Home Blog Page 5

Enabling External Commands in Nagios / Ubuntu

Enabling External Commands in Nagios / Ubuntu

I get caught by the following quite often (too many Nagios installations!):

Error: Could not stat() command file ‘/var/lib/nagios3/rw/nagios.cmd’!
 The external command file may be missing, Nagios may not be running, and/or Nagios may not be checking external commands. An error occurred while attempting to commit your command for processing.

The correct way to fix this in Ubuntu is:

service nagios3 stop
dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw
dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3
service nagios3 start

P.s. from this site

Good luck

What is SPF?

0

What is SPF?

SPF was initiated by Meng Weng Wong of pobox.com to enable validation of legitimate sources of email for a domain and is now an IETF standard (RFC 4408).

An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain.

The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Recipients can refer to the SPF record to determine whether a message purporting to be from your domain comes from an authorized mail server.

If your domain does not have an SPF record, some recipient domains may reject messages from your users because they cannot validate that the messages come from an authorized mail server.

In this way, SPF helps mail servers distinguish forgeries from real mail by making it possible for a domain owner to say, “I only send mail from these machines”. That way, if any other machines try to send mail from that domain, the mail server knows that the From address is forged. Briefly, the design intent of the SPF resource record (RR) is to allow a receiving MTA (Message Transfer Agent) to interrogate the Name Server (DNS) of the domain which appears in the email (the sender) and determine if the originating IP of the mail (the source) is authorized to send mail for the sender’s domain. The mail sender is required to publish an SPF RR (documented here) in the DNS zone file for their domain but this is transparent to the sending MTA.

In the last years, SPF records are increasingly being used as a filter for email. That means that failing to put one on your domains (or that of your clients) can result in email being sent directly to the spam bin, bounced back or even deleted.

SPF vs Sender ID

SPF and Sender ID are not the same. They differ in what they validate and what layer of the e-mail system they are concerned with, but both use the same syntax for their policy records:

  • SPF validates the HELO domain and the MAIL FROM address against the policies published via DNS (SPF record).
  • Sender ID is a Microsoft protocol derived from SPF which validates one of the message’s address header fields defined by RFC 2822. Since it was derived from SPF, Sender ID can also validate the MAIL FROM. But it defines the new PRA identity to validate, and defines new sender policy record tags that specify whether a policy covers MAIL FROM (called MFROM by Sender ID), PRA, or both.

The tag for SPF records is “v=spf1” while Sender ID is using other tags like “spf2.0/pra”, “spf2.0/from”,…

Which is better? Neither is better because they solve different problems:

  • SPF can be compared to other SMTP layer protocol like CSV/CSA.
  • Sender ID can be compared to other RFC 2822 layer protocols like DomainKeys IM(DKIM)

How to configure SPF Record?

0

How to configure SPF Record?

This section defines HOWTO configure a Sender Policy Framework (SPF) record for a domain and its mail servers.

The SPF information SHOULD be defined in a standard TXT resource record (RR) and MAY now be defined in an SPF RR type (BIND releases from 9.4.0 support the SPF RR type RFC 4408).

The SPF RR is functionally identical to a TXT record with SPF data as text field:
TXT:name   ttl   class   TXT   text
SPF:name   ttl   class   TXT   SPF

Here are 2 examples of this DNS records:
TXT:example.com.   IN   TXT   “description”
SPF:example.com.   IN   TXT   “v=spf1 mx include:example.net -all”

Look at the record quotes in the text field. These quotes are required for proper operation.

SPF Wizard

0

SPF Wizard

This ajax enabled wizard will guide you through the process of creating or editing a SPF record for your DNS domain. You should add this DNS record to your domain’s DNS configuration.

For complete details, please refer to the SPF record Homepage at http://www.openspf.org/

SPF Wizard process of creating or editing a SPF record

Evaluation of an SPF record can return any of these results:

Result Explanation Intended action
Pass The SPF record designates the host to be allowed to send accept
Fail The SPF record has designated the host as NOT being allowed to send reject
SoftFail The SPF record has designated the host as NOT being allowed to send but is in transition accept but mark
Neutral The SPF record specifies explicitly that nothing can be said about validity accept
None The domain does not have an SPF record or the SPF record does not evaluate to a result accept
PermError A permanent error has occured (eg. badly formatted SPF record) unspecified
TempError A transient error has occured accept or reject

 

The “all” mechanism

all

This mechanism always matches. It usually goes at the end of the SPF record.

Examples:

"v=spf1 mx -all"

Allow domain’s MXes to send mail for the domain, prohibit all others.

"v=spf1 -all"

The domain sends no mail at all.

"v=spf1 +all"

The domain owner thinks that SPF is useless and/or doesn’t care.

The “ip4” mechanism

ip4:<ip4-address>
ip4:<ip4-network>/<prefix-length>

The argument to the “ip4:” mechanism is an IPv4 network range. If no prefix-length is given, /32 is assumed (singling out an individual host address).

Examples:

"v=spf1 ip4:192.168.0.1/16 -all"

Allow any IP address between 192.168.0.1 and 192.168.255.255.

