linux delež anti pritožbe strežnik

Priključite se zdi, da pogled na podrobnosti uradne pristojbine，Mi samo za testiranje, obiščitehttps://letsencrypt-for-cpanel.com/pricing Opis strani je poskus 72 ur，Prav tako se lahko izda tudi po 72 ur, ki jih lahko preizkusite.

Tretjih oseb namestitev SSL povezave Navodila https://letsencrypt-for-cpanel.com/docs/for-admins/installation/

1.Povečajte vir namestitve

wget https://cpanel.fleetssl.com/static/letsencrypt.repo -O /etc/yum.repos.d/letsencrypt.repo

2.Namestite posodobitev programske opreme

yum -y install letsencrypt-cpanel

3.Po namestitvi samotestiranje

le-cp self-test

V nadaljevanju je postopek izvajanja

[koren @ Irska ~]# yum -Y namestite letsencrypt-cPanel Loaded vtičnike: fastestmirror, univerzalne kljuke hitrosti Nalaganje ogledalo iz predpomnilnika hostfile * EA4: 91.197.228.252 * cPanel-dodatke-proizvodno krme: 91.197.228.252 * cPanel-vstavki: 91.197.228.252 * baza: ftp.tsukuba.wide.ad.jp * dodatki: ftp.tsukuba.wide.ad.jp * posodobitve: ftp.tsukuba.wide.ad.jp EA4 | 2.9 kB 00:00:00 cPanel-dodatke-proizvodno krme | 2.9 kB 00:00:00 cPanel-vstavki | 2.9 kB 00:00:00 baza | 3.6 kB 00:00:00 dodatki | 2.9 kB 00:00:00 letsencrypt-cPanel | 2.9 kB 00:00:00 mysql-konektorji-skupnost | 2.5 kB 00:00:00 mysql-orodja-skupnost | 2.5 kB 00:00:00 mysql57 skupnost | 2.5 kB 00:00:00 posodobitve | 2.9 kB 00:00:00 (1/2): letsencrypt-cPanel / primary_db | 5.7 kB 00:00:00 (2/2): cPanel-vstavki / x86_64 / primary_db | 30 kB 00:00:00 reševanje Odvisnosti –> Tek pregled transakcij —> Paket letsencrypt-cpanel.x86_64 0:0.15.1-1 bo nameščen –> Končni Odvisnost Resolucija Odvisnosti odločene ============================================= ================================================== ================================================== ================================================== ================================================== ======== paket Arch Različica Skladišče Velikost ===================================== ================================================== ================================================== ================================================== ================================================== ================ Nameščanje: letsencrypt-cPanel x86_64 0.15.1-1 letsencrypt-cPanel 5.1 M transakcij Povzetek =============================================== ================================================== ================================================== ================================================== ================================================== ====== Namesti 1 Paket Skupna velikost prenesi: 5.1 M nameščen velikost: 14 M Pri nalaganju paketi: letsencrypt-cPanel-0.15.1-1.x86_64.rpm | 5.1 MB 00:00:00 Tek pregled posel teče transakcija test test transakcij uspelo teče posel *** Z izvajanjem tega namestitvenega, ti kažejo, da ste prebrali licenčne pogodbe za končnega uporabnika (https://cpanel.fleetssl.com/eula) in se strinjate z vsemi svojimi pogoji, kot je navedeno. *** Tek monter kot različica koren OS OK cPanel različica OK št licenčne datoteke odkrita /etc/letsencrypt-cpanel.licence Pridobivanje novih poskusno licenco … Licenčna datoteka prisotna Preusmeritev na / bin / systemctl stop letsencrypt-cpanel.service ni uspelo ustaviti letsencrypt-cpanel.service: Enota letsencrypt-cpanel.service ni naložen. FleetSSL cPanel storitev demon ustavil Namestitev : letsencrypt-cPanel-0.15.1-1.x86_64 1/1 Ta strežnik je self-podpisana potrdila storitev ni varno upravljati ta vstavek v teh okoliščinah "negotov’ se doda /etc/letsencrypt-cpanel.conf Če želite ustvariti Debatni Šifriranje cert za strežnik, preberite dokumentacijo o konfiguraciji na naši spletni strani, na https://cpanel.fleetssl.com/docs/service-certificates/ Config napisal, da /etc/letsencrypt-cpanel.conf Odstranitev obstoječih storitev ni uspela (To je v redu) Nameščeni init skripte. Kopirano plugin datoteke OK Nameščanje cPanel paper_lantern plugin (lahko traja nekaj minut) … cPanel Plugin monter uspelo OK nameščen chkservd skripte dodano apache vnaprej navidezni globalni vključujejo nastavitve Set cPanel poteg — namestitev končana — Vtičnik mora zdaj biti na voljo v upravitelju cPanel funkcijo bo ponovno conf in ponovno Apache, da osvežite AutoSSL DCV URL Obnova Apache konf in znova zagnati zdaj … Vgrajen /etc/apache2/conf/httpd.conf OK preverjanje : letsencrypt-cPanel-0.15.1-1.x86_64 1/1 Nameščeno: letsencrypt-cpanel.x86_64 0:0.15.1-1 Complete! [koren @ Irska ~]# Le-CP samopreverjanjem [SELF-TEST] Ima veljavno licenco ………… USPEH. [SELF-TEST] Lahko preberete zaupnik ………… USPEH. [SELF-TEST] Mogoče povezati z Let je šifriranje ………… USPEH. [SELF-TEST] Lahko govorim z WHM API ………… USPEH. [SELF-TEST] Lahko se pogovorite s plugin RPC ………… USPEH. [SELF-TEST] Tuning sistem pravilnost ………… USPEH. [koren @ Irska ~]#

