Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
211
CentOS-WebPanel GUI / Mod_Security's Security incidents wrong IP
« on: January 11, 2022, 03:34:32 PM »
The Security Incidents tab in Security Center that shows what Mod_Security has blocked is showing server IP as an offender for some specific types of attacks even though the IP is something else.
Here's the audit log showing something else:
I'm running Cloudflare -> Nginx -> Varnish -> Apache (with mod_cloudflare)
Here's the audit log showing something else:
I'm running Cloudflare -> Nginx -> Varnish -> Apache (with mod_cloudflare)
212
CentOS-WebPanel Bugs / Re: Domains/subdomains not showing
« on: January 11, 2022, 01:19:27 PM »
By the way, a piece of advice; After a user is creates with AdminCP, do everything with the UserCP, unless the function is not available there.
213
CentOS-WebPanel Bugs / Re: Domains/subdomains not showing
« on: January 11, 2022, 11:33:44 AM »
Try restarting CWP with:
See if this helps.
What is the documentroot in the apache vhost .conf file for the domain?
Code: [Select]
sh /scripts/restart_cwpsrvSee if this helps.
What is the documentroot in the apache vhost .conf file for the domain?
214
E-Mail / Re: how to know the spam source
« on: January 10, 2022, 09:06:59 PM »
If the datacenter was forced to tell you about it themselves, then your IP has its reputation already destroyed and blacklisted many places. You need to fix it fast before the damage is hard to revert. Some email providers simply completely block sending your mails to them. Happened to me once with Outlook. They rejected all my emails and had to go through a lengthy process to whitelist me again after I corrected my server's configuration. Good thing that the IP was only blacklisted with them, no place else.
First of all, check your /var/log/maillog
Paste it here: https://pastebin.com/
Change Paste Exposure to "Unlisted", Create new paste and post here the link.
Notice: Everything is in the log. IP addresses, email addresses, and maybe other sensitive data. If it's ok for you, then share the link here. If not, then just PM it to me if you like
First of all, check your /var/log/maillog
Paste it here: https://pastebin.com/
Change Paste Exposure to "Unlisted", Create new paste and post here the link.
Notice: Everything is in the log. IP addresses, email addresses, and maybe other sensitive data. If it's ok for you, then share the link here. If not, then just PM it to me if you like
215
Apache / Re: WebServers Domain Configuration Reset
« on: January 10, 2022, 07:39:06 PM »
Confirm the content of this file is the same as the configuration you have done through "WebServer Domain Conf"
If they are but getting overwritten back to default after a while, then there is an extreme method you can test which is to stop everything from touching that file;
with SSH
chattr +i /home/USER/.conf/webservers/DOMAIN.conf
Code: [Select]
/home/USER/.conf/webservers/DOMAIN.conf.If they are but getting overwritten back to default after a while, then there is an extreme method you can test which is to stop everything from touching that file;
with SSH
chattr +i /home/USER/.conf/webservers/DOMAIN.conf
216
Backup / Re: How Stop Backup ssh
« on: January 10, 2022, 07:35:10 PM »
What do you mean ssh backup? There is no SSH backup.
217
SSL / Re: Error restoring Apache conf file at 4:00 am
« on: January 10, 2022, 07:31:46 PM »
Do NOT edit the vhost .conf files. They are expected to be overwritten and any manual changes you have done will be removed.
Easy way: Custom SSL should be added through "SSL Certificates -> Manual Install"
but if you want to do it the harder way: you can create a new template through "WebServers Template Editor -> Httpd" then clone the "default.stpl and default.tpl" into new stpl and tpl files and give them the names GandiStandard.stpl and GandiStandard.tpl, and then edit the "SSLCertificateChainFile" line of the stpl file only into what you want. THEN, apply this template for the domain you want with "WebServer Domain Conf -> Select USER -> Create Configuration" on the domain you want, then select the webserver configuration you want from the list and then change "Apache default vhost template" to GandiStandard...
