Messages

196

CentOS-WebPanel GUI / Re: Admin panel editor is bugged

« on: January 17, 2022, 06:35:22 PM »

Hello does this PhpDefender issue exist on the current version??

With current version of 0.9.8.1119, the editor does not want to save when inputting those special characters. Instead it just shows an generic error message saying "Error. An error occurred saving your custom rules."

197

CentOS-WebPanel GUI / Re: Cannot Open User Panel

« on: January 17, 2022, 06:22:55 PM »

Thank you.  I appear to have a bad configuration with MySQL.  At some point, during the CWP installation, I changed the root password via phpMyAdmin, and it is was not reflected in the shell:

[root@server backup]# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

I can get in if I have it prompt for a password:

[root@server backup]# mysql -u root -p
Enter password:
MariaDB [(none)]>

However, the cwpsrv_rebuild_user_conf script cannot run as-is.

# /scripts/cwpsrv_rebuild_user_conf
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)

Is there a way to correct this, and not make it prompt for a password?

Michael

I think there is a file that various things looks into for the mysql root password. Not sure where it is. You can revert back to the old password?

Edit:
Found it.

Use

Code: [Select]

sh /scripts/mysql_pwd_reset to reset the mysql root password

then check

/root/.my.cnf
and
/usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php
should have the passwords match.

198

Information / Re: CWP changelog

« on: January 15, 2022, 06:37:11 PM »

What does 0.9.8.1118 do now?

That didnt take long.
0.9.8.1119

I would like to see this added to the changelog with info on what's in it

199

CentOS 7 Problems / Re: Problems with Mail Service

« on: January 15, 2022, 05:27:14 PM »

Also, according to your first log, it seems like your server is being used as a relay (a big no no), and also that you are already being blocked by yahoo.... (uff..) Right now they are giving you error code 421 which means temporarily rejected. They will eventually issue a permanent 554 error code.
An IPv4 address is precious. You need to get to the bottom of this spam issue quickly otherwise it will be hard to get your IP's reputation clean again. No hosting provider will allow you to change your IP of the server, specially if they know that you have tainted it by getting it on the blacklist.

You are already on 4 blacklists...
https://www.blacklistmaster.com/check?t=78.142.2.53

My recommendation for saving your IP is to completely shutdown postfix so the server won't send any more mail. You can keep dovecot open so you have access to the mail accounts with roundcube. Then take your time to figure it out.

200

Information / Re: CWP changelog

« on: January 15, 2022, 05:11:11 PM »

What does 0.9.8.1118 do now?

201

CentOS-WebPanel GUI / Re: Mod_Security's Security incidents wrong IP

« on: January 15, 2022, 11:43:18 AM »

This is a ModSecurity issue, and it will not be fixed in 2.x versions.
Check:
https://github.com/SpiderLabs/ModSecurity/issues/811

Regards,
Netino

have you tried installing v3?

202

Apache / Re: Apache vhosts configuration

« on: January 15, 2022, 11:13:26 AM »

The problem is in the latest versions of cwp panel free (CWP version: 0.9.8.1117) under centos 7 after January 1, 2022.
Apache php-frm.
I use my domain templates in the form of
.stpl
.tpl
I choose them according to the instructions for the domain.
When rebuilding vhosts files, I get the following:
file:
.conf is correct from .tpl
.ssl.conf does not match .stpl
How to deal with these??
It is clear that if I rule directly .ssl.conf - then when updating it all breaks.
As a result, the site does not work. And the system makes these rebuilds often- after a few hours of observation.
Please help me.
Yuri

@Netino, there is nothing to understand.

He is using the free version of CWP and is trying to use PHP-FPM related stuff. PHP.FPM is Pro CWP.

@Yuriy Either buy a Pro license, or stick to vhosts/httpd/php-fpm (the NON-FPM version)

Also, most wiki related instructions are based on the assumption that the reader has the Pro version.

203

CentOS 7 Problems / Re: Problems with Mail Service

« on: January 15, 2022, 11:09:32 AM »

Antivirus scan doesn`t find anything but the spam is still sending from server hostname:

Can you elaborate on your question? Are you saying that you know that your server is sending spam and you want the antivirus to block it but it isnt doing it?

