Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - overseer

Pages: 1 ... 100 101 [102] 103 104 ... 127
1516
Information / Re: PHOTO ATTACHEMENTS
« on: May 13, 2023, 12:53:54 PM »
No, it's not the same. It's called a workaround.

It's probably a conscious choice of the devs because image files can be a vector for security exploits -- and lord knows this forum software is vulnerable, being so far out of date!

1517
Updates / Re: Python and CWP
« on: May 13, 2023, 12:47:48 PM »
I answered in your other thread... best not to double-post, even in your distress!

1518
Information / Re: Python and CWP
« on: May 13, 2023, 12:47:00 PM »
Can you login to the server via SSH and roll things back with yum?

1520
Have you tried an experiment of running this under CentOS 7? It's the better supported platform than CentOS 8...

1521
CentOS 8 Problems / Re: discord bot nodejs
« on: May 13, 2023, 02:35:53 AM »
A lack of replies here usually indicates too specialized of a request, probably not pertaining to CWP specifically. You may want to just Google your subject and find some approximate guide -- it should be easily adaptable to the CWP platform (CentOS + LAMP server stack).

1522
CentOS-WebPanel Bugs / Re: Cronjob not added from user panel
« on: May 13, 2023, 02:32:55 AM »
It's not actually a make-or-break feature for me, as most end users don't know what a cron job is! I prefer it be kept to the admin side with root access. I'm always glad to set up cron jobs if necessary for users who ask me for support -- and that way I can vet the task and make sure it is necessary and runs most efficiently, rather than needlessly often or with resource intensive tasks running at bad times of day. I'm remembering back to my cPanel days when user cronjobs were decidedly NOT a panacea!

1523
Information / Re: PHOTO ATTACHEMENTS
« on: May 13, 2023, 02:26:26 AM »
I'm just here to help. Literally. I just want to contribute back to the community and offer whatever shared experience I can. I mostly use this forum as personal documentation for what I've discovered while setting up my several CWP servers. That way I can refer back to my own posts as I set up more servers. Not to mention gleaning from others' solutions and experiences, and occasionally tapping into advice from the devs/staff that frequent the forum. This is a valuable resource and I hope to keep up interest in it and offer free support to anyone coming with questions I may be able to answer.

My greatest concern with the forum is not about image attachments or custom avatars -- it's more that the forum software is years out of date and subject to security vulnerabilities. I wanted to put out the offer to the staff if they need any help upgrading to the latest Simple Machines release, I would be glad to contribute. (If even to fork a copy of the current forum and do a testbed upgrade to ensure that an upgrade to current levels would go smoothly, I could offer that.)

1524
Likewise, turn off SMTP AUTH failure notices or you will be bothered to death by all the script kiddies (and Chinese nationals) attempting various username:password combos.

Edit /etc/csf/csf.conf
Code: [Select]
LF_PERMBLOCK_ALERT = "0"

1525
CentOS 7 Problems / Re: Fix permissions
« on: May 12, 2023, 01:48:51 PM »
Well, obviously I've never tried this, but you could try it...
Boot off of a rescue image or bootable USB stick. Mount your drive and run these commands:
Code: [Select]
chmod 0700 -R /root/.ssh
chown root -R /
chmod 755 -R /
Reboot the system normally, login as root and run this to reset permissions:
Code: [Select]
for p in $(rpm -qa); do rpm --setperms $p; done
for p in $(rpm -qa); do rpm --setugids $p; done
Good luck!

1526
Again, same advice applies -- if you don't need to run Redis, disable it. If you need to run it, add it to the CSF/LDF pignore file. When I was first setting up CWP servers, I had to add several processes to the pignore file, as I was being bothered to death by several message types. I also had to increase the IMAP authentication failure block thresholds, as users would often shoot themselves in the foot with bad authentication plugged into their mail clients -- resulting in their IP getting blocked. Thank you Thunderbird for the ridiculous every 5 min mailbox checking default! (In the days before push notifications, there was POP...)

1527
Installation / Re: Fresh install has MariaDB error. How to resolve?
« on: May 12, 2023, 01:34:26 PM »
Definitely go for 10.6 -- a long term release. I am running it everywhere, very stable. And don't forget to run mysql_secure_installation afterward.

1528
Information / Re: So what's the verdict on AlmaLinux?
« on: May 12, 2023, 01:32:31 PM »
AlmaLinux is my plan for when CentOS 7.9 goes fully EOL in 2024. Others have said it is generally very stable, has good migration, and is less "rocky" than some other distributions... ;)

1529
Information / Re: Reduce server response time [Anyone Else?]
« on: May 11, 2023, 01:25:48 PM »
Varnish is only needed if you need to milk every drop of performance out of your server -- but be advised you will need to create a custom .vcl config for your particular use case. Whatever CMS or engine you employ for your site, it will need proper tuning. It's not an impossible task, but probably not beginner level and generally not necessary unless your site is large or database-heavy where it would benefit from varnish's particular caching. Otherwise, if running WP -- by all means use a caching plugin, just be watchful for security vulnerabilities that crop up from time to time. Stay up to date with your plugins. If you use Cloudflare as your infrastructure provider (as I do), make use of their available CMS resource. You may want to consider making use of Cloudflare's specific $5/mo WP plan for maximum performance.

1530
Installation / Re: How to improve site speed and security
« on: May 11, 2023, 01:19:46 PM »
Agreed with the Nginx recommendation -- it will offer you more "bang for your buck" in terms of being more performant than Apache. But it will add some complexity to your configuration and will not allow customers to use .htaccess files -- so you will need to translate any .htaccess directives from Apache syntax over to an Nginx equivalent.

If you do go with mod_security, I would recommend starting with the Comodo ruleset (available in CWP Pro). It is more beginner-friendly and less prone to generating false positives.

Pages: 1 ... 100 101 [102] 103 104 ... 127