Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - pcready.cl

Pages: 1 [2] 3
16
CentOS-WebPanel Bugs / Re: CSF/LDF + MODSEC dont work!!!
« on: April 25, 2017, 05:24:17 AM »
żż??

17
CentOS-WebPanel Bugs / Re: CWP7-PRO ClamAV Error every 3 hours
« on: April 13, 2017, 10:47:09 PM »
simply disable that cron, since cwp will keep clam updated

Thx.

18
CentOS-WebPanel Bugs / Re: CWP7-PRO ClamAV Error every 3 hours
« on: April 13, 2017, 02:39:45 PM »
any?

19
CentOS-WebPanel Bugs / Re: Default HTTP Test Page won't change
« on: April 13, 2017, 02:38:21 PM »
Hi Thanks for replying.
Yes, I know that, but I edited the master one so each new user should get the same new default page which is located /usr/local/apache/htdos/index.html , is that correct?
The problem is that eventhough I have edited the original master test page, new users still get the old one.
I hope it makes sense.
Regards,
Steven

same here!

20
CentOS-WebPanel Bugs / CWP7-PRO ClamAV Error every 3 hours
« on: April 12, 2017, 05:13:03 AM »
In my CWP7-PRO every 3 hours I get the following message by email:

Code: [Select]
Subjet: Cron <root@vmi107131> /usr/share/clamav/freshclam-sleep
Code: [Select]
WARNING: update of clamav database is disabled; please see
  '/etc/sysconfig/freshclam'
  for information how to enable the periodic update resp. how to turn
  off this message.

How can I fix this, thank you.

21
CentOS-WebPanel Bugs / Re: CSF/LDF + MODSEC dont work!!!
« on: April 12, 2017, 04:54:40 AM »
all should work fine in centos 7 including firewall, you need to specify all details (errors) when asking questions about some possible issue.

In CWP6-PRO CSF / LFD + MODSEC blocks attacks through logging in "/usr/local/apache/logs/error_log"

With this setting in "/etc/csf/csf.conf"

Code: [Select]
# [*]Enable failure detection of repeated Apache mod_security rule triggers
LF_MODSEC = "3"
LF_MODSEC_PERM = "1"
HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"

MODSEC CWP6-PRO errors are mirrored in this way and blocks them perfectly in CSF + LDF

Code: [Select]
[Tue Apr 11 22:03:04 2017] [error] [client 171.5.3.224] ModSecurity: Access denied with code 403 (phase 2). Pattern match "/wp-login.php" at REQUEST_URI. [file "/usr/local/apache/userdata/pcrcl/pcready.cl/modsec.conf"] [line "1"] [id "17265002"] [hostname "www.pcready.cl"] [uri "/wp-login.php"] [unique_id "WO18yH8AAAEAACmefUIAAAAF"]
In CWP7-PRO I have exactly the same configuration as in CWP6-PRO in "/etc/csf/csf.conf", this is my configuration in CWP7-PRO

Code: [Select]
# [*]Enable failure detection of repeated Apache mod_security rule triggers
LF_MODSEC = "3"
LF_MODSEC_PERM = "1"
HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"

But the CWP7-PRO errors of MODSEC are reflected in this way and do not block them

Code: [Select]
[Wed Apr 12 01:40:37.485934 2017] [:error] [pid 28383:tid 139994855077632] [client 201.214.115.114:30016] [client 201.214.115.114] ModSecurity: Access denied with code 403 (phase 2). Pattern match "/wp-login.php" at REQUEST_URI. [file "/usr/local/apache/userdata/instruva/instruvalve.cl/modsec.conf"] [line "15"] [id "17265002"] [hostname "www.instruvalve.cl"] [uri "/wp-login.php"] [unique_id "WO2vxQW9kbkAAG7fYFsAAABA"]
There is a clear difference in how the log is reflected in "/usr/local/apache/logs/error_log" maybe that's why it is not able to detect the errors and block them

The rule in CWP6-PRO and CWP7-PRO is exactly the same, but only works in CWP6-PRO.

