Trace email spamming in Plesk using php scripts

This article covers how to locate the mail spammer in a Plesk server which is a bit difficult when compared to #Cpanel servers.

To prevent spam being sent from your server, Plesk offers a tool that controls the sending of email messages. 

This tool gathers statistics about outgoing messages and prevents mail being sent when specified limits are exceeded. 

You can specify limits on outgoing mail at the following levels: mail server, service plan, subscription, domain, and mailbox.

Administrators can prevent outgoing spam by using limits on the number of outgoing email messages per hour. 

In addition, the administrator can easily determine the exact source of possible spam with the help of reports and notifications.

Types of Threats in Plesk:

Plesk introduces different limits for prevention of the following different types of threats:

1. Stolen mail accounts.

SMTP user account credentials can be stolen by malicious users when they hack a mail server by using a system vulnerability (for example, PHP vulnerability) or an application exploit (for example, exploit for an outdated WordPress version). Also, if customers use very weak passwords, their passwords can be obtained by using brute force tools.

You can prevent this type of threat by limiting the number of outgoing email messages from a mailbox.

2. Web scripts for malicious mass mailing.

A malicious user can use a Plesk customer account in order to create a website with a script that will distribute spam emails. Also, a malicious user can steal the FTP credentials of a customer account and upload a website with a mass mailing script via FTP.

You can prevent this type of threat by limiting the number of outgoing email messages from a domain.

3. Hacked system accounts on #Linux.

Malicious users can gain access to Linux system user accounts by using system or application exploits. After that, they can plant scheduled background tasks in crontab. Such scheduled tasks can run mass mailing scripts that spread spam mail.

You can prevent this type of threat by limiting the number of outgoing email messages from a subscription.

Best practices for sending outgoing mail from a #Plesk server:

1. Configure the #hostname for a Plesk server

Go to Tools & Settings > Server Settings and type in your server's hostname.

2. Enable SPF/DKIM/DMARC features

By default, a SPF DNS record is added to the domain's DNS zone during a domain creation, if this DNS record exists in the Plesk DNS Template.

Make sure there is a TXT record for SPF in domain's DNS settings at Domains > > DNS Settings

3. Make sure that DKIM support is enabled server-wide in Plesk at Tools & Settings > Mail Server Settings.

4. A reverse DNS (rDNS) lookup returns the hostname of an IP address. Many mailbox providers, including Gmail and Yahoo!, will block email coming from a mail server that does not have rDNS in place.

To configure rDNS, a PTR DNS record should be created by the owner of the IP address. 

Contact your hosting service provider or Internet Service Provider (ISP) to get more details.

Read More

Manually Migrate Accounts to cPanel

This article covers how to manually #migrate accounts to cPanel/WHM, as well as the steps to fix common errors faced while migrating.

After you migrate your files to your new cPanel & WHM server, perform the following steps:

1. Confirm that all of the content and credentials migrated properly and that they function in the new environment.

2. Update your domain's nameservers to match the new nameservers on your cPanel & WHM server.

3. Create cPanel and reseller accounts. To do this, use WHM's Create a New Account interface (WHM >> Home >> Account Functions >> Create a New Account).

After you create the new #cPanel & #WHM account, migrate the old server’s files and directories to the appropriate locations on your new server.

Generally, you will migrate the following files and directories during this process:

1. The public_html directory contains all of your files, directories, subdirectories, and content. This directory may appear as the /home/user/www directory or the /home/user/vhost directory on some systems.

2. The /home/user/mail directory contains all of the email files for all of the cPanel account’s email accounts.

3. The /home/user/tmp directory contains the account’s temporary files and bandwidth and statistics data. For example, you can migrate your original server's AWStats data to the /home/user/tmp/awstats directory.

4. The /home/user/etc directory contains the email account password, shadow, and quota files for email accounts. For example, you can migrate your original server’s email account quota data to the /home/user/etc/quota directory.

5. The /home/user/ssl directory contains the SSL certificates for the domains on the account.

6. The mysql directory stores the MySQL databases for every account on the server.

7. The /var/lib/pgsql directory stores the PostgreSQL databases for every account on the server.

Read More

NFS vs CIFS - The main Differences

This article covers NFS vs CIFS performance. 

NFS, or Network File System, was designed in 1984 by Sun Microsystems. This distributed file system protocol allows a user on a client computer to access files over a network in the same way they would access a local storage file. Because it is an open standard, anyone can implement the protocol.

