When some users switch to a new email naming policy, they may need to duplicate email content. This process can be very demanding in terms of inodes and memory space.

In my experience, one client had over a hundred addresses. They needed to retain the old email addresses while maintaining a complete history of previous emails and setting up forwarding.

The transitions were as follows:

We use Maildir, and to avoid content redundancy. I wrote a basic script with the understanding that mail operations won’t alter the original emails. As the user can only:

  • Remove the email message, which will result in the removal of the symlink.
  • Or move the email message from one directory to another (e.g., Inbox => Archive, or Trash); which will be interpreted as moving the symbolic link to the directories .archives/cur or .trash/. Since we use full paths to describe the links, this won’t cause any issues and won’t alter the original files.

I have also excluded some maildir system files from being linked, starting usually with dovecot* or maildir*.

The script usage is straightforward:

./mailinker.sh mycpuser [email protected] [email protected]
Continue reading

You can use hooks in SolusVM 2 to automatically run custom scripts before or after specific events take place. Hooks should be set under this directory: /usr/local/solus/hooks/, they can be written using Bash, PHP, Python or else.

 
Basically what it does is whenever there is an event it sends in stdin a json snap with the event and the action (e.g.: new installation, os reinstall, restart, etc) to all files under the hooks’ folder.
 
Example of JSON code:
{  "action": "server-restart",  "stage": "pre",  "data": {    "uuid": "915b5ca2-ff02-45ab-ba73-2e90793e6819",    "virtualization_type": "vz"  }}

Continue reading

Amongst the PHP malwares targeting WP plugins’ vulnerabilities I encounter, some generate hundred of thousand of empty files with 0KB size in all folders and sub-folders recursively . which create diversion and affects the inodes capacity of an account. But diversion may not the only goal. as they are generated through an obfuscated code, so I can imagine that these filenames may be part of an obfuscation process. Instead of writing the directives directly in a PHP or text file, the information is gathered through the listing and ordering of the filenames, possible no? Or maybe I’m over-complicating it.
Continue reading

Any service that is exposed to the network is a potential target, and SSH being so widely deployed across the internet means that it represents a very predictable attack surface or attack vector through which people can try to gain access.

If you review the logs for your SSH service running on any widely trafficked server, you will often see repeated, systematic login attempts that represent brute force attacks by users and bots alike.

tail /var/log/auth.log
Continue reading

About

This basic scripts helps automating the creation of domains or subdomains.

Usage: Create a vhost

chmod +x setvhost.sh

Set the domain or subdomain

setvhost.sh —d subdomain3.example.com —u /var/www/mydir/public

or

setvhost.sh --domain subdomain3.example.com --directory /var/www/mydir/public

SSL for subdomains case

I usually use it with subdomains to which I add a wildcard certificate, which you can generate using acme.sh or certbot:

certbot certonly --manual --preferred-challenges=dns --email [email protected] --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d example.com -d *.example.com

You will have to add the returned DNS record for verification.

The returned cert has to be added to the SSL part of the skeleton file ‘vhost.skeleton.conf’:

SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pemSSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

Addon domains case

In this cas you will have to add to the end of the script an SSL request. For example, when used with certbot: certbot certonly –preferred-challenges http -d example.com

Cetbot instructions: https://certbot.eff.org/

Continue reading

About

This is a basic script that allows you to add aliases to an Apache config in which HTTP & HTTPs virtualhosts have already been set. I wrote the script to automate SAAS  processing. You can, however, customize it the way you wish.

Usage

Specify in setalias.sh the main vh that will be used as reference:

vh=”/etc/apache2/sites-available/saas.example.com.conf” main=”saas.example.com”

Then run your command:

setalias.sh add saas2.example.com

or

setalias.sh remove saas2.example.com

Continue reading