IF(A73X) {TRUE;}

Just fyi in case somebody else gets stuck. I ended up having to edit 2 files.
#1 is /etc/apt/sources.list.d . On there I had the enterprise.proxmox.com line with pve-enterprise at the end. I commented that out.

#deb https://enterprise.proxmox.com/debian/pve bullseye pve-enterprise

#2 was editing the /etc/apt/sources.list file. On there I added the line with the download.proxmox.com (pve-no-subscription) as the Package_Repositories page suggests.

deb http://ftp.us.debian.org/debian bullseye main contrib

deb http://ftp.us.debian.org/debian bullseye-updates main contrib
[Read more...]

				

In this guide, we shall indicate two methods of upgrading a database

Method 1: Automated upgrade script. The script will handle everything for you including backups.

Using the convenience script.

wget -qO- https://raw.githubusercontent.com/dannydev77/database_upgrade_utility_script/main/database_upgrade.sh | bash

Method 2: Manual – This section provide step by step actions.

Before you begin the upgrade ensure to take a backup of your data in case something goes wrong.

Steps:
[Read more…]

For those who have been locked out Cyberpanel due to two factor aunthentication, I have tried all methods on this forum but none worked for me when i lost my Google aunthenticator app. I hope my method works for you. Don’t get locked out of your server. Cheers!

1. Firstly, try connecting through SSH and entering the MySQL command line with these commands.

MYSQL_PWD=`cat /etc/cyberpanel/mysqlPassword` mysql -uroot

2. In order to enter the CyberPanel database, use the command:

use cyberpanel;

3. Now disable 2FA for the admin account with the following command:

UPDATE `loginSystem_administrator` SET `twoFA` = '0' WHERE `loginSystem_administrator`.`id` = 1;

[Read more…]

Zimbra uses Nginx as its proxy, and you can configure Nginx to block direct access via the server’s IP address. Here’s how to configure it:
Edit Nginx Configuration for Web Access:

sudo nano /opt/zimbra/conf/nginx/includes/nginx.conf.web.https.default

Add Server Block to Deny IP-Based Access: Add a new server block at the top of the configuration to deny access via the server’s IP.

server {
    listen 80;
    listen 443 ssl;
    server_name <em>;  # This matches any request not using a domain name (IP-based access)
    return 444;     # Return a 444 response (which drops the connection without sending a response)
}

[Read more…]

Modify the Fail2ban Action:

[Definition]
actionban = curl -s -X POST "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/firewall/access_rules/rules" 
-H "X-Auth-Email: [email protected]" 
-H "X-Auth-Key: your-global-api-key" 
-H "Content-Type: application/json" 
--data '{"mode":"block","configuration":{"target":"ip","value":"<ip>"},"notes":"Fail2ban block"}'

Fail2ban actionunban

[Definition]
actionunban = bash -c '
RULE_ID=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/firewall/access_rules/rules" 
-H "X-Auth-Email: [email protected]" 
-H "X-Auth-Key: your-global-api-key" 
-H "Content-Type: application/json" | jq -r ".result[] | select(.configuration.value == "<ip>") | .id") && 
curl -s -X DELETE "https://api.cloudflare.com/client/v4/zones/YOUR_ZONE_ID/firewall/access_rules/rules/$RULE_ID" 
-H "X-Auth-Email: [email protected]" 
-H "X-Auth-Key: your-global-api-key" 
-H "Content-Type: application/json"'

[Read more…]

Requirements
IPBan free version requires .NET 8 SDK to build and debug code. For an IDE, I suggest Visual Studio Community for Windows, or VS code for Linux. All are free. You can build a self contained executable to eliminate the need for dotnet core on the server machine, or just download the precompiled binaries in releases.
Running and/or debugging code requires that you run your IDE or terminal as administrator or root.
Officially supported platforms:
Windows 10 or newer (x86, x64)
Windows Server 2016 or newer (x86, x64)
Linux Ubuntu x64 (requires firewalld)
Linux Debian x64 (requires firewalld)
Linux CentOS x64 (requires firewalld)
Linux RedHat x64 (requires firewalld)
Mac OS X not supported at this time

Features
Auto ban ip addresses by detecting failed logins from event viewer and/or log files. On Linux, SSH is watched by default. On Windows, RDP, OpenSSH, VNC, MySQL, SQL Server, Exchange, SmarterMail, MailEnable are watched. More applications can easily be added via config file.
Additional recipes for event viewer and log files are here: https://github.com/DigitalRuby/IPBan/tree/master/Recipes
Highly configurable, many options to determine failed login count threshold, time to ban, etc.
Make sure to check out the ipban.config file (formerly named DigitalRuby.IPBan.dll.config, see IPBanCore project) for configuration options, each option is documented with comments.
Banning happens basically instantly for event viewer. For log files, you can set how often it polls for changes.
Very fast - I’ve optimized and tuned this code since 2012. The bottleneck is pretty much always the firewall implementation, not this code.
Unban ip addresses easily by placing an unban.txt file into the service folder with each ip address on a line to unban.
Works with ipv4 and ipv6 on all platforms.
Please visit the wiki at https://github.com/DigitalRuby/IPBan/wiki for lots more documentation.
[Read more…]

Configuring Nginx to Use your Error Pages

Now, we just need to tell Nginx that it should be utilizing these pages whenever the correct error conditions occur. Open the server block file in the /etc/nginx/sites-enabled directory that you wish to configure. We will use the default server block file called default, but you should adjust your own server blocks if you’re using a non-default file:

sudo nano /etc/nginx/sites-enabled/default

Direct 404 Errors to the Custom 404 Page

Use the error_page directive so that when a 404 error occurs (when a requested file is not found), the custom page you created is served. We will create a location block for the file, where we are able to ensure that the root matches our file system location and that the file is only accessible through internal Nginx redirects (not requestable directly by clients):

/etc/nginx/sites-enabled/default

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        . . .

        error_page 404 /custom_404.html;
        location = /custom_404.html {
                root /usr/share/nginx/html;
                internal;
        }
}

[Read more…]