Sync iRedMail upgrade tutorial.
This commit is contained in:
parent
980974d7bc
commit
9f39289f93
|
@ -179,30 +179,72 @@ Please open file `/etc/nginx/templates/roundcube.tmpl` (Linux/OpenBSD) or
|
||||||
__ABOVE__ any existing lines:
|
__ABOVE__ any existing lines:
|
||||||
|
|
||||||
```
|
```
|
||||||
location ~ ^/mail/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING|config|temp|logs|installer)(.*) { deny all; }
|
# Block access to default directories and files under these directories
|
||||||
location ~ ^/mail/plugins/enigma/home(.*) { deny all; }
|
location ~ /mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||||
location ~ (composer.json|jsdeps.json)(.*) { deny all; }
|
|
||||||
|
# Block access to default files under top-directory and files start with same name.
|
||||||
|
location ~ /mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||||
|
|
||||||
|
# Block plugin config files and sample config files.
|
||||||
|
location ~ /mail/plugins/.*/config.inc.php.* { deny all; }
|
||||||
|
|
||||||
|
# Block access to plugin data
|
||||||
|
location ~ /mail/plugins/enigma/home($|/.*) { deny all; }
|
||||||
```
|
```
|
||||||
|
|
||||||
Please open file `/etc/nginx/templates/roundcube-subdomain.tmpl` (Linux/OpenBSD) or
|
Please open file `/etc/nginx/templates/roundcube-subdomain.tmpl`
|
||||||
`/usr/local/etc/nginx/templates/roundcube-subdomain.tmpl` (FreeBSD), add lines below
|
(Linux/OpenBSD) or `/usr/local/etc/nginx/templates/roundcube-subdomain.tmpl`
|
||||||
__ABOVE__ any existing lines:
|
(FreeBSD), add lines below __ABOVE__ any existing lines:
|
||||||
|
|
||||||
```
|
```
|
||||||
location ~ ^/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING|config|temp|logs|installer)(.*) { deny all; }
|
# Block access to default directories and files under these directories
|
||||||
location ~ ^/plugins/enigma/home(.*) { deny all; }
|
location ~ /(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||||
location ~ (composer.json|jsdeps.json)(.*) { deny all; }
|
|
||||||
|
# Block access to default files under top-directory and files start with same name.
|
||||||
|
location ~ /(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||||
|
|
||||||
|
# Block plugin config files and sample config files.
|
||||||
|
location ~ /plugins/.*/config.inc.php.* { deny all; }
|
||||||
|
|
||||||
|
# Block access to plugin data
|
||||||
|
location ~ /plugins/enigma/home($|/.*) { deny all; }
|
||||||
```
|
```
|
||||||
|
|
||||||
Open both `/etc/nginx/sites-available/00-default.conf` and `00-default-ssl.conf` (Linux/OpenBSD)
|
Open file `/etc/nginx/sites-available/00-default.conf` AND `00-default-ssl.conf`,
|
||||||
or `/usr/local/etc/nginx/sites-available/00-default.conf.tmpl` and `00-default-ssl.conf` (FreeBSD),
|
make sure template file `misc.tmpl` is loaded before other template files.
|
||||||
make sure Nginx template file `misc.tmpl` is loadded first. For example, on
|
For example, your existing config file may look like this:
|
||||||
Linux/OpenBSD, make sure line below is the first one `include` directive:
|
|
||||||
|
|
||||||
```
|
```
|
||||||
|
server {
|
||||||
|
...
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
include /etc/nginx/templates/misc.tmpl;
|
include /etc/nginx/templates/misc.tmpl;
|
||||||
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Please move the `misc.tmpl` line __ABOVE__ any other `include` directive.
|
||||||
|
Final setting should look like this:
|
||||||
|
|
||||||
|
```
|
||||||
|
server {
|
||||||
|
...
|
||||||
|
include /etc/nginx/templates/misc.tmpl;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
Note: Nginx in iRedMail-0.9.7 loads modular config files from
|
||||||
|
`/etc/nginx/sites-conf/default/` and `/etc/nginx/sites-conf/default-ssl/`
|
||||||
|
instead of storing all configurations for default web hosts in one file, in
|
||||||
|
this case you need to:
|
||||||
|
|
||||||
|
* rename file `/etc/nginx/sites-conf/default/99-include-tmpl-misc.conf` to
|
||||||
|
`/etc/nginx/sites-conf/default/1-include-tmpl-misc.conf`.
|
||||||
|
* rename file `/etc/nginx/sites-conf/default-ssl/99-include-tmpl-misc.conf` to
|
||||||
|
`/etc/nginx/sites-conf/default-ssl/1-include-tmpl-misc.conf`.
|
||||||
|
|
||||||
Restarting Nginx service is required.
|
Restarting Nginx service is required.
