Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - hanliong

Pages: 1 [2] 3 4
16
I would suggest picking one, and looking at the man pages for that specific tool.  If you find a problem, you will have to investigate using other tools to find out what the real problem is. 

However, if you have managed help, let them sort it out.
Ok, thanks for your advise.
Since yesterday, my CWP keep sending alert like this: "monit alert -- Does not exist php-fpm73", then 5 minutes later, it send "monit alert -- Exist php-fpm73".
It happened every one hour. Whats wrong with that? Load server is fine. I have three PHP-FPM, and it has the same alert at the same time.
What should I check?


17
Hi,

Do you have the suggested tool among those five tools?
And which part I have to see for determining wheter the hard drive is good or not?

Thanks.

18
Dear rcschaff,

Thanks. But how do I check the Inode? And is there anyway to check if the hard drive is not good? Sorry, I'm not too expert in Linux.
I have contacted contabo support too. Unfortunately, their support is very slow. The support is not 24/7, but working like normal working hour. So I have to wait 1 day because we have different time zone.

19
Dear rcschaff,

Thanks for your explanation. At my "top" command there is no high process. But it suddenly get higher and higher then it down. I have the CSF log when it get more than 10% load. But nothing CPU and or Memory consume high resources. Only amavis consume 16% of memory, but it is ok. I have 8Gb Memory. That is why I really confuse.
When it started get higher more than 5%, I run this command to show the highest cpu and memory usage:

Code: [Select]
ps -eo user,pid,ppid,cmd,%mem,%cpu --sort=-%mem | head
But from the result there is nothing. CPU load just average 0.xx% and Memory too, just amavis consume 16%, but I'm sure it wont cause server down.
Ater that, the load get higher and higher so quickly, and vps down. I can access the vps through VNC and I can see it did not down, because the uptime still continuing.

Is it possible CSF Firewall cause high load without able to be monitored?

I use vps KVM from contabo.com. May be you or someone else know about this company.

20
systemctl start | stop | restart <Servicename>

Apache  "  systemctl restart httpd   "
Nginx   " systemctl restart nginx   "
PHP-FPM   systemctl restart php-fpm71
               systemctl restart php-fpm72  ...  ETC for each version you have installed
Thanks for your help.
But I still wonder, why did my vps down while there is no high activity inside the vps. There is no high traffic site too. But it loads high until getting down. Is there anything I need to know beside restarting the service? I use VPS KVM. Is it possible that it is caused by another vps inside one machine with mine?

Thanks.

21
I have tried to find help at google, but I cant find it.
My vps often down without clearly reason. It suddenly got load more than 10%, and then it got down. I dont see any unusual activity inside my vps.
I have made bash script to restart apache when the load get higher. But it didnt work.
So, please tell me how to restart the service for Mysql, Apache, Nginx, PHP-FPM from shell. And how to kill all PHP-cgi and PHP-FPM process from shell.

Thanks.

22
PHP Selector / Re: Problem when swich from PHP-CGI to PHP-FPM
« on: October 27, 2021, 02:13:16 AM »
After the last update, I also rebuilt Control Web Panel Settings and Setup default Web Servers, after which a domain that had this problem worked again.
What do you mean by rebuilding CWP Setting?
"Setup default Web Servers", do you mean running to rebuild apache only or apache + nginx?

Thanks.

23
PHP Selector / Re: where is php-fpm stored for a domain?
« on: October 26, 2021, 01:40:41 AM »
the easiest is to check webservers vhost conf apache/nginx if nothing is there related to php-fpm then it's php-cgi meaning default from switcher if not custom-defined in the .htaccess
Do you mean at this location for nginx /etc/nginx/conf.d/vhosts/[domain_name].conf?

24
PHP Selector / Re: Problem when swich from PHP-CGI to PHP-FPM
« on: October 26, 2021, 01:36:02 AM »
I have done all. I ensure the FPM service was started as well as using monit to monitor it. And at monit it said OK, there is no problem.
But when accessing the website, it gave erro 503: Service Unavailable. At error log, it is written: "AH01079: failed to make connection to backend: httpd-UDS".
I find at google there are many people face the same issue with CWPPro, and there is no exact solution for that.