The “ip6” mechanism

ip6:<ip6-address>
ip6:<ip6-network>/<prefix-length>

The argument to the “ip6:” mechanism is an IPv6 network range. If no prefix-length is given, /128 is assumed (singling out an individual host address).

Examples:

"v=spf1 ip6:1080::8:800:200C:417A/96 -all"

Allow any IPv6 address between 1080::8:800:0000:0000 and 1080::8:800:FFFF:FFFF.

"v=spf1 ip6:1080::8:800:68.0.3.1/96 -all"

Allow any IPv6 address between 1080::8:800:0000:0000 and 1080::8:800:FFFF:FFFF.

The “a” mechanism

a
a/<prefix-length>
a:<domain>
a:<domain>/<prefix-length>

All the A records for domain are tested. If the client IP is found among them, this mechanism matches.

If domain is not specified, the current-domain is used.

The A records have to match the client IP exactly, unless a prefix-length is provided, in which case each IP address returned by the A lookup will be expanded to its corresponding CIDRprefix, and the client IP will be sought within that subnet.

"v=spf1 a -all"

The current-domain is used.

"v=spf1 a:example.com -all"

Equivalent if the current-domain is example.com.

"v=spf1 a:mailers.example.com -all"

Perhaps example.com has chosen to explicitly list all the outbound mailers in a special A record under mailers.example.com.

"v=spf1 a/24 a:offsite.example.com/24 -all"

If example.com resolves to 192.0.2.1, the entire class C of 192.0.2.0/24 would be searched for the client IP. Similarly for offsite.example.com. If more than one A record were returned, each one would be expanded to a CIDR subnet.

The “mx” mechanism

mx
mx/<prefix-length>
mx:<domain>
mx:<domain>/<prefix-length>

All the A records for all the MX records for domain are tested in order of MX priority. If the client IP is found among them, this mechanism matches.

If domain is not specified, the current-domain is used.

The A records have to match the client IP exactly, unless a prefix-length is provided, in which case each IP address returned by the A lookup will be expanded to its corresponding CIDRprefix, and the client IP will be sought within that subnet.

Examples:

"v=spf1 mx mx:deferrals.domain.com -all"

Perhaps a domain sends mail through its MX servers plus another set of servers whose job is to retry mail for deferring domains.

"v=spf1 mx/24 mx:offsite.domain.com/24 -all"

Perhaps a domain’s MX servers receive mail on one IP address, but send mail on a different but nearby IP address.

The “ptr” mechanism

ptr
ptr:<domain>

The hostname or hostnames for the client IP are looked up using PTR queries. The hostnames are then validated: at least one of the A records for a PTR hostname must match the original client IP. Invalid hostnames are discarded. If a valid hostname ends in domain, this mechanism matches.

If domain is not specified, the current-domain is used.

If at all possible, you should avoid using this mechanism in your SPF record, because it will result in a larger number of expensive DNS lookups.

Examples:

"v=spf1 ptr -all"

A domain which directly controls all its machines (unlike a dialup or broadband ISP) allows all its servers to send mail. For example, hotmail.com or paypal.com might do this.

"v=spf1 ptr:otherdomain.com -all"

Any server whose hostname ends in otherdomain.com is designated.

The “exists” mechanism

exists:<domain>

Perform an A query on the provided domain. If a result is found, this constitutes a match. It doesn’t matter what the lookup result is – it could be 127.0.0.2.

When you use macros with this mechanism, you can perform RBL-style reversed-IP lookups, or set up per-user exceptions.

Examples:

In the following example, the client IP is 1.2.3.4 and the current-domain is example.com.

"v=spf1 exists:example.com -all"

If example.com does not resolve, the result is fail. If it does resolve, this mechanism results in a match.

The “include” mechanism

include:<domain>

The specified domain is searched for a match. If the lookup does not return a match or an error, processing proceeds to the next directive. Warning: If the domain does not have a valid SPF record, the result is a permanent error. Some mail receivers will reject based on a PermError.

Examples:

In the following example, the client IP is 1.2.3.4 and the current-domain is example.com.

"v=spf1 include:example.com -all"

If example.com has no SPF record, the result is PermError.
Suppose example.com’s SPF record were “v=spf1 a -all”.
Look up the A record for example.com. If it matches 1.2.3.4, return Pass.
If there is no match, other than the included domain’s “-all“, the include as a whole fails to match; the eventual result is still Fail from the outer directive set in this example.

Trust relationships — The “include:” mechanism is meant to cross administrative boundaries. Great care is needed to ensure that “include:” mechanisms do not place domains at risk for giving SPF Pass results to messages that result from cross user forgery. Unless technical mechanisms are in place at the specified otherdomain to prevent cross user forgery, “include:” mechanisms should give a Neutral rather than Pass result. This is done by adding “?” in front of “include:“. The example above would be:

"v=spf1 ?include:example.com -all"

In hindsight, the name “include” was poorly chosen. Only the evaluated result of the referenced SPF record is used, rather than acting as if the referenced SPF record was literally included in the first. For example, evaluating a “-all” directive in the referenced record does not terminate the overall processing and does not necessarily result in an overall Fail. (Better names for this mechanism would have been “if-pass”, “on-pass”, etc.)