5.Tukaj je metoda https://letsencrypt-for-cpanel.com/docs/for-admins/autossl/

1.O avtomatsko izdajo( AutoSSL )

Vtičnik lahko zagotovi "AutoSSL" tip funkcije。

Privzeto onemogočeno。

Če omogočite，It vsakih 12 ur (po predelava obnova zaključena)：

• Poišči spletno gostovanje izpolnjuje naslednja merila
• Veljavno potrdilo (ne samo-podpisan in še ni potekel v naslednjih 48 urah)
• Vse zbere DCV (validacije nadzor domena) preveri domeno，In dodati potrdilo vseh področjih po vtičniki
• DCV ni Polje se bo samodejno preskoči
• Presega "Šifriranje" mejna stopnja potrdilo (to je ime vsakega potrdila 100+)
• Ponavljajoča neuspeh domene bo sčasoma prenehala ponovno poskusite，Toda vedno jih poslali prek vmesnika.

Omogoči / Onemogoči

启用(推荐)
[root@~]$ le-cp autossl enable
禁用
[root@~]$ le-cp autossl disable

5.izdano ročno(Če se vam zdi, da je certifikat potekel，Najprej odstranite potrdilo

(Home »SSL/TLS »Manage SSL Hosts

6.Nato z ukazom izdano SSH:

le-cp ssl --user=用户名  issue abc.com www.abc.com

成功例子:
[root@ireland ~]# le-cp ssl --user=drma**** issue drmartens*******.fi www.drmartens*******.fi
INFO[0011] 1 certificates were returned
INFO[0011] Domain: drmartens*******.fi
INFO[0011]      Requested AltNames: [drmartens*******.fi www.drmartens*******.fi]
INFO[0011]      Expiry: 2020-05-12 21:49:45 -0400 EDT
INFO[0011]      URL: https://acme-v02.api.letsencrypt.org/acme/order/78038503/2315490342
INFO[0011]      Cert ID: drmartens*******_fi_d2ae8_3e4c3_1589334585_c28571a4e7223c826fa6ba29749bb59a
INFO[0011]      Key ID: d2ae8_3e4c3_73dbff3b435eb636c6faf1f391287465
INFO[0011]      Actual DNS Names on Certificate: [drmartens*******.fi www.drmartens*******.fi]

Romunija Strežnik proti pritožbam

Zunanjetrgovinski prostor Zunanjetrgovinski strežnik Zunanja trgovina vps Protiv pritožbe strežnik Proti pritožbe vps Ignoriraj pritožbe strežnik Prezri pritožbe vps

no dmca free dmca ignore dmca hosting

Offshore gostitelj

Offshore vps

Offshore dedicated server

Prodajna e-pošta:huarenarmy@gmail.com

E3-12xx / 32GB RAM-a / 1TB SSD / 61 IP 1postaja 225美元 (Približno 1575 juanov)/mesec
E3-12xx / 32GB RAM-a / 2TB sata / 61ip 210 USD(Približno 1470 juanov)/mesec 1postaja
E5 / 32GB RAM-a / 2TB sata / 61ip 210 USD(Približno 1470 juanov)/mesec 2postaja

Koraki v WHM:

• Log into WHM and go to osnovna cPanel & WHM Setup
• Spreminjanje Primary IP tukaj z možnostjo, da je pravi “IP naslov (samo en naslov) ki se bodo uporabljali za določitev skupnih IP navideznih gostiteljev“
• Opomba: To ne bi dejansko bilo potrebno.

