Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - overseer

Pages: 1 ... 106 107 [108] 109 110 ... 127
1606
Addons / Re: Joomla uninstall remove from addons panel
« on: March 25, 2023, 04:02:55 PM »
Please report this as a bug to the devs so it can get fixed.

1607
Installation / Re: php per domain
« on: March 25, 2023, 04:00:13 PM »
WebServer Settings > WebServers Domain Conf > [Choose username] > Create Configuration
php-fpm option lets you specify PHP version.

1608
How to / Re: Upgrade PhpMyAdmin
« on: March 25, 2023, 03:57:09 PM »
Is the MySQL root password the same as your system root password?

1609
SSL / Re: acme cron error renew
« on: March 25, 2023, 03:55:17 PM »
Confirm there is a validation method (usually webroot) in your conf files for those domains:
/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.conf
/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.csr.conf

You didn't manually edit these files, did you? You could delete the offending domains in CWP under Web Server > SSL Certificates and then re-add them.

1610
CentOS-WebPanel Bugs / Re: nginx 403 cwp
« on: March 25, 2023, 03:50:21 PM »
Nginx logs:
/var/log/nginx/error.log
/var/log/nginx/error.log-2023XXXX

vhost logs:
/usr/local/apache/domlogs/domain.com.log

1611
Apache / Re: URL Masking
« on: March 25, 2023, 03:45:40 PM »
There's no secret sauce with CWP's Apache -- it's pretty vanilla; you just have to have your syntax right. Is this what you are trying to achieve?
https://serverfault.com/questions/506623/masking-the-url-in-a-mod-rewrite

1612
Information / Re: Ebury trojan on all of my CWP servers
« on: March 25, 2023, 09:18:28 AM »
You can quickly check if you are infected with Ebury by checking if the file /usr/lib64/libkeystats.so exists or by running the following command through the console -
Code: [Select]
ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"
I'm sorry, but I don't think your information is accurate here -- on either count. The -G switch for SSH is now legitimate, and the existence of /usr/lib64/libkeystats.so does not prove an Ebury rootkit infection.
just did a complete scan. Took 108 minutes scanning almost half a million files. I dont have it
Have you confirmed that the malware security scanner accurately identifies Ebury? I did that scan but then a manual check -- and note that checking via SSH does not necessarily prove a clean bill of health. You need to check via a local console or else Ebury could alter the results shown via SSH.

1613
SSL / Re: AutoSSL not working
« on: March 25, 2023, 08:00:03 AM »
^ That's why I posted my comment above. I encountered that error before and you have to make sure you are not redirecting the site from HTTP to HTTPS. It needs to negotiate the AutoSSL certificate via (non-SSL) HTTP.

1614
Information / Re: Ebury trojan on all of my CWP servers
« on: March 24, 2023, 03:02:39 AM »
Thanks for highlighting this! No Ebury Trojans here on any of my 3 CWP servers; just one case of Win.Trojan.Hide-1 under one WordPress install, which was promptly exorcised:
Quote
/home/account/public_html/wp-admin/zSROyV.php
Win.Trojan.Hide-1

1615
New Modules / Re: [Module] Track E-mail Delivery
« on: March 20, 2023, 03:46:29 AM »
Great! This could be very handy when a customer asks me about mail delivery issues. Save some log sifting, for sure!

1616
DKIM / Re: How to implement 2048 bit DKIM keys on CWP servers.
« on: March 20, 2023, 03:44:53 AM »
The takeaway from that tutorial I linked to was to use opendkim-genkey with the -b bits option:
Quote
       -b bits
              (--bits=n)  Specifies  the size of the key, in bits, to be generated.  The upstream
              default is 1024 which is the value recommended by the DKIM  specification,  but  in
              Debian the default is 2048 based on more current recommendations such as those from
              NIST 800-177.
So,
Code: [Select]
opendkim-genkey -b 2048is what you are looking for...

1617
Information / Re: remote backup to house
« on: March 20, 2023, 03:39:48 AM »
I prefer a TrueNAS box for this as a target for DR (disaster recovery) -- there's nothing as good as a ZFS send, especially compared to rsync. I don't really trust home routers with USB ports to have high availability or acceptable performance. I see it as an afterthought or "gee whiz" feature. Maybe the Apple TimeCapsule devices are more solid by design, but even Western Digital's MyCloud NAS left a LOT to be desired (performance, security, etc. were sorely lacking). I have several Netgear Nighthawks with USB3.0 ports, but I must confess I've never even tried out that feature. But I'm sure you could find anecdotal experiences online, as well was benchmarks.

1618
CentOS-WebPanel Bugs / Re: 2FA not working
« on: March 18, 2023, 06:09:23 AM »
Is there a bug? Yes, at least one.
Does it work for you? No, that's why I'm not currently using it.
Hopefully in the future...

1619
E-Mail / Re: DMARC /DNS Record Published
« on: March 18, 2023, 06:04:23 AM »
Quote
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email, email scams and other cyber threat activities.
DMARC is not an essential DNS record for mail delivery -- it mostly is to prevent spoofing of your domain. For proper mail delivery, you will need an A record and an MX record; an SPF TXT record is also highly recommended. And any more, a PTR (reverse DNS) record is essential for credibility with other mail servers. This is put in place by your hosting provider or ISP, whoever controls the IP space you use.

1620
Installation / Re: mail server only
« on: March 18, 2023, 03:16:26 AM »
This way, you may also create a script that will manually renew the certificate without using http-verification method
Under a normal system, you would look at /etc/letsencrypt/renewal/domain.com.conf
and you set 
Code: [Select]
authenticator = dns-cloudflareand it works flawlessly with their token authentication. No need for a custom renewal script, in my experience. Under CWP, it looks as though you would need to edit:
Code: [Select]
/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.conf
/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.csr.conf

Pages: 1 ... 106 107 [108] 109 110 ... 127