How to Install KISS My Firewall on Ensim Control Panel
KISS My Firewall is a FREE iptables script designed for a typical web server. It takes advantage of the latest firewall technologies including stateful packet inspection and connection tracking. It also contains some preventative measures for port scanning, DoS attacks, and IP spoofing, among other things.
KISS My Firewall 2 is very easy to install and does not require any initial configuration. It will work with any stock installation of Ensim WEBppliance Basic & Pro, Plesk, and Webmin. Cpanel installations require some modifications.
When logged in as root ( “su -” ), type:
cd /usr/bin
wget http://www.indotek.com/kiss/kiss-2.2.tar.gz
tar zxvf kiss-2.2.tar.gz
That’s it! To get it running anywhere on the command line, you simply type:
To stop the firewall, type:
To get status information, type:
If you want to block an offenders IP address/subnet, simply edit the BLOCK_LIST variable in the /usr/bin/kiss file. You can separate IP addresses and subnet’s with a space. Once you are finished, simply restart KISS by typing:
Reset the license for Ensim Pro Control Panel Linux
Ensim Pro Control Panel license is tied to a MAC-address. Therefore, when you change your network card, Ensim does not recognize the license as valid anymore.
Rename /etc/appliance/.license/.LIC_file and /etc/appliance/.license/.MLK_file so that the license would be treated as a new one by Ensim
# mv /etc/appliance/.license/.MLK_file /etc/appliance/.license/.MLK_file.bak
# mv /etc/appliance/.license/.LIC_file /etc/appliance/.license/.LIC_file.bak
Once this is done, we need to contact support to reset the license.
IP aliases disappears after network services is restarted in Ensim
If networks service has been restarted server looses the IP aliases set by ensim.
To get all IP aliases back restart virtualhosting service.
# service virtualhosting restart
How to disable anonymous FTP in EnsimPro for Linux
By deafult the configuration file is: /etc/proftpd.conf has the last line as:
include “/etc/proftpd/anonymousftp”
which means anonymous ftp is enabled.
Upon commenting this out with a ” # ” and restarting the service ,anonymous ftp is disabled.
Prevention of infinite mail loop with Auto Responder
This mostly happens when the mail account using autoreponder gets lot of spam mail, and as many of these spam mails use bogus From addresses, this account also recieves many mailer-daemon responses while replying to these bogus email addresses.
1) Edit /home/virtual/FILESYSTEMTEMPLATE/sendmail/etc/smrsh/responder.sh (This file is hardlinked into all the domains having autoresponder enabled as
/home/virtual/[domainname]/etc/smrsh/responder.sh)
and comment out:
${PYTHONBIN} ${RUNAPP} $@ > /dev/null 2>&1
so it looks like:
# ${PYTHONBIN} ${RUNAPP} $@ > /dev/null 2>&1
Then insert after it:
procmail -a “$*” /etc/auto.rc
2) Create the file called auto.rc with the following lines:
:0
* ^FROM_MAILER
/dev/null
:0
| /usr/bin/python2 /usr/lib/opcenter/sendmail/responder.pyc $1
Copy this file to /home/virtual/[domainname]/etc/ for all the domains using autoresponder.
(You may want to use virtDomain.sh to automatically copy or create this file when ever a new domain is added)
Now anything coming from MAILER-DAEMON or postmaster that goes to the responder will be sent to /dev/null.
Anything else will be sent to the responder.
Reference: http://parallels.com
