tuend/DirectAdmin-1.62.4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

z

Browse Source
This commit is contained in:
tuend-work
2025-11-13 07:41:56 +07:00
parent 7f357f3a30
commit 4478491d73
1729 changed files with 193578 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
update/data/templates/README Normal file
View File

@@ -0,0 +1,28 @@
If you wish to customize these files, first copy them
into the custom directory and use them from there.
If you try to use them from this direcotry, the next time
DirectAdmin updates, your changes will be overwritten.
Your changes will only be safe if they are in the custom
directory.
DirectAdmin will first check the custom directory for
a template. If it can't find it, it will use the ones
in this directory.
Most templates can be used in the custom dir.
Please search the Versions System at:
https://www.directadmin.com/versions.php
for info on how to use a specific template.
If you want to rewrite all httpd.conf files with the new templates, run:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
**IMPORTANT NOTE**
Regarding the template system, and all config files:
You must have a newline at the end of the files.
Failure to do so will result in unexpected behavior.
Go to the end, and press enter.
In DA a line is defined by a trailing newline character.

14
update/data/templates/adult.list Normal file
View File

@@ -0,0 +1,14 @@
fuck
shit
ass
asshole
bitch
cunt
whore
sex
sexy
sexiest
slut
slutty
viagra
cialis

8
update/data/templates/apache.logrotate Normal file
View File

@@ -0,0 +1,8 @@
/var/log/httpd/access_log /var/log/httpd/agent_log /var/log/httpd/error_log /var/log/httpd/referer_log /var/log/httpd/suexec_log /var/log/suphp.log {
missingok
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
endscript
}

19
update/data/templates/block_cracking_notice.txt Normal file
View File

@@ -0,0 +1,19 @@
|?SUBJECT=Warning: `COUNT` non-existant E-Mails have just been sent by `EMAIL`|
The address |EMAIL| has just finished sending |COUNT| non-existant emails within a |PERIOD| period, and has been blocked.
There could be a spammer, the account could be compromised, or just sending more emails than usual.
|*if EMAIL=USERNAME|To unblock this account, the password must be changed by the Reseller or Admin.
Changing the password by the |DEAMONNAME| User will not work, as the password is likely compromised.
|*else|To unblock this account, the password must be changed by a |DEAMONNAME| User.
Changing the password through the E-Mail self-serve options will not work, as the password is likely compromised.
|*endif||*if AUTO_UNBLOCK="1"|The account will also automatically be unblocked in |AUTO_UNBLOCK_HOURS| Hours.
We still highly encourage that the password for |EMAIL| be changed.
|*endif|The last IP to send an email was |HOST|.
This warning was triggered by the BlockCracking monitoring tool in exim.
The E-Mail account is managed under the |USERNAME| User account.
|MSG_FOOTER|

26
update/data/templates/block_cracking_notice_denied_path.txt Normal file
View File

@@ -0,0 +1,26 @@
|?SUBJECT=Warning: E-Mail sent from a script below `SCRIPT_PATH` which is in the list of denied paths|
Some script below the path |SCRIPT_PATH| has just sent an E-Mail, but this is in the list of denied paths.
There could be a spammer, or the script could be compromised, as this path should not be sending any E-Mails.
|*if PATH_UNDER_USER_HOME="1"|To unblock this path, go to:
User Level -> E-Mail Accounts -> E-Mail Usage
or manually remove the path from the file:
|BLOCKED_SCRIPT_PATHS||*else|The path is outside of the User's home directory.
The only way to unblock the path is to remove it from the file:
|BLOCKED_SCRIPT_PATHS||*endif|
|*if PHP_GUESS="highest"||DEAMONNAME| has determined that the following PHP script has sent |HIGHEST_PHP_SCRIPT| E-Mails:
|BIGGEST_PHP_SCRIPT|
but the path doesn't match, so we're not sure if this is the offending script.
|*endif||*if PHP_GUESS="matched"||DEAMONNAME| has matched the following PHP script:line below the suspect path, with the number of deliveries:
|POSSIBLE_PHP_SCRIPTS|
|*endif||*if AUTO_UNBLOCK="1"|The script will also automatically be unblocked in |AUTO_UNBLOCK_HOURS| Hours.
We still highly encourage that all scripts in |SCRIPT_PATH| be examined.
|*endif|This warning was triggered by the BlockCracking monitoring tool in exim.
|*if UNKNOWN_APACHE_SCRIPT="1"|The mail was generated as the 'apache' account and |DEAMONNAME| was not able to determine the sender based on the path.
Check your exim logs and see this guide: http://help.directadmin.com/item.php?id=455|*else|The script path is managed under the |USERNAME| User account.|*endif|
|MSG_FOOTER|

26
update/data/templates/block_cracking_notice_script.txt Normal file
View File

@@ -0,0 +1,26 @@
|?SUBJECT=Warning: `COUNT` non-existant E-Mails have just been sent by a script under `SCRIPT_PATH`|
Some script below the path |SCRIPT_PATH| has just finished sending |COUNT| non-existant emails within a |PERIOD| period, and any script in this path is now blocked.
There could be a spammer, the script could be compromised, or just sending more emails than usual.
|*if PATH_UNDER_USER_HOME="1"|To unblock this path, go to:
User Level -> E-Mail Accounts -> E-Mail Usage
or manually remove the path from the file:
|BLOCKED_SCRIPT_PATHS||*else|The path is outside of the User's home directory.
The only way to unblock the path is to remove it from the file:
|BLOCKED_SCRIPT_PATHS||*endif|
|*if PHP_GUESS="highest"||DEAMONNAME| has determined that the following PHP script has sent |HIGHEST_PHP_SCRIPT| E-Mails:
|BIGGEST_PHP_SCRIPT|
but the path doesn't match, so we're not sure if this is the offending script.
|*endif||*if PHP_GUESS="matched"||DEAMONNAME| has matched the following PHP script:line below the suspect path, with the number of deliveries:
|POSSIBLE_PHP_SCRIPTS|
|*endif||*if AUTO_UNBLOCK="1"|The script will also automatically be unblocked in |AUTO_UNBLOCK_HOURS| Hours.
We still highly encourage that all scripts in |SCRIPT_PATH| be examined.
|*endif|This warning was triggered by the BlockCracking monitoring tool in exim.
|*if UNKNOWN_APACHE_SCRIPT="1"|The mail was generated as the 'apache' account and |DEAMONNAME| was not able to determine the sender based on the path.
Check your exim logs and see this guide: http://help.directadmin.com/item.php?id=455|*else|The script path is managed under the |USERNAME| User account.|*endif|
|MSG_FOOTER|

30
update/data/templates/brute_filter.list Normal file
View File

@@ -0,0 +1,30 @@
dovecot1=attempts_after=(auth failed,%20&attempts_until=%20attempts%20in%20&binary=dovecot&ip_after=rip=&ip_until=,&text=(auth failed&user_after=user%3D<&user_until=>,%20
dovecot2=attempts_after=(auth failed,%20&attempts_until=%20attempts)&binary=dovecot&ip_after=rip=&ip_until=,&text=(auth failed&user_after=user%3D<&user_until=>,%20
exim1=ip_after=]) [&ip_until=]&text=535 Incorrect authentication data&user_after=(set_id%3D&user_until=)
exim2=ip_after=[&ip_until=]&text=535 Incorrect authentication data&user_after=(set_id%3D&user_until=)
exim3=ip_after=]) [&ip_until=]&text=535 Incorrect authentication data&user_after=(set_id%3D&user_until=)
exim4=ip_after=[&ip_until=]&text=535 Incorrect authentication data&user_after=(set_id%3D&user_until=)
proftpd1=binary=proftpd&ip_after=[&ip_until=]&text=no such user found from&user_after=USER &user_until=:%20
proftpd2=binary=proftpd&ip_after=[&ip_until=]&text=(Login failed):%20Incorrect password&user_after=USER &user_until=%20
proftpd3=attempts_after=attempts%20(&attempts_until=)%20exceeded&binary=proftpd&ip_after=[&ip_until=]&text=Maximum login attempts
pure-ftpd1=binary=pure-ftpd&text=[WARNING] Authentication failed for user&ip_after=(?@&ip_until=)&user_after=user%20[&user_until=]
sshd1=binary=sshd&ip_after=from%20&ip_until=%20&text=authentication error for illegal user&user_after=user%20&user_until=%20
sshd2=binary=sshd&ip_after=from%20&ip_until=%20&text=authentication error for&user_after=for%20&user_until=%20
sshd3=binary=sshd&ip_after=from%20&ip_until=%20&text=Failed keyboard-interactive/pam for&user_after=for%20&user_until=%20
sshd4=binary=sshd&ip_after=from%20&ip_until=%20&text=Failed password for invalid user&user_after=user%20&user_until=%20
sshd5=binary=sshd&ip_after=from%20&ip_until=%20&text=Failed password for&user_after=for%20&user_until=%20
roundcube1=ip_after= from &ip_until=(X-Real-IP:&text=IMAP Error: Login failed for&user_after=IMAP Error: Login failed for &user_until=%20from%20
roundcube2=ip_after= from &ip_until=(X-Forwarded-For:&text=IMAP Error: Login failed for&user_after=IMAP Error: Login failed for &user_until=%20from%20
roundcube3=ip_after= from &ip_until=. AUTHENTICATE PLAIN&text=IMAP Error: Login failed for&user_after=IMAP Error: Login failed for &user_until=%20from%20
squirrelmail1=ip_after=) from &ip_until=: Unknown user or&text=: Unknown user or password incorrect.&user_after=[LOGIN_ERROR] &user_until=%20(
phpmyadmin1=ip_after=ip='&ip_until='&text=status='mysql-denied'&user_after=user='&user_until='
phpmyadmin2=ip_after=ip='&ip_until='&text=status='not authenticated'&user_after=user='&user_until='
phpmyadmin3=ip_after=%20from%20'&ip_until='&text=phpmyadmin:%20user%20denied:%20&user_after=user%20denied:%20'&user_until='%20(mysql-denied)
phpmyadmin4=ip_after=%20from%20&ip_until=NULL&text=phpmyadmin:%20user%20denied:%20&user_after=user%20denied:%20&user_until=%20(mysql-denied)
wordpress1=ip_after=&ip_until= -&text=] "POST /&text2=/wp-login.php&text3=" 200%20
wordpress2=ip_after=&ip_until= -&text=] "POST /&text2=/xmlrpc.php&text3=" 200%20&count_multiplier=8
wordpress3=ip_after=&ip_until= -&text=] "POST /&text2=/wp-login.php&text3=" 302%20&count_multiplier=50
wordpress4=ip_after=&ip_until= -&text=] "POST /&text2=/xmlrpc.php&text3=" 302%20
mysql1=text=[Warning] Access denied for user '&ip_after=@'&ip_until='&user_after=user '&user_until='
mod_security1=type=json&ip_tree=transaction:client_ip&host_tree=transaction:request:headers:host&uri_tree=transaction:request:uri&id_tree=transaction:unique_id&count_divisor=2
mod_security2=type=json&ip_tree=transaction:remote_address&host_tree=request:headers:Host&uri_tree=request:request_line&id_tree=transaction:transaction_id&count_divisor=2

142
update/data/templates/conf.sysbk Normal file
View File

@@ -0,0 +1,142 @@
# SySBK 1.0 [sysbk@r-fx.net]
#
# NOTE: This file should be edited with word/line wrapping off,
# if your using pico please start it with the -w switch.
# (e.g: pico -w filename)
#
# [ Main Config ]
#
OS="`uname`";
if [ -e /etc/debian_version ]; then
OS="debian";
fi
INSPATH="/usr/local/sysbk" # Installation path of SySBK
MODPATH="$INSPATH/mod" # Module path for sysbk backup modules
CNF_INT="$INSPATH/internals/conf.internals" # Path to internals config
#
MOUNT_POINT="|MOUNT_POINT|" # Mount point backups are stored on
#
BACKUP_PATH="|BACKUP_PATH|" # Backup path relative to mount point [e.g: /home/backups]
# If this directory does not exist it will be created
#
MIN_DISK="|MIN_DISK|" # Min. amount of availible disk space required to perform backups
#
MAX_LOAD="3" # Max load level that the system must be below to perform backups
# No fractional values (e.g: 2.5)
#
if [ "$OS" = "FreeBSD" ]; then
ARC_PRI="/usr/bin/tar -cpzf"
else
ARC_PRI="/bin/tar -cpzf" # Primary compression utility (typicaly tar) - include arguments!!
fi
ARC_PRI_EXT=".tar.gz" # File extention for the primary compression utility
ARC_SEC="" # Secondary compression utility (typicaly bzip2) - include arguments!!
# If no value set, will only archive with Primary compression utility
#
ARC_SEC_EXT="" # File extention for the secondary compression utility
#
PRI="16" # Priority to run backups as. 21 = lowest priority, -19 = highest
# [NOTE: setting below value of 0 can damage the system.]
#
DU="/usr/bin/du" # Path to 'du' binary
if [ "$OS" = "FreeBSD" ]; then
MD5="/sbin/md5 -r"
GUNZIP="/usr/bin/gunzip"
NICE="/usr/bin/nice"
else
MD5="/usr/bin/md5sum" # Path to md5sum binary
GUNZIP="/bin/gunzip" # Path to 'gunzip' binary
NICE="/bin/nice" # Path to 'nice' binary
if [ -e /etc/debian_version ]; then
NICE="/usr/bin/nice"
fi
fi
# [ Transfer Module Config ]
#
USE_RTRANS="|USE_RTRANS|" # Enable remote transfer of backup data [1=on,0=off]
RTRANS_METHOD="|RTRANS_METHOD|" # Transport method for remote transfer [valid methods: ftp, scp]
#
DEL_AFTERTRANS="|DEL_AFTERTRANS|" # Delete the local date specific backup path after remote transfer
# of backup. (e.g: /home/backup/12-24-02) [1=on,0=off]
#
FBF_RTRANS="|FBF_RTRANS|" # File by file backup (incramental). Archives backups one at a time,
# transfers remote, then deletes local.
#
NCFTP_PUT="/usr/bin/ncftpput" # Path to 'ncftpput' binary
FTP_HOST="|FTP_HOST|" # The host/ip of desired ftp site
FTP_USER="|FTP_USER|" # Username for ftp transfer of backups [remote user]
FTP_PASS="|FTP_PASS|" # Password for above user...
FTP_RPATH="|FTP_RPATH|" # Remote path to store data, relative to remote user permissions
SCP="/usr/bin/scp" # Path to 'scp' binary
SCP_HOST="|FTP_HOST|" # The host/ip of desired scp site
SCP_USER="|FTP_USER|" # Username for scp transfer of backups [remote user]
SCP_RPATH="|FTP_RPATH|" # Remote path to store data, relative to remote user permissions
PRVID_FILE="/root/.ssh/id_dsa" # Private key file for public/private key identification
# (e.g: /root/.ssh/id_dsa)
# [ Backup Module Config ]
#
# HTTP
#
HTTP_BK="|HTTP_BK|" # Enable/Disable apache backup operations [1=on,0=off]
HTTP_PATH="/etc/httpd" # Path to apache base directory [no trailing slash]
# DNS
#
BIND_BK="|BIND_BK|" # Enable/Disable bind backup operations [1=on,0=off]
if [ "$OS" = "FreeBSD" ]; then
BIND_PATH="/etc/namedb"
BIND_CNF="/etc/namedb/named.conf"
else
if [ "$OS" = "debian" ]; then
BIND_PATH="/etc/bind"
BIND_CNF="/etc/bind/named.conf"
else
BIND_PATH="/var/named" # Path to your bind zone files [no trailing slash]
BIND_CNF="/etc/named.conf" # Location of named.conf
fi
fi
# MySQL
#
MYSQL_BK="|MYSQL_BK|" # Enable/Disable mysql backup operations [1=on,0=off]
if [ "$OS" = "FreeBSD" ]; then
MYSQL_PATH="/home/mysql"
MYSQL_INIT="/usr/local/etc/rc.d/mysqld"
MYSQL_PID="$MYSQL_PATH/`hostname -s`.pid"
MYSQL_BIN="/usr/local/mysql/bin/mysql"
MYSQL_DUMP="/usr/local/mysql/bin/mysqldump"
MYSQL_MYICHK="/usr/local/mysql/bin/myisamchk"
else
if [ "$OS" = "debian" ]; then
MYSQL_PATH="/home/mysql"
MYSQL_INIT="/etc/init.d/mysqld"
MYSQL_PID="$MYSQL_PATH/`hostname -s`.pid"
MYSQL_BIN="/usr/local/mysql/bin/mysql"
MYSQL_DUMP="/usr/local/mysql/bin/mysqldump"
MYSQL_MYICHK="/usr/local/mysql/bin/myisamchk"
else
MYSQL_PATH="/var/lib/mysql" # Installed location of mysql [no trailing slash]
MYSQL_INIT="/etc/init.d/mysqld" # Locationof MySQL INIT script
MYSQL_PID="$MYSQL_PATH/`hostname`.pid" # Location of MySQL PID file
MYSQL_BIN="/usr/bin/mysql" # Path to the 'mysql' binary
MYSQL_DUMP="/usr/bin/mysqldump" # Path to the 'mysqldump' binary
MYSQL_MYICHK="/usr/bin/myisamchk" # Path to the 'myisamchk' binary
fi
fi
MYSQL_ROOTUN="`cat /usr/local/directadmin/conf/mysql.conf | grep user | cut -d= -f2`" # MySQL Root login
MYSQL_ROOTPW="`cat /usr/local/directadmin/conf/mysql.conf | grep passwd | cut -d= -f2`" # MySQL Root password
# Custom
#
CUSTOM_BK="|CUSTOM_BK|" # Enable/Disable custom backup operations [1=on,0=off]
CUSTOM_FILES="$MODPATH/custom.files" # Fule list for custom backup operations
CUSTOM_DIRS="$MODPATH/custom.dirs" # Directory list for custom backup operations
ADD_USERS_TO_LIST="|ADD_USERS_TO_LIST|"

