This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
46
Mod_Security / Re: 403 Error
« on: June 05, 2026, 01:25:41 PM »
Did you follow Starburst's guides to update Mod Security and the OWASP ruleset?
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-13-running-cwp-and-apache-on-almalinux-8-9/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-owasp-crs-ruleset-to-4-26-0-running-cwp-and-apache-on-almalinux-9-2/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-13-running-cwp-and-apache-on-almalinux-8-9/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-owasp-crs-ruleset-to-4-26-0-running-cwp-and-apache-on-almalinux-9-2/
47
Apache / Re: update software
« on: June 04, 2026, 11:57:05 AM »
Here's Starburst's guide for updating Apache:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-apache-to-2-4-67-in-cwp-on-almalinux-8-9/
Roundcube:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-roundcube-webmail-to-version-1-5-15-in-cwp-on-almalinux-8-9/
MariaDB:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/upgrade-mariadb-10-x-to-10-11-with-cwp-on-almalinux-9/
Nginx:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-apache-to-2-4-67-in-cwp-on-almalinux-8-9/
Roundcube:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-roundcube-webmail-to-version-1-5-15-in-cwp-on-almalinux-8-9/
MariaDB:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/upgrade-mariadb-10-x-to-10-11-with-cwp-on-almalinux-9/
Nginx:
Successfully updated to nginx 1.31.0 by following Sandeep's guide (choose the mainline version, not stable):
https://www.alphagnu.com/topic/55-how-to-install-latest-stablemainline-nginx-in-cwp-centos-89-stream-almalinux-89-rockylinux-89/
but for the actual install line you have to ignore system excludes:Code: [Select]dnf install --disableexcludes=all --disableplugin="*" nginx -y
48
Installation / Re: Varnish does not install with cwp-el9-latest - Fixed
« on: June 04, 2026, 11:51:06 AM »
Good to know! I don't watch that page since I'm not doing new server installations on a regular basis. I was reporting the last info I had, which is about 6 mo old.
49
Apache / Re: HTTP/2 Bomb — Remote DoS Exploit Hits nginx, Apache, IIS, Envoy, and Cloudflare
« on: June 04, 2026, 03:42:10 AM »
Maybe that's what hit our datacenter last Sunday afternoon/evening. Knocked everything out for hours with a major DDoS.
50
Installation / Re: Varnish does not install with cwp-el9-latest - Fixed
« on: June 03, 2026, 03:33:32 AM »
Thanks for that!
But be advised that CWP's EL9 support is only in beta, so consider it a bug/incompatibility. AlmaLinux 8 is the current recommended disto to use with CWP for FULL compatibility. But glad you were able to produce a workaround for the sake of the community!
But be advised that CWP's EL9 support is only in beta, so consider it a bug/incompatibility. AlmaLinux 8 is the current recommended disto to use with CWP for FULL compatibility. But glad you were able to produce a workaround for the sake of the community!
51
CentOS-WebPanel Bugs / Re: i can't loging in my reseller panel
« on: June 01, 2026, 06:24:43 PM »
Did you try another browser? Private browsing / Incognito mode? You need to eliminate the possibility that it is a local browser issue (incompatible extension or ad blocker interfering).
52
Backup / Re: New Backup Beta
« on: June 01, 2026, 06:23:03 PM »
Acknowledged bug -- should be fixed with the next update (as the dev has promised)...
53
CSF Firewall / Re: Cannot enable Firewall
« on: May 31, 2026, 02:41:44 PM »
How did you install? Here is Starburst's recommended install method (using the DVD distribution, not minimal):
These are the first steps we do with AL9 servers, should work on AL8, but not guaranteed, as I mentioned this is AL9.Code: [Select]dnf update ca-certificatesCode: [Select]dnf install dnf-plugins-coreCode: [Select]dnf install elrepo-release epel-release -yCode: [Select]dnf config-manager --set-enabled crbThat is the new Power Tools for EL9.Code: [Select]dnf --refresh updateCode: [Select]dnf install nano wget ipset ebtables iptables ipset-service uuid uuid-devel libuuid-devel m4 pcre pcre-devel zlib-devel perl-DBD-MySQL perl-IPC-Cmd perl-Pod-Html perl-Sys-Hostname perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch perl-GDGraph libtool s-nail htop sysstat python3-perf nmap net-tools make quota cockpit* -yCode: [Select]dnf install clamav* clamd
Then proceed to install CWP per their instructions.
