Tag: quickfix

Zimbra ZCS: OpenDKIM not running

After upgrading Debian, OpenDKIM sometimes stops running or fails to properly restart. If you don’t actively monitor your ZCS server, the only way to detect this is either through a growing mail queue of unsent messages or through a note in the ZCS server admin panel.

Usually, manually restarting either OpenDKIM itself or the whole ZCS server once “fixes” the problem:

# service zimbra restart

or

# /etc/init.d/zimbra restart

In other cases, fixing the permissions may help:

# /opt/zimbra/libexec/zmfixperms -verbose -extended

(source)

WordPress 2.8.3: Quick-fix for admin lock-out security problem

Problem description (In WP 2.8.3 and earlier, the admin password can be reset remotely without WordPress generating a new one, locking-out the admin):

[Full-disclosure] WordPress <= 2.8.3 Remote admin reset password

For a quick-fix, see:

http://core.trac.wordpress.org/changeset/11798

i.e., in wp-login.php, replace the line

if ( empty( $key ) )

with

 if ( empty( $key ) || is_array( $key ) )


If your WordPress installation has been hacked already, here’s an emergency password reset script you can use to reset and regenerate your admin password.

A German explanation of the security bug and how to fix it can be found on heise online:

Lücke in WordPress ermöglicht Aussperren des Admins

[Update 20090812: Now that a security update is available, users are advised to update to WordPress 2.8.4]