Messages

1

DNS / Re: Help with rDNS

« on: October 13, 2024, 01:21:49 AM »

This is only possible to set in the authoritative server.
You have access to that?

In a VPS server, normally, this is just configured with you provider.
This is yor case?

Regards,
Netino

2

PHP / Re: PHP Switcher version in Almalinux 9

« on: June 08, 2024, 02:05:30 AM »

You have enabled selinux on your server in enforcing mode. The ideal operation for selinux is to enable it in permissive mode, and only after resolving the error messages, then enable it in enforcing mode. It is not possible to install any web server management software with selinux enabled by default in enforcing mode, before operating it. You would have to work so much to solve the problems that it wouldn't be worth it. The best you can do is disable selinux, or only enable it in permissive mode, while you watch potential error messages.

Regards,
Netino

3

PHP / Re: PHP-FPM PHP 8.2 & 8.3 failing to update - CWPpro version: 0.9.8.1178

« on: May 22, 2024, 10:51:00 PM »

(...)
But for you, as you will use the CWP web environment, the more easy is to rename the file to /usr/bin/g++.old, and create a new script enabling that environment:
========================================================================
# mv /usr/bin/g++ /usr/bin/g++.old
# echo "scl enable devtoolset-7 'bash'" > /usr/bin/g++
# chmod 755 /usr/bin/g++
========================================================================
(...)

Sorry, this step is incomplete.
The correct, after install the environment, is:
========================================================================
# mv /usr/bin/g++ /usr/bin/g++.old
# echo "scl enable devtoolset-7 'bash'" > /usr/bin/g++
# echo "/opt/rh/devtoolset-7/root/usr/bin/g++" >> /usr/bin/g++
# chmod 755 /usr/bin/g++
========================================================================

We are simply using the newly installed 'g++'.
So, I just forget to invoke it.

4

PHP / Re: PHP-FPM PHP 8.2 & 8.3 failing to update - CWPpro version: 0.9.8.1178

« on: May 21, 2024, 11:33:49 PM »

The default installation of PHP-8.2.19 is failing at this point:
"configure: error: *** A compiler with support for C++17 language features is required"

Install the CentOS SCL repository, this is an environment enabled to run the g++ compiler, with C++17 support:
===========================================
yum installcentos-release-scl -y
===========================================

Yes, you are correct, sorry for the typo.
The correct repository installation is:
===========================================
yum install centos-release-scl -y
===========================================

You must to enable as default that environment.
===========================================
scl enable devtoolset-7 'bash'
===========================================
If did'n worked to you, is because that environment was not enabled by the script.

This can be made by several forms.
For the CWP team, is just to put that line right before the the php-fpm82 script installation invokation, in the php build script.

But for you, as you will use the CWP web environment, the more easy is to rename the file to /usr/bin/g++.old, and create a new script enabling that environment:
========================================================================
# mv /usr/bin/g++ /usr/bin/g++.old
# echo "scl enable devtoolset-7 'bash'" > /usr/bin/g++
# chmod 755 /usr/bin/g++
========================================================================

Only now, then, can you try compiling via CWP web environment.
Now, CWP will use it to build environment, when asked the g++ the environment will be enabled.

After you compile it with success, you need to return to the normal configuration:
========================================================================
# mv /usr/bin/g++ /usr/bin/g++.new
# mv /usr/bin/g++.old /usr/bin/g++
========================================================================

5

PHP / Re: PHP-FPM PHP 8.2 & 8.3 failing to update - CWPpro version: 0.9.8.1178

« on: May 20, 2024, 10:21:09 PM »

The default installation of PHP-8.2.19 is failing at this point:
"configure: error: *** A compiler with support for C++17 language features is required"

Install the CentOS SCL repository, this is an environment enabled to run the g++ compiler, with C++17 support:
===========================================
yum installcentos-release-scl -y
===========================================

