Recent Posts
31
CSF Firewall / Re: Firewall off in cwp panel
« Last post by Starburst on October 18, 2025, 08:48:28 PM »That's what we run.
Usually once you start it & enable it via the CLI, and maybe reboot, CWP will see it running.
All CWP is doing in the background is running
Usually once you start it & enable it via the CLI, and maybe reboot, CWP will see it running.
All CWP is doing in the background is running
Code: [Select]
systemctl status csfAnd then displaying On/Off32
CentOS 9 Problems / Re: monit with AL9
« Last post by Starburst on October 18, 2025, 08:46:05 PM »I hate that program, and I hate that CWP forces you to install it.
I usually install it, disable it from ever starting again.
Would recommend a 3rd party solution, but you mentioned you only have the 1 server.
I usually install it, disable it from ever starting again.
Would recommend a 3rd party solution, but you mentioned you only have the 1 server.
33
Updates / ..no dir...
« Last post by venty on October 18, 2025, 04:13:43 PM »Hi,
during the last update via the CVP the following part is received:
https://prnt.sc/s-YC2zPIZkIF
which is part of the whole message.. .Other updates go through without problems...
BR
Venty
during the last update via the CVP the following part is received:
https://prnt.sc/s-YC2zPIZkIF
which is part of the whole message.. .Other updates go through without problems...
BR
Venty
34
Installation / Re: install cwp panel rocky linux
« Last post by setecabanas on October 18, 2025, 12:12:44 PM »Hi @overseer and are you able to use varnish correctly in AL9?
35
CentOS 9 Problems / Re: monit with AL9
« Last post by setecabanas on October 18, 2025, 12:06:01 PM »For me is useful for monitoring server processes in a simple way.
No need to use Nagios or similar, if you only have one server
No need to use Nagios or similar, if you only have one server
36
CentOS 9 Problems / Re: monit with AL9
« Last post by overseer on October 18, 2025, 11:55:40 AM »Do you find the functionality beneficial? I installed it originally but then disabled it (so now I don't get the CWP nag warning).
37
Installation / Re: install cwp panel rocky linux
« Last post by overseer on October 18, 2025, 11:54:18 AM »AlmaLinux 8 is the best foundation for a new server. AL9 is beta quality, mostly ready for production (with just a few known bugs -- such as CWP Migration does not work). Rocky Linux is more of a "rocky" experience -- incompatibilities, missing libraries, etc.
38
Installation / install cwp panel rocky linux
« Last post by RDouro on October 18, 2025, 11:22:13 AM »hi all wich best vervion rocky linux to install cwp panel ?
becouse i try the last version rocky have a problem in php
becouse i try the last version rocky have a problem in php
39
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« Last post by pedromidiasf on October 18, 2025, 09:58:49 AM »Hello,
We're encountering the same situation on one of our servers.
While we're actively performing cleanup operations, the critical question remains: Has this vulnerability truly been resolved by the "silent patch"?
Do you have any informations about when end what version of the patch/update ?
Best regards,
I've studied the vulnerability and I don't expect it to be able to exploit anything else. The attacker only had access as a low privileges users. If he had so much access, he wouldn't be mass exploiting every website of your server.
I recommend you to change your admin and client ports. This way, automated systems won't be able to find it right away.
If you want to be extra serious about it, format it. Don't take my word too serious but I see no reason to format. Never the less, always keep a clean backup.
I've added "HTTP Basic access authentication" to admin and client panels. I've also added this to wordpress login url's. This will block every public access and it creates a new layer of protection. I saw that my firewall got less blockage because there were no possibility for hackers to make requests. Every page, request or URL have been blocked with this. It works like a master password on sensible areas that is requested before opening or requesting anything.
My wordpress websites also infeted. And other websites non worpress also. Replaced index.php, added licelic.c" backup.c defauit.php. I found admin accounts in database WP-user wpadmin@volovmart.ru. I dont know how its happened. But i think it is Panel hacked because it is not effect only WordPress CMS. Im using CWP pro.
I believe Wordpress database was infected by external code execution. I also had this user and same email.
You should rebuild your wordpress from scratch. Best way is to firstly remove that user (with the wordpress panel). You can also execute queries to remove the user and the content he has created (if present).
Then import only this tables:
wp_users
wp_usermeta
wp_terms
wp_term_taxonomy
wp_posts
wp_postmeta
If your wordpress has user comments, also import:
wp_comments
wp_commentmeta
Then install all plugins from the installation menu (donīt import from the infected website). Everything has to be built again. Wordpress plugins creates a lot of tables that are not even needed. But be aware and test your website afterwards.
If you had made changes to your template before, install the template from the installation menu and take a deep look on each file you had modified. If done right, you probably you have a child folder for that theme. Take a deep look on each line of code of those modified files to see if something was injected. I did that manually and then i asked chatgpt if there were any malicious line of code just to confirm it.
If you have custom plugins, you have to take a deep look on each line of code as well.
40
Other / Re: Nginx Varnish Apache php-fpm 403 Forbidden
« Last post by setecabanas on October 18, 2025, 08:02:02 AM »I have same problem in a fresh intall of CWP with AL9
