Recent Posts

Pages: [1] 2 3 ... 10
How to / Re: [Tutorial] How to install SSL on hostname?
« Last post by cynique on Today at 09:39:42 AM »
^ Ask Contabo for a managed VPS or shared server.
How to / Re: [Tutorial] How to install SSL on hostname?
« Last post by Aamar Syed on Today at 08:57:49 AM »
@Jamshed I have just check the CWP SSL status and it came up following
How to / Re: [Tutorial] How to install SSL on hostname?
« Last post by Aamar Syed on Today at 08:40:39 AM »

I could see that a lot of users are asking "How to install SSL on hostname" and I found a few tutorials some of which are working and others do not. Also, the tutorials which are working are lenghty and not for linux newbie.

So, I will teach you here how to install and configure Letsencrypt Free SSL on hostname in CWP in simple 3 steps.

1 - Check that you should have an A record for the hostname. For example if your server hostname is, then you should have an A record for "cp" pointing to server IP

2 - Login to CWP Admin Panel>> Server Settings>>Change Hostname and then hit "Change Hostname" button after putting your desired hostname (in my case This will only generate a valid LE SSL for your hostname when an A record is present against hostname

3 - Perform following command from shell
Code: [Select]
service cwpsrv reload
THAT's IT. Enjoy the green padlock while accessing the CWP services (admin panel, user panel, webmail, etc..)

I Jamshed,

Bro I am still having this problem. What I have done so for.

Setup CWP created an account with domain name
Then in domain account I have added A record with IP as you suggested.
But I am stilling have same issue.

Secondly, I can see another error on NS


Hostname change will also generate a new Hostname autoSSL Certificate.
Certificate Path: /etc/pki/tls/certs/hostname.bundle
Key Path: /etc/pki/tls/private/hostname.key
Pure-FTPd PEM: /etc/pki/tls/private/hostname.pem

Your Hostname is: and it resolves to IP: [Check Black List] [Check CWP SSL] [Check WebServers SSL]
rDNS/PTR = FAILED [Check SenderBase]

rDNS/PTR check for IP =
SSL / Re: Hostname SSL won't update
« Last post by nated1992 on July 01, 2020, 09:54:23 PM »
Same problem this seems like a pretty large issue across the board. Any one have a actual solution that allows your CWP SSL to be valid for the control panel
E-Mail / Re: Email account with + doesn't work anymore
« Last post by cynique on July 01, 2020, 04:43:42 PM »
Google is unsurprisingly "doing their own thang" there and likely is doing some remapping process. I wouldn't take that example as a correct industry standard - Google have rules unto themselves; seriously. I think some ISPs do similar 'tricks'. is supposed to be synonymous with, according to cPanel/WHM but this instruction appears to have been removed in later releases. Go figure.

A quick scour of RFCs actually opens the door in what the standards are. The previously mentioned WHM/cPanel "+" delimiter may have been mentioned to circumvent some now obsoleted email client/server. It stuck in my mind for nearly 20 years, for some reason. :-s
A plus sign may be used in the local part of email and it looks as though CWP might be stripping the wrongly identified illegal character. I don't know without analysing the detail.
My prior comment on email address mapping still stands though. ;)

Bedtime reading: (Section 4.3 is of specific interest)
CentOS-WebPanel GUI / Re: Enable NAT button keeps on coming up
« Last post by overseer on July 01, 2020, 02:45:02 PM »
Actually, I spoke too soon. After the next reboot & login, the NAT nag screen has returned. I can't see any obvious reason why, since my IP setup is static. On one server, it was setup without NetworkManager with static IF configs; the other 2 servers were setup with nmtui and set as static connections.
Information / Re: What is
« Last post by overseer on July 01, 2020, 01:28:46 PM »
That and the erroneous SpamAssassin logfile, literally named
Code: [Select]
${SAHOME}spamd.loginstead of substituting a variable for the filename, it literally has the variable as the filename... all thanks to literally following the directions here:
E-Mail / Re: Email account with + doesn't work anymore
« Last post by monkeyking on July 01, 2020, 01:15:59 PM »
@cynique Thank you for your comment.

I was told and tested
Code: [Select] treated as
Code: [Select] which that's what I want. But CWP doesn't work.

You can try it yourself with gmail.
Code: [Select] and it should delivers to
Code: [Select] I've tested it with iRedMail too. It works. CWP doesn't.

By the way, CWP version:
PHP / php script does not run
« Last post by ingzly on July 01, 2020, 12:37:57 PM »
Hi all

When I upload php script on a shared hosting with cpanel , the script works fine.
But when I uploaded the script on vps with cwp control panel the site does not open and these messages appear to me.

redirected you too many times.

When i change a file name .htaccess to any other name, the site open and the site dashboard does not open.

.htaccess file

Code: [Select]
RewriteEngine On
Options -Indexes
<IfModule mod_headers.c>
  Header set Access-Control-Allow-Origin "*"

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php

RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L]

RewriteRule ^([0-9a-zA-Z-_-]+)$ handler.php?slug=$1

RewriteCond %{HTTP_HOST} !=localhost
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#Now, rewrite to HTTPS if www present:
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !=localhost
RewriteCond %{HTTP_HOST} ^www\.
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
01/23/20 ZDI reported the vulnerabilities to the vendor
04/30/20 ZDI requested a status update
05/20/20 ZDI requested a status update
05/28/20 ZDI requested a status update
06/12/20 - ZDI notified the vendor of the intention to publish these reports as 0-day advisories on 06/25/2020

Cool, do you have an information about the fix?
As mentioned before, here and elsewhere - communication is everything, especially where security is concerned.
Pages: [1] 2 3 ... 10