Prijava za SSH, in naredite naslednje:

• Edit /etc / sysconfig / omrežja-skripte / ifcfg-eth0
  • Change the IPADDR and GATEWAY lines to match the new IP and Gateway for the new ip

• Edit /etc / sysconfig / omrežje
  • Change the GATEWAY line here if it does not exist in the ifcfg-* file.

• Edit /etc / IPS
  • Odstranite novo primarni IP iz te datoteke, če je prisoten
  • Add the old primary IP to this file with the format ::

• Edit /var / cpanel / dolgočasno
  • Zamenjajte staro osnovno IP z novo primarno preiskave

• Edit /etc / hosts
  • Zamenjajte stare primarni IP z novim, če je potrebno. dns ime gostitelja bo treba posodobiti tudi

• Znova zaženite storitev omrežja, da bi nove preiskave primarni
  • omrežna storitev ponovni zagon
  • Opomba: You’re probably going to be disconnected at this point, in imajo za prijavo v ssh uporabo novega primarnega ip.

• Znova zaženite skript ipaliases, da bi do dodatnega IP
  • storitev ipaliases zagnati

• Run ifconfig and make sure all IPs show up correctly

• Posodobi dovoljenje Cpanel za nove osnovne preiskave

首先用putty连接linux终端

vi /etc/my.cnf

在最后一行看到:

sql-mode= NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

保存后service mysqld restart

On this post we are going to show how to quickly patch a common PCI Vulnerability Alert that says something like this:
“The remote service appears to encrypt traffic using SSL protocol version 2?.

In Apache common ports 80 and 443, you need to modify the SSLCipherSuite directive in the httpd.conf or ssl.conf file.
An example would be editing the following lines to something like:

在whm路径

WHM > Apache Configuration > Global Configuration area

1.
SSLProtocol -ALL +SSLv3 +TLSv1
2.
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

After you have done this, if you see you are still getting PCI Compliance vulnerability emails regarding to this issue its probably that cPanel is still allowing SSLv2 on their ports.

To quickly disable SSL version 2 on cPanel ports: 2082, 2083, 2086, 2087, 2095, 2096. You will need to do the following:

edit /var/cpanel/cpanel.config and change nativessl=1 to nativessl=0

This will make cPanel to use sTunnel.

edit /usr/local/cpanel/etc/stunnel/default/stunnel.conf

and add:

1.
options = NO_SSLv2

just below the “Authentication stuff” tab.

After you have done all this you will need to restart cPanel:

1.
/etc/init.d/cpanel restart

Done!

How to quickly check this?

SSH to your server and type the following commands

1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2083
3.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2087
4.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2086

If everything is fine you should receive something like this,

1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
CONNECTED(00000003)
3.
write:errno=104

If you see such an error message after logging into cPanel, it says something is broken with the cPanel system. First step you should do is to take a look into the cPanel error log. An eaiest way to do this is, run the following command in command line and reload the WHM/cPanel inteface; that will show you the latest errors while loading the panel.

tail -f /usr/local/cpanel/logs/error_log

Once the error is identified, you may take corrective actions and fix errors. Many errors can be fixed by running a cPanel update, but sometime it needs additional troubleshooting steps.

For example, a sample error we were facing with one of the servers is following.

/usr/local/cpanel/whostmgr/bin/whostmgr: error while loading shared libraries: /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Cpanel/Optimizer/Optimizer.so: cannot open shared object file: No such file or directory
Duplicate logaccess: at /usr/local/cpanel/Cpanel/Server.pm line 421.
Cpanel::Server::logaccess(Cpanel::Server=HASH(0x380aed0)) called at /usr/local/cpanel/Cpanel/Server.pm line 365
Cpanel::Server::body_internal_error(Cpanel::Server=HASH(0x380aed0), 500, “No response from subprocess (whostmgr (whostmgr)): The subpro”…) called at /usr/local/cpanel/Cpanel/Server.pm line 313

The error states, there is a missing library for whostmgr binary. We fixed the above error by running the following commands

/scripts/autorepair fix_duplicate_cpanel_rpms
/usr/local/cpanel/scripts/check_cpanel_rpms –fix

vi / etc / sysconfig / iptables

Pod požarnim zidom dodajte pravila

/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd

/scripts/rebuildhttpdconf