Stefan Helander

Ispconfig3: Let’s Encrypt not working

/0 Comments/in , /by

There can be several reasons for Let’s Encrypt certificates not being issued for sites. These are some things to check:

  • When creating a new website, save it first, then open it again and check Let’s encrypt and then save it (i.e. don’t check the Let’s Encrypt unless the website has been saved at least once in Ispconfig3)
  • Delete any existing certificates under the SSL tab for the website, including self signed
  • Check that all host names for the website and webaliases are pointing to the correct server
  • Use A records, not CNAME
  • Make sure there are no redirects on the website
  • Check for error messages in the log file; /var/log/letsencrypt/letsencrypt.log
  • If you get messages in the letsencrypt.log file like;
    “Please choose an account
    Choises: “
    Then check /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory and if there are more than one account (subdirectory) move all but one to another location.
  • Check the web logs for the site, both access and error logs, for accesses to .well-known/acme-challenge/* and verify that they are served properly (status code 200)
Stefan Helander

Roundcube – add client’s IP-address and host name to outgoing email headers

/0 Comments/in /by

By default, the logged in client’s IP-address and hostname are not present in the outgoing email headers which makes it hard to trace the origin in case of abuse.

To make roundcube add this to the email headers of outgoing email, put this in the roundcube configuration file:

// put user's ip and host name in mail headers to enable trace
$config['http_received_header'] = true;

Stefan Helander

Ispconfig3: awstats/webalizer not working, client web logs empty

/0 Comments/in /by

If awstats or webalizer is not containing any data and the client web logs are empty, the cause might be missing mounts of the log directories in /etc/fstab.

Search /etc/fstab for the client domain name. If no log mount is found, add a line for the client web site manually in this form:

/var/log/ispconfig/httpd/DOMAIN.COM /var/www/clients/clientNNN/webNNN/log    none    bind,nobootwait    0 0

After that do:

mount -a
mount

to verify it is mounted. After nightly cron, check that awstats or webalizer contains data.

Stefan Helander

Asterisk / FreePBX sip trunk registration problem, Serious Network Trouble

/0 Comments/in , /by

The asterisk log file (/var/log/asterisk/full) shows entries like this:

[Sep  3 04:02:08] ERROR[3984] chan_sip.c: Serious Network Trouble; __sip_xmit returns error for pkt data

Solution: The server had been moved from one public IP-address to another. In Asterisk PBX settings, the fields for both External IP and Bind Address (under Advanced) needed adjustment to the new IP-address. After server reload everything worked normally.

Stefan Helander

Toshiba laptop green blinking LED light

/0 Comments/in /by

A Toshiba laptop I encountered recently was deemed “possibly dead”. It would not boot and screen was just black.

A blinking green LED was present, meaning the battery is discharged. Further investigation revealed that the power supply electric cord had fallen out of the socket.

Plugging it in again turned the blinking green LED to solid orange, meaning the laptop was charging and just pushing the power button made it boot up normally.

Sometimes the problems are too simple 🙂

Stefan Helander

Samsung SL-M3375FD scan to email and SMB stopped working

/0 Comments/in /by

Samsung multi function laser printer SL-M3375FD could suddenly not send email (scan to email) and SMB shares stopped working. Logging in to the printer web interface, using the test function for the SMTP settings just resulted in “failed” when it tried to authenticate to the email server.

Recently the email server’s SSL-certificate was updated because it was about to expire and about this time the scan to email stopped working.

The solution was simply to update the printer firmware. It was running a firmware from 2014 but updating to the latest one download here solved the problem both concerning email and SMB shares.

Stefan Helander

/etc/cron.daily/amavisd-new: Please run this cronjob as user amavis

/0 Comments/in /by

After a system update I started to receive cron messages saying “/etc/cron.daily/amavisd-new:
Please run this cronjob as user amavis”.

It turns out that this happens because the cron script is replaced by a new one located in /etc/cron.d and the one in /etc/cron.daily is left behind giving this error message.

Solution: After checking that the new script exists in /etc/cron.d, just delete /etc/cron.daily/amavisd-new

More information about this here (bug report).

Stefan Helander

Windows 10 VPN-problem after update to 1903 [workaround]

/0 Comments/in /by

After installing the 1903 Windows 10 update, also called may 2019 update, users experience problems when trying to connect a VPN connection.

The problem occurs when clicking Connect on the VPN-connection through the system tray. When the dialog box for user name and password should appear, nothing happens.

Until Microsoft solves this a temporary workaround is to connect through the control panel.

  • Click on the Windows start button (the Windows flag in the bottom left corner)
  • Click on the cogwheel for Settings
  • In the control panel search box, type “VPN” and select “VPN-settings
  • Click on the connection you want to use to display the Connect button
  • Click the Connect button and now the dialog box for user name and password will display and you can connect as usual
Erik Svensson

MySQL 5.7 and mysql_secure_installation

/0 Comments/in /by

If you are using mysql:secure_installation witch you should, beware of that the script reset all passwords in the SQL server database mysql. To fix this problem use the following.
Root password:
ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘MyNewPass’;
Session password:
ALTER USER ‘mysql.session’@’localhost’ IDENTIFIED BY ‘password’ PASSWORD EXPIRE NEVER;

Exampel error messages:
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.

WP Live Chat custom js attack
Stefan Helander

WordPress Live Chat support plugin redirect vulnerability – how to fix

/0 Comments/in /by

A security problem in the WordPress Live Chat support plugin made it vulnerable for XSS making it possible for an attacker to add custom javascript to the configuration of the plugin. This can be done from the outside world without being logged in to the site.

The exploit has been used to infect WordPress sites with for example redirect scripts, causing the visitor to be redirected to other sites when clicking on internal links in the site. More information about the details of the exploit can be found here.

The vulnerablity in WP Live Chat support plugin has been fixed in version 8.0.29 of the plugin but just updating the plugin will not solve the problem if the site already has been infected with custom javascript code.

To solve the problem:

  • Make sure WP Live Chat support plugin is updated to version 8.0.29
  • In WP backend, go to Live Chat -> Settings -> Custom scripts and remove the unwanted code from the Custom JS box (see image)
WP Live Chat custom js attack
WP Live Chat custom js attack