This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1861
Information / Re: Virus on some websites hosted on cwp server
« on: January 07, 2023, 10:36:52 PM »
I've had to clean up web shells and also spam sources on various WordPress installs over the years. This is not uncommon and requires much vigilance, as WordPress is a huge attack vector since it makes up such a large percentage of web sites. Here's a recent article about the latest wave. It ends with some salient advice:
Quote
WordPress plugins have long been a common means for infecting sites. While the security of the main application is fairly robust, many plugins are riddled with vulnerabilities that can lead to infection. Criminals use infected sites to redirect visitors to sites used for phishing, ad fraud, and distributing malware.
People running WordPress sites should ensure that they’re using the most current versions of the main software as well as any plugins. They should prioritize updating any of the plugins listed above.
1862
Information / Re: disk r/w io speed
« on: January 07, 2023, 10:30:12 PM »
50MB/sec is likely from a very loaded RAID array shared amongst many VPS users, using older disk technology. They are likely overselling and over-provisioning users to get as many accounts on a single server as possible. Most providers nowadays are using SSDs unless you need a LOT of online storage, which then makes more sense to use "spinning rust." But then again, I'm running my own servers at a colocation facility, so I have RAID SSDs and backup HDs tuned to my configuration needs! So I/O blocking is not so much an issue for me.
1863
Information / Re: Alma Linux 9 Support ETA?
« on: January 07, 2023, 10:23:15 PM »
Likewise, any updates re: AlmaLinux and RockyLinux support would be appreciated. With just over a year to plan a migration from CentOS 7 before it is EOL (2024.06), I would like to have security knowing I can convert my live systems after testing and they will be largely bug free and fully functional!
1864
Information / Re: CentOS Server Log Files Location
« on: January 07, 2023, 10:20:17 PM »
I would suggest changing all log files to be in the form of logfile_name.log
as you have done with the /var/log/cwp_client_login.log file.
Various log readers handle the files better with a .log extension, making them double-clickable if you download a copy of the log or are tailing it via SSH in a log reader. This pertains to the log files in /usr/local/cwpsrv/logs:
as you have done with the /var/log/cwp_client_login.log file.
Various log readers handle the files better with a .log extension, making them double-clickable if you download a copy of the log or are tailing it via SSH in a log reader. This pertains to the log files in /usr/local/cwpsrv/logs:
Code: [Select]
-rw-r--r-- 1 root root 45026 Jan 7 05:35 2304_access_log
-rw-r--r-- 1 root root 151365 Jan 7 05:35 2304_error_log
-rw-r--r-- 1 root root 568702955 Jan 7 14:13 access_log
-rw-r--r--. 1 root root 420969877 Jan 7 14:13 error_logSimply amend their naming convention:Code: [Select]
-rw-r--r-- 1 root root 45026 Jan 7 05:35 2304_access.log
-rw-r--r-- 1 root root 151365 Jan 7 05:35 2304_error.log
-rw-r--r-- 1 root root 568702955 Jan 7 14:13 access.log
-rw-r--r--. 1 root root 420969877 Jan 7 14:13 error.log
1865
Information / Re: CWP 0.9.8.1147 on AlmaLinux 9.1
« on: January 07, 2023, 10:09:49 PM »
One CentOS 7 server I have uses PHP 7.1.33 just for CWP -- it's not broken, works fine. That way you can update 7.4 for other sites and not risk breaking the web GUI. But now that other servers I have are running PHP 7.4.x for CWP, I'll probably switch that one over, too.
I appreciate anyone posting about their experiences with AlmaLinux and RockyLinux. I'll do a test conversion at some point with a duplicate VM and see what my experience is like. At least we have until June 30th, 2024 before CentOS 7 is EOL.
I appreciate anyone posting about their experiences with AlmaLinux and RockyLinux. I'll do a test conversion at some point with a duplicate VM and see what my experience is like. At least we have until June 30th, 2024 before CentOS 7 is EOL.
1866
Information / Re: Reseller quota limit
« on: January 07, 2023, 10:04:29 PM »
If you have to, you could create 1:1 reseller package to username as a work around.
reseller_01 = user_01
reseller_02 = user_02
And so forth. I am not doing reselling, so I can't test this concretely -- but it should work if not too many accounts!
reseller_01 = user_01
reseller_02 = user_02
And so forth. I am not doing reselling, so I can't test this concretely -- but it should work if not too many accounts!
1867
Information / Re: how to change the username of a hosting account?
