Messages

961

Information / Re: Install or download older version of CWP?

« on: January 26, 2023, 12:37:58 AM »

Not recommended, as 0.9.8.11.47 and previous contained a 9.8 severity exploit potential.

962

CSF Firewall / Re: How to Prevent CWP BruteForce?

« on: January 26, 2023, 12:36:10 AM »

Right, I do that too in CSF. I simply follow the guidance of looking up the top 10 hacking country sources and apply those as the CC_DENY list, minus any countries that may be clients or browser visitors on the server. I just wanted to avoid "naming names" here so as not to offend anyone on the forum who may happen to reside in those countries

963

Migration from other control panels / Re: MYSQL database and usernames too short on CWP

« on: January 25, 2023, 06:18:00 AM »

DOS filenames look lengthy by comparison -- 8 characters AND a three character extension! Wowzer!

964

MySQL / Re: mysql create/list problem

« on: January 24, 2023, 02:02:49 AM »

admin panel or user panel?

965

CSF Firewall / Re: How to Prevent CWP BruteForce?

« on: January 23, 2023, 06:42:59 PM »

3. How to change the control panel ports: 2083, 2087, 2030, 2031 to something different? Thanks

I too am a cPanel migrant as of a few years back; now I am all-in on CWP (apart from 2 servers that are purpose-built and have Webmin for a web panel). You can definitely do away with port 2087, as that is just there to "ape" WHM's port choice. I would also also suggest doing away with port 2030, as vanilla http connections should always be upgraded to https versions where possible. Simply eliminating 2087 and 2030 in the firewall rules will suffice to end some attacks. I run with just 2083 & 2031 active.

966

CentOS 7 Problems / Re: CWP Apache domlogs cover 50% of my disk

« on: January 23, 2023, 06:32:18 PM »

It shouldn't; it's a new file you create in the /etc/logrotate.d directory which is a CentOS system directory.
CWP has an interface for creating/managing logrotate jobs under File Management > Logrotate Manager.

967

CentOS 6 Problems / Re: How to disable apache error_log in cwp?

« on: January 23, 2023, 04:42:45 AM »

did you think about fixing the errors instead disable the log?

This is sage advice!
But you can always truncate your error_log to zero bytes:

Code: [Select]

truncate -s0 /wherever/logs/error_logThen consider implementing logrotate so as to keep say 4 weekly (compressed) log files that are turned over and won't grow into huge, out-of-control sizes.

968

FTP / Re: Change home directory for anonymous login

« on: January 23, 2023, 12:55:21 AM »

I started with ProFTPd, did a quick dabble with WS-FTP then pretty quickly jumped ship over to pure-ftpd. Lean, mean FTP in its purest form -- secure but lots of features. So I was glad to see it included with CWP as a bullet point, but as states I don't use FTP anymore (and have FTP running on an alternate port on only one server -- the better to avoid script kiddie scans).

969

CentOS-WebPanel Bugs / Re: goaccess statistic report for monthly has no data

« on: January 23, 2023, 12:41:17 AM »

I can confirm that on all 3 of my CWP servers, the monthly directories are empty. (I have daily and weekly entries aplenty.) So that would imply it is a default configuration that needs to be changed. I haven't looked into it, because it's not something of critical importance to me nor the end users on the server.

970

Other / Re: Create new disk (home2) because /home is full

« on: January 23, 2023, 12:38:45 AM »

I think you would have to do a virtual filesystem for what you are proposing to do...

971

iptables / Re: ssh brute force attacks to random ports/users

« on: January 23, 2023, 12:37:37 AM »

I HIGHLY recommend NOT running sshd on either ports 22 nor 2222 -- as FritzFrog and others scan those ports. Script kiddies will pound your server all day long on port 22, so in this case, you can have a measure of security by obscurity by running sshd on an alternate port.

972

Nginx / Re: ModSecurity not working with NGINX

« on: January 23, 2023, 12:32:03 AM »

Unfortunately, it's not free:

The NGINX ModSecurity WAF is available to NGINX Plus customers as a downloaded dynamic module at an additional cost. You can try the NGINX ModSecurity WAF free for 30 days. To purchase or add the NGINX ModSecurity WAF to an existing NGINX Plus subscription, contact the NGINX sales team.

973

CentOS 5 Problems / Re: Continuous reduction of hosting space

« on: January 22, 2023, 08:43:30 PM »

And consider implementing logrotate so you don't wind up with ever-bloating log files. Keep 7 (or at least 4) compressed logs, rotated weekly. Then you can still look back at errors, traffic patterns, or security breaches but not have to contend with log bloat!

974

How to / Re: Upgrade PhpMyAdmin

« on: January 22, 2023, 08:37:51 PM »

Things I don't want tidied up/reverted behind my back simply get a

Code: [Select]

chattr +i <file>or

Code: [Select]

chattr +i <directory>So in this case:

Code: [Select]

chattr +i /usr/local/cwpsrv/var/services/pma/

975

DNS / Re: DigitalOcean DNS or CWP7 DNS?

« on: January 22, 2023, 08:34:31 PM »

Cloudflare 
Definitely not CWP DNS, in my experience. They simply can't replicate the worldwide redundancy of local resolvers near your server and near the end users.
1.1.1.1
1.0.0.1