25
PHP Selector / Problem when swich from PHP-CGI to PHP-FPM
« on: October 24, 2021, 08:58:46 AM »
At first, I just use PHP-CGI with selection: php 7.3, php 7.4, and php 8.0
Then, I want to add PHP-FPM too, because I read PHP-FPM can run faster than PHP-CGI. So I enable PHP-FPM for php 7.4 and php 8.0
I tried to one of my site. I change the PHP version from PHP 7.4 (CGI) to PHP 7.4 (FPM), but when opening my site, it gave error 503: Service Unavailable. At error log, it is written: "AH01079: failed to make connection to backend: httpd-UDS"

I changed back to PHP 7.4 (CGI), but it didnt work. It gave the same error. Changing to PHP 8.0 (CGI) and PHP 8.0 (FPM) also gave the same error.
Then only work selector was using PHP 7.3 (CGI).

I tried to find help at google. and I read many people face the same issue with CWP.

My question, is PHP-FPM conflict with PHP-CGI if both of them have the same version? Because it gave the same error for PHP 7.4 and PHP 8.0 which have CGI and FPM option. But it worked with PHP 7.3 because there is no PHP 7.3 FPM installed.
I have tried to restart apache and php-fpm service. but no luck.

How to fix it?

26
PHP Selector / where is php-fpm stored for a domain?
« on: October 24, 2021, 08:49:19 AM »
I have tried to find at google, where actually CWP stores which PHP-FPM choosen by customer for his domain.
If we use PHP-CGI, we simply change it at .htaccess like this:
Code: [Select]
AddHandler application/x-httpd-php73 .phpBut when we choose for example PHP 7.4 (FPM), it is not written in .htaccess.So, where does CWP store it? I want to check my customer uses which PHP-FPM version quickly without use phpinfo(); at his site.

27
CentOS 7 Problems / You need a CWPPRO license to use this module
« on: August 02, 2021, 07:07:19 AM »
I have used CWP for years. Today I face the strange think. I have bought CWP Pro license. When I go to admin panel, it is written CWP7Pro. But when I login to user panel to change the PHP Selector, it is unable. it show: You need a CWPPRO license to use this module
I have tried to run sh /scripts/update_cwp and /etc/cron.daily/cwp, but the issue still happen.

How can it happen? Admin Panel said: CWP7Pro, but user panel said: Not Pro?

28
FTP / Re: Enabling FTPs or FPTes
« on: June 19, 2021, 02:34:55 AM »
post the contents of your pure-ftpd.conf
Dear Joseph,

here it is all content of my pure-ftpd.conf

Code: [Select]
############################################################
#                                                          #
#             Configuration file for pure-ftpd             #
#                                                          #
############################################################

# If you want to run Pure-FTPd with this configuration
# instead of command-line options, please run the
# following command :
#
# /usr/sbin/pure-ftpd /etc/pure-ftpd/pure-ftpd.conf
#
# Online documentation:
# https://www.pureftpd.org/project/pure-ftpd/doc


# Restrict users to their home directory

ChrootEveryone               yes



# If the previous option is set to "no", members of the following group
# won't be restricted. Others will be. If you don't want chroot()ing anyone,
# just comment out ChrootEveryone and TrustedGID.

# TrustedGID                   100



# Turn on compatibility hacks for broken clients

BrokenClientsCompatibility   no



# Maximum number of simultaneous users

MaxClientsNumber             50



# Run as a background process

Daemonize                    yes



# Maximum number of simultaneous clients with the same IP address

MaxClientsPerIP              8



# If you want to log all client commands, set this to "yes".
# This directive can be specified twice to also log server responses.