« on: January 07, 2023, 10:01:10 PM »
I would have to concur. I have done this on one CWP server for one account and decided it was not worth the trouble for what amounts to a cosmetic label that only you see. The largest gotcha is that you would have to change each of the DB names (and sometimes corresponding table prefixes).
1868
Information / Re: Strange usernames in User Quota section
« on: January 07, 2023, 09:57:57 PM »
Oddly, on 3 different servers, my User Quota section is blank:
?module=user_quota
and suggests editing hosting packages instead:
Your list with UIDs instead of usernames looks like migrated users that don't have a current association on the server. Particularly the #1027 user with the 20GB quota looks to be a migrated GUI user from another system.
?module=user_quota
and suggests editing hosting packages instead:
Quote
User Quota
You can change the user quota by editing packages.
Your list with UIDs instead of usernames looks like migrated users that don't have a current association on the server. Particularly the #1027 user with the 20GB quota looks to be a migrated GUI user from another system.
1869
Information / Re: User or account usage
« on: January 07, 2023, 09:50:16 PM »
User Accounts > List Acccounts
then under the Disk Usage column, click on the More details icon.
then under the Disk Usage column, click on the More details icon.
1870
Scripts / Re: concrete example
« on: January 07, 2023, 09:18:57 PM »
Concrete answer to original poster:
Other examples for the API on this wiki page.
Code: [Select]
/scripts/cwp_api account unsuspend_user USERNAMEOther examples for the API on this wiki page.
1871
Scripts / Re: update_cwp
« on: January 07, 2023, 09:09:04 PM »I there is a fix for this issueCode: [Select][root@server scripts]# sh update_cwpUse a more modern PHP version such as 7.4. If you have some particular need, you could even use PHP 7.1 just for CWP, internal to the server.
update_cwp: line 1: /usr/local/cwp/php54/bin/php: No such file or directory
1872
CentOS-WebPanel GUI / Re: End run
« on: January 07, 2023, 08:15:07 PM »
Okay, this got so tiresome I did an end run around the problem. With uBlock Origin, create a custom filter:
Code: [Select]
! 2023-01-01 https://yourserver.net:2031
yourserver.net##.alert-danger.alertSo you will no longer see any of the alert-danger class of banner notifications, but currently this is the only one I am seeing... YMMV.
1873
CentOS 7 Problems / Re: CWP admin login to white blank page
« on: August 27, 2021, 10:46:23 PM »
So, now just like this other post:
https://forum.centos-webpanel.com/index.php?topic=7380.0
I am seeing the exact same error:
https://forum.centos-webpanel.com/index.php?topic=7380.0
I am seeing the exact same error:
Code: [Select]
sh /scripts/update_cwp
====================================================
============= CentOS Web Panel Cron ================
====================================================
###########################
Firewall Flush Daily Blocks
###########################
######################
Update Server Packages
######################
PHP Warning: mysqli_connect(): (HY000/1045): Access denied for user 'postfix'@'localhost' (using password: YES) in /usr/local/cwpsrv/htdocs/resources/admin/include/functions.php on line 0
PHP Fatal error: Uncaught Error: Call to undefined function mysql_countRows() in /usr/local/cwpsrv/htdocs/resources/admin/include/cron.php:0
Stack trace:
#0 {main}
thrown in /usr/local/cwpsrv/htdocs/resources/admin/include/cron.php on line 0
1874
CentOS 7 Problems / Re: CWP admin login to white blank page
« on: August 27, 2021, 10:21:16 PM »
I am now encountering this exact issue on one of my 3 CWP Pro servers. I can view the hosted websites, login to webmail and via SSH. But attempting to load the CWP Pro Admin panel only shows a blank white screen. Thus far I have been able to determine that the /scripts directory is full of empty files, so it is not possible to do a CWP update by that means:
/usr/local/cwpsrv/htdocs/resources/admin/include/
So the CWP update run via cron will never complete because thie file it calls doesn't exist:
Code: [Select]
ls -al /scripts/scripts
total 12
drwxr-x--- 2 root root 4096 Aug 27 08:23 .
drwxr-x---. 3 root root 4096 Aug 27 08:23 ..
