Recent Posts

11

Information / htpasswd on CWP

« Last post by pedromidiasf on October 12, 2025, 09:50:14 PM »

Hi,
Is there a way to add .htpasswd and .htaccess (or configure vhosts to do the same) to the main CWP panel?

I tried to add these files there but they got "Operation not permitted". Also tried to chmod the folder and it got refused.
Is there a way to add them inside this folder or where can i find vhosts of the main panel?

12

PostgreSQL / Re: Error starting postgres

« Last post by gilliard on October 12, 2025, 06:07:32 PM »

Through the cwp panel, however it only shows that the service was not installed, when I try to install it again it does not install

13

Installation / Re: Cannot login into the admin panel anymore

« Last post by Nagataka on October 12, 2025, 03:29:12 PM »

Thanks again for your help!
I did not read it all proper, the most important bit, after the reboot i didn't do this:

Code: [Select]

After this you can change the user's password from the cwp administration panel and you will be able to login.
I just did read this, did this and it solved the problem.
Super many thanks!

14

CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ

« Last post by pedromidiasf on October 12, 2025, 01:59:53 PM »

True.
I always wanted to do my work just as developer. I've always hated servers and networks. Now my days have began!
I use to be a black hat on my teen stupid years. Now I have to pay for the karma :\

But you are right. There's an increase in attacks. This is getting ridiculous.

15

Installation / Re: Cannot login into the admin panel anymore

« Last post by Nagataka on October 12, 2025, 01:02:05 PM »

Thanks again for your quick reply.
The good thing, no serious stuff is running on this, so a reinstall shouldn't be a problem.

Again thanks for your help.

16

CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ

« Last post by overseer on October 12, 2025, 12:54:47 PM »

Those .c files don't appear to be IoC related to the patched CWP vulnerability. Likely they are part of another PHP injection attack -- multiple competing gangs are attempting to compromise servers on any given day. So the recommendation is to harden your PHP install right away, then engage in clean up & full postmortem.

Better to batten down the hatches rather than bailing water out of the ship...

17

CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ

« Last post by pedromidiasf on October 12, 2025, 12:16:24 PM »

Where did you find those files? Inside /home or anywere else?

I also have this 198.144.182.13 IP in my logs.
Also found out that he also has created wordpress accounts, this is his data:
user: wpadminerlzp
email: wpadmin@volovmart.ru
date: 2020-06-14 00:00:00 (by looking at this 00:00:00, I assume this was SQL inserted)

18

Installation / Re: Cannot login into the admin panel anymore

« Last post by overseer on October 12, 2025, 10:51:43 AM »

CWP is in beta for EL9 distributions, so there are still some bugs and this is definitely one of them. But CentOS Stream is definitely a beta quality OS, so a shaky foundation on which to build a server. A piece of friendly advice: consider using AlmaLinux 9 instead. It is definitely firmly in the EL tradition! Meanwhile, that is the advice offered by the CWP devs to resolve the issue:

We are working on resolving this issue, a quick fix is ​​to go to this file

Code: [Select]

nano /etc/login.defs


and comment out the following line

Code: [Select]

SHA_CRYPT_MAX_ROUNDS 5000


to

Code: [Select]

#SHA_CRYPT_MAX_ROUNDS 5000

After this you can change the user's password from the cwp administration panel and you will be able to login.

19

Installation / Re: Cannot login into the admin panel anymore

« Last post by Nagataka on October 12, 2025, 09:56:23 AM »

Sorry, that advice was if you had changed the MariaDB root password. You mean the system user root password! Are you on an EL9 distribution (AlmaLinux 9, Rocky Linux 9)?

If so open /etc/login.defs
Find:
SHA_CRYPT_MAX_ROUNDS 10000
Replace with:
#SHA_CRYPT_MAX_ROUNDS 10000

Reboot. Now re-set the root's password and it will login successfully.

Sorry for the lack of information, i am indeed running CentOS 9

Code: [Select]

[mothew@server01 ~]$ hostnamectl
 Static hostname: server01.soberlife.nl
       Icon name: computer-vm
         Chassis: vm 🖴
      Machine ID: 432a6a92f65e49c3b3181e8f0e7f2cab
         Boot ID: bc1q4h3rk4hgruu7auyf0dpxtx6hsh86xpq04jx5g5
  Virtualization: vmware
Operating System: CentOS Stream 9
     CPE OS Name: cpe:/o:centos:centos:9
          Kernel: Linux 5.14.0-522.el9.x86_64
    Architecture: x86-64
 Hardware Vendor: VMware, Inc.
  Hardware Model: VMware Virtual Platform
Firmware Version: 6.00
I did as you suggested, but still cannot login to CWP.
But thanks for the tip at least!

20

Installation / Re: Cannot login into the admin panel anymore

« Last post by overseer on October 11, 2025, 11:52:49 PM »

Sorry, that advice was if you had changed the MariaDB root password. You mean the system user root password! Are you on an EL9 distribution (AlmaLinux 9, Rocky Linux 9)?

If so open /etc/login.defs
Find:
SHA_CRYPT_MAX_ROUNDS 10000
Replace with:
#SHA_CRYPT_MAX_ROUNDS 10000

Reboot. Now re-set the root's password and it will login successfully.