VerboseLog                   no



# List dot-files even when the client doesn't send "-a".

DisplayDotFiles              yes



# Disallow authenticated users - Act only as a public FTP server.

AnonymousOnly                no



# Disallow anonymous connections. Only accept authenticated users.

NoAnonymous                  no



# Syslog facility (auth, authpriv, daemon, ftp, security, user, local*)
# The default facility is "ftp". "none" disables logging.

SyslogFacility               ftp



# Display fortune cookies

# FortunesFile                 /usr/share/fortune/zippy



# Don't resolve host names in log files. Recommended unless you trust
# reverse host names, and don't care about DNS resolution being possibly slow.

DontResolve                  yes



# Maximum idle time in minutes (default = 15 minutes)

MaxIdleTime                  15



# LDAP configuration file (see README.LDAP)

# LDAPConfigFile                /etc/pure-ftpd/pureftpd-ldap.conf



# MySQL configuration file (see README.MySQL)

# MySQLConfigFile               /etc/pure-ftpd/pureftpd-mysql.conf


# PostgreSQL configuration file (see README.PGSQL)

# PGSQLConfigFile               /etc/pure-ftpd/pureftpd-pgsql.conf


# PureDB user database (see README.Virtual-Users)

PureDB /etc/pure-ftpd/pureftpd.pdb


# Path to pure-authd socket (see README.Authentication-Modules)

# ExtAuth                       /var/run/ftpd.sock



# If you want to enable PAM authentication, uncomment the following line

PAMAuthentication    yes



# If you want simple Unix (/etc/passwd) authentication, uncomment this

UnixAuthentication       yes



# Please note that LDAPConfigFile, MySQLConfigFile, PAMAuthentication and
# UnixAuthentication can be used specified once, but can be combined
# together. For instance, if you use MySQLConfigFile, then UnixAuthentication,
# the SQL server will be used first. If the SQL authentication fails because the
# user wasn't found, a new attempt will be done using system authentication.
# If the SQL authentication fails because the password didn't match, the
# authentication chain stops here. Authentication methods are chained in
# the order they are given.



# 'ls' recursion limits. The first argument is the maximum number of
# files to be displayed. The second one is the max subdirectories depth.

LimitRecursion               10000 8



# Are anonymous users allowed to create new directories?

AnonymousCanCreateDirs       no



# If the system load is greater than the given value, anonymous users
# aren't allowed to download.

MaxLoad                      4



# Port range for passive connections - keep it as broad as possible.

# PassivePortRange             30000 50000



# Force an IP address in PASV/EPSV/SPSV replies. - for NAT.
# Symbolic host names are also accepted for gateways with dynamic IP
# addresses.

# ForcePassiveIP               192.168.0.1



# Upload/download ratio for anonymous users.

# AnonymousRatio               1 10



# Upload/download ratio for all users.
# This directive supersedes the previous one.

# UserRatio                    1 10



# Disallow downloads of files owned by the "ftp" system user;
# files that were uploaded but not validated by a local admin.

AntiWarez                    yes



# IP address/port to listen to (default=all IP addresses, port 21).

# Bind                         127.0.0.1,21



# Maximum bandwidth for anonymous users in KB/s

# AnonymousBandwidth           8



# Maximum bandwidth for *all* users (including anonymous) in KB/s
# Use AnonymousBandwidth *or* UserBandwidth, not both.

# UserBandwidth                8



# File creation mask. <umask for files>:<umask for dirs> .
# 177:077 if you feel paranoid.

Umask                        133:022



# Minimum UID for an authenticated user to log in.
# For example, a value of 100 prevents all users whose user id is below
# 100 from logging in. If you want "root" to be able to log in, use 0.

MinUID                      1000



# Do not use the /etc/ftpusers file to disable accounts. We're already
# using MinUID to block users with uid < 1000

UseFtpUsers no



# Allow FXP transfers for authenticated users.

AllowUserFXP                 no



# Allow anonymous FXP for anonymous and non-anonymous users.

AllowAnonymousFXP            no



# Users can't delete/write files starting with a dot ('.')
# even if they own them. But if TrustedGID is enabled, that group
# will exceptionally have access to dot-files.

