This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
CentOS 7 Problems / Re: Pure-FTP fails to run
« on: January 12, 2025, 05:11:31 PM »Hello,
Has anyone found a solution?
What many don't say is that they try something and it doesn't work. They don't know what they did and then only say on the forum where they got stuck. A little focus never hurt anyone!
However, when we encounter:
Code: [Select]
systemd[1]: pure-ftpd.service: Can't open PID file /var/run/pure-ftpd.pid (yet?) after start: No such file or directory
Or by:
Code: [Select]
pure-ftpd[403394]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem
Here's how I solved the problem:
Edit the conf:
Code: [Select]
nano /etc/pure-ftpd/pure-ftpd.conf
Comment this lines (go down!):
Code: [Select]
#TLS 1
#TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3
#CertFile /etc/pki/tls/private/hostname.pem
Then edit the service:
Code: [Select]
nano /usr/lib/systemd/system/pure-ftpd-init.service
Comment this line:
Code: [Select]
#ConditionPathExists=|!/etc/pki/pure-ftpd/pure-ftpd.pem
Change this line:
Code: [Select]
ExecStart=/usr/bin/sscg --ca-file /etc/pki/pure-ftpd/ca.crt --cert-file /etc/pki/pure-ftpd/pure-ftpd.pem --cert-key-file /etc/pki/pure-ftpd/pure-ftpd.pem
With this one:
Code: [Select]
ExecStart=/bin/sh -c 'cat /etc/pki/tls/certs/hostname.cert /etc/pki/tls/private/hostname.key > /etc/pki/pure-ftpd/pure-ftpd.pem'
Save it and then:
Code: [Select]
systemctl daemon-reload
systemctl start pure-ftpd-init.service
systemctl status pure-ftpd-init.service
systemctl restart pure-ftpd.service
systemctl status pure-ftpd.service
Then reboot!
What was it about? An incompatibility between pure-FTPd and CWP related to certificate and key management.
The root of the problem with pure-ftpd.pid also applies to Nginx! But that's in another thread!
Don't despair, I'm here to be the friendliest helper in our community!
2
Nginx / Re: How to update NGINX version to version 1.26.2
« on: January 09, 2025, 10:06:42 PM »Thanks, that's great! You should contribute more!
In fact, know that this is also my thought since the beginning of the year. I have been here in the community for many years and I have not contributed from my experience, until now. Think about it, I'm a fan of CWP after getting fed up with CPanel/WHM, and because all the hosting companies in my country promote them, but also because their license costs don't justify sacrificing the resources of a machine for a control panel + other reasons. I'm not even talking about the others with similar tools. CWP has something special and it pleases me!
The community should relax, I'm here too from now on and I'm going to contribute everywhere.
Have you seen how many unanswered topics are on here? You don't know how many times I couldn't find any solution here or anywhere online and solved the problem myself.
Man, we almost have an open source control panel here. We help each other! There is no such thing in the official competition forums! They get official help. Here... they are too busy to offer something like that (or unprofessional?)...
Respect @Sandeep !
3
Nginx / How to update Nginx to latest stable version in CWP + AlmaLinux 8
« on: January 08, 2025, 01:48:39 PM »
I just want to fill in, I already updated nginx to the latest version on 4 servers and for those with CWP + Almalinux 8 the best solution is here:
https://www.alphagnu.com/topic/55-how-to-install-latest-stablemainline-nginx-in-cwp-centos-89-stream-almalinux-89-rockylinux-89/
First of all I find this commands, to disable and remove installed nginx, much more reliable:
Second, nginx.repo is recommended for public servers to install nginx stable version not mainline because not all mainline updates are fully tested. That said, you can use the Yum Manager to edit the nginx.repo repository or the terminal:
And then add this repository for official stable version of nginx:
Attention Almalinux users dnf and yum are not 100% the same thing. The dnf command is official in Almalinux and yes compatibility with yum is kept for those who have transitioned from Centos, but in a fresh install it is recommended to use dnf when processing installations or uninstalls for 100% compatibility with Almalinux and Centos Web Panel.
So, to proceed with the installation of the latest stable version of nginx, run the commands:
As a CWP client, you must rebuild the webserver after updating. It is advisable to make a backup of at least the configurations in /etc/nginx/nginx.conf, although I recommend a more compact backup:
Want to know what vulnerabilities nginx 1.14.2 has? See them here:
https://www.cybersecurity-help.cz/vdb/nginx/nginx/1.14.2/
BONUS!