or just watch this video for the hard way:
https://www.youtube.com/watch?v=1tedsdrp0rQ
Easy way: Custom SSL should be added through "SSL Certificates -> Manual Install"
but if you want to do it the harder way: you can create a new template through "WebServers Template Editor -> Httpd" then clone the "default.stpl and default.tpl" into new stpl and tpl files and give them the names GandiStandard.stpl and GandiStandard.tpl, and then edit the "SSLCertificateChainFile" line of the stpl file only into what you want. THEN, apply this template for the domain you want with "WebServer Domain Conf -> Select USER -> Create Configuration" on the domain you want, then select the webserver configuration you want from the list and then change "Apache default vhost template" to GandiStandard...
or just watch this video for the hard way:
https://www.youtube.com/watch?v=1tedsdrp0rQ
218
Apache / Re: Apache Vhosts getting rebuilt automatically everynight
« on: January 10, 2022, 07:09:53 PM »
- If you are using custom templates that you made yourself or copied into a new file, then it shouldn't overwrite them (the templates themselves). It will however "re-apply" the templates into the domains every while (24h) to keep them "fresh"..
In my case, it deletes the configuration and re-applies them using the custom template (Default_patched.tpl) and the default all-methods.tpl I have set in "webserver Main conf"
Are you saying that the "WebServers Main Conf" are getting reset back to "default.tpl"? or are you editing the vhost .conf files of the "specific" domain and expecting it to stay the same overnight?
or are you saying that the custom template that you have made, which is not visible in the image of the logs you have attached are getting overwritten? the tpl files themselves?
Please paste here the content of: /usr/local/cwp/.conf/web_servers.conf
and the content of the /home/USER/.conf/webservers/DOMAIN.conf of one of the domains you are saying their configuration are getting overwritten
*Do NOT edit the last two files. They are meant to be edited through the panel.
Edit: Also, where is the stpl file of the template file that you have blacked out in your second image [
??s.com.tpl] Or are you not using SSL for the domains using that template?
In my case, it deletes the configuration and re-applies them using the custom template (Default_patched.tpl) and the default all-methods.tpl I have set in "webserver Main conf"
Quote
I've edited the template for the specific vhosts but still it overrides the configuration to default.
Are you saying that the "WebServers Main Conf" are getting reset back to "default.tpl"? or are you editing the vhost .conf files of the "specific" domain and expecting it to stay the same overnight?
or are you saying that the custom template that you have made, which is not visible in the image of the logs you have attached are getting overwritten? the tpl files themselves?
Please paste here the content of: /usr/local/cwp/.conf/web_servers.conf
and the content of the /home/USER/.conf/webservers/DOMAIN.conf of one of the domains you are saying their configuration are getting overwritten
*Do NOT edit the last two files. They are meant to be edited through the panel.
Edit: Also, where is the stpl file of the template file that you have blacked out in your second image [
??s.com.tpl] Or are you not using SSL for the domains using that template?
219
Information / CWP changelog
« on: January 10, 2022, 12:27:44 PM »
Hello
A lot of updates have happened in the past few weeks without anything written about it in the changelog.
I have already sent an email to support about this but I have not received a reply to it.
What happened between v0.9.8.1113 and v0.9.8.1117?
With the current issues users are having, I'm not comfortable updating until I see a changelog update, including instant new ones upon releases of new updates.
Regards
A lot of updates have happened in the past few weeks without anything written about it in the changelog.
I have already sent an email to support about this but I have not received a reply to it.
What happened between v0.9.8.1113 and v0.9.8.1117?
With the current issues users are having, I'm not comfortable updating until I see a changelog update, including instant new ones upon releases of new updates.
Regards
220
Problems on other RedHat linux servers / Re: PHP Defender nowhere to be found
« on: January 09, 2022, 03:19:43 PM »Code: [Select]cp -rp /usr/local/cwp/.conf/phpdefender/snuffleupagus-master /usr/local/cwp/.conf/phpdefender/snuffleupagus-master_BACKUP
cd /usr/local/cwp/.conf/phpdefender/snuffleupagus-master/src
/opt/alt/php-fpm74/usr/bin/phpize
chmod +x configure
./configure --with-php-config=/opt/alt/php-fpm74/usr/bin/php-config
make && make install
vi /opt/alt/php-fpm74/usr/php/php.d/snuffleupagus.ini
add the code mentioned above, restart php-fpm and check the security center to see if it appears there. Or at least in the module list.