770
update/data/templates/config.inc.php Normal file
View File

@@ -0,0 +1,770 @@
<?php
/* $Id: config.inc.php,v 2.41 2004/09/23 10:10:37 rabus Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* phpMyAdmin Configuration File
*
* All directives are explained in Documentation.html
*/
/**
* Sets the php error reporting - Please do not change this line!
*/
if (!isset($old_error_reporting)) {
error_reporting(E_ALL);
@ini_set('display_errors', '1');
}
/**
* Your phpMyAdmin url
*
* Complete the variable below with the full url ie
* http://www.your_web.net/path_to_your_phpMyAdmin_directory/
*
* It must contain characters that are valid for a URL, and the path is
* case sensitive on some Web servers, for example Unix-based servers.
*
* In most cases you can leave this variable empty, as the correct value
* will be detected automatically. However, we recommend that you do
* test to see that the auto-detection code works in your system. A good
* test is to browse a table, then edit a row and save it. There will be
* an error message if phpMyAdmin cannot auto-detect the correct value.
*
* If the auto-detection code does work properly, you can set to TRUE the
* $cfg['PmaAbsoluteUri_DisableWarning'] variable below.
*/
$cfg['PmaAbsoluteUri'] = '';
/**
* Disable the default warning about $cfg['PmaAbsoluteUri'] not being set
* You should use this if and ONLY if the PmaAbsoluteUri auto-detection
* works perfectly.
*/
$cfg['PmaAbsoluteUri_DisableWarning'] = TRUE;
/**
* Disable the default warning that is displayed on the DB Details Structure page if
* any of the required Tables for the relationfeatures could not be found
*/
$cfg['PmaNoRelation_DisableWarning'] = TRUE;
/**
* The 'cookie' auth_type uses blowfish algorithm to encrypt the password. If
* at least one server configuration uses 'cookie' auth_type, enter here a
* passphrase that will be used by blowfish.
*/
$cfg['blowfish_secret'] = '';
/**
* Server(s) configuration
*/
$i = 0;
// The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use $cfg['Servers'][0].
// You can disable a server config entry by setting host to ''.
$i++;
$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname or IP address
$cfg['Servers'][$i]['port'] = ''; // MySQL port - leave blank for default port
$cfg['Servers'][$i]['socket'] = ''; // Path to the socket - leave blank for default socket
$cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
$cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL extension to use ('mysql' or 'mysqli')
$cfg['Servers'][$i]['compress'] = FALSE; // Use compressed protocol for the MySQL connection
// (requires PHP >= 4.3.0)
$cfg['Servers'][$i]['controluser'] = ''; // MySQL control user settings
// (this user must have read-only
$cfg['Servers'][$i]['controlpass'] = ''; // access to the "mysql/user"
// and "mysql/db" tables).
// The controluser is also
// used for all relational
// features (pmadb)
$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
$cfg['Servers'][$i]['user'] = 'root'; // MySQL user
$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed
// with 'config' auth_type)
$cfg['Servers'][$i]['only_db'] = ''; // If set to a db-name, only
// this db is displayed in left frame
// It may also be an array of db-names, where sorting order is relevant.
$cfg['Servers'][$i]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname
$cfg['Servers'][$i]['pmadb'] = ''; // Database used for Relation, Bookmark and PDF Features
// (see scripts/create_tables.sql)
// - leave blank for no support
// DEFAULT: 'phpmyadmin'
$cfg['Servers'][$i]['bookmarktable'] = ''; // Bookmark table
// - leave blank for no bookmark support
// DEFAULT: 'pma_bookmark'
$cfg['Servers'][$i]['relation'] = ''; // table to describe the relation between links (see doc)
// - leave blank for no relation-links support
// DEFAULT: 'pma_relation'
$cfg['Servers'][$i]['table_info'] = ''; // table to describe the display fields
// - leave blank for no display fields support
// DEFAULT: 'pma_table_info'
$cfg['Servers'][$i]['table_coords'] = ''; // table to describe the tables position for the PDF schema
// - leave blank for no PDF schema support
// DEFAULT: 'pma_table_coords'
$cfg['Servers'][$i]['pdf_pages'] = ''; // table to describe pages of relationpdf
// - leave blank if you don't want to use this
// DEFAULT: 'pma_pdf_pages'
$cfg['Servers'][$i]['column_info'] = ''; // table to store column information
// - leave blank for no column comments/mime types
// DEFAULT: 'pma_column_info'
$cfg['Servers'][$i]['history'] = ''; // table to store SQL history
// - leave blank for no SQL query history
// DEFAULT: 'pma_history'
$cfg['Servers'][$i]['verbose_check'] = TRUE; // set to FALSE if you know that your pma_* tables
// are up to date. This prevents compatibility
// checks and thereby increases performance.
$cfg['Servers'][$i]['AllowDeny']['order'] // Host authentication order, leave blank to not use
= '';
$cfg['Servers'][$i]['AllowDeny']['rules'] // Host authentication rules, leave blank for defaults
= array();
// If you have more than one server configured, you can set $cfg['ServerDefault']
// to any one of them to autoconnect to that server when phpMyAdmin is started,
// or set it to 0 to be given a list of servers without logging in
// If you have only one server configured, $cfg['ServerDefault'] *MUST* be
// set to that server.
$cfg['ServerDefault'] = 1; // Default server (0 = no default server)
$cfg['Server'] = '';
unset($cfg['Servers'][0]);
/**
* Other core phpMyAdmin settings
*/
$cfg['OBGzip'] = 'auto'; // use GZIP output buffering if possible (TRUE|FALSE|'auto')
$cfg['PersistentConnections'] = FALSE; // use persistent connections to MySQL database
$cfg['ExecTimeLimit'] = 300; // maximum execution time in seconds (0 for no limit)
$cfg['SkipLockedTables'] = FALSE; // mark used tables, make possible to show
// locked tables (since MySQL 3.23.30)
$cfg['ShowSQL'] = TRUE; // show SQL queries as run
$cfg['AllowUserDropDatabase'] = FALSE; // show a 'Drop database' link to normal users
$cfg['Confirm'] = TRUE; // confirm 'DROP TABLE' & 'DROP DATABASE'
$cfg['LoginCookieRecall'] = TRUE; // recall previous login in cookie auth. mode or not
$cfg['LoginCookieValidity'] = 1800; // validity of cookie login (in seconds)
$cfg['UseDbSearch'] = TRUE; // whether to enable the "database search" feature
// or not
$cfg['IgnoreMultiSubmitErrors'] = FALSE; // if set to true, PMA continues computing multiple-statement queries
// even if one of the queries failed
$cfg['VerboseMultiSubmit'] = TRUE; // if set to true, PMA will show the affected rows of EACH statement on
// multiple-statement queries. See the read_dump.php file for hardcoded
// defaults on how many queries a statement may contain!
$cfg['AllowArbitraryServer'] = FALSE; // allow login to any user entered server in cookie based auth
// Left frame setup
$cfg['LeftFrameLight'] = TRUE; // use a select-based menu and display only the
// current tables in the left frame.
$cfg['LeftFrameTableSeparator']= '__'; // Which string will be used to generate table prefixes
// to split/nest tables into multiple categories
$cfg['LeftFrameTableLevel'] = '1'; // How many sublevels should be displayed when splitting
// up tables by the above Separator
$cfg['ShowTooltip'] = TRUE; // display table comment as tooltip in left frame
$cfg['ShowTooltipAliasDB'] = FALSE; // if ShowToolTip is enabled, this defines that table/db comments
$cfg['ShowTooltipAliasTB'] = FALSE; // are shown (in the left menu and db_details_structure) instead of
// table/db names. Setting ShowTooltipAliasTB to 'nested' will only
// use the Aliases for nested descriptors, not the table itself.
$cfg['LeftDisplayLogo'] = TRUE; // display logo at top of left frame
$cfg['LeftDisplayServers'] = FALSE; // display server choice at top of left frame
$cfg['DisplayServersList'] = FALSE; // server choice as links
// In the main frame, at startup...
$cfg['ShowStats'] = TRUE; // allow to display statistics and space usage in
// the pages about database details and table
// properties
$cfg['ShowMysqlInfo'] = FALSE; // whether to display the "MySQL runtime
$cfg['ShowMysqlVars'] = FALSE; // information", "MySQL system variables", "PHP
$cfg['ShowPhpInfo'] = FALSE; // information" and "change password" links for
$cfg['ShowChgPassword'] = FALSE; // simple users or not
$cfg['SuggestDBName'] = TRUE; // suggest a new DB name if possible (false = keep empty)
// In browse mode...
$cfg['ShowBlob'] = FALSE; // display blob field contents
$cfg['NavigationBarIconic'] = TRUE; // do not display text inside navigation bar buttons
$cfg['ShowAll'] = FALSE; // allows to display all the rows
$cfg['MaxRows'] = 30; // maximum number of rows to display
$cfg['Order'] = 'ASC'; // default for 'ORDER BY' clause (valid
// values are 'ASC', 'DESC' or 'SMART' -ie
// descending order for fields of type
// TIME, DATE, DATETIME & TIMESTAMP,
// ascending order else-)
// In edit mode...
$cfg['ProtectBinary'] = 'blob'; // disallow editing of binary fields
// valid values are:
// FALSE allow editing
// 'blob' allow editing except for BLOB fields
// 'all' disallow editing
$cfg['ShowFunctionFields'] = TRUE; // Display the function fields in edit/insert mode
$cfg['CharEditing'] = 'input';
// Which editor should be used for CHAR/VARCHAR fields:
// input - allows limiting of input length
// textarea - allows newlines in fields
$cfg['InsertRows'] = 2; // How many rows can be inserted at one time
// For the export features...
$cfg['ZipDump'] = TRUE; // Allow the use of zip/gzip/bzip
$cfg['GZipDump'] = TRUE; // compression for
$cfg['BZipDump'] = TRUE; // dump files
$cfg['CompressOnFly'] = TRUE; // Will compress gzip/bzip2 exports on
// fly without need for much memory.
// If you encounter problems with
// created gzip/bzip2 files disable
// this feature.
// Tabs display settings
$cfg['LightTabs'] = FALSE; // use graphically less intense menu tabs
$cfg['PropertiesIconic'] = TRUE; // Use icons instead of text for the table display of a database (TRUE|FALSE|'both')
$cfg['PropertiesNumColumns'] = 1; // How many columns should be used for table display of a database?
// (a value larger than 1 results in some information being hidden)
$cfg['DefaultTabServer'] = 'main.php';
// Possible values:
// 'main.php' = the welcome page
// (recommended for multiuser setups)
// 'server_databases.php' = list of databases
// 'server_status.php' = runtime information
// 'server_variables.php' = MySQL server variables
// 'server_privileges.php' = user management
// 'server_processlist.php' = process list
$cfg['DefaultTabDatabase'] = 'db_details_structure.php';
// Possible values:
// 'db_details_structure.php' = tables list
// 'db_details.php' = sql form
// 'db_search.php' = search query
$cfg['DefaultTabTable'] = 'tbl_properties_structure.php';
// Possible values:
// 'tbl_properties_structure.php' = fields list
// 'tbl_properties.php' = sql form
// 'tbl_select.php = select page
// 'tbl_change.php = insert row page
/**
* Export defaults
*/
$cfg['Export']['format'] = 'sql'; // sql/latex/excel/csv/xml/xls
$cfg['Export']['compression'] = 'none'; // none/zip/gzip/bzip2
$cfg['Export']['asfile'] = FALSE;
$cfg['Export']['onserver'] = FALSE;
$cfg['Export']['onserver_overwrite'] = FALSE;
$cfg['Export']['remember_file_template'] = TRUE;
$cfg['Export']['xls_columns'] = FALSE;
$cfg['Export']['xls_null'] = 'NULL';
$cfg['Export']['csv_columns'] = FALSE;
$cfg['Export']['csv_null'] = 'NULL';
$cfg['Export']['csv_separator'] = ';';
$cfg['Export']['csv_enclosed'] = '&quot;';
$cfg['Export']['csv_escaped'] = '\\';
$cfg['Export']['csv_terminated'] = 'AUTO';
$cfg['Export']['excel_columns'] = FALSE;
$cfg['Export']['excel_null'] = 'NULL';
$cfg['Export']['excel_edition'] = 'win'; // win/mac
$cfg['Export']['latex_structure'] = TRUE;
$cfg['Export']['latex_data'] = TRUE;
$cfg['Export']['latex_columns'] = TRUE;
$cfg['Export']['latex_relation'] = TRUE;
$cfg['Export']['latex_comments'] = TRUE;
$cfg['Export']['latex_mime'] = TRUE;
$cfg['Export']['latex_null'] = '\textit{NULL}';
$cfg['Export']['latex_caption'] = TRUE;
$cfg['Export']['latex_data_label'] = 'tab:__TABLE__-data';
$cfg['Export']['latex_structure_label'] = 'tab:__TABLE__-structure';
$cfg['Export']['sql_structure'] = TRUE;
$cfg['Export']['sql_data'] = TRUE;
$cfg['Export']['sql_disable_fk'] = FALSE;
$cfg['Export']['sql_use_transaction'] = FALSE;
$cfg['Export']['sql_drop_database'] = FALSE;
$cfg['Export']['sql_drop_table'] = FALSE;
$cfg['Export']['sql_if_not_exists'] = FALSE;
$cfg['Export']['sql_auto_increment'] = TRUE;
$cfg['Export']['sql_backquotes'] = TRUE;
$cfg['Export']['sql_dates'] = FALSE;
$cfg['Export']['sql_relation'] = FALSE;
$cfg['Export']['sql_columns'] = FALSE;
$cfg['Export']['sql_delayed'] = FALSE;
$cfg['Export']['sql_ignore'] = FALSE;
$cfg['Export']['sql_hex_for_binary'] = TRUE;
$cfg['Export']['sql_type'] = 'insert'; // insert/update/replace
$cfg['Export']['sql_extended'] = FALSE;
$cfg['Export']['sql_comments'] = FALSE;
$cfg['Export']['sql_mime'] = FALSE;
$cfg['Export']['sql_header_comment'] = ''; // \n is replaced by new line
/**
* Link to the official MySQL documentation.
* Be sure to include no trailing slash on the path.
* See http://dev.mysql.com/doc/ for more information
* about MySQL manuals and their types.
*/
$cfg['MySQLManualBase'] = 'http://dev.mysql.com/doc/mysql/en';
/**
* Type of MySQL documentation:
* old - old style used in phpMyAdmin 2.3.0 and sooner
* searchable - "Searchable, with user comments"
* chapters - "HTML, one page per chapter"
* big - "HTML, all on one page"
* none - do not show documentation links
*/
$cfg['MySQLManualType'] = 'searchable';
/**
* PDF options
*/
$cfg['PDFPageSizes'] = array('A3', 'A4', 'A5', 'letter', 'legal');
$cfg['PDFDefaultPageSize'] = 'A4';
/**
* Language and charset conversion settings
*/
// Default language to use, if not browser-defined or user-defined
$cfg['DefaultLang'] = 'en-iso-8859-1';
// Force: always use this language - must be defined in
// libraries/select_lang.lib.php
// $cfg['Lang'] = 'en-iso-8859-1';
// Default charset to use for recoding of MySQL queries, does not take
// any effect when charsets recoding is switched off by
// $cfg['AllowAnywhereRecoding'] or in language file
// (see $cfg['AvailableCharsets'] to possible choices, you can add your own)
$cfg['DefaultCharset'] = 'iso-8859-1';
// Allow charset recoding of MySQL queries, must be also enabled in language
// file to make harder using other language files than unicode.
// Default value is FALSE to avoid problems on servers without the iconv
// extension and where dl() is not supported
$cfg['AllowAnywhereRecoding'] = FALSE;
// You can select here which functions will be used for charset conversion.
// Possible values are:
// auto - automatically use available one (first is tested iconv, then
// recode)
// iconv - use iconv or libiconv functions
// recode - use recode_string function
$cfg['RecodingEngine'] = 'auto';
// Specify some parameters for iconv used in charset conversion. See iconv
// documentation for details:
// http://www.gnu.org/software/libiconv/documentation/libiconv/iconv_open.3.html
$cfg['IconvExtraParams'] = '';
// Available charsets for MySQL conversion. currently contains all which could
// be found in lang/* files and few more.
// Charsets will be shown in same order as here listed, so if you frequently
// use some of these move them to the top.
$cfg['AvailableCharsets'] = array(
'iso-8859-1',
'iso-8859-2',
'iso-8859-3',
'iso-8859-4',
'iso-8859-5',
'iso-8859-6',
'iso-8859-7',
'iso-8859-8',
'iso-8859-9',
'iso-8859-10',
'iso-8859-11',
'iso-8859-12',
'iso-8859-13',
'iso-8859-14',
'iso-8859-15',
'windows-1250',
'windows-1251',
'windows-1252',
'windows-1256',
'windows-1257',
'koi8-r',
'big5',
'gb2312',
'utf-8',
'utf-7',
'x-user-defined',
'euc-jp',
'ks_c_5601-1987',
'tis-620',
'SHIFT_JIS'
);
/**
* Customization & design
*
* The graphical settings are now located in themes/themename/layout.inc.php
*/
$cfg['LeftPointerEnable'] = TRUE; // enable the left panel pointer
// (used when LeftFrameLight is FALSE)
// see also LeftPointerColor
// in layout.inc.php
$cfg['BrowsePointerEnable'] = TRUE; // enable the browse pointer
// see also BrowsePointerColor
// in layout.inc.php
$cfg['BrowseMarkerEnable'] = TRUE; // enable the browse marker
// see also BrowseMarkerColor
// in layout.inc.php
$cfg['TextareaCols'] = 40; // textarea size (columns) in edit mode
// (this value will be emphasized (*2) for sql
// query textareas and (*1.25) for query window)
$cfg['TextareaRows'] = 7; // textarea size (rows) in edit mode
$cfg['LongtextDoubleTextarea'] = TRUE; // double size of textarea size for longtext fields
$cfg['TextareaAutoSelect'] = TRUE; // autoselect when clicking in the textarea of the querybox
$cfg['CharTextareaCols'] = 40; // textarea size (columns) for CHAR/VARCHAR
$cfg['CharTextareaRows'] = 2; // textarea size (rows) for CHAR/VARCHAR
$cfg['CtrlArrowsMoving'] = TRUE; // Enable Ctrl+Arrows moving between fields when editing?
$cfg['LimitChars'] = 50; // Max field data length in browse mode for all non-numeric fields
$cfg['ModifyDeleteAtLeft'] = TRUE; // show edit/delete links on left side of browse
// (or at the top with vertical browse)
$cfg['ModifyDeleteAtRight'] = FALSE; // show edit/delete links on right side of browse
// (or at the bottom with vertical browse)
$cfg['DefaultDisplay'] = 'horizontal'; // default display direction
// (horizontal|vertical|horizontalflipped)
$cfg['DefaultPropDisplay'] = 'horizontal'; // default display direction for altering/
// creating columns (tbl_properties)
// (horizontal|vertical)
$cfg['HeaderFlipType'] = 'css'; // table-header rotation via faking or css? (css|fake)
// NOTE: CSS only works in IE browsers!
$cfg['ShowBrowseComments'] = TRUE; // shows stored relation-comments in 'browse' mode.
$cfg['ShowPropertyComments']= TRUE; // shows stored relation-comments in 'table property' mode.
$cfg['RepeatCells'] = 100; // repeat header names every X cells? (0 = deactivate)
$cfg['QueryFrame'] = TRUE; // displays a link or icon in the left frame to open the querybox, and activates the querybox when clicking on [Edit] on the results page.
$cfg['QueryFrameJS'] = TRUE; // whether to use JavaScript functions for opening a new window for SQL commands.
// if set to 'false', the target of the querybox is always the right frame.
$cfg['QueryWindowWidth'] = 550; // Width of Query window
$cfg['QueryWindowHeight'] = 310; // Height of Query window
$cfg['QueryHistoryDB'] = FALSE; // Set to TRUE if you want DB-based query history.
// If FALSE, this utilizes JS-routines to display
// query history (lost by window close)
$cfg['QueryWindowDefTab'] = 'sql'; // which tab to display in the querywindow on startup
// (sql|files|history|full)
$cfg['QueryHistoryMax'] = 25; // When using DB-based query history, how many entries
// should be kept?
$cfg['BrowseMIME'] = TRUE; // Use MIME-Types (stored in column comments table) for
$cfg['MaxExactCount'] = 20000; // When approximate count < this, PMA will get exact count for
// table rows.
$cfg['WYSIWYG-PDF'] = TRUE; // Utilize DHTML/JS capabilities to allow WYSIWYG editing of
// the PDF page editor. Requires an IE6/Mozilla based browser.
$cfg['NaturalOrder'] = TRUE; // Sort table and database in natural order
//-----------------------------------------------------------------------------
// custom-setup by mkkeck: 2004-05-04
// some specials for new icons and scrollings
// FIXME:
// 2004-05-08 rabus: We need to rearrange these variables.
$cfg['ShowHttpHostTitle'] = TRUE; // show HttpHost in browsers window title (true|false)?
$cfg['SetHttpHostTitle'] = ''; // if ShowHttpHostTitle=true, please set your host (server)
// or an other string, wich should be shown in browsers window title.
// If not set (or empty), the PMA will get your real Host-Adress.
$cfg['ErrorIconic'] = TRUE; // show some icons for warnings, errors and informations (true|false)?
$cfg['MainPageIconic'] = TRUE; // show icons in list on main page, on right panel top menu (server db table) and on menu tabs (true|false)?
$cfg['ReplaceHelpImg'] = TRUE; // show help button instead of strDocumentation (true|false)?
// theme manager
$cfg['ThemePath'] = './themes'; // using themes manager please set up here the path to 'themes'
// else leave empty
$cfg['ThemeManager'] = TRUE; // if you want to use selectable themes and if ThemesPath not empty
// set it to true, else set it to false (default is false);
$cfg['ThemeDefault'] = 'original'; // set up default theme, if ThemePath not empty
// you can set up here an valid path to themes or 'original' for
// the original pma-theme
//-----------------------------------------------------------------------------
/**
* Default queries
* %d will be replaced by the database name.
* %t will be replaced by the table name.
* %f will be replaced by a list of field names.
* (%t and %f only applies to DefaultQueryTable)
*/
$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1';
$cfg['DefaultQueryDatabase'] = '';
/**
* SQL Query box settings
* These are the links display in all of the SQL Query boxes
*/
$cfg['SQLQuery']['Edit'] = TRUE; // Edit link to change a query
$cfg['SQLQuery']['Explain'] = TRUE; // EXPLAIN on SELECT queries
$cfg['SQLQuery']['ShowAsPHP'] = TRUE; // Wrap a query in PHP
$cfg['SQLQuery']['Validate'] = FALSE; // Validate a query (see $cfg['SQLValidator'] as well)
$cfg['SQLQuery']['Refresh'] = TRUE; // Refresh the results page
/**
* Webserver upload/save/import directories
*/
$cfg['UploadDir'] = ''; // Directory for uploaded files that can be executed by
// phpMyAdmin. For example './upload'. Leave empty for
// no upload directory support
$cfg['SaveDir'] = ''; // Directory where phpMyAdmin can save exported data on
// server. For example './save'. Leave empty for no save
// directory support.
$cfg['docSQLDir'] = ''; // Directory for docSQL imports, phpMyAdmin can import
// docSQL files from that directory. For example
// './docSQL'. Leave empty for no docSQL import support.
$cfg['TempDir'] = ''; // Directory where phpMyAdmin can save temporary files.
// This is needed for MS Excel export, see documentation
// how to enable that.
/**
* Misc. settings
*/
$cfg['GD2Available'] = 'auto'; // Is GD >= 2 available? Set to yes/no/auto. 'auto'
// does autodetection, which is a bit expensive for
// php < 4.3.0, but it is the only safe vay how to
// determine GD version.
/**
* SQL Parser Settings
*/
$cfg['SQP']['fmtType'] = 'html'; // Pretty-printing style to use on queries (html, text, none)
$cfg['SQP']['fmtInd'] = '1'; // Amount to indent each level (floats ok)
$cfg['SQP']['fmtIndUnit'] = 'em'; // Units for indenting each level (CSS Types - {em,px,pt})
// The graphical settings are now located in themes/themename/layout.inc.php
/**
* If you wish to use the SQL Validator service, you should be
* aware of the following:
* All SQL statements are stored anonymously for statistical purposes.
* Mimer SQL Validator, Copyright 2002 Upright Database Technology.
* All rights reserved.
*/
$cfg['SQLValidator']['use'] = FALSE; // Make the SQL Validator available
$cfg['SQLValidator']['username'] = ''; // If you have a custom username, specify it here (defaults to anonymous)
$cfg['SQLValidator']['password'] = ''; // Password for username
/**
* Developers ONLY!
* To use the following, please install the DBG extension from http://dd.cron.ru/dbg/
*/
$cfg['DBG']['enable'] = FALSE; // Make the DBG stuff available
$cfg['DBG']['profile']['enable'] = FALSE; // Produce profiling results of PHP
$cfg['DBG']['profile']['threshold'] = 0.5; // Threshold of long running code to display
// Anything below the threshold is not displayed
/**
* MySQL settings
*/
// Column types;
// varchar, tinyint, text and date are listed first, based on estimated popularity
$cfg['ColumnTypes'] = array(
'VARCHAR',
'TINYINT',
'TEXT',
'DATE',
'SMALLINT',
'MEDIUMINT',
'INT',
'BIGINT',
'FLOAT',
'DOUBLE',
'DECIMAL',
'DATETIME',
'TIMESTAMP',
'TIME',
'YEAR',
'CHAR',
'TINYBLOB',
'TINYTEXT',
'BLOB',
'MEDIUMBLOB',
'MEDIUMTEXT',
'LONGBLOB',
'LONGTEXT',
'ENUM',
'SET'
);
// Attributes
$cfg['AttributeTypes'] = array(
'',
'BINARY',
'UNSIGNED',
'UNSIGNED ZEROFILL'
);
// Available functions
if ($cfg['ShowFunctionFields']) {
$cfg['Functions'] = array(
'ASCII',
'CHAR',
'SOUNDEX',
'LCASE',
'UCASE',
'NOW',
'PASSWORD',
'MD5',
'SHA1',
'ENCRYPT',
'RAND',
'LAST_INSERT_ID',
'COUNT',
'AVG',
'SUM',
'CURDATE',
'CURTIME',
'FROM_DAYS',
'FROM_UNIXTIME',
'PERIOD_ADD',
'PERIOD_DIFF',
'TO_DAYS',
'UNIX_TIMESTAMP',
'USER',
'WEEKDAY',
'CONCAT'
);
// Which column types will be mapped to which Group?
$cfg['RestrictColumnTypes'] = array(
'VARCHAR' => 'FUNC_CHAR',
'TINYINT' => 'FUNC_NUMBER',
'TEXT' => 'FUNC_CHAR',
'DATE' => 'FUNC_DATE',
'SMALLINT' => 'FUNC_NUMBER',
'MEDIUMINT' => 'FUNC_NUMBER',
'INT' => 'FUNC_NUMBER',
'BIGINT' => 'FUNC_NUMBER',
'FLOAT' => 'FUNC_NUMBER',
'DOUBLE' => 'FUNC_NUMBER',
'DECIMAL' => 'FUNC_NUMBER',
'DATETIME' => 'FUNC_DATE',
'TIMESTAMP' => 'FUNC_DATE',
'TIME' => 'FUNC_DATE',
'YEAR' => 'FUNC_DATE',
'CHAR' => 'FUNC_CHAR',
'TINYBLOB' => 'FUNC_CHAR',
'TINYTEXT' => 'FUNC_CHAR',
'BLOB' => 'FUNC_CHAR',
'MEDIUMBLOB' => 'FUNC_CHAR',
'MEDIUMTEXT' => 'FUNC_CHAR',
'LONGBLOB' => 'FUNC_CHAR',
'LONGTEXT' => 'FUNC_CHAR',
'ENUM' => '',
'SET' => ''
);
// Map above defined groups to any function
$cfg['RestrictFunctions'] = array(
'FUNC_CHAR' => array(
'ASCII',
'CHAR',
'SOUNDEX',
'LCASE',
'UCASE',
'PASSWORD',
'MD5',
'SHA1',
'ENCRYPT',
'LAST_INSERT_ID',
'USER',
'CONCAT'
),
'FUNC_DATE' => array(
'NOW',
'CURDATE',
'CURTIME',
'FROM_DAYS',
'FROM_UNIXTIME',
'PERIOD_ADD',
'PERIOD_DIFF',
'TO_DAYS',
'UNIX_TIMESTAMP',
'WEEKDAY'
),
'FUNC_NUMBER' => array(
'ASCII',
'CHAR',
'MD5',
'SHA1',
'ENCRYPT',
'RAND',
'LAST_INSERT_ID',
'COUNT',
'AVG',
'SUM'
)
);
// Default functions for above defined groups
$cfg['DefaultFunctions'] = array(
'FUNC_CHAR' => '',
'FUNC_DATE' => '',
'FUNC_NUMBER' => '',
'first_timestamp' => 'NOW'
);
} // end if
// Search operators
$cfg['NumOperators'] = array(
'=',
'>',
'>=',
'<',
'<=',
'!=',
'LIKE',
'NOT LIKE'
);
$cfg['TextOperators'] = array(
'LIKE',
'LIKE %...%',
'NOT LIKE',
'=',
'!=',
'REGEXP',
'NOT REGEXP'
);
$cfg['EnumOperators'] = array(
'=',
'!='
);
$cfg['NullOperators'] = array(
'IS NULL',
'IS NOT NULL'
);
$cfg['UnaryOperators'] = array(
'IS NULL' => 1,
'IS NOT NULL' => 1
);
/**
* Unset magic_quotes_runtime - do not change!
*/
set_magic_quotes_runtime(0);
/**
* File Revision - do not change either!
*/
$cfg['FileRevision'] = '$Revision: 2.41 $';
?>

