Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - 6Sense

Pages: [1] 2 3 ... 9
1
Changing SSH port is imperative IMO.

Just be aware that the gsocket exploit bypasses the firewall entirely (doesn't matter what ports you block) so this is not an effective measure against it. Was glad to see multiple CWP version upgrades in quick succession to help keep us safe.

2
Updates / Re: Did 0.9.8.1239 remove extra DB users?
« on: July 02, 2026, 02:38:01 AM »
Mmm can confirm strange happening with this update.

No SQL user problems for me but it did make some sort of change. I use certs instead of user/password to access SFTP & all my logins were denied this morning. I had to allow password auth and then match users with IPs to secure as a work around.


3
Other / Re: 9 CVE's just dropped for those running Node.js
« on: June 26, 2026, 02:29:29 PM »
Patched versions are out (CWP has them available in the Node.js configuration tab).

From internet: To ensure your runtime is completely insulated from this vulnerability, upgrade to at least the minimum version listed below:Node.js 22 (LTS): v22.23.0 or later (Note: v22.23.1 was released shortly after to address a separate regression)Node.js 24 (LTS): v24.17.0 or laterNode.js 26 (Current): v26.3.1 or later

What is with 2026 and exploits? I'm doing more patching than developing lately!

4
Thanks for the apache update cheatsheet @Starburst

Perfect as usual & always appreciated  :)

5
I'm pretty sure CWP doesn't auto install PM2 when you set up the node.js mod (otherwise I'd have it installed too).

Maybe it was installed as s dependancy for something you were doing.

6
Mmm I don't use PM2 so it might be your issue.

CWP restarts the node.js server as long as you use the manager so you probably don't need it.

7
Not very helpful to you admittedly but mine auto restarts without an issue. I'm running version:24.15.0

8
Installation / Copy Fail (CVE-2026-31431) Patches Released
« on: May 07, 2026, 10:33:43 PM »
Got an official warning email from my host so thought I'd pass it on to all you linux OS users.

'Our records indicate that you are currently running a Linux instance. On April 29th, 2026, a new high-severity Linux kernel zero-day vulnerability was disclosed, called “Copy Fail” (CVE-2026-31431). This vulnerability enables unauthorized privilege escalation, potentially providing root access.'

Patchs are now available for Alma/Rocky etc so ensure you all upgrade.

https://almalinux.org/blog/2026-05-01-cve-2026-31431-copy-fail/

9
CentOS 9 Problems / Re: ClamAV issue in user panel
« on: February 02, 2026, 10:17:41 PM »
Did you try the Fix Permissions option in CWP UI?

User Accounts > Fix Permissions

10
DNS / Re: Reverse DNS pointer record
« on: January 27, 2026, 01:14:58 AM »
Cool stuff!  ;D

Be sure to check your mail DNS settings now that your host name is bob.thisdomain.org. There are different ways to set it up but I've listed what I prefer below for you.

mail - A - your IP
webmail - A - your IP
imap - CNAME - thisdomain.org
pop - CNAME - thisdomain.org
pop3 - CNAME - thisdomain.org
smtp - CNAME - thisdomain.org

Lastly ensure you have DMARC, DKIM & SPF set up correctly. These are necessary for many large email providers now. You can check to see everything is good here https://mxtoolbox.com/

11
DNS / Re: Reverse DNS pointer record
« on: January 23, 2026, 01:51:40 AM »
Hostname should have a DNS A record eg: A - bob - your IP

You should also update your RDNS on the server host to bob.thisdomain.org if its currently pointed to mail.thisdomain.org

12
E-Mail / Re: Roundcube - Connection Error (Failed to reach server)
« on: December 25, 2025, 11:00:40 PM »
Try again with your signature & check your Mod security logs, might need to disable one or two rules.

From CWP menu

Security > Mod Security & cick on logs

I had similar issue ages ago & Mod security was denying emails from Roundcube that had anythig more than a few words in the email (was only with Roundcube, all mail from other mail clients worked fine).

13
Are you using another DNS service in the interum as your current DMARC records show as fine in MXTools. I'm on ALMA 8 and don't seem to have this issue. Is it listed correctly in /var/named/your-domain.db

MXTools shows:

v=DMARC1; p=quarantine; rua=mailto:dmarc@skon.gr; fo=1

14
CSF Firewall / Re: Continued CWP support with new CSF fork
« on: December 18, 2025, 10:06:04 PM »
Thanks, all installed.

OMG were actually a nose in front of cPanel with this one!

15
How to / Re: Clear alerts & notifications from CLI?
« on: December 11, 2025, 04:57:00 AM »
Yup, works too!

Pages: [1] 2 3 ... 9