Messages

121

PHP / Re: GD Webp Support

« on: November 02, 2021, 04:28:20 AM »

Did you check the info.php file?
The default installation of PHP already have GD webp support.

Sorry for the aparent redundancy, but no nginx, and no Varnish?
Apache can still be used without varnish, without nginx, and without any other, apache only.
It's apache only?

If so, check your 'Vary' headers returned in your

122

Installation / Re: Upgrade mariadb 10.5

« on: November 02, 2021, 03:44:23 AM »

Your upgrade to version 10.5 was made from which version?

123

PHP / Re: GD Webp Support

« on: November 02, 2021, 03:36:33 AM »

Hi,

Looks like I'm having a problem similar to yours.
I'm waiting answer from customer, if the problem was solved.
Searching about in internet, seems the problem is due to use nginx as a proxy, in scheme: nginx <-> varnish <-> apache

Perhaps, are you using nginx & varnish & apache scheme.?

If so, the static pages are being served by nginx, to speed up loading pages, and not by apache.
So, you can try to exclude images extensions from you nginx configuration, to make apache serve it.

Depending on the template you are using, you can simply remove extensions from the location directive.

Regards,
Netino

124

Installation / Re: Upgrade mariadb 10.5

« on: November 01, 2021, 04:09:47 AM »

What you mean by "Remote button".?

Regards,
Netino

125

CentOS-WebPanel Bugs / Bug in Template Files in "WebServers Main Conf" and "WebServers Domain Conf"

« on: November 01, 2021, 04:05:42 AM »

I added some template files ('.tpl' and '.stpl') to the nginx webserver, to the location:
/usr/local/cwpsrv/htdocs/resources/conf/web_servers/vhosts/nginx/

The files are available to edit in "WebServer Settings" | "WebServers Template Editor" (just to edit).

But they should be available too in "WebServer Settings" | "WebServers Main Conf" and "WebServer Settings" | "WebServers Domain Conf" to edit configuration, but the templates just created are not available there!
So, we cannot use it at all.
By documentation, they must to be available there.

I tested in two different servers, and the problem persist.
Someone else can confirm the bug.?

Regards,
Netino

126

PHP / Re: User's PHP.INI Editor not working

« on: November 01, 2021, 03:50:13 AM »

Where you is adding that file.?
The location is:

Code: [Select]

/home/USER/public_html/.user.ini
(Note the dot '.' at the beginning of that filename)

For example, if you have an USER named 'digdug', you will must have a file like:

Code: [Select]

-rw-r--r-- 1 digdug digdug 296 Nov  1 00:39 /home/digdug/public_html/.user.ini
with permission 644.
(the 'user' in '.user.ini' is just literal, not a user of your system)

127

How to / Re: How to disable postfix, clamav and bind server?

« on: October 31, 2021, 02:46:16 AM »

If you know they are "unneeded", why you already don't know to remove then?
Are you sure is really unneeded?
They are *vital* to most people here, for hosting services.

Code: [Select]

yum remove -y postfix
yum remove -y clamd clamav clamav-filesystem clamav-update clamav-lib clamav-data
yum remove -y bind bind-libs bind-libs-lite bind-export-libs bind-license bind-utils

Regards,
Netino

128

PHP / Re: User's PHP.INI Editor not working

« on: October 31, 2021, 02:36:36 AM »

Seems you have a permission problem with your ini file.
(Perhaps edited by root user?)

What are your user using? php-cgi, php-fpm.?

Regards,
Netino

129

Installation / Re: EMERGENCY HELP ME

« on: October 31, 2021, 02:30:32 AM »

I'm setting up the whole system, but I'm making mistakes on the rope. Please help me so I can publish my own server.
I want to be able to host a service for my domains with a static rope.

Yes, CWP is just for that.

I want to switch to the pro version of the panel

You must buy a license. Contact suppport at <>

I can't set up the static ip properly.

This needs to be configured before CWP. It must have been configured when your server was delivered. Contact your ISP for this.

Regards,
Netino

130

SSL / Re: Disable TLSv1.0 and v1.1 in openssl

« on: September 19, 2021, 04:39:29 AM »

Hello, how can we disable TLS v1.0 and v1.1 in openSSL? We tries all but then openSSL breaks all. We are able to disable tls on apache and NGIX but not on openSSL. Please any suggestions?

Thanks, Ron

Are you by any chance referring to "OpenSSH" instead "OpenSSL"...?!
If so, then your best bet is to follow what the <https://cipherlist.eu> website says, as a starting point.