ProhibitDotFilesWrite        no



# Prohibit *reading* of files starting with a dot (.history, .ssh...)

ProhibitDotFilesRead         no



# Don't overwrite files. When a file whose name already exist is uploaded,
# it gets automatically renamed to file.1, file.2, file.3, ...

AutoRename                   no



# Prevent anonymous users from uploading new files (no = upload is allowed)

AnonymousCantUpload         yes



# Only connections to this specific IP address are allowed to be
# non-anonymous. You can use this directive to open several public IPs for
# anonymous FTP, and keep a private firewalled IP for remote administration.
# You can also only allow a non-routable local IP (such as 10.x.x.x) for
# authenticated users, and run a public anon-only FTP server on another IP.

# TrustedIP                    10.1.1.1



# To add the PID to log entries, uncomment the following line.

# LogPID                       yes



# Create an additional log file with transfers logged in a Apache-like format :
# fw.c9x.org - jedi [13/Apr/2017:19:36:39] "GET /ftp/linux.tar.bz2" 200 21809338
# This log file can then be processed by common HTTP traffic analyzers.

AltLog                     clf:/var/log/pureftpd.log



# Create an additional log file with transfers logged in a format optimized
# for statistic reports.

# AltLog                     stats:/var/log/pureftpd.log



# Create an additional log file with transfers logged in the standard W3C
# format (compatible with many HTTP log analyzers)

# AltLog                     w3c:/var/log/pureftpd.log



# Disallow the CHMOD command. Users cannot change perms of their own files.

# NoChmod                      yes



# Allow users to resume/upload files, but *NOT* to delete them.

# KeepAllFiles                 yes



# Automatically create home directories if they are missing

# CreateHomeDir                yes



# Enable virtual quotas. The first value is the max number of files.
# The second value is the maximum size, in megabytes.
# So 1000:10 limits every user to 1000 files and 10 MB.

# Quota                        1000:10



# If your pure-ftpd has been compiled with standalone support, you can change
# the location of the pid file. The default is /var/run/pure-ftpd.pid

#PIDFile                     /var/run/pure-ftpd.pid



# If your pure-ftpd has been compiled with pure-uploadscript support,
# this will make pure-ftpd write info about new uploads to
# /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
# spawn a script to handle the upload.
# Don't enable this option if you don't actually use pure-uploadscript.

# CallUploadScript             yes



# This option is useful on servers where anonymous upload is
# allowed. When the partition is more that percententage full,
# new uploads are disallowed.

MaxDiskUsage                   99



# Set to 'yes' to prevent users from renaming files.

# NoRename                     yes



# Be 'customer proof': forbids common customer mistakes such as
# 'chmod 0 public_html', that are valid, but can cause customers to
# unintentionally shoot themselves in the foot.

CustomerProof                yes



# Per-user concurrency limits. Will only work if the FTP server has
# been compiled with --with-peruserlimits.
# Format is: <max sessions per user>:<max anonymous sessions>
# For example, 3:20 means that an authenticated user can have up to 3 active
# sessions, and that up to 20 anonymous sessions are allowed.

# PerUserLimits                3:20



# When a file is uploaded and there was already a previous version of the file
# with the same name, the old file will neither get removed nor truncated.
# The file will be stored under a temporary name and once the upload is
# complete, it will be atomically renamed. For example, when a large PHP
# script is being uploaded, the web server will keep serving the old version and
# later switch to the new one as soon as the full file will have been
# transferred. This option is incompatible with virtual quotas.

# NoTruncate                   yes



# This option accepts three values:
# 0: disable SSL/TLS encryption layer (default).
# 1: accept both cleartext and encrypted sessions.
# 2: refuse connections that don't use the TLS security mechanism,
#    including anonymous sessions.
# Do _not_ uncomment this blindly. Double check that:
# 1) The server has been compiled with TLS support (--with-tls),
# 2) A valid certificate is in place,
# 3) Only compatible clients will log in.

