Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - rcschaff

Pages: 1 ... 52 53 [54] 55
796
DNS Manager / Re: HTTP Test Page on the homepage and 404 Not Found
« on: February 05, 2020, 02:36:12 AM »
P.S.  If your using CWP, you shouldn't be installing anything via terminal.  You should use the CWP to select your configurations and let it do the work.  If you install LAMP before CWP, you will most definitely break CWP.

797
DNS Manager / Re: HTTP Test Page on the homepage and 404 Not Found
« on: February 05, 2020, 01:47:40 AM »
probably received an update from CWP that overwrote all customer user settings.

Are you using apache or nginx-phpfpm?

798
DNS / Re: How to solve :: BIND DNS Server always shutting down?
« on: February 05, 2020, 01:45:35 AM »
systemctl enable named

799
Updates / Re: User Error logs disappeared after recent update
« on: February 05, 2020, 01:44:01 AM »
Additional Note, because the theme changer doesn't work, you need to change /home/(users)/.conf/cwp.ini THEME to modified

800
Updates / Re: User Error logs disappeared after recent update
« on: February 05, 2020, 01:24:50 AM »
Seriously Devs.  It's not that hard if you would be willing to expand basedir
Code: [Select]
sed -i "s@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir =/home@fastcgi_param   PHP_ADMIN_VALUE \"open_basedir =/usr/local/apache/domlogs/:/home@g" /root/cwpsrv/conf.d/users/*.confcwpsrv -s reload
Code: [Select]
cp -R /usr/local/cwpsrv/var/services/users/cwp_theme/origional /usr/local/cwpsrv/var/services/users/cwp_theme/modified/// PHP Section  /usr/local/cwpsrv/var/services/user_files/modules/php_error.php
Code: [Select]
<?php
if (isset($_GET["loadfile"])) {
if (
file_exists("/usr/local/apache/domlogs/{$_GET["loadfile"]}.error.log")) {
        echo 
$content file_get_contents("/usr/local/apache/domlogs/{$_GET["loadfile"]}.error.log");
} else {
        echo 
"No File Found";
};
exit;
}
//  Replace this with built in code to populate domains and subdomains //
//use API to get list of users
$mod["returl"] = $_SERVER['REQUEST_URI'];

$data = array("key" => "(SET YOUR API KEY HERE)","action"=>'list',"user"=>$_SESSION ['username']);
$url "https://{$_SERVER['SERVER_NAME']}:2304/v1/accountdetail";
$ch curl_init();
curl_setopt($chCURLOPT_URL$url);
curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
curl_setopt($chCURLOPT_CUSTOMREQUEST"POST");
curl_setopt($chCURLOPT_SSL_VERIFYPEERfalse);
curl_setopt ($chCURLOPT_POSTFIELDShttp_build_query($data));
curl_setopt ($chCURLOPT_POST1);
$response curl_exec($ch);
curl_close($ch);
$response json_decode($response);
$domains = array();
$mod['select'] = array();
foreach (
$response->result->domains as $key) {
           
$domains[] = trim($key->domain);
       }
foreach (
$response->result->subdomins as $key) {
        
$domains[] = trim($key->subdomain ."."$key->domain);
}
foreach (
$domains as $domain) {
        
$mod['select'][] = $domain;
}
if (
file_exists("/usr/local/apache/domlogs/{$domains[0]}.error.log")) {

        
$mod['file'] = file_get_contents("/usr/local/apache/domlogs/{$domains[0]}.error.log");
} else {
        
$mod['file'] =  "No File Found";
};

?>

HTML  /usr/local/cwpsrv/var/services/users/cwp_theme/modified/mod_php_error.html   <<< YOu might want to copy origional to modified so it doesn't go bye bye
Code: [Select]
<div class="row">
    <div class="col-lg-12">
        <h1>Error Log</h1>
    </div>
        <div>
         /usr/local/apache/domlogs/
<form action="{{mod.returl}}" action="get"><select id="loadfile">