-rwxr-xr-x 1 root root 0 Aug 27 08:23 add_alert
-rwxr-xr-x 1 root root 0 Aug 27 08:23 apache_mpm_calculator
-rwxr-xr-x 1 root root 0 Aug 27 08:23 autossl_fix_tmp_path
-rwxr-xr-x 1 root root 0 Aug 27 08:23 autossl_generate_apache_conf
-rwxr-xr-x 1 root root 0 Aug 27 08:23 autossl_reload
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cgroups_blkio
-rwxr-xr-x 1 root root 0 Aug 27 08:23 check_api
-rwxr-xr-x 1 root root 0 Aug 27 08:23 check_postqueue
-rwxr-xr-x 1 root root 0 Aug 27 08:23 checkdb
-rwxr-xr-x 1 root root 0 Aug 27 08:23 chroot_remove
-rwxr-xr-x 1 root root 0 Aug 27 08:23 clamd_fix_100_cpu_usage
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cpanel_addhandlers
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwp_api
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwp_bruteforce_protection
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwp_monitor
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwp_set_memory_limit
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwp_version
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwpsecure_update_rules
-rwxr-xr-x 1 root root 0 Aug 27 08:23 cwpsrv_rebuild_user_conf
-rwxr-xr-x 1 root root 0 Aug 27 08:23 disk_check
-rwxr-xr-x 1 root root 0 Aug 27 08:23 dns_sync_slave2
-rwxr-xr-x 1 root root 0 Aug 27 08:23 dso_handler_remove
-rwxr-xr-x 1 root root 0 Aug 27 08:23 el8_stream_convert_to_cwp_stable
-rwxr-xr-x 1 root root 0 Aug 27 08:23 generate_hostname_ssl
-rwxr-xr-x 1 root root 0 Aug 27 08:23 hostname_ssl_restart_services
-rwxr-xr-x 1 root root 0 Aug 27 08:23 image_rebuild_server_config
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_acme
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_api
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_cbpolicyd
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_imagick
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_net2ftp
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_netdata
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_pure-ftpd_tls
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_supportKey
-rwxr-xr-x 1 root root 0 Aug 27 08:23 install_terminal
-rwxr-xr-x 1 root root 0 Aug 27 08:23 list_subdomains
-rwxr-xr-x 1 root root 0 Aug 27 08:23 mysql_fix_myisam_tables
-rwxr-xr-x 1 root root 0 Aug 27 08:23 mysql_set_max_connections
-rwxr-xr-x 1 root root 0 Aug 27 08:23 mysql_show_max_connections
-rwxr-xr-x 1 root root 0 Aug 27 08:23 net_show_connections
-rwxr-xr-x 1 root root 0 Aug 27 08:23 open_basedir-suphp
-rwxr-xr-x 1 root root 0 Aug 27 08:23 php_big_file_upload
-rwxr-xr-x 1 root root 0 Aug 27 08:23 reload_cwpsrv
-rwxr-xr-x 1 root root 0 Aug 27 08:23 restart_cwpsrv
-rwxr-xr-x 1 root root 0 Aug 27 08:23 restart_httpd
-rwxr-xr-x 1 root root 0 Aug 27 08:23 security_is_my_server_hacked
-rwxr-xr-x 1 root root 0 Aug 27 08:23 softaculous_fix_update
-rwxr-xr-x 1 root root 0 Aug 27 08:23 stats_goaccess
-rwxr-xr-x 1 root root 0 Aug 27 08:23 system_info
-rwxr-xr-x 1 root root 0 Aug 27 08:23 update_cwp
-rwxr-xr-x 1 root root 0 Aug 27 08:23 upgrade_mysql
-rwxr-xr-x 1 root root 0 Aug 27 08:23 user_backup
-rwxr-xr-x 1 root root 0 Aug 27 08:23 varnish_clear_cache
-rwxr-xr-x 1 root root 0 Aug 27 08:23 whoowns
I SCP'd that directory over from another CWP server. However, seeing that the update_cwp script is calling a cron run of another script, then I noticed that this directory is also empty!/usr/local/cwpsrv/htdocs/resources/admin/include/
So the CWP update run via cron will never complete because thie file it calls doesn't exist:
Code: [Select]
/usr/local/cwp/php71/bin/php -d max_execution_time=1000000 -q /usr/local/cwpsrv/htdocs/resources/admin/include/cron.phpWhat is my best course of recovery? Is there a way to manually re-update CWP without having to start over from scratch?
1875
Information / Re: Your server is NOT running CWP Secure Kernel !!!
« on: October 28, 2020, 03:34:25 AM »
Yes, I read that thread. It was locked, so I couldn't put in my plea to the developers there.