Modifiers

Modifiers are optional. A modifier may appear only once per record. Unknown modifiers are ignored.

The “redirect” modifier

redirect=<domain>

The SPF record for domain replace the current record. The macro-expanded domain is also substituted for the current-domain in those look-ups.

Examples:

In the following example, the client IP is 1.2.3.4 and the current-domain is example.com.

"v=spf1 redirect=example.com"

If example.com has no SPF record, that is an error; the result is unknown.
Suppose example.com’s SPF record was “v=spf1 a -all”.
Look up the A record for example.com. If it matches 1.2.3.4, return Pass.
If there is no match, the exec fails to match, and the -all value is used.

The “exp” modifier

exp=<domain>

If an SMTP receiver rejects a message, it can include an explanation. An SPF publisher can specify the explanation string that senders see. This way, an ISP can direct nonconforming users to a web page that provides further instructions about how to configure SASL.

The domain is expanded; a TXT lookup is performed. The result of the TXT query is then macro-expanded and shown to the sender. Other macros can be used to provide an customized explanation.

 

How to increase the number of sites that can be hosted on a Parallels Plesk Panel for Linux server

0

How to increase the number of sites that can be hosted on a Parallels Plesk Panel for Linux server

Symptoms

There are going to be more than 300 sites on a Linux box running with Parallels Plesk Panel. Are there any prerequisites that have to be met?

Resolution

By default, the Apache server allows the hosting of no more than 300 websites on a single box. This is due to a limitation on the number of files that can be opened by the Apache process at one time, which is usually 1,024. Apache needs to open 2-4 log files for each site hosted on the server, and once it reaches the opened-file limit, it crashes.

  1. The best practice for this case is to recompile Apache with an increased number of allowed file descriptors, as per our Knowledge Base article:260 How to recompile Apache, PHP, and IMAP with increased value of file descriptors larger than FD_SETSIZE (1024) on a RedHat-like system
  2. In case you do not want to recompile the Apache package, you may enable the Piped Logs feature, which allows you to have up to 900 sites on one server. More details can be found here:2066 How do I enable Piped Logs for Apache Web Server?
  3. Alternatively, you may use the trick below in order to increase the maximum number of allowed open file descriptors:Add ulimit -n 65536 at the beginning of the Apache init script, like this:
    # head -13 /etc/init.d/apache2
    #!/bin/sh
    ### BEGIN INIT INFO
    # Provides: apache2
    # Required-Start: $local_fs $remote_fs $network $syslog $named
    # Required-Stop: $local_fs $remote_fs $network $syslog $named
    # Default-Start: 2 3 4 5
    # Default-Stop: 0 1 6
    # X-Interactive: true
    # Short-Description: Start/stop apache2 web server ### END INIT INFO
    set -e
    ulimit -n 65536
    

    Then restart Apache:

    # /etc/init.d/apache2 restart
    

    Note: The file name and content may be different on your system. Another example:

    # head -16 /etc/init.d/httpd
    #!/bin/bash
    #
    # httpd Startup script for the Apache HTTP Server
    #
    # chkconfig: - 85 15
    # description: Apache is a World Wide Web server. It is used to serve 
    # HTML files and CGI.
    # processname: httpd
    # config: /etc/httpd/conf/httpd.conf
    # config: /etc/sysconfig/httpd
    # pidfile: /var/run/httpd.pid
    # Source function library.
    . /etc/rc.d/init.d/functions
    ulimit -n 65536
    

    Restart Apache:

    # /etc/init.d/httpd restart
    

Additional information

As of the release of Parallels Plesk Panel 11.0 Nginx can be installed as a reverse proxy server in front of Apache. It will help you run more sites on one server.

Such a combination of Nginx and Apache provides the following advantages:

  • The maximum allowed number of concurrent connections to a website increases.
  • The consumption of server CPU and memory resources decreases.
  • The maximum effect will be achieved for websites with a large amount of static content (like photo galleries, video streaming sites, and so on).Efficiency of serving visitors with a slow connection speed (GPRS, EDGE, 3G, and so on) improves. For example, a client with a 10 KB/s connection requests a PHP script, which generates a 100 KB response. If there is no Nginx installed on the server, the response is delivered by Apache. During these 10 seconds required to deliver the response, Apache and PHP continue to consume full system resources for this open connection. If Nginx is installed, Apache forwards the response to Nginx (the Nginx-to-Apache connection is very fast as both of them are located on the same server) and releases system resources. As Nginx has a lower memory footprint, the overall load on the system decreases. If you have a large number of such slow connections, using Nginx will significantly improve website performance.

See the Parallels Plesk Panel 11 Administrator’s guide for more details.

 

P.s. From KB

http://kb.sp.parallels.com/en/113974

 

Good luck

Fortinet Fortigate Linux VPN Client

0

Fortinet Fortigate Linux VPN Client

SSL VPN standalone tunnel client applications are available for Windows, Linux, and Mac OS X systems (see the Release Notes for your FortiOS firmware for the specific versions that are supported). There are separate download files for each operating system.

