Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
PHP Selector / Re: I can't Change my php version 8.1 to 8.2
« on: Today at 02:08:14 PM »
And you have an active CWP Pro license for the IP of that server?
Code: [Select]
sh /scripts/update_cwp
2
Installation / Re: CWP-CentOS 8 MINIMAL ou BOOT Stream-Delayed
« on: Today at 02:28:35 AM »
Please use AlmaLinux 8 or 9 as the foundation for a production-ready server. A beta quality or EOL (end of life) OS is not really suitable for a server.
3
MySQL / Re: increase the characters db
« on: July 10, 2025, 02:51:46 PM »
It takes the form of one entry per line (to map 8 char usernames to longer names):
shortname:longername
shortname:longername
4
MySQL / Re: increase the characters db
« on: July 10, 2025, 12:51:21 PM »Code: [Select]
/usr/local/cwp/.conf/mysql_user_prefix.conf
5
PHP / Re: Difference in the php views...
« on: July 10, 2025, 12:47:39 PM »
The main php version from the CLI that you have set used by PHP Switcher is called for php info on your first case. The display is typical for a 7.x version -- CWP renders it using their stylesheet so it matches the rest of the panel. But if you have an 8.x or later, it will call the normal php.info and display it in that space.
6
CentOS 8 Problems / Re: PHP compiling fails, strange ld / ldconfig behaviour?
« on: July 09, 2025, 11:19:43 PM »
If you want to PM me login details, I could take a look for you. I recommend PHP-FPM for performance reasons, plus the versatility of running php versions on a site-by-site basis with separate configs is a good thing. I have 4 versions running on one server -- legacy 5.6 for one site, 7.4 for a WordPress site that needs full compatibility, 8.1 for other WP sites, and 8.2 for a Drupal site.
7
Backup / Re: Can't locate diagnostics.pm in @INC (you may need to install th....
« on: July 09, 2025, 03:06:01 PM »
Maybe Starburst should answer since his production servers are AL9 -- I run my production servers under AL8 currently and only have a couple of test beds for AL9.
8
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: July 09, 2025, 12:29:06 PM »
Funny, this started as an information sharing thread but then devolved from there -- getting into sour personal attacks. I'm sorry I ever touched this tar baby. My point was, I can appreciate your report and will keep it on the radar because I see that you have a history here and contribute in a meaningful way. But when someone brand new comes on the scene trotting out security buzzwords and offering dubious advice about deleting the filemanager (instead of mitigating the attack vector in a non-destructive way)... well, take that for what it is. I'll go back to monitoring my servers now.
(Both security disclosures you linked to claim the CWP devs have patched the flaw, and both indicated it was against CentOS 7 -- so it bears monitoring but not hyperventilating.)
(Both security disclosures you linked to claim the CWP devs have patched the flaw, and both indicated it was against CentOS 7 -- so it bears monitoring but not hyperventilating.)
9
CentOS 8 Problems / Re: PHP compiling fails, strange ld / ldconfig behaviour?
« on: July 09, 2025, 12:20:11 PM »
What is your end goal? Which mode are you going to use -- PHP switcher, suPHP, or php-fpm? Which versions of PHP would you like to have? Each case is a bit different.
10
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: July 09, 2025, 01:28:21 AM »Firstly, I didn't say delete, I said rename a single file that inconveniences your users slightly...But you did say delete, quoted twice in the previous posts on this thread. I call that dubious advice, as with removing the .php extension -- which won't neuter it -- a file containing PHP code can still be run by a php interpreter.
11
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: July 08, 2025, 11:55:16 PM »You want to delete /usr/local/cwpsrv/var/services/user_files/modules/filemanager.php (or rename it to like filemanager.php.disabled, make sure it no longer has .php extension at the end)
For now, however, I would like to repeat: Make sure no one can access your filemanager by deleting the file /usr/local/cwpsrv/var/services/user_files/modules/filemanager.php (or renaming it to filemanager.php.disabled).
12
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: July 08, 2025, 06:10:10 PM »
Might need some more street cred here than just the 4 posts on this thread before people listen to the advice and go deleting (!) their filemanagers... A Chicken Little response doesn't usually end up well.
But, the file manager always has struck me as a sore thumb, bolted on to CWP -- and it looks to be an implementation of the Vue library, with treeVue and other JS integrated. Probably overdue for some attention & modernization. It hasn't changed much at all over the last 5+ years. Probably plenty of fleas...
But, the file manager always has struck me as a sore thumb, bolted on to CWP -- and it looks to be an implementation of the Vue library, with treeVue and other JS integrated. Probably overdue for some attention & modernization. It hasn't changed much at all over the last 5+ years. Probably plenty of fleas...
13
Installation / Re: I don't receive a single message from root..??
« on: July 08, 2025, 02:50:57 PM »Code: [Select]
mydestination = $myhostnameis most canonical, then you only have to change it once at the top of the file if the hostname needs to change. But for any of the main directives (mydestination, smtp_helo_hostname, smtpd_sasl_local_domain), you can hardcode the hostname if you want. Just get rid of CWP's buggy double equals on a line (interpreted as setting a string, then a variable).
14
Backup / Re: Can't locate diagnostics.pm in @INC (you may need to install th....
« on: July 08, 2025, 02:45:42 PM »
See Starburst's post here to see his prerequisites on AL9 before installing CWP:
https://forum.centos-webpanel.com/csf-firewall/possible-fix-to-why-csflfd-isn-t-installing/msg51087/#msg51087
https://forum.centos-webpanel.com/csf-firewall/possible-fix-to-why-csflfd-isn-t-installing/msg51087/#msg51087
15
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: July 08, 2025, 02:25:06 PM »
So according to the 2 vulnerability reports you mentioned, it's limited to EOL CentOS 7 systems -- for which support ended over a year ago. Not too surprising, really. The longer those systems are on the internet, the more of sitting ducks they become. Time to migrate to AlmaLinux!
Can you confirm that you both are running CentOS 7 systems?
Caught one probe for this vuln on one of my Alma systems, coming from Hong Kong:
Can you confirm that you both are running CentOS 7 systems?
Caught one probe for this vuln on one of my Alma systems, coming from Hong Kong:
Code: [Select]
[root@alma]# grep "module=filemanager" /usr/local/cwpsrv/logs/access_log
91.124.30.69 - - [08/Jul/2025:04:50:00 -0500] "POST /myuser/index.php?module=filemanager&acc=changePerm HTTP/1.1" 404 147 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.7; rv:134.0) Gecko/20100101 Firefox/134.0"