826
update/data/templates/config.inc.php.backup Normal file
View File

@@ -0,0 +1,826 @@
<?php
/* $Id: config.inc.php,v 2.41 2004/09/23 10:10:37 rabus Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* phpMyAdmin Configuration File
*
* All directives are explained in Documentation.html
*/
/**
* Sets the php error reporting - Please do not change this line!
*/
if (!isset($old_error_reporting)) {
error_reporting(E_ALL);
@ini_set('display_errors', '1');
}
/**
* Your phpMyAdmin url
*
* Complete the variable below with the full url ie
* http://www.your_web.net/path_to_your_phpMyAdmin_directory/
*
* It must contain characters that are valid for a URL, and the path is
* case sensitive on some Web servers, for example Unix-based servers.
*
* In most cases you can leave this variable empty, as the correct value
* will be detected automatically. However, we recommend that you do
* test to see that the auto-detection code works in your system. A good
* test is to browse a table, then edit a row and save it. There will be
* an error message if phpMyAdmin cannot auto-detect the correct value.
*
* If the auto-detection code does work properly, you can set to TRUE the
* $cfg['PmaAbsoluteUri_DisableWarning'] variable below.
*/
$cfg['PmaAbsoluteUri'] = '';
/**
* Disable the default warning about $cfg['PmaAbsoluteUri'] not being set
* You should use this if and ONLY if the PmaAbsoluteUri auto-detection
* works perfectly.
*/
$cfg['PmaAbsoluteUri_DisableWarning'] = TRUE;
/**
* Disable the default warning that is displayed on the DB Details Structure page if
* any of the required Tables for the relationfeatures could not be found
*/
$cfg['PmaNoRelation_DisableWarning'] = TRUE;
/**
* The 'cookie' auth_type uses blowfish algorithm to encrypt the password. If
* at least one server configuration uses 'cookie' auth_type, enter here a
* passphrase that will be used by blowfish.
*/
$cfg['blowfish_secret'] = '';
/**
* Server(s) configuration
*/
$i = 0;
// The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use $cfg['Servers'][0].
// You can disable a server config entry by setting host to ''.
$i++;
$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname or IP address
$cfg['Servers'][$i]['port'] = ''; // MySQL port - leave blank for default port
$cfg['Servers'][$i]['socket'] = ''; // Path to the socket - leave blank for default socket
$cfg['Servers'][$i]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
$cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL extension to use ('mysql' or 'mysqli')
$cfg['Servers'][$i]['compress'] = FALSE; // Use compressed protocol for the MySQL connection
// (requires PHP >= 4.3.0)
$cfg['Servers'][$i]['controluser'] = ''; // MySQL control user settings
// (this user must have read-only
$cfg['Servers'][$i]['controlpass'] = ''; // access to the "mysql/user"
// and "mysql/db" tables).
// The controluser is also
// used for all relational
// features (pmadb)
$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
$cfg['Servers'][$i]['user'] = 'root'; // MySQL user
$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed
// with 'config' auth_type)
$cfg['Servers'][$i]['only_db'] = ''; // If set to a db-name, only
// this db is displayed in left frame
// It may also be an array of db-names, where sorting order is relevant.
$cfg['Servers'][$i]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname
$cfg['Servers'][$i]['pmadb'] = ''; // Database used for Relation, Bookmark and PDF Features
// (see scripts/create_tables.sql)
// - leave blank for no support
// DEFAULT: 'phpmyadmin'
$cfg['Servers'][$i]['bookmarktable'] = ''; // Bookmark table
// - leave blank for no bookmark support
// DEFAULT: 'pma_bookmark'
$cfg['Servers'][$i]['relation'] = ''; // table to describe the relation between links (see doc)
// - leave blank for no relation-links support
// DEFAULT: 'pma_relation'
$cfg['Servers'][$i]['table_info'] = ''; // table to describe the display fields
// - leave blank for no display fields support
// DEFAULT: 'pma_table_info'
$cfg['Servers'][$i]['table_coords'] = ''; // table to describe the tables position for the PDF schema
// - leave blank for no PDF schema support
// DEFAULT: 'pma_table_coords'
$cfg['Servers'][$i]['pdf_pages'] = ''; // table to describe pages of relationpdf
// - leave blank if you don't want to use this
// DEFAULT: 'pma_pdf_pages'
$cfg['Servers'][$i]['column_info'] = ''; // table to store column information
// - leave blank for no column comments/mime types
// DEFAULT: 'pma_column_info'
$cfg['Servers'][$i]['history'] = ''; // table to store SQL history
// - leave blank for no SQL query history
// DEFAULT: 'pma_history'
$cfg['Servers'][$i]['verbose_check'] = TRUE; // set to FALSE if you know that your pma_* tables
// are up to date. This prevents compatibility
// checks and thereby increases performance.
$cfg['Servers'][$i]['AllowDeny']['order'] // Host authentication order, leave blank to not use
= '';
$cfg['Servers'][$i]['AllowDeny']['rules'] // Host authentication rules, leave blank for defaults
= array();
$i++;
$cfg['Servers'][$i]['host'] = '';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['compress'] = FALSE;
$cfg['Servers'][$i]['controluser'] = '';
$cfg['Servers'][$i]['controlpass'] = '';
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['only_db'] = '';
$cfg['Servers'][$i]['verbose'] = '';
$cfg['Servers'][$i]['pmadb'] = ''; // 'phpmyadmin' - see scripts/create_tables.sql
$cfg['Servers'][$i]['bookmarktable'] = ''; // 'pma_bookmark'
$cfg['Servers'][$i]['relation'] = ''; // 'pma_relation'
$cfg['Servers'][$i]['table_info'] = ''; // 'pma_table_info'
$cfg['Servers'][$i]['table_coords'] = ''; // 'pma_table_coords'
$cfg['Servers'][$i]['pdf_pages'] = ''; // 'pma_pdf_pages'
$cfg['Servers'][$i]['column_info'] = ''; // 'pma_column_info'
$cfg['Servers'][$i]['history'] = ''; // 'pma_history'
$cfg['Servers'][$i]['verbose_check'] = TRUE;
$cfg['Servers'][$i]['AllowDeny']['order']
= '';
$cfg['Servers'][$i]['AllowDeny']['rules']
= array();
$i++;
$cfg['Servers'][$i]['host'] = '';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['compress'] = FALSE;
$cfg['Servers'][$i]['controluser'] = '';
$cfg['Servers'][$i]['controlpass'] = '';
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['only_db'] = '';
$cfg['Servers'][$i]['verbose'] = '';
$cfg['Servers'][$i]['pmadb'] = ''; // 'phpmyadmin' - see scripts/create_tables.sql
$cfg['Servers'][$i]['bookmarktable'] = ''; // 'pma_bookmark'
$cfg['Servers'][$i]['relation'] = ''; // 'pma_relation'
$cfg['Servers'][$i]['table_info'] = ''; // 'pma_table_info'
$cfg['Servers'][$i]['table_coords'] = ''; // 'pma_table_coords'
$cfg['Servers'][$i]['pdf_pages'] = ''; // 'pma_pdf_pages'
$cfg['Servers'][$i]['column_info'] = ''; // 'pma_column_info'
$cfg['Servers'][$i]['history'] = ''; // 'pma_history'
$cfg['Servers'][$i]['verbose_check'] = TRUE;
$cfg['Servers'][$i]['AllowDeny']['order']
= '';
$cfg['Servers'][$i]['AllowDeny']['rules']
= array();
// If you have more than one server configured, you can set $cfg['ServerDefault']
// to any one of them to autoconnect to that server when phpMyAdmin is started,
// or set it to 0 to be given a list of servers without logging in
// If you have only one server configured, $cfg['ServerDefault'] *MUST* be
// set to that server.
$cfg['ServerDefault'] = 1; // Default server (0 = no default server)
$cfg['Server'] = '';
unset($cfg['Servers'][0]);
/**
* Other core phpMyAdmin settings
*/
$cfg['OBGzip'] = 'auto'; // use GZIP output buffering if possible (TRUE|FALSE|'auto')
$cfg['PersistentConnections'] = FALSE; // use persistent connections to MySQL database
$cfg['ExecTimeLimit'] = 300; // maximum execution time in seconds (0 for no limit)
$cfg['SkipLockedTables'] = FALSE; // mark used tables, make possible to show
// locked tables (since MySQL 3.23.30)
$cfg['ShowSQL'] = TRUE; // show SQL queries as run
$cfg['AllowUserDropDatabase'] = FALSE; // show a 'Drop database' link to normal users
$cfg['Confirm'] = TRUE; // confirm 'DROP TABLE' & 'DROP DATABASE'
$cfg['LoginCookieRecall'] = TRUE; // recall previous login in cookie auth. mode or not
$cfg['LoginCookieValidity'] = 1800; // validity of cookie login (in seconds)
$cfg['UseDbSearch'] = TRUE; // whether to enable the "database search" feature
// or not
$cfg['IgnoreMultiSubmitErrors'] = FALSE; // if set to true, PMA continues computing multiple-statement queries
// even if one of the queries failed
$cfg['VerboseMultiSubmit'] = TRUE; // if set to true, PMA will show the affected rows of EACH statement on
// multiple-statement queries. See the read_dump.php file for hardcoded
// defaults on how many queries a statement may contain!
$cfg['AllowArbitraryServer'] = FALSE; // allow login to any user entered server in cookie based auth
// Left frame setup
$cfg['LeftFrameLight'] = TRUE; // use a select-based menu and display only the
// current tables in the left frame.
$cfg['LeftFrameTableSeparator']= '__'; // Which string will be used to generate table prefixes
// to split/nest tables into multiple categories
$cfg['LeftFrameTableLevel'] = '1'; // How many sublevels should be displayed when splitting
// up tables by the above Separator
$cfg['ShowTooltip'] = TRUE; // display table comment as tooltip in left frame
$cfg['ShowTooltipAliasDB'] = FALSE; // if ShowToolTip is enabled, this defines that table/db comments
$cfg['ShowTooltipAliasTB'] = FALSE; // are shown (in the left menu and db_details_structure) instead of
// table/db names. Setting ShowTooltipAliasTB to 'nested' will only
// use the Aliases for nested descriptors, not the table itself.
$cfg['LeftDisplayLogo'] = TRUE; // display logo at top of left frame
$cfg['LeftDisplayServers'] = FALSE; // display server choice at top of left frame
$cfg['DisplayServersList'] = FALSE; // server choice as links
// In the main frame, at startup...
$cfg['ShowStats'] = TRUE; // allow to display statistics and space usage in
// the pages about database details and table
// properties
$cfg['ShowMysqlInfo'] = FALSE; // whether to display the "MySQL runtime
$cfg['ShowMysqlVars'] = FALSE; // information", "MySQL system variables", "PHP
$cfg['ShowPhpInfo'] = FALSE; // information" and "change password" links for
$cfg['ShowChgPassword'] = FALSE; // simple users or not
$cfg['SuggestDBName'] = TRUE; // suggest a new DB name if possible (false = keep empty)
// In browse mode...
$cfg['ShowBlob'] = FALSE; // display blob field contents
$cfg['NavigationBarIconic'] = TRUE; // do not display text inside navigation bar buttons
$cfg['ShowAll'] = FALSE; // allows to display all the rows
$cfg['MaxRows'] = 30; // maximum number of rows to display
$cfg['Order'] = 'ASC'; // default for 'ORDER BY' clause (valid
// values are 'ASC', 'DESC' or 'SMART' -ie
// descending order for fields of type
// TIME, DATE, DATETIME & TIMESTAMP,
// ascending order else-)
// In edit mode...
$cfg['ProtectBinary'] = 'blob'; // disallow editing of binary fields
// valid values are:
// FALSE allow editing
// 'blob' allow editing except for BLOB fields
// 'all' disallow editing
$cfg['ShowFunctionFields'] = TRUE; // Display the function fields in edit/insert mode
$cfg['CharEditing'] = 'input';
// Which editor should be used for CHAR/VARCHAR fields:
// input - allows limiting of input length
// textarea - allows newlines in fields
$cfg['InsertRows'] = 2; // How many rows can be inserted at one time
// For the export features...
$cfg['ZipDump'] = TRUE; // Allow the use of zip/gzip/bzip
$cfg['GZipDump'] = TRUE; // compression for
$cfg['BZipDump'] = TRUE; // dump files
$cfg['CompressOnFly'] = TRUE; // Will compress gzip/bzip2 exports on
// fly without need for much memory.
// If you encounter problems with
// created gzip/bzip2 files disable
// this feature.
// Tabs display settings
$cfg['LightTabs'] = FALSE; // use graphically less intense menu tabs
$cfg['PropertiesIconic'] = TRUE; // Use icons instead of text for the table display of a database (TRUE|FALSE|'both')
$cfg['PropertiesNumColumns'] = 1; // How many columns should be used for table display of a database?
// (a value larger than 1 results in some information being hidden)
$cfg['DefaultTabServer'] = 'main.php';
// Possible values:
// 'main.php' = the welcome page
// (recommended for multiuser setups)
// 'server_databases.php' = list of databases
// 'server_status.php' = runtime information
// 'server_variables.php' = MySQL server variables
// 'server_privileges.php' = user management
// 'server_processlist.php' = process list
$cfg['DefaultTabDatabase'] = 'db_details_structure.php';
// Possible values:
// 'db_details_structure.php' = tables list
// 'db_details.php' = sql form
// 'db_search.php' = search query
$cfg['DefaultTabTable'] = 'tbl_properties_structure.php';
// Possible values:
// 'tbl_properties_structure.php' = fields list
// 'tbl_properties.php' = sql form
// 'tbl_select.php = select page
// 'tbl_change.php = insert row page
/**
* Export defaults
*/
$cfg['Export']['format'] = 'sql'; // sql/latex/excel/csv/xml/xls
$cfg['Export']['compression'] = 'none'; // none/zip/gzip/bzip2
$cfg['Export']['asfile'] = FALSE;
$cfg['Export']['onserver'] = FALSE;
$cfg['Export']['onserver_overwrite'] = FALSE;
$cfg['Export']['remember_file_template'] = TRUE;
$cfg['Export']['xls_columns'] = FALSE;
$cfg['Export']['xls_null'] = 'NULL';
$cfg['Export']['csv_columns'] = FALSE;
$cfg['Export']['csv_null'] = 'NULL';
$cfg['Export']['csv_separator'] = ';';
$cfg['Export']['csv_enclosed'] = '&quot;';
$cfg['Export']['csv_escaped'] = '\\';
$cfg['Export']['csv_terminated'] = 'AUTO';
$cfg['Export']['excel_columns'] = FALSE;
$cfg['Export']['excel_null'] = 'NULL';
$cfg['Export']['excel_edition'] = 'win'; // win/mac
$cfg['Export']['latex_structure'] = TRUE;
$cfg['Export']['latex_data'] = TRUE;
$cfg['Export']['latex_columns'] = TRUE;
$cfg['Export']['latex_relation'] = TRUE;
$cfg['Export']['latex_comments'] = TRUE;
$cfg['Export']['latex_mime'] = TRUE;
$cfg['Export']['latex_null'] = '\textit{NULL}';
$cfg['Export']['latex_caption'] = TRUE;
$cfg['Export']['latex_data_label'] = 'tab:__TABLE__-data';
$cfg['Export']['latex_structure_label'] = 'tab:__TABLE__-structure';
$cfg['Export']['sql_structure'] = TRUE;
$cfg['Export']['sql_data'] = TRUE;
$cfg['Export']['sql_disable_fk'] = FALSE;
$cfg['Export']['sql_use_transaction'] = FALSE;
$cfg['Export']['sql_drop_database'] = FALSE;
$cfg['Export']['sql_drop_table'] = FALSE;
$cfg['Export']['sql_if_not_exists'] = FALSE;
$cfg['Export']['sql_auto_increment'] = TRUE;
$cfg['Export']['sql_backquotes'] = TRUE;
$cfg['Export']['sql_dates'] = FALSE;
$cfg['Export']['sql_relation'] = FALSE;
$cfg['Export']['sql_columns'] = FALSE;
$cfg['Export']['sql_delayed'] = FALSE;
$cfg['Export']['sql_ignore'] = FALSE;
$cfg['Export']['sql_hex_for_binary'] = TRUE;
$cfg['Export']['sql_type'] = 'insert'; // insert/update/replace
$cfg['Export']['sql_extended'] = FALSE;
$cfg['Export']['sql_comments'] = FALSE;
$cfg['Export']['sql_mime'] = FALSE;
$cfg['Export']['sql_header_comment'] = ''; // \n is replaced by new line
/**
* Link to the official MySQL documentation.
* Be sure to include no trailing slash on the path.
* See http://dev.mysql.com/doc/ for more information
* about MySQL manuals and their types.
*/
$cfg['MySQLManualBase'] = 'http://dev.mysql.com/doc/mysql/en';
/**
* Type of MySQL documentation:
* old - old style used in phpMyAdmin 2.3.0 and sooner
* searchable - "Searchable, with user comments"
* chapters - "HTML, one page per chapter"
* big - "HTML, all on one page"
* none - do not show documentation links
*/
$cfg['MySQLManualType'] = 'searchable';
/**
* PDF options
*/
$cfg['PDFPageSizes'] = array('A3', 'A4', 'A5', 'letter', 'legal');
$cfg['PDFDefaultPageSize'] = 'A4';
/**
* Language and charset conversion settings
*/
// Default language to use, if not browser-defined or user-defined
$cfg['DefaultLang'] = 'en-iso-8859-1';
// Force: always use this language - must be defined in
// libraries/select_lang.lib.php
// $cfg['Lang'] = 'en-iso-8859-1';
// Default charset to use for recoding of MySQL queries, does not take
// any effect when charsets recoding is switched off by
// $cfg['AllowAnywhereRecoding'] or in language file
// (see $cfg['AvailableCharsets'] to possible choices, you can add your own)
$cfg['DefaultCharset'] = 'iso-8859-1';
// Allow charset recoding of MySQL queries, must be also enabled in language
// file to make harder using other language files than unicode.
// Default value is FALSE to avoid problems on servers without the iconv
// extension and where dl() is not supported
$cfg['AllowAnywhereRecoding'] = FALSE;
// You can select here which functions will be used for charset conversion.
// Possible values are:
// auto - automatically use available one (first is tested iconv, then
// recode)
// iconv - use iconv or libiconv functions
// recode - use recode_string function
$cfg['RecodingEngine'] = 'auto';
// Specify some parameters for iconv used in charset conversion. See iconv
// documentation for details:
// http://www.gnu.org/software/libiconv/documentation/libiconv/iconv_open.3.html
$cfg['IconvExtraParams'] = '';
// Available charsets for MySQL conversion. currently contains all which could
// be found in lang/* files and few more.
// Charsets will be shown in same order as here listed, so if you frequently
// use some of these move them to the top.
$cfg['AvailableCharsets'] = array(
'iso-8859-1',
'iso-8859-2',
'iso-8859-3',
'iso-8859-4',
'iso-8859-5',
'iso-8859-6',
'iso-8859-7',
'iso-8859-8',
'iso-8859-9',
'iso-8859-10',
'iso-8859-11',
'iso-8859-12',
'iso-8859-13',
'iso-8859-14',
'iso-8859-15',
'windows-1250',
'windows-1251',
'windows-1252',
'windows-1256',
'windows-1257',
'koi8-r',
'big5',
'gb2312',
'utf-8',
'utf-7',
'x-user-defined',
'euc-jp',
'ks_c_5601-1987',
'tis-620',
'SHIFT_JIS'
);
/**
* Customization & design
*
* The graphical settings are now located in themes/themename/layout.inc.php
*/
$cfg['LeftPointerEnable'] = TRUE; // enable the left panel pointer
// (used when LeftFrameLight is FALSE)
// see also LeftPointerColor
// in layout.inc.php
$cfg['BrowsePointerEnable'] = TRUE; // enable the browse pointer
// see also BrowsePointerColor
// in layout.inc.php
$cfg['BrowseMarkerEnable'] = TRUE; // enable the browse marker
// see also BrowseMarkerColor
// in layout.inc.php
$cfg['TextareaCols'] = 40; // textarea size (columns) in edit mode
// (this value will be emphasized (*2) for sql
// query textareas and (*1.25) for query window)
$cfg['TextareaRows'] = 7; // textarea size (rows) in edit mode
$cfg['LongtextDoubleTextarea'] = TRUE; // double size of textarea size for longtext fields
$cfg['TextareaAutoSelect'] = TRUE; // autoselect when clicking in the textarea of the querybox
$cfg['CharTextareaCols'] = 40; // textarea size (columns) for CHAR/VARCHAR
$cfg['CharTextareaRows'] = 2; // textarea size (rows) for CHAR/VARCHAR
$cfg['CtrlArrowsMoving'] = TRUE; // Enable Ctrl+Arrows moving between fields when editing?
$cfg['LimitChars'] = 50; // Max field data length in browse mode for all non-numeric fields
$cfg['ModifyDeleteAtLeft'] = TRUE; // show edit/delete links on left side of browse
// (or at the top with vertical browse)
$cfg['ModifyDeleteAtRight'] = FALSE; // show edit/delete links on right side of browse
// (or at the bottom with vertical browse)
$cfg['DefaultDisplay'] = 'horizontal'; // default display direction
// (horizontal|vertical|horizontalflipped)
$cfg['DefaultPropDisplay'] = 'horizontal'; // default display direction for altering/
// creating columns (tbl_properties)
// (horizontal|vertical)
$cfg['HeaderFlipType'] = 'css'; // table-header rotation via faking or css? (css|fake)
// NOTE: CSS only works in IE browsers!
$cfg['ShowBrowseComments'] = TRUE; // shows stored relation-comments in 'browse' mode.
$cfg['ShowPropertyComments']= TRUE; // shows stored relation-comments in 'table property' mode.
$cfg['RepeatCells'] = 100; // repeat header names every X cells? (0 = deactivate)
$cfg['QueryFrame'] = TRUE; // displays a link or icon in the left frame to open the querybox, and activates the querybox when clicking on [Edit] on the results page.
$cfg['QueryFrameJS'] = TRUE; // whether to use JavaScript functions for opening a new window for SQL commands.
// if set to 'false', the target of the querybox is always the right frame.
$cfg['QueryWindowWidth'] = 550; // Width of Query window
$cfg['QueryWindowHeight'] = 310; // Height of Query window
$cfg['QueryHistoryDB'] = FALSE; // Set to TRUE if you want DB-based query history.
// If FALSE, this utilizes JS-routines to display
// query history (lost by window close)
$cfg['QueryWindowDefTab'] = 'sql'; // which tab to display in the querywindow on startup
// (sql|files|history|full)
$cfg['QueryHistoryMax'] = 25; // When using DB-based query history, how many entries
// should be kept?
$cfg['BrowseMIME'] = TRUE; // Use MIME-Types (stored in column comments table) for
$cfg['MaxExactCount'] = 20000; // When approximate count < this, PMA will get exact count for
// table rows.
$cfg['WYSIWYG-PDF'] = TRUE; // Utilize DHTML/JS capabilities to allow WYSIWYG editing of
// the PDF page editor. Requires an IE6/Mozilla based browser.
$cfg['NaturalOrder'] = TRUE; // Sort table and database in natural order
//-----------------------------------------------------------------------------
// custom-setup by mkkeck: 2004-05-04
// some specials for new icons and scrollings
// FIXME:
// 2004-05-08 rabus: We need to rearrange these variables.
$cfg['ShowHttpHostTitle'] = TRUE; // show HttpHost in browsers window title (true|false)?
$cfg['SetHttpHostTitle'] = ''; // if ShowHttpHostTitle=true, please set your host (server)
// or an other string, wich should be shown in browsers window title.
// If not set (or empty), the PMA will get your real Host-Adress.
$cfg['ErrorIconic'] = TRUE; // show some icons for warnings, errors and informations (true|false)?
$cfg['MainPageIconic'] = TRUE; // show icons in list on main page, on right panel top menu (server db table) and on menu tabs (true|false)?
$cfg['ReplaceHelpImg'] = TRUE; // show help button instead of strDocumentation (true|false)?
// theme manager
$cfg['ThemePath'] = './themes'; // using themes manager please set up here the path to 'themes'
// else leave empty
$cfg['ThemeManager'] = TRUE; // if you want to use selectable themes and if ThemesPath not empty
// set it to true, else set it to false (default is false);
$cfg['ThemeDefault'] = 'original'; // set up default theme, if ThemePath not empty
// you can set up here an valid path to themes or 'original' for
// the original pma-theme
//-----------------------------------------------------------------------------
/**
* Default queries
* %d will be replaced by the database name.
* %t will be replaced by the table name.
* %f will be replaced by a list of field names.
* (%t and %f only applies to DefaultQueryTable)
*/
$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1';
$cfg['DefaultQueryDatabase'] = '';
/**
* SQL Query box settings
* These are the links display in all of the SQL Query boxes
*/
$cfg['SQLQuery']['Edit'] = TRUE; // Edit link to change a query
$cfg['SQLQuery']['Explain'] = TRUE; // EXPLAIN on SELECT queries
$cfg['SQLQuery']['ShowAsPHP'] = TRUE; // Wrap a query in PHP
$cfg['SQLQuery']['Validate'] = FALSE; // Validate a query (see $cfg['SQLValidator'] as well)
$cfg['SQLQuery']['Refresh'] = TRUE; // Refresh the results page
/**
* Webserver upload/save/import directories
*/
$cfg['UploadDir'] = ''; // Directory for uploaded files that can be executed by
// phpMyAdmin. For example './upload'. Leave empty for
// no upload directory support
$cfg['SaveDir'] = ''; // Directory where phpMyAdmin can save exported data on
// server. For example './save'. Leave empty for no save
// directory support.
$cfg['docSQLDir'] = ''; // Directory for docSQL imports, phpMyAdmin can import
// docSQL files from that directory. For example
// './docSQL'. Leave empty for no docSQL import support.
$cfg['TempDir'] = ''; // Directory where phpMyAdmin can save temporary files.
// This is needed for MS Excel export, see documentation
// how to enable that.
/**
* Misc. settings
*/
$cfg['GD2Available'] = 'auto'; // Is GD >= 2 available? Set to yes/no/auto. 'auto'
// does autodetection, which is a bit expensive for
// php < 4.3.0, but it is the only safe vay how to
// determine GD version.
/**
* SQL Parser Settings
*/
$cfg['SQP']['fmtType'] = 'html'; // Pretty-printing style to use on queries (html, text, none)
$cfg['SQP']['fmtInd'] = '1'; // Amount to indent each level (floats ok)
$cfg['SQP']['fmtIndUnit'] = 'em'; // Units for indenting each level (CSS Types - {em,px,pt})
// The graphical settings are now located in themes/themename/layout.inc.php
/**
* If you wish to use the SQL Validator service, you should be
* aware of the following:
* All SQL statements are stored anonymously for statistical purposes.
* Mimer SQL Validator, Copyright 2002 Upright Database Technology.
* All rights reserved.
*/
$cfg['SQLValidator']['use'] = FALSE; // Make the SQL Validator available
$cfg['SQLValidator']['username'] = ''; // If you have a custom username, specify it here (defaults to anonymous)
$cfg['SQLValidator']['password'] = ''; // Password for username
/**
* Developers ONLY!
* To use the following, please install the DBG extension from http://dd.cron.ru/dbg/
*/
$cfg['DBG']['enable'] = FALSE; // Make the DBG stuff available
$cfg['DBG']['profile']['enable'] = FALSE; // Produce profiling results of PHP
$cfg['DBG']['profile']['threshold'] = 0.5; // Threshold of long running code to display
// Anything below the threshold is not displayed
/**
* MySQL settings
*/
// Column types;
// varchar, tinyint, text and date are listed first, based on estimated popularity
$cfg['ColumnTypes'] = array(
'VARCHAR',
'TINYINT',
'TEXT',
'DATE',
'SMALLINT',
'MEDIUMINT',
'INT',
'BIGINT',
'FLOAT',
'DOUBLE',
'DECIMAL',
'DATETIME',
'TIMESTAMP',
'TIME',
'YEAR',
'CHAR',
'TINYBLOB',
'TINYTEXT',
'BLOB',
'MEDIUMBLOB',
'MEDIUMTEXT',
'LONGBLOB',
'LONGTEXT',
'ENUM',
'SET'
);
// Attributes
$cfg['AttributeTypes'] = array(
'',
'BINARY',
'UNSIGNED',
'UNSIGNED ZEROFILL'
);
// Available functions
if ($cfg['ShowFunctionFields']) {
$cfg['Functions'] = array(
'ASCII',
'CHAR',
'SOUNDEX',
'LCASE',
'UCASE',
'NOW',
'PASSWORD',
'MD5',
'SHA1',
'ENCRYPT',
'RAND',
'LAST_INSERT_ID',
'COUNT',
'AVG',
'SUM',
'CURDATE',
'CURTIME',
'FROM_DAYS',
'FROM_UNIXTIME',
'PERIOD_ADD',
'PERIOD_DIFF',
'TO_DAYS',
'UNIX_TIMESTAMP',
'USER',
'WEEKDAY',
'CONCAT'
);
// Which column types will be mapped to which Group?
$cfg['RestrictColumnTypes'] = array(
'VARCHAR' => 'FUNC_CHAR',
'TINYINT' => 'FUNC_NUMBER',
'TEXT' => 'FUNC_CHAR',
'DATE' => 'FUNC_DATE',
'SMALLINT' => 'FUNC_NUMBER',
'MEDIUMINT' => 'FUNC_NUMBER',
'INT' => 'FUNC_NUMBER',
'BIGINT' => 'FUNC_NUMBER',
'FLOAT' => 'FUNC_NUMBER',
'DOUBLE' => 'FUNC_NUMBER',
'DECIMAL' => 'FUNC_NUMBER',
'DATETIME' => 'FUNC_DATE',
'TIMESTAMP' => 'FUNC_DATE',
'TIME' => 'FUNC_DATE',
'YEAR' => 'FUNC_DATE',
'CHAR' => 'FUNC_CHAR',
'TINYBLOB' => 'FUNC_CHAR',
'TINYTEXT' => 'FUNC_CHAR',
'BLOB' => 'FUNC_CHAR',
'MEDIUMBLOB' => 'FUNC_CHAR',
'MEDIUMTEXT' => 'FUNC_CHAR',
'LONGBLOB' => 'FUNC_CHAR',
'LONGTEXT' => 'FUNC_CHAR',
'ENUM' => '',
'SET' => ''
);
// Map above defined groups to any function
$cfg['RestrictFunctions'] = array(
'FUNC_CHAR' => array(
'ASCII',
'CHAR',
'SOUNDEX',
'LCASE',
'UCASE',
'PASSWORD',
'MD5',
'SHA1',
'ENCRYPT',
'LAST_INSERT_ID',
'USER',
'CONCAT'
),
'FUNC_DATE' => array(
'NOW',
'CURDATE',
'CURTIME',
'FROM_DAYS',
'FROM_UNIXTIME',
'PERIOD_ADD',
'PERIOD_DIFF',
'TO_DAYS',
'UNIX_TIMESTAMP',
'WEEKDAY'
),
'FUNC_NUMBER' => array(
'ASCII',
'CHAR',
'MD5',
'SHA1',
'ENCRYPT',
'RAND',
'LAST_INSERT_ID',
'COUNT',
'AVG',
'SUM'
)
);
// Default functions for above defined groups
$cfg['DefaultFunctions'] = array(
'FUNC_CHAR' => '',
'FUNC_DATE' => '',
'FUNC_NUMBER' => '',
'first_timestamp' => 'NOW'
);
} // end if
// Search operators
$cfg['NumOperators'] = array(
'=',
'>',
'>=',
'<',
'<=',
'!=',
'LIKE',
'NOT LIKE'
);
$cfg['TextOperators'] = array(
'LIKE',
'LIKE %...%',
'NOT LIKE',
'=',
'!=',
'REGEXP',
'NOT REGEXP'
);
$cfg['EnumOperators'] = array(
'=',
'!='
);
$cfg['NullOperators'] = array(
'IS NULL',
'IS NOT NULL'
);
$cfg['UnaryOperators'] = array(
'IS NULL' => 1,
'IS NOT NULL' => 1
);
/**
* Unset magic_quotes_runtime - do not change!
*/
set_magic_quotes_runtime(0);
/**
* File Revision - do not change either!
*/
$cfg['FileRevision'] = '$Revision: 2.41 $';
?>

77
update/data/templates/da-popb4smtp Normal file
View File

@@ -0,0 +1,77 @@
#!/bin/sh
# da-popb4smtp daemon Start/Stop/Status/Restart
# chkconfig: 2345 80 30
# description: Keeps track of who has authenticated \
# through vm-pop3d by looking at the /var/log/maillog \
# file and parsing it to find successfull connections.
# processname: da-popb4smtp
# pidfile: /var/run/da-popb4smtp.pid
### BEGIN INIT INFO
# Provides: da-popb4smtp
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: da-popb4smtp
# Description: da-popb4smtp daemon to scan maillog for authentication and usage
### END INIT INFO
# Source function library
. /etc/rc.d/init.d/functions
PROGBIN="/usr/local/directadmin/da-popb4smtp"
PROGLOCK=/var/lock/subsys/da-popb4smtp
PROGNAME=da-popb4smtp
#check the command line for actions
start() {
echo -n "Starting DA-PopB4Smtp: "
daemon $PROGBIN
echo
touch $PROGLOCK
}
stop() {
echo -n "Stopping DA-PopB4Smtp: "
if [ -e /var/run/da-popb4smtp.pid ]; then
kill -9 `cat /var/run/da-popb4smtp.pid`
else
killproc $PROGNAME
fi
echo
rm -f $PROGLOCK
}
reload() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $PROGNAME
;;
restart)
stop
start
;;
reload)
reload
;;
*)
echo "Usage: $1 {start|stop|status|reload|restart}"
exit 1
esac
exit 0

1652
update/data/templates/default/index.html Normal file
View File

File diff suppressed because it is too large Load Diff

41
update/data/templates/directadmin.conf Normal file
View File

@@ -0,0 +1,41 @@
#DirectAdmin config file
#For full listing of set variables, run: /usr/local/directadmin/directadmin c
#For information on a given variable, search it in the versions system: https://directadmin.com/versions.php
#More information on setting values to the directadmin.conf: https://help.directadmin.com/item.php?id=641
servername=|SERVER_NAME|
ns1=|NS1|
ns2=|NS2|
#Below, we have values for new installs, which override the internal defaults.
#They're listed here so as to not affect existing installs.
#many directories use ./ local path because of chroot.
docsroot=./data/skins/evolution
demodocsroot=./data/skins/evolution
apache_public_html=0
ssl=0
unified_ftp_password_file=1
secure_access_group=access
check_subdomain_owner=1
brute_force_log_scanner=1
add_userdb_quota=1
webmail_link=roundcube
default_private_html_link=1
mail_sni=1
dns_ttl=1
letsencrypt=1
php_fpm_max_children_default=10
zip=1
mysql_detect_correct_methods=1
dkim=2
pointers_own_virtualhost=1
system_user_to_virtual_passwd=1
dovecot=1
ipv6=1
zstd=1
backup_gzip=2

8
update/data/templates/dns_a.conf Normal file
View File

@@ -0,0 +1,8 @@
|*if IS_IPV6!="yes"|
|DOMAIN|.=|IP|
mail=|IP|
pop=|IP|
www=|IP|
ftp=|IP|
smtp=|IP|
|*endif|

8
update/data/templates/dns_aaaa.conf Normal file
View File

@@ -0,0 +1,8 @@
|*if IS_IPV6="yes"|
|DOMAIN|.=|IP|
mail=|IP|
pop=|IP|
www=|IP|
ftp=|IP|
smtp=|IP|
|*endif|

0
update/data/templates/dns_caa.conf Normal file
View File

0
update/data/templates/dns_cname.conf Normal file
View File

1
update/data/templates/dns_mx.conf Normal file
View File

@@ -0,0 +1 @@
mail=10

2
update/data/templates/dns_ns.conf Normal file
View File

@@ -0,0 +1,2 @@
|NS1|=|DOMAIN|.
|NS2|=|DOMAIN|.

1
update/data/templates/dns_spf.conf Normal file
View File

@@ -0,0 +1 @@
|DOMAIN|.="v=spf1 a mx ip4:|SERVER_IP||EXTRA_SPF||SPF_IPV6| ~all"

0
update/data/templates/dns_srv.conf Normal file
View File

0
update/data/templates/dns_tlsa.conf Normal file
View File

1
update/data/templates/dns_txt.conf Normal file
View File

@@ -0,0 +1 @@
|DOMAIN|.="v=spf1 a mx ip4:|SERVER_IP||EXTRA_SPF||SPF_IPV6| ~all"

4
update/data/templates/dovecot_sni.conf Normal file
View File

@@ -0,0 +1,4 @@
local_name "|HOST|" {
ssl_cert = <|CERT_COMBINED|
ssl_key = <|KEY|
}

46
update/data/templates/edit_files.txt Normal file
View File

@@ -0,0 +1,46 @@
/usr/local/directadmin/data/admin/ip_blacklist=user=root&group=root&permission=644
/usr/local/directadmin/data/admin/ip_whitelist=user=root&group=root&permission=644
/etc/ssh/sshd_config=user=root&group=root&permission=644&secure=yes
/etc/httpd/conf/httpd.conf=user=root&group=root&permission=644
/etc/httpd/conf/extra/httpd-includes.conf=user=root&group=root&permission=644&hide_if_not_exist=yes
/usr/local/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php53/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php54/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php55/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php56/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php57/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php70/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php71/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php72/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php73/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/php74/lib/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/usr/local/etc/php5/cgi/php.ini=user=root&group=root&permission=644&hide_if_not_exist=yes&secure=yes
/etc/exim.conf=user=root&group=root&permission=644
/etc/system_filter.exim=user=root&group=root&permission=644
/etc/dovecot/dovecot.conf=user=root&group=root&permission=644
/etc/aliases=user=root&group=root&permission=644
/etc/virtual/domainips=user=mail&group=mail&permission=640
/etc/virtual/helo_data=user=mail&group=mail&permission=640
/etc/virtual/snidomains=user=mail&group=mail&permission=640
/etc/proftpd.conf=user=root&group=root&permission=644&secure=yes
/etc/pure-ftpd.conf=user=root&group=root&permission=644&secure=yes
/etc/hosts.allow=user=root&group=root&permission=644
/etc/hosts.deny=user=root&group=root&permission=644
/etc/proftpd.vhosts.conf=user=root&group=root&permission=644
/usr/local/directadmin/conf/directadmin.conf=user=diradmin&group=diradmin&permission=600&secure=yes
/usr/local/directadmin/data/templates/edit_files.txt=user=root&group=root&permission=644&secure=yes
/usr/local/directadmin/data/templates/per_email_limit_email_message.txt=user=root&group=root&permission=644&secure=yes
/usr/local/directadmin/data/templates/custom/per_email_limit_email_message.txt=user=root&group=root&permission=644&secure=yes&hide_if_not_exist=yes
/etc/exim.key=user=mail&group=mail&permission=644
/etc/exim.cert=user=mail&group=mail&permission=644
/var/spool/exim/blocked_authenticated_users=user=mail&group=mail&permission=600&hide_if_not_exist=yes
/var/spool/exim/blocked_script_paths=user=mail&group=mail&permission=600&hide_if_not_exist=yes
/etc/httpd/conf/ssl.crt/server.crt=user=root&group=root&permission=600
/etc/httpd/conf/ssl.key/server.key=user=root&group=root&permission=600
/etc/httpd/conf/ssl.crt/server.crt=user=root&group=root&permission=600
/usr/local/directadmin/conf/cacert.pem=user=diradmin&group=diradmin&permission=400
/usr/local/directadmin/conf/cakey.pem=user=diradmin&group=diradmin&permission=400
/usr/local/directadmin/conf/carootcert.pem=user=diradmin&group=diradmin&permission=400
/etc/named.conf=user=root&group=root&permission=644&hide_if_not_exist=yes
/etc/bind/named.conf=user=root&group=root&permission=644&hide_if_not_exist=yes
/etc/namedb/named.conf=user=root&group=root&permission=644&hide_if_not_exist=yes

23
update/data/templates/email_limit_message.txt Normal file
View File

@@ -0,0 +1,23 @@
|?SUBJECT=Warning: `COUNT` emails have just been sent by `USERNAME`|
The |USERNAME| account has just finished sending |COUNT| emails.
There could be a spammer, the account could be compromised, or just sending more emails than usual.
After some processing of the |BYTES_FILE| file, it was found that the highest sender was |TOP_SENDER|, at |TOP_SENDER_COUNT| emails.
|*if TOP_AUTH_PERCENT>"20"|
The top authenticated user was |TOP_AUTH|, at |TOP_AUTH_COUNT| emails.
This accounts for |TOP_AUTH_PERCENT|% of the emails. The higher the value, the more likely this is the source of the emails.
An authenticated username is the user and password value used at smtp time to authenticate with exim for delivery.|*endif|
|*if TOP_HOST_PERCENT>"20"|
The top sending host was |TOP_HOST|, at |TOP_HOST_COUNT| emails (|TOP_HOST_PERCENT|%).|*endif|
|*if TOP_PATH_PERCENT>"20"|
The most common path that the messages were sent from is |TOP_PATH|, at |TOP_PATH_COUNT| emails (|TOP_PATH_PERCENT|%).
The path value may only be of use if it's pointing to that of a User's home directory.
If the path is a system path, it likely means the email was sent through smtp rather than using a script.|*endif|
|*if TOP_PHP_SCRIPT_PERCENT>"20"|
The top sending script was |TOP_PHP_SCRIPT|, at |TOP_PHP_SCRIPT_COUNT| emails, (|TOP_PHP_SCRIPT_PERCENT|%).|*endif|
|*if TOP_PHP_SCRIPT_PERCENT>DISABLE_PHP_SCRIPT_AT_LIMIT_THRESHOLD|Because the bulk of the emails have been sent by the script, please check it to confirm it has not been compromised.|*endif|
|*if SCRIPT_CHMOD_RESULT!=""||SCRIPT_CHMOD_RESULT||*endif|
This warning was generated because the |LIMIT| email threshold was hit.
|MSG_FOOTER|

35
update/data/templates/email_pass_change/index.html Normal file
View File

@@ -0,0 +1,35 @@
<html>
<head>
<title>
Change Email Password
</title>
<meta name="robots" content="noindex,nofollow">
<style>
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; }
b { FONT-WEIGHT: bold; }
.listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; }
td.list { BACKGROUND: #EEEEEE; white-space: nowrap; }
</style>
</head>
<body>
<center>
<br><br><br>
<b>Change E-Mail Password</b>
<br><br>
<table cellpadding=5 cellspacing=1>
<form action="/CMD_CHANGE_EMAIL_PASSWORD" method="POST">
<tr><td class=listtitle colspan=2>Enter the required information below</td></tr>
<tr><td class=list align=right>Email Address:</td><td class=list><input type=text name=email size=32></td></tr>
<tr><td class=list align=right>Old Password:</td><td class=list><input type=password name=oldpassword size=32></td></tr>
<tr><td class=list align=right>New Password:</td><td class=list><input type=password name=password1 size=32></td></tr>
<tr><td class=list align=right>Re-Type Password:</td><td class=list><input type=password name=password2 size=32></td></tr>
<tr><td class=listtitle colspan=2 align=right><input type=submit value="Change Password"></td></tr>
</form>
</table>
<br><br>
</center>
</body>
</html>

12
update/data/templates/exim.bubblewrap.conf Normal file
View File

@@ -0,0 +1,12 @@
defaults
auth plain
tls off
account localhost
host 127.0.0.1
port 25
timeout 10
protocol smtp
from %U@%H
user |SMTP_USERNAME|
password |SMTP_PASSWORD|
account default : localhost