 

Note: Windows users can also download the tunnel mode client from an SSL VPN web portal that contains the Tunnel Mode widget.

 

The most recent version of the SSL VPN standalone client applications can be found at: http://support.fortinet.com/

 

To download the SSL VPN tunnel client

 

1. Log in to Fortinet Support at http://support.fortinet.com/.

2. In the Download area, select Firmware Images.

3. Select FortiGate.

4. Select v4.00 and then select the latest firmware release.

5. Select SSL VPN Clients.

6. Select the appropriate client.Windows:

 

  • SslvpnClient.exe or SslvpnClient.msiLinux
  • forticlientsslvpn_linux_<version>.tar.gzMac OS X
  • forticlientsslvpn_macosx_<version>.dmg

 

Note: The location of the SSL VPN tunnel client on the Support web site is subject to change. If you have difficulty finding the appropriate file, contact Customer Support.

 

To use the SSL VPN standalone tunnel client (Linux)

 

1. Go to the folder where you installed the Linux tunnel client application and double-click on ‘forticlientsslvpn’.

 

2. Enter the following information.

 

  • Connection If you have pre-configured the connection settings, select the connection from the list and then select Connect. Otherwise, enter the settings in the fields below.To pre-configure connection settings, see “To configure tunnel client settings (Windows)” on page 68.
  • Server Enter the IP address or FQDN of the FortiGate unit that hosts the SSL VPN. In the smaller field, enter the SSL VPN port number (default 10443).
  • User Enter your user name.
  • Password Enter the password associated with your user account.
  • Certificate Use this field if the SSL VPN requires a certificate for authentication.Select the certificate file (PKCS#12) from the drop-down list, or select the Browse (…) button and find it.
  • Password Enter the password required for the certificate file.
  • Settings… Select to open the Settings dialog. See “To configure tunnel client settings (Linux)” on page 68.

 

 

Use the Connect and Stop buttons to control the tunnel connection.To configure tunnel client settings (Linux)

 

To configure tunnel client settings (Linux)

 

1. Go to the folder where you installed the Linux tunnel client application and double-click forticlientsslvpn.

 

2. Select Settings….

 

3. Select Keep connection alive until manually stopped to prevent tunnel connections from closing due to inactivity.

 

4. Select Start connection automatically.The next time the tunnel mode application starts, it will start the last selected connection.

 

5. If you use a proxy, enter in Proxy the proxy server IP address and port. Enter proxy authentication credentials immediately below in User and Password.

 

6. Select the + button to define a new connection, or select from the list an existing connection to modify. For a new connection, the Connection window opens. For an existing connection, the current settings appear in the Settings window and you can modify them.

 

7. Enter the connection information. If you are creating a new connection, select Createwhen you are finished.See “To use the SSL VPN standalone tunnel client (Linux)” on page 68 for information about the fields.8 Select Done.

 

Update 22.05.2015:

As of version 4.4.2313 Fortinet modified quite a few files resp. deleted some .sh files as for example the sysconfig.linux.sh file were we made the Ubuntu 15.04 changes. Also when you start the program it still shows version 4.4.2312 which means they forgot to increment the version number. Until now I only tested for Ubuntu 14.04 32/64bit, your are welcome to test for other OS variants.

Forticlient SSLVPN 4.4.2313 32bit
Forticlient SSLVPN 4.4.2313 64bit

Old versions:

Modified version (works with Ubuntu 15.04):

Forticlient SSLVPN 4.4.2312-3 32bit
Forticlient SSLVPN 4.4.2312-3 64bit

Unmodified version (works with Ubuntu < 15.04):

Forticlient SSLVPN 4.4.2312 32bit
Forticlient SSLVPN 4.4.2312 64bit

Forticlient SSLVPN 4.4.2307 32bit
Forticlient SSLVPN 4.4.2307 64bit

Forticlient SSLVPN 4.4.2303 32bit
Forticlient SSLVPN 4.4.2303 64bit

Forticlient – SSLVPN .deb packages

Fortinet Fortigate Linux SSL VPN Client

http://www.fortigate.cz/forticlient-download/

http://paulgrenyer.blogspot.co.il/2010/02/linux-fortinet-vpn-client.html

Installing Nagios 3 Installation Guides

Installing Nagios 3 Installation Guides

Hello all ,

Full list of Installation Guides of Nagios 3 (Installing Nagios 3 Installation Guides) 🙂 

With Nagios you can:

  • Monitor your entire IT infrastructure
  • Spot problems before they occur
  • Know immediately when problems arise
  • Share availability data with stakeholders
  • Detect security breaches
  • Plan and budget for IT upgrades
  • Reduce downtime and business losses

Nagios is a powerful monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes.

Designed with scalability and flexibility in mind, Nagios gives you the peace of mind that comes from knowing your organization’s business processes won’t be affected by unknown outages.

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure. Nagios allows you to detect and repair problems and mitigate future issues before they affect end-users and customers.

