BlueOnyx

BlueOnyx 5209R – Issues with importing signed certificates

Importing signed certificates on BlueOnyx has always been somewhat of a challenge and it’s not well documented. The gist of it is that the certificate you want to import needs to consist of both the certificate and the corresponding private key, and it must have an extension that BlueOnyx understands (*.crt or *.cert works). Even so, my attempt to import a signed certificate from RapidSSL failed with a message stating that the imported certificate did not contain the correct private key.

Dovecot Panic: file mail-transaction-log.c

I got a call last week from a client that was having some issues with retrieving email from a Dovecot IMAP server. The client was connecting over TLS and was using an Apple mail client. Upon checking the mailserver log, I was greeted with a flood of rather vicious looking errors. I’m not gonna post the entire backtrace since its rather long, but you’ll get the idea.

BlueOnyx 5107R - make_sock: could not bind to address 0.0.0.0:80

Recently, I became aware that Apache’s access and error_log on a BlueOnyx 5107R server were both zero byte files. Restarting Apache to correct the issue resulted in the following error message: (98) Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs Fixing the issue was a simple matter of issuing the following commands: killall -9 httpd service httpd start It seems that during logrotate, Apache was not able to get new file handles to write to the new log files.

BlueOnyx 5106R - Unresponsive Login Manager

BlueOnyx uses the PAM ABL module to mitigate brute force attacks. Though it’s not a good idea to rely solely on this module to protect your services, it’s definitely better than nothing. However, for some reason the database storing the failed hosts and users tends to corrupt easily on BlueOnyx systems.

Running BlueOnyx with suPHP and WordPress

suPHP allows the execution of PHP scripts with the privileges of their owner. PHP scripts are no longer executed by the Apache user. This will be safer, but also more resource intensive. From a users point of view, the biggest advantage in terms of user friendliness is the fluent installation of plugins, updates and file uploads.