{% for option in mod.select %}
   <option>{{ option }}</option>
{% endfor %}
</select><noscript><input type="submit" value="Change"></noscript></form>
<textarea id="logfile" readonly style="width:800px; height:400px">{{mod.file}}</textarea>
        </div>
</div>
javascript   /usr/local/cwpsrv/var/services/users/cwp_theme/modified/js/modules/php_error.js.twig
Code: [Select]
(function($){
$(document).ready(function() {
        $("#loadfile").change(function() {
                $.get( "{{mod.returl}}", { loadfile: $("#loadfile").val() },"text" )
                .done(function( data ) {
                        if (data == "") data = "Congratulations!  No PHP Errors were logged";
                        $("#logfile").text(data);
                });
        });
});
})(jQuery);
INI File   /usr/local/cwpsrv/var/services/users/cwp_lang/en/php_error.ini
Code: [Select]
SOMETHING="Nobody Really Cares"

Edit file /usr/local/cwpsrv/var/services/users/cwp_theme/modified/menu_left.html
find (~ Line 62)
{% if ("statistics" in rmenu )or(swmenu==1) %}
        <li class="search"><a href="?module=statistics">{{langene.GNLABEL51}}</a></li>
        {% endif %}

add after
<li class="search"><a href="?module=php_error">PHP Error Log</a></li>

801
SSL / Re: ERR_SSL_PROTOCOL_ERROR Problem
« on: February 04, 2020, 10:19:49 PM »
Simple Answer, all CWP ports use the hostname certificate. I foresee only 2 options for you.

1)  http proxy  script to access the 2031 port
2)  Regenerate a hostname.crt that includes all of your domians you host.  Though this could get costly.  ( Cpanel does this by having their own root certificate authority.  No other panel has this option).

802
E-Mail / Re: Delayed mail with remote mail exchangers
« on: February 04, 2020, 10:10:15 PM »
MX is handled by DNS.  Simply editing the DNS without doing anything in the mail server itself should suffice.

803
Information / Re: Current work to improve CWP.
« on: February 04, 2020, 10:08:26 PM »
Opening the source code, I think, would not be a solution at all. The important thing is that you get organized with a roadmap and improve so that we can bring more customers to this panel.

Opening the source code would allow knowledgeable users to fix our own errors that arise, and submit patches.  More coloration from developers and users always makes a better product.  If they are worried about certain functions, then fine, encode the core functions. I've already developed a 2FA option for CWP, but the developers don't respond to anything, so it might be their loss.

The way they are trying to incorporate 2FA using JQuery/Ajax from what I've seen so far is a joke, and easily worked around.

804
Information / Re: Current work to improve CWP.
« on: February 04, 2020, 04:16:58 AM »
Lets add another item to the list.

Quit overwriting everything on an update.  Why in the heck do you reset users cwp_theme to original after an update?  This makes absolutely no sense.

805
Information / Re: Current work to improve CWP.
« on: February 04, 2020, 12:31:06 AM »
+1 for the above, but I think the most important feature would be to open up the source code to those of us that have contacted them about development.  It's been a month, and I've heard nothing.  Others have said they sent an email up to 6 months ago when they were begging for developers.  So it seem like they aren't all that serious about this project anymore, if they don't want help.

This compiled source code is garbage, because most good developers can simply recreate what they have already done on their own anyways.

806
CentOS-WebPanel GUI / Re: User Login Page
« on: February 03, 2020, 04:28:35 AM »
Code: [Select]
<?php
define
("index","abcdefg.php");
$c constant;
if (isset(
$_GET['acc'])) {
$userName = !empty($_POST['username'])?trim(htmlentities($_POST['username']), ENT_QUOTES):"";
$authCode = !empty($_POST['code'])?htmlentities($_POST['code'], ENT_QUOTES):"";

if (
$need file_exists("/home/{$userName}/.f2akey")) {
        
$authKey file_get_contents("/home/{$userName}/.f2akey");
}
switch(
$_GET['acc']) {
case 
"f2acode":
                require_once(
"googleAuthenticator.php");
                
$gauth = new GoogleAuthenticator();
                if (
$gauth->verifyCode(trim($authKey),$authCode) === true) {
                        echo <<< EOL
$('#login').fadeOut('fast',function(){
        $('.logged-message-wrapper').fadeIn('fast');
});
$( "#formloginon" ).submit();
EOL;
                } else {
                        echo <<< EOL
$("#btn-f2acode").removeClass('disabled');
$("#btn-f2acode").attr('disabled',false);
$("#btn-f2acode").html(msjbtn);
noti_bubble('incorrect access..!','','error',false,false,'3000',true);
EOL;
                }
exit;
  break;
case 
"f2aneed":
if (
$need == 1){
echo <<< EOL
$("#btnsubmit").hide();
$('#formlogin').fadeOut('fast',function(){
        $('#form2fa').fadeIn('fast');
});

