Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
181
CentOS Configuration / Re: server time : timezone not applied
« on: April 05, 2022, 04:55:04 AM »
According to what your showing, the Cron Job is running as UTC time instead of your local time. By chance is your system a VSP running OpenVZ? From Shell run "date" command to get the system time (which is normally used for cron).
182
iptables / Re: ssh brute force attacks to random ports/users
« on: April 01, 2022, 03:18:23 PM »
Your firewall is working as intended. Bots/Hackers are going to attempt to access your server 24/7. We all deal with it. But if you don't throttle them by temp banning, you are giving them every opportunity to compromise your system with a dictionary attack.
Best option is to use certificate based access through SSH, shut off password access, and just ignore the log unless something happens.
Best option is to use certificate based access through SSH, shut off password access, and just ignore the log unless something happens.
183
Information / Re: Bandwidth limit and site suspension
« on: April 01, 2022, 03:10:31 PM »
log into ssh
mysql
update root_cwp.user set bandwidth="0" where username="{username}";
Then unsuspend the account
mysql
update root_cwp.user set bandwidth="0" where username="{username}";
Then unsuspend the account
184
Information / Re: Bandwidth limit and site suspension
« on: April 01, 2022, 12:53:33 PM »
/admin/index.php?module=packages
Create a new package with an increased bandwidth to assign to the account that keeps getting suspended.
Create a new package with an increased bandwidth to assign to the account that keeps getting suspended.
185
iptables / Re: ssh brute force attacks to random ports/users
« on: April 01, 2022, 12:50:36 PM »
Using a firewall is required, but so long as the port is open, you are subject to brute force attacks. Hence why I say using a iptables firewall manager such as CSF/LFD.
The software does the same thing you are doing manually, except it can monitor the log files and set bans on IP's that are trying to brute force.
IF you want to exclusively use cloudflare, you could open those ports to ONLY cloudflare's IP Range, and shut it off to everything else.
CWP supports the software it bundles, not every underlying software that comes with it. You can try the paid support, but I'm afraid you'll receive the same response.
I'm sorry, but the only two solutions I can give are either use CSF/LFD with automated banning, or close the firewall to everything but cloudflare and select IP's. Any other solution is out of the scope of this forum. Thank you for understanding.
The software does the same thing you are doing manually, except it can monitor the log files and set bans on IP's that are trying to brute force.
IF you want to exclusively use cloudflare, you could open those ports to ONLY cloudflare's IP Range, and shut it off to everything else.
CWP supports the software it bundles, not every underlying software that comes with it. You can try the paid support, but I'm afraid you'll receive the same response.
I'm sorry, but the only two solutions I can give are either use CSF/LFD with automated banning, or close the firewall to everything but cloudflare and select IP's. Any other solution is out of the scope of this forum. Thank you for understanding.
186
CentOS Configuration / Re: server time : timezone not applied
« on: April 01, 2022, 12:40:16 PM »187
CentOS 7 Problems / Re: Cannot managed dababase MySQL from CWP7
« on: April 01, 2022, 12:29:12 PM »
Doing a search, that is the only place where the password is set. Have you tried restarting cwpsrv and cwpphp?
/scripts/restart_cwpsrv
Other than that, It would have to be a permission issue with mariadb's access
/scripts/restart_cwpsrv
Other than that, It would have to be a permission issue with mariadb's access
188
CentOS 7 Problems / Re: Cannot managed dababase MySQL from CWP7
« on: March 31, 2022, 12:08:10 PM »
Can you verify that the passwords are the same between
/root/.my.cnf and /usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php
/root/.my.cnf and /usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php
189
CentOS Configuration / Re: server time : timezone not applied
« on: March 31, 2022, 10:28:36 AM »
Not sure what you mean by modified log file, could you please elaborate?
190
How to / Re: [Tutorial] How to install SSL on hostname?
« on: March 31, 2022, 10:26:25 AM »I will add more pictures.
<a href="https://ibb.co/Z6QWv5M"><img src="https://i.ibb.co/VWF2bRq/01.png" alt="01" border="0"></a>
<a href="https://ibb.co/tM2FRLj"><img src="https://i.ibb.co/rGpN9d8/02.png" alt="02" border="0"></a>
<a href="https://ibb.co/8Xfgvrq"><img src="https://i.ibb.co/SJMwYtb/03.png" alt="03" border="0"></a>
2087 and 2083 are handled by the cwp version of nginx itself (/usr/local/cwpsrv/)
Whereas your third picture is run by apache/nginx (Whichever you use).
Do the following:
grep cert /usr/local/cwpsrv/conf/cwpsrv.conf Copy the 2 lines
FOr Apache:
nano /usr/local/apache/conf.d/hostname-ssl.conf
Find all instances of SSLCertificateFile and SSLCertificateKeyFile and point them to the cert above:
For Nignx:
nano /etc/nginx/conf.d/hostname-ssl.conf
Find all Instances of ssl_certificate and ssl_certificate_key and point them to the cert above
After making the changes, systemctl restart httpd and nginx -s reload
191
CentOS 7 Problems / Re: Cannot managed dababase MySQL from CWP7
« on: March 31, 2022, 10:11:17 AM »
Did you change the password using the script /scripts/mysql_pwd_reset?
If not, you need to run it to change the password again.
Otherwise please advise that you did use the script, and we will have to troubleshoot further.
If not, you need to run it to change the password again.
Otherwise please advise that you did use the script, and we will have to troubleshoot further.
192
CentOS Configuration / Re: cron task not executed manually
« on: March 31, 2022, 10:06:12 AM »
Because the button on the webpage invokes the same command that the crontab does. The issue is, that when you add a crontab, it is actually added to the users actual crontab on the system. However, when run manually, PHP tries running the command. Because the code is encrypted, I can't say as to why it doesn't work, but generally PHP uses "exec, system", or one of many commands to perform operations on the system. Generally though, PHP needs you specify full path (Ex: /bin/bash /full/path/to/script.sh), whereas crontab can simply execute the script directly.
That's why I mentioned checking the log. If you don't see anything in those logs, check /usr/local/cwpsrv/logs/ to see if there is anything there.
That's why I mentioned checking the log. If you don't see anything in those logs, check /usr/local/cwpsrv/logs/ to see if there is anything there.
193
iptables / Re: ssh brute force attacks to random ports/users
« on: March 30, 2022, 10:50:39 PM »
You should be using csf firewall /etc/csf/csf.conf
Using iptables directly can cause you serious issues if you do something wrong. Plus using CSF, you have LFD: Look for the below options in csf.conf
RESTRICT_SYSLOG = "3"
LF_SSHD = "5"
LF_SSHD_PERM = "1"
Using iptables directly can cause you serious issues if you do something wrong. Plus using CSF, you have LFD: Look for the below options in csf.conf
RESTRICT_SYSLOG = "3"
LF_SSHD = "5"
LF_SSHD_PERM = "1"
194
iptables / Re: ssh brute force attacks to random ports/users
« on: March 30, 2022, 09:51:25 PM »
fail2ban is your answer
195
CentOS Configuration / Re: cron task not executed manually
« on: March 30, 2022, 09:07:11 AM »
Cron tasks cannot be run manually. When you run the command from php, it's mimicking cron running, but it's actually php running the script. Could be a permission issue as to why it's not running. Check /usr/local/apache/domlogs/(domain).error.log to see why the script doesn't run when executed from web.