Install C++ support for GCC version 7:
===========================================
yum install devtoolset-7-gcc-c++ --enablerepo='centos-sclo-rh' -y
===========================================

Just one line in the compiler script solves this problem, changing the environment to this compiler before building PHP version 8.2.19:
===========================================
scl enable devtoolset-7 'bash'
===========================================

After the above command, you can check the g++ version like this:
===========================================
g++ -v
===========================================

...resulting in this:
===========================================
(...)
gcc version 7.3.1 20180303 (Red Hat 7.3.1-5) (GCC)
===========================================

(Source: <https://access.redhat.com/documentation/en-us/red_hat_developer_toolset/7/html/user_guide/chap-gcc>)

The script must be run with this environment enabled.
Problem solved.

Regards,
Netino

6

SSL / Re: New SSL cert broke my server

« on: May 10, 2024, 11:30:26 PM »

Seems your files /etc/pki/tls/certs/hostname.bundle and /etc/pki/tls/private/hostname.key was generated at different moments.
The best an easier step to you, is save your server certificate.

Just save the hostname of your server again, and CWP will generate your server certificate again.

Regards,
Netino

7

Information / Re: Roundcube big security issue.

« on: April 26, 2024, 06:32:48 PM »

Yes, ModSecurity.
I have Como rules installed with ModSecurity, and it is blocking these access.

Regards,
Netino

8

Information / Re: Has anyone already migrate to Almalinux8 in a CentoOS7 OpenVZ container?

« on: April 26, 2024, 05:43:32 PM »

I find seems is nearly impossible, quoted from:
https://github.com/plesk/centos2alma/issues/87

Unfortunately, the news is not optimistic. We have investigated and it appears that there is no way to use Elevate (or any other Leapp-based tool) to convert the OS inside a container. This conclusion is based on two facts:

1. The Leapp upgrade process is based on the Interim System, which upgrades certain packages. It can be described as a temporary OS that replaces CentOS 7 packages with AlmaLinux 8 packages. Leapp does not modify packages inside CentOS 7 itself but rather performs preparations and reboots into an initrd OS that performs the actual transformation.
2. When we describe containers broadly, we can consider them as a form of isolation within your kernel. So it has no own bootloader, kernel or something where you could start temporary OS.
Therefore, there is no way to start the initrd inside a container. This is why the Leapp framework and as a result our current centos2alma tool cannot be used to convert the OS inside any container (e.g., Docker, Virtuozzo, etc).

Regarding vzupgrade, if I understand correctly, it is a tool to upgrade the bare-metal server that hosts virtual machines and containers. We have attempted to use it to convert a Virtuozzo container on our side without success. Additionally, there is the vzdeploy tool that can be used to convert CentOS 7 into VZLinux 7 inside a container. However, it simply reinstalls packages from the VZLinux repository within the container. As far as I can see, it cannot convert your CentOS 7 into VZLinux 8, for example. Therefore, it does not appear to be a solution to your problem.

We are also exploring other options for container owners:

1. As far as I know, Virtuozzo allows you to convert a container into a virtual machine. And a Virtuozzo virtual machine can be converted using any leapp based instrument (including centos2alma), so this seems to be the simplest way to resolve the issue.
2. You could use the Plesk migrator tool to migrate your Plesk from the CentOS 7 container to an AlmaLinux 8 container. Obviously you have to have this AlmaLinux 8 container somewhere.
3. Try converting your container with vzdeploy into VZLinux 7 and inquire with the Virtuozzo developers if there is any way to convert VZLinux 7 to VZLinux 8 inside a container.

I hope this information will be helpful in addressing your situation. Additionally, we will reach out to the Virtuozzo developers to inquire about their perspective on the problem.

9

Information / Has anyone already migrate to Almalinux8 in a CentoOS7 OpenVZ container?

« on: April 26, 2024, 05:07:34 PM »

Has anyone already migrate to Almalinux8 in a CentOS7 OpenVZ container?