Change your /etc/ssh/sshd_config file as following:

Code: [Select]

Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key
HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256
KexAlgorithms curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com

...and restart your openssh server (as root user):

Code: [Select]

# systemctl restart openssh

Regards,
Netino

131

DNS / Re: There are many query this website on BIND

« on: July 28, 2021, 07:39:56 PM »

As indicated in:
https://www.linuxquestions.org/questions/linux-newbie-8/there-are-many-query-this-website-on-my-dns-server-4175676097/

The solution is to Include the following lines in '/usr/local/csf/bin/csfpre.sh' file:

Code: [Select]

iptables -A INPUT -p udp --dport 53 -m string --algo kmp --string "pizzaseo" -j DROP
iptables -A INPUT -p udp --dport 53 -m string --algo kmp --from 0x38 --hex-string "|0000ff00010000292328000000000000|" -j DROP

And restart csf/lfd:

Code: [Select]

csf -x; csf -e

Regards,
Netino

132

Dovecot / Re: Need Domain specific sieve script instead of system global

« on: July 20, 2021, 12:04:10 AM »

From (adapted to CWP):
https://support.tigertech.net/sieve#sieve-filtering-for-jmp-2

Sieve filtering for an entire domain name

In addition to filters for each mailbox, it’s possible to create filters that apply to all addresses at your domain name. This is done by placing script files named “domain-before.sieve” and/or “domain-after.sieve” in your domain’s home directory:

Code: [Select]

/var/vmail/example.com/domain-before.sieve
/var/vmail/example.com/domain-after.sieve

You can put these on the server using an FTP connection to your home directory, or by using SFTP or a shell connection (both of which always have access to your home directory).

A “domain-before.sieve” script (if one exists) runs before any per-mailbox “mailbox.sieve” script, and a “domain-after.sieve” script (if one exists) runs after. So when a message arrives, three different Sieve script files will be searched for and used if present, in this order:

Code: [Select]

/var/vmail/example.com/domain-before.sieve
/var/vmail/example.com/mailboxuser/mailbox.sieve
/var/vmail/example.com/domain-after.sieve

Each script is used only if a previous script didn’t discard the message or file it into a folder, so the order matters. If you want to create domain-wide rules that override “mailbox.sieve” scripts, you’d put them in the “domain-before.sieve” script. To create domain-wide rules that are used only if “mailbox.sieve” doesn’t do anything, you’d put them in “domain-after.sieve”.

133

How to / Re: [Howto] Install Rspamd

« on: July 07, 2021, 12:41:10 AM »

Hello Netino,

I am getting the following error:

Sorry for long delay...

Code: [Select]

# rspamadm configtest
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:452: both auth_only (true) and sign_authenticated (true) for dkim_signing are specified, prefer auth_only
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:452: both auth_only (true) and sign_authenticated (false) for arc are specified, prefer auth_only



You can comment or remove the "auth_only" variable in '/etc/rspamd/local.d/dkim_signing.conf' (and/or /etc/rspamd/local.d/arc.conf):

Code: [Select]

#auth_only = true;


Code: [Select]

2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:242: conflicting names in surbl and rbl rules: SEM_URIBL_FRESH15_UNKNOWN, prefer surbl rule!
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:242: conflicting names in surbl and rbl rules: SEM_URIBL_UNKNOWN, prefer surbl rule!
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:242: conflicting names in surbl and rbl rules: URIBL_MULTI, prefer surbl rule!
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:242: conflicting names in surbl and rbl rules: SURBL_MULTI, prefer surbl rule!
2020-10-18 13:20:15 #0(main) <>; lua; lua_cfg_transform.lua:242: conflicting names in surbl and rbl rules: DBL, prefer surbl rule!
syntax OK


You can remove entirely the file '/etc/rspamd/local.d/surbl.conf', due to rspamd now have replaced these functions in '/etc/rspamd/local.d/rbl.conf', at the current version(2.7) of rspamd.

