Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
361
CentOS-WebPanel Bugs / Re: CentOS 8 minor bug
« on: April 05, 2021, 03:21:14 AM »
Is the 1 update by chance MariaDB? Because there is a huge difference in the minor upgrade, and they provide instructions on a "Manual Upgrade". If it's not Maria, please cite what program refused to update.
362
DNS / Re: SRV records not working
« on: April 04, 2021, 07:29:27 AM »
https://www.cloudflare.com/learning/dns/dns-records/dns-srv-record/
1) You are looking up a "A" record via DIG. to look up SRV records, you use "dig SRV (domain)"
2) play.elementia.tk is a NX domain, becasue it has no A record
3) because you ended play with a period, Bind does not attack the rest of the domain name. By RFC, any domain ending with a . is considered absolute. So I'm honestly suprised your not getting an Error of an out of zone domain name. The following line should work correctly.
_minecraft._tcp.play IN SRV 0 5 80 minecraft.elementia.tk.
or
_minecraft._tcp.play.elementia.tk. IN SRV 0 5 80 minecraft.elementia.tk.
Finally, the best way to check a SRV recrod is using the "Host command"
host -t SRV _minecraft._tcp.play.elementia.tk
1) You are looking up a "A" record via DIG. to look up SRV records, you use "dig SRV (domain)"
2) play.elementia.tk is a NX domain, becasue it has no A record
3) because you ended play with a period, Bind does not attack the rest of the domain name. By RFC, any domain ending with a . is considered absolute. So I'm honestly suprised your not getting an Error of an out of zone domain name. The following line should work correctly.
_minecraft._tcp.play IN SRV 0 5 80 minecraft.elementia.tk.
or
_minecraft._tcp.play.elementia.tk. IN SRV 0 5 80 minecraft.elementia.tk.
Finally, the best way to check a SRV recrod is using the "Host command"
host -t SRV _minecraft._tcp.play.elementia.tk
363
Suggestions / Re: Two-Factor Authentication (2FA) - Google Authenticator for CWP and CWP PRO !
« on: April 04, 2021, 07:00:56 AM »
If you truely want to secure your CWP Admin interface, do the following.
Setup DDNS somewhere (No-ip is a good free version)
edit /etc/csf/csf.dyndns and add your ddns hostname there
edit /etc/csf/csf.conf
find DYNDNS set it to a value of 600 (10 minutes) DYNDNS="600";
find DYNDNS_IGNORE = "0" and change it to 1
On TCP_IN and TCP6_IN, remove port 2086,2087,2030,2031.
then restart csf. csf -r
You can still login to CWP as long as your match your dyndns, as it allows you through the firewall on all ports.
Setup DDNS somewhere (No-ip is a good free version)
edit /etc/csf/csf.dyndns and add your ddns hostname there
edit /etc/csf/csf.conf
find DYNDNS set it to a value of 600 (10 minutes) DYNDNS="600";
find DYNDNS_IGNORE = "0" and change it to 1
On TCP_IN and TCP6_IN, remove port 2086,2087,2030,2031.
then restart csf. csf -r
You can still login to CWP as long as your match your dyndns, as it allows you through the firewall on all ports.
364
CentOS 7 Problems / Re: Virus on my CWP sites
« on: April 04, 2021, 06:50:41 AM »
If it's wordpress sites, use wordfence to fix the issue.
The "viruses", are from improperly filtering code injection on your websites. It's not something CWP did, but instead PHP and bad programming.
The "viruses", are from improperly filtering code injection on your websites. It's not something CWP did, but instead PHP and bad programming.
365
CentOS 7 Problems / Re: Daily Spamassassin update reports error
« on: March 18, 2021, 06:46:04 PM »
The problem has arisen because CWP uses an outdated version of Spamassasin. The Sought server pulled all updates for this old version, as they no longer support it. CWP needs to update to the latest version of SA to correct this error. The only option to disable the errors at this point, is to delete the mirror.
366
SSL / Re: Help! Cannot get rid of expired SSL certificates.
« on: March 08, 2021, 11:42:31 PM »
The certificate that is expired is your domains certificate. You can check /root/.acme.sh/ for log files to find out why your cert is not renewing.
367
Other / Re: Creating server from Digitalocean snapshot
« on: March 06, 2021, 11:13:07 PM »
I've never done it, but I would suppose that you change the hostname, nameservers, and ip's, then rebuild the vhosts. But that's not something CWP would even support. They would suggest you setup and new server, then use CWP->CWP. The only issue is that email is not transfered.
