Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Linux

Pages: [1]
CentOS-WebPanel Bugs / Re: mod_security is blocking roundcube
« on: March 12, 2024, 04:55:19 PM »
Later edit: it works but you need to LOGout of the roundcube session, clean cookies and catched data.

CentOS-WebPanel Bugs / Re: mod_security is blocking roundcube
« on: March 12, 2024, 02:27:23 PM »
Please update Roundcube to 1.5.6 per Sandeep's instructions here:
Thank you!

Code: [Select]
cd /usr/local/src

rm -rf roundcube*


tar xf roundcubemail-1.5.6-complete.tar.gz

cd roundcubemail-1.5.6

run php -v and check what version of PHP you currently have. In my case I didn't need to run this:
Code: [Select]
sed -i "s@\/usr\/bin\/env php@\/usr\/bin\/env \/usr\/local\/cwp\/php71\/bin\/php@g" /usr/local/src/roundcubemail-1.5.6/bin/

sed -i "s@\php bin@\/usr\/local\/cwp\/php71\/bin\/php bin@g" /usr/local/src/roundcubemail-1.5.6/bin/

Code: [Select]
Now run: bin/ /usr/local/cwpsrv/var/services/roundcube

sh /scripts/restart_cwpsrv

curl -s -L | bash

Unfortunately this doesn't fix the issue WHEN using FORWARD EMAIL!
If I use the Compose email then send it works.

Code: [Select]
ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\n\\\\r]\\\\s*\\\\b(?:to|b?cc)\\\\b\\\\s*:.*?\\\\@" at ARGS:_message. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_40_generic_attacks.conf"] [line "103"] [id "950019"] [rev "2"] [msg "Email Injection Attack"] [data "Matched Data: \\x0d\\x0ato:

CentOS-WebPanel Bugs / mod_security is blocking roundcube
« on: March 11, 2024, 08:37:58 PM »
mod_security is blocking roundcube. Running free version of cwp. Please advise.
This issue came out of nowhere, server config is the same.

Roundcube Webmail 1.4.11
 CWP version:
 csf: v14.20 (CentOS Web Panel)

Updates / Re: The new update has distroyed all of my websites
« on: October 15, 2019, 04:36:56 PM »
>:( This type of behavior is really unsustainable.
Even if i use a free service you can't directly cause a down state on servers which offers services to customers or public services.
This may be counterproductive bringing many agencies to ask for damages especially when talking about crucial services.
You can limit the configuration capabilities but you can't cause someone else's server to stop.
Do you think they care? If they did, they would have never released an update like the one that's altering php-fpm permission. Shame!!!

Updates / Re: 502 error for websites hosted on CWP.
« on: October 15, 2019, 04:21:29 PM »
Yeah, I installed and configured PHP-FPM manually, not using the PHP-FPM Selector and someone from the CWP team thought: yeah, let's break their websites by changing the permission for the php-fpm executable without OUR CONSENT.

PHP-FPM is not built by CWP, what CWP is doing is wrong on so many levels.
I wonder if they can afford an invoice for the downtime caused because of their sneaky update!

Updates / CWP Panel altering system apps permissions
« on: October 15, 2019, 04:16:55 PM »
Hello everyone!
Don't know what happened to the CWP team, but you're going to the wrong direction.
Did you guys built PHP-FPM?

Why do you alter PHP-FPM permissions just to "attract" more PRO subscribers? Who does that and with what permission do you modify system files without telling users about that?

Why PHP-FPM worked until you thought, oh, wait we can FORCE users to buy CWP PRO, else you can't use PHP-FPM! REALLY? WTF is wrong with you guys.

I didn't used and didn't cared about PHP-FPM selector, why are you altering the permission to the php-fpm executable?

If I manually installed and configured PHP-FPM WTF are you altering the permission for the executable?

You have a really big thumbs down for this.

CentOS 7 Problems / Re: Hi problem :(((
« on: May 07, 2019, 08:04:50 PM »
hi there 1 website cpu ram :(
Check free memory using this command:
Code: [Select]
free -hCheck top 10 memory eating processes:
Code: [Select]
ps aux --sort -rss | head

CentOS 7 Problems / Re: SMTP Server Has Been Hacked
« on: May 07, 2019, 07:53:17 PM »

I'm in big trouble soon, I found a way to delete all the mail queue.

Either the freelancer did illegal stuff, or either I got hacked randomly.

The weird thing is, my website is not indexed in google, I blocked robots from indexing.

Never rely on someone for server installation.
Hi! Relax, your email server didn't get hacked. That's just a log that is saying "authentication failed". The "UGFzc3dvcmQ6" string is a base64 encoded text for "Password:".

So, someone is trying to login to your SMTP account. Why it didn't get banned?

You need to set in
Code: [Select]
/etc/csf/csf.conf at this line
Code: [Select]
RESTRICT_SYSLOG = "3", instead of 3, set 0 or 2.

Everyone that will try to login and fail will get banned acording to number of failures.

Good luck!

Pages: [1]