Good luck ,

===================================

https://wiki.gentoo.org/wiki/Nagios/HOWTO

http://www.ghacks.net/2010/04/04/configure-alerts-for-email-and-contact-groups-in-nagios/

http://lowendbox.com/blog/remote-server-monitoring-with-nagios/

http://beginlinux.com/blog/2010/03/nagios-central-monitoring/

http://www.kernelhardware.org/nagios-nrpe-to-monitor-remote-linux-server/

Install And Configure Nagios on Ubuntu 14.04 LTS

Installing Nagios on Ubuntu

http://willbradley.name/2011/09/13/monitoring-remote-hosts-with-nagios/

How To Monitor Remote Linux Host using Nagios 3.0

http://blog.tiaoh.com/2012/11/20/nagios-core-3-4-1-on-ubuntu-12-04lts-server-edition/

https://help.ubuntu.com/10.04/serverguide/nagios.html

https://www.digitalocean.com/community/tutorials/how-to-install-nagios-on-ubuntu-12-10

http://geekpeek.net/install-nagios-core-4-on-ubuntu/

http://www.linuxharbour.com/configuration-of-nagios-3/

Install Nagios3 on Ubuntu 13.10 VPS for monitoring virtual servers and services

How to install and configure Nagios on Linux

http://netkiller.github.io/monitoring/nagios.html

https://www.digitalocean.com/community/tutorials/how-to-install-nagios-on-centos-6

https://www.linode.com/docs/uptime/monitoring/monitor-services-with-nagios-on-ubuntu-12-04-precise-pangolin

How to set up Nagios Remote Plugin Executor (NRPE) in Linux

https://kura.io/2010/03/21/configuring-nagios-to-monitor-remote-load-disk-using-nrpe/

Git with Notepad++

Git with Notepad++

I am sure all developers love git and notepad++ as a editor. When you are doing web development on windows, its boring to go to the git bash to commit your files. But, there is a convenient way to commit files from notepad++ itself.

Here are a few steps to use git and commit your files from Notepad++:

  • Download and install Tortoise Git
  • Download and install mysysgit
  • Download the dll file for git on notepad++ from here
  • Drop the .dll file into the plugins folder of notepad++
  • One thing to make sure, you must already have committed repo in your computer
  • So next time whenever you commit from notepad++, it can recognize the file structure and all you got to do is to enter username and password
  • Open Notepad++, Plugins -> Git -> Commit File
  • Put your commit message and rest is simple (username and password)

Done 🙂

 

# About Git:

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and ClearCase with features like cheap local branching, convenient staging areas, and multiple workflows.

 

# About Notepad++ :

Notepad++ is a free (as in “free speech” and also as in “free beer”) source code editor and Notepad replacement that supports several languages. Running in the MS Windows environment, its use is governed by GPL License. Based on the powerful editing component Scintilla, Notepad++ is written in C++ and uses pure Win32 API and STL which ensures a higher execution speed and smaller program size. By optimizing as many routines as possible without losing user friendliness, Notepad++ is trying to reduce the world carbon dioxide emissions. When using less CPU power, the PC can throttle down and reduce power consumption, resulting in a greener environment.

 

 

Good luck .

 

Link for source :

Git with Notepad++

http://notepad-plus-plus.org/

http://git-scm.com/

Tranzila notify PHP mail

0

Tranzila notify PHP mail

TRANZILA is a leading Payment Gateway for secure Internet Transaction Processing

TRANZILA provides merchants with advanced online solutions and infrastructure for credit cards processing, e–business hosting and e–commerce management. Our leading online credit card clearing service is based on state-of-the-art technologies and architecture. Our clients enjoy the highest standards of speed, reliability and serviceability.

PHP script that send mail – from notify URL .

<?php
$to  = '[email protected]' . ', ';
#need to change when will be in production
#$to .= '[email protected]';

$subject = "New Order " . $_POST['Response'] . " " .  "param " . " " . $_POST['param'];

#test subject str_replace
#$subject = str_replace(array("n", "r"), '', $_GET['sum']);

#$comment = $_POST['message'];

// To send HTML mail, the Content-type header must be set

$headers = "From: " . strip_tags($_POST['email']) . "rn" .
        "Reply-To: " . strip_tags($_POST['email']) . "rn" .
       	'MIME-Version: 1.0' . "rn" .
		"Content-Type: text/html; charset=utf-8rn" .
		"Content-Transfer-Encoding: 8bitrnrn";
$message = print_r($_POST, true);

// message
$message = "סוג עיסקה: " .strip_tags($_POST['Response']) . " " .  "מייל: " . " " . $_POST['email'] . " " .  "param" . " " . $_POST['param'] . " " .  "כתובת: " . " " . $_POST['address'] . " " .  "עיר: " . " " . $_POST['city'];

mail($to,$subject,$message,$headers);

#test

#test

#print to array
echo '<pre>';
print_r($_POST);
echo '</pre>';
?>

My bitbucket account is : https://bitbucket.org/kamtec1/

Link to Repository of this script : https://bitbucket.org/kamtec1/tranzila-notify-php-mail

 

Good luck.

