Thanks. I have now chosen SES, but it appears as if I'm sandboxed for the time being. Hopefully, they open it up soon as I had Sendinblue working. Though, Amazon appears to be much more trusted to reduce bounce, etc.For Xenforo sent emails, I use Amazon SES SMTP and it has it's own instructions for proper DKIM + SPF setup. Then I setup DMARC separately myself.
I played a lot with your stack over the month and was disappointed that I couldn't build Naxsi into it, I believe that a WAF should be available.For server system sent emails, I just setup DKIM + SPF + DMARC myself as I use my own Centmin Mod LEMP stack so I have instructions for my Centmin Mod LEMP stack users and myself to follow at https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/
Which version of Centmin Mod did you try 123.08stable or 123.09beta01. 123.09beta01 is where all the development work is right now feature wise. But naxsi i don't have much experience with so not something I can test and support. But as you're using modsecurity, then Centmin Mod 123.09beta01 with modsecurity for nginx is an option as it's in development and working for folks that have tried it - not 100% automated but if you know how to configure modsecurity for nginx after modsecurity nginx module is compiled/installed, you should be fine. See these 2 linksI played a lot with your stack over the month and was disappointed that I couldn't build Naxsi into it, I believe that a WAF should be available.
I settled on a LA(x)P stack (MySQL on another server) with Apache 2.4/modsecurity & PHP72 instead because I couldn't even get Naxsi to build myself (edit: with ngx_pagespeed), on a fresh install, and adding it to your build.
I would love to benchmark Centminmod with Naxsi and rules implemented for security and will be on the lookout for that (in the near future, hopefully).
Don't quote me on this, but while doing research into the two (modsecurity vs Naxsi) on nginx, modsecurity lacked features over ones provided with Apache. That was the main reason why I reverted back to Apache to use modsecurity.Which version of Centmin Mod did you try 123.08stable or 123.09beta01. 123.09beta01 is where all the development work is right now feature wise. But naxsi i don't have much experience with so not something I can test and support. But as you're using modsecurity, then Centmin Mod 123.09beta01 with modsecurity for nginx is an option as it's in development and working for folks that have tried it - not 100% automated but if you know how to configure modsecurity for nginx after modsecurity nginx module is compiled/installed, you should be fine. See these 2 links
wouldn't know the specifics as modsecurity for nginx started as a rewrite via libmodsecurity https://github.com/SpiderLabs/ModSecurity-nginx so at points in time it would of had to play catch up to apache version.. this was ages ago though - probably years don't recall.Don't quote me on this, but while doing research into the two (modsecurity vs Naxsi) on nginx, modsecurity lacked features over ones provided with Apache. That was the main reason why I reverted back to Apache to use modsecurity.
doesn't seem to lack features compared to apache, instead it has new features/functionalityWhat is the difference between this project and the old ModSecurity add-on for nginx?
The old version uses ModSecurity standalone, which is a wrapper for Apache internals to link ModSecurity to nginx. This current version is closer to nginx, consuming the new libmodsecurity which is no longer dependent on Apache. As a result, this current version has less dependencies, fewer bugs, and is faster. In addition, some new functionality is also provided - such as the possibility of use of global rules configuration with per directory/location customizations (e.g. SecRuleRemoveById).
If you haven't, you need to open a request to be unsandboxed...Thanks. I have now chosen SES, but it appears as if I'm sandboxed for the time being. Hopefully, they open it up soon as I had Sendinblue working.
yupIf you haven't, you need to open a request to be unsandboxed...
Going to fire it up and see if I can get the servers to act as I want again (it didn't before and made me give up as well).Centmin Mod 123.09beta01 uses the newer Modsecurity connector via libmodsecurity for Nginx installs.
Yeah, luckily I did it after hours and requested a mail increase. Noticed that you had to be unsandboxed as well, so replied again. Woke up to a 50k limit without being sandboxed. The service is incredibly fast to deliver!If you haven't, you need to open a request to be unsandboxed...
Re-building nginx now. The first install did not have the modsecurity module. I found that you need to set the variable to y in centmin.sh. It looks like it's compiling now, so we'll see if the module loads or I have to add it to conf first.Centmin Mod 123.09beta01 uses the newer Modsecurity connector via libmodsecurity for Nginx installs.
While comparing prices, I noticed this about SES: "$0 for the first 62,000 emails you send each month, and $0.10 for every 1,000 emails you send after that." However, it's only for EC2 instances, which is what I am running. This saves me approximately $12 (next package on SendGrid would be $15).I use SendGrid with SKIM and SPF setup to send everything from XenForo
yes this is outlined at https://community.centminmod.com/threads/update-prep-for-modsecurity-v3-0.12453/Re-building nginx now. The first install did not have the modsecurity module. I found that you need to set the variable to y in centmin.sh. It looks like it's compiling now, so we'll see if the module loads or I have to add it to conf first.
Thanks for the suggestion. I prefer running my instances on DO though.While comparing prices, I noticed this about SES: "$0 for the first 62,000 emails you send each month, and $0.10 for every 1,000 emails you send after that." However, it's only for EC2 instances, which is what I am running. This saves me approximately $12 (next package on SendGrid would be $15).
Something to consider if you're with Amazon EC2 for some extra savings (SendGrid Essential is $14.95 for 100,000 whereas 100,000 on SES would be $3.80).
We use essential cookies to make this site work, and optional cookies to enhance your experience.