924
update/data/templates/exim.conf Normal file
View File

@@ -0,0 +1,924 @@
######################################################################
# Runtime configuration file for Exim #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ########
# WARNING! Be sure to back up your previous exim.conf file before #
# attempting to use this exim.conf file. #
# #
# Do may not use this exim.conf Exim configuration file unless you #
# make the required modifications to your Exim configuration #
# following the instructions found below, in the section marked #
# "MODIFICATION INSTRUCTIONS". #
# #
# This is version "RSS-1.0da" of the exim.conf file as distributed #
# by nobaloney.net. #
# #
# The "RSS" stands for "Really Stop Spam", as the author believes #
# this distribution of the exim.conf file will Really Stop Spam. #
# Note that "Really Stop Spam" is both a trademark and a service #
# mark of nobaloney.net. #
# #
# The "da" stands for DirectAdmin as this distribution of the #
# exim.conf file is specific to the DirectAdmin control panel #
# installation. More information about DirectAdmin may be found at #
# http://www.directadmin.com. #
# #
# This Exim configuration file has been modified from the original #
# as distributed with Exim 4. The modifications have been made by: #
# #
# Jeff Lasman #
# nobaloney.net #
# P. O. Box 52672 #
# Riverside, CA 92517 #
# info@nobaloney.net #
# (909) 324-9706 #
# #
# Note that neither nobaloney.net nor Jeff Lasman have any #
# affiliation with DirectAdmin. #
# #
######################################################################
# #
# The most recent version of this distribution may always be #
# downloaded from the website at #
# #
# http://www.nobaloney.net/exim/exim.conf.spamblocked #
# #
######################################################################
# #
# Portions of this file are taken from the exim.conf file as #
# distributed with Exim 4, which includes the following copyright #
# notice: #
# #
# Copyright © 2002 University of Cambridge, Cambridge, UK #
# #
# Portions of this file are taken from the exim.conf file as #
# distributed with DirectAdmin (http://www.directadmin.com/), #
# #
# © 2003 JBMC Software, St Albert, AB, Canada #
# #
# Portions of this file are written by Jeff Lasman, of #
# nobaloney.net and are copyright as follows: #
# #
# Copyright © 2004 nobaloney.net, Riverside, Calif., USA #
# #
# The entire Exim 4 distribution, including this file, is #
# distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, #
# June 1991. If you do not have a copy of the GNU GENERAL #
# PUBLIC LICENSE you may download it, in it's entirety, from #
# the website at #
# #
# http://www.nobaloney.net/exim/gnu-gpl-v2.txt #
# #
######################################################################
# #
# This file is divided into several parts, all but the first of #
# which are# headed by a line starting with the word "begin". Only #
# those parts that are required need to be present. Blank lines, and #
# lines starting with # are ignored. #
# #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ########
# #
# Whenever you change Exim's configuration file, you *must* remember #
# to HUP the Exim daemon, because it will not pick up the new #
# configuration until you do. However, any other Exim processes that #
# are started, for example, a process started by an MUA in order to #
# send a message, will see the new configuration as soon as it is in #
# place. #
# #
# You do not need to HUP the daemon for changes in auxiliary files #
# that are referenced from this file. They are read every time they #
# are used. #
# #
# It is usually a good idea to test a new configuration for #
# syntactic correctness before installing it (for example, by #
# running the command "exim -C /config/file.new -bV"). #
# #
### MODIFICATION INSTRUCTIONS ########## MODIFICATION INSTRUCTIONS ###
# #
# YOU MUST MAKE THE FOLLOWING CHANGES TO DIRECTADMIN: #
# 1) Add a file /etc/virtual/blacklist_domains #
# This file should contain the domain names of so-called legal #
# spammers and other spam sources that do not always get caught #
# by blocklists, but that, nevertheless, you do not want to be #
# able to send spam to your domains on your server for which #
# you've enabled spamblocking. #
# #
# 2) Add a file /etc/virtual/whitelist_from #
# This file should contain the fully-qualified hostnames or IP#s #
# of servers that you DO want to be able to get email from even #
# if they're otherwise caught by blocklists. Your own domain #
# need not be listed here to enable you to get unblock requests, #
# whitelisting of email to your "errors" address will be handled #
# separately, below. #
# #
# 3) Add a file /etc/virtual/use_rbl_domains #
# This is a list of domains on your server that want spamblocking #
# to be used for them so they won't get spam. Spam will not be #
# blocked for any domains on your server unless they're listed #
# in this file. Note that the domain names in this file should #
# follow the same format as the domain names in the #
# /etc/virtual/domains file. You may just copy the domains file #
# to this file if you wish to use spamblocking for all your #
# domains but we recommend giving your domain users a choice. #
# #
# Note that the above files should have the same ownership and #
# permissions as /etc/virtual/domains. Normally this should be: #
# owner = mail, group = mail, chmod 644. #
# #
# YOU MUST MAKE THE FOLLOWING MODIFICATIONS TO YOUR WEBISTE: #
# #
# Note that if anyone is blocked while trying to send you a #
# legitimate (non-spam) email, the "non-delivery" message they'll #
# get will include a reference to a webpage where they'll need to #
# vist to get their email addressed unblocked. You should create #
# such a webpage before you implement this file. The webpage may #
# include either a form for them to send you the information you #
# need to unblock them, or instructions for them to email you so you #
# can unblock them. #
# #
# You'll need the full name of their server to unblock them, by #
# putting the server name into the /etc/virtual/whitelist_from #
# file. There are two ways you can get this information: #
# #
# 1) You can create a form that will ask them for the address #
# they're trying to reach, the address they're sending the email #
# from, and the canonical name of their email server. Since they #
# may not know the name of their email server, this must be #
# optional, and if they leave it blank you'll have to find their #
# attempt to send email in your exim /var/log/exim/rejectlog file #
# and get the name of the server from there. #
# #
# 2) You can ask them to send you an email from the same address #
# that they were blocked from, but to (for example) #
# "errors@example.com" (but changing it to an address you want to #
# use, at one of your domains). When they send you the email you #
# should be able to find the name of their server in the headers #
# of the incoming email. #
# #
# Either way, you'll need to put the canonical name of their #
# nameserver into your /etc/virtual/whitelist_from file. #
# #
# You won't use the name they're sending email to for any purpose, #
# except possibly to verify the attempt in your #
# /var/log/exim/rejectlog file. It's really just a "red-herring" so #
# no one will just send you their email address and server name so #
# they can then spam your users. #
# #
# YOU MUST MAKE THE FOLLOWING MODIFICATIONS TO THIS FILE: #
# #
# Wherever you find the domain name "example.com" you must make #
# changes to customize this file for your server. If you leave #
# the sample "example.com" domain in this file then you will most #
# likely get false positives hits as spam and you will not notify #
# the senders how to be unblocked. #
# #
# YOU MUST change "example.com" to the domain name you'll be using #
# for an explanation website for anyone who gets blocked who #
# shouldn't be blocked (see notes above). #
# #
# Additionally, wherever "example.com" is used in an error message #
# being sent because an email is blocked, you should make sure that #
# the domain name includes any optional page you want senders to be #
# sent to in order to get themselves unblocked. #
# #
######## OPTIONAL MODIFICATIONS ###### OPTIONAL MODIFICATIONS ########
# #
# Optional modifications are marked below as: #
# # OPTIONAL MODIFICATIONS #
# #
# Check below for any optional modifications you wish to make to #
# this exim.conf file before installing it. #
# #
# Any settings below should not be commented out, uncommented, or #
# changed, unless they're marked with the OPTIONAL MODIFICATIONS #
# line unless you're sure what you are doing or you may break your #
# exim server configuration. #
# Should you break your exim configuration you should reinstall your #
# exim.conf file from scratch, either from a backup of the file you #
# used previously, or from one newly downloaded from our site (see #
# above) or from DirectAdmin. #
# #
######################################################################
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name. In many cases this does
# the right thing and you need not set anything explicitly.
# primary_hostname =
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.
# qualify_domain =
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.
# qualify_recipient =
# the next line is required to start the smtp auth script included
# in DirectAdmin
perl_startup = do '/etc/exim.pl'
# the next line is required to start the system_filter included in
# DirectAdmin to refuse potentiallly harmful payloads in
# email messages
system_filter = /etc/system_filter.exim
# SET SOME MEANINGFUL LIMITS
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
message_size_limit = 20M
smtp_receive_timeout = 5m
smtp_accept_max = 100
message_body_visible = 3000
# ALLOW UNDERSCORE IN EMAIL DOMAIN NAME
# domains shouldn't use the underscore character "_" but some
# may. Because John Postel, one of the architects of the Internet,
# said "Be liberal in what you accept and conservative in what you
# transmit, we choose to allow underscore in email domain names so we
# can receive email form domains which use the underscore character
# in their domain name.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
helo_allow_chars = _
# CHANGE LOGGING BEHAVIOR
# We weren't happy with the default Exim logging behavior through
# syslog; it didn't give us enough information. So we turned off
# syslog behavior and changed the logging behavior to give us what we
# felt was more helpful information. You may choose to delete or modify
# this section.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
# define what to log:
# define the => log lines
# +delivery_size
# +sender_on_delivery
#
# define the <= log lines:
# +received_recipients
# +received_sender
# +smtp_confirmation
# +subject
#
# define other non '<= =>' log lines:
# +smtp_incomplete_transaction
###################################
# define what to not log:
# define other non "<= =>' log lines:
# -dnslist_defer
# -host_lookup_failed
# -queue_run
# -rejected_header
# -retry_defer
# -skip_delivery
###################################
log_selector = \
+delivery_size \
+sender_on_delivery \
+received_recipients \
+received_sender \
+smtp_confirmation \
+subject \
+smtp_incomplete_transaction \
-dnslist_defer \
-host_lookup_failed \
-queue_run \
-rejected_header \
-retry_defer \
-skip_delivery
syslog_duplication = false
# These options specify the Access Control Lists (ACLs) that
# are used for incoming SMTP messages - after the RCPT and DATA
# commands, respectively.
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message
# define local lists
domainlist blacklist_domains = lsearch;/etc/virtual/blacklist_domains
domainlist whitelist_from = lsearch;/etc/virtual/whitelist_from
domainlist local_domains = lsearch;/etc/virtual/domains
domainlist relay_domains = lsearch;/etc/virtual/domains : localhost
domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains
hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
hostlist auth_relay_hosts = *
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above. You also need to comment "forbid_domain_literals" below. This is not
# recommended for today's Internet.
# DO NOT ALLOW HOST LITERALS
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to uncomment the line
# below and change the allow_domain_literals line below to true
# to allow domain literals in your environment
# local_domains_include_host_literals
# The following line prevents Exim from recognizing addresses of the form
# "user@[111.111.111.111]" that is, with a "domain literal" (an IP address)
# instead of a named domain. The RFCs still require this form, but it makes
# little sense to permit mail to be sent to specific hosts by their IP address
# in the modern Internet, and this ancient format has been used by those
# seeking to abuse hosts by using them for unwanted relaying. If you really
# do want to support domain literals, remove the following line, and see
# also the "domain_literal" router below.
allow_domain_literals = false
# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.
never_users = root
# DO HOST LOOKUP
# OPTIONAL MODIFICATIONS:
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
# DISALLOW IDENT CALLBACKS
# OPTIONAL MODIFICATIONS:
# Exim may be set to make RFC 1413 (ident) callbacks for all incoming SMTP
# calls. You can limit the hosts to which these calls are made, and/or change
# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
# are disabled. RFC 1413 calls are cheap and can provide useful information
# for tracing problem messages, but some hosts and firewalls have problems
# with them. This can result in a timeout instead of an immediate refused
# connection, leading to delays on starting up an SMTP session. By default
# we disable callbacks for incoming SMTP calls. You may change
# rfc1413_query_timeout to 30s or some other positive number of seconds to
# enable callbacks for incoming SMTP calls.
rfc1413_hosts = *
rfc1413_query_timeout = 0s
# BOUNCE MESSAGES
# OPTIONAL MODIFICATIONS:
# When Exim can neither deliver a message nor return it to sender, it
# "freezes" the delivery error message (aka "bounce message"). There are also
# other circumstances in which messages get frozen. They will stay on the
# queue forever unless one or both of the following options is set.
# This option unfreezes unfreezes bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.
ignore_bounce_errors_after = 2d
# This option cancels (removes) frozen messages that are older than five days.
timeout_frozen_after = 5d
# TRUSTED USERS
# OPTIONAL MODIFICATIONS:
# if you must add additional trusted users, do so here; continue the
# colon-delimited list
trusted_users = mail:majordomo:apache
# SSL/TLS cert and key
tls_certificate = /etc/exim.cert
tls_privatekey = /etc/exim.key
tls_advertise_hosts = *
#auth_over_tls_hosts = *
######################################################################
# ACLs #
######################################################################
begin acl
# ACL that is used after the RCPT command
check_recipient:
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
# Deny for local domains if local parts begin with a dot or
# contain @ % ! / |
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
# allow local users to send outgoing messages using slashes
# and vertical bars in their local parts but blocks outgoing
# local parts that begin with a dot, slash, or vertical bar
# but allows them within the local part. The sequence \..\
# is barred. The usage of @ % and ! is barred as before. The
# motiviation is to prevent your users (or their virii) from
# mounting certain kinds of attacks on reverse sites.
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
# accept email from anyone in the whitelist_from list
accept domains = +whitelist_from
# accept mail to postmaster in any local domain, regardless of source
accept local_parts = postmaster
domains = +local_domains
# accept mail to abuse in any local domain, regardless of source
accept local_parts = abuse
domains = +local_domains
# accept mail to hostmaster in any local domain, regardless of source
accept local_parts = hostmaster
domains =+local_domains
# OPTIONAL MODIFICATIONS:
# If the page you're using to notify senders of blocked email of how
# to get their address unblocked will use a web form to send you email so
# you'll know to unblock those senders, then you may leave these lines
# commented out. However, if you'll be telling your senders of blocked
# email to send an email to errors@yourdomain.com, then you should
# replace "errors" with the left side of the email address you'll be
# using, and "example.com" with the right side of the email address and
# then uncomment the second two lines, leaving the first one commented.
# Doing this will mean anyone can send email to this specific address,
# even if they're at a blocked domain, and even if your domain is using
# blocklists.
# accept mail to errors@example.com, regardless of source
# accept local_parts = errors
# domains = example.com
# deny so-called "legal" spammers"
# but do bypass all checking for whitelisted host names
deny message = You may think you're legal but you're still an unwanted spammer
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
sender_domains = +blacklist_domains
# Deny unless sender address can be verified:
# This statement requires the sender address to be verified before any
# subsequent ACL statement can be used. If verification fails, the incoming
# recipient address is refused. Verification consists of trying to route the
# address, to see if a bounce message could be delivered to it. In the case of
# remote addresses, basic verification checks only the domain.
require verify = sender
# Deny stuff from insecure hosts & spammers. No exceptions for known users.
# but do bypass all checking for whitelisted host names
deny message = to unblock $sender_host_name see http://www.example.com/
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
# only smtp.dnsbl.sorbs.net = 127.0.0.5
dnslists = sbl.spamhaus.org : \
relays.ordb.org : \
dnsbl.sorbs.net=127.0.0.5
# Next deny stuff from more "fuzzy" blacklists
# but do bypass all checking for whitelisted host names
deny message = to unblock $sender_host_name see http://www.example.com/
hosts = !+relay_hosts
domains =+use_rbl_domains
!authenticated = *
# dnslists not including spam.dnsbl.sorbs.net
dnslists = bl.spamcop.net : \
dnsbl.njabl.org : \
cbl.abuseat.org : \
dnsbl.sorbs.net!=127.0.0.6
deny message = to unblock $sender_host_name see http://www.example.com/
domains =+use_rbl_domains
# rhsbl list is name based
dnslists = rhsbl.sorbs.net/$sender_address_domain
# accept if address is in a local domain as long as recipient can be verified
accept domains = +local_domains
endpass
verify = recipient
# accept if address is in a domain for which we relay as long as recipient
# can be verified
accept domains = +relay_domains
endpass
verify=recipient
# accept if message comes for a host for which we are an outgoing relay
# recipient verification is omitted because many MUA clients don't cope
# well with SMTP error responses. If you are actually relaying from MTAs
# then you should probably add recipient verify here
accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts
endpass
message = authentication required
authenticated = *
deny message = relay not permitted
# default at end of acl causes a "deny", but line below will give
# an explicit error message:
deny message = relay not permitted
# ACL that is used after the DATA command
check_message:
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_condition = "${perl{smtpauth}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{smtpauth}}"
server_set_id = $1
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
begin routers
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
# This router routes to remote hosts over SMTP using a DNS lookup. Any domain
# that resolves to an IP address on the loopback interface (127.0.0.0/8) is
# treated as if it had no DNS entry.
lookuphost:
driver = dnslookup
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
condition = "${perl{check_limits}}"
transport = remote_smtp
no_more
# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to comment out
# "forbid_domain_literals" above, so that Exim can recognize the syntax of
# domain literal addresses.
# domain_literal:
# driver = ipliteral
# transport = remote_smtp
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).
# Spam Assassin
#spamcheck_director:
# driver = accept
# condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
# retry_use_local_part
# transport = spamcheck
# no_verify
majordomo_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
no_rewrite
user = majordomo
majordomo_private:
driver = redirect
allow_defer
allow_fail
#condition = "${if eq {$received_protocol} {local} {true} {false} }"
condition = "${if or { {eq {$received_protocol} {local}} \
{eq {$received_protocol} {spam-scanned}} } {true} {false} }"
data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
user = majordomo
domain_filter:
driver = redirect
allow_filter
no_check_local_user
condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}"
user = "mail"
file = /etc/virtual/${domain}/filter
file_transport = address_file
pipe_transport = virtual_address_pipe
retry_use_local_part
no_verify
uservacation:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = uservacation
unseen
userautoreply:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = userautoreply
unseen
virtual_aliases_nostar:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
unseen
#include_domain = true
virtual_user:
driver = accept
condition = ${if eq {}{${if exists{/etc/virtual/${domain}/passwd}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/passwd}}}}}{no}{yes}}
domains = lsearch;/etc/virtual/domainowners
group = mail
retry_use_local_part
transport = virtual_localdelivery
virtual_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
#include_domain = true
# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A. The three transports specified at the
# end are those that are used when forwarding generates a direct delivery
# to a file, or to a pipe, or sets up an auto-reply, respectively.
userforward:
driver = redirect
allow_filter
check_ancestor
check_local_user
no_expn
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify
system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim
localuser:
driver = accept
check_local_user
condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
transport = local_delivery
# This director matches local user mailboxes.
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a director or a router that
# successfully handles an address.
# Spam Assassin
begin transports
spamcheck:
driver = pipe
batch_max = 100
command = /usr/sbin/exim -oMr spam-scanned -bS
current_directory = "/tmp"
group = mail
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
use_bsmtp
user = mail
# must use a privileged user to set $received_protocol on the way back in!
#majordomo
majordomo_pipe:
driver = pipe
group = daemon
return_fail_output
user = majordomo
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
local_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
file = /var/mail/$local_part
group = mail
mode = 0660
return_path_add
user = ${local_part}
## for delivering virtual domains to their own mail spool
virtual_localdelivery:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 700
envelope_to_add
file = /var/spool/virtual/${domain}/${local_part}
group = mail
mode = 660
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}
## vacation transport
uservacation:
driver = autoreply
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {I am on vacation}}"
text = "\
------ ------\n\n\
This message was automatically generated by email software\n\
The delivery of your message has not been affected.\n\n\
------ ------\n\n"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
userautoreply:
driver = autoreply
bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {Autoreply Message}}"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the directors
# section below.
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
group = nobody
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
# End of Exim 4 configuration

576
update/data/templates/exim.pl Normal file
View File

@@ -0,0 +1,576 @@
#!/usr/bin/perl
#VERSION=14
sub get_domain_owner
{
my ($domain) = @_;
my $username="";
open(DOMAINOWNERS,"/etc/virtual/domainowners");
while (<DOMAINOWNERS>)
{
$_ =~ s/\n//;
my ($dmn,$usr) = split(/: /, $_);
if ($dmn eq $domain)
{
close(DOMAINOWNERS);
return $usr;
}
}
close(DOMAINOWNERS);
return -1;
}
# hit_limit_user
# checks to see if a username has hit the send limit.
# returns:
# -1 for "there is no limit"
# 0 for "still under the limit"
# 1 for "at the limit"
# 2 for "over the limit"
sub hit_limit_user
{
my($username) = @_;
my $count = 0;
my $email_limit = 0;
if (open (LIMIT, "/etc/virtual/limit_$username"))
{
$email_limit = int(<LIMIT>);
close(LIMIT);
}
else
{
open (LIMIT, "/etc/virtual/limit");
$email_limit = int(<LIMIT>);
close(LIMIT);
}
if ($email_limit > 0)
{
#check this users limit
$count = (stat("/etc/virtual/usage/$username"))[7];
#this is their last email.
if ($count == $email_limit)
{
return 1;
}
if ($count > $email_limit)
{
return 2;
}
return 0;
}
return -1;
}
# hit_limit_email
# same idea as hit_limit_user, except we check the limits (if any) for per-email accounts.
sub hit_limit_email
{
my($user,$domain) = @_;
my $user_email_limit = 0;
if (open (LIMIT, "/etc/virtual/$domain/limit/$user"))
{
$user_email_limit = int(<LIMIT>);
close(LIMIT);
}
else
{
if (open (LIMIT, "/etc/virtual/user_limit"))
{
$user_email_limit = int(<LIMIT>);
close(LIMIT);
}
}
if ($user_email_limit > 0)
{
my $count = 0;
$count = (stat("/etc/virtual/$domain/usage/$user"))[7];
if ($count == $user_email_limit)
{
return 1;
}
if ($count > $user_email_limit)
{
return 2;
}
return 0;
}
return -1;
}
#smtpauth
#called by exim to verify if an smtp user is allowed to
#send email through the server
#possible success:
# user is in /etc/virtual/domain.com/passwd and password matches
# user is in /etc/passwd and password matches in /etc/shadow
sub smtpauth
{
$username = Exim::expand_string('$1');
$password = Exim::expand_string('$2');
$extra = Exim::expand_string('$3');
$domain = "";
$unixuser = 1;
#check for netscape that offsets the login/pass by one
if ($username eq "" && length($extra) > 0)
{
$username = $password;
$password = $extra;
}
if ($username =~ /\@/)
{
$unixuser = 0;
($username,$domain) = split(/\@/, $username);
if ($domain eq "") { return "no"; }
}
if ($unixuser == 1)
{
#the username passed doesn't have a domain, so its a system account
$homepath = (getpwnam($username))[7];
if ($homepath eq "") { return 0; }
open(PASSFILE, "< $homepath/.shadow") || return "no";
$crypted_pass = <PASSFILE>;
close PASSFILE;
if ($crypted_pass eq crypt($password, $crypted_pass))
{
my $limit_check = hit_limit_user($username);
if ($limit_check > 1)
{
die("The email send limit for $username has been reached\n");
}
return "yes";
}
else { return "no"; }
}
else
{
#the username contain a domain, which is now in $domain.
#this is a pure virtual pop account.
open(PASSFILE, "< /etc/virtual/$domain/passwd") || return "no";
while (<PASSFILE>)
{
($test_user,$test_pass) = split(/:/,$_);
$test_pass =~ s/\n//g; #snip out the newline at the end
if ($test_user eq $username)
{
if ($test_pass eq crypt($password, $test_pass))
{
close PASSFILE;
my $domain_owner = get_domain_owner($domain);
if ($domain_owner != -1)
{
my $limit_check = hit_limit_user($domain_owner);
if ($limit_check > 1)
{
die("The email send limit for $domain_owner has been reached\n");
}
$limit_check = hit_limit_email($username, $domain);
if ($limit_check > 1)
{
die("The email send limit for $username\@${domain} has been reached\n");
}
}
return "yes";
}
}
}
close PASSFILE;
return "no";
}
return "no";
}
sub find_uid_apache
{
my ($work_path) = @_;
my @pw;
# $pwd will probably look like '/home/username/domains/domain.com/public_html'
# it may or may not use /home though. others are /usr/home, but it's ultimately
# specified in the /etc/passwd file. We *could* parse through it, but for efficiency
# reasons, we'll only check /home and /usr/home .. if they change it, they can
# manually adjust if needed.
@dirs = split(/\//, $work_path);
foreach $dir (@dirs)
{
# check the dir name for a valid user
# get the home dir for that user
# compare it with the first part of the work_path
if ( (@pw = getpwnam($dir)) )
{
if ($work_path =~/^$pw[7]/)
{
return $pw[2];
}
}
}
return -1;
}
sub find_uid_auth_id
{
# this will be passwed either
# 'username' or 'user@domain.com'
my ($auth_id) = @_;
my $unixuser = 1;
my $domain = "";
my $user = "";
my $username = $auth_id;
my @pw;
if ($auth_id =~ /\@/)
{
$unixuser = 0;
($user,$domain) = split(/\@/, $auth_id);
if ($domain eq "") { return "-1"; }
}
if (!$unixuser)
{
# we need to take $domain and get the user from /etc/virtual/domainowners
# once we find it, set $username
my $u = get_domain_owner($domain);;
if ($u != -1)
{
$username = $u;
}
}
#log_str("username found from $auth_id: $username:\n");
if ( (@pw = getpwnam($username)) )
{
return $pw[2];
}
return -1;
}
sub find_uid_sender
{
my $sender_address = Exim::expand_string('$sender_address');
my ($user,$domain) = split(/\@/, $sender_address);
my $primary_hostname = Exim::expand_string('$primary_hostname');
if ( $domain eq $primary_hostname )
{
@pw = getpwnam($user);
return $pw[2];
}
my $username = get_domain_owner($domain);
if ( (@pw = getpwnam($username)) )
{
return $pw[2];
}
return -1;
}
sub find_uid
{
my $uid = Exim::expand_string('$originator_uid');
my $username = getpwuid($uid);
my $auth_id = Exim::expand_string('$authenticated_id');
my $work_path = $ENV{'PWD'};
if ($username eq "apache" || $username eq "nobody" || $username eq "webapps")
{
$uid = find_uid_apache($work_path);
if ($uid != -1) { return $uid; }
}
$uid = find_uid_auth_id($auth_id);
if ($uid != -1) { return $uid; }
# we don't want to rely on this, but it's all thats left.
return find_uid_sender;
}
sub uid_exempt
{
my ($uid) = @_;
if ($uid == 0) { return 1; }
my $name = getpwuid($uid);
if ($name eq "root") { return 1; }
if ($name eq "diradmin") { return 1; }
return 0;
}
#check_limits
#used to enforce limits for the number of emails sent
#by a user. It also logs the bandwidth of the data
#for received mail.
sub check_limits
{
#find the curent user
$uid = find_uid();
#log_str("Found uid: $uid\n");
if (uid_exempt($uid)) { return "yes"; }
my $name="";
#check this users limit
$name = getpwuid($uid);
if (!defined($name))
{
#possibly the sender-verify
$name = "unknown";
#return "yes";
}
my $count = 0;
my $email_limit = 0;
if (open (LIMIT, "/etc/virtual/limit_$name"))
{
$email_limit = int(<LIMIT>);
close(LIMIT);
}
else
{
open (LIMIT, "/etc/virtual/limit");
$email_limit = int(<LIMIT>);
close(LIMIT);
}
my $sender_address = Exim::expand_string('$sender_address');
my $authenticated_id = Exim::expand_string('$authenticated_id');
my $sender_host_address = Exim::expand_string('$sender_host_address');
my $mid = Exim::expand_string('$message_id');
my $message_size = Exim::expand_string('$message_size');
my $local_part = Exim::expand_string('$local_part');
my $domain = Exim::expand_string('$domain');
my $timestamp = time();
my $is_retry = 0;
if ($email_limit > 0)
{
#check this users limit
$count = (stat("/etc/virtual/usage/$name"))[7];
if ($count > $email_limit)
{
die("You ($name) have reached your daily email limit of $email_limit emails\n");
}
if ($mid ne "")
{
if (! -d "/etc/virtual/usage/${name}_ids")
{
mkdir("/etc/virtual/usage/${name}_ids", 0770);
}
my $mid_char = substr($mid, 0, 1);
if (! -d "/etc/virtual/usage/${name}_ids/$mid_char")
{
mkdir("/etc/virtual/usage/${name}_ids/$mid_char", 0770);
}
my $id_file = "/etc/virtual/usage/${name}_ids/$mid_char/$mid";
if (-f $id_file)
{
$is_retry = 1;
}
else
{
open(IDF, ">>$id_file");
print IDF "log_time=$timestamp\n";
close(IDF);
chmod (0660, $id_file);
}
}
#this is their last email.
if (($count == $email_limit) && ($is_retry != 1))
{
#taddle on the dataskq
#note that the sender_address here is only the person who sent the last email
#it doesnt meant that they have sent all the spam
#this action=limit will trigger a check on usage/user.bytes, and DA will try and figure it out.
open(TQ, ">>/etc/virtual/mail_task.queue");
print TQ "action=limit&username=$name&count=$count&limit=$email_limit&email=$sender_address&authenticated_id=$authenticated_id&sender_host_address=$sender_host_address&log_time=$timestamp\n";
close(TQ);
chmod (0660, "/etc/virtual/mail_task.queue");
}
if ($is_retry != 1)
{
open(USAGE, ">>/etc/virtual/usage/$name");
print USAGE "1";
close(USAGE);
chmod (0660, "/etc/virtual/usage/$name");
}
}
if ( ($authenticated_id ne "") && ($is_retry != 1) )
{
my $user="";
my $domain="";
($user, $domain) = (split(/@/, $authenticated_id));
if ($domain ne "")
{
my $user_email_limit = 0;
if (open (LIMIT, "/etc/virtual/$domain/limit/$user"))
{
$user_email_limit = int(<LIMIT>);
close(LIMIT);
}
else
{
if (open (LIMIT, "/etc/virtual/user_limit"))
{
$user_email_limit = int(<LIMIT>);
close(LIMIT);
}
}
if ($user_email_limit > 0)
{
$count = 0;
$count = (stat("/etc/virtual/$domain/usage/$user"))[7];
if ($count == $user_email_limit)
{
open(TQ, ">>/etc/virtual/mail_task.queue");
print TQ "action=userlimit&username=$name&count=$count&limit=$user_email_limit&email=$sender_address&authenticated_id=$authenticated_id&sender_host_address=$sender_host_address&log_time=$timestamp\n";
close(TQ);
chmod (0660, "/etc/virtual/mail_task.queue");
}
if ($count > $user_email_limit)
{
die("Your E-Mail ($authenticated_id) has reached it's daily email limit of $user_email_limit emails\n");
}
if (! -d "/etc/virtual/$domain/usage")
{
mkdir("/etc/virtual/$domain/usage", 0770);
}
if (-d "/etc/virtual/$domain/usage")
{
open(USAGE, ">>/etc/virtual/$domain/usage/$user");
print USAGE "1";
close(USAGE);
chmod (0660, "/etc/virtual/$domain/usage/$user");
}
}
}
}
log_bandwidth($uid,"type=email&email=$sender_address&method=outgoing&id=$mid&authenticated_id=$authenticated_id&sender_host_address=$sender_host_address&log_time=$timestamp&message_size=$message_size&local_part=$local_part&domain=$domain");
return "yes"
}
sub log_email
{
my($lp,$dmn) = @_;
#log_str("logging $lp\@$dmn\n");
my $user = get_domain_owner($dmn);
if ($user == -1) { return "no"; }
my $mid = Exim::expand_string('$message_id');
if ( (@pw = getpwnam($user)) )
{
log_bandwidth($pw[2],"type=email&email=$lp\@$dmn&method=incoming&id=$mid");
}
return "yes";
}
sub save_virtual_user
{
my $dmn = Exim::expand_string('$domain');
my $lp = Exim::expand_string('$local_part');
my $usr = "";
my $pss = "";
my $entry = "";
open (PASSWD, "/etc/virtual/$dmn/passwd") || return "no";
while ($entry = <PASSWD>) {
($usr,$pss) = split(/:/,$entry);
if ($usr eq $lp) {
close(PASSWD);
log_email($lp, $dmn);
return "yes";
}
}
close (PASSWD);
return "no";
}
sub log_bandwidth
{
my ($uid,$data) = @_;
my $name = getpwuid($uid);
if (uid_exempt($uid)) { return; }
if ($name eq "") { $name = "unknown"; }
my $bytes = Exim::expand_string('$message_size');
if ($bytes == -1) { return; }
my $work_path = $ENV{'PWD'};
open (BYTES, ">>/etc/virtual/usage/$name.bytes");
print BYTES "$bytes=$data&path=$work_path\n";
close(BYTES);
chmod (0660, "/etc/virtual/usage/$name.bytes");
}
sub log_str
{
my ($str) = @_;
open (LOG, ">> /tmp/test.txt");
print LOG $str;
close(LOG);
}

