Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Namaste

Pages: [1] 2 3 4
1
Information / Re: access file filled with 400 226
« on: January 12, 2021, 09:10:42 PM »
It also says its doing a graceful restart every minute.  I sure hope its not the server that is shutting down every minute

2
Information / Re: access file filled with 400 226
« on: January 12, 2021, 09:09:03 PM »
But this is happening at the same time I am getting access errors sometimes 4x/minute

What are those errors happening 3-4x/minute?

3
SSL / Re: Major Cert issue/delete problem
« on: January 12, 2021, 03:59:42 PM »
It's a PITA but Let'sEncrypt uses dynamic IP/CDN locations for cert renewal. They even use servers that are notorious for harbouring scammers/hackers/scanners, such as AWS, Digital Ocean, Hetzner and Contabo (to name a few). On some of my VPS, I need to temporarily disable CSF to renew certs. The downside of choosing a free SSL cert provider. :(

It seems that LE changes their server IPs regularly.  Therefore it cannot be white listed.  As long as anyone has no LE country blocks, the certs will renew or create. 

The thing that I dont get is that if I create a new addon domain I can create a new cert at the same time WITHOUT DISABLING THE FIREWALL.   But if I want to renew I get the dns doesn not point error. 

We need to investigate this:

Quote
So you have to open your firewall.

But you can restrict the access to the folder /.well-known/acme-challenge/

There your ACME-Client creats a special file which Letsencrypt loads.

4
SSL / Re: Major Cert issue/delete problem
« on: January 12, 2021, 01:29:39 PM »
So here is the reason why......firewall was enabled with filtering for USA only.  Great, I knew that once before but forgot.

BUT.  There is a hole in the firewall that allows cert creation at the time of domain addon.   BUT that hole is closed in any subsequent attempts to create/renew a cert on an existing domain.

So.......this seems to be a HUGE inconsistency that needs to be explored.  It ought to be one way or the other but not both.  Either no certs possible or both cert creations allowed. 

Just my humble opinion.

5
Installation / Re: no ssl cerrts
« on: January 10, 2021, 05:02:52 PM »
See SSL category for more information.

6
SSL / Re: Major Cert issue/delete problem
« on: January 10, 2021, 02:01:34 PM »
I just discovered that I have websites that never renewed on Dec 21.   So this problem goes back as far as Dec 21 and most likely even earlier.  This problem exists on all 3 of my servers.

7
SSL / Re: Major Cert issue/delete problem
« on: January 10, 2021, 01:19:49 PM »
OK, some developments.

If I create a new domain and cert at the same time.......cert is generate.  hurray!

BUT

If I create a domain with no cert and then try to create a cert AutoSSL (FREE), I get the DNS not pointing error.

So, this now is looking like at web panel problem. 

8
SSL / Re: Major Cert issue/delete problem
« on: January 10, 2021, 12:47:33 PM »
Cannot resolve cert problem on my server.  So I spun up another server on Linode (this time with cent7) and tried to generate a cert.  No go.   Same error stating DNS does not point to this server.   The dns does point to the server.  Is this a LE problem or a CWP problem?  I have lots of certs that are coming up for renewal and its not going to happen.

I cannot delete the certs either.  When I try to delete one, it disappears from the list of certs but remains active on the web.  PLEASE PLEASE will someone look into this problem.

I suppose there is a small chance that Linode is the problem but I dont think that is possible.

9
Installation / no ssl cerrts
« on: January 10, 2021, 12:26:15 PM »
I had a problem on one of my servers with letsencrypt.  I could not add or delete any certs.  So I spun up another clean install (this time cent7) on Linode and tried to install a cert.  I got the same result....  Dns not pointing to this server. 

This is not the problem.  My dns does point to the server.   This is going to be a major problem when certs start expiring.  They will not renew.  I don't know if this is a LE problem or a CWP problem.   But in either case, be prepared for an onslaught of users screaming about their certs not renewing.  It's going to get ugly very soon if someone doesnt investigate this.

11
SSL / Re: Major Cert issue/delete problem
« on: January 09, 2021, 05:30:45 PM »
Changed the hostname to the same hostname thinking that might resolve issues.  Now admin GUI has no cert.  What is the problem with certs?

12
SSL / Re: Major Cert issue/delete problem .1031
« on: January 09, 2021, 02:10:00 PM »
I just tried adding a new addon domain.  Then I tried adding a cert.  Getting the same error ....dns domain doesnt point to this server.  And of course it does point to my server.