My version of nginx.conf optimized for 2025 with Nginx version 1.26.2 (more tweaks can be made, but these are safe and CWP compatible):
https://www.alphagnu.com/topic/55-how-to-install-latest-stablemainline-nginx-in-cwp-centos-89-stream-almalinux-89-rockylinux-89/
First of all I find this commands, to disable and remove installed nginx, much more reliable:
Code: [Select]
sudo dnf module disable nginx -y
sudo dnf remove nginx* -y
Second, nginx.repo is recommended for public servers to install nginx stable version not mainline because not all mainline updates are fully tested. That said, you can use the Yum Manager to edit the nginx.repo repository or the terminal:
Code: [Select]
sudo > /etc/yum.repos.d/nginx.repo
sudo nano /etc/yum.repos.d/nginx.repo
And then add this repository for official stable version of nginx:
Code: [Select]
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
Attention Almalinux users dnf and yum are not 100% the same thing. The dnf command is official in Almalinux and yes compatibility with yum is kept for those who have transitioned from Centos, but in a fresh install it is recommended to use dnf when processing installations or uninstalls for 100% compatibility with Almalinux and Centos Web Panel.
So, to proceed with the installation of the latest stable version of nginx, run the commands:
Code: [Select]
sudo dnf install nginx -y
sudo systemctl enable nginx
sudo systemctl restart nginx
As a CWP client, you must rebuild the webserver after updating. It is advisable to make a backup of at least the configurations in /etc/nginx/nginx.conf, although I recommend a more compact backup:
Code: [Select]
sudo cp -r /etc/nginx /etc/nginx.pre-upgrade
Want to know what vulnerabilities nginx 1.14.2 has? See them here:
https://www.cybersecurity-help.cz/vdb/nginx/nginx/1.14.2/
BONUS!
My version of nginx.conf optimized for 2025 with Nginx version 1.26.2 (more tweaks can be made, but these are safe and CWP compatible):
Code: [Select]
user nobody;
worker_processes auto;
#worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log crit;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
# Dezactivează afișarea informațiilor despre server
server_tokens off;
# Include MIME types (nu adăugăm duplicat)
include mime.types;
default_type application/octet-stream;
# Configurări pentru timeout și buffer
sendfile on;
tcp_nopush on;
tcp_nodelay on;
client_header_timeout 3m;
client_body_timeout 3m;
client_max_body_size 256m;
client_header_buffer_size 4k;
client_body_buffer_size 256k;
large_client_header_buffers 4 32k;
send_timeout 3m;
keepalive_timeout 60 60;
reset_timedout_connection on;
server_names_hash_max_size 1024;
server_names_hash_bucket_size 1024;
ignore_invalid_headers on;
connection_pool_size 256;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
# Compresie GZIP
gzip on;
gzip_vary on;
gzip_disable "msie6";
gzip_proxied any;
gzip_min_length 512;
gzip_comp_level 6;
gzip_buffers 8 64k;
gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype;
# Configurări SSL
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+AESGCM:EECDH+aRSA+AESGCM:!RC4:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
# Proxy settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_buffers 32 4k;
proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m;
proxy_cache_key "$host$request_uri $cookie_user";
proxy_temp_path /var/cache/nginx/temp;
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_valid any 1d;
# Setări open_file_cache
open_file_cache_valid 120s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
open_file_cache max=5000 inactive=30s;
open_log_file_cache max=1024 inactive=30s min_uses=2;
# Limitare de rată pentru cereri abuzive
limit_req_zone $binary_remote_addr zone=limit_zone:10m rate=10r/s;
# Evitare cache pentru utilizatorii autentificați WordPress
map $http_cookie $no_cache {
default 0;
~SESS 1;
~wordpress_logged_in 1;
}
# Logs
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format bytes '$body_bytes_sent';
#access_log /var/log/nginx/access.log main;
access_log off;
# Includem fișierele suplimentare de configurare
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/cloudflare.inc;
}
4
Updates / Re: Notification: Available updates - SECURITY ISSUE
« on: December 13, 2024, 12:44:30 PM »
There are some characters here on the forum who should refrain if they don't feel like helping. Putting yourself above the needy is clearly an act of poor education and low intelligence.
Like many others, we have these false positive notifications about available updates in Yum Manager.
Please refrain if you do not want to debate and help.
So what can cause CWP to announce updates that are no longer valid? Why does removing the "read" notifications not stop CWP from still announcing that the machine has updates available?
Like many others, we have these false positive notifications about available updates in Yum Manager.
Please refrain if you do not want to debate and help.
So