607
update/data/templates/exim3.conf Normal file
View File

@@ -0,0 +1,607 @@
# An Exim configuration for 3.33 that supports virtual email users
# with separate aliases and passwd files and mail spool locations
# for each domain.
# 21/Sep/2001 reed -- please let me know how this can be improved
######################################################################
# Runtime configuration file for Exim #
######################################################################
# This is a default configuration file which will operate correctly in
# uncomplicated installations. Please see the manual for a complete list
# of all the runtime configuration options that can be included in a
# configuration file. There are many more than are mentioned here. The
# manual is in the file doc/spec.txt in the Exim distribution as a plain
# ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available
# from the Exim ftp sites. The manual is also online via the Exim web sites.
# This file is divided into several parts, all but the last of which are
# terminated by a line containing the word "end". The parts must appear
# in the correct order, and all must be present (even if some of them are
# in fact empty). Blank lines, and lines starting with # are ignored.
############ IMPORTANT ########## IMPORTANT ########### IMPORTANT ############
# #
# Whenever you change Exim's configuration file, you *must* remember to HUP #
# the Exim daemon, because it will not pick up the new configuration until #
# until you do this. It is usually a good idea to test a new configuration #
# for syntactic correctness (e.g. using "exim -C /config/file -bV") first. #
# #
############ IMPORTANT ########## IMPORTANT ########### IMPORTANT ############
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name.
# primary_hostname =
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.
# qualify_domain =
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.
# qualify_recipient =
perl_startup = do '/etc/exim.pl'
message_filter = /etc/system_filter.exim
# Specify your local domains as a colon-separated list here. If this option
# is not set (i.e. not mentioned in the configuration file), the
# qualify_recipient value is used as the only local domain. If you do not want
# to do any local deliveries, uncomment the following line, but do not supply
# any data for it. This sets local_domains to an empty string, which is not
# the same as not mentioning it at all. An empty string specifies that there
# are no local domains; not setting it at all causes the default value (the
# setting of qualify_recipient) to be used.
local_domains = lsearch;/etc/virtual/domains
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above. You also need to comment "forbid_domain_literals" below. This is not
# recommended for today's Internet.
# local_domains_include_host_literals
# The following line prevents Exim from recognizing addresses of the form
# "user@[111.111.111.111]" that is, with a "domain literal" (an IP address)
# instead of a named domain. The RFCs still require this form, but it makes
# little sense to permit mail to be sent to specific hosts by their IP address
# in the modern Internet, and this ancient format has been used by those
# seeking to abuse hosts by using them for unwanted relaying. If you really
# do want to support domain literals, remove the following line, and see
# also the "domain_literal" router below.
forbid_domain_literals
# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.
never_users = root
# The use of your host as a mail relay by any host, including the local host
# calling its own SMTP port, is locked out by default. If you want to permit
# relaying from the local host, you should set
#
host_auth_accept_relay = *
#auth_hosts = *
#
# If you want to permit relaying through your host from certain hosts or IP
# networks, you need to set the option appropriately, for example
#
host_accept_relay = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
#
# If you are an MX backup or gateway of some kind for some domains, you must
# set relay_domains to match those domains. This will allow any host to
# relay through your host to those domains.
#
relay_domains = lsearch;/etc/virtual/domains : localhost
#
# See the section of the manual entitled "Control of relaying" for more
# information.
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
# host_lookup = *
# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# receiver_unqualified_hosts =
# sender_unqualified_hosts =
#
# to control sender and receiver addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).
# By default, Exim does not make any checks, other than syntactic ones, on
# incoming addresses during the SMTP dialogue. This reduces delays in SMTP
# transactions, but it does mean that you might accept messages with unknown
# recipients, and/or bad senders.
# Uncomment this line if you want incoming recipient addresses to be verified
# during the SMTP dialogue. Unknown recipients are then rejected at this stage,
# and the generation of a failure message is the job of the sending host.
# receiver_verify
# Uncomment this line if you want incoming sender addresses (return-paths) to
# be verified during the SMTP dialogue. Verification can normally only check
# that the domain exists.
# sender_verify
# Exim contains support for the Realtime Blackhole List (RBL) that is being
# maintained as part of the DNS. See http://mail-abuse.org/rbl/ for background.
# Uncommenting the first line below will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at blackholes.mail-abuse.org.
# Some others have followed the RBL lead and have produced other lists: DUL is
# a list of dial-up addresses, and there are also a number of other lists
# of various kinds at orbs.org.
# rbl_domains = blackholes.mail-abuse.org
# rbl_domains = blackholes.mail-abuse.org:dialups.mail-abuse.org
# If you want Exim to support the "percent hack" for all your local domains,
# uncomment the following line. This is the feature by which mail addressed
# to x%y@z (where z is one of your local domains) is locally rerouted to
# x@y and sent on. Otherwise x%y is treated as an ordinary local part.
# percent_hack_domains = *
# When Exim can neither deliver a message nor return it to sender, it "freezes"
# the delivery error message (aka "bounce message"). There are also other
# circumstances in which messages get frozen. They will stay on the queue for
# ever unless one of the following options is set.
# This option unfreezes unfreezes bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.
ignore_errmsg_errors_after = 2d
# This option cancels (removes) frozen messages that are older than a week.
timeout_frozen_after = 7d
rfc1413_query_timeout = 0s
trusted_users = mail:majordomo:apache
end
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a director or a router that
# successfully handles an address.
# Spam Assassin
spamcheck:
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
transport_filter = /usr/bin/spamc
bsmtp = all
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back in!
user = mail
group = mail
return_path_add = false
log_output = true
return_fail_output = true
prefix =
suffix =
#majordomo
majordomo_pipe:
driver = pipe
group = daemon
return_fail_output
user = majordomo
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
user = ${local_part}
group = mail
mode = 0660
## for delivering virtual domains to their own mail spool
virtual_localdelivery:
driver = appendfile
create_directory = true
directory_mode = 700
file = /var/spool/virtual/${domain}/${local_part}
delivery_date_add
envelope_to_add
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
group = mail
mode = 660
## vacation transport
uservacation:
driver = autoreply
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
file = /etc/virtual/${domain}/reply/${local_part}.msg
log = /etc/virtual/${domain}/reply/${local_part}.log
return_message = false
text = "\
------ ------\n\n\
This message was automatically generated by email software\n\
The delivery of your message has not been affected.\n\n\
------ ------\n\n"
to = "${sender_address}"
from = "${local_part}@${domain}"
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {I am on vacation}}"
userautoreply:
driver = autoreply
bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
file = /etc/virtual/${domain}/reply/${local_part}.msg
log = /etc/virtual/${domain}/reply/${local_part}.log
return_message = false
from = "${local_part}@${domain}"
to = "${sender_address}"
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {Autoreply Message}}"
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the directors
# section below.
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
group = nobody
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.
address_reply:
driver = autoreply
end
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).
#Spam Assassin
#spamcheck_director:
# condition = "${if eq {$received_protocol}{spam-scanned} {0}{1}}"
# driver = smartuser
# transport = spamcheck
majordomo_aliases:
driver = aliasfile
optional = true
file = /etc/virtual/${domain}/majordomo/list.aliases
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
pipe_transport = majordomo_pipe
search_type = lsearch
no_rewrite
user = majordomo
group = daemon
majordomo_private:
driver = aliasfile
optional = true
condition = "${if eq {$received_protocol} {local} \
{true} {false} }"
file = /etc/virtual/${domain}/majordomo/private.aliases
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
pipe_transport = majordomo_pipe
search_type = lsearch
user = majordomo
group = daemon
domain_filter:
driver = forwardfile
file = /etc/virtual/${domain}/filter
no_check_local_user
no_verify
filter
file_transport = address_file
pipe_transport = virtual_address_pipe
uservacation:
driver = aliasfile
file = /etc/virtual/${domain}/vacation.conf
search_type = lsearch
transport = uservacation
optional = true
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
# do not reply to errors or lists
senders = "! ^.*-request@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*"
# do not reply to errors and bounces or lists
condition = "${if or {{match {$h_precedence:} {(?i)junk|bulk|list}} \
{eq {$sender_address} {}}} {no} {yes}}"
# carry on checking regardless of the outcome of this director...
unseen
no_expn
no_verify
user = mail
userautoreply:
driver = aliasfile
file = /etc/virtual/${domain}/autoresponder.conf
search_type = lsearch
transport = userautoreply
optional = true
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
# do not reply to errors or lists
senders = "! ^.*-request@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*"
# do not reply to errors and bounces or lists
condition = "${if or {{match {$h_precedence:} {(?i)junk|bulk|list}} \
{eq {$sender_address} {}}} {no} {yes}}"
#need no verify for the require_files so that it doesn't give up root or something
#no_expn
no_verify
unseen
user = mail
virtual_aliases_nostar:
driver = aliasfile
file = /etc/virtual/${domain}/aliases
search_type = lsearch
#include_domain = true
optional = true
group = mail
file_transport = address_file
pipe_transport = virtual_address_pipe
unseen
virtual_user:
driver = aliasfile
transport = virtual_localdelivery
file = /etc/virtual/${domain}/passwd
domains = lsearch;/etc/virtual/domainowners
optional = true
search_type = lsearch
group = mail
virtual_aliases:
driver = aliasfile
file = /etc/virtual/$domain/aliases
search_type = lsearch*
#include_domain = true
optional = true
group = mail
file_transport = address_file
pipe_transport = virtual_address_pipe
# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A. The three transports specified at the
# end are those that are used when forwarding generates a direct delivery
# to a file, or to a pipe, or sets up an auto-reply, respectively.
userforward:
driver = forwardfile
file = .forward
no_verify
no_expn
check_ancestor
filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
system_aliases:
driver = aliasfile
file = /etc/aliases
search_type = lsearch
# user = exim
file_transport = address_file
pipe_transport = address_pipe
# This director matches local user mailboxes.
localuser:
driver = localuser
transport = local_delivery
end
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
# This router routes to remote hosts over SMTP using a DNS lookup. Any domain
# that resolves to an IP address on the loopback interface (127.0.0.0/8) is
# treated as if it had no DNS entry.
lookuphost:
driver = lookuphost
transport = remote_smtp
ignore_target_hosts = 127.0.0.0/8
# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to comment out
# "forbid_domain_literals" above, so that Exim can recognize the syntax of
# domain literal addresses.
# domain_literal:
# driver = ipliteral
# transport = remote_smtp
end
######################################################################
# RETRY CONFIGURATION #
######################################################################
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
end
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
end
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
plain:
driver = plaintext
public_name = PLAIN
server_condition = "${perl{smtpauth}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{smtpauth}}"
server_set_id = $1
# End of Exim configuration file

924
update/data/templates/exim4.conf Normal file
View File

@@ -0,0 +1,924 @@
######################################################################
# Runtime configuration file for Exim #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ########
# WARNING! Be sure to back up your previous exim.conf file before #
# attempting to use this exim.conf file. #
# #
# Do may not use this exim.conf Exim configuration file unless you #
# make the required modifications to your Exim configuration #
# following the instructions found below, in the section marked #
# "MODIFICATION INSTRUCTIONS". #
# #
# This is version "RSS-1.0da" of the exim.conf file as distributed #
# by nobaloney.net. #
# #
# The "RSS" stands for "Really Stop Spam", as the author believes #
# this distribution of the exim.conf file will Really Stop Spam. #
# Note that "Really Stop Spam" is both a trademark and a service #
# mark of nobaloney.net. #
# #
# The "da" stands for DirectAdmin as this distribution of the #
# exim.conf file is specific to the DirectAdmin control panel #
# installation. More information about DirectAdmin may be found at #
# http://www.directadmin.com. #
# #
# This Exim configuration file has been modified from the original #
# as distributed with Exim 4. The modifications have been made by: #
# #
# Jeff Lasman #
# nobaloney.net #
# P. O. Box 52672 #
# Riverside, CA 92517 #
# info@nobaloney.net #
# (909) 324-9706 #
# #
# Note that neither nobaloney.net nor Jeff Lasman have any #
# affiliation with DirectAdmin. #
# #
######################################################################
# #
# The most recent version of this distribution may always be #
# downloaded from the website at #
# #
# http://www.nobaloney.net/exim/exim.conf.spamblocked #
# #
######################################################################
# #
# Portions of this file are taken from the exim.conf file as #
# distributed with Exim 4, which includes the following copyright #
# notice: #
# #
# Copyright © 2002 University of Cambridge, Cambridge, UK #
# #
# Portions of this file are taken from the exim.conf file as #
# distributed with DirectAdmin (http://www.directadmin.com/), #
# #
# © 2003 JBMC Software, St Albert, AB, Canada #
# #
# Portions of this file are written by Jeff Lasman, of #
# nobaloney.net and are copyright as follows: #
# #
# Copyright © 2004 nobaloney.net, Riverside, Calif., USA #
# #
# The entire Exim 4 distribution, including this file, is #
# distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, #
# June 1991. If you do not have a copy of the GNU GENERAL #
# PUBLIC LICENSE you may download it, in it's entirety, from #
# the website at #
# #
# http://www.nobaloney.net/exim/gnu-gpl-v2.txt #
# #
######################################################################
# #
# This file is divided into several parts, all but the first of #
# which are# headed by a line starting with the word "begin". Only #
# those parts that are required need to be present. Blank lines, and #
# lines starting with # are ignored. #
# #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ########
# #
# Whenever you change Exim's configuration file, you *must* remember #
# to HUP the Exim daemon, because it will not pick up the new #
# configuration until you do. However, any other Exim processes that #
# are started, for example, a process started by an MUA in order to #
# send a message, will see the new configuration as soon as it is in #
# place. #
# #
# You do not need to HUP the daemon for changes in auxiliary files #
# that are referenced from this file. They are read every time they #
# are used. #
# #
# It is usually a good idea to test a new configuration for #
# syntactic correctness before installing it (for example, by #
# running the command "exim -C /config/file.new -bV"). #
# #
### MODIFICATION INSTRUCTIONS ########## MODIFICATION INSTRUCTIONS ###
# #
# YOU MUST MAKE THE FOLLOWING CHANGES TO DIRECTADMIN: #
# 1) Add a file /etc/virtual/blacklist_domains #
# This file should contain the domain names of so-called legal #
# spammers and other spam sources that do not always get caught #
# by blocklists, but that, nevertheless, you do not want to be #
# able to send spam to your domains on your server for which #
# you've enabled spamblocking. #
# #
# 2) Add a file /etc/virtual/whitelist_from #
# This file should contain the fully-qualified hostnames or IP#s #
# of servers that you DO want to be able to get email from even #
# if they're otherwise caught by blocklists. Your own domain #
# need not be listed here to enable you to get unblock requests, #
# whitelisting of email to your "errors" address will be handled #
# separately, below. #
# #
# 3) Add a file /etc/virtual/use_rbl_domains #
# This is a list of domains on your server that want spamblocking #
# to be used for them so they won't get spam. Spam will not be #
# blocked for any domains on your server unless they're listed #
# in this file. Note that the domain names in this file should #
# follow the same format as the domain names in the #
# /etc/virtual/domains file. You may just copy the domains file #
# to this file if you wish to use spamblocking for all your #
# domains but we recommend giving your domain users a choice. #
# #
# Note that the above files should have the same ownership and #
# permissions as /etc/virtual/domains. Normally this should be: #
# owner = mail, group = mail, chmod 644. #
# #
# YOU MUST MAKE THE FOLLOWING MODIFICATIONS TO YOUR WEBISTE: #
# #
# Note that if anyone is blocked while trying to send you a #
# legitimate (non-spam) email, the "non-delivery" message they'll #
# get will include a reference to a webpage where they'll need to #
# vist to get their email addressed unblocked. You should create #
# such a webpage before you implement this file. The webpage may #
# include either a form for them to send you the information you #
# need to unblock them, or instructions for them to email you so you #
# can unblock them. #
# #
# You'll need the full name of their server to unblock them, by #
# putting the server name into the /etc/virtual/whitelist_from #
# file. There are two ways you can get this information: #
# #
# 1) You can create a form that will ask them for the address #
# they're trying to reach, the address they're sending the email #
# from, and the canonical name of their email server. Since they #
# may not know the name of their email server, this must be #
# optional, and if they leave it blank you'll have to find their #
# attempt to send email in your exim /var/log/exim/rejectlog file #
# and get the name of the server from there. #
# #
# 2) You can ask them to send you an email from the same address #
# that they were blocked from, but to (for example) #
# "errors@example.com" (but changing it to an address you want to #
# use, at one of your domains). When they send you the email you #
# should be able to find the name of their server in the headers #
# of the incoming email. #
# #
# Either way, you'll need to put the canonical name of their #
# nameserver into your /etc/virtual/whitelist_from file. #
# #
# You won't use the name they're sending email to for any purpose, #
# except possibly to verify the attempt in your #
# /var/log/exim/rejectlog file. It's really just a "red-herring" so #
# no one will just send you their email address and server name so #
# they can then spam your users. #
# #
# YOU MUST MAKE THE FOLLOWING MODIFICATIONS TO THIS FILE: #
# #
# Wherever you find the domain name "example.com" you must make #
# changes to customize this file for your server. If you leave #
# the sample "example.com" domain in this file then you will most #
# likely get false positives hits as spam and you will not notify #
# the senders how to be unblocked. #
# #
# YOU MUST change "example.com" to the domain name you'll be using #
# for an explanation website for anyone who gets blocked who #
# shouldn't be blocked (see notes above). #
# #
# Additionally, wherever "example.com" is used in an error message #
# being sent because an email is blocked, you should make sure that #
# the domain name includes any optional page you want senders to be #
# sent to in order to get themselves unblocked. #
# #
######## OPTIONAL MODIFICATIONS ###### OPTIONAL MODIFICATIONS ########
# #
# Optional modifications are marked below as: #
# # OPTIONAL MODIFICATIONS #
# #
# Check below for any optional modifications you wish to make to #
# this exim.conf file before installing it. #
# #
# Any settings below should not be commented out, uncommented, or #
# changed, unless they're marked with the OPTIONAL MODIFICATIONS #
# line unless you're sure what you are doing or you may break your #
# exim server configuration. #
# Should you break your exim configuration you should reinstall your #
# exim.conf file from scratch, either from a backup of the file you #
# used previously, or from one newly downloaded from our site (see #
# above) or from DirectAdmin. #
# #
######################################################################
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name. In many cases this does
# the right thing and you need not set anything explicitly.
# primary_hostname =
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.
# qualify_domain =
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.
# qualify_recipient =
# the next line is required to start the smtp auth script included
# in DirectAdmin
perl_startup = do '/etc/exim.pl'
# the next line is required to start the system_filter included in
# DirectAdmin to refuse potentiallly harmful payloads in
# email messages
system_filter = /etc/system_filter.exim
# SET SOME MEANINGFUL LIMITS
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
message_size_limit = 20M
smtp_receive_timeout = 5m
smtp_accept_max = 100
message_body_visible = 3000
# ALLOW UNDERSCORE IN EMAIL DOMAIN NAME
# domains shouldn't use the underscore character "_" but some
# may. Because John Postel, one of the architects of the Internet,
# said "Be liberal in what you accept and conservative in what you
# transmit, we choose to allow underscore in email domain names so we
# can receive email form domains which use the underscore character
# in their domain name.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
helo_allow_chars = _
# CHANGE LOGGING BEHAVIOR
# We weren't happy with the default Exim logging behavior through
# syslog; it didn't give us enough information. So we turned off
# syslog behavior and changed the logging behavior to give us what we
# felt was more helpful information. You may choose to delete or modify
# this section.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment
# define what to log:
# define the => log lines
# +delivery_size
# +sender_on_delivery
#
# define the <= log lines:
# +received_recipients
# +received_sender
# +smtp_confirmation
# +subject
#
# define other non '<= =>' log lines:
# +smtp_incomplete_transaction
###################################
# define what to not log:
# define other non "<= =>' log lines:
# -dnslist_defer
# -host_lookup_failed
# -queue_run
# -rejected_header
# -retry_defer
# -skip_delivery
###################################
log_selector = \
+delivery_size \
+sender_on_delivery \
+received_recipients \
+received_sender \
+smtp_confirmation \
+subject \
+smtp_incomplete_transaction \
-dnslist_defer \
-host_lookup_failed \
-queue_run \
-rejected_header \
-retry_defer \
-skip_delivery
syslog_duplication = false
# These options specify the Access Control Lists (ACLs) that
# are used for incoming SMTP messages - after the RCPT and DATA
# commands, respectively.
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message
# define local lists
domainlist blacklist_domains = lsearch;/etc/virtual/blacklist_domains
domainlist whitelist_from = lsearch;/etc/virtual/whitelist_from
domainlist local_domains = lsearch;/etc/virtual/domains
domainlist relay_domains = lsearch;/etc/virtual/domains : localhost
domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains
hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
hostlist auth_relay_hosts = *
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above. You also need to comment "forbid_domain_literals" below. This is not
# recommended for today's Internet.
# DO NOT ALLOW HOST LITERALS
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to uncomment the line
# below and change the allow_domain_literals line below to true
# to allow domain literals in your environment
# local_domains_include_host_literals
# The following line prevents Exim from recognizing addresses of the form
# "user@[111.111.111.111]" that is, with a "domain literal" (an IP address)
# instead of a named domain. The RFCs still require this form, but it makes
# little sense to permit mail to be sent to specific hosts by their IP address
# in the modern Internet, and this ancient format has been used by those
# seeking to abuse hosts by using them for unwanted relaying. If you really
# do want to support domain literals, remove the following line, and see
# also the "domain_literal" router below.
allow_domain_literals = false
# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.
never_users = root
# DO HOST LOOKUP
# OPTIONAL MODIFICATIONS:
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
# DISALLOW IDENT CALLBACKS
# OPTIONAL MODIFICATIONS:
# Exim may be set to make RFC 1413 (ident) callbacks for all incoming SMTP
# calls. You can limit the hosts to which these calls are made, and/or change
# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
# are disabled. RFC 1413 calls are cheap and can provide useful information
# for tracing problem messages, but some hosts and firewalls have problems
# with them. This can result in a timeout instead of an immediate refused
# connection, leading to delays on starting up an SMTP session. By default
# we disable callbacks for incoming SMTP calls. You may change
# rfc1413_query_timeout to 30s or some other positive number of seconds to
# enable callbacks for incoming SMTP calls.
rfc1413_hosts = *
rfc1413_query_timeout = 0s
# BOUNCE MESSAGES
# OPTIONAL MODIFICATIONS:
# When Exim can neither deliver a message nor return it to sender, it
# "freezes" the delivery error message (aka "bounce message"). There are also
# other circumstances in which messages get frozen. They will stay on the
# queue forever unless one or both of the following options is set.
# This option unfreezes unfreezes bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.
ignore_bounce_errors_after = 2d
# This option cancels (removes) frozen messages that are older than five days.
timeout_frozen_after = 5d
# TRUSTED USERS
# OPTIONAL MODIFICATIONS:
# if you must add additional trusted users, do so here; continue the
# colon-delimited list
trusted_users = mail:majordomo:apache
# SSL/TLS cert and key
tls_certificate = /etc/exim.cert
tls_privatekey = /etc/exim.key
tls_advertise_hosts = *
#auth_over_tls_hosts = *
######################################################################
# ACLs #
######################################################################
begin acl
# ACL that is used after the RCPT command
check_recipient:
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
# Deny for local domains if local parts begin with a dot or
# contain @ % ! / |
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
# allow local users to send outgoing messages using slashes
# and vertical bars in their local parts but blocks outgoing
# local parts that begin with a dot, slash, or vertical bar
# but allows them within the local part. The sequence \..\
# is barred. The usage of @ % and ! is barred as before. The
# motiviation is to prevent your users (or their virii) from
# mounting certain kinds of attacks on reverse sites.
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
# accept email from anyone in the whitelist_from list
accept domains = +whitelist_from
# accept mail to postmaster in any local domain, regardless of source
accept local_parts = postmaster
domains = +local_domains
# accept mail to abuse in any local domain, regardless of source
accept local_parts = abuse
domains = +local_domains
# accept mail to hostmaster in any local domain, regardless of source
accept local_parts = hostmaster
domains =+local_domains
# OPTIONAL MODIFICATIONS:
# If the page you're using to notify senders of blocked email of how
# to get their address unblocked will use a web form to send you email so
# you'll know to unblock those senders, then you may leave these lines
# commented out. However, if you'll be telling your senders of blocked
# email to send an email to errors@yourdomain.com, then you should
# replace "errors" with the left side of the email address you'll be
# using, and "example.com" with the right side of the email address and
# then uncomment the second two lines, leaving the first one commented.
# Doing this will mean anyone can send email to this specific address,
# even if they're at a blocked domain, and even if your domain is using
# blocklists.
# accept mail to errors@example.com, regardless of source
# accept local_parts = errors
# domains = example.com
# deny so-called "legal" spammers"
# but do bypass all checking for whitelisted host names
deny message = You may think you're legal but you're still an unwanted spammer
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
sender_domains = +blacklist_domains
# Deny unless sender address can be verified:
# This statement requires the sender address to be verified before any
# subsequent ACL statement can be used. If verification fails, the incoming
# recipient address is refused. Verification consists of trying to route the
# address, to see if a bounce message could be delivered to it. In the case of
# remote addresses, basic verification checks only the domain.
require verify = sender
# Deny stuff from insecure hosts & spammers. No exceptions for known users.
# but do bypass all checking for whitelisted host names
deny message = to unblock $sender_host_name see http://www.example.com/
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
# only smtp.dnsbl.sorbs.net = 127.0.0.5
dnslists = sbl.spamhaus.org : \
relays.ordb.org : \
dnsbl.sorbs.net=127.0.0.5
# Next deny stuff from more "fuzzy" blacklists
# but do bypass all checking for whitelisted host names
deny message = to unblock $sender_host_name see http://www.example.com/
hosts = !+relay_hosts
domains =+use_rbl_domains
!authenticated = *
# dnslists not including spam.dnsbl.sorbs.net
dnslists = bl.spamcop.net : \
dnsbl.njabl.org : \
cbl.abuseat.org : \
dnsbl.sorbs.net!=127.0.0.6
deny message = to unblock $sender_host_name see http://www.example.com/
domains =+use_rbl_domains
# rhsbl list is name based
dnslists = rhsbl.sorbs.net/$sender_address_domain
# accept if address is in a local domain as long as recipient can be verified
accept domains = +local_domains
endpass
verify = recipient
# accept if address is in a domain for which we relay as long as recipient
# can be verified
accept domains = +relay_domains
endpass
verify=recipient
# accept if message comes for a host for which we are an outgoing relay
# recipient verification is omitted because many MUA clients don't cope
# well with SMTP error responses. If you are actually relaying from MTAs
# then you should probably add recipient verify here
accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts
endpass
message = authentication required
authenticated = *
deny message = relay not permitted
# default at end of acl causes a "deny", but line below will give
# an explicit error message:
deny message = relay not permitted
# ACL that is used after the DATA command
check_message:
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_condition = "${perl{smtpauth}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{smtpauth}}"
server_set_id = $1
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
begin routers
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
# This router routes to remote hosts over SMTP using a DNS lookup. Any domain
# that resolves to an IP address on the loopback interface (127.0.0.0/8) is
# treated as if it had no DNS entry.
lookuphost:
driver = dnslookup
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
condition = "${perl{check_limits}}"
transport = remote_smtp
no_more
# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to comment out
# "forbid_domain_literals" above, so that Exim can recognize the syntax of
# domain literal addresses.
# domain_literal:
# driver = ipliteral
# transport = remote_smtp
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).
# Spam Assassin
#spamcheck_director:
# driver = accept
# condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
# retry_use_local_part
# transport = spamcheck
# no_verify
majordomo_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
no_rewrite
user = majordomo
majordomo_private:
driver = redirect
allow_defer
allow_fail
#condition = "${if eq {$received_protocol} {local} {true} {false} }"
condition = "${if or { {eq {$received_protocol} {local}} \
{eq {$received_protocol} {spam-scanned}} } {true} {false} }"
data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
user = majordomo
domain_filter:
driver = redirect
allow_filter
no_check_local_user
condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}"
user = "mail"
file = /etc/virtual/${domain}/filter
file_transport = address_file
pipe_transport = virtual_address_pipe
retry_use_local_part
no_verify
uservacation:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = uservacation
unseen
userautoreply:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = userautoreply
unseen
virtual_aliases_nostar:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
unseen
#include_domain = true
virtual_user:
driver = accept
condition = ${if eq {}{${if exists{/etc/virtual/${domain}/passwd}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/passwd}}}}}{no}{yes}}
domains = lsearch;/etc/virtual/domainowners
group = mail
retry_use_local_part
transport = virtual_localdelivery
virtual_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
#include_domain = true
# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A. The three transports specified at the
# end are those that are used when forwarding generates a direct delivery
# to a file, or to a pipe, or sets up an auto-reply, respectively.
userforward:
driver = redirect
allow_filter
check_ancestor
check_local_user
no_expn
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify
system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim
localuser:
driver = accept
check_local_user
condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
transport = local_delivery
# This director matches local user mailboxes.
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a director or a router that
# successfully handles an address.
# Spam Assassin
begin transports
spamcheck:
driver = pipe
batch_max = 100
command = /usr/sbin/exim -oMr spam-scanned -bS
current_directory = "/tmp"
group = mail
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
use_bsmtp
user = mail
# must use a privileged user to set $received_protocol on the way back in!
#majordomo
majordomo_pipe:
driver = pipe
group = daemon
return_fail_output
user = majordomo
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
local_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
file = /var/mail/$local_part
group = mail
mode = 0660
return_path_add
user = ${local_part}
## for delivering virtual domains to their own mail spool
virtual_localdelivery:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 700
envelope_to_add
file = /var/spool/virtual/${domain}/${local_part}
group = mail
mode = 660
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}
## vacation transport
uservacation:
driver = autoreply
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {I am on vacation}}"
text = "\
------ ------\n\n\
This message was automatically generated by email software\n\
The delivery of your message has not been affected.\n\n\
------ ------\n\n"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
userautoreply:
driver = autoreply
bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: $h_Subject:} {Autoreply Message}}"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the directors
# section below.
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
group = nobody
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
# End of Exim 4 configuration

22
update/data/templates/feature_sets/core_functions/commands.allow Normal file
View File

@@ -0,0 +1,22 @@
CMD_SHOW_DOMAIN
CMD_JSON_LANG
CMD_JSON_VALIDATE
CMD_LOGOUT
CMD_PASSWD
CMD_USER_STATS
CMD_CHANGE_INFO
CMD_LICENSE_VERIFY
CMD_BANDWIDTH_BREAKDOWN
CMD_DU_BREAKDOWN
CMD_MASTER_LOGIN
CMD_WIDGET
CMD_PLUGINS
CMD_LOGIN_KEYS
CMD_API_LOGIN_KEYS
CMD_TWOSTEP_AUTH
CMD_SECURITY_QUESTIONS
CMD_LOGIN_HISTORY
CMD_USER_HISTORY
CMD_TICKET
CMD_API_TICKET
CMD_TICKET_CREATE

1
update/data/templates/feature_sets/core_functions/lang/en.name.txt Normal file
View File

@@ -0,0 +1 @@
Core Functions

2
update/data/templates/feature_sets/dns_only/commands.allow Normal file
View File

@@ -0,0 +1,2 @@
CMD_DNS_CONTROL
CMD_API_DNS_CONTROL

1
update/data/templates/feature_sets/dns_only/lang/en.name.txt Normal file
View File

@@ -0,0 +1 @@
DNS-Only

17
update/data/templates/feature_sets/email_only/commands.allow Normal file
View File

@@ -0,0 +1,17 @@
CMD_EMAIL_POP
CMD_EMAIL_LIST
CMD_EMAIL_CATCH_ALL
CMD_EMAIL_FILTER
CMD_EMAIL_FORWARDER
CMD_EMAIL_FORWARDER_MODIFY
CMD_EMAIL_AUTORESPONDER
CMD_EMAIL_AUTORESPONDER_CREATE
CMD_EMAIL_AUTORESPONDER_MODIFY
CMD_EMAIL_VACATION
CMD_EMAIL_VACATION_CREATE
CMD_EMAIL_VACATION_MODIFY
CMD_EMAIL_USAGE
CMD_DNS_MX
CMD_SPAMASSASSIN
CMD_WEBMAIL_LOGIN
CMD_AJAX_CHECK_PASSWORD

1
update/data/templates/feature_sets/email_only/lang/en.name.txt Normal file
View File

@@ -0,0 +1 @@
E-Mail-Only

26
update/data/templates/filter_base Normal file
View File

@@ -0,0 +1,26 @@
# Exim Filter
# created by |NAME|, version |VERSION|
# Do not modify this file as any changes will be
# overwritten when the user makes a change.
# (data is only written to this file, not read)
|FROM_WHITELIST|
|*if BLOCKLEVEL|
if
$h_X-Spam-Level: contains "|BLOCKLEVEL|"
then
seen finish
endif
|*endif|
|SPAMFILTERS|
if error_message then finish endif
|WORDFILTERS|
|ADULTFILTERS|
#end filter

6
update/data/templates/filter_delete Normal file
View File

@@ -0,0 +1,6 @@
if
$h_X-Spam-Status: contains "Yes,"
then
seen finish
endif

19
update/data/templates/filter_filterspamfolder Normal file
View File

@@ -0,0 +1,19 @@
if
$local_part is "|USERNAME|"
then
|*if DOVECOT="yes"|
save |HOME|/Maildir/.|INBOX_SPAM|/new/ 660
else
if "${if exists{|MAIL_PARTITION_HOME|/imap/${domain}/${local_part}}{yes}{no}}" is "yes"
then
save |MAIL_PARTITION_HOME|/imap/$domain/$local_part/Maildir/.|INBOX_SPAM|/new/ 660
else
save |HOME|/Maildir/.|INBOX_SPAM|/new/ 660
endif
|*else|
save |HOME|/.spamassassin/spam 660
else
save |HOME|/.spamassassin/user_spam/$local_part@$domain 660
|*endif|
endif
finish

10
update/data/templates/filter_spamfolder Normal file
View File

@@ -0,0 +1,10 @@
if
$h_X-Spam-Status: contains "Yes,"
then
|*if DOVECOT="yes"|
save |HOME|/Maildir/.|INBOX_SPAM|/new/ 660
|*else|
save |HOME|/.spamassassin/spam 660
|*endif|
finish
endif

23
update/data/templates/filter_userspamfolder Normal file
View File

@@ -0,0 +1,23 @@
if
$h_X-Spam-Status: contains "Yes,"
then
if
$local_part is "|USERNAME|"
then
|*if DOVECOT="yes"|
save |HOME|/Maildir/.|INBOX_SPAM|/new/ 660
else
if "${if exists{|MAIL_PARTITION_HOME|/imap/${domain}/${local_part}}{yes}{no}}" is "yes"
then
save |MAIL_PARTITION_HOME|/imap/$domain/$local_part/Maildir/.|INBOX_SPAM|/new/ 660
else
save |HOME|/Maildir/.|INBOX_SPAM|/new/ 660
endif
|*else|
save |HOME|/.spamassassin/spam 660
else
save |HOME|/.spamassassin/user_spam/$local_part@$domain 660
|*endif|
endif
finish
endif