Чисто News, выпуск 79, от 29-го октября, 2014г

Чисто News, выпуск 79, от 29-го октября, 2014г

LOL 🙂 I am in Ukraine  TV 1+1  🙂 see from min. 15:00

Компания «Студия Квартал-95» была основана в 2003 году на базе команды КВН «95 Квартал». За 10 лет своего существования компания заняла лидирующие позиции на украинском рынке, предоставляя полный комплекс услуг в сфере производства телевизионных и кино-проектов.
Визитной карточкой компании, как и на заре творческой деятельности, так и сейчас остается популярное развлекательное юмористическое шоу «Вечерний Квартал». Но за годы своего существования «Студия Квартал-95» успешно развила ряд других направлений. Это и производство телевизионных фильмов и сериалов, и съемки полнометражного кино, и производство телевизионных продуктов различного формата, а также концертная деятельность и организация масштабных мероприятий.
На сегодняшний день «Студия Квартал-95» является крупнейшим продакшеном на территории Украины. Большой профессиональный авторский коллектив компании, состоящий более чем из тридцати авторов, занимается написанием сценариев для кино и телевизионных проектов (развлекательные телешоу, телевизионные фильмы и сериалы, художественное кино и мюзиклы).
Сериал «Сваты» можно по праву назвать самым успешным украинским телевизионным продуктом. На сегодняшний день фильм увидели зрители в более чем десяти странах мира: в России, Белоруссии, Болгарии, Молдове, Латвии, Литве, Эстонии, Казахстане, Израиле, Австралии и США. Его герои заслужено стали всенародными любимцами. Дважды, в 2012 и в 2014 годах, сериал был номинирован на премию телевизионного фестиваля в Монте-Карло, попав в тройку лидеров комедийных сериалов мира, собравших у экранов на протяжении года наибольшее число телезрителей на пяти континентах (в 2012 – вместе с сериалами «Отчаянные домохозяйки» и «Теория большого взрыва»).
Полнометражные картины «Студии Квартал-95», показанные в кинотеатрах по всему СНГ имели беспрецедентный успех. Фильмы становятся лидерами проката, всегда собирая полные залы. На счету у компании и создание первой украинской комедии 3D формате, под названием  «Ржевский против Наполеона».
Мелодраматический фильм «Я буду рядом», продюсированием которого занималась «Студии Квартал-95», в 2012 году получил гран-при открытого российского кинофестиваля «Кинотавр».
«Студия Квартал-95» одна из немногих компаний в нашей стране, которая производит качественный, конкурентоспособный и, что немаловажно, украинский продукт. Телевизионные проекты вышедшие «из-под пера» авторов «Квартала» всегда становятся популярными и рейтинговыми.
Телевизионные фильмы и программы «Студии Квартал-95» успешно реализовываются на территории других стран. Компания является одним из лидирующих производителей на постсоветском пространстве, кто успешно продает собственных проекты и форматы.

Чисто News, выпуск 79.
Дата эфира: 29-го октября 2014г.

SITE: http://kvartal95.com/
FACEBOOK: https://www.facebook.com/kvartal95
GOOGLE+: https://plus.google.com/+studiya95kva…
TWITTER: https://twitter.com/kvartal95online

НАШ ВИДЕО БЛОГ: https://www.youtube.com/playlist?list…
ВЕЧЕРНИЙ КВАРТАЛ: https://www.youtube.com/playlist?list…

Corrupted named.conf in cpanel

Corrupted named.conf in cpanel

Hello all ,

Sometimes we will get our named.conf corrupted. Here is the way to fix that in cpanel servers.

First of all clear the named.conf using the following command

root@cpaneltest [~]#> /etc/named.conf

Now execute the cpanel script to rebuild the named.conf

root@cpaneltest [~]# /usr/local/cpanel/scripts/rebuilddnsconfig

Now restart the named service:

root@cpaneltest [~]#/etc/init.d/named restart

Everything should be fixed now.

 

DNS Functions:

https://documentation.cpanel.net/display/1144Docs/DNS+Functions

This chapter describes the BIND 9 named.conf file which controls the behaviour and functionality of BIND. named.conf is the only file which is used by BIND – confusingly there are still many references to boot.conf which was used by BIND 4 – ignore ’em. BIND releases include a list of the latest statements and options supported. This list is available in /usr/share/docs/bind-version/misc/options (FC) or /usr/src/contrib/bind9/doc/misc/options (FreeBSD) and if you are using the Windows version it ain’t there!. BIND allows a daunting list of configuration entities. Panic not: you only need a small subset to get operational. Read the first two sections to get a feel for the things you need, it identifies the MINIMAL values (depending on your requirement). Check the samples section for configuration specific examples.

 

P.s. Please backup files that you change and put them to the safe place =)

Good luck

Connect locally (local domain or local network) to Microsoft Hyper-V server

Connect locally (local domain or local network) to Microsoft Hyper-V server

 

Hello friends ,

I had some very interesting problem when i try to connect to my hyper V server with in a local network.

