Control Web Panel
WebPanel => PHP => Topic started by: venty on July 10, 2025, 08:40:54 AM
-
Hi,
please help, why in the CWP panel, when I go to the menu PHP Settings/PHP imfo, php info is displayed like this:
https://prnt.sc/FcozFB37iNmK
and not like this:
https://prnt.sc/GdtmAeHoBNDd
The versions of PHP are different, but this should not be the reason for the difference in the views...
Thanks in advance!
BR
Venty
-
The main php version from the CLI that you have set used by PHP Switcher is called for php info on your first case. The display is typical for a 7.x version -- CWP renders it using their stylesheet so it matches the rest of the panel. But if you have an 8.x or later, it will call the normal php.info and display it in that space.
-
The main php version from the CLI that you have set used by PHP Switcher is called for php info on your first case. The display is typical for a 7.x version -- CWP renders it using their stylesheet so it matches the rest of the panel. But if you have an 8.x or later, it will call the normal php.info and display it in that space.
Hi,
Thank you very much for the answer, but I updated it to a higher version of PHP - 8.1.32, and the display is the same...
I found that when I select menu PHP Settings/PHP info in the error logs, I have the following entries:
[Wed Jul 16 09:24:02.156951 2025] [security2:error] [pid 57264:tid 57296] [client 80.100.247.29:57842] ModSecurity: Warning. Unconditional match in SecAction. [file "/usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/RESPONSE-980-CORRELATION.conf"] [line "98"] [id "980170"] [msg "Anomaly Scores: (Inbound Scores: blocking=8, detection=8, per_pl=8-0-0-0, threshold=5) - (Outbound Scores: blocking=0, detection=0, per_pl=0-0-0-0, threshold=4) - (SQLI=0, XSS=0, RFI=0, LFI=0, RCE=0, PHPI=5, HTTP=0, SESS=0, COMBINED_SCORE=8)"] [ver "OWASP_CRS/4.15.0"] [tag "reporting"] [tag "OWASP_CRS"] [hostname "80.100.247.29"] [uri "/phpinfo.php"] [unique_id "aHdFgh8PEqQ3cHJu45Rg6gAAAIM"]
[Wed Jul 16 09:24:02.156739 2025] [security2:error] [pid 57264:tid 57296] [client 80.100.247.29:57842] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "80.100.247.29"] [uri "/phpinfo.php"] [unique_id "aHdFgh8PEqQ3cHJu45Rg6gAAAIM"]
[Wed Jul 16 09:24:02.156378 2025] [security2:error] [pid 57264:tid 57296] [client 80.100.247.29:57842] ModSecurity: Warning. Matched phrase "phpinfo" at REQUEST_FILENAME. [file "/usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf"] [line "339"] [id "933150"] [msg "PHP Injection Attack: High-Risk PHP Function Name Found"] [data "Matched Data: phpinfo found within REQUEST_FILENAME: /phpinfo.php"] [severity "CRITICAL"] [ver "OWASP_CRS/4.15.0"] [tag "application-multi"] [tag "language-php"] [tag "platform-multi"] [tag "attack-injection-php"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-PHP"] [tag "capec/1000/152/242"] [hostname "80.100.247.29"] [uri "/phpinfo.php"] [unique_id "aHdFgh8PEqQ3cHJu45Rg6gAAAIM"]
[Wed Jul 16 09:24:02.155614 2025] [security2:error] [pid 57264:tid 57296] [client 80.100.247.29:57842] ModSecurity: Warning. Pattern match "(?:^([\\\\d.]+|\\\\[[\\\\da-f:]+\\\\]|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/usr/local/apache/modsecurity-rules/owasp-crs/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "730"] [id "920350"] [msg "Host header is a numeric IP address"] [data "78.108.247.29"] [severity "WARNING"] [ver "OWASP_CRS/4.15.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "80.100.247.29"] [uri "/phpinfo.php"] [unique_id "aHdFgh8PEqQ3cHJu45Rg6gAAAIM"]
I added the IDs to global_disabled_rules.conf, but when I select menu PHP Settings/PHP info, the display is the same and the entries appear again...
What should I do?
BR
Venty