220
update/data/templates/forbidden_domains.list Normal file
View File

@@ -0,0 +1,220 @@
# ---------- Free e-mail services -------------
dongo.com
mail.com
juno.com
lycos.com
hotmail.com
mail.yahoo.com
gmail.com
yousendit.com
mail2web.com
netaddress.com
postmaster.co.uk
walla.com
thatweb.com
fastmail.fm
mailinator.com
30gigs.com
aolmail.com
aussiemail.com.au
boardermail.com
canada.com
canoemail.com
wildmail.com
cashette.com
dbzmail.com
emailaccount.com
fastermail.com
hushmail.com
hush.com
icqmail.com
kittymail.com
linuxmail.org
mail2world.com
marchmail.com
myway.com
operamail.com
orcon.net.nz
rediffmail.com
sandiego.com
safe-mail.net
surfy.net
uymail.com
wapicode.com
yahoo.ca
yahoo.com
e2umail.com
mail.ru
# ---------- Popular domains -------------
apple.com
about.com
adfly.com
adobe.com
alipay.com
ask.com
avg.com
directadmin.com
jbmc-software.com
site-helper.com
cpanel.net
msn.com
google.com
google.ca
google.co.uk
google.com.au
google.com.br
google.be
google.co.id
google.co.il
google.co.in
google.co.jp
google.com.hk
google.de
google.es
google.fr
google.nl
google.ru
google.pl
google.com.mx
google.com.tr
google.it
googleusercontent.com
youtube.com
myspace.com
baidu.com
outlook.com
live.com
orkut.com
qq.com
yahoo.co.jp
wikipedia.org
microsoft.com
ebay.com
blogger.com
babylon.com
bbc.co.uk
bing.com
blogspot.com
blogspot.in
megaupload.com
sohu.com
hi5.com
rapidshare.com
yahoo.com.cn
amazon.com
amazon.co.jp
amazon.co.uk
amazon.de
facebook.com
taobao.com
fotolog.net
passport.net
friendster.com
bbc.co.ul
imdb.com
wretch.cc
go.com
craigslist.org
yandex.ru
flickr.com
tom.com
163.com
360.cn
360buy.com
cloudlinux.com
imunify360.com
onet.pl
onet.eu
ebay.co.uk
cnn.com
aol.com
photobucket.com
allegro.pl
discuss.com.hk
globo.com
go2.pl
livejournal.com
naver.com
uwants.com
geocities.com
adultfriendfinder.com
imageavenue.com
digg.com
vnet.cn
alibaba.com
soso.com
rediff.com
seznam.cz
walla.co.il
pchome.com.tw
livedoor.com
skyblog.com
starware.com
mop.com
download.com
wordpress.com
wp.pl
wp.eu
deviantart.com
sendspace.com
dailymotion.com
sogou.com
digitalpoint.com
dell.com
nba.com
icq.com
hp.com
aussimail.com.au
bluebottle.com
interia.pl
interia.eu
poczta.fm
inteligo.pl
inteligo.com.pl
mbank.com.pl
mbank.pl
uol.com.br
ig.com.br
yahoo.com.br
terra.com.br
globo.com
o2.pl
oi.com.br
conduit.com
ebay.de
espn.go.com
fc2.com
hao123.com
huffingtonpost.com
ifeng.com
imgur.com
instagram.com
linkedin.com
livejasmin.com
mywebsearch.com
netflix.com
odnoklassniki.ru
paypal.com
pinterest.com
pornhub.com
prokonto.pl
rakuten.co.jp
redtube.com
shaw.ca
sina.com.cn
stackoverflow.com
telus.net
thepiratebay.sx
tlen.pl
tmall.com
tumblr.com
twitter.com
vk.com
weibo.com
xhamster.com
xvideos.com
youku.com
zedo.com

36
update/data/templates/ftp_pass_change/index.html Normal file
View File

@@ -0,0 +1,36 @@
<html>
<head>
<title>
Change Ftp Account Password
</title>
<meta name="robots" content="noindex,nofollow">
<style>
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; }
b { FONT-WEIGHT: bold; }
.listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; }
td.list { BACKGROUND: #EEEEEE; white-space: nowrap; }
</style>
</head>
<body>
<center>
<br><br><br>
<b>Change Ftp Account Password</b>
<br><br>
<table cellpadding=5 cellspacing=1>
<form action="/CMD_CHANGE_FTP_PASSWORD" method="POST">
<tr><td class=listtitle colspan=2>Enter the required information below</td></tr>
<tr><td class=list align=center colspan=2>Must be in the format <b>user@domain.com</b><br>System accounts not allowed</td></tr>
<tr><td class=list align=right>Ftp Account:</td><td class=list><input type=text name=ftp size=32></td></tr>
<tr><td class=list align=right>Old Password:</td><td class=list><input type=password name=oldpassword size=32></td></tr>
<tr><td class=list align=right>New Password:</td><td class=list><input type=password name=password1 size=32></td></tr>
<tr><td class=list align=right>Re-Type Password:</td><td class=list><input type=password name=password2 size=32></td></tr>
<tr><td class=listtitle colspan=2 align=right><input type=submit value="Change Password"></td></tr>
</form>
</table>
<br><br>
</center>
</body>
</html>

8
update/data/templates/hotlink.apache.conf Normal file
View File

@@ -0,0 +1,8 @@
<IfModule mod_rewrite.c>
RewriteEngine on
|*if allow_blank_referer="yes"|
RewriteCond %{HTTP_REFERER} !^$
|*endif|
|ALLOWED_HOTLINK_DOMAINS|
RewriteRule .(|FILES|)$ |HOTLINK_ACTION|
</ifModule>

15
update/data/templates/hotlink.nginx.conf Normal file
View File

@@ -0,0 +1,15 @@
|*if allow_blank_referer!="yes"|
|?ALLOWED_LIST=`ALLOWED_HOTLINK_DOMAINS`|
|*else|
|?ALLOWED_LIST= none`ALLOWED_HOTLINK_DOMAINS`|
|*endif|
location ~ \.(|FILES|)$ {
valid_referers|ALLOWED_LIST|;
if ($invalid_referer) {
|*if redirect="forbidden"|
return 403;
|*else|
rewrite (.*)\.(|FILES|)$ |redirect|;
|*endif|
}
}

5
update/data/templates/hotlink.openlitespeed.conf Normal file
View File

@@ -0,0 +1,5 @@
|*if allow_blank_referer!="yes"|
RewriteCond %{HTTP_REFERER} !^$
|*endif|
|ALLOWED_HOTLINK_DOMAINS|
RewriteRule .(|FILES|)$ |HOTLINK_ACTION|

108
update/data/templates/httpd Normal file
View File

@@ -0,0 +1,108 @@
#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /var/run/httpd.pid
# config: /etc/httpd/conf/access.conf
# config: /etc/httpd/conf/httpd.conf
# config: /etc/httpd/conf/srm.conf
# Source function library.
. /etc/rc.d/init.d/functions
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/sbin/apachectl
httpd=/usr/sbin/httpd
prog=httpd
RETVAL=0
# Find the installed modules and convert their names into arguments httpd
# can use.
moduleargs() {
moduledir=/usr/lib/apache
moduleargs=`
/usr/bin/find ${moduledir} -type f -perm -0100 -name "*.so" | env -i tr '[:lower:]' '[:upper:]' | awk '{\
gsub(/.*\//,"");\
gsub(/^MOD_/,"");\
gsub(/^LIB/,"");\
gsub(/\.SO$/,"");\
print "-DHAVE_" $0}'`
echo ${moduleargs}
}
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
ulimit -n 8192
ulimit -n 16384
ulimit -n 32768
echo -n $"Starting $prog: "
LANG=en_US LC_ALL=en_US daemon $httpd `moduleargs` $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd /var/run/httpd.pid
}
reload() {
echo -n $"Reloading $prog: "
killproc $httpd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/run/httpd.pid ] ; then
stop
start
fi
;;
reload)
reload
;;
graceful)
stop
start
;;
help|configtest)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
exit 1
esac
exit $RETVAL

712
update/data/templates/httpd.conf Normal file
View File

@@ -0,0 +1,712 @@
ServerType standalone
ServerRoot "/etc/httpd"
LockFile /var/run/httpd.lock
PidFile /var/run/httpd.pid
ScoreBoardFile logs/apache_runtime_status
ResourceConfig /dev/null
AccessConfig /dev/null
Timeout 300
KeepAlive On
MaxKeepAliveRequests 500
KeepAliveTimeout 5
MinSpareServers 5
MaxSpareServers 20
StartServers 8
MaxClients 450
MaxRequestsPerChild 1000
#LoadModule mmap_static_module modules/mod_mmap_static.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
<IfDefine HAVE_BANDWIDTH>
LoadModule bandwidth_module modules/mod_bandwidth.so
</IfDefine>
<IfDefine HAVE_THROTTLE>
LoadModule throttle_module modules/mod_throttle.so
</IfDefine>
LoadModule env_module modules/mod_env.so
LoadModule config_log_module modules/mod_log_config.so
LoadModule agent_log_module modules/mod_log_agent.so
LoadModule referer_log_module modules/mod_log_referer.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule status_module modules/mod_status.so
LoadModule info_module modules/mod_info.so
LoadModule includes_module modules/mod_include.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule dir_module modules/mod_dir.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule asis_module modules/mod_asis.so
LoadModule imap_module modules/mod_imap.so
LoadModule action_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule anon_auth_module modules/mod_auth_anon.so
#LoadModule db_auth_module modules/mod_auth_db.so
#LoadModule auth_any_module modules/mod_auth_any.so
#LoadModule dbm_auth_module modules/mod_auth_dbm.so
#LoadModule auth_ldap_module modules/mod_auth_ldap.so
#LoadModule mysql_auth_module modules/mod_auth_mysql.so
#LoadModule auth_pgsql_module modules/mod_auth_pgsql.so
#LoadModule digest_module modules/mod_digest.so
#LoadModule proxy_module modules/libproxy.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule example_module modules/mod_example.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
<IfDefine HAVE_PERL>
LoadModule perl_module modules/libperl.so
</IfDefine>
<IfDefine HAVE_PHP>
LoadModule php_module modules/mod_php.so
</IfDefine>
<IfDefine HAVE_PHP3>
LoadModule php3_module modules/libphp3.so
</IfDefine>
#<IfDefine HAVE_PHP4>
#LoadModule php4_module modules/libphp4.so
#</IfDefine>
LoadModule php4_module /usr/lib/apache/libphp4.so
<IfDefine HAVE_DAV>
LoadModule dav_module modules/libdav.so
</IfDefine>
<IfDefine HAVE_ROAMING>
LoadModule roaming_module modules/mod_roaming.so
</IfDefine>
###<IfDefine HAVE_SSL>
LoadModule ssl_module modules/libssl.so
###</IfDefine>
<IfDefine HAVE_PUT>
LoadModule put_module modules/mod_put.so
</IfDefine>
<IfDefine HAVE_PYTHON>
LoadModule python_module modules/mod_python.so
</IfDefine>
ClearModuleList
#AddModule mod_mmap_static.c
AddModule mod_vhost_alias.c
<IfDefine HAVE_BANDWIDTH>
AddModule mod_bandwidth.c
</IfDefine>
<IfDefine HAVE_THROTTLE>
AddModule mod_throttle.c
</IfDefine>
AddModule mod_env.c
AddModule mod_log_config.c
AddModule mod_log_agent.c
AddModule mod_log_referer.c
#AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
#AddModule mod_speling.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_auth_anon.c
#AddModule mod_auth_db.c
#AddModule mod_auth_any.c
#AddModule mod_auth_dbm.c
#AddModule auth_ldap.c
#AddModule mod_auth_mysql.c
#AddModule mod_auth_pgsql.c
#AddModule mod_digest.c
#AddModule mod_proxy.c
#AddModule mod_cern_meta.c
AddModule mod_expires.c
AddModule mod_headers.c
#AddModule mod_usertrack.c
#AddModule mod_example.c
#AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_frontpage.c
<IfDefine HAVE_PERL>
AddModule mod_perl.c
</IfDefine>
<IfDefine HAVE_PHP>
AddModule mod_php.c
</IfDefine>
<IfDefine HAVE_PHP3>
AddModule mod_php3.c
</IfDefine>
###<IfDefine HAVE_PHP4>
AddModule mod_php4.c
###</IfDefine>
<IfDefine HAVE_DAV>
AddModule mod_dav.c
</IfDefine>
<IfDefine HAVE_ROAMING>
AddModule mod_roaming.c
</IfDefine>
###<IfDefine HAVE_SSL>
AddModule mod_ssl.c
###</IfDefine>
<IfDefine HAVE_PUT>
AddModule mod_put.c
</IfDefine>
<IfDefine HAVE_PYTHON>
AddModule mod_python.c
</IfDefine>
<IfModule mod_suphp.c>
<Location />
suPHP_Engine on
suPHP_ConfigPath /usr/local/etc/php5/cgi/
suPHP_AddHandler x-httpd-php
suPHP_AddHandler x-httpd-php5
</Location>
</IfModule>
Port 80
Listen 80
Listen 443
User apache
Group apache
ServerAdmin root@localhost
DocumentRoot "/var/www/html"
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
<IfModule mod_suphp.c>
suPHP_Engine On
suPHP_UserGroup webapps webapps
</IfModule>
</Directory>
AddHandler cgi-script .cgi .pl
<IfModule mod_userdir.c>
#UserDir public_html
UserDir disabled
</IfModule>
<Directory /home/*>
AllowOverride All
Options -MultiViews -Indexes FollowSymlinks IncludesNoExec +Includes
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
<IfModule mod_dir.c>
DirectoryIndex index.html index.htm index.shtml index.php index.php4 index.php3 index.phtml index.cgi
</IfModule>
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
UseCanonicalName Off
<IfModule mod_mime.c>
TypesConfig /etc/mime.types
</IfModule>
DefaultType text/plain
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%b" bytes
CustomLog logs/access_log combined
ServerSignature On
######
# Uncomment this next bit if you need to
# see the apache status of all incoming
# connections
#
#ExtendedStatus On
#<Location /httpd-status>
#SetHandler server-status
#</Location>
#
#######
<IfModule mod_alias.c>
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Alias /server-images/ "/var/www/html/images/"
<Directory "/var/www/html/images">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
#ScriptAlias /cgi-sbin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-sbin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</IfModule>
<IfModule mod_autoindex.c>
IndexOptions FancyIndexing NameWidth=*
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
ReadmeName README
HeaderName HEADER
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
<IfModule mod_mime.c>
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .ee
AddLanguage fr .fr
AddLanguage de .de
AddLanguage el .el
AddLanguage he .he
AddCharset ISO-8859-8 .iso8859-8
AddLanguage it .it
AddLanguage ja .ja
AddCharset ISO-2022-JP .jis
AddLanguage kr .kr
AddCharset ISO-2022-KR .iso-kr
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddCharset ISO-8859-2 .iso-pl
AddLanguage pt .pt
AddLanguage pt-br .pt-br
AddLanguage ltz .lu
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .se
AddLanguage cz .cz
AddLanguage ru .ru
AddLanguage zh-tw .tw
AddLanguage tw .tw
AddCharset Big5 .Big5 .big5
AddCharset WINDOWS-1251 .cp-1251
AddCharset CP866 .cp866
AddCharset ISO-8859-5 .iso-ru
AddCharset KOI8-R .koi8-r
AddCharset UCS-2 .ucs2
AddCharset UCS-4 .ucs4
AddCharset UTF-8 .utf8
<IfModule mod_negotiation.c>
LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
</IfModule>
AddType application/x-tar .tgz
<IfModule mod_php4.c>
<FilesMatch "\.(php|inc|php4|php3|phtml|phps)$">
AddHandler application/x-httpd-php .inc .php .php4 .php3 .phtml
AddHandler application/x-httpd-php-source .phps
</FilesMatch>
</IfModule>
<IfModule mod_php3.c>
<FilesMatch "\.(php3)$">
AddHandler application/x-httpd-php3 .php3
AddHandler application/x-httpd-php3-source .phps
</FilesMatch>
</IfModule>
<IfModule mod_php.c>
<FilesMatch "\.(phtml)$">
AddHandler application/x-httpd-php .phtml
</FilesMatch>
</IfModule>
AddHandler cgi-script .cgi .pl
AddType text/html .shtml
AddHandler server-parsed .shtml
#AddHandler send-as-is asis
AddHandler imap-file map
#AddHandler type-map var
</IfModule>
<IfModule mod_setenvif.c>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>
Alias /doc/ /usr/share/doc/
<Directory /usr/share/doc>
order deny,allow
deny from all
allow from localhost .localdomain
Options Indexes FollowSymLinks
</Directory>
###<IfDefine HAVE_SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
###</IfDefine>
<IfModule mod_ssl.c>
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
SSLSessionCache none
#SSLSessionCache shmht:logs/ssl_scache(512000)
#SSLSessionCache shmcb:logs/ssl_scache(512000)
#SSLSessionCache dbm:logs/ssl_scache
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex file:logs/ssl_mutex
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
# Logging:
# The home of the dedicated SSL protocol logfile. Errors are
# additionally duplicated in the general error log file. Put
# this somewhere where it cannot be used for symlink attacks on
# a real server (i.e. somewhere where only root can write).
# Log levels are (ascending order: higher ones include lower ones):
# none, error, warn, info, trace, debug.
SSLLog logs/ssl_engine_log
SSLLogLevel error
</IfModule>
###<IfDefine HAVE_SSL>
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
ErrorLog logs/error_log
TransferLog logs/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL
SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A test
# certificate can be generated with `make certificate' under
# built time. Keep in mind that if you've both a RSA and a DSA
# certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
#SSLCertificateFile /etc/httpd/conf/ssl.crt/server-dsa.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
#SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server-dsa.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /etc/httpd/conf/ssl.crt
#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/httpd/conf/ssl.crl
#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o CompatEnvVars:
# This exports obsolete environment variables for backward compatibility
# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
# to provide compatibility to existing CGI scripts.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
###</IfDefine>
#Start DirectAdmin Settings
Alias /config /var/www/html/redirect.php
Alias /phpMyAdmin /var/www/html/phpMyAdmin/
Alias /phpmyadmin /var/www/html/phpMyAdmin/
Alias /webmail /var/www/html/webmail/
Alias /squirrelmail /var/www/html/squirrelmail/
Alias /roundcube /var/www/html/roundcube/
ErrorDocument 400 /400.shtml
ErrorDocument 401 /401.shtml
ErrorDocument 403 /403.shtml
ErrorDocument 404 /404.shtml
ErrorDocument 500 /500.shtml
#All NameVirtualHost lines are in this file
#Don't remove this line or apache will generate errors.
Include /etc/httpd/conf/ips.conf
LogFormat "%b \"%r\"" homedir
#The default site for the server.
<VirtualHost |SERVER_IP|:80>
ServerAdmin webmaster@|SERVER_NAME|
ScriptAliasMatch ^/~([^/]+)/+cgi-bin/+(.*) /home/$1/public_html/cgi-bin/$2
AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
DocumentRoot /var/www/html
ServerName localhost
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
CustomLog /var/log/httpd/homedir.log homedir
</VirtualHost>
<VirtualHost |SERVER_IP|:443>
ServerName localhost
ServerAdmin webmaster@|SERVER_NAME|
ScriptAliasMatch ^/~([^/]+)/cgi-bin(/.*)* /home/$1/public_html/cgi-bin/$2
AliasMatch ^/~([^/]+)(/.*)* /home/$1/public_html$2
DocumentRoot /var/www/html
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
CustomLog /var/log/httpd/homedir.log homedir
</VirtualHost>

13
update/data/templates/imap Normal file
View File

@@ -0,0 +1,13 @@
# default: on
# description: imapd
service imap
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/imapd
#log_on_success += DURATION USERID
#log_on_failure += USERID
nice = 10
}

14
update/data/templates/imaps Normal file
View File

@@ -0,0 +1,14 @@
# default: on
# description: imaps / port 993
service imaps
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/stunnel
server_args = -T -p /etc/stunnel/stunnel.pem -l /usr/sbin/imapd
#log_on_success += DURATION USERID
#log_on_failure += USERID
nice = 10
}

41
update/data/templates/ips_virtual_host.conf Normal file
View File

@@ -0,0 +1,41 @@
|?CACERT_LINE=|
|*if CACERT!=""|
|?CACERT_LINE=SSLCACertificateFile `CACERT`|
|*endif|
|?APACHE_USERDIR=UserDir public_html|
|*if HAVE_USERDIR_ACCESS="0"|
|?APACHE_USERDIR=|
|*endif|
<VirtualHost |IP|:|PORT_80|>
ServerName shared.domain
|APACHE_USERDIR|
DocumentRoot |DOCROOT|
|*if APACHE_VER="2.0"|
SuexecUserGroup |USER| |GROUP|
|*else|
User |USER|
Group |GROUP|
|*endif|
CustomLog /var/log/httpd/homedir.log homedir
CustomLog /var/log/httpd/access_log combined
</VirtualHost>
<VirtualHost |IP|:|PORT_443|>
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CACERT_LINE|
ServerName shared.domain
|APACHE_USERDIR|
DocumentRoot |DOCROOT|
|*if APACHE_VER="2.0"|
SuexecUserGroup |USER| |GROUP|
|*else|
User |USER|
Group |GROUP|
|*endif|
CustomLog /var/log/httpd/homedir.log homedir
CustomLog /var/log/httpd/access_log combined
</VirtualHost>

63
update/data/templates/list.config Normal file
View File

@@ -0,0 +1,63 @@
admin_passwd = |admin_passwd|
administrivia = |administrivia|
advertise << END
END
announcements = yes
approve_passwd = |approve_passwd|
archive_dir =
comments << END
END
date_info = yes
date_intro = yes
debug = no
description = |description|
digest_archive =
digest_issue = |digest_issue|
digest_maxdays = |digest_maxdays|
digest_maxlines = |digest_maxlines|
digest_name = |NAME|
digest_rm_footer =
digest_rm_fronter =
digest_volume = |digest_volume|
digest_work_dir =
get_access = |get_access|
index_access = |index_access|
info_access = |info_access|
intro_access = |intro_access|
maxlength = |maxlength|
message_footer << END
|message_footer|
END
message_fronter << END
|message_fronter|
END
message_headers << END
|message_headers|
END
moderate = |moderate|
moderator = |moderator|
mungedomain = |mungedomain|
noadvertise << END
END
precedence = |precedence|
purge_received = |purge_received|
reply_to = |reply_to|
resend_host =
restrict_post = |restrict_post|
sender = |sender|
strip = |strip|
subject_prefix = |subject_prefix|
subscribe_policy = |subscribe_policy|
taboo_body << END
|taboo_body|
END
taboo_headers << END
|taboo_headers|
END
unsubscribe_policy = |unsubscribe_policy|
welcome = |welcome|
which_access = |which_access|
who_access = |who_access|

13
update/data/templates/load_check_message.txt Normal file
View File

@@ -0,0 +1,13 @@
|?SUBJECT=Warning: The system load average is `LOAD`|
This is an automated message notifying you that the |MINUTE| minute load average on your system is |LOAD|.
This has exceeded the |LIMIT| threshold.
One Minute - |ONE|
Five Minutes - |FIVE|
Fifteen Minutes - |FIFTEEN|
|TOP|
|CONN_INFO|
|EXTRA_INFO|
|MSG_FOOTER|

31
update/data/templates/logs.list Normal file
View File

@@ -0,0 +1,31 @@
/var/log/httpd/error_log=Apache Error Log
/var/log/httpd/access_log=Apache Access Log
/var/log/httpd/suexec_log=Apache Suexec Log
/var/log/httpd/homedir.log=Apache ~/user and IP Log
/var/log/suphp.log=suPHP Log
/var/log/nginx/error_log=Nginx Error Log
/var/log/nginx/access_log=Nginx Access Log
/var/log/exim/mainlog=Exim Mainlog
/var/log/exim/rejectlog=Exim Rejectlog
/var/log/exim/paniclog=Exim Paniclog
/var/log/messages=System Messages
/var/log/syslog=System Messages
/var/log/maillog=System Mail Log
/var/log/mail.log=System Mail Log
/var/log/mail.info=System Mail Information
/var/log/mail.err=System Mail Errors
/var/log/mail.warn=System Mail Warnings
/var/log/auth.log=System Authentication Log
/var/log/secure=System Security Log
/var/log/dmesg=Kernel Log
/var/log/cron=Cron Log
/var/log/directadmin/error.log=DirectAdmin Error Log
/var/log/directadmin/errortaskq.log=DirectAdmin Task Queue Log
/var/log/directadmin/security.log=DirectAdmin Security Log
/var/log/directadmin/system.log=DirectAdmin System Log
/var/log/directadmin/login.log=DirectAdmin Login Log
/var/log/proftpd/access.log=Proftpd Access Log
/var/log/proftpd/auth.log=Proftpd Auth Log
/var/log/pureftpd.log=PureFTP Log
/var/www/html/roundcube/logs/errors=RoundCube Errors
/var/www/html/roundcube/logs/sendmail=RoundCube Sends

39
update/data/templates/lost_password.html Normal file
View File

@@ -0,0 +1,39 @@
|*if code!=""|
|?TITLE=DirectAdmin - Lost Password Confirmation|
|?DESC=Lost Password Code Confirmation|
|?INSTR=Enter your username and your confirmation code<br> to have a new password emailed to you|
|*else|
|?TITLE=DirectAdmin - Lost Password|
|?DESC=Lost Password|
|?INSTR=Enter your Username and a confirmation link<br> will be sent to your email account.|
|*endif|
<html>
<head>
<title>|TITLE|</title>
<style>
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body onLoad="document.form.username.focus();">
<center><br><br><br><br>
<h1>|DESC|</h1>
<table cellspacing=1 cellpadding=5>
<tr>
<td class=listtitle colspan=2>Please enter your Username</td></tr>
<form action="/CMD_LOST_PASSWORD" method="POST" name="form">
<tr><td class=list colspan=2>|INSTR|</td></tr>
<tr><td class=list align=right>Username:</td><td class=list><input type=text name=username value="|username|"></td></tr>
|*if code!=""|
<tr><td class=list align=right>Confirmation Code:</td><td class=list><input type=text name=code value="|code|"></td></tr>
<input type=hidden name=action value="code">
|*else|
<input type=hidden name=action value="request">
|*endif|
<tr><td class=listtitle align=right colspan=2><input type=submit value='Submit'></td></tr>
</form>
</table>
</center></body></html>

21
update/data/templates/lost_password_email.txt Normal file
View File

@@ -0,0 +1,21 @@
|*if action="code"|
|?SUBJECT=Your password has been reset|
This is an automated email generated by |http|://|host|:|port|.
Your new password has been reset to:
|passwd|
|*else|
|?SUBJECT=Lost password reset request|
This is an automated email generated by |http|://|host|:|port| requesting a new password be email to you.
To initiate the password reset, click the following link and follow the instructions:
|http|://|host|:|port|/CMD_LOST_PASSWORD?code=|code|&username=|username|
The request was triggered by IP '|source_ip|'.
If this is not your IP or you did not initate this password change, please click the following to report it to an administrator:
|http|://|host|:|port|/CMD_LOST_PASSWORD?action=report&code=|code|
|*endif|
Do not reply to this email.