When i try to connect from workgroup i get this massage :

You do not have the required permission to complete this task. Contact the administrator of the authorization policy for the computer ‘COMPUTERNAME’

VirtualMachineConnection

 

The only thing that saved me is this post ,

Remember 🙂 connecting via local domain (workgroup) is very problematic if you don’t follow those steps :

 

Part 1 :

http://blogs.technet.com/b/jhoward/archive/2008/03/28/part-1-hyper-v-remote-management-you-do-not-have-the-requested-permission-to-complete-this-task-contact-the-administrator-of-the-authorization-policy-for-the-computer-computername.aspx

Part 2:

http://blogs.technet.com/b/jhoward/archive/2008/03/28/part-2-hyper-v-remote-management-you-do-not-have-the-requested-permission-to-complete-this-task-contact-the-administrator-of-the-authorization-policy-for-the-computer-computername.aspx

 

IMPORTANT!!!! You need to do this step in the following scenarios:

  • Client and server are both in a workgroup
  • Client is a workgroup and server is in a domain
  • Client is in a domain and server is in a workgroup
  • Both client and server are in domains, but there is NO TRUST between them.  

You DO NOT NEED TO DO THIS STEP if the client and server are in either the same or trusted domains.

Update 14th Nov 2008. I’ve just released a script which does all this configuration in one or two command lines:HVRemote

 

Good luck .

Restarting plesk services using command line

Restarting plesk services using command line

Hello ,

If you are a server administrator and using Plesk control panel for managing your all domains.

Then, you must know about the important service of Plesk and how to manage these Plesk service from command line.
Here is the list of Plesk important service and how to stop, start and restart from command line:

 

1) Parallels Plesk Panel web interface service

 

To start the Plesk service from command line:

/etc/init.d/psa start

To stop the Plesk service from command line:

/etc/init.d/psa stop

To restart the Plesk service from command line:

/etc/init.d/psa restart

Or

In case if you forget the above command, then you just type:

Service psa stop
Service psa start
Service psa stop

 

DNS / Named / BIND

To start the Plesk service from command line:

/etc/init.d/named start

To stop the pservice from command line:

/etc/init.d/named stop

To restart the Plesk service from command line:

/etc/init.d/named restart

Courier-IMAP

To start the Plesk service from command line:

/etc/init.d/courier-imap start

To stop the Plesk service from command line:

/etc/init.d/courier-imap stop

To restart the Plesk service from command line:

/etc/init.d/courier-imap restart

QMail
To start the Plesk service from command line:

/etc/init.d/qmail start

To stop the Plesk service from command line:

/etc/init.d/qmail stop

To restart the Plesk service from command line:

/etc/init.d/qmail restart

Postfix


To start the Plesk service from command line:

/etc/init.d/postfix start

To stop the Plesk service from command line:

/etc/init.d/postfix stop

To restart the Plesk service from command line:

/etc/init.d/postfix restart

SpamAssassin


To start the Plesk service from command line:

/etc/init.d/psa-spamassassin start

To stop the Plesk service from command line:

/etc/init.d/psa-spamassassin stop

To restart the Plesk service from command line:

/etc/init.d/psa-spamassassin restart

Dr.Web antivirus


To start the Plesk service from command line:

/etc/init.d/drwebd start

To stop the Plesk service from command line:

/etc/init.d/drwebd stop

To restart the Plesk service from command line:

/etc/init.d/drwebd restart

Kaspersky antivirus


To start the Plesk service from command line:

/etc/init.d/aveserver start

To stop the Plesk service from command line:

/etc/init.d/aveserver stop

To restart the Plesk service from command line:

/etc/init.d/aveserver restart

Tomcat


To start the Plesk service from command line:

/etc/init.d/tomcat5 start

To stop the Plesk service from command line:

/etc/init.d/tomcat5 stop

To restart the Plesk service from command line:

/etc/init.d/tomcat5 restart

MySQL


To start the Plesk service from command line:

/etc/init.d/mysqld start

To stop the Plesk service from command line:

/etc/init.d/mysqld stop

To restart the Plesk service from command line:

/etc/init.d/mysqld restart

Postgresql

To start the Plesk service from command line:

/etc/init.d/postgresql start

To stop the Plesk service from command line:

/etc/init.d/postgresql stop

To restart the Plesk service from command line:

/etc/init.d/postgresql restart

xinetd
To start the Plesk service from command line:

/etc/init.d/xinetd start

 

To stop the Plesk service from command line:

/etc/init.d/xinetd stop

 

To restart the Plesk service from command line:

/etc/init.d/xinetd restart

 

Watchdog (monit)
To start the Plesk service from command line:

/usr/local/psa/admin/bin/modules/watchdog/wd –start

 

To stop the Plesk service from command line:

/usr/local/psa/admin/bin/modules/watchdog/wd –stop

 

To restart the Plesk service from command line:

/usr/local/psa/admin/bin/modules/watchdog/wd –restart

Apache
To start the Plesk service from command line:

/etc/init.d/httpd start

To stop the Plesk service from command line:

/etc/init.d/httpd stop

To restart the Plesk service from command line:

