Messages

316

CentOS 7 Problems / Re: Problems after last update

« on: March 03, 2022, 03:30:52 AM »

does the file /usr/local/cwpsrv/var/services/users/cwp_theme/original/index.html exist in your installation?

317

CentOS 7 Problems / Re: PHP FPM 7.3 Error centOS

« on: March 03, 2022, 02:54:00 AM »

please check

/usr/local/cwp/php71/etc/php-fpm.d/users/djflakfl.conf

make sure that the following are set:

Code: [Select]

listen.group = "djflakfl"
listen.mode = 0660
user = "djflakfl"
group = "djflakfl"

if any are not set correctly, please correct them, and restart cwpphp via

systemctl restart cwpsrv-phpfpm.service



*** Temporarily, you can "  chmod 660 /usr/local/cwp/php71/var/sockets/djflakfl.sock  "

318

CentOS 7 Problems / Re: PHP FPM 7.3 Error centOS

« on: March 03, 2022, 12:46:20 AM »

*20 connect() to unix:/usr/local/cwp/php71/var/sockets/djflakf1.sock failed (13: Permission denied) while connecting to upstream, client: 185.191.171.39,

please post the output from:

ls -al /usr/local/cwp/php71/var/sockets/*

319

CentOS 7 Problems / Re: can not set cron job

« on: March 03, 2022, 12:21:33 AM »

try

/opt/alt/php-fpm74/usr/bin/php  /home/ctt/public_html/admin/cli/cron.php


as your really want your cron to run on the same php version as your website.

320

CentOS 7 Problems / Re: PHP FPM 7.3 Error centOS

« on: March 02, 2022, 09:17:04 PM »

question:  is the php-fpm73 service running??   

systemctl status php-fpm73.service

if it is not running, start it

systemctl start php-fpm73.service

321

Information / Re: problem domain

« on: March 02, 2022, 09:14:09 PM »

still no solution, I created the file and it still has a problem.

You can't just create a file.   If /scripts/ does not contain that script, then you have a misconfigured version of CWP installed.

322

CentOS-WebPanel Bugs / Re: htaccess file protect can access file when file permission is 444

« on: March 02, 2022, 09:12:36 PM »

This is the action of a hacker which practically modifies files in the web folder and is able to set 444 permissions on this files.
All the security provided from MODsec shoud block these hacking behavior or at least CWP admins/devs should provide a patch for blocking these malicious instances.

What is suggested as a fix is practically making the website more vulnerable, rather than increasing the security.

Everyone is paying licenses and we are all suffering from lack of support on this matter.

Please advise.

I'm not sure what you are even talking about.  The OP is setting his permissions. Obviously, if you set a file's permissions that nginx cannot read, it will throw an error.   The issue here isn't the file permissions (Which should be 640), but the fact that nginx does not use the .htaccess file.   Nginx has it's own AUTH method, but it has to be set in the domains server block.  Perhaps you should re-read the thread, as the correct way of handling this was explained to him. 

323

Postfix / Re: SASL LOGIN authentication failed: UGFzc3dvcmQ6

« on: February 28, 2022, 03:50:31 AM »

Welcome to owning a server.   Use CSF firewall to block the two ip's.  Setup automatic blocks on 4-5 failed logins.

324

Updates / Re: Unexpected use of Ram and I/O

« on: February 27, 2022, 06:06:07 AM »

Please post the output from " top " and " iotop "  (May need to be installed via yum)

325

Information / Re: problem domain

« on: February 24, 2022, 10:04:00 PM »

Check if the domain is already pointing to another account here:  /admin/index.php?module=list_domains
or if the account is already created with the domain here:  /admin/index.php?module=list_accounts

326

MySQL / Re: error try check email accounts

« on: February 23, 2022, 05:26:54 AM »

Ajax error typically means there is an issue with the backend API.  Please use the browser debugger tool to show the response your get from the xhr requests.

327

Other / Re: SSL for WildCard

« on: February 19, 2022, 04:28:06 PM »

When it comes to certificates not generated by CWP, you're going to find you'll have a difficult time.  Your website configuration can be overwritten quite a bit, and you will have to recreate what you've done.   I'd recommend creating new templates for that domain only in /usr/local/cwpsrv/htdocs/resources/conf/web_servers/vhosts/nginx/ for that specific domain, so that your settings aren't overwritten.

As to why it's insecure, it's hard to tell unless you give us the actual domain name so we can look at it.

328

CentOS-WebPanel Bugs / Re: htaccess file protect can access file when file permission is 444

« on: February 19, 2022, 04:22:14 PM »

Nginx needs to be the auth then. 

You will want to create a new template in "   nano /usr/local/cwpsrv/htdocs/resources/conf/web_servers/vhosts/nginx/   " (or php-fpm/nginx if you are using php-fpm).

You will need to do both the tpl and stpl file, and name it the user account.  Make the changes in that file.  Then goto WebServer Settings -> Webserver Domain Config, and assign your new template to the account you want.  (This will prevent issues when CWP updates)

Follow this tutorial to edit the template file:  https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/

329

CentOS-WebPanel Bugs / Re: htaccess file protect can access file when file permission is 444

« on: February 19, 2022, 07:05:37 AM »

are you using nginx in front of apache, or apache only.  Could be a misconfiguration of Nginx if the former is true.

330

CentOS 7 Problems / Re: 503 Capacity Error

« on: February 19, 2022, 07:03:20 AM »

What is your configuration?  Nginx -> Varnish -> Apache, Nginx -> Apache, Apache Only.

We need to know more information to be able to move forward with any help