204

E-Mail / Re: Email goes to spam , enterprise support no reply

« on: January 15, 2022, 10:58:01 AM »

as well as what @DNA mentioned, I'd like to add different tools for you to check your spam score and with these tools you can also diagnose your path into the perfect setup.

https://www.mail-tester.com/
https://www.checktls.com/index.html
https://emailspooftest.com/
https://mxtoolbox.com/emailhealth
Also, read into the different RFC rules that you may encounter during browsing. These are rules on the standard of email servers. If keep them in mind, you will eventually get a perfect setup.

p.s. Having someone do this for you is a lot of work. So, good luck with enterprise support

205

Apache / Re: WebServers Domain Configuration Reset

« on: January 15, 2022, 10:51:37 AM »

Confirm the content of this file is the same as the configuration you have done through "WebServer Domain Conf"

Code: [Select]

/home/USER/.conf/webservers/DOMAIN.conf.

If they are but getting overwritten back to default after a while, then there is an extreme method you can test which is to stop everything from touching that file;
with SSH
chattr +i /home/USER/.conf/webservers/DOMAIN.conf

At the moment I have this on that file:
{
    "nginx_template-type": "default",
    "nginx_template-name": "laravel-force-https",
    "apache_template-type": "default",
    "apache_template-name": "laravel",
    "nginx": true,
    "php-cgi": true,
    "apache-additional": true
}

And it's working, this is a very strange bug, I saw lots of posts on the forum about the same, and any official solution.

Make sure you rebuild the vhosts, and then lock the file for good measure as I mentioned in my post.
Remember, you need to unlock the file with "chattr -i" before doing changes and then lock it again after confirming the content.

206

E-Mail / Re: how to know the spam source

« on: January 14, 2022, 09:49:53 AM »

simple info:
http://wiki.centos-webpanel.com/tracking-php-script-spam
http://wiki.centos-webpanel.com/track-spam-infected-scripts
there are also other instruction related to mail on the same page

/usr/local/apache/logs/phpmail.log

That is the key man, thank you so much..

So, it was a php script?

Make sure "mail" in php is disabled to avoid such problem in the future.

Check "disable_functions = mail"
PHP-FPM- /opt/alt/php-fpm**/usr/php/php.ini
PHP-CGI- /opt/alt/php**/usr/php/php.ini
PHP-Main- /usr/local/php/php.ini

207

Information / Re: Cannot log into my cPanel

« on: January 12, 2022, 08:15:13 PM »

Just suggestions:

- Open the inspect tool and go to the network tab. Enable persistent logs and try to login while having the inspect tool open. Maybe it can tell you how it redirects so we can get some clue?

- Try removing web browser cache and try again. Chrome has some heavy forced caching. Try Firefox for log in to see if this is a client cache issue.

or if you have access to root;
- restart apache/nginx server and see if this help.

208

E-Mail / Re: Fake users sending spam

« on: January 12, 2022, 06:26:22 PM »

The spam is coming from localhost. It doesn't appear to be an open relay. It looks like some script on the server itself is allowing this sending attempt. The web logs for the same time and/or spam start time should be investigated to try to identify which scripts are allowing this.
The following files/directories must be scanned:
/usr/local/apache/logs/
/usr/local/apache/domlogs/
/usr/local/cwpsrv/var/services/roundcube/logs/

my thought exactly. Since php mail is disabled, you will have to go the route of "process of elimination".
Btw, make sure mail in php is diabled by confirming that it's disabled everywhere:
Check "disable_functions = mail"
PHP-FPM- /opt/alt/php-fpm**/usr/php/php.ini
PHP-CGI- /opt/alt/php**/usr/php/php.ini
PHP-Main- /usr/local/php/php.ini
PHP-CWP- /usr/local/cwp/php71/php.ini <-- [Not sure if webpanel mail will break if disabled here]

Another measure is to put this in main.cf file:

Code: [Select]

smtpd_sender_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain

and to make it more strict, is to change the order of the first two lines, but the server won't be able to send mail without authentication:

Code: [Select]

smtpd_sender_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain


209

CentOS-WebPanel Bugs / Re: WebServers Vhost Template Editor BUG!

« on: January 11, 2022, 10:48:30 PM »

does anybody have the copy/clone bug too?

yes

Replicate: On AdminCP, Go to WebServers Conf Editor -> httpd -> Clone default.tpl of vhosts/httpd/php-fpm -> name it anything and save. Open it again by clicking edit on it, go to line 50. “%ba” is missing and is replaced with º

210

E-Mail / Re: Fake users sending spam

« on: January 11, 2022, 03:55:26 PM »

Can you post the lines above and below this single log-line...