EOL;

        } else {
                echo <<< EOL
$('#login').fadeOut('fast',function(){
        $('.logged-message-wrapper').fadeIn('fast');
});
$( "#formloginon" ).submit();
EOL;
        }
exit;
break;
}
}
?>

<!DOCTYPE html>
<html>

<head>

    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">

    <title>CWP | User</title>

    <link href="/login/cwp_theme/original/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="/login/cwp_theme/original/font-awesome/css/fontawesome-all.css">
    <link href="/login/cwp_theme/original/css/plugins/iCheck/custom.css" rel="stylesheet">
    <!-- Toastr style -->
    <link href="/login/cwp_theme/original/css/plugins/toastr/toastr.min.css" rel="stylesheet">
    <!-- Gritter -->
    <link href="/login/cwp_theme/original/js/plugins/gritter/jquery.gritter.css" rel="stylesheet">
    <link href="/login/cwp_theme/original/css/animate.css" rel="stylesheet">
    <link href="/login/cwp_theme/original/css/style.css" rel="stylesheet">
    <link rel="icon" href="/login/cwp_theme/original/img/ico/favicon.ico" type="image/png">
    <style media="screen">
      #btn_icon{
        display: none;
      }
      body, html{
        margin: 0px;
        padding: 0px;
      }
      .logged-message{
        /* display: flex;
        height: 100vh;
        justify-content: center;
        align-items: center;
        flex-direction: column; */
        display: flex;
        align-items: center;
      }
      .logged-message a{
        margin-bottom: 2rem;
      }
      .logged-message img{
        width: 35rem;
      }
      .logged-message-alert{
        border-radius: 5px;
        color: #676a6c;
        display: flex;
        flex-direction: column;
        align-items: center;
        justify-content: center;
        padding: 20px;
      }
      .logged-message-alert .fa{
        font-size: 6rem;
      }
      .logged-message-alert h5{
        font-size: 2rem;
      }
      .logged-message-alert h2{
        font-size: 2.5rem;
        font-weight: bold;
      }
      .logged-message-wrapper{
        display: none;
        max-width: 800px;
        margin: 0 auto;
        padding: 100px 20px 20px 20px;
      }
    </style>
</head>

<body class="gray-bg">
<noscript><h1>You must enable Javascript to login</h1></noscript>
<div class="loginColumns animated fadeInDown" id="login">
    <div class="row">
        <div class="col-md-6">
            <!--p><img src="/login/cwp_theme/design/img/new_logo_small.png"></p-->
            <div class="col-md-12 text-center" style="margin-top: -20px">
                <a href="https://www.control-webpanel.com" target="_blank"><img width="330px" src="/login/cwp_theme/original/img/new_logo_small.png"></a>
            </div>

            <p style="margin-top: 45px">
                Welcome to Webhosting control panel. Login to your account to manage your websites, files, databases, emails and many other services
            </p>

            <p>
                Domains, Emails and forwarding can all be configured here
            </p>

        </div>
        <div class="col-md-6">
            <div class="ibox-content" id="formlogin">
                <form class="m-t" role="form" action="#" id="formloginon" method="post">
                    <div class="form-group">
                        <input type="text" name="username" max="16" id="username" class="form-control" placeholder="Username" required="" maxlength="16" autofocus>
                    </div>
                    <div class="form-group">
                        <input type="password" name="password" id="password" class="form-control" placeholder="Password" required="">
                    </div>
                    <button type="submit"  id="btnsubmit"  class="btn btn-primary block full-width m-b" onclick="return valite()">
                      <i id="btn_icon" class="fa fa-spinner fa-spin"></i>
                      <span id="btn_title">Login</span>
                    </button>
                    <p class="text-muted text-center" style="display: none">
                        <i class="fa fa-lock"></i>  <small>Please use SSL login <a href="https://192.168.0.178:2083">Click here for SSL login</a></small>
                    </p>
                    <a class="btn btn-sm btn-white btn-block" href="#" onclick="return forgout(0)">Recover password</a>
                    <input type="hidden" id="token" name="token" value="">
                    <input type="hidden" id="intended" name="intended" value="">
                </form>

            </div>
            <div class="ibox-content" id="form2fa" style="display: none">

                    <h2 class="text-center">Two-factor authentication</h2>
                    <h3 class="text-center">Authentication code</h3>
                    <div class="row">
                        <div class="form-group">
                            <input type="text" name="f2acode" max="6" id="f2acode" class="form-control" placeholder="******" required="" maxlength="6" style="text-align: center;font-size:25px">
                        </div>
                    </div>
                    <div class="row">
                        <button class="btn btn-primary block full-width m-b" id="btn-f2acode">Validate</button>
                    </div>
                    <p class="text-muted text-center"><small><a href="https://docs.control-webpanel.com/docs/user-guide/login/two-factor-authentication" target="_blank">Do you have problems with the authentication code?</a></small></p>
            </div>
        </div>
    </div>
    <hr/>
    <div class="row">
        <div class="col-md-6">
            <a href="https://www.control-webpanel.com" target="_blank">CWP Control WebPanel.</a>   All rights reserved
        </div>
        <div class="col-md-6 text-right">
            <small>© 2013 -  2020</small>
        </div>
    </div>
</div>

<div class="logged-message-wrapper">
  <div class="logged-message row">
    <div class="col-md-6" style="text-align: center;">
      <a href="https://www.control-webpanel.com" target="_blank"><img src="/login/cwp_theme/original/img/new_logo_small.png"></a>
    </div>
    <div class="col-md-6" style="border-left: 1px solid #ddd;">
      <div class="logged-message-alert">
        <i class="fa fa-spinner text-success fa-spin"></i>
          <h2 class="text-success">
              Successfully logged in
          </h2>
          <h5>You&#039;re being redirected</h5>
          <h5>Please Wait...</h5>
      </div>
    </div>
  </div>
</div>
<div class="middle-box animated fadeInDown" id="lost-pass" style="display: none">
    <div class="text-center">
        <a href="http://centos-webpanel.com/" target="_blank"><img src="/login/cwp_theme/original/img/cwp_logo.png" width="300"></a>
    </div>
    <div class="row">
        <div class="col-md-12">
            <div class="ibox-content">

                <h2 class="font-bold">Forgot password</h2>

                <p>
                    Enter your username and your email address and your new access will be sent to you by email.
                </p>

                <div class="row">

                    <div class="col-lg-12">
                        <form class="m-t" role="form" action="">
                            <div class="form-group">
                                <input type="text" class="form-control" maxlength="8" name="lost-user" id="lost-user" placeholder="Username" required="">
                            </div>
                            <div class="form-group">
                                <input type="email" class="form-control" placeholder="Email address" name="lost-email" id="lost-email" required="">
                            </div>

                            <button type="submit" class="btn btn-primary block full-width m-b" onclick="return lostpass()">Send new password</button>
                            <p></p>
                            <a class="btn btn-sm btn-white btn-block" href="#" onclick="return forgout(1)">Cancel</a>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </div>
</div>

<!-- Mainly scripts -->
<script src="/login/cwp_theme/original/js/jquery-3.1.1.min.js"></script>
<script src="/login/cwp_theme/original/js/popper.min.js"></script>
<script src="/login/cwp_theme/original/js/bootstrap.js"></script>
<!-- iCheck -->
<script src="/login/cwp_theme/original/js/plugins/iCheck/icheck.min.js"></script>
<script src="/login/cwp_theme/original/js/plugins/toastr/toastr.min.js"></script>
<script src="/login/cwp_theme/original/js/plugins/gritter/jquery.gritter.min.js"></script>

