Messages

1006

Information / Re: RH plan to kill RHEL clones

« on: June 29, 2023, 02:46:39 AM »

I'm sorry, but I'm not seeing a looming apocalypse on the horizon. I'm not believing that the sky is falling anytime soon.
Can you share more insight as to what your concerns are?

1007

E-Mail / Re: ip rotation

« on: June 27, 2023, 02:03:41 PM »

I have never done this, because I have never had more than 3 IPs assigned to a server and in that case I assign one to the host and 1 to each VM. The only rotation I have done is swapping the VMs around on the static IPs to help with mail delivery after one client shot themselves in the foot with an account compromise and harmed the reputation of the server.

Find out what IPs are assigned to your server:

Code: [Select]

ip a
ifconfig -aI would suspect you only have one IP assigned and active on your server.

1008

CentOS-WebPanel Bugs / Re: webpages is halted by the combination of NGINX and PHP-FRM

« on: June 27, 2023, 12:14:58 AM »

You mean you're not seeing the fastcgi_buffer lines in your Nginx vhost conf? It's because I added them in for tuning purposes.

Code: [Select]

fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;

1009

CentOS-WebPanel Bugs / Re: export database error in phpmyadmin

« on: June 26, 2023, 06:38:40 PM »

The only problem with not sharing info publicly is that then we don't have a knowledge pool from which to draw and infer solutions. So then you are driving others toward paid support. I have had all of one paid ticket, back several years ago during a cPanel migration. Since then, it's been a learning adventure but I am basically self-supported now. It does help not to stray too far from the defaults and what the kit provides -- then it's easier to diagnose issues as they come up.

1010

CentOS-WebPanel GUI / Re: [Feature Request] Use A Full Apache Status

« on: June 26, 2023, 02:10:28 PM »

I implemented this on my CWP apache server after the other thread brought it out; the only change I made was to make the icon an arrow so it matched the others -- a "power button" icon didn't make sense to me:

Code: [Select]

<?php include('/usr/local/cwpsrv/htdocs/resources/admin/include/configserver.php'); ?>
<script type="text/javascript">
        $(document).ready(function() {
                var newButtons = ''
                +' <li>'
                +' <a href="?module=apache_status"><span aria-hidden="true" class="icon16 icomoon-icon-arrow-right-3"></span>Apache Accesses</span></a>'
                +'</li>';
                $("ul#mn-3-sub").prepend(newButtons);
        });
</script>

1011

CentOS 7 Problems / Re: The connection is disconnecting

« on: June 26, 2023, 02:04:41 PM »

I replied. A couple of notes here for the benefit of others:

If you don't need active FTP, close down port 20 on the firewall and open up a passive range, something like 49000-50000. Also make sure you are running TLS connections ONLY with pure-ftpd:
https://wiki.centos-webpanel.com/how-to-install-tls-for-ftp
You may want to consider switching to SFTP instead, but that depends on your clients and how much trust is there.

I would suggest switching from port 2030 for admin to SSL ONLY: block port 2030 on the firewall and allow port 2031. CWP has had active security holes that have been exploited, so best to keep everything TLS/SSL and not run anything on plain HTTP. Also consider switching ports because security through obscurity does gain you something, particularly keeping you more stealth from people doing Shodan scans for ports 2030-2031.

Your main CWP test page loads, but none of the other sites that resolve to your server currently load. So that points not to a firewall issue, but a HTTP server vhost configuration issue, or perhaps a php-fpm problem.

1012

CentOS 7 Problems / Re: The connection is disconnecting

« on: June 25, 2023, 01:40:31 PM »

If you want to PM me your server IP address or main domain, I can test remotely to see if it is accessible or if it periodically is inaccessible. Otherwise, given the scant details, it's hard to know how to help you troubleshoot from afar.

1013

Information / Re: CWP AWSTATS

« on: June 25, 2023, 04:09:45 AM »

I'll give you my recommendation: Webalizer. I switched to it years ago and never looked back. AWStats was klunky by comparison. Webalizer is fast and detailed and strikes a good balance of info (very high, intuitive) vs. performance cost (very low).

1014

CentOS-WebPanel Bugs / Re: webpages is halted by the combination of NGINX and PHP-FRM

« on: June 24, 2023, 03:39:14 PM »

I added in the fastcgi tuning specifically for the Drupal installation, but some of the principles apply to WP sites, particularly loaded ones. You need to look for the block in your Nginx vhost conf that includes your php-fpm socket:

Code: [Select]

/opt/alt/php-fpm74/usr/var/sockets/user.sockAnd that's where you put in the fastcgi tuning directives (buffers, timeouts).