13
SSL / Major Cert issue/delete problem
« on: January 09, 2021, 12:18:08 PM »
After deleting a cert from the server, it remained active on the www.  Deleting the cert from the addon domain removed it from the server but all online ssl tests indicated that the cert was active for another 71 days.  That was 12 hours ago.  This morning still listed as active.  But it is absent from the CP.  And a new on throws a dns error.

I had to restore my entire server from a linode back up to get my site back.

Bad very bad.

14
Information / Re: access file filled with 400 226
« on: January 08, 2021, 12:37:41 PM »
OK Igor, Look here for the reason.  These repeating error lines happen at that same time as the access lines.

Code: [Select]

[Fri Jan 08 03:15:21.972657 2021] [mpm_event:notice] [pid 88557:tid 139773389120064] AH00492: caught SIGWINCH, shutting down gracefully
[Fri Jan 08 03:15:23.123055 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: cpanel.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.125589 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: webmail.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.129816 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: cpanel.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.130882 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: webmail.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.132635 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: cpanel.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.133612 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: webmail.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.135645 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: cpanel.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.136636 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: webmail.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.138632 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: cpanel.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.139686 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: webmail.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.140730 2021] [ssl:warn] [pid 105661:tid 139841798087232] AH01909: server.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.141039 2021] [:notice] [pid 105661:tid 139841798087232] ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/) configured.
[Fri Jan 08 03:15:23.141047 2021] [:notice] [pid 105661:tid 139841798087232] ModSecurity: APR compiled version="1.6.2"; loaded version="1.6.2"
[Fri Jan 08 03:15:23.141052 2021] [:notice] [pid 105661:tid 139841798087232] ModSecurity: PCRE compiled version="8.42 "; loaded version="8.42 2018-03-20"
[Fri Jan 08 03:15:23.141056 2021] [:notice] [pid 105661:tid 139841798087232] ModSecurity: LIBXML compiled version="2.9.7"
[Fri Jan 08 03:15:23.141059 2021] [:notice] [pid 105661:tid 139841798087232] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Fri Jan 08 03:15:23.208551 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Jan 08 03:15:23.209109 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.210076 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.211083 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.212065 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.213084 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.214060 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.215144 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.216182 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.217231 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.218163 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.219199 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: server.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.222821 2021] [mpm_event:notice] [pid 105662:tid 139841798087232] AH00489: Apache/2.4.39 (Unix) OpenSSL/1.0.2o-fips configured -- resuming normal operations
[Fri Jan 08 03:15:23.222873 2021] [core:notice] [pid 105662:tid 139841798087232] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Fri Jan 08 03:15:23.710148 2021] [mpm_event:notice] [pid 105662:tid 139841798087232] AH00493: SIGUSR1 received. Doing graceful restart
[Fri Jan 08 03:15:23.790649 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Jan 08 03:15:23.791228 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.792144 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.treecousins.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.793183 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.794189 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.pawpoopers.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.795212 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.796137 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.797175 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.798359 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.fhservicelist.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.799509 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: cpanel.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.800637 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: webmail.craven4sale.com:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.801887 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01909: server.fhservicelist.org:443:0 server certificate does NOT include an ID which matches the server name
[Fri Jan 08 03:15:23.802774 2021] [mpm_event:notice] [pid 105662:tid 139841798087232] AH00489: Apache/2.4.39 (Unix) OpenSSL/1.0.2o-fips configured -- resuming normal operations
[Fri Jan 08 03:15:23.802791 2021] [core:notice] [pid 105662:tid 139841798087232] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Fri Jan 08 03:15:24.710668 2021] [mpm_event:notice] [pid 105662:tid 139841798087232] AH00493: SIGUSR1 received. Doing graceful restart
[Fri Jan 08 03:15:24.781540 2021] [ssl:warn] [pid 105662:tid 139841798087232] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Jan 08 03:15:24.782040 2021] [ssl:warn] [pid 105662:tid

15
Information / access file filled with 400 226
« on: January 05, 2021, 01:09:50 AM »
Server access shows infinite amount of log entries like this

198.74.52.128 - - [23/Oct/2020:21:59:45 -0400] "POST / HTTP/1.1" 400 226

198.74.52.128 is the server ip address.

There is an entry every minute for months and months.

Pages: [1] 2 3 4