Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
CentOS-WebPanel Bugs / Security headers are missing
« on: September 24, 2020, 06:06:23 PM »
Today I did a test using the following site:
https://www.webpagetest.org/
I received a "D" for security score:
❌ The following security headers are missing from the website:
medium severity
X Frame Options
Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location
high severity
Content Security Policy
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context
Content Security Policy documentation
low severity
X XSS Protection
A Cross-site scripting filter
How do I add these? They should be included as part of the original setup.
There is an earlier thread on this from 2 yrs ago, but the recommended fix crashes the website.
https://www.webpagetest.org/
I received a "D" for security score:
❌ The following security headers are missing from the website:
medium severity
X Frame Options
Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location
high severity
Content Security Policy
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context
Content Security Policy documentation
low severity
X XSS Protection
A Cross-site scripting filter
How do I add these? They should be included as part of the original setup.
There is an earlier thread on this from 2 yrs ago, but the recommended fix crashes the website.
2
CentOS-WebPanel Bugs / CWP Images & CSS Won't Load After Update
« on: June 27, 2020, 04:36:59 AM »
I was updating CWP and the server had to be restarted before completing the update.
Now the Admin panel CSS and images won't load, which makes the panel unusable.
Client panel and file manager are working fine.
I tried to restart, run cwp update, no result.
I looked up /usr/local/cwpsrv/logs/error_log and found errors like this:
2020/06/26 03:23:08 [error] 931#0: *17 open() "/usr/local/cwpsrv/htdocs/admin/login/design/img/login.css" failed (20: Not a directory), client: 54.38.148.178, server: localhost, request: "GET /login/design/img/login.css HTTP/1.1", host: "web01.saadhost.com:2031", referrer: "https://web01.saadhost.com:2031/login/index.php"
2020/06/26 03:23:08 [error] 931#0: *17 open() "/usr/local/cwpsrv/htdocs/admin/login/design/images/cwp_small.png" failed (20: Not a directory), client: 54.38.148.178, server: localhost, request: "GET /login/design/images/cwp_small.png HTTP/1.1", host: "web01.saadhost.com:2031", referrer: "https://web01.saadhost.com:2031/login/index.php"
Now the Admin panel CSS and images won't load, which makes the panel unusable.
Client panel and file manager are working fine.
I tried to restart, run cwp update, no result.
I looked up /usr/local/cwpsrv/logs/error_log and found errors like this:
2020/06/26 03:23:08 [error] 931#0: *17 open() "/usr/local/cwpsrv/htdocs/admin/login/design/img/login.css" failed (20: Not a directory), client: 54.38.148.178, server: localhost, request: "GET /login/design/img/login.css HTTP/1.1", host: "web01.saadhost.com:2031", referrer: "https://web01.saadhost.com:2031/login/index.php"
2020/06/26 03:23:08 [error] 931#0: *17 open() "/usr/local/cwpsrv/htdocs/admin/login/design/images/cwp_small.png" failed (20: Not a directory), client: 54.38.148.178, server: localhost, request: "GET /login/design/images/cwp_small.png HTTP/1.1", host: "web01.saadhost.com:2031", referrer: "https://web01.saadhost.com:2031/login/index.php"
3
Updates / CWP Broken After Update
« on: June 26, 2020, 01:51:03 AM »
After update my CWP Pro looks like this:
Previously I was getting this error:
** (pkttyagent:26814): WARNING **: 03:54:40.789: Unable to register authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Cannot determine user of subject
Error registering authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Cannot determine user of subject (polkit-error-quark, 0)
Which I handled with this:
groupadd -g 23 nohidproc
usermod -a -G nohidproc polkitd
mount -o remount,rw,hidepid=2,gid=nohidproc /proc
systemctl restart polkit
How can I fix this?
Previously I was getting this error:
** (pkttyagent:26814): WARNING **: 03:54:40.789: Unable to register authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Cannot determine user of subject
Error registering authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: Cannot determine user of subject (polkit-error-quark, 0)
Which I handled with this:
groupadd -g 23 nohidproc
usermod -a -G nohidproc polkitd
mount -o remount,rw,hidepid=2,gid=nohidproc /proc
systemctl restart polkit
How can I fix this?