368
SSL / Re: Acme problem
« on: March 05, 2021, 04:47:57 PM »
If www is forwarded to another server, acme will fail. CWP generates for domain and www.domain, and they both must reside on the CWP server for acme to work. Unless you remove letsencrypt from the account, acme will try daily to renew any expired/expiring certificates. If at any point it fails, the whole process fails. I'd suggest you point www back to CWP, and use a different subdomain at the alternate server such as w3.
If i'm off base, please let me know, and describe with more detail. Ex:
@ points to 1.1.1.1
www. points to 2.2.2.2
If i'm off base, please let me know, and describe with more detail. Ex:
@ points to 1.1.1.1
www. points to 2.2.2.2
369
PHP Selector / Re: phpinfo(); shows 7.4 but PHP-CLI shows 5.6.37
« on: March 05, 2021, 08:06:43 AM »
For CWP run composer as php selector and php-fpm selector :
For php selector :
/opt/alt/php74/usr/bin/php /usr/local/bin/composer install
For php-fpm selector :
/opt/alt/php-fpm74/usr/bin/php /usr/local/bin/composer install
For php selector :
/opt/alt/php74/usr/bin/php /usr/local/bin/composer install
For php-fpm selector :
/opt/alt/php-fpm74/usr/bin/php /usr/local/bin/composer install
370
Installation / Re: ioncube 8.0 and uploadprogress not being compiled in php-fpm 8.0.2
« on: March 05, 2021, 03:12:12 AM »
I totally agree. They need a better development team, with changelogs and notations. I as well as others have offered our services to no avail. Most of the problem is they're hiding behind ioncube, instead of making most of the code open source so that others can bug fix. But I digress.
As a note, I would say that yes PHP8 should be notated as not fully implemented. Though 8 is considered stable, it was a complete rewrite of the code, and therefore requires all dependencies to completely rewrite their codes to be compatible. Most mod developers were prepared, but a good chunk of them are behind the 8 ball.
Have a good night
As a note, I would say that yes PHP8 should be notated as not fully implemented. Though 8 is considered stable, it was a complete rewrite of the code, and therefore requires all dependencies to completely rewrite their codes to be compatible. Most mod developers were prepared, but a good chunk of them are behind the 8 ball.
Have a good night
371
Installation / Re: ioncube 8.0 and uploadprogress not being compiled in php-fpm 8.0.2
« on: March 05, 2021, 01:58:57 AM »
Just an FYI. There is no loader for PHP 8, because ioncube has not made a loader for php8 as of yet. Just checked the site myself, as I have a license. When one becomes available, I'm sure CWP will include it.
The uploadprogress extension works on PHP 5, PHP 7, and PHP 8. It requires the use of the Apache HTTP Server with mod_php. Other web servers and PHP-FPM are not yet supported.
The uploadprogress extension works on PHP 5, PHP 7, and PHP 8. It requires the use of the Apache HTTP Server with mod_php. Other web servers and PHP-FPM are not yet supported.
372
SSL / Re: Help! Cannot get rid of expired SSL certificates.
« on: March 05, 2021, 12:56:29 AM »
Just saw a similar post. Before doing anything else, try restarting postfix. It may not have picked up the new certificate if it hasn't been reloaded/restarted.
373
SSL / Re: /usr/local/apache/conf.d/vhosts/mydomain.com.ssl.conf cannot be seen
« on: March 05, 2021, 12:51:20 AM »
index.php?module=WebServers_conf
Check Rebuild all Vhosts and click save changes. See if they re-appear
Check Rebuild all Vhosts and click save changes. See if they re-appear
374
SSL / Re: Help! Cannot get rid of expired SSL certificates.
« on: March 05, 2021, 12:49:06 AM »
Use the autossl option in CWP, to renew the certficate for azskin.com, and make sure you check the mail option as additional domains.
It seems that when the cert renewed, it did not update postfix with the new certificate.
It seems that when the cert renewed, it did not update postfix with the new certificate.
375
SSL / Re: NameServer SSL
« on: March 05, 2021, 12:45:29 AM »
nameserver's don't typically require SSL, as nameservers don't usually host websites. If you however want SSL for your nameservers, your best bet would be to add the subdomains to the main site.
Option B, would be to generate a wildcard certificate manually vie SSH, and use it instead of the hostname certificate CWP Auto Generates.
Option B, would be to generate a wildcard certificate manually vie SSH, and use it instead of the hostname certificate CWP Auto Generates.
