Fix for undeletable user-defined Squirrelmail folder

I run my own mail server and use Squirrelmail to facilitate webmail access using HTTPS.  I encountered problems trying to delete a folder that I created as part of a test to find out if things were working correctly:

ERROR : Could not delete “Archive” 
Given: Invalid mailbox name

SquirrelMail is a Webmail application started by Nathan and Luke Ehresman and written in the PHP scripting language. It can be installed on almost all web servers so long as PHP is present and the web server has access to an IMAP and SMTP server

After some digging around, I found that after modifying a setting via ./conf.pl I was able to delete the folder.  If you’re experiencing the same thing, do the following:

1.   Open a terminal window.

2.   Navigate to Squirrelmail’s root dir, which in my case is /usr/share/squirrelmail.

3.   Navigate to the config/ folder then type: ./conf.pl.

4.   Select option 3 then 1 and enter none.

5.   Save your changes and exit.

It may not work on all situations, and some have said that in version 1.4.0, you may need to set/pick your IMAP server (I use Dovecot), like so:

1.   Open terminal window (again).

2.   Navigate to the config/ folder then type: ./conf.pl.

3.  From the menu options, select D, then save and exit.

If you still have problems after performing these steps, modify your php.ini config file to report more verbosely by changing the following lines:

display_errors = on
error_reporting = E_ALL

After saving the modifications you just made, restart your web server via (I run FC6 so) service httpd restart, then watch your Apache error_log for more info. 

That’s it.  Hopefully, this helps you from having to do the legwork.  Take care.  =0)

Accessing specific event logs on a remote server

An old friend and classmate of mine, Zahid Faisal, wanted to know how to access/read event logs on a remote server using Windows PowerShell. I thought it was an interesting challenge, so after some research and playing around I found that you can make use of the WMI objects to do this.

Follow along to try it out:

1. Open PowerShell and type in the following:

PS C:\> $logs = [System.Diagnostics.EventLog]::GetEventLogs(‘servername’)

This will create a new EventLog object that uses the GetEventLogs method, which by the way, accepts a machine name as an argument. This is exactly what we’re looking for.

2. If the command did not return any errors, continue with the following:

PS C:\> $logs[0]

You should get something like this:

Max(K) Retain OverflowAction     Entries Name

10,240      0 OverwriteAsNeeded      838 Application

The [0] after $logs is simply an array of the different types of event logs, which in this case, [0] equals the Application logs.

3. Next, the bread-and-butter – filtering:

PS C:\> $logs[0].entries | where `

>> {($_.Source -eq “Orion”) -AND ($_.TimeWritten -ge $recent)}

>>

By using the where object, we’re able to filter what we’re specifically looking for. In Zahid’s case, he wanted to grab the most recent logs that are only related to “Orion.”

Take note that this will only work if you’re an administrator on the remote server.

Hope this helps. =0)

Automatically redirect to HTTPS with .htaccess

I caught the flu last week that’s why I haven’t been posting regularly.  =0(

Anyway, I wrote previously on how to password-protect a website/page, but in this post I’ll show you how to redirect a user automagically to HTTPS.

All you need to do is add the following in the .htaccess file (I’ll be using the Squirrelmail website as an example):

1.  I use Apache 2, so I do:

vi /etc/httpd/conf.d/squirrelmail.conf

Initially, it will look like:

# SquirrelMail is a webmail package written in PHP.
Alias /webmail /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

2.  Add the following, like so:

# SquirrelMail is a webmail package written in PHP.
Alias /webmail /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*)
https://%{HTTP_HOST}%{REQUEST_URI}
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

3.  Save and exit by typing :wq!.

4.  Restart Apache like so: service httpd restart.

That’s it!  When someone visits, http://www.website.com/webmail, Apache will automatically redirect the user to https://www.website.com/webmail.

Hope this helps.  Take care!

Creating a self-signed cert

If you need to support or serve your website using SSL, but only for personal purposes, such as a webmail, you’ve probably come across the problem of creating your own server certificate.

Secure Sockets Layer (SSL), are cryptographic protocols which provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers.

If so, run the following to create a self-signed cert:

1.   Via a terminal window, run these commands in sequence:

openssl genrsa -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl rsa -in server.key -out signingkey.key
openssl x509 -in server.csr -out selfsigned_digicert.crt -req -signkey signingkey.key -days 3650
chmod 600 server.key
chmod 600 selfsigned_digicert.crt
mkdir -p /etc/pki/tls/private
mkdir -p /etc/pki/tls/certs
cp server.key /etc/pki/tls/private/localhost.key
cp selfsigned_digicert.crt /etc/pki/tls/certs/localhost.crt

1.   Restart HTTP (I run FC6), like so:

server httpd restart

That’s it!  You can now serve your website via SSL…Don’t forget to open up your firewall to accept them (TCP port 443).

Bad-Behavior MediaWiki Plugin Fix

If you use MediaWiki to power your wiki, you’ve probably heard of the Bad-Behavior plugin to help fight spam.

Bad Behavior is a set of PHP scripts which prevents spambots from accessing your site by analyzing their actual HTTP requests and comparing them to profiles from known spambots. It goes far beyond User-Agent and Referer, however. Bad Behavior is available for several PHP-based software packages, and also can be integrated in seconds into any PHP script.

I was all for it after I read the description as well as the functions it adds to one’s wiki.  So, I did the following:

1.   Downloaded it like so:

wget http://www.bad-behavior.ioerror.us/download/bad-be…

2.   Unzipped it with the -a option (for ASCII mode):

unzip -a bad-behavior-2.0.10.zip

3.   Copied the whole folder to /path-to-wiki/extensions

cp -R /path-to-wiki/extensions

4.   Edited LocalSettings.php an added the following line at the end of the file:

include( ‘./extensions/Bad-Behavior/bad-behavior-mediawiki.php’ );

The include statement above should’ve worked where a new table would’ve been added in my MediaWiki DB, but this did not happen, and when clicking on any link, I would just get a blank page.

My HTTPD logs also showed “undefined variable” errors, so after searching for fixes, I found that the following line had to be added just below the require_once(“includes/DefaultSettings.php”) line to resolve the issues. 

Apparently, you’ll need this if you’re using a certain combination of Apache-PHP-MediaWiki versions:

require_once( “includes/DatabaseFunctions.php” );

I restarted Apache and all worked fine.  You can also add the Bad-Behavior 2 Extended extension if you’d like, which I did.