ServerBuddies Support Blog

Increase Courier-IMAP Limits in Plesk

Plesk is configured with the following limitations for Courier-IMAP.

1. A single IP address can establish 4 connections simultaneously.

2. IMAP connections are not established more than 40 connections.

You can increase Courier-IMAP e-mail server limits by editing the file - ‘/etc/courier-imap/imapd’.

Steps:

1. Open the file - /etc/courier-imap/imapd

2. Navigate the line “MAXPERIP”. You can find the value as 4.

3. Change this value as per your wish and save the file

4. Navigate the line “MAXDAEMONS” and change its value to 80

5. Save the file

6. Restart Plesk service

Tags: Courier-IMAP, Limits, plesk

Unable to enable sendmail in Virtuzzo Power Panel (VZPP)

The exact issue :

Unable to enable sendmail using “Virtuzzo -> system services -> xinetd (tab) -> sendmail” section.

This is mainly occurring due to one entry /etc/xinetd.d/sendmail file. In order to fix this issue, do the following:

Modify :
service smtp
{
disable=yes
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}

Modify it to :

service smtp
{
disable=no
socket_type = stream
protocol = tcp
wait = no
user = root
group = root
server = /usr/sbin/sendmail
server_args = -bs -Am
nice = 5
instances = 10
}

restart the xinetd using:

Verify the sendmail status using “Virtuzzo -> system services -> xinetd (tab) -> sendmail”. You can see that the status of sendmail now changed to “enabled”.

Tags: enable, Panel (VZPP), Power, sendmail, Unable, Virtuzzo

How to Encrypt Shell Script

We all know that anyone can read shell script.Think if any one gets access to the shell script which has root password and all stored in it. Its really a security risk. Now we have a solution for that ie all this risk can be avoided if the shell script is encrypted and then executed. The utility used for that is called shc

I will explain how to install it and then use it for the encrypting purpose

1) Download from http://www.datsi.fi.upm.es/~frosal/sources/shc-3.7.tgz

2) Untar it

3) To install it follow the below given steps

4) After install it will create a binary called shc, use it to encrypt the shell scripts
5) Write a shell script, lets call it heloworld.sh

6) To test shc execute the command

Option -f is used to encrypt
7) Now you will get an encrypted version of the script. It will be named something like heloworld.sh.x
Its an encrypted version and you can execute it as you wish

9) You have an encrypted shell script.

Tags: encrypt, Script, shell

Preventing potential cross-site scripting vulnerability

There is a security issue related to Acrobat Reader version 7.08 and earlier versions . The flaw let hackers use a technique known as cross-site scripting, in which they blend malicious JavaScript with a link to a Portable Document Format (PDF) file on a Web site to hijack a user’s computer.

There is a server wide workaround for those who do not have the latest versions.

1 Search DefaultType in /usr/local/apache/conf/httpd.conf
After “DefaultType text/plain”
Add 

2  Next  Enable mod_headers and check the version of apache (go to the specified directory)

3 Search modsec in /usr/local/apache/conf/httpd.conf after the line add the following.

<IfModule mod_headers.c>
<FilesMatch “\.pdf$”>
Header append Content-Disposition “attachment;”
</FilesMatch>
</IfModule>

4 Restart apache

Tags: cross-site, potential, Preventing, scripting, vulnerability

How to limit server resource allocation to system users

The file /etc/security/limits.conf, contains the various limits for users or groups that can be set. In this case, we set the max locked-in-memory address space, memlock (KB). For example, if user bob needed to have a hard limit of 512 MB of RAM, then add in the following line:

Where domain can be

The “type” can have following two values

The “item” can be one of the following values

Tags: allocation, Limit, resource, server, System, users