8
update/data/templates/mail_settings.html Normal file
View File

@@ -0,0 +1,8 @@
|LANG_ACCOUNT_READY|:<br><br>
<table class=list cellpadding=3 cellspacing=1>
<tr><td class=list2 align=right><b>|LANG_USERNAME|:</b></td><td class=list2>|USER|@|DOMAIN|</td></tr>
<tr><td class=list align=right><b>|LANG_PASSWORD|:</b></td><td class=list >|EMAIL_PASS|</td></tr>
<tr><td class=list2 align=right><b>|LANG_POP_IMAP|:</b></td><td class=list2>mail.|DOMAIN|</td></tr>
<tr><td class=list align=right><b>|LANG_SMTP|:</b></td><td class=list>mail.|DOMAIN| |LANG_PORT| 587</td></tr>
</table>

631
update/data/templates/main.php Normal file
View File

@@ -0,0 +1,631 @@
<?php
/* $Id: main.php,v 1.140 2003/05/02 20:42:00 garvinhicking Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:
/**
* Don't display the page heading
*/
define('PMA_DISPLAY_HEADING', 0);
/**
* Gets some core libraries and displays a top message if required
*/
if (!defined('PMA_GRAB_GLOBALS_INCLUDED')) {
include('./libraries/grab_globals.lib.php');
}
if (!defined('PMA_COMMON_LIB_INCLUDED')) {
include('./libraries/common.lib.php');
}
// Puts the language to use in a cookie that will expire in 30 days
if (!isset($pma_uri_parts)) {
$pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
$cookie_path = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
$is_https = ($pma_uri_parts['scheme'] == 'https') ? 1 : 0;
}
setcookie('lang', $lang, time() + 60*60*24*30, $cookie_path, '', $is_https);
// Defines the "item" image depending on text direction
$item_img = 'images/item_' . $text_dir . '.png';
// Handles some variables that may have been sent by the calling script
if (isset($db)) {
unset($db);
}
if (isset($table)) {
unset($table);
}
$show_query = '1';
require('./header.inc.php');
if (isset($message)) {
PMA_showMessage($message);
}
else if (isset($reload) && $reload) {
// Reloads the navigation frame via JavaScript if required
echo "\n";
?>
<script type="text/javascript" language="javascript1.2">
<!--
window.parent.frames['nav'].location.replace('./left.php?<?php echo PMA_generate_common_url('', '', '&');?>&hash=' + <?php echo (($cfg['QueryFrame'] && $cfg['QueryFrameJS']) ? 'window.parent.frames[\'queryframe\'].document.hashform.hash.value' : "'" . md5($cfg['PmaAbsoluteUri']) . "'"); ?>););
//-->
</script>
<?php
}
echo "\n";
/**
* Displays the welcome message and the server informations
*/
?>
<h1><?php echo sprintf($strWelcome, ' phpMyAdmin ' . PMA_VERSION); ?></h1>
<?php
// Don't display server info if $server == 0 (no server selected)
// loic1: modified in order to have a valid words order whatever is the
// language used
if ($server > 0) {
// robbat2: Use the verbose name of the server instead of the hostname
// if a value is set
if(!empty($cfg['Server']['verbose'])) {
$server_info = $cfg['Server']['verbose'];
} else {
$server_info = $cfg['Server']['host'];
}
$server_info .= (empty($cfg['Server']['port']) ? '' : ':' . $cfg['Server']['port']);
// loic1: skip this because it's not a so good idea to display sockets
// used to everybody
// if (!empty($cfg['Server']['socket']) && PMA_PHP_INT_VERSION >= 30010) {
// $server_info .= ':' . $cfg['Server']['socket'];
// }
$local_query = 'SELECT VERSION() as version, USER() as user';
$res = PMA_mysql_query($local_query) or PMA_mysqlDie('', $local_query, FALSE, '');
$mysql_cur_user_and_host = PMA_mysql_result($res, 0, 'user');
$mysql_cur_user = substr($mysql_cur_user_and_host, 0, strrpos($mysql_cur_user_and_host, '@'));
$full_string = str_replace('%pma_s1%', PMA_mysql_result($res, 0, 'version'), $strMySQLServerProcess);
$full_string = str_replace('%pma_s2%', $server_info, $full_string);
$full_string = str_replace('%pma_s3%', $mysql_cur_user_and_host, $full_string);
echo '<p><b>' . $full_string . '</b></p><br />' . "\n";
} // end if
/**
* Reload mysql (flush privileges)
*/
if (($server > 0) && isset($mode) && ($mode == 'reload')) {
$result = PMA_mysql_query('FLUSH PRIVILEGES'); // Debug: or PMA_mysqlDie('', 'FLUSH PRIVILEGES', FALSE, 'main.php?' . PMA_generate_common_url());
echo '<p><b>';
if ($result != 0) {
echo $strMySQLReloaded;
} else {
echo $strReloadFailed;
}
echo '</b></p>' . "\n\n";
}
/**
* Displays the MySQL servers choice form
*/
if ($server == 0 || count($cfg['Servers']) > 1) {
?>
<!-- MySQL servers choice form -->
<table>
<tr>
<th><?php echo $strServerChoice; ?></th>
</tr>
<tr>
<td>
<form method="post" action="index.php" target="_parent">
<select name="server">
<?php
echo "\n";
reset($cfg['Servers']);
while (list($key, $val) = each($cfg['Servers'])) {
if (!empty($val['host'])) {
echo ' <option value="' . $key . '"';
if (!empty($server) && ($server == $key)) {
echo ' selected="selected"';
}
echo '>';
if (!empty($val['verbose'])) {
echo $val['verbose'];
} else {
echo $val['host'];
if (!empty($val['port'])) {
echo ':' . $val['port'];
}
// loic1: skip this because it's not a so good idea to display
// sockets used to everybody
// if (!empty($val['socket']) && PMA_PHP_INT_VERSION >= 30010) {
// echo ':' . $val['socket'];
// }
}
// loic1: if 'only_db' is an array and there is more than one
// value, displaying such informations may not be a so good
// idea
if (!empty($val['only_db'])) {
echo ' - ' . (is_array($val['only_db']) ? implode(', ', $val['only_db']) : $val['only_db']);
}
if (!empty($val['user']) && ($val['auth_type'] == 'config')) {
echo ' (' . $val['user'] . ')';
}
echo '&nbsp;</option>' . "\n";
} // end if (!empty($val['host']))
} // end while
?>
</select>
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
<input type="submit" value="<?php echo $strGo; ?>" />
</form>
</td>
</tr>
</table>
<br />
<?php
} // end of the servers choice form
?>
<!-- MySQL and phpMyAdmin related links -->
<table>
<tr>
<?php
/**
* Displays the mysql server related links
*/
$is_superuser = FALSE;
if ($server > 0) {
// Get user's global privileges ($dbh and $userlink are links to MySQL
// defined in the "common.lib.php" library)
$is_create_priv = FALSE;
$is_process_priv = TRUE;
$is_reload_priv = FALSE;
// We were checking privileges with 'USE mysql' but users with the global
// priv CREATE TEMPORARY TABLES or LOCK TABLES can do a 'USE mysql'
// (even if they cannot see the tables)
$is_superuser = @PMA_mysql_query('SELECT COUNT(*) FROM mysql.user', $userlink);
if ($dbh) {
$local_query = 'SELECT Create_priv, Process_priv, Reload_priv FROM mysql.user WHERE User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\'';
$rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
if ($rs_usr) {
while ($result_usr = PMA_mysql_fetch_array($rs_usr)) {
if (!$is_create_priv) {
$is_create_priv = ($result_usr['Create_priv'] == 'Y');
}
/* 02-12-09 rabus: Every user has access to the process list -
at least to its own :-)
if (!$is_process_priv) {
$is_process_priv = ($result_usr['Process_priv'] == 'Y');
}
*/
if (!$is_reload_priv) {
$is_reload_priv = ($result_usr['Reload_priv'] == 'Y');
}
} // end while
mysql_free_result($rs_usr);
} // end if
} // end if
// If the user has Create priv on a inexistant db, show him in the dialog
// the first inexistant db name that we find, in most cases it's probably
// the one he just dropped :)
if (!$is_create_priv) {
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Create_priv = \'Y\' AND User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\'';
$rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
if ($rs_usr) {
$re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards
$re1 = '(^|[^\])(\\\)+'; // escaped wildcards
while ($row = PMA_mysql_fetch_array($rs_usr)) {
if (ereg($re0 . '(%|_)', $row['Db'])
|| (!PMA_mysql_select_db(ereg_replace($re1 . '(%|_)', '\\1\\3', $row['Db']), $userlink) && @mysql_errno() != 1044)) {
$db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $row['Db']));
$db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create);
$is_create_priv = TRUE;
break;
} // end if
} // end while
mysql_free_result($rs_usr);
} // end if
else if (PMA_MYSQL_INT_VERSION >= 32304) {
// Finally, let's try to get the user's privileges by using SHOW
// GRANTS...
// Maybe we'll find a little CREATE priv there :)
$local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user_and_host;
$rs_usr = PMA_mysql_query($local_query, $dbh);
if (!$rs_usr) {
// OK, now we'd have to guess the user's hostname, but we
// only try out the 'username'@'%' case.
$local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user;
$rs_usr = PMA_mysql_query($local_query, $dbh);
}
if ($rs_usr) {
$re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards
$re1 = '(^|[^\])(\\\)+'; // escaped wildcards
while ($row = PMA_mysql_fetch_row($rs_usr)) {
$show_grants_dbname = substr($row[0], strpos($row[0], ' ON ') + 4,(strpos($row[0], '.', strpos($row[0], ' ON ')) - strpos($row[0], ' ON ') - 4));
$show_grants_str = substr($row[0],6,(strpos($row[0],' ON ')-6));
if (($show_grants_str == 'ALL') || ($show_grants_str == 'ALL PRIVILEGES') || ($show_grants_str == 'CREATE') || strpos($show_grants_str, 'CREATE')) {
if ($show_grants_dbname == '*') {
$is_create_priv = TRUE;
$db_to_create = '';
break;
} // end if
else if (ereg($re0 . '%|_', $show_grants_dbname) || !PMA_mysql_select_db($show_grants_dbname, $userlink) && @mysql_errno() != 1044) {
$db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $show_grants_dbname));
$db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create);
$is_create_priv = TRUE;
break;
} // end elseif
} // end if
} // end while
unset($show_grants_dbname);
unset($show_grants_str);
mysql_free_result($rs_usr);
} // end if
} // end elseif
} // end if
else {
$db_to_create = '';
} // end else
if (!$cfg['SuggestDBName']) {
$db_to_create = '';
}
$common_url_query = PMA_generate_common_url();
if ($is_superuser) {
$cfg['ShowMysqlInfo'] = TRUE;
$cfg['ShowMysqlVars'] = TRUE;
$cfg['ShowChgPassword'] = TRUE;
}
if ($cfg['Server']['auth_type'] == 'config') {
$cfg['ShowChgPassword'] = FALSE;
}
//DIRECTADMIN CHANGE
$is_create_priv = FALSE;
// loic1: Displays the MySQL column only if at least one feature has to be
// displayed
if ($is_superuser || $is_create_priv || $is_process_priv || $is_reload_priv
|| $cfg['ShowMysqlInfo'] || $cfg['ShowMysqlVars'] || $cfg['ShowChgPassword']
|| $cfg['Server']['auth_type'] != 'config') {
?>
<!-- MySQL server related links -->
<td valign="top" align="<?php echo $cell_align_left; ?>">
<table>
<tr>
<th colspan="2">&nbsp;&nbsp;MySQL</th>
</tr>
<?php
// The user is allowed to create a db
if ($is_create_priv) {
echo "\n";
?>
<!-- db creation form -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<form method="post" action="db_create.php">
<?php echo $strCreateNewDatabase . '&nbsp;' . PMA_showMySQLDocu('Reference', 'CREATE_DATABASE'); ?><br />
<?php echo PMA_generate_common_hidden_inputs(); ?>
<input type="hidden" name="reload" value="1" />
<input type="text" name="db" value="<?php echo $db_to_create; ?>" maxlength="64" class="textfield" />
<input type="submit" value="<?php echo $strCreate; ?>" />
</form>
</td>
</tr>
<?php
} else {
echo "\n";
?>
<!-- db creation no privileges message -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<?php echo $strCreateNewDatabase . ':&nbsp;' . PMA_showMySQLDocu('Reference', 'CREATE_DATABASE'); ?><br />
<?php echo '<i>' . $strNoPrivileges .'</i>'; ?><br />
</td>
</tr>
<?php
} // end create db form or message
echo "\n";
// Server related links
?>
<!-- server-related links -->
<?php
if ($cfg['ShowMysqlInfo']) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="./server_status.php?<?php echo $common_url_query; ?>">
<?php echo $strMySQLShowStatus . "\n"; ?>
</a>
</td>
</tr>
<?php
} // end if
if ($cfg['ShowMysqlVars']) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="./server_variables.php?<?php echo $common_url_query; ?>">
<?php echo $strMySQLShowVars;?></a>&nbsp;
<?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'SHOW_VARIABLES') . "\n"; ?>
</td>
</tr>
<?php
}
// if ($is_process_priv) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="./server_processlist.php?<?php echo $common_url_query; ?>">
<?php echo $strMySQLShowProcess; ?></a>&nbsp;
<?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'SHOW_PROCESSLIST') . "\n"; ?>
</td>
</tr>
<?php
// } // end if
if ($is_reload_priv) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="main.php?<?php echo $common_url_query; ?>&amp;mode=reload">
<?php echo $strReloadMySQL; ?></a>&nbsp;
<?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'FLUSH') . "\n"; ?>
</td>
</tr>
<?php
}
if ($is_superuser) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="server_privileges.php?<?php echo $common_url_query; ?>">
<?php echo $strPrivileges; ?></a>&nbsp;
</td>
</tr>
<?php
}
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="./server_databases.php?<?php echo $common_url_query; ?>">
<?php echo $strDatabases; ?></a>
</td>
</tr>
<?php
// Change password (needs another message)
if ($cfg['ShowChgPassword']) {
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="user_password.php?<?php echo $common_url_query; ?>">
<?php echo ($strChangePassword); ?></a>
</td>
</tr>
<?php
} // end if
// Logout for advanced authentication
if ($cfg['Server']['auth_type'] != 'config') {
$http_logout = ($cfg['Server']['auth_type'] == 'http')
? "\n" . ' <a href="./Documentation.html#login_bug" target="documentation">(*)</a>'
: '';
echo "\n";
?>
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="index.php?<?php echo $common_url_query; ?>&amp;old_usr=<?php echo urlencode($PHP_AUTH_USER); ?>" target="_parent">
<b><?php echo $strLogout; ?></b></a>&nbsp;<?php echo $http_logout . "\n"; ?>
</td>
</tr>
<?php
} // end if
echo "\n";
?>
</table>
</td>
<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
<?php
} // end if
} // end of if ($server > 0)
echo "\n";
/**
* Displays the phpMyAdmin related links
*/
?>
<!-- phpMyAdmin related links -->
<td valign="top" align="<?php echo $cell_align_left; ?>">
<table>
<tr>
<th colspan="2">&nbsp;&nbsp;phpMyAdmin</th>
</tr>
<?php
// Displays language selection combo
if (empty($cfg['Lang'])) {
?>
<!-- Language Selection -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td nowrap="nowrap">
<form method="post" action="index.php" target="_parent">
<input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
<input type="hidden" name="server" value="<?php echo $server; ?>" />
Language <a href="./translators.html" target="documentation">(*)</a>:
<select name="lang" dir="ltr" onchange="this.form.submit();">
<?php
echo "\n";
/**
* Sorts available languages by their true names
*
* @param array the array to be sorted
* @param mixed a required parameter
*
* @return the sorted array
*
* @access private
*/
function PMA_cmp(&$a, $b)
{
return (strcmp($a[1], $b[1]));
} // end of the 'PMA_cmp()' function
uasort($available_languages, 'PMA_cmp');
reset($available_languages);
while (list($id, $tmplang) = each($available_languages)) {
$lang_name = ucfirst(substr(strstr($tmplang[0], '|'), 1));
if ($lang == $id) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
echo ' ';
echo '<option value="' . $id . '"' . $selected . '>' . $lang_name . ' (' . $id . ')</option>' . "\n";
}
?>
</select>
<noscript><input type="submit" value="Go" /></noscript>
</form>
</td>
</tr>
<?php
}
if (isset($cfg['AllowAnywhereRecoding']) && $cfg['AllowAnywhereRecoding']
&& $allow_recoding) {
echo "\n";
?>
<!-- Charset Selection -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td nowrap="nowrap">
<form method="post" action="index.php" target="_parent">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<?php echo $strMySQLCharset;?>:
<select name="convcharset" dir="ltr" onchange="this.form.submit();">
<?php
echo "\n";
reset($cfg['AvailableCharsets']);
while (list($id, $tmpcharset) = each($cfg['AvailableCharsets'])) {
if ($convcharset == $tmpcharset) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
echo ' ';
echo '<option value="' . $tmpcharset . '"' . $selected . '>' . $tmpcharset . '</option>' . "\n";
}
?>
</select>
<noscript><input type="submit" value="Go" /></noscript>
</form>
</td>
</tr>
<?php
}
echo "\n";
?>
<!-- Documentation -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="Documentation.html" target="documentation"><b><?php echo $strPmaDocumentation; ?></b></a>
</td>
</tr>
<?php
if ($is_superuser || $cfg['ShowPhpInfo']) {
?>
<!-- PHP Information -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="phpinfo.php" target="_new"><?php echo $strShowPHPInfo; ?></a>
</td>
</tr>
<?php
}
echo "\n";
?>
<!-- phpMyAdmin related urls -->
<tr>
<td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
<td>
<a href="http://www.phpMyAdmin.net/" target="_new"><?php echo $strHomepageOfficial; ?></a><br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[<a href="ChangeLog" target="_new">ChangeLog</a>]
&nbsp;&nbsp;&nbsp;[<a href="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpmyadmin/phpMyAdmin/" target="_new">CVS</a>]
&nbsp;&nbsp;&nbsp;[<a href="http://sourceforge.net/mail/?group_id=23067" target="_new">Lists</a>]
</td>
</tr>
</table>
</td>
</tr>
</table>
<?php
/**
* Displays the "empty $cfg['PmaAbsoluteUri'] warning"
*/
if ($display_pmaAbsoluteUri_warning) {
echo '<p class="warning">' . $strPmaUriError . '</p>' . "\n";
}
/**
* Warning if using the default MySQL privileged account
*/
if ($server != 0
&& $cfg['Server']['user'] == 'root'
&& $cfg['Server']['password'] == '') {
echo '<p class="warning">' . $strInsecureMySQL . '</p>' . "\n";
}
/**
* Warning for PHP 4.2.3
*/
if (PMA_PHP_INT_VERSION == 40203 && @extension_loaded('mbstring')) {
echo '<p class="warning">' . $strPHP40203 . '</p>' . "\n";
}
/**
* Displays the footer
*/
echo "\n";
require('./footer.inc.php');
?>

315
update/data/templates/majordomo.cf Normal file
View File

@@ -0,0 +1,315 @@
#newer perl versions do not have . at the end of @INC
use lib '.';
#
# A sample configuration file for majordomo. You must read through this and
# edit it accordingly!
#
# $whereami -- What machine am I running on?
#
$whereami = "|DOMAIN|";
# $whoami -- Who do users send requests to me as?
#
$whoami = "majordomo\@$whereami";
# $whoami_owner -- Who is the owner of the above, in case of problems?
#
$whoami_owner = "majordomo-owner\@$whereami";
# $homedir -- Where can I find my extra .pl files, like majordomo.pl?
# the environment variable HOME is set by the wrapper
#
$homedir = "/etc/virtual/majordomo";
# $listdir -- Where are the mailing lists?
#
$listdir = "/etc/virtual/${whereami}/majordomo/lists";
# $digest_work_dir -- the parent directory for digest's queue area
# Each list must have a subdirectory under this directory in order for
# digest to work. E.G. The bblisa list would use:
# /usr/local/mail/digest/bblisa
# as its directory.
#
$digest_work_dir = "/etc/virtual/${whereami}/majordomo/digests";
# $log -- Where do I write my log?
#
$log = "/etc/virtual/${whereami}/majordomo/majordomo.log";
#$log = "/etc/virtual/majordomo/Log";
# $sendmail_command -- Pathname to the sendmail program
# usually /usr/lib/sendmail, but some newer BSD systems
# seem to prefer /usr/sbin/sendmail
#
$sendmail_command = "/usr/sbin/sendmail";
# $mailer -- What program and args do I use to send mail to the list?
# $bounce_mailer -- What is used to send mail anywhere else?
# The variables $to, $from, $subject, and $sender can be interpolated into
# this command line. Note, however, that the $to, $from, and $subject
# variables may be provided by the person sending mail, and much mischief
# can be had by playing with this variable. It is perfectly safe to use
# $sender, but the others are insecure.
#
# Sendmail option -oi: Do not take a . on a line by itself as the message
# terminator.
# Sendmail option -oee: Force sendmail to exit with a zero exit status if
# if it's not going to give useful information.
#
$mailer = "$sendmail_command -oi -oee -f\$sender";
$bounce_mailer = "$sendmail_command -oi -oee -f\$sender -t";
# You can special case the mailer used to deliver outbound mail as follows:
#
# To use TLB and use no outgoing alias:
# if ($main'program_name eq 'mj_resend' && $opt_l eq 'test-list') {
# $mailer = "/usr/local/majordomo/tlb /usr/local/lists/${opt_l}.tlb";
# }
#
# To use a different Sendmail queue for this list's mail:
# if ($main'program_name eq 'mj_resend' && $opt_l eq 'test-list') {
# $mailer = "$sendmail_command -oQ /var/spool/listq -f\$sender";
# }
# You can force Majordomo to delay any processing if the system load is too
# high by uncommenting the following lines. THIS ONLY WORKS if your "uptime"
# command (usually found in /usr/bin/uptime or /usr/bsd/uptime)
# returns a string like:
# 5:23pm up 5:51, 9 users, load average: 0.19, 0.25, 0.33
#
#$max_loadavg = 10; # Choose the maximum allowed load
#
#$uptime = `/usr/bin/uptime` if -x '/usr/bin/uptime'; # Get system uptime
#$uptime = `/usr/bsd/uptime` if -x '/usr/bsd/uptime'; # or uptime is over here.
#
#($avg_1_minute, $avg_5_minutes, $avg_15_minutes) =
# $uptime =~ /average:\s+(\S+),\s+(\S+),\s+(\S+)/;
#
#exit 75 if ($avg_15_minutes >= $max_loadavg); # E_TEMPFAIL
#
# Set the default subscribe policy for new lists here.
# If not defined, defaults to "open", but in today's increasingly
# imbecile Internet, "open+confirm" or "auto+confirm" is a wiser
# choice for publicly available Majordomo servers.
#
$config'default_subscribe_policy = "open+confirm";
#
# Configure X400 parsing here. This is functional, but not well tested
# and rather a hack.
# By default all addresses that look x400-ish will be checked for a
# @ sign (meaning that it's headed to an smtp->x400 gateway, as well
# as the 'c=' and 'a[dm]=' parts, which mean something as well.
#
# If you will be receiving x400 style return addresses that do not have
# an @ sign in them indicating an smtp->x400 gateway, set $no_x400at to 1.
# Otherwise, leave $no_x400 at 0.
#
$no_x400at = 0;
#
# If you will be receiving x400 addresses without the c= or a[dm]= parts
# set the $no_true_x400 variable to 1. This will disable checking for
# "c=" and "a[dm]=" pieces.
#
$no_true_x400 = 0;
#--------------------------------------------------------------------
# Stuff below here isn't commonly changed....
#--------------------------------------------------------------------
#
# Majordomo will look for "get" and "index" files related to $list in
# directory "$filedir/$list$filedir_suffix", so set $filedir and
# $filedir_suffix appropriately. For instance, to look in
# /usr/local/mail/files/$list, use:
# $filedir = "/usr/local/mail/files";
# $filedir_suffix = ""; # empty string
# or to look in $listdir/$list.archive, use:
# $filedir = "$listdir";
# $filedir_suffix = ".archive";
$filedir = "$listdir";
$filedir_suffix = ".archive";
# What command should I use to process an "index" request?
#
$index_command = "/bin/ls -lRL";
# If you want to use FTPMAIL, rather than local access, for file transfer
# and access, define the following:
# $ftpmail_address = "ftpmail\@decwrl.dec.com";
# $ftpmail_location = "FTP.$whereami";
# if you want the subject of the request to be included as part of the
# subject of the reply (useful when automatically testing, or submitting
# multiple command sets), set $return_subject to 1.
#
$return_subject = 1;
# If you are using majordomo at the -request address, set the
# following variable to 1. This affects the welcome message that is
# sent to a new subscriber as well as the help text that is generated.
#
$majordomo_request = 0;
# If you have lists that have who turned off, but still allow which
# requests to work for subscribed members, and you don't want to have
# "which @" to act like a who, the variable $max_which_hits sets the
# number of hits that are allowed using which before an error is returned.
# Arguably this should be a per list settable number.
#
$max_which_hits = 0;
# Set the umask for the process. Used to set default file status for
# config file.
#
umask(007);
$config_umask = 007;
# don't change this. It checks to make sure that you have a new enough
# version of perl to run majordomo. It is in here because this file is
# used by almost all of the majordomo programs.
#
die "Perl version $] too old\n" if ($] < 4.019);
# the safe locations for archive directories
# None of the parameters that use safedirs are actually used, so
# @safedirs is a placeholder for future functionality.
# Just ignore it for version 1.90 through 1.94.
#
@safedirs = ( );
# Directory where resend temporarily puts its rewritten output message.
# For the paranoid, this could be changed to a directory that only
# majordomo has r/w permission to.
# Uses the environment variable TMPDIR, since that's pretty common
#
$TMPDIR = $ENV{'TMPDIR'} || "/tmp";
# Tune how long set_lock tries to obtain a lock before giving up. Each
# attempt waits 1 to 10 seconds before trying again and waittime is
# the total minimum time spent trying. This defaults to 600 seconds (5
# minutes), which translates to no less then 60 nor more than 600 tries.
#
# $shlock'waittime = 1200;
# tune the cookie for subscribe_policy=confirm. Normally this is
# set to $homedir. *Don't* make this something like rand(400),
# the key isn't saved between sessions.
#
# $cookie_seed = "Harry Truman, Doris Day, Red China, Johnnie Ray" .
# " South Pacific, Walter Winchell, Joe DiMaggio";
# The maximum character length of the header lines for resend
#
$MAX_HEADER_LINE_LENGTH = 128;
# The maximum character length of the _entire_ header for resend
#
$MAX_TOTAL_HEADER_LENGTH = 1024;
# List of perl regular expressions that, if found in the headers of a message,
# will cause the message to be bounced to the list approver.
# Put each regular expression on a separate line before the "END" mark, with
# no trailing ";"
# For example:
# $global_taboo_headers = <<'END';
# /^from:.*trouble\@hassle\.net/i
# /^subject:.*non-delivery notice/i
# END
# NOTE! Using ' instead of " in the 'END' is VERY IMPORTANT!!!
#
# Administrative checks. These used to be buried in the resend code
#
$admin_headers = <<'END';
/^subject:\s*subscribe\b/i
/^subject:\s*unsubscribe\b/i
/^subject:\s*uns\w*b/i
/^subject:\s*.*un-sub/i
/^subject:\s*help\b/i
/^subject:\s.*\bchange\b.*\baddress\b/i
/^subject:\s*request\b(.*\b)?addition\b/i
/^subject:\s*cancel\b/i
END
# Common things that people send to the wrong address.
# These are caught in the first 10 lines of the message body
# if 'administrivia' is turned on and the message isn't marked approved.
#
# The code that catches this should transparently redirect
# majordomo commands to majordomo. That would give the additional
# advantage of not having to add to this silly construct for
# each new majordomo command.
#
$admin_body = <<'END';
/\bcancel\b/i
/\badd me\b/i
/\bdelete me\b/i
/\bremove\s+me\b/i
/\bchange\b.*\baddress\b/
/\bsubscribe\b/i
/^sub\b/i
/\bunsubscribe\b/i
/^unsub\b/i
/\buns\w*b/i
/^\s*help\s*$/i
/^\s*info\s*$/i
/^\s*info\s+\S+\s*$/i
/^\s*lists\s*$/i
/^\s*which\s*$/i
/^\s*which\s+\S+\s*$/i
/^\s*index\s*$/i
/^\s*index\s+\S+\s*$/i
/^\s*who\s*$/i
/^\s*who\s+\S+\s*$/i
/^\s*get\s+\S+\s*$/i
/^\s*get\s+\S+\s+\S+\s*$/i
/^\s*approve\b/i
/^\s*passwd\b/i
/^\s*newinfo\b/i
/^\s*config\b/i
/^\s*newconfig\b/i
/^\s*writeconfig\b/i
/^\s*mkdigest\b/i
END
# taboo headers to catch
#
$global_taboo_headers = <<'END';
/^subject: ndn: /i
/^subject:\s*RCPT:/i
/^subject:\s*Delivery Confirmation\b/i
/^subject:\s*NON-DELIVERY of:/i
/^subject:\s*Undeliverable Message\b/i
/^subject:\s*Receipt Confirmation\b/i
/^subject:\s*Failed mail\b/i
/^subject:\s*Returned mail\b/i
/^subject:\s*unable to deliver mail\b/i
/^subject:\s.*\baway from my mail\b/i
/^subject:\s*Autoreply/i
END
# Taboo body contents to catch and forward to the approval address
#
# For example:
# $global_taboo_body = <<'END';
# /taboo topic/i
# /another taboo/i
# END
# NOTE! Using ' instead of " in the next line is VERY IMPORTANT!!!
#
$global_taboo_body = <<'END';
END
# Majordomo will not send replies to addresses which match this.
# The match is done case-insensitively.
$majordomo_dont_reply = '(mailer-daemon|uucp|listserv|majordomo|listproc)\@';
1;
# $Header: /sources/cvsrepos/majordomo/sample.cf,v 1.34 1997/08/27 15:00:31 cwilson Exp $

2
update/data/templates/message_footer.txt Normal file
View File

@@ -0,0 +1,2 @@
================================
Automated Message Generated by |DEAMONNAME| |VERSION|

14
update/data/templates/message_tech.txt Normal file
View File

@@ -0,0 +1,14 @@
|?SUBJECT=New Ticket to resolve: `MESSAGE_SUBJECT`|
A new ticket with subject:
|MESSAGE_SUBJECT|
has arrived for you to resolve.
Follow this link to view it:
|HTTP||DOMAIN|:|PORT|/CMD_TICKET_MANAGE?action=view&number=|NUMBER|&type=|TYPE|
|MSG_FOOTER|
Do Not Reply.

14
update/data/templates/message_user.txt Normal file
View File

@@ -0,0 +1,14 @@
|?SUBJECT=New Message: `MESSAGE_SUBJECT`|
A new message or response with subject:
|MESSAGE_SUBJECT|
has arrived for you to view.
Follow this link to view it:
|HTTP||DOMAIN|:|PORT|/CMD_TICKET?action=view&number=|NUMBER|&type=|TYPE|
|MSG_FOOTER|
Do Not Reply.

4
update/data/templates/mod_security_rules.conf Normal file
View File

@@ -0,0 +1,4 @@
|CUSTOM1|
|FLAGS|
|DISABLEDRULES|
|CUSTOM2|

9
update/data/templates/mx/google.com.txt Normal file
View File

@@ -0,0 +1,9 @@
|?NAME=Google Suite MX|
|?EXTRA_SPF=include:_spf.google.com|
|?SPF_STRICT=-all|
|?LOCAL_DOMAIN=no|
|DOMAIN|. 3600 IN MX 1 ASPMX.L.GOOGLE.COM.
|DOMAIN|. 3600 IN MX 5 ALT1.ASPMX.L.GOOGLE.COM.
|DOMAIN|. 3600 IN MX 5 ALT2.ASPMX.L.GOOGLE.COM.
|DOMAIN|. 3600 IN MX 10 ALT3.ASPMX.L.GOOGLE.COM.
|DOMAIN|. 3600 IN MX 10 ALT4.ASPMX.L.GOOGLE.COM.

13
update/data/templates/mx/office365.txt Normal file
View File

@@ -0,0 +1,13 @@
|?NAME=Microsoft 365|
|?EXTRA_SPF=include:spf.protection.outlook.com|
|?SPF_STRICT=-all|
|?LOCAL_DOMAIN=no|
|DOMAIN|. 3600 IN MX 0 |DOMAIN_DASH_COM|.mail.protection.outlook.com.
autodiscover 3600 IN CNAME autodiscover.outlook.com.
lyncdiscover 3600 IN CNAME webdir.online.lync.com.
msoid 3600 IN CNAME clientconfig.microsoftonline-p.net.
sip 3600 IN CNAME sipdir.online.lync.com.
enterpriseregistration 3600 IN CNAME enterpriseregistration.windows.net.
enterpriseenrollment 3600 IN CNAME enterpriseenrollment.manage.microsoft.com.
_sip._tls 3600 IN SRV 1 100 443 sipdir.online.lync.com.
_sipfederationtls._tcp 3600 IN SRV 1 100 5061 sipfed.online.lync.com.

8
update/data/templates/mx/zoho.eu.txt Normal file
View File

@@ -0,0 +1,8 @@
|?NAME=Zoho Mail|
|?EXTRA_SPF=include:zoho.com|
|?SPF_STRICT=-all|
|?LOCAL_DOMAIN=no|
|DOMAIN|. 3600 IN MX 10 mx.zoho.eu.
|DOMAIN|. 3600 IN MX 20 mx2.zoho.eu.
|DOMAIN|. 3600 IN MX 50 mx3.zoho.eu.