/etc/init.d/httpd restart

Mailman
To start the Plesk service from command line:

/etc/init.d/mailman start

To stop the Plesk service from command line:

/etc/init.d/mailman stop

To restart the Plesk service from command line:

/etc/init.d/mailman restart

AWstats
To start the Plesk service from command line:

/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php

Webalizer:
To start the Plesk service from command line:

/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php

psa-logrotate
To start the Plesk service from command line:

/usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php

Samba
To start the Plesk service from command line:

/etc/init.d/smb start

To stop the Plesk service from command line:

/etc/init.d/smb stop

To restart the Plesk service from command line:

/etc/init.d/smb restart

psa-firewall
To start the Plesk service from command line:

/etc/init.d/psa-firewall start

To stop the Plesk service from command line:

/etc/init.d/psa-firewall stop

To restart the Plesk service from command line:

/etc/init.d/psa-firewall restart

psa-firewall (IP forwarding)
To start the Plesk service from command line:

/etc/init.d/psa-firewall-forward start

To stop the Plesk service from command line:

/etc/init.d/psa-firewall-forward stop

To restart the Plesk service from command line:

/etc/init.d/psa-firewall-forward restart

psa-vpn
To start the Plesk service from command line:

/etc/init.d/smb start

To stop the Plesk service from command line:

/etc/init.d/smb stop

To restart the Plesk service from command line:

/etc/init.d/smb restart

 

 

Good luck .

 

I get "You don't have permission to access /imp/basic.php on this server" error when trying to send e-mail in horde webmail

 I get “You don’t have permission to access /imp/basic.php on this server” error when trying to send e-mail in horde webmail

 

Hello everyone ,

Today i got some interesting problem with our client in Linux Plesk server.

I use : OS : CloudLinux Server 6.5 + Panel version : 11.5.30

 

Symptoms of that problem

When trying to send e-mail or do some changes in the webmail , following error appears:

 Forbidden
You don't have permission to access /imp/basic.php on this server.
Apache Server at webmail.domainname.com Port 80

or

Forbidden
You don't have permission to access /imp/compose.php on this server

 

Apache error:

[error] [client 82.200.65.190] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "70"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "HOSTNAME"] [uri "/horde/imp/compose.php"] [unique_id "8m0u-n8AAAEAAD7blhoAAAAO"]

 

Resolution of this problem

Very simple , you just need to know if mod_security working in that server.

If it enabled and working you need to check first thing: LOGS and see mod_security error.

You need to configure mod_security properly or disable it from apache configuration.

 

Links :

About mod_security

https://www.modsecurity.org/

http://en.wikipedia.org/wiki/ModSecurity

 http://kb.sp.parallels.com/en/5546

 

Little explanation regarding Mod Security

Mod_security is an apache module that helps to protect your website from various attacks. It is used to block commonly known exploits by use of regular expressions and rule sets and is enabled on all InMotion servers by default. Mod_Security can potentially block common code injection attacks which strengthens the security of the server. If you need to disable the mod_security rules we can show you how, and help you do so.

When coding a dynamic website, sometimes users forget to write code to help prevent hacks by doing things such as validating input. Mod_security can help in some cases those users that run sites that don’t have security checks in their code.

 

Good luck ,

20th Century Fox – 404 Not Found

20th Century Fox – 404 Not Found

Cool 404 Not Found video =)

P.s. recommended for sites XD

LC_ALL = (unset) or when you try to install anything with apt-get and get error

LC_ALL = (unset) or when you try to install anything with apt-get and get error

Hello every one ,

Today i got some strange 1 in the life time error – and i want to share it and resolve it .

My server is an VPS linux server (Ubuntu 12.04)  – Parallels Virtuoozzoo .

Every time I try to install anything with apt-get,restart service and use commands – I get the following error.

For example:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
	LANGUAGE = (unset),
	LC_ALL = (unset),
	LC_PAPER = "he_IL.UTF-8",
	LC_ADDRESS = "he_IL.UTF-8",
	LC_MONETARY = "he_IL.UTF-8",
	LC_NUMERIC = "he_IL.UTF-8",
	LC_TELEPHONE = "he_IL.UTF-8",
	LC_IDENTIFICATION = "he_IL.UTF-8",
	LC_MEASUREMENT = "he_IL.UTF-8",
	LC_TIME = "he_IL.UTF-8",
	LC_NAME = "he_IL.UTF-8",
	LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

The picture on one more server of my :


One more example :

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
	LANGUAGE = "en_GB:en",
	LC_ALL = (unset),
	LANG = "en_GB"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

 

Solution to that problem:

I runt couple of commands :

root@www:# dpkg-reconfigure locales

and

root@www:# sudo localwe-gen en_US.UTF-8

 

You are done 🙂 – no need to reboot the system .

For Debian systems it may work , but i know only this :

export LANGUAGE=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_TYPE=en_US.UTF-8

 

 

P.S

You may also use :

LC_ALL="en_GB.utf8"
sudo apt-get install --reinstall language-pack-en

Good Luck .

Sergey Babkevych