Selasa, 19 September 2023

nginx and old security headers

Nginx   

  # security headers

    add_header Permissions-Policy "interest-cohort=()" always;

add_header X-Frame-Options SAMEORIGIN;

    add_header X-Content-Type-Options nosniff;

    add_header Referrer-Policy no-referrer-when-downgrade;

    add_header X-XSS-Protection "0; mode=block";

    add_header Expect-CT "max-age=63072000, enforce";

    add_header X-Permitted-Cross-Domain-Policies master-only;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";

    add_header Content-Security-Policy "upgrade-insecure-requests";

ols

Strict-Transport-Security: max-age=31536000; includeSubDomains

Content-Security-Policy "upgrade-insecure-requests";

X-Content-Type-Options "nosniff" always

X-Frame-Options: SAMEORIGIN

Referrer-Policy: no-referrer-when-downgrade

Permissions-Policy "interest-cohort=()" always;


Grade A+ https://www.vevioz.com

Sabtu, 08 Juli 2023

How To install FFmpeg and FFprobe

How To install FFmpeg and FFprobe 


1) Navigate to "bin" folder

cd /usr/local/bin

2) Download FFmpeg & FFprobe static builds

wget https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz

3) Unpack Archive file and move binary files

tar -xf ffmpeg-release-amd64-static.tar.xz && mv ffmpeg-*-amd64-static/ffmpeg ffmpeg-*-amd64-static/ffprobe . && rm -rf ffmpeg-*-amd64-static ffmpeg-release-amd64-static.tar.xz

4) Set "executable" permissions

chmod 0755 ffmpeg ffprobe

That's it!

Kamis, 06 Juli 2023

Add exif library in php 8.2

 cd /tmp

wget https://node.aapanel.com/install/3/exif.sh
bash exif.sh install 82

Sabtu, 24 Juni 2023

FLOATING ADS

<!-- FLOATING ADS DI BAWAH -->
<script type='text/javascript'>
$(document).ready(function() {$('img#closed').click(function(){$('#btm_banner').hide(90);});});
</script>
<!--start: floating ads-->
<div id='floatads' style='width:100%;height:320;margin:auto; text-align:center;float:none;overflow:hidden; display:scroll;position:fixed; bottom:0;z-index:9999'>
<div><a id='close-floatads' onclick='document.getElementById(&#39;floatads&#39;).style.display = &#39;none&#39;;' style='cursor:pointer;'>
<center>
<button class='outline' style='padding: 2px 7px 2px;display: inline-block;right: 47%;font-size: 10px;line-height: 1;position: absolute;z-index: 1;'>Close</button>
</center>
</a></div>
<!--Script iklan-->
<ins class='adsbygoogle' data-ad-client='ca-pub-1405929659228935' data-ad-format='auto' data-ad-slot='9651835296' data-full-width-responsive='true' style='display:block'></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
<!--Akhir script iklan-->
</div>
<!--end: floating ads-->


Kamis, 11 Mei 2023

How to add List-Unsubscribe header

 To implement the opt-out option in your email header, your email server must first be configured. For example, this is how to add the list-unsubscribe header to all outgoing emails using Postfix:

  • in /etc/postfix/main.cf, set header_checks to:
header_checks = regexp:/etc/postfix/list_unsub_header 

Copy

  • create a list_unsub_header file in /etc/postfix/ and add the following:
/^Content-Transfer-Encoding:/i PREPEND List-Unsubscribe: mailto:<sender-email-address>?subject=unsubscribe>"

Copy

  • Restart Postfix it with
service postfix restart

Copy

or

/etc/init.d/postfix restart

Copy

Contact your email administrator to insert this option for your particular server. If you use an email service provider, you can ask them to insert the list-unsubscribe header into your email. Or you can do this yourself, using the ESP’s documentation. To accomplish this, you will have to choose between two types of unsubscribing methods: mailto and http.

Mailto

Mailto is the most commonly used method for implementing the list-unsubscribe header. When a user clicks the unsubscribe link, the mail client generates an email with an unsubscribe request and sends it to a specified email address. You also need to process the request and unsubscribe from this user. Here is the flow of setting up a mailto list-unsubscribe:

  • Create a dedicated email address for unsubscribe requests. For example, unsubscribe@example.com
  • Provide this email address to your email administrator or ESP and ask them to insert it into the email header. The following syntax should be used:
List-Unsubscribe: <mailto: unsubscribe@example.com?subject=unsubscribe>

Copy

  • With the mailto method, you have to manually unsubscribe the users.

Http or unsubscribe URL

With the http method, behind the list-unsubscribe header, there is a URL leading to a web page for opting out. When a user clicks the unsubscribe link, a landing page 2 opens, and the user is asked to confirm unsubscription. Here is the flow of setting up an http list-unsubscribe:

  • Create a web page dedicated to unsubscribe requests. Both http: and https: are acceptable. For example, http://www.example.com/unsubscribe.html 7
  • Provide the unsubscribe URL to your email administrator or ESP, and ask them to insert it into the email header. It is best to use this method in conjunction with mailto because the recipient’s inbox client may not support http list-unsubscribe. That’s why it is advisable to use the following syntax:
List-Unsubscribe:  <mailto: unsubscribe@example.com?subject=unsubscribe>,  <http://www

DKIM not working - Mails do not get signed

PROBLEM DESCRIPTION

For any given domain, in Mail Settings, "Use DKIM spam protection system to sign outgoing email messages" is checked enabled, but in some circumstances outbound email messages are not signed from said domain. It's necessary to switch DKIM off and on again ;) to get it to work. 


Unable to send dkim headers

Troubleshoot log /var/log/rspamd/rspamd.log
Prompt for permission issues:
dkim_module_load_key_format: cannot load dkim key /www/server/dkim/xxxx.com/default.private: cannot map key file: '/www/server/dkim/xxxx.com/default.private' Permission denied

Set 640 to 644, then restart rspamd to send emails to view email source code
chmod 644 /www/server/dkim/xxxx.com/default.private
/etc/init.d/rspamd restart