Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - overseer

Pages: 1 ... 32 33 [34] 35 36 ... 127
496
Updates / Re: CWP Update?
« on: May 26, 2025, 12:36:21 PM »
Yes, wouldn't it be nice. But I'd also take full EL9 support and some greater stability and some bug quashing over new features (as a matter of priority).

497
Did you complete the upgrade guide, or just do the mariadb client part of it, missing the server portion? Does
Code: [Select]
systemctl status mariadb.serviceshow
● mariadb.service - MariaDB 10.11.13 database server

498
SSL / Re: Unabl to update SSL cert after router upgrade
« on: May 25, 2025, 01:22:36 PM »
I've had 2 different TP-Link routers (acting as WAPs) reset themselves to factory defaults and start DHCP'ing on networks -- creating a conflict with the main router's DHCP assignments. So I have started avoiding them, preferring Netgear for those kind of low-end home applications. Also, security and US policy concerns abound about TP-Link:
https://arstechnica.com/tech-policy/2024/12/report-us-considers-banning-tp-link-routers-over-security-flaws-ties-to-china/
https://arstechnica.com/tech-policy/2025/04/tp-links-low-router-prices-and-china-ties-reportedly-spark-us-investigation/

Agreed about Mikrotik routers -- I've installed them in a couple of locations that I manage and they are not for novices, but are rock solid once set up. Just keep the firmware up to date lest they be corralled into a botnet.

499
CentOS-WebPanel Bugs / Re: cwp_stats is taking too much space
« on: May 25, 2025, 02:21:44 AM »
Another solution going forward is to edit /etc/goaccess/goaccess.conf:
Code: [Select]
# On-disk B+ Tree
# Specifies that each page is compressed with ZLIB|BZ2 encoding.
# Disabled by default.
#
compression zlib

500
Mod_Security / Re: 403 error
« on: May 25, 2025, 01:40:38 AM »
Consider updating to ModSecurity 2.9.8 and the current OWASP ruleset -- might reduce some false positives:
https://starburst.help/category/control-web-panel-cwp/modsecurity-running-wit-control-web-panel/

501
PHP / Re: AH01075: Error dispatching request to : (polling)
« on: May 25, 2025, 01:37:24 AM »
Likely culprits are MalwareDetect or the Softaculous backup routine that ran just before the crash. But given that it only affects one site and one version of PHP (and not the whole server), that would be the best place to investigate. Look at what that client is running (loaded WP install with auto-backups or cron tasks?) and that version of php-fpm see if there is something loading the server at that time or if you could do some tuning on php-fpm 8.2 specifically.

502
I haven't had trouble uploading/downloading anything vis FTP/S or SFTP from my CWP servers, but then I don't think I have any dir approaching 10K-50K contents... which I suppose is not a problem on an XFS filesystem. I would suspect the problem lies with Bugzilla, I mean FileZilla -- as a culprit. Or at least perhaps some setting is your limitation. Have you tried with NcFTP or an alternate client?

503
SSL / Re: Unabl to update SSL cert after router upgrade
« on: May 25, 2025, 01:18:43 AM »
Does your router support hairpin NAT? You may need to get forward/reverse DNS going on your LAN.
https://arstechnica.com/information-technology/2024/02/doing-dns-and-dhcp-for-your-lan-the-old-way-the-way-that-works/

Offhand, I can't see running a server behind decidedly consumer routers (and as Starburst intimated, TP-Link has some decided concerns due to their relationship with the PRC gov). I would want something SOHO pro-sumer or better (Ubiquiti, SonicWall) with more configurable firewalls and routing options if I were self-hosting in a home lab scenario.

Have you tried dropping the CSF firewall and Mod Security temporarily to make sure they are not interfering?

504
Sounds as if you are re-setting SPAMDOPTIONS twice in the same file. So likely only the 2nd line would be read (overwrites the first).

Wonder was indicating (as I use and the wiki mentions https://wiki.centos-webpanel.com/how-to-configure-spamassassin) to use /etc/spamassassin/local.cf instead of /usr/share/spamassassin...

Personally, I have had trouble NOT running SpamAssassin in daemon mode, so I don't run it in service mode.

But as mentioned earlier in the thread, did you try:
Code: [Select]
StartLimitBurst=0

505
PHP / Re: AH01075: Error dispatching request to : (polling)
« on: May 22, 2025, 11:42:20 PM »
Have you looked at the per-user tuning available under that version of php-fpm?
/opt/alt/php-fpm82/usr/etc/php-fpm.d/users/username.conf
Code: [Select]
pm = ondemand
pm.max_children = 4
pm.max_requests = 4000
pm.process_idle_timeout = 15s

;listen.backlog = -1
;request_terminate_timeout = 0s
rlimit_files = 131072
rlimit_core = unlimited
catch_workers_output = yes
Additionally/alternately, you could tune the particular vhost conf to include various FastCGI parameters that could help mitigate your issue. Here is what I have on a demanding Drupal site under Nginx:
Code: [Select]
        fastcgi_pass unix:/opt/alt/php-fpm82/usr/var/sockets/username.sock;
        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
        try_files $fastcgi_script_name =404;
        fastcgi_index    update.php;
        include              fastcgi_params;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        # Block httpoxy attacks. See https://httpoxy.org/.
        fastcgi_param HTTP_PROXY "";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param QUERY_STRING $query_string;
        fastcgi_intercept_errors on;

506
MySQL / Re: Can not update MariaDB
« on: May 22, 2025, 10:42:24 PM »
I suppose you mean 11.4? I always refer to this chart for MariaDB version lifetimes:
https://endoflife.date/mariadb

507
Did you reboot and reset the r00t password after the change?

508
MySQL / Re: Can not update MariaDB
« on: May 22, 2025, 12:48:19 AM »
sorry, what?

509
PHP / Re: AH01075: Error dispatching request to : (polling)
« on: May 21, 2025, 09:09:56 PM »
What is using it? WP? Another CMS? There should be some tuning you could do for it.
A kludge workaround would be to restart php-fpm82 shortly after the timeframe you are observering (nightly at 00:15).

510
Wish they did; consider that a "hotfix" since it was from a CWP developer originally -- good for any EL9 distribution (Alma, Rocky, won't mention RHEL or *ahem* Stream).

Pages: 1 ... 32 33 [34] 35 36 ... 127