1015

CentOS 7 Problems / Re: The connection is disconnecting

« on: June 24, 2023, 03:30:57 PM »

MikroTik is a router hardware company... I run one of their hEX gigabit routers. So I am puzzled what you mean, unless you are simply talking about their Winbox software, which shouldn't affect your connection or CentOS server...

1016

CentOS-WebPanel Bugs / Re: webpages is halted by the combination of NGINX and PHP-FRM

« on: June 24, 2023, 03:45:59 AM »

Are your nginx conf files tuned according to the WP "recipe" from Nginx.com?
https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/
In your nginx vhost conf, do you do any buffer & timeout tuning? This is one I use with a Drupal site, so YMMV:

Code: [Select]

        fastcgi_pass unix:/opt/alt/php-fpm74/usr/var/sockets/user.sock;
        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
        try_files $fastcgi_script_name =404;
        fastcgi_index    update.php;
        include              fastcgi_params;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        # Block httpoxy attacks. See https://httpoxy.org/.
        fastcgi_param HTTP_PROXY "";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param QUERY_STRING $query_string;
        fastcgi_intercept_errors on;
    }
Anything special in your php-fpm7.4 user.conf?

Code: [Select]

[user]
listen = /opt/alt/php-fpm74/usr/var/sockets/user.sock
listen.allowed_clients = 127.0.0.1

;listen.owner = "user"
listen.group = "nobody"
listen.mode = 0660
user = "user"
group = "user"

;request_slowlog_timeout = 15s
;slowlog = /opt/alt/php-fpm74/usr/var/log/php-fpm-slowlog-user.log

pm = ondemand
pm.max_children = 4
pm.max_requests = 4000
pm.process_idle_timeout = 15s

;listen.backlog = -1
;request_terminate_timeout = 0s
rlimit_files = 131072
rlimit_core = unlimited
catch_workers_output = yes

env[HOSTNAME] = $HOSTNAME
env[TMP] = /home/user/tmp
env[TMPDIR] = /home/user/tmp
env[TEMP] = /home/user/tmp
env[PATH] = /usr/local/bin:/usr/bin:/bin

1017

SSL / Re: Subdomain has been deleted but SSL keep trying to renew

« on: June 24, 2023, 03:35:58 AM »

Code: [Select]

/root/.acme.sh/cwp_certs/As an example, you would delete the offending domain:

Code: [Select]

rm -rf /root/.acme.sh/cwp_certs/www.domain.comWhich removes the domain configuration, certificates and keys -- so make SURE you want to do this:
[root@srv]# ls -al /root/.acme.sh/cwp_certs/www.domain.com
total 40
drwxr-xr-x.  3 root root  211 Apr  1  2021 .
drwxr-xr-x. 89 root root 4096 Jun 21 22:22 ..
drwxr-xr-x.  2 root root   58 Apr  1  2021 backup
-rw-r--r--.  1 root root 3751 May 23 00:42 ca.cer
-rw-r--r--.  1 root root 5682 May 23 00:42 fullchain.cer
-rw-r--r--.  1 root root 1931 May 23 00:42 www.domain.com.cer
-rw-r--r--.  1 root root  918 May 23 00:42 www.domain.com.conf
-rw-r--r--.  1 root root 1094 May 23 00:42 www.domain.com.csr
-rw-r--r--.  1 root root  259 May 23 00:42 www.domain.com.csr.conf
-rw-r--r--.  1 root root 1679 Apr  1  2021 www.domain.com.key]

1018

Information / Re: Future of CWP?

« on: June 22, 2023, 03:18:49 AM »

AlmaLinux and Rocky Linux both offer migration paths. Seemingly, AlmaLinux offers a more flexible migration script, but Rocky would be workable by my reading. CentOS Stream is a dead end for a server: a rolling release that will never truly stabilize, no matter how you try to pin a delayed repo. You continue to ride the whitewater, forever.

1019

CentOS-WebPanel Bugs / Re: webpages is halted by the combination of NGINX and PHP-FRM

« on: June 22, 2023, 03:10:46 AM »

Are your pages database driven or static? Is the web page managed by a CMS like WordPress? Have you tuned the process timeouts in the vhost conf? Anything special done to tune your php-fpm 7.4? Is it just under a specific user account, or does it affect all users on the server?

1020

SSL / Re: Subdomain has been deleted but SSL keep trying to renew

« on: June 22, 2023, 03:08:05 AM »

Is the subdomain still listed as an orphan under Webserver Settings > SSL Certificates? If so, delete it. Otherwise, you may need to manually delete the LetsEncrypt/AutoSSL config file.