Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
691
Installation / Re: Fresh install has MariaDB error. How to resolve?
« on: May 12, 2023, 01:34:26 PM »
Definitely go for 10.6 -- a long term release. I am running it everywhere, very stable. And don't forget to run mysql_secure_installation afterward.
692
Information / Re: So what's the verdict on AlmaLinux?
« on: May 12, 2023, 01:32:31 PM »
AlmaLinux is my plan for when CentOS 7.9 goes fully EOL in 2024. Others have said it is generally very stable, has good migration, and is less "rocky" than some other distributions... 
693
Information / Re: Reduce server response time [Anyone Else?]
« on: May 11, 2023, 01:25:48 PM »
Varnish is only needed if you need to milk every drop of performance out of your server -- but be advised you will need to create a custom .vcl config for your particular use case. Whatever CMS or engine you employ for your site, it will need proper tuning. It's not an impossible task, but probably not beginner level and generally not necessary unless your site is large or database-heavy where it would benefit from varnish's particular caching. Otherwise, if running WP -- by all means use a caching plugin, just be watchful for security vulnerabilities that crop up from time to time. Stay up to date with your plugins. If you use Cloudflare as your infrastructure provider (as I do), make use of their available CMS resource. You may want to consider making use of Cloudflare's specific $5/mo WP plan for maximum performance.
694
Installation / Re: How to improve site speed and security
« on: May 11, 2023, 01:19:46 PM »
Agreed with the Nginx recommendation -- it will offer you more "bang for your buck" in terms of being more performant than Apache. But it will add some complexity to your configuration and will not allow customers to use .htaccess files -- so you will need to translate any .htaccess directives from Apache syntax over to an Nginx equivalent.
If you do go with mod_security, I would recommend starting with the Comodo ruleset (available in CWP Pro). It is more beginner-friendly and less prone to generating false positives.
If you do go with mod_security, I would recommend starting with the Comodo ruleset (available in CWP Pro). It is more beginner-friendly and less prone to generating false positives.
695
CentOS 7 Problems / Re: Without any type of access
« on: May 11, 2023, 12:53:34 PM »
It actually sounds as if you VPS is offline if not even SSH is accessible. You may need to visit your VPS control panel and restart your VM, or start a support ticket with your host and ask them to restart your server/VPS.
696
CentOS Configuration / Re: Help me. lfd on cwp.xxxxxx.com: Suspicious process running under user memcached
« on: May 11, 2023, 12:51:36 PM »
And to underscore the importance of not running unneeded services: memcached is often used in amplification attacks to send junk traffic at DDoS targets. Memcached is a potent weapon in this case, amplifying traffic up to 50,000x the original payload!
https://www.cloudflare.com/learning/ddos/memcached-ddos-attack/
https://www.cloudflare.com/learning/ddos/memcached-ddos-attack/
697
PHP / Re: Php-FPM 7.4 users sock not created after user subscription
« on: May 11, 2023, 03:16:03 AM »
Newly installed versions of php-fpm do not create a conf file for you, which in turn causes php-fpm to generate the per-user .sock. You will need to bring forward your existing php-fpm configuration and edit it to reflect the proper PHP version, then restart that version of PHP. Here is an example of copying a PHP 7.1 configuration to 7.4:
Code: [Select]
cp /opt/alt/php-fpm71/usr/etc/php-fpm.d/users/user.conf /opt/alt/php-fpm74/usr/etc/php-fpm.d/users/user.conf
perl -pi -e 's/php-fpm71/php-fpm74/g' /opt/alt/php-fpm74/usr/etc/php-fpm.d/users/user.conf
service php-fpm74 restart
698
MySQL / Re: User can access other database
« on: May 10, 2023, 01:41:03 PM »
What distribution are you on? What version of MySQL/MariaDB are you running? Did you run mysql_secure_installation ?
699
Installation / Re: All websites show HTTP Test Page powered by CWP | CentOS-WebPanel.com
« on: May 09, 2023, 01:39:59 PM »
Is this new behavior or just what is happening as you are in the midst of the installation/migration process? Did you run User Accounts > Fix Permissions ? Did you follow the wiki article on that subject? https://wiki.centos-webpanel.com/default-page-displayed-for-all-domains
700
WebHosting-Billing / Re: WebHosting-Billing by CWP
« on: May 09, 2023, 06:39:41 AM »Please note that this is not a public version, it's only for developers and testing as it has some vulnerabilities.Scary! Think I'll pass on this one
701
Nginx / Re: upstream timed out (110: Connection timed out) - Getting it frequently
« on: May 09, 2023, 05:58:16 AM »
Increase your timeouts so it isn't so finicky about upstream connection delays:
Code: [Select]
fastcgi_read_timeout 540;
proxy_connect_timeout 3000s;
proxy_send_timeout 3000;
proxy_read_timeout 3000;
702
CentOS 7 Problems / Re: YUM Manager No Longer Working
« on: May 06, 2023, 03:21:27 AM »3-it says it has been updated,It usually does that if you have unmet dependencies or an update (such as MariaDB) that requires "divine intervention" -- such as when moving to a major version number that requires a manual update. You think it installed everything, but if you carefully read the results, you can see that it skipped those updates.
but when restarting it keeps asking for the same updates.
703
DNS / Re: have 2 or more vps
« on: May 06, 2023, 03:15:35 AM »
Are the NS on different subnets? Otherwise, far too easy to get DDoS'ed...
704
Postfix / Re: All inbound mail fails when enabling Spam Assassin/Avamis
« on: May 06, 2023, 03:13:30 AM »
What guide are you following for your SpamAssassin configuration? The CWP Wiki article with the local.cf or something else? Do you have zen.spamhaus.org in your RBL loop on the CWP server, or just on your testing SMTP server?
705
CentOS-WebPanel GUI / Re: Login CWP Cloudflare
« on: May 06, 2023, 03:08:16 AM »
It should work -- did you try Cloudflare's dev mode? Did you test via a VPN from outside your LAN? Sometimes loopback/hairpin NAT requires further setup to work with your router, if that's what you are doing.
If you want to change your CWP login port, there are many guides:
https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/
I personally don't run under CWP's default port assignments, nor the cPanel/WHM port-alike assignments. I chose my own custom ports. But if anyone does a port scan on my server, obviously I have typical LAMP/LEMP ports open, with mail service ports open as well. It just makes it that much harder for script kiddies to pound my server and doesn't leave me susceptible to FritzFrog for SSH hack attacks.
If you want to change your CWP login port, there are many guides:
https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/
I personally don't run under CWP's default port assignments, nor the cPanel/WHM port-alike assignments. I chose my own custom ports. But if anyone does a port scan on my server, obviously I have typical LAMP/LEMP ports open, with mail service ports open as well. It just makes it that much harder for script kiddies to pound my server and doesn't leave me susceptible to FritzFrog for SSH hack attacks.
