Verify that your FTP account

Verify that your FTP account

Verify that your FTP account has been created and is working. You should try to connect with your FTP client to verify that. Use these settings to try to connect.

FTP Server: Your server IP address.
FTP Username: Your domain name
FTP Password: Your Kloxo admin password
Port: 21

There is currently a bug in the FTP server installation that might keep you from connecting. As a matter of course, you should enter the following commands to clear the bug.

# yum –y downgrade pure-ftpd # /script/upcp # /script/cleanup # yum -y update

If you can connect, everything is fine. If not look in Kloxo admin in the Domains box and click on the FTP Users icon to reenter your authentication information.

Verify that your web page works. You can preview the web page in Kloxo. Click on the Domains tab, scroll down the page, and click on your domain name. That will open the domain control panel. Scroll down to the bottom to the Extra box, and click Dnsless Preview. If you see a panel that says your domain isn’t configured properly then start a ssh session and issue the following command.

# sh /script/fixweb
Then reboot the server. That usually clears the error.

Next, you need to allow cgi scripts to run. I don’t know why, but by default Apache has not been configured to know what to do with files with .cgi or .pl extensions. The result is that the web server will display .cgi files as if they were text files, so when you run a cgi script all you see is the code. To fix that you will need to add a couple of “handlers” to Apache. In webmin, click the Servers icon at the top, then click the Apache Webserver icon. Click on the Default Server icon. Click the MIME Types icon. In the “Content Handlers” section, add entries for .cgi and .pl extensions, selecting the handler type of “cgi-script” from the drop-down menu for both. When you get done it should look something like this.

Click the Save button at the bottom, then click the “Apply Changes” tab near the top. That should enable your CGI & perl scripts.

Now click the MIME Types icon again and add the following entries to the Extra MIME Types table, just to be sure that your web server will do most anything your customers want to do.

application/x-shockwave-flash .swf
application/xml .xml
application/futuresplash .spl
text/javascript .js
text/css .css

Those entries should look something like this.

Hint: The table will only give you one row of open cells at a time. You will need to enter the top two, then click Save and click Apply Changes, then click MIME Types again. It will give you another row.
By default, Kloxo does not disable recursive DNS lookups. That can be a security problem, since anyone could use your DNS server for general DNS lookup use. Allowing recursive DNS lookups is a genuine risk, since a Denial of Service attack is possible if DNS recursion is not disabled.
To check that, login to Kloxo as admin. Click on the Domains tab and click on your primary business domain name (actually, you should get the same result with any of your hosted domains). In the domain control panel, go to the bottom in the Extra box and click on the Check Dns icon. It will take a minute before it displays. The only red warning you should see is a warning about recursive DNS lookups. If you see that error, you will want to take care of it.

To disable DNS recursion, go to webmin and click the Servers icon at the top. Click the BIND DNS Server icon, and then open the Edit Config File icon. Add the following lines of text to the top of the file.
options {
allow-recursion { localhost; };
};

HINT: The brackets in the above code are all braces (curly brackets).

That statement will disable recursive DNS lookups from anywhere except from within your own server. Click the Save button. To apply the change, click the Stop BIND tab, then click Start BIND. If you go back to Kloxo and click the Check Dns icon again you you should see that the recursive DNS error is now gone.

You should also disable logging in BIND. Even though you have disabled recursive lookups, BIND will still log recursive lookup attempts. During an attempted recursive attack the high-volume logging of each failed recursive lookup request can still slow the system, even resulting in the log file growing to hundreds of megabytes in a very short period of time. To prevent that it’s recommended that logging be disabled during normal operation. To do that, add this code to the same file as above.
logging {
category default { null; };
};
Save, then restart named to apply.