Messages

16

Installation / How to install Nginx's nginx-cache-purge module? (cwp-el7-latest)

« on: February 25, 2017, 07:54:54 PM »

Hi:

Thanks a lot for creating such great product, the latest cwp-el7-latest on CentOS7 is good!

My question is, I selected Apache & Nginx Reverse Proxy in the "Apache Settings =>  Select WebServers", how can I install/activate the Nginx's nginx-cache-purge module? (So when CMS post edit/change, I can purge Nginx cache)  Currently it looks like nginx-cache-purge module is not installed/enabled.

Thanks!

[centos@panel nginx]$ nginx -V 2>&1 | grep nginx-cache-purge -o
[centos@panel nginx]$ nginx -V 2>&1
nginx version: nginx/1.10.3
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-file-aio --with-threads --with-ipv6 --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'

17

Installation / Re: How to make Nginx to listen to https port 443?

« on: February 25, 2017, 02:34:49 PM »

Thanks, so in my NAT'ed case using cwp-el7-latest, under /etc/nginx/conf.d/, there are two Nginx config files: one with domain name and the other is ip address number.  Which one or how should I change?

1. Public_IP_number.conf pointing to local IP address, such as 172.217.6.46.conf

Code: [Select]

server {
listen 192.168.0.1:80;
....
server_name 172.217.6.46;
root /usr/local/apache/htdocs;
.....
proxy_pass http://192.168.0.1:8181;
include proxy.inc;
...
}

2. my.domain.name.conf, such as google.com.conf

Code: [Select]

server {
listen 192.168.0.1:80;
..
server_name google.com www.google.com;
root /home/user/public_html;
...
proxy_pass http://192.168.0.1:8181;
include proxy.inc;
}

I need to add the following lines to Nginx config, but what is my IP?  the local one or the public one?
source: http://forum.centos-webpanel.com/ssl/if-i-force-ssl-across-my-domain-will-i-loose-the-benfits-of-varnishnginx

Code: [Select]

listen YOUR_IP:443 ssl;
ssl_certificate path_to/cert.pem;
ssl_certificate_key path_to/privkey.pem;

Will the Nginx change above alter mod_security?  Really appreciate your comments and have a great weekend!

18

Installation / How to make Nginx to listen to https port 443?

« on: February 23, 2017, 03:28:40 PM »

Hi there,

Trying CentOS7 with the latest CWP, successfully installed the let's encrypt, so https://my.domain works.  Then installed Nginx+Apache in Apache Setting -> Select Web servers.  Here I got a question:  Nginx only listen to port 80, the http port, NOT 443, the https port. Thus https is still served by Apache, not Nginx.

When configured CWP to use Apache+Nginx,  How to make Nginx to listen to https port 443 for all future clients? Should I change apache template?  Will the auto-renewal of let's encrypt and rebuilt vHost overwrite the settings as well?

ps. I am within AWS VPC so I am using NAT'ed mode.

Thanks!

http://imgur.com/a/cg9dY

19

CentOS 7 Problems / Re: Love VS Not Love of CWP Panel. Many issues on Centos 7

« on: February 23, 2017, 03:21:07 PM »

Thanks, after create the folder my.domain/.well-known/acme-challenge and index.html in each one, now the let's encrypt certificate is installed successfully.

20

SSL / Re: Apache & Nginx Reverse Proxy, wanting to Install Letsencrypt

« on: February 20, 2017, 06:41:02 PM »

@alex,

After install Nginx, CWP will set Nginx to listen to port 80 and forward to 8181, listened by Apache there.  By default the installation of Letsencrypt will get Apache also listen to port 443.  Therefore one would need to change Apache conf and Nginx conf, in order to make Nginx forward https connection on port 443 to Apache.

I am happy your website will run under https and Nginx. Does your conf survived after Letsencrypt daily certificate renewal?  Is your https header responded by Apache or Nginx? (or maybe even Mod Security?) Can you share how to do it? Thanks alot!

pp :> curl -X HEAD -i http://www.my.domain
HTTP/1.1 200 OK
Server: nginx/1.10.3
.....

pp :> curl -X HEAD -i https://www.my.domain
HTTP/1.1 200 OK
Server: Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips
...

21

CentOS 7 Problems / Re: Love VS Not Love of CWP Panel. Many issues on Centos 7

« on: February 15, 2017, 04:27:26 AM »

How did you make let's encrypt installed for a domain?  I cannot make it work.....

http://forum.centos-webpanel.com/informations/latest-cwp-for-centos7-cannot-get-letsencrypt-ssl/

22

Information / Latest CWP for CentOS7 cannot get letsencrypt SSL

« on: February 13, 2017, 07:06:15 AM »

Using cwp-el7-0.9.8.238 (on CentOS7 updated), When trying to install let's encrypt for an user/domain, got the such error:

WARNING! Letsenycrpt Certificate installation failed, please check /etc/letsencrypt/live/my.domain !

Failed authorization procedure. my.domain (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://my.domain/.well-known/acme-challenge/9v7iBJUDS___ITS_MY_HASH_______kchE5KgGlCM: "

Not Found

Thanks if anybody can help here!

23

PHP Selector / Re: How can I change my PHP Version to 7.0.x

« on: November 27, 2016, 04:08:55 PM »

How did you change PHP version?  By PHP switcher or selector? Which version?

Before you change or compile, go to your terminal and install the following packages first.

sudo yum install -y gmp-devel aspell-devel recode-devel libtool

But on my end, after successful switching to PHP7, the PHP short info under PHP settings broken for unknown reason.

24

Information / Re: Suggestion for CentOS Web Panel CentOS 7 version - linux kernel

« on: November 27, 2016, 02:05:05 PM »

on AWS--- HVM!

Really hope we can get CentOS7 working soon.

25

Apache / Re: Need HTTP/2 support with Apache

« on: November 26, 2016, 03:19:42 AM »

I did, even upgrade to Apache 2.4 seems fine in the beginning, it will:
1. broken display when select CWP's PHP info  (this will broken too if you just use PHP switcher to PHP7)
2. let's encrypt https stop working and the https sites broken.

Really hope CWP can officially support Apache 2.4, since the current 2.2 will lost support next year. Other critical packages like openssl 1.1.0 and suPHP0.72


Thanks a lot for your efforts.

26

Updates / Re: Update for openSSL is important!

« on: November 25, 2016, 07:15:11 PM »

Thanks for posting the steps.  One question:

Even the compile and installation seems work, how come my server info still show 1.0.1e even after apache recompile?  Anything I need to make Apache using the new 1.0.2j? Thanks!

Server type: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips