Messages

781

Information / Re: remote backup to house

« on: March 20, 2023, 03:39:48 AM »

I prefer a TrueNAS box for this as a target for DR (disaster recovery) -- there's nothing as good as a ZFS send, especially compared to rsync. I don't really trust home routers with USB ports to have high availability or acceptable performance. I see it as an afterthought or "gee whiz" feature. Maybe the Apple TimeCapsule devices are more solid by design, but even Western Digital's MyCloud NAS left a LOT to be desired (performance, security, etc. were sorely lacking). I have several Netgear Nighthawks with USB3.0 ports, but I must confess I've never even tried out that feature. But I'm sure you could find anecdotal experiences online, as well was benchmarks.

782

CentOS-WebPanel Bugs / Re: 2FA not working

« on: March 18, 2023, 06:09:23 AM »

Is there a bug? Yes, at least one.
Does it work for you? No, that's why I'm not currently using it.
Hopefully in the future...

783

E-Mail / Re: DMARC /DNS Record Published

« on: March 18, 2023, 06:04:23 AM »

Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in business email compromise attacks, phishing email, email scams and other cyber threat activities.

DMARC is not an essential DNS record for mail delivery -- it mostly is to prevent spoofing of your domain. For proper mail delivery, you will need an A record and an MX record; an SPF TXT record is also highly recommended. And any more, a PTR (reverse DNS) record is essential for credibility with other mail servers. This is put in place by your hosting provider or ISP, whoever controls the IP space you use.

784

Installation / Re: mail server only

« on: March 18, 2023, 03:16:26 AM »

This way, you may also create a script that will manually renew the certificate without using http-verification method

Under a normal system, you would look at /etc/letsencrypt/renewal/domain.com.conf
and you set 

Code: [Select]

authenticator = dns-cloudflareand it works flawlessly with their token authentication. No need for a custom renewal script, in my experience. Under CWP, it looks as though you would need to edit:

Code: [Select]

/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.conf
/root/.acme.sh/cwp_certs/www.domain.com/www.domain.com.csr.conf

785

How to / Re: how to secure CentOS server using CWP features

« on: March 18, 2023, 02:54:23 AM »

#Port 22 <-- Here! Remove the # and change 22 to whatever you want
#AddressFamily any

[/quote]
Don't forget to also change the port in /etc/csf/csf.conf under the TCP_IN line:

Code: [Select]

TCP_IN = "20,21,[i][b]2222[/b][/i],25,53,80,110,143,443,465,587,993,995,2030,2031"(not that I recommend port 2222, as FritzFrog scans for that in addition to 22).

786

Installation / Re: Login after installation

« on: March 18, 2023, 02:48:42 AM »

Are you able to SSH into the server? Try running

Code: [Select]

sudo passed rootand change the roott password to the same as the MySQL root password. This will also have the positive effect of allowing you to login to phpMyAdmin without a password from the CWP Admin panel.

787

Information / Re: Roundcube version

« on: March 18, 2023, 02:45:59 AM »

IonCube should work in PHP versions up to 7.4. Do you have it enabled in all your installed versions? If not, recompile with IonCube support.

788

CentOS 7 Problems / Re: Error in trasnfer File

« on: March 14, 2023, 08:38:29 AM »

Can you post a little more of the log? Probably not the whole thing, but the last 20-25 lines so that might help us identify the cause of the error.

789

Installation / Re: HOME SERVER QUESTION

« on: March 14, 2023, 01:08:06 AM »

Yes -- a Mac mini at a specialized boutique host (MacStadium or MacMiniVault). They will do co-location for $50-60/mo (owing to the small form factor and small power draw). For that, you get symmetric gigabit speeds, unlimited transfer. They offer "remote hands" support and will swap out parts or change out SSDs for you if you want to upgrade. I've had very good success with this route over the past 5+ years. 3 servers running CentOS 7.9 in a data center, on the cheap...

790

CentOS 7 Problems / Re: Error in trasnfer File

« on: March 14, 2023, 12:59:10 AM »

Have you looked over the migration log?

Code: [Select]

/var/log/cwp/migration_cwptocwp.log
And the dot files look something like this while it is processing:

Code: [Select]

/home/.accountname2023030210162406c06f23df2524dbd24ad6f8dd4027a2
/home/cwpmove-accountname.tar.gz
/home/.CWPTOCWP_20230302090033

791

CentOS 7 Problems / Re: Error in trasnfer File

« on: March 13, 2023, 09:07:34 AM »

I would think you would need 2x the space of the account for a migration, to allow for an archive file to temporarily exist and be expanded into place before being cleaned up at the end. And if it was interrupted, make sure it is cleaned up (usually a dotfile directory in /home).

792

CentOS-WebPanel Bugs / Re: CloudFlare (Full strict) Error 426

« on: March 13, 2023, 09:01:44 AM »

You understand that CF Origin Server SSL certs only apply to HTTPS services? It won't do you any good for other services such as mail. So on a CWP LAMP/LEMP server that usually provides mail and FTP it's pretty much a non-starter. Go with LetsEncrypt or get an inexpensive Comodo PositiveSSL certificate. (Speaking as one who has been down this road!)

793

CentOS 7 Problems / Re: Unable to load dynamic library 'sodium.so'

« on: March 13, 2023, 02:49:04 AM »

...recompiling php fixed it

I think that's the #1 solution for CWP PHP-related problems. For apache problems, rebuild hosts. For mail server problems, rebuild the servers... kind of the nuclear option if you think about it, but it generally works!

794

Varnish / Re: Varnish problem with woocommerce

« on: March 11, 2023, 10:48:17 PM »

The log file seems clear to me -- the if statement on line 50 (or one line above/below) is at fault:

Code: [Select]

Mar 01 07:55:27 server.ayanlife.com varnishd[4116]: Found: 'if' at
Mar 01 07:55:27 server.ayanlife.com varnishd[4116]: ('/etc/varnish/default.vcl' Line 50 Pos 1)Comment it out and test...

Pssst -- I would sanitize IP addresses in your posted logs... well, not the Iran one -- that doesn't matter...

795

Updates / Re: warning: %post(cwp-httpd-2.4.55-1.x86_64) scriptlet failed, exit status 1

« on: March 11, 2023, 10:28:39 PM »

I'm running 2.4.55 on my CWP servers... php-fpm here (generally 8.1, but one holdout on 5.6 and one on 7.4 due to a WP theme incompatibility).