# TLS                          1


# Cipher suite for TLS sessions.
# The default suite is secure and setting this property is usually
# only required to *lower* the security to cope with legacy clients.
# Prefix with -C: in order to require valid client certificates.
# If -C: is used, make sure that clients' public keys are present on
# the server.

# TLSCipherSuite               HIGH



# Certificate file, for TLS

# CertFile                     /etc/ssl/private/pure-ftpd.pem



# Listen only to IPv4 addresses in standalone mode (ie. disable IPv6)
# By default, both IPv4 and IPv6 are enabled.

# IPV4Only                     yes



# Listen only to IPv6 addresses in standalone mode (i.e. disable IPv4)
# By default, both IPv4 and IPv6 are enabled.

# IPV6Only                     yes



# UTF-8 support for file names (RFC 2640)
# Set the charset of the server filesystem and optionally the default charset
# for remote clients that don't use UTF-8.
# Works only if pure-ftpd has been compiled with --with-rfc2640

# FileSystemCharset                big5
# ClientCharset                    big5
TLS 1
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3
CertFile /etc/pki/tls/private/hostname.pem

Thanks.

29
FTP / Re: Error when enable jailkit to a user
« on: June 18, 2021, 05:01:12 AM »
After reviewing for days, I can figure out to fix the symlink of /home/[user] to /home/jail/[user]/home/[user] in cse jailkit failed to be enabled for a user.

Everytime we enable jailkit for a user, it will add a new line in
Code: [Select]
/etc/fstab/the new line is like this
Code: [Select]
/home/[user_cwp] /home/jail/[user_cwp]/home/[user_cwp] none bind,nobootwait 0 0
And it also automatically create file
Code: [Select]
/run/systemd/generator/home-jail-[user_cwp]-home-[user_cwp].mount
/run/systemd/generator/local-fs.target.requires/home-jail-[user_cwp]-home-[user_cwp].mount that symlink to /run/systemd/generator/home-jail-[user_cwp]-home-[user_cwp].mount

It causes we cant remove /home/jail/user when we do not use jailkit anymore. And everytime we reboot the server, the /home/jail/user will be created automatically.

So, to fix this issue, just follow this step
Code: [Select]
rm -rf /run/systemd/generator/home-jail-[user_cwp]-home-[user_cwp].mount
rm /run/systemd/generator/local-fs.target.requires/home-jail-[user_cwp]-home-[user_cwp].mount to remove the symlink
vi /etc/fstab
add comment (#) before /home/[user_cwp] /home/jail/[user_cwp]/home/[user_cwp] none bind,nobootwait 0 0 or delete that line
reboot server

Now /hom/jail/[user] will not exist anymore.
Remember, it just in case jailkit error when enabling for a user. You do not need to do this if jailkit is enabled successfully. It it enabled successfully, it will remove the line at /etc/fstab/ and /home/jail/[used] when you disable jailkit for that user.

Hope it helps.


30
FTP / Re: Enabling FTPs or FPTes
« on: June 18, 2021, 04:23:26 AM »
Dear Joseph,

Thanks for your help.
I have checked my pure-ftpd.conf.
The line
Code: [Select]
CertFile                     /etc/ssl/private/pure-ftpd.pem
CertFileAndKey               "/etc/pure-ftpd.pem" "/etc/pure-ftpd.key"
is not same with mine.
My conf file contains:

Code: [Select]
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3
CertFile /etc/pki/tls/private/hostname.pem

There is no line:
Code: [Select]
CertFileAndKey               "/etc/pure-ftpd.pem" "/etc/pure-ftpd.key"
And these files do not exist in my vps:
Quote
/etc/ssl/private/pure-ftpd.pem
/etc/pure-ftpd.pem
/etc/pure-ftpd.key

What should I do? And should TLSCipherSuite need to be changed to TLS 1.2?

Thanks.

Pages: 1 [2] 3 4