|
||||||
|
|
||||||
### Fix unexpected DNSBL query result for site `b.barracudacentral.org`
|
### Fix unexpected DNSBL query result for site `b.barracudacentral.org`
|
||||||
|
|
|
@ -213,26 +213,66 @@ Please follow steps below to fix it.</p>
|
||||||
<p>Please open file <code>/etc/nginx/templates/roundcube.tmpl</code> (Linux/OpenBSD) or
|
<p>Please open file <code>/etc/nginx/templates/roundcube.tmpl</code> (Linux/OpenBSD) or
|
||||||
<code>/usr/local/etc/nginx/templates/roundcube.tmpl</code> (FreeBSD), add lines below
|
<code>/usr/local/etc/nginx/templates/roundcube.tmpl</code> (FreeBSD), add lines below
|
||||||
<strong>ABOVE</strong> any existing lines:</p>
|
<strong>ABOVE</strong> any existing lines:</p>
|
||||||
<pre><code>location ~ ^/mail/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING|config|temp|logs|installer)(.*) { deny all; }
|
<pre><code># Block access to default directories and files under these directories
|
||||||
location ~ ^/mail/plugins/enigma/home(.*) { deny all; }
|
location ~ /mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||||
location ~ (composer.json|jsdeps.json)(.*) { deny all; }
|
|
||||||
|
# Block access to default files under top-directory and files start with same name.
|
||||||
|
location ~ /mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||||
|
|
||||||
|
# Block plugin config files and sample config files.
|
||||||
|
location ~ /mail/plugins/.*/config.inc.php.* { deny all; }
|
||||||
|
|
||||||
|
# Block access to plugin data
|
||||||
|
location ~ /mail/plugins/enigma/home($|/.*) { deny all; }
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
<p>Please open file <code>/etc/nginx/templates/roundcube-subdomain.tmpl</code> (Linux/OpenBSD) or
|
<p>Please open file <code>/etc/nginx/templates/roundcube-subdomain.tmpl</code>
|
||||||
<code>/usr/local/etc/nginx/templates/roundcube-subdomain.tmpl</code> (FreeBSD), add lines below
|
(Linux/OpenBSD) or <code>/usr/local/etc/nginx/templates/roundcube-subdomain.tmpl</code>
|
||||||
<strong>ABOVE</strong> any existing lines:</p>
|
(FreeBSD), add lines below <strong>ABOVE</strong> any existing lines:</p>
|
||||||
<pre><code>location ~ ^/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING|config|temp|logs|installer)(.*) { deny all; }
|
<pre><code># Block access to default directories and files under these directories
|
||||||
location ~ ^/plugins/enigma/home(.*) { deny all; }
|
location ~ /(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
|
||||||
location ~ (composer.json|jsdeps.json)(.*) { deny all; }
|
|
||||||
|
# Block access to default files under top-directory and files start with same name.
|
||||||
|
location ~ /(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
|
||||||
|
|
||||||
|
# Block plugin config files and sample config files.
|
||||||
|
location ~ /plugins/.*/config.inc.php.* { deny all; }
|
||||||
|
|
||||||
|
# Block access to plugin data
|
||||||
|
location ~ /plugins/enigma/home($|/.*) { deny all; }
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
<p>Open both <code>/etc/nginx/sites-available/00-default.conf</code> and <code>00-default-ssl.conf</code> (Linux/OpenBSD)
|
<p>Open file <code>/etc/nginx/sites-available/00-default.conf</code> AND <code>00-default-ssl.conf</code>,
|
||||||
or <code>/usr/local/etc/nginx/sites-available/00-default.conf.tmpl</code> and <code>00-default-ssl.conf</code> (FreeBSD),
|
make sure template file <code>misc.tmpl</code> is loaded before other template files.
|
||||||
make sure Nginx template file <code>misc.tmpl</code> is loadded first. For example, on
|
For example, your existing config file may look like this:</p>
|
||||||
Linux/OpenBSD, make sure line below is the first one <code>include</code> directive:</p>
|
<pre><code>server {
|
||||||
<pre><code> include /etc/nginx/templates/misc.tmpl;
|
...
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
include /etc/nginx/templates/misc.tmpl;
|
||||||
|
}
|
||||||
</code></pre>
|
</code></pre>
|
||||||
|
|
||||||
|
<p>Please move the <code>misc.tmpl</code> line <strong>ABOVE</strong> any other <code>include</code> directive.
|
||||||
|
Final setting should look like this:</p>
|
||||||
|
<pre><code>server {
|
||||||
|
...
|
||||||
|
include /etc/nginx/templates/misc.tmpl;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
include /etc/nginx/templates/...;
|
||||||
|
}
|
||||||
|
</code></pre>
|
||||||
|
|
||||||
|
<p>Note: Nginx in iRedMail-0.9.7 loads modular config files from
|
||||||
|
<code>/etc/nginx/sites-conf/default/</code> and <code>/etc/nginx/sites-conf/default-ssl/</code>
|
||||||
|
instead of storing all configurations for default web hosts in one file, in
|
||||||
|
this case you need to:</p>
|
||||||
|
<ul>
|
||||||
|
<li>rename file <code>/etc/nginx/sites-conf/default/99-include-tmpl-misc.conf</code> to
|
||||||
|
<code>/etc/nginx/sites-conf/default/1-include-tmpl-misc.conf</code>.</li>
|
||||||
|
<li>rename file <code>/etc/nginx/sites-conf/default-ssl/99-include-tmpl-misc.conf</code> to
|
||||||
|
<code>/etc/nginx/sites-conf/default-ssl/1-include-tmpl-misc.conf</code>.</li>
|
||||||
|
</ul>
|
||||||
<p>Restarting Nginx service is required.</p>
|
<p>Restarting Nginx service is required.</p>
|
||||||
<h3 id="fix-unexpected-dnsbl-query-result-for-site-bbarracudacentralorg">Fix unexpected DNSBL query result for site <code>b.barracudacentral.org</code></h3>
|
<h3 id="fix-unexpected-dnsbl-query-result-for-site-bbarracudacentralorg">Fix unexpected DNSBL query result for site <code>b.barracudacentral.org</code></h3>
|
||||||
<p>Postfix config file generated by iRedMail enables DNSBL service for postscreen
|
<p>Postfix config file generated by iRedMail enables DNSBL service for postscreen
|
||||||
|
|
Loading…
Reference in New Issue