After working with @Com-QuadTech and having access to his machine. I can confirm that the PHP defender module is broken. No logs inside /var/log/messages /var/log/cwp/* or /usr/local/cwpsrv/logs/* could say anything. The error message that happens on the module itself is just "Error. Unknown error".
I used my commands mentioned earlier in this thread, without the "--enable-snuffleupagus", and did manually create ini files and rule files and tested a variable that PHP defender would block. It's now working, but again; had to be manually installed. PHP Defender installer is broken.
Can a developer look into this please?
221
PHP Selector / Re: PHP-FPM Not Working (503 Service Unavailable)
« on: January 09, 2022, 11:00:11 AM »I got same problem and after investigating my solution was very bizzare....
Problem was that i edit Packages and set open files to -1 (nofile:) section
so open files in domain settings was -1 but that is some bug so config cannot be created. it need to be 0 or more
You just revived a two year old thread.....
But anyways, if you set unlimited open files to fix your problem, then it wasnt the only problem you're experiencing.... This should not be the fix.
A 503 error code can be seen in the /usr/local/apache/domlogs/* There you can check what the actual problem is...
Or this: journalctl -xe
222
Other / Re: Nginx-Apache-WP Rocket
« on: January 08, 2022, 10:09:02 PM »Sound advice, you've been very helpful. Thanks again
you are welcome
223
Other / Re: Nginx-Apache-WP Rocket
« on: January 08, 2022, 08:22:35 PM »Thanks that's really helpful.
I did have the server setup for Varnish, but have just set back to Nginx-Apache because, as you said, it was too aggressive. Fast!, but way too volatile.
I'm using PHP-FPM 7.3 and wondered what advantage php 8 might bring to the table.
I'm no expert, but I would say you can wait with 7.3 or 7.4 and only change your domain to php 8 if you really need it or 7.4 is eol.
224
Other / Re: Nginx-Apache-WP Rocket
« on: January 08, 2022, 08:05:43 PM »
you can use nginx -> apache on CWP. Install a PHP, preferebly PHP FPM 7+ with redis and opcache
Install W3 Total cache plugin on wordpress and use a mix or redis and opcache with the plugin.
Configure redis and opcache first before starting using them on opcache.
I use Nginx - Apache with PHP 7.4 (caching modules: redis and opcache) + W3 total cache plugin. On top of that, I'm using gzip and other caching in htaccess and on top of that, I have it on Cloudflare.
I did notice that using varnish will be too aggressive if you have opcache as well. So, don't enable varnish.
Install W3 Total cache plugin on wordpress and use a mix or redis and opcache with the plugin.
Configure redis and opcache first before starting using them on opcache.
I use Nginx - Apache with PHP 7.4 (caching modules: redis and opcache) + W3 total cache plugin. On top of that, I'm using gzip and other caching in htaccess and on top of that, I have it on Cloudflare.
I did notice that using varnish will be too aggressive if you have opcache as well. So, don't enable varnish.
225
E-Mail / Re: how to know the spam source
« on: January 08, 2022, 06:50:30 PM »
The non privacy invasive way to check is to look in the email header of the spam email, if it was sent using PHP.
But I would assume you don't have a copy of the message, you would have to manually go into the vmail folder and check the correct mailbox in the sent folder, but only if this was not sent using a script...
Also, what are you "scanning"?
/var/log/maillog ?
Can you paste the logs of when a spam happened?
But I would assume you don't have a copy of the message, you would have to manually go into the vmail folder and check the correct mailbox in the sent folder, but only if this was not sent using a script...
Also, what are you "scanning"?
/var/log/maillog ?
Can you paste the logs of when a spam happened?