33
update/data/templates/named.db Normal file
View File

@@ -0,0 +1,33 @@
|?SET_TTL=`DEFAULT_TTL`|
|?NS_TIME=`SET_TTL`|
|?A_TIME=`SET_TTL`|
|?MX_TIME=`SET_TTL`|
|?CNAME_TIME=`SET_TTL`|
|?PTR_TIME=`SET_TTL`|
|?TXT_TIME=`SET_TTL`|
|?AAAA_TIME=`SET_TTL`|
|?SRV_TIME=`SET_TTL`|
|?SPF_TIME=`SET_TTL`|
|?TLSA_TIME=`SET_TTL`|
|?CAA_TIME=`SET_TTL`|
|?DS_TIME=`SET_TTL`|
$TTL |SET_TTL|
@ IN SOA |NS1| |EMAIL| (
|SERIAL|
|SET_TTL|
3600
1209600
86400 )
|NS|
|A|
|MX|
|CNAME|
|PTR|
|TXT|
|AAAA|
|SRV|
|SPF|
|TLSA|
|CAA|
|DS|

5
update/data/templates/nginx_blank.conf Normal file
View File

@@ -0,0 +1,5 @@
location |LOCATION_PATH|/
{
|CUSTOM2|
|NGINX_PHP_CONF|
}

49
update/data/templates/nginx_ips.conf Normal file
View File

@@ -0,0 +1,49 @@
|?CACERT_LINE=|
|*if CACERT!=""|
|?CACERT_LINE=ssl_client_certificate `CACERT`;|
|*endif|
|?NGINX_USERDIR=include /etc/nginx/nginx-userdir.conf;|
|*if HAVE_USERDIR_ACCESS="0"|
|?NGINX_USERDIR=|
|*endif|
server {
listen |IP|:|PORT_80| default_server;
server_name _;
root |DOCROOT|;
index index.html index.htm index.php;
|NGINX_USERDIR|
|*if HAS_NGINX_PHP_CONF="yes"|
include /usr/local/directadmin/data/users/|USER|/nginx_php.conf;
|*endif|
# deny access to apache .htaccess files
location ~ /\.ht
{
deny all;
}
include /etc/nginx/webapps.conf;
}
server {
listen |IP|:|PORT_443| ssl|SPACE_HTTP2| default_server;
server_name _;
ssl_certificate |CERT|;
ssl_certificate_key |KEY|;
root |DOCROOT|;
index index.html index.htm index.php;
|NGINX_USERDIR|
|*if HAS_NGINX_PHP_CONF="yes"|
include /usr/local/directadmin/data/users/|USER|/nginx_php.conf;
|*endif|
# deny access to apache .htaccess files
location ~ /\.ht
{
deny all;
}
include /etc/nginx/webapps.ssl.conf;
}

8
update/data/templates/nginx_location.conf Normal file
View File

@@ -0,0 +1,8 @@
location |LOCATION_MATCH|
{
|CUSTOM2|
|PROTECTION_SETTINGS|
|TEMPLATE_SETTINGS|
|UNIT_PROXY_SETTINGS|
|NGINX_PHP_CONF|
}

51
update/data/templates/nginx_php.conf Normal file
View File

@@ -0,0 +1,51 @@
|*if HAVE_PHP1_FPM="1"|
# use fastcgi for all php files
location ~ \.php$
{
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if ( $skip_cache ~ "^$" ) {
set $skip_cache 1;
}
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache FASTCGICACHE;
fastcgi_cache_valid 60m;
add_header X-FastCGI-Cache $upstream_cache_status;
include /etc/nginx/nginx_limits.conf;
if (-f $request_filename)
{
fastcgi_pass unix:/usr/local/php|PHP1_RELEASE|/sockets/|USER|.sock;
}
}
|*endif|
|*if HAVE_PHP2_FPM="1"|
# use fastcgi for all php files
location ~ \.php|PHP2_RELEASE|$
{
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if ( $skip_cache ~ "^$" ) {
set $skip_cache 1;
}
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache FASTCGICACHE;
fastcgi_cache_valid 60m;
add_header X-FastCGI-Cache $upstream_cache_status;
include /etc/nginx/nginx_limits.conf;
if (-f $request_filename)
{
fastcgi_pass unix:/usr/local/php|PHP2_RELEASE|/sockets/|USER|.sock;
}
}
|*endif|

8
update/data/templates/nginx_protected_directory.conf Normal file
View File

@@ -0,0 +1,8 @@
location |PROTECTED_PATH|/
{
|CUSTOM2|
auth_basic "|AUTH_NAME|";
auth_basic_user_file |HTPASSWD|;
|NGINX_PHP_CONF|
}

10
update/data/templates/nginx_redirect.conf Normal file
View File

@@ -0,0 +1,10 @@
|*if REDIRECT_PATH=""|
|CUSTOM2|
rewrite ^/.*$ |REDIRECT_TO| |REDIRECT_TYPE|;
|*else|
location ~ ^|REDIRECT_PATH|(/|$)
{
|CUSTOM2|
rewrite ^/.*$ |REDIRECT_TO| |REDIRECT_TYPE|;
}
|*endif|

64
update/data/templates/nginx_server.conf Normal file
View File

@@ -0,0 +1,64 @@
|CUSTOM1|
|?DOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?REALDOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/var/tmp:/usr/local/lib/php/|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
server
{
|CUSTOM|
listen |IP|:|PORT_80|;
|MULTI_IP|
server_name |HOST_DOMAIN| www.|HOST_DOMAIN| |SERVER_ALIASES|;
access_log /var/log/nginx/domains/|DOMAIN|.log;
access_log /var/log/nginx/domains/|DOMAIN|.bytes bytes;
error_log /var/log/nginx/domains/|DOMAIN|.error.log;
root |DOCROOT|;
index index.php index.html index.htm;
|FORCE_SSL_REDIRECT|
|NGINX_PHP_CONF|
|*if HAVE_NGINX_PROXY="1"|
location /
{
|CUSTOM2|
# access_log off;
proxy_buffering |PROXY_BUFFERING|;
proxy_pass http://|PROXY_IP|:|PORT_8080|;
proxy_set_header X-Client-IP $remote_addr;
proxy_set_header X-Accel-Internal /nginx_static_files;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header Upgrade;
}
location /nginx_static_files/
{
# access_log /var/log/nginx/access_log_proxy;
alias |DOCROOT|/;
internal;
}
|*else|
|NGINX_REDIRECTS|
|HOTLINK_PROTECTION|
|LOCATION_BLOCKS|
|EXTRA_LOCATIONS|
|*endif|
|MOD_SECURITY_RULES|
|CUSTOM3|
include /etc/nginx/webapps.conf;
|CUSTOM4|
}

31
update/data/templates/nginx_server_redirect.conf Normal file
View File

@@ -0,0 +1,31 @@
|CUSTOM1|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|
|CUSTOM2|
server
{
|CUSTOM3|
listen |IP|:|PORT_80|;
|MULTI_IP|
server_name |POINTER| www.|POINTER|;
rewrite ^ http://|WWW_PREFIX||DOMAIN|$request_uri? permanent;
|CUSTOM4|
}
|*if HAVE_SSL="1"|
server
{
|CUSTOM5|
listen |IP|:|PORT_443| ssl|SPACE_HTTP2|;
|MULTI_IP_SSL|
server_name |POINTER| www.|POINTER|;
rewrite ^ https://|WWW_PREFIX||DOMAIN|$request_uri? permanent;
ssl_certificate |CERT|;
ssl_certificate_key |KEY|;
|CUSTOM6|
}
|*endif|
|CUSTOM7|

66
update/data/templates/nginx_server_secure.conf Normal file
View File

@@ -0,0 +1,66 @@
|CUSTOM1|
|?DOCROOT=`HOME`/domains/`DOMAIN`/private_html|
|?REALDOCROOT=`HOME`/domains/`DOMAIN`/private_html|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/var/tmp:/usr/local/lib/php/|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
server
{
|CUSTOM|
listen |IP|:|PORT_443| ssl|SPACE_HTTP2|;
|MULTI_IP|
server_name |HOST_DOMAIN| www.|HOST_DOMAIN| |SERVER_ALIASES|;
access_log /var/log/nginx/domains/|DOMAIN|.log;
access_log /var/log/nginx/domains/|DOMAIN|.bytes bytes;
error_log /var/log/nginx/domains/|DOMAIN|.error.log;
root |DOCROOT|;
index index.php index.html index.htm;
ssl_certificate |CERT|;
ssl_certificate_key |KEY|;
|FORCE_SSL_REDIRECT|
|NGINX_PHP_CONF|
|*if HAVE_NGINX_PROXY="1"|
location /
{
|CUSTOM2|
# access_log off;
proxy_buffering |PROXY_BUFFERING|;
proxy_pass https://|PROXY_IP|:|PORT_8081|;
proxy_set_header X-Client-IP $remote_addr;
proxy_set_header X-Accel-Internal /nginx_static_files;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header Upgrade;
}
location /nginx_static_files/
{
# access_log /var/log/nginx/access_log_proxy;
alias |DOCROOT|/;
internal;
}
|*else|
|NGINX_REDIRECTS|
|HOTLINK_PROTECTION|
|LOCATION_BLOCKS|
|EXTRA_LOCATIONS|
|*endif|
|MOD_SECURITY_RULES|
|CUSTOM3|
include /etc/nginx/webapps.ssl.conf;
|CUSTOM4|
}

67
update/data/templates/nginx_server_secure_sub.conf Normal file
View File

@@ -0,0 +1,67 @@
|CUSTOM1|
|?DOCROOT=`HOME`/domains/`DOMAIN`/private_html|
|?REALDOCROOT=`HOME`/domains/`DOMAIN`/private_html|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/var/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/usr/local/lib/php/|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
server
{
|CUSTOM|
|?SDOCROOT=`DOCROOT`/`SUB`|
listen |IP|:|PORT_443| ssl|SPACE_HTTP2|;
|MULTI_IP|
server_name |SUB|.|HOST_DOMAIN| www.|SUB|.|HOST_DOMAIN| |SERVER_ALIASES|;
access_log /var/log/nginx/domains/|DOMAIN|.|SUB|.log;
access_log /var/log/nginx/domains/|DOMAIN|.|SUB|.bytes bytes;
error_log /var/log/nginx/domains/|DOMAIN|.|SUB|.error.log;
root |SDOCROOT|;
index index.php index.html index.htm;
ssl_certificate |CERT|;
ssl_certificate_key |KEY|;
|NGINX_PHP_CONF|
|FORCE_SSL_REDIRECT|
|*if HAVE_NGINX_PROXY="1"|
location /
{
|CUSTOM2|
# access_log off;
proxy_buffering |PROXY_BUFFERING|;
proxy_pass https://|PROXY_IP|:|PORT_8081|;
proxy_set_header X-Client-IP $remote_addr;
proxy_set_header X-Accel-Internal /nginx_static_files;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header Upgrade;
}
location /nginx_static_files/
{
# access_log /var/log/nginx/access_log_proxy;
alias |SDOCROOT|/;
internal;
}
|*else|
|NGINX_REDIRECTS|
|HOTLINK_PROTECTION|
|LOCATION_BLOCKS|
|EXTRA_LOCATIONS|
|*endif|
|MOD_SECURITY_RULES|
|CUSTOM3|
include /etc/nginx/webapps.ssl.conf;
|CUSTOM4|
}

64
update/data/templates/nginx_server_sub.conf Normal file
View File

@@ -0,0 +1,64 @@
|CUSTOM1|
|?DOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?REALDOCROOT=`HOME`/domains/`DOMAIN`/public_html/`SUB`|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/var/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/usr/local/lib/php/|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
server
{
|CUSTOM|
|?SDOCROOT=`DOCROOT`/`SUB`|
listen |IP|:|PORT_80|;
|MULTI_IP|
server_name |SUB|.|HOST_DOMAIN| www.|SUB|.|HOST_DOMAIN| |SERVER_ALIASES|;
access_log /var/log/nginx/domains/|DOMAIN|.|SUB|.log;
access_log /var/log/nginx/domains/|DOMAIN|.|SUB|.bytes bytes;
error_log /var/log/nginx/domains/|DOMAIN|.|SUB|.error.log;
root |SDOCROOT|;
index index.php index.html index.htm;
|NGINX_PHP_CONF|
|FORCE_SSL_REDIRECT|
|*if HAVE_NGINX_PROXY="1"|
location /
{
|CUSTOM2|
# access_log off;
proxy_buffering |PROXY_BUFFERING|;
proxy_pass http://|PROXY_IP|:|PORT_8080|;
proxy_set_header X-Client-IP $remote_addr;
proxy_set_header X-Accel-Internal /nginx_static_files;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header Upgrade;
}
location /nginx_static_files/
{
# access_log /var/log/nginx/access_log_proxy;
alias |SDOCROOT|/;
internal;
}
|*else|
|NGINX_REDIRECTS|
|HOTLINK_PROTECTION|
|LOCATION_BLOCKS|
|EXTRA_LOCATIONS|
|*endif|
|MOD_SECURITY_RULES|
|CUSTOM3|
include /etc/nginx/webapps.conf;
|CUSTOM4|
}

6
update/data/templates/openlitespeed_context_protected.conf Normal file
View File

@@ -0,0 +1,6 @@
authName |AUTH_NAME|
allowBrowse 1
realm |PROTECTED_PATH|/
accessControl {
allow *
}

48
update/data/templates/openlitespeed_ips.conf Normal file
View File

@@ -0,0 +1,48 @@
|CUSTOM1|
|?DOCROOT=`HOME`/domains/sharedip|
|*if STATUS="server"|
|?DOCROOT=/var/www/html|
|*endif|
|*if DOCROOT="/var/www/html/domains/sharedip"|
|?DOCROOT=/var/www/html|
|*endif|
|?SSLPROTOCOL=24|
|CUSTOM2|
virtualHost |IP| {
|CUSTOM3|
listeners |LISTENER_80|, |LISTENER_443|
user |USER|
group |USER|
vhRoot |HOME|
allowSymbolLink 1
enableScript 1
restrained 1
setUIDMode 2
docRoot |DOCROOT|
vhDomain |IP|
vhAliases *
adminEmails root@localhost
enableGzip 1
enableIpGeo 1
rewrite {
enable 1
autoLoadHtaccess 1
RewriteFile .htaccess
|CUSTOM4|
}
|CUSTOM5|
vhssl {
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
# include aliases
include /usr/local/lsws/conf/httpd-alias.conf
|CUSTOM6|
}
|CUSTOM7|

22
update/data/templates/openlitespeed_listener.conf Normal file
View File

@@ -0,0 +1,22 @@
|CUSTOM1|
|?SSLPROTOCOL=24|
|CUSTOM2|
listener |LISTENER_80| {
|CUSTOM3|
address |IP|:80
secure 0
|CUSTOM4|
}
listener |LISTENER_443| {
|CUSTOM5|
address |IP|:443
secure 1
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
|CUSTOM6|
}
|CUSTOM7|

61
update/data/templates/openlitespeed_redirect_vhost.conf Normal file
View File

@@ -0,0 +1,61 @@
|CUSTOM1|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|
|?VH_PORT=`PORT_80`|
|?VHROOT=`HOME`|
|?DOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?SSLPROTOCOL=30|
|CUSTOM2|
virtualHost |POINTER|-|VH_PORT| {
|CUSTOM3|
user |USER|
group |GROUP|
vhRoot |VHROOT|
setUIDMode 2
listeners |LISTENERS|
docRoot |DOCROOT|
vhDomain |POINTER|
vhAliases www.|POINTER|
rewrite {
enable 1
RewriteRule (.*)$ http://|WWW_PREFIX||DOMAIN|/$1 [R=301,L]
}
|CUSTOM4|
}
|*if HAVE_SSL="1"|
|?VH_PORT=`PORT_443`|
virtualHost |POINTER|-|VH_PORT| {
|CUSTOM5|
user |USER|
group |GROUP|
vhRoot |VHROOT|
setUIDMode 2
listeners |SSL_LISTENERS|
docRoot |DOCROOT|
vhDomain |POINTER|
vhAliases www.|POINTER|
rewrite {
enable 1
RewriteRule (.*)$ https://|WWW_PREFIX||DOMAIN|/$1 [R=301,L]
}
vhssl {
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
|CUSTOM6|
}
|*endif|
|CUSTOM7|

146
update/data/templates/openlitespeed_vhost.conf Normal file
View File

@@ -0,0 +1,146 @@
|CUSTOM1|
|?PUBLIC_HTML=public_html|
|?VH_PORT=`PORT_80`|
|*if SSL_TEMPLATE="1"|
|?PUBLIC_HTML=private_html|
|?VH_PORT=`PORT_443`|
|*endif|
|?DOCROOT=`HOME`/domains/`DOMAIN`/`PUBLIC_HTML`|
|?PUB_DOCROOT=`HOME`/domains/`DOMAIN`/public_html|
|?REALDOCROOT=`DOCROOT`|
|?HOST_DOMAIN=`DOMAIN`|
|*if HOST_POINTER|
|?HOST_DOMAIN=`HOST_POINTER`|
|*endif|
|?SDOMAIN=`HOST_DOMAIN`|
|?LOG_NAME=`DOMAIN`|
|*if SUB|
|?SDOMAIN=`SUB`.`HOST_DOMAIN`|
|?LOG_NAME=`DOMAIN`.`SUB`|
|*endif|
|?VHROOT=`HOME`|
|?SCRIPTHANDLER=lsphp`PHP1_RELEASE`|
|?SSLPROTOCOL=24|
|?OBDP1=|
|*if PHP1_RELEASE!="0"|
|?OBDP1=:/usr/local/php`PHP1_RELEASE`/lib/php/|
|*endif|
|?OBDP2=|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/var/tmp:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/usr/local/lib/php/`OBDP1``OBDP2`|
|?PHP_MAIL_LOG=|
|?CLI_PHP_MAIL_LOG=|
|*if PHP_MAIL_LOG_ENABLED="1"|
|?PHP_MAIL_LOG=-d mail.log="`PHP_MAIL_LOG_DIR`/php-mail.log"|
|?CLI_PHP_MAIL_LOG=php_admin_value mail.log `PHP_MAIL_LOG_DIR`/php-mail.log|
|*endif|
|?PHP_EMAIL=`USER`@`DOMAIN`|
virtualHost |SDOMAIN|-|VH_PORT| {
|CUSTOM|
|?SDOCROOT=`DOCROOT`/`SUB`|
|*if SUB|
|?DOCROOT=`SDOCROOT`|
|*endif|
user |USER|
group |GROUP|
vhRoot |VHROOT|
allowSymbolLink 1
enableScript 1
restrained 1
setUIDMode 2
# listeners listener1, listener2, listener3
listeners |LISTENERS|
#VirtualHost config settings
docRoot |DOCROOT|
vhDomain |SDOMAIN|
|*if WILDCARD_VHALIASES|
vhAliases |WILDCARD_VHALIASES|
|*else|
vhAliases www.|SDOMAIN||SERVER_ALIASES|
|*endif|
adminEmails |ADMIN|
enableGzip 1
enableIpGeo 1
errorlog |APACHELOGDIR|/|LOG_NAME|.error.log {
useServer 0
logLevel NOTICE
rollingSize 0
}
accesslog |APACHELOGDIR|/|LOG_NAME|.log {
useServer 0
logFormat %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"
logHeaders 5
rollingSize 0
}
accesslog |APACHELOGDIR|/|LOG_NAME|.bytes {
useServer 0
logFormat %O %I
rollingSize 0
}
scripthandler {
|CUSTOM2|
add lsapi:|SCRIPTHANDLER| inc
add lsapi:|SCRIPTHANDLER| php
add lsapi:|SCRIPTHANDLER| phtml
add lsapi:|SCRIPTHANDLER| php|PHP1_RELEASE|
}
phpIniOverride {
|CUSTOM4|
php_admin_flag engine |PHP|
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f |PHP_EMAIL|"
|*if OPEN_BASEDIR_ENABLED="ON"|
php_admin_value open_basedir "|OPEN_BASEDIR_PATH|"
|*endif|
|CLI_PHP_MAIL_LOG|
|CLI_PHP_SETTINGS|
|*if HAVE_SAFE_MODE="1"|
php_admin_flag safe_mode |SAFE_MODE|
|*endif|
}
rewrite {
enable 1
autoLoadHtaccess 1
|FORCE_SSL_REDIRECT|
|UNIT_PROXY|
|OPENLITESPEED_REDIRECTS|
|HOTLINK_PROTECTION|
|CUSTOM5|
}
|CONTEXTS|
|REALMS|
|*if SSL_TEMPLATE="1"|
vhssl {
|CUSTOM6|
keyFile |KEY|
certFile |CERT|
certChain 1
sslProtocol |SSLPROTOCOL|
}
|*endif|
# include aliases
include /usr/local/lsws/conf/httpd-alias.conf
|MOD_SECURITY_RULES|
|BUBBLE_WRAP|
|CUSTOM7|
}
|CUSTOM8|

21
update/data/templates/outlook_setup.reg Normal file
View File

@@ -0,0 +1,21 @@
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager\Accounts\\|LOGIN|]
"Account Name"="|EMAIL|"
"Connection Type"=dword:00000003
"POP3 Server"="|SERVER|"
"SMTP Server"="|SERVER|"
"POP3 User Name"="|LOGIN|"
"SMTP User Name"=""
"POP3 Prompt for Password"=dword:00000000
"SMTP Prompt for Password"=dword:00000000
"SMTP Display Name"="|EMAIL|"
"SMTP Email Address"="|EMAIL|"
"POP3 Skip Account"=dword:00000000
"SMTP Use Sicily"=dword:00000002
"POP3 Timeout"=dword:0000003c
"SMTP Timeout"=dword:0000003c
"SMTP Secure Connection"=dword:00000000
"SMTP Split Messages"=dword:00000000
"POP3 Port"=dword:0000006e
"SMTP Port"=dword:0000024b

5
update/data/templates/partition_check.list Normal file
View File

@@ -0,0 +1,5 @@
/
/var
/home
/usr
/tmp

6
update/data/templates/partition_check_message.txt Normal file
View File

@@ -0,0 +1,6 @@
|?SUBJECT=Warning: The disk usage for one or more of your partitions is running low|
This is an automated message notifying you that the following partition(s) have exceeded the |THRESHOLD|% threshold:
|PARTITIONS|
|MSG_FOOTER|

52
update/data/templates/per_email_limit_email_message.txt Normal file
View File

@@ -0,0 +1,52 @@
<html>
|?SUBJECT=Warning: Your E-Mail account has just sent `COUNT` E-Mails|
<center><table width=600 cellspacing=20px><tr><td id=main_text><h1>
|EMAIL| has just finished sending |COUNT| E-Mails.</h1>
There could be a spammer, your account could be compromised, or you're just sending more E-Mails than usual.<br><br>
This warning was generated because the daily threshold of |LIMIT| E-Mails was hit.<br>
Either wait until tomorrow for the count to be reset, or contact your domain manager.<br><br>
The IP that sent the last email was:<br>
|HOST|<br><br>
|*if CAN_CHANGE_PASS="1"|
If this is not your IP, or you did not send these emails, please change your password immediately:<br>
<a target=_blank href="|HTTP|://|DOMAIN|:|PORT|/CMD_CHANGE_EMAIL_PASSWORD">|HTTP|://|DOMAIN|:|PORT|/CMD_CHANGE_EMAIL_PASSWORD</a><br><br>
|*endif|
<span id=footer>================================<br>
Automated Message Generated by |DEAMONNAME|
</span>
</td></tr></table>
</center>
<style>
* { font-family: verdana; font-size: 10pt; COLOR: gray; }
b { font-weight: bold; }
table {
border-radius:10px;
box-shadow: 10px 10px 50px #000000;
background: #28619c;
}
#main_text {
background: #eef6ff;
text-align: left;
padding: 25;
border-radius:5px;
box-shadow: 2px 2px 15px #000000;
}
html {
background: #ffffff;
}
h1 {
font-size: 12pt;
font-wight: bold;
COLOR: #594842;
}
#footer {
COLOR: #cad4e0;
}
</style>
</html>

9
update/data/templates/per_email_limit_message.txt Normal file
View File

@@ -0,0 +1,9 @@
|?SUBJECT=Warning: `COUNT` E-Mails have just been sent by `EMAIL`|
The address |EMAIL| has just finished sending |COUNT| emails.
There could be a spammer, the account could be compromised, or just sending more emails than usual.
This warning was generated because the |LIMIT| email threshold was hit.
The E-Mail account is managed under the |USERNAME| User account.
================================
Automated Message Generated by DirectAdmin

14
update/data/templates/php-cron.ini Normal file
View File

@@ -0,0 +1,14 @@
|?SENDMAIL_PATH=/usr/sbin/sendmail -t -i -f `PHP_EMAIL`|
|?CLI_PHP_MAIL_LOG=`PHP_MAIL_LOG_DIR`/php-mail.log|
sendmail_path = |SENDMAIL_PATH|
|*if SESSION_SAVE_PATH!=""|
session.save_path = |SESSION_SAVE_PATH|
|*endif|
|*if OPEN_BASEDIR_ENABLED="ON"|
open_basedir = |OPEN_BASEDIR_PATH|
|*endif|
|*if PHP_MAIL_LOG_ENABLED="1"|
mail.log = |CLI_PHP_MAIL_LOG|
|*endif|
|CRON_PHP_SETTINGS|

42
update/data/templates/php-fpm.conf Normal file
View File

@@ -0,0 +1,42 @@
|?PHP_VER=54|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp/:/var/tmp/:/opt/alt/php`PHP1_RELEASE`/usr/share/pear/:/dev/urandom:/usr/local/php`PHP_VER`/lib/:`ACTIVE_USR_LOCAL_PHP_LIB`:/usr/local/lib/php/|
|?EMAIL=`USER`@`DOMAIN`|
|?MAX_CHILDREN=`MAX_CHILDREN_DEFAULT`|
|?MAX_REQUESTS=500|
|CUSTOM1|
[|USER|]
user = $pool
group = $pool
listen = /usr/local/php|PHP_VER|/sockets/$pool.sock
listen.owner = $pool
listen.group = |SERVER_GROUP|
listen.mode = 660
pm = ondemand
pm.max_children = |MAX_CHILDREN|
pm.process_idle_timeout = 20
pm.max_requests = |MAX_REQUESTS|
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f |EMAIL|
|*if PHP_SESSION_SAVE_PATH!=""|
php_admin_value[session.save_path] = |PHP_SESSION_SAVE_PATH|
|*endif|
|*if OPEN_BASEDIR="ON"|
php_admin_value[open_basedir] = |OPEN_BASEDIR_PATH|
|*endif|
|*if PHP_MAIL_LOG_ENABLED="1"|
php_admin_value[mail.log] = |PHP_MAIL_LOG_DIR|/php-mail.log
|*endif|
|*if LIMIT_EXTENSIONS!=""|
security.limit_extensions = |LIMIT_EXTENSIONS|
|*endif|
|FPM_PHP_SETTINGS|
|CUSTOM2|

111
update/data/templates/php_settings.json Normal file
View File

@@ -0,0 +1,111 @@
{
"ini" : {
"display_errors" : {
"default" : "On",
"type" : "bool"
},
"error_reporting" : {
"default" : "32759",
"type" : "list",
"values" : {
"-32768": "~E_ALL",
"32759": "E_ALL & ~E_NOTICE",
"32767": "E_ALL"
}
},
"file_uploads" : {
"default" : "On",
"type" : "bool"
},
"include_path" : {
"default" : "\".;/path/to/php/pear\"",
"type" : "value"
},
"log_errors" : {
"default" : "Off",
"type" : "bool"
},
"mail.force_extra_parameters" : {
"default" : "",
"type" : "value"
},
"max_execution_time" : {
"default" : 30,
"type" : "int",
"range" : [ 0, 14400 ]
},
"max_input_time" : {
"default" : 60,
"type": "int",
"range" : [ 0, 14400 ]
},
"max_input_vars" : {
"default" : 1000,
"type": "int",
"range" : [ 1, 100000 ]
},
"memory_limit" : {
"default" : "128M",
"type" : "list",
"values" : [
"64M",
"128M",
"192M",
"256M",
"368M",
"512M",
"768M",
"1024M"
]
},
"post_max_size" : {
"default" : "8M",
"type" : "list",
"values" : [
"2M",
"4M",
"8M",
"16M",
"32M",
"64M",
"128M"
]
},
"register_globals" : {
"default" : "Off",
"type" : "bool",
"require" : {
"php_ver" : "<5.4.0"
}
},
"session.gc_maxlifetime" : {
"default" : 1440,
"type" : "int",
"range" : [ 1, 1209600 ]
},
"short_open_tag" : {
"default" : "On",
"type" : "bool"
},
"upload_max_filesize" : {
"default" : "2M",
"type" : "list",
"values" : [
"2M",
"4M",
"8M",
"16M",
"32M",
"64M",
"128M",
"256M",
"512M",
"1G"
]
},
"zlib.output_compression" : {
"default" : "Off",
"type" : "bool"
}
}
}

91
update/data/templates/proftpd.conf Normal file
View File

@@ -0,0 +1,91 @@
ServerName "ProFTPd"
ServerType standalone
Port 21
PassivePorts 35000 35999
UseReverseDNS off
TimesGMT off
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600
ScoreboardFile /var/run/proftpd/proftpd.scoreboard
PidFile /var/run/proftpd/proftpd.pid
TransferLog /var/log/proftpd/xferlog.legacy
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
#DON'T modify this log format. It's used by DirectAdmin to determine user usage
LogFormat userlog "%u %b %m %a"
ExtendedLog /var/log/proftpd/|SERVER_IP|.bytes WRITE,READ userlog
AuthUserFile /etc/proftpd.passwd
DefaultServer on
AuthOrder mod_auth_file.c
#AuthPAM off
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/proftpd.tls.log
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSCipherSuite HIGH:MEDIUM:+TLSv1
TLSVerifyClient off
TLSRequired off
#Certificates
TLSRSACertificateFile /etc/exim.cert
TLSRSACertificateKeyFile /etc/exim.key
#TLSCACertificateFile /etc/ftpd/root.cert.pem
</IfModule>
<Global>
PassivePorts 35000 35999
DeferWelcome on
RequireValidShell no
DefaultRoot ~
DirFakeUser on ftp
DirFakeGroup on ftp
User ftp
Group ftp
#UserAlias anonymous ftp
AllowStoreRestart on
AllowRetrieveRestart on
ListOptions -a
ShowSymlinks on
<IfModule mod_facts.c>
##Enable this with proftpd 1.3.4b+ to fix FileZilla MLSD
##http://www.proftpd.org/docs/modules/mod_facts.html#FactsOptions
# FactsOptions UseSlink
</IfModule>
Umask 022
DisplayLogin welcome.msg
DisplayChdir readme
AllowOverwrite yes
IdentLookups off
ExtendedLog /var/log/proftpd/access.log WRITE,READ write
ExtendedLog /var/log/proftpd/auth.log AUTH auth
#
# Paranoia logging level....
#
#ExtendedLog /var/log/proftpd/paranoid.log ALL default
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/proftpd.tls.log
TLSRSACertificateFile /etc/exim.cert
TLSRSACertificateKeyFile /etc/exim.key
</IfModule>
</Global>
Include /etc/proftpd.vhosts.conf

6
update/data/templates/proftpd.vhosts.conf Normal file
View File

@@ -0,0 +1,6 @@
<VirtualHost |ip|>
ServerName "|ServerName|"
ExtendedLog |ExtendedLog| WRITE,READ userlog
AuthUserFile |AuthUserFile|
|EXTRA|
</VirtualHost>

49
update/data/templates/redirect_virtual_host.conf Normal file
View File

@@ -0,0 +1,49 @@
|CUSTOM1|
|?SUEXEC_UG=|
|?OLD_USER=User `USER`|
|?OLD_GROUP=Group `GROUP`|
|*if APACHE_VER="2.0"|
|?SUEXEC_UG=SuexecUserGroup `USER` `GROUP`|
|?OLD_USER=|
|?OLD_GROUP=|
|*endif|
|?WWW_PREFIX=www.|
|*if WWW_REDIRECT="no"|
|?WWW_PREFIX=|
|*endif|
|CUSTOM2|
<VirtualHost |IP|:|PORT_80| |MULTI_IP|>
|CUSTOM3|
ServerName |POINTER|
ServerAlias www.|POINTER|
Redirect 301 / http://|WWW_PREFIX||DOMAIN|/
<IfModule !mod_ruid2.c>
|SUEXEC_UG|
</IfModule>
|OLD_USER|
|OLD_GROUP|
|CUSTOM4|
</VirtualHost>
|*if HAVE_SSL="1"|
<VirtualHost |IP|:|PORT_443| |MULTI_IP_SSL|>
|CUSTOM5|
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
ServerName |POINTER|
ServerAlias www.|POINTER|
Redirect 301 / https://|WWW_PREFIX||DOMAIN|/
<IfModule !mod_ruid2.c>
|SUEXEC_UG|
</IfModule>
|OLD_USER|
|OLD_GROUP|
|CUSTOM6|
</VirtualHost>
|*endif|
|CUSTOM7|

2
update/data/templates/reply_content-types.list Normal file
View File

@@ -0,0 +1,2 @@
text/plain=default=yes
text/html=default=no

2
update/data/templates/reply_encodings.list Normal file
View File

@@ -0,0 +1,2 @@
iso-8859-1=
UTF-8=

5
update/data/templates/reply_headers.txt Normal file
View File

@@ -0,0 +1,5 @@
MIME-Version: 1.0
Content-Type: |Content-Type|; charset=|charset|
|*if charset="UTF-8"|
Content-Transfer-Encoding: 8bit
|*endif|

8
update/data/templates/reseller_limit.txt Normal file
View File

@@ -0,0 +1,8 @@
|?SUBJECT=Reseller `USERNAME` has used up `BANDWIDTH`% of their bandwidth|
This is an automated message notifying Reseller |USERNAME| that |BANDWIDTH| % of their bandwidth has been used up.
It is estimated, at the current rate of use, that the account will be used up in |TIMELEFT| days, at which time the account will be suspended for the remainder of the month.
The server Admin and Reseller should contact each other if this is an issue.
|MSG_FOOTER|

Some files were not shown because too many files have changed in this diff Show More