All versions of NFS can use Transmission Control Protocol (TCP) running over an IP network, with NFSv4 requiring it. NFSv2 and NFSv3 can use the User Datagram Protocol (UDP) running over an IP network to provide a stateless network connection between the client and server.

Common Internet File System (CIFS) is a network filesystem protocol used for providing shared access to files and printers between machines on the network. A CIFS client application can read, write, edit and even remove files on the remote server.

Microsoft operating systems use CIFS for remote file operations (typically mapping network drives), browsing (via the Network Neighborhood icon), authentication (NT and Windows 2000), and remote printer services.

The NFS service has the following benefits:

1. Enables multiple computers to use the same files, so everyone on the network can access the same data.

2. Reduces storage costs by having computers share applications instead of needing local disk space for each user application.

Read More

How to set up phpBB Forum on a website through cPanel

This article covers phpBB which is a completely free open-source Forum Software. It has lots of features while maintaining efficiency and ease of use. 

#phpBB, which is an abbreviation for PHP Bulletin Board, is one of the best free and open-source forum scripts for creating a forum. 

There are two ways to install phpBB on a website:

1. You can #install phpBB manually

2. Install phpBB via #cPanel Softaculous Apps Installer

To create a forum in phpBB:

1. Click Forums.

2. Enter the name of the new forum here.

3. Click Create new forum.

4. Enter a description for the new forum here.

5. Click Submit. 

That's it! The forum has been successfully created.

To Create a phpBB Forum:

1. Download and Install phpBB. The first thing you'll need to do is download the phpBB software.

2. Register Your phpBB Forum Administrator Account.

3. Set Up Your phpBB Forum.

4. Start Creating Content.

phpBB’s best features that you can use to help launch your first online forum:

1. Responsive design — supports the latest version of HTML5 and CSS3, thus providing you with a responsive and cross-browser compatible design.

2. Search engine crawler handling — comes with configurations and access control for over 100 crawlers for board optimization.

3. Unread message tracking — notifies users whether or not they have seen new published posts and topics.

4. Private message system — allows users to send direct messages to each other via the forum.

5. COPPA registration — prevents underage users from registering to the forum.

6. OAuth login — allows users to register using Google,, or Facebook accounts.

7. Data management — supports various popular database management tools like MySQL, Oracle Database, and SQLite.

Reasons why you should consider creating an online forum:

1. Encourage discussion and feedback — users can use the available space to exchange ideas and give you insights into the quality of your content for further improvement.

2. Support audience research — lets you observe visitor preferences and browsing habits in a closed environment.

3. Build a community — having great communication and sharing similar interests with other people will give your users a sense of belonging to a community.

Read More

NFS vs SMB - Which is better

This article will guide you on the comparison between NFS and SBM performance. 

NFS vs. SMB comparison. 

Server Messaging protocol (SMB) is the native file sharing protocol implemented in Windows systems.

The Network File System (#NFS) protocol is used by Linux systems to share files and folders.

NFS, or Network File System, was designed in 1984 by Sun Microsystems. This distributed file system protocol allows a user on a client computer to access files over a network in the same way they would access a local storage file. Because it is an open standard, anyone can implement the protocol.

The Server Message Block Protocol (#SMB protocol) is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network. It can also carry transaction protocols for interprocess communication.

Read More

Importance of Database Testing

This article covers the importance of database testing. Database Testing is Important in software testing because it ensures data values and information received and stored into database are valid or not. Database testing helps to save data loss, saves aborted transaction data and no unauthorized access to the information.

A database is typically designed so that it is easy to store and access information. 

A good database is crucial to any company or organization. This is because the database stores all the pertinent details about the company such as employee records, transactional records, salary details and so on.

Why do we do database #testing?

Database Testing is a type of software testing that checks the schema, tables, triggers etc. of the database under test. 

It involves creating complex queries for performing the load or stress test on the database and check its responsiveness. 

It checks integrity and consistency of data.

Why do we need database security?

Safeguarding the data your company collects and manages is of utmost importance. Database security can guard against a compromise of your database, which can lead to financial loss, reputation damage, consumer confidence disintegration, brand erosion, and non-compliance of government and industry regulation.

#Database #Security Best Practices includes:

1. Separate database servers and web servers.

2. Use web application and database firewalls.

3. Secure database user access.

4. Regularly update your operating system and patches.

5. Audit and continuously monitor database activity.

6. Test your database security.

7. Encrypt data and backups.

Read More