ubuntu
sed -i -e "s/^SafeBrowsing /#SafeBrowsing /" /etc/clamav/freshclam.conf
This has been fixed in Warden 2.08-1 and Sentinel 1-14-1 which was published to the Plesk extension directory.
Veja o artigo completo...
There is a bug in the Linux Malware Detect v1.6.4 daily cron script. You can fix the error by changing line 69 in /etc/cron.daily/maldet
From:
elif [ $cron_daily_scan == "1" ]; then
To:
elif [ "$cron_daily_scan" == "1" ]; then
Veja o artigo completo...
Warden requires that you use the ClamAV packages from the EPEL repository. In order to prevent the wrong packages from being installed you must add the line exclude=clam* to any conflicting repositories.
For example if you have the imunify360 repo installed edit the file /etc/yum.repos.d/imunify360.repo. On CloudLinux servers the file to edit is: /etc/yum.repos.d/cloudlinux-imunify360.repo
Before:
[imunify360]
name=EL-7 - Imunify360
baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/
username=defense360
password=nraW!F@$x4Xd6HHQ
enabled=1
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux
After (Add exclude=clam* to the first section):
[imunify360]
name=EL-7 - Imunify360
baseurl=https://repo.imunify360.cloudlinux.com/defense360//el/7/updates/x86_64/
username=defense360
password=nraW!F@$x4Xd6HHQ
enabled=1
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360//RPM-GPG-KEY-CloudLinux
exclude=clam*
After this is done the extension installer will be able to complete successfully.
Veja o artigo completo...
To get your free Maxmind license key
Signup for the free license key here: https://www.maxmind.com/en/geolite2/signup
Generate a license key here (When asked - Will this key be used for geoipupdate? Choose: no)
Navigate to your Extension -> Settings -> Panel Application -> Geolocation Settings and enter the license key under MaxMind license key. (It might take 30 minutes before MaxMind will recognize a newly created key).
Press the update button to save your settings.
Veja o artigo completo...
You can change the interface language under Settings -> Application Settings -> Locale
We are looking for volunteers to fix any errors with the machine translations in our Plesk extensions for the following languages:
Español (Spain)
Français (France)
Português (Brazil)
Magyar (Hungary)
Русский (Russia)
Türkçe (Turkey)
Svenska (Sweden)
中文 (China)
中文 (Taiwan/Hong Kong)
日本語 (Japan)
Volunteers will get a free license for every Plesk extension that they help translate. The translator must be a native speaker of the language they are translating. The license will remain free as long as they want to remain the translator for that language. Open a support ticket though our client area if you are interested.
Veja o artigo completo...
To run a Malware Scan
Navigate to Sentinel Anti-malware -> Scan
Select the specific domains you want to scan or choose All domains to scan all of them.
Click the Scan button to start the scan.
After the scans are complete the scan report will be listed under the Reports tab.
To View a Scan Report
Navigate to Sentinel Anti-malware -> Reports
Click on a Scan ID entry in the grid for the report you want to view.
Any detected malware will be listed under the Malware Hits section.
To Perform an Action on the Malware hits
Click on the Actions tab for the scan report.
Choose an operation to perform from the select list (Quarantine, Restore, Clean, Email).
Press the Run button to perform the selected action.
Veja o artigo completo...