Code: [Select]

CLAM_VIRUS_FAIL (0) [failed to scan and retransmits exceed]

The message claims there was a problem trying to check the clam upstream-server. If upstream returns err, it try to contact different upstream for retransmits-1 times. If this doesn’t help, the function returns the message. Clam sometimes is a delayed daemon.
So, you must sure to configure more clamd daemons (in clamd.conf), or adding more memory to your server, or configure something like the following in "/etc/rspamd/local.d/antivirus.conf":

Code: [Select]

clamav {
...
    timeout = 15.0;
    retransmits = 4;
...
}


My Status :

Code: [Select]

# rspamc stat
Results for command: stat (0.186 seconds)
Messages scanned: 142
Messages with action reject: 3, 2.11%
Messages with action soft reject: 0, 0.00%
Messages with action rewrite subject: 0, 0.00%
Messages with action add header: 3, 2.11%
Messages with action greylist: 3, 2.11%
Messages with action no action: 133, 93.66%
Messages treated as spam: 6, 4.22%
Messages treated as ham: 136, 95.77%
Messages learned: 129
Connections count: 0
Control connections count: 61
Pools allocated: 137
Pools freed: 191
Bytes allocated: 3.92GiB
Memory chunks allocated: 4294966837
Shared chunks allocated: 33
Chunks freed: 0
Oversized chunks: 2
Fuzzy hashes in storage "rspamd.com": 1519996981
Fuzzy hashes stored: 1519996981
Statfile: BAYES_SPAM type: redis; length: 0; free blocks: 0; total blocks: 0; free: 0.00%; learned: 0; users: 0; languages: 0
Statfile: BAYES_HAM type: redis; length: 0; free blocks: 0; total blocks: 0; free: 0.00%; learned: 3; users: 1; languages: 0
Total learns: 3


Seems working...

Disabled:
SpamAssassin, Amavisd & Opendkim

Ok

another error

Code: [Select]

2020-10-18 17:02:30 #1596(controller) <66e689>; csession; rspamd_controller_handle_lua_plugin: plugin handler /plugins/selectors/list_extractorss has not been found
2020-10-18 17:02:30 #1596(controller) <15eeb3>; csession; rspamd_controller_handle_lua_plugin: plugin handler /plugins/selectors/list_transformss has not been found


I could not reproduce this problem with 'rspamd_controller_handle_lua_plugin' handler.
Seems a problem with the controller, configured in '/etc/rspamd/local.d/worker-controller.inc'.

Code: [Select]

(...)
# Listen on all IPs (change, if needed)
bind_socket = "localhost:11334";
(...)

Try checking whether 'bind_socket' is set to "localhost:11334" or "127.0.0.1:11334" (as for IPv4) , or "[::1]:11334" (as for IPv6), and also if your controller is responding in one of these three configurations, and configure the file "worker-controller.inc" accordingly.

Code: [Select]

bind_socket = "127.0.0.1:11334";
or

Code: [Select]

bind_socket = "[::1]:11334";

The Rspamd maillist has a discussion about the possibility of a misconfiguration in your reverse proxy
adding extra 's' at the end of plugin locations. check here:
https://lists.rspamd.com/pipermail/users/2020-October/001828.html

Code: [Select]

2020-10-18 11:18:54 #1615(rspamd_proxy) <ddfbed>; proxy; dkim_module_load_key_format: cannot load dkim key /etc/opendkim/userkeys/ysseit.com/default.private: cannot map key file: '/etc/opendkim/userkeys/ysseit.com/default.private' Permission denied
2020-10-18 15:34:38 #1657(rspamd_proxy) <592d68>; proxy; dkim_module_load_key_format: cannot load dkim key /etc/opendkim/userkeys/ysseit.com/default.private: cannot map key file: '/etc/opendkim/userkeys/ysseit.com/default.private' Permission denied
2020-10-18 15:35:41 #1657(rspamd_proxy) <7db261>; proxy; dkim_module_load_key_format: cannot load dkim key /etc/opendkim/userkeys/ysseit.com/default.private: cannot map key file: '/etc/opendkim/userkeys/ysseit.com/default.private' Permission denied


You must to change ownership to 'opendkim' user:

Code: [Select]

# chown opendkim:opendkim /etc/opendkim/userkeys/ysseit.com/default.private

And the permissions (for security) to:

Code: [Select]

chmod 640 /etc/opendkim/userkeys/ysseit.com/default.private
chmod 644 /etc/opendkim/userkeys/ysseit.com/default.txt

Regards,
Netino

134

CentOS 7 Problems / Re: Log troubleshooting

« on: January 24, 2020, 04:08:14 AM »

What webserver are you using..?!

There are some possibilities.
Check search.

Found something like that:
http://forum.centos-webpanel.com/centos-webpanel-bugs/default-page-changed-to-index-html-on-all-sites!/

Regards,
Netino

135

CentOS 5 Problems / Re: PROBLEM OF LOAD AVERAGES

« on: January 21, 2020, 02:21:35 AM »

Load averages are highly randomized, and is possible you will don't have two sequential commands, aparted from three or four seconds, run with equal values.
What the size of these differences?

Regards,
Netino