Look for information and some people talked about the forna in which the text was read from the log, if it did not contain a recognizable "regex" for "CSF + LFD" it would not block it, since it would not be able to interpret it correctly to extract information.

But CSF + LFD if it is working because it blocks the SSH and FTP errors, the problem is only with MODSEC.

If you need any other information do not hesitate to ask me please.

Can you help me please, thank you.

22
CentOS-WebPanel Bugs / Re: CSF/LDF + MODSEC dont work!!!
« on: April 11, 2017, 04:56:11 PM »
I have read that there are problems with centos 7 and cwp, so better to use centos 6 and cwp6...
Anyway centos 7 uses to much resources comparing to centos 6, but thats my opinion...

CWP7 Works like a charm, only have this problem.


23
CentOS-WebPanel Bugs / Re: CSF/LDF + MODSEC dont work!!!
« on: April 11, 2017, 07:38:05 AM »
any?

24
CentOS-WebPanel Bugs / CSF/LDF + MODSEC dont work!!!
« on: March 29, 2017, 07:48:28 AM »
I have CWPPRO version 7 and the locks with the CSF / LDF firewall do not work

In my CWPPRO 6 they work perfectly, compare some configurations with the new CWP7 and it looks all the same, can you help me please.

25
I have same problem with a Centos7

CWPpro version: 0.9.8.289

I need a solution, thx!

26
Installation / CWP Centos 7 - clam 100% CPU
« on: March 05, 2017, 03:29:54 AM »
I have a new installation of CWP Centos 7 and clam uses me 100% of the CPU, if I stop it I receive no mails in the domains, the clam service opens and closes processes since the pid according to "top" constantly changes.

In postfix I get the following error:

Code: [Select]
Mar  5 00:19:11 vmi107131 clamd[4954]: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
Mar  5 00:19:12 vmi107131 clamd[4968]: Received 0 file descriptor(s) from systemd.
Mar  5 00:19:12 vmi107131 clamd[4968]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mar  5 00:19:12 vmi107131 clamd[4968]: Running as user amavis (UID 989, GID 988)
Mar  5 00:19:12 vmi107131 clamd[4968]: Log file size limited to 1048576 bytes.
Mar  5 00:19:12 vmi107131 clamd[4968]: Reading databases from /var/lib/clamav
Mar  5 00:19:12 vmi107131 clamd[4968]: Not loading PUA signatures.
Mar  5 00:19:12 vmi107131 clamd[4968]: Bytecode: Security mode set to "TrustSigned".
Mar  5 00:19:21 vmi107131 clamd[4968]: Loaded 5939026 signatures.
Mar  5 00:19:23 vmi107131 clamd[4968]: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
Mar  5 00:19:23 vmi107131 clamd[4987]: Received 0 file descriptor(s) from systemd.
Mar  5 00:19:23 vmi107131 clamd[4987]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mar  5 00:19:23 vmi107131 clamd[4987]: Running as user amavis (UID 989, GID 988)
Mar  5 00:19:23 vmi107131 clamd[4987]: Log file size limited to 1048576 bytes.
Mar  5 00:19:23 vmi107131 clamd[4987]: Reading databases from /var/lib/clamav
Mar  5 00:19:23 vmi107131 clamd[4987]: Not loading PUA signatures.
Mar  5 00:19:23 vmi107131 clamd[4987]: Bytecode: Security mode set to "TrustSigned".
Mar  5 00:19:33 vmi107131 clamd[4987]: Loaded 5939026 signatures.
Mar  5 00:19:34 vmi107131 clamd[4987]: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
Mar  5 00:19:35 vmi107131 clamd[4997]: Received 0 file descriptor(s) from systemd.
Mar  5 00:19:35 vmi107131 clamd[4997]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mar  5 00:19:35 vmi107131 clamd[4997]: Running as user amavis (UID 989, GID 988)
Mar  5 00:19:35 vmi107131 clamd[4997]: Log file size limited to 1048576 bytes.
Mar  5 00:19:35 vmi107131 clamd[4997]: Reading databases from /var/lib/clamav
Mar  5 00:19:35 vmi107131 clamd[4997]: Not loading PUA signatures.
Mar  5 00:19:35 vmi107131 clamd[4997]: Bytecode: Security mode set to "TrustSigned".
Mar  5 00:19:44 vmi107131 clamd[4997]: Loaded 5939026 signatures.
Mar  5 00:19:45 vmi107131 clamd[4997]: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
Mar  5 00:19:46 vmi107131 clamd[5008]: Received 0 file descriptor(s) from systemd.
Mar  5 00:19:46 vmi107131 clamd[5008]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mar  5 00:19:46 vmi107131 clamd[5008]: Running as user amavis (UID 989, GID 988)
Mar  5 00:19:46 vmi107131 clamd[5008]: Log file size limited to 1048576 bytes.
Mar  5 00:19:46 vmi107131 clamd[5008]: Reading databases from /var/lib/clamav
Mar  5 00:19:46 vmi107131 clamd[5008]: Not loading PUA signatures.
Mar  5 00:19:46 vmi107131 clamd[5008]: Bytecode: Security mode set to "TrustSigned".
Mar  5 00:19:55 vmi107131 clamd[5008]: Loaded 5939026 signatures.
Mar  5 00:19:56 vmi107131 clamd[5008]: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
Mar  5 00:19:57 vmi107131 clamd[5019]: Received 0 file descriptor(s) from systemd.
Mar  5 00:19:57 vmi107131 clamd[5019]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mar  5 00:19:57 vmi107131 clamd[5019]: Running as user amavis (UID 989, GID 988)
Mar  5 00:19:57 vmi107131 clamd[5019]: Log file size limited to 1048576 bytes.
Mar  5 00:19:57 vmi107131 clamd[5019]: Reading databases from /var/lib/clamav
Mar  5 00:19:57 vmi107131 clamd[5019]: Not loading PUA signatures.