4
Updates / Yum Manager won't update ImageMagick
« on: May 22, 2020, 07:38:00 AM »
I get the following output but the update doesn't happen:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cmich.edu
* epel: fedora-epel.mirrors.tds.net
* extras: mirror.trouble-free.net
* remi-php74: repo1.ash.innoscale.net
* remi-safe: repo1.ash.innoscale.net
* updates: mirror.cs.vt.edu
Resolving Dependencies
--> Running transaction check
---> Package ImageMagick.x86_64 0:6.7.8.9-18.el7 will be updated
--> Processing Dependency: ImageMagick = 6.7.8.9-18.el7 for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
--> Processing Dependency: ImageMagick = 6.7.8.9-18.el7 for package: ImageMagick-perl-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickCore.so.5()(64bit) for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickCore.so.5()(64bit) for package: ImageMagick-perl-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickWand.so.5()(64bit) for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
---> Package ImageMagick.x86_64 0:6.9.10.68-3.el7 will be an update
--> Running transaction check
---> Package ImageMagick-devel.x86_64 0:6.7.8.9-18.el7 will be updated
---> Package ImageMagick-devel.x86_64 0:6.9.10.68-3.el7 will be an update
---> Package ImageMagick-perl.x86_64 0:6.7.8.9-18.el7 will be updated
---> Package ImageMagick-perl.x86_64 0:6.9.10.68-3.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
ImageMagick x86_64 6.9.10.68-3.el7 base 2.3 M
Updating for dependencies:
ImageMagick-devel x86_64 6.9.10.68-3.el7 base 110 k
ImageMagick-perl x86_64 6.9.10.68-3.el7 base 154 k
Transaction Summary
================================================================================
Upgrade 1 Package (+2 Dependent packages)
Total size: 2.6 M
Is this ok [y/d/N]: Exiting on user command
Your transaction was saved, rerun it with:
yum load-transaction /tmp/yum_save_tx.2020-05-22.07-31.etc
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cmich.edu
* epel: fedora-epel.mirrors.tds.net
* extras: mirror.trouble-free.net
* remi-php74: repo1.ash.innoscale.net
* remi-safe: repo1.ash.innoscale.net
* updates: mirror.cs.vt.edu
Resolving Dependencies
--> Running transaction check
---> Package ImageMagick.x86_64 0:6.7.8.9-18.el7 will be updated
--> Processing Dependency: ImageMagick = 6.7.8.9-18.el7 for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
--> Processing Dependency: ImageMagick = 6.7.8.9-18.el7 for package: ImageMagick-perl-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickCore.so.5()(64bit) for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickCore.so.5()(64bit) for package: ImageMagick-perl-6.7.8.9-18.el7.x86_64
--> Processing Dependency: libMagickWand.so.5()(64bit) for package: ImageMagick-devel-6.7.8.9-18.el7.x86_64
---> Package ImageMagick.x86_64 0:6.9.10.68-3.el7 will be an update
--> Running transaction check
---> Package ImageMagick-devel.x86_64 0:6.7.8.9-18.el7 will be updated
---> Package ImageMagick-devel.x86_64 0:6.9.10.68-3.el7 will be an update
---> Package ImageMagick-perl.x86_64 0:6.7.8.9-18.el7 will be updated
---> Package ImageMagick-perl.x86_64 0:6.9.10.68-3.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
ImageMagick x86_64 6.9.10.68-3.el7 base 2.3 M
Updating for dependencies:
ImageMagick-devel x86_64 6.9.10.68-3.el7 base 110 k
ImageMagick-perl x86_64 6.9.10.68-3.el7 base 154 k
Transaction Summary
================================================================================
Upgrade 1 Package (+2 Dependent packages)
Total size: 2.6 M
Is this ok [y/d/N]: Exiting on user command
Your transaction was saved, rerun it with:
yum load-transaction /tmp/yum_save_tx.2020-05-22.07-31.etc
Pages: [1]