54
Information / Re: I think Centos Web Panel Billing/WHMCS Links Attacked By Malware.
« on: May 27, 2026, 08:31:28 PM »
We see that often with the forums -- it's universal worldwide problem, seems to be a php-fpm problem that is resolved when the CWP team notices and gives the server a kick. Oftentimes it shows as a gateway problem so the server & nginx is up, but PHP keeled over under load.
55
Information / Re: I think Centos Web Panel Billing/WHMCS Links Attacked By Malware.
« on: May 23, 2026, 01:00:09 AM »
Perhaps local malware? I see no such issue. Have you tried on another computer or browser? Try Private Browsing/Incognito mode.
56
Nginx / Re: CVE-2026-8711 - NGINX JavaScript vulnerability
« on: May 20, 2026, 02:33:11 AM »
I think The Register's quote for the Rift vulnerability equally applies to this new CVE:
Quote
Security researcher Kevin Beaumont noted that while the bug is real, modern Linux defaults significantly reduce the likelihood of successful real-world RCE. "Regarding CVE-2026-42945 in nginx – no modern (or even old) Linux distribution runs nginx without ASLR," Beaumont said. "So, cool, sweet technical vuln – it's valid – but the RCE apocalypse ain't coming."
57
Nginx / Re: Nginx uploads fail after every package update on CWP / AlmaLinux 8
« on: May 19, 2026, 01:55:03 PM »
On one server, I've been with the default CWP Nginx 1.24 config, but with the Rift CVE, I switched over to the 1.31 AppStream version. So I haven't noticed the issue until now. But as a responsible sysadmin, with the switch to the AppStream-managed version I will accommodate permissions and/or the main conf as needed (thanks for the head's up!). No need to be bound by the CWP defaults if you aren't using their Nginx compiled from source.
58
Nginx / Re: New Nginx Vulnerability CVE-2026-42945
« on: May 17, 2026, 01:29:52 PM »
Funny, my upgrade gracefully handled it as it should: An nginx.conf.rpmnew file was created during the update when an upstream Nginx configuration file has changed, but you have manually modified the active configuration file beyond the defaults. Instead of overwriting the customizations, the package manager saves the new default configuration as .rpmnew to prevent service downtime.
Check for /etc/nginx/nginx.conf.rpmnew
Check for /etc/nginx/nginx.conf.rpmnew
59
Nginx / Re: New Nginx Vulnerability CVE-2026-42945
« on: May 17, 2026, 03:18:24 AM »
Successfully updated to nginx 1.31.0 by following Sandeep's guide (choose the mainline version, not stable):
https://www.alphagnu.com/topic/55-how-to-install-latest-stablemainline-nginx-in-cwp-centos-89-stream-almalinux-89-rockylinux-89/
but for the actual install line you have to ignore system excludes:
https://www.alphagnu.com/topic/55-how-to-install-latest-stablemainline-nginx-in-cwp-centos-89-stream-almalinux-89-rockylinux-89/
but for the actual install line you have to ignore system excludes:
Code: [Select]
dnf install --disableexcludes=all --disableplugin="*" nginx -y
60
Nginx / Re: New Nginx Vulnerability CVE-2026-42945
« on: May 17, 2026, 01:24:39 AM »
AlmaLinux's official instructions are close to that:
https://www.alphagnu.com/topic/587-brotli-and-nginx-1262-issues/
Code: [Select]
sudo dnf clean metadata && sudo dnf upgrade nginx
sudo systemctl restart nginxBut seemingly not that simple with the CWP-installed 1.24 version. And Sandeep's guide for updating to 1.26 on AlphaGNU is outdated:https://www.alphagnu.com/topic/587-brotli-and-nginx-1262-issues/