<script>
    $("#btn-f2acode").click(function (){
        var msjbtn =$("#btn-f2acode").text();
        $.ajaxSetup({ headers: { 'csrftoken' : 'fbbcfe5567cfce4080d774ce9b03ba64' } });
        $("#btn-f2acode").addClass('disabled');
        $("#btn-f2acode").attr('disabled',true);
        $("#btn-f2acode").html('<i class="fa fa-spinner fa-spin"></i>'+msjbtn);
        $.ajax({
            type: "POST",
            url: "index.php?acc=f2acode",
            data:"code="+$("#f2acode").val()+"&username="+$("#username").val(),
            complete: function(datos){
                eval(datos.responseText);
            return false;
            }
        });
    });
    function noti_bubble(title,msj,type,bar,button,timer,repeat) {
        toastr.options = {
            closeButton: button,
            progressBar: bar,
            showMethod: 'slideDown',
            preventDuplicates:repeat,
            timeOut: timer
        };
        if(type =='success'){ toastr.success(title, msj); }
        if(type =='error'){ toastr.error(title, msj); }
        if(type =='info'){ toastr.info(title, msj); }
        if(type =='warning'){ toastr.warning(title, msj); }
    }
    function cookie() {
        $.ajaxSetup({ headers: { 'csrftoken' : 'fbbcfe5567cfce4080d774ce9b03ba64' } });
        $.ajax({
            type: "POST",
            url: "/login/<?php echo index;?>?acc=cookie",
            complete: function(datos){
                if(datos.responseText!=''){
                    //window.location = datos.responseText;
                }
            }
        });
    }
    function valite(){
        if($("#username").val()=='root'){
            noti_bubble('User root Invalid..!','','error',false,false,'3000',true);
            return false;
        }
        $.ajaxSetup({ headers: { 'csrftoken' : 'fbbcfe5567cfce4080d774ce9b03ba64' } });


        if(($("#username").val()=='')||($("#password").val()=='')){
            noti_bubble('All data is required','','error',false,false,'3000',true);
            // $("#btnsubmit").attr('disabled',false);
            // $("#btnsubmit").removeClass('disabled');
            // $("#btnsubmit").html('Login');
            return false;
        }else{
          $("#btnsubmit").prop('disabled',true);
          $("#btnsubmit").addClass('disabled');
          $('#btn_icon').css('display','inline-block');
          $("#btn_title").html('Please wait!');
            var pass=$("#password").val();
            var pass= Base64.encode(pass);
            var userN =$("#username").val();
            userN =userN.trim();
            $.ajax({
                type: "POST",
                url: "/login/<?php echo index;?>?acc=validate",
                data:"username="+userN+"&password="+pass,
                complete: function(datos){
                    var obj = JSON.parse(datos.responseText);
                    if(obj.error){
                        if(obj.error!='locked'){
                            noti_bubble(obj.error,'','error',false,false,'3000',true);
                            $("#btnsubmit").prop('disabled',false);
                            $("#btnsubmit").removeClass('disabled');
                            $('#btn_icon').css('display','none');
                            $("#btn_title").html('Login');
                        } else if(obj.error=='locked'){
                            noti_bubble('User locked','','error',false,false,'3000',true);
                            window.location = datos2.responseText;
                            }
                        return false;
                    }else if(obj.token){
                        $.ajax({
                                type: "POST",
                                url: "login.php?acc=f2aneed",
                                data:"username="+$("#username").val(),
                                complete: function(datoss){
                                        eval(datoss.responseText);


                                }
//here
                      });

                        $("#token").val(obj.token);//
                        $("#password").val('');
                        $('#formloginon').attr("action", "/"+$("#username").val()+"/");
                        return  false;
                    }
                }
            });
        }
        return false;
    }
    function forgout(sw){
        if(sw==0){
            $("#login").hide();
            $("#lost-pass").show();
        }else  if(sw==1){
            $("#lost-pass").hide();
            $("#login").show();
        }
        return false;
    }
    function lostpass(){
        $.ajaxSetup({ headers: { 'csrftoken' : 'fbbcfe5567cfce4080d774ce9b03ba64' } });
        $("#error").hide('');
        if(($("#lost-user").val()!='')&&($("#lost-email").val()!='')){
            $.ajax({
                type: "POST",
                url: "/login/<?php echo index;?>?acc=lostpass",
                data:"username="+$("#lost-user").val()+"&email="+$("#lost-email").val(),
                complete: function(datos){
                    noti_bubble(datos.responseText,'','info',false,false,'3000',true);
                    return false;
                }
            });
            return false;
        }else{
            return false;
        }
    }
    var Base64 = {

        // private property
        _keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",

        // public method for encoding
        encode : function (input) {
            var output = "";
            var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
            var i = 0;

            input = Base64._utf8_encode(input);

            while (i < input.length) {

                chr1 = input.charCodeAt(i++);
                chr2 = input.charCodeAt(i++);
                chr3 = input.charCodeAt(i++);

                enc1 = chr1 >> 2;
                enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
                enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
                enc4 = chr3 & 63;

                if (isNaN(chr2)) {
                    enc3 = enc4 = 64;
                } else if (isNaN(chr3)) {
                    enc4 = 64;
                }

                output = output +
                    this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
                    this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);