And every 3 hours I get the following email:

Code: [Select]
Cron <root@vmi107131> /usr/share/clamav/freshclam-sleep

WARNING: update of clamav database is disabled; please see
  '/etc/sysconfig/freshclam'
  for information how to enable the periodic update resp. how to turn
  off this message.

The installation is with CWP7PRO and I need to leave the server stably. I have another VPS with the CWP6PRO version and it works without any problem, I do not want to go back to version 6 in my new VPS, I need help from the developer.

27
Updates / Webmail Blank Page
« on: February 08, 2017, 02:58:19 AM »
I have version 0.9.8.151, after this last update the webmail stopped working.

Try installing it via manual by following this guide:
https://blog.bullten.com/upgrading-roundcube-in-centos-web-panel/

And it gives me the following error:
[root@vps roundcubemail-1.2.3]# bin/installto.sh /usr/local/apache/htdocs/roundcube
PHP Fatal error:  Class 'PEAR' not found in /tmp/roundcubemail-1.2.3/program/lib/Roundcube/bootstrap.php on line 103

I need a solution please, I have the PRO version of CWP.

28
Updates / Re: Update for openSSL is important!
« on: December 12, 2016, 05:05:51 AM »
Just to update - I have manually compiled and updated OpenSSL on a CentOS 6.8 - using the following steps (ofcourse you need root priviledges on the server) -

1. Download LTS version of OpenSSL:

# cd /usr/src
# wget https://www.openssl.org/source/openssl-1.0.2j.tar.gz
# tar -zxf openssl-1.0.2j.tar.gz

2. Manually compile & upgrade / install OpenSSL:

# cd openssl-1.0.2j
# ./config
# make
# make test
# make install

4. Copy OpenSSL files:

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

5. Verify installed version of OpenSSL

# openssl version

dont work for me...

29
Works for me and verson 1.2.3

30
Backup / Re: Daily backup...
« on: November 24, 2016, 07:08:03 AM »
Error still shows in email... strange password from cnf works fine when I login from terminal  :o

same issue here! after install mariadb

Pages: 1 [2] 3