I already know is needed to upgrade to Centos8, before to install AlmaLinux8, with the migration tool:
https://wiki.almalinux.org/documentation/migration-guide.html#how-to-migrate

But there are a indication this can be made the upgrade to AlmaLinux in a container, like this post:
https://bugs.almalinux.org/view.php?id=140

But I haven't tried it myself yet.
Has anyone tried this, and did it work?

Regards,
Netino

10

CentOS 8 Problems / Re: reboot problem

« on: January 25, 2024, 10:07:54 PM »

The 'shutdown' command is just a symlink to systemctl.
If the system does not answer 'shotdown' command, may be needed to try directly the systemctl command:

Code: [Select]

systemctl reboot
If the command does not work, you must need to investigate the logs, with the command:

Code: [Select]

journalctl -xe
If you don't undestand the logs, post the related lines here.

Regards,
Netino

11

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 13, 2024, 02:55:12 AM »

It happened to every single html webiste. Even one index.html static website, at the second click sent Forbiden.

Have you tried checking the file '/usr/local/apache/logs/modsec_audit.log', searching for what reason your sites are being blocked?

12

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 12, 2024, 01:43:17 AM »

That happened before some minutes. At every CWP PRO where I user mod_security with Comodo WAF then every site blocks every user.

So I modified it in order to fix. What do you suggest?

Are you using WordPress, with WooCommerce plugin.?!

WooCommerce was updated, and have a new cookies scheme that conflicts with Comodo WAF.
If so, try to downgrade WooCommerce to the old working version.

Regards,
Netino

13

PHP Selector / Re: Varnish reverse promxy selection by hosting client

« on: January 05, 2024, 07:35:37 PM »

No.
This is available only at root CWP panel, in Webserver Settings -> Webserver Domain conf -> select the username of your user -> Click in the button "View/Edit configuration", and choose the template of preference.

14

PHP Selector / Re: Redis Memcache with PHP-FPM Varnish

« on: January 05, 2024, 07:25:58 PM »

If somehow the redis server was installed, it may not have been activated.
Try:

Code: [Select]

# systemctl start redis


If it was enabled, you may have installed redis on another port, other than the default port 6379.
Check with:

Code: [Select]

# netstat -tupln | grep redis-server...and check if it is up and responding on port 6379.

Regards,
Netino

15

CentOS-WebPanel Bugs / Apache config file 'empty.conf' is turning Varnish unusable?

« on: December 13, 2023, 02:13:11 AM »

I tested if the varnish cache is working in my installation, like per tutorial here:
https://wiki.centos-webpanel.com/varnish-cache-test

But I checked the varnishd server is not working at all.

The file '/usr/local/apache/conf.d/empty.conf' is making varnish, nginx, Cloudflare, etc, unusable?
Has anyone else had this type of problem?

This configuration file is adding some Apache headers, to tell the proxies not to store cached pages, and asking them to fetch a new page from the server.
The headers are as follows:

File '/usr/local/apache/conf.d/empty.conf':

Code: [Select]

   (...)
    <filesMatch "\.(js)$">
        Header set Cache-Control "private"
    </filesMatch>
    <filesMatch "\.(x?html?|php)$">
        Header set Cache-Control "private, must-revalidate"
    </filesMatch>
   (...)

From google:
=============================================
Cache-Control: Private - The private response directive indicates that a resource is user specific—it can still be cached, but only on a client device. For example, a web page response marked as private can be cached by a desktop browser, but not a content delivery network (CDN).
=============================================
Cache-Control: must-revalidate - Indicates that once the resource is stale, a cache (client or proxy) must not use the response to satisfy subsequent requests without successful validation on the origin server.
=============================================

In other words, this configuration file is completely disabling caching for varnish, nginx, Cloudflare, etc.
Does this just happen to me, or is anyone else having this problem?

Regards,
Netino