Messages

151

Updates / Re: pwnkit exploit

« on: January 31, 2022, 11:34:57 AM »

"dnf update poolkit" doesnt bring up any new version at the moment for Centos 8 Stream
@devs, Is there something we should manually do?

152

CentOS 7 Problems / Re: Can't start nginx or apache after updatig

« on: January 31, 2022, 11:32:48 AM »

Then my lesson is not to install the next updates but to wait a while before doing so

Yeah, that's also not a good idea, because the way the CWP code is written, it will be not possible to update it yourself if you haven't updated it for a long time.

I would assume your error is that you did some changes to the default templates, or directly into the vhost configurations and then updated CWP and it broke. Am I correct in this assumption?

153

CentOS-WebPanel GUI / Re: cwp pro web gui widgets problem. service status widget problem

« on: January 31, 2022, 11:29:44 AM »

i try to post screenshot here .
i can not embeed it
can you tell me how can I embeed screenshot here ?

you can't actually. You need to use a reputable image site like gyazo, Imgur, TinyPic, or postimages.
Gyazo is the easiest because you can download the program and you can use it to take a screenshot and it will automatically upload it for you and give you a link, and if you have an account with them, you can also choose to delete these images if you want.

154

CentOS-WebPanel GUI / Re: cwp pro web gui widgets problem. service status widget problem

« on: January 30, 2022, 06:02:09 PM »

hello
is there problem with gui ? cant see e-mail spam widgets on service status ?
i try to reset widget positions. clear browser cache. same.
https://sgw21nf.sharing.bublup.com/ui/landing_page?item_id=001-i-a8e59e85-a219-42aa-bf17-122bb4142048
https://sgw21nf.sharing.bublup.com/ui/landing_page?item_id=001-i-570f9825-aa19-478a-ad76-434730f17478

please use reputable image sharing sites. What kind of random URL is this for an image... I was hesitant for a moment.

As to your question:
There is no "email spam widget" on CWP. What gave you the idea that it exists?

155

MySQL / Re: Security & Optimization Check Feature disable

« on: January 29, 2022, 10:40:11 PM »

in old version, i was able use this function.
but after the MySQL page changed i couldnt use it..
how can I use mysqltuner?

Code: [Select]

cd /root
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl
vim mysqltuner.pledit line 76 and 77 by adding root and mysql root password and save the file so you dont have to write it every time you want to run the script.
Make it an executable:

Code: [Select]

chmod +x mysqltuner.pl
To run the script

Code: [Select]

./mysqltuner.pl

156

CentOS 7 Problems / Re: OpenSSL 1.1.1 use with php

« on: January 28, 2022, 08:53:26 PM »

My Centos 8 Stream installed openssl 1.1.1 at the setup of Centos itself. My php is using it.
But why don't you install openssl with yum and then recompile php normally with its original configuration?

157

Apache / Re: Apache stop working services

« on: January 28, 2022, 12:32:12 PM »

Hi !
i have problem with apache service stop working and i have this error

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

How to fix ?

This "error" message is telling you how to find the error message..
Login with ssh and run the first command or just click the "Show journalctl output" inside the status page of the service at CWP

158

CentOS 7 Problems / Re: Can't start nginx or apache after updatig

« on: January 28, 2022, 12:19:54 PM »

Hi guys, after latest updatinf of my centos now I can't start apacher or nginx

How to solve that or roll back to old settings?

Regards

what's the error message???

159

CentOS-WebPanel Bugs / Re: In client panel "Fix Account Issues" not working

« on: January 27, 2022, 10:29:29 PM »

Yes I was talking about select from the pre-made templates not create a custom one, only select between some pre-made templates

Yes, that sounds like a nice idea.

160

CSF Firewall / Re: Make Fail2ban puts its bans on CSF banlist

« on: January 27, 2022, 08:51:00 PM »

Fail2ban is easier to use with just quick enabling the needed filters, hence why I went for it as an extra layer of protection.
I also found a way to make it use csf for the banning/unbanning action.

vim /etc/fail2ban/action.d/csf.conf
Content:

Code: [Select]

# fail2ban action config for csf deny / unblock IP
# /etc/fail2ban/action.d/csf.conf

[Definition]
actionstart =
actionstop =
actioncheck =

# It almost doesn't matter which of the below actionban command you use,
# as Fail2ban will issue an unban when the bantime is over.

# to deny an IP and add to /etc/csf/csf.deny
# Permanent block according to CSF. Fail2ban will unblock when bantime is over.
# This is safer option if you have a mix of temp and permanent block filters.
actionban = csf -d <ip> Fail2Ban - <name>

# to "temporarily" deny an IP and add it to /var/lib/csf/csf.tempban
# If all of your filters are set to temp blocks, then use this instead.
#actionban = csf -td <ip> <bantime> -p <port> Fail2ban - <name>

# to unblock an IP and remove from /etc/csf/csf.deny or /var/lib/csf/csf.tempban
actionunban = csf -tr <ip>

[Init]
name = default


161

CentOS-WebPanel Bugs / Re: In client panel "Fix Account Issues" not working

« on: January 27, 2022, 03:01:26 PM »

Thank you for your report.
This is fixed for our next version

Perfect, thank you.

I have only a question do you plan to add to the client panel any way to edit the apache/nginx template used by a domain? For example a Laravel website required a different root folder and I need to do that everytime from my admin panel, I don't know if this can cause any security issue or not it's only a question.

if the user can choose from the pre-made templates yes, but editing them, no. i believe this would be a major security issue. All the work an administrator have done to secure unauthorized use of htaccess and php can be undone if the user can edit the content of the templates

162

CentOS-WebPanel Bugs / Re: [bug] UserPanel "Unlocked" button unresponsive

« on: January 27, 2022, 02:55:37 PM »

Case solved, it will be available for you in our next version

thank you

163

Updates / Re: CVE-2021-45466

« on: January 27, 2022, 10:48:10 AM »

If you know how we can remove these files... will help.

I was thinking of connecting to the server through the emergency console and delete the files. I can't think of some other way.

Anyway, before we take any actions, I think that the developers should give us an answer to this.

You can delete the files with:
To unlock the file:

Code: [Select]

chattr -i fileTo delete:

Code: [Select]

rm file
but dont do it yet. I'm waiting for the devs to say something as well

164

CentOS-WebPanel Bugs / Re: [bug] UserPanel "Unlocked" button unresponsive

« on: January 26, 2022, 11:07:55 PM »

I have new update onto how this bug comes into existence.

- Go to the Features, Themes, Languages
- Create a new feature by giving it a name, choose Type: package and select a package that users are using. Then Select "Mark All" and save.
- Login into user panel and try to click on the "lock" button. It's now bugged.

The above steps were done on my test server and CWP demo server. Both had the lock button working and then broke after configuring the "Features".

I could not find a way to remove this bug. I tried to remove the Feature Packages and it didn't help.

Edit:
Small new info: Deleting the Feature Package and wait for around 10-15 minutes (cache?) and then try to check on the button again, it will work again. Tested on demo panel.

165

CentOS-WebPanel Bugs / Re: Problem with VARNISH config files .... and CWP update to new version

« on: January 26, 2022, 08:17:51 PM »

This is an intended and normal behavior. CWP devs has constantly said  NOT edit the default templates (tpl and stpl). You need to clone a template, give it a new name and then edit it, then use the new template that you have made.

https://wiki.centos-webpanel.com/webservers-vhost-templates