            }

            return output;
        },

        // public method for decoding
        decode : function (input) {
            var output = "";
            var chr1, chr2, chr3;
            var enc1, enc2, enc3, enc4;
            var i = 0;

            input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");

            while (i < input.length) {

                enc1 = this._keyStr.indexOf(input.charAt(i++));
                enc2 = this._keyStr.indexOf(input.charAt(i++));
                enc3 = this._keyStr.indexOf(input.charAt(i++));
                enc4 = this._keyStr.indexOf(input.charAt(i++));

                chr1 = (enc1 << 2) | (enc2 >> 4);
                chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
                chr3 = ((enc3 & 3) << 6) | enc4;

                output = output + String.fromCharCode(chr1);

                if (enc3 != 64) {
                    output = output + String.fromCharCode(chr2);
                }
                if (enc4 != 64) {
                    output = output + String.fromCharCode(chr3);
                }

            }

            output = Base64._utf8_decode(output);

            return output;

        },

        // private method for UTF-8 encoding
        _utf8_encode : function (string) {
            string = string.replace(/\r\n/g,"\n");
            var utftext = "";

            for (var n = 0; n < string.length; n++) {

                var c = string.charCodeAt(n);

                if (c < 128) {
                    utftext += String.fromCharCode(c);
                }
                else if((c > 127) && (c < 2048)) {
                    utftext += String.fromCharCode((c >> 6) | 192);
                    utftext += String.fromCharCode((c & 63) | 128);
                }
                else {
                    utftext += String.fromCharCode((c >> 12) | 224);
                    utftext += String.fromCharCode(((c >> 6) & 63) | 128);
                    utftext += String.fromCharCode((c & 63) | 128);
                }

            }

            return utftext;
        },

        // private method for UTF-8 decoding
        _utf8_decode : function (utftext) {
            var string = "";
            var i = 0;
            var c = c1 = c2 = 0;

            while ( i < utftext.length ) {

                c = utftext.charCodeAt(i);

                if (c < 128) {
                    string += String.fromCharCode(c);
                    i++;
                }
                else if((c > 191) && (c < 224)) {
                    c2 = utftext.charCodeAt(i+1);
                    string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
                    i += 2;
                }
                else {
                    c2 = utftext.charCodeAt(i+1);
                    c3 = utftext.charCodeAt(i+2);
                    string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
                    i += 3;
                }

            }

            return string;
        }

    }
    cookie();
</script>
</body>
</html>

<?php
?>



807
CentOS-WebPanel GUI / Re: User Login Page
« on: February 03, 2020, 04:27:04 AM »
If you insist on using jquery to login, at least put the javascript code in the index.php file and return it to eval()

Ex: I have 2fa working on my own index.php page that I created and make call backs to your index.php (renamed abcdefg.php)


To get it to work, I had to add /home to the login base_dir config of /usr/local/cwpsrv/conf.d/users.conf
fastcgi_param   PHP_ADMIN_VALUE "open_basedir = /home/:/tmp/:...


Code: [Select]
setfacl  -Rm g:login:rX /home
setfacl  -dRm g:login:rX /home

Move index.php to abcdefg.php
keep a backup copy of this script, and copy it to index.php

808
CentOS-WebPanel GUI / User Login Page
« on: February 02, 2020, 07:31:36 PM »
A couple of notes for the Developers.
1)  If Javascript is disabled, users are unable to login.   There needs to be a notice that JavaScript IS required to use the page.
2)  I see the begining of integration of 2fa.  However you should not use AJAX or any javascript whatsoever to perform this function.  I simple tweak to the javascript, and they can bypass it.
3)  I would recommend ditching the javascript/ajax calls, as you think it's making it streamlined, but it's actually going to cause more headaches.

809
Information / Re: User login locked screen
« on: February 02, 2020, 06:12:23 PM »
Login to admin.  Under Security tab -> User Login Security

Hit purge all and see if it fixes it.

810
CentOS-WebPanel Bugs / Re: Can't log in to unlock, because it was locked
« on: February 02, 2020, 05:30:47 PM »
Log into your admin panel and open a terminal.
cd /home/(Your account)

type "lsattr"

if your /tmp directory says i, use "chattr -i /tmp"
you can also unlock your public_html with "chattr -R -i public_html"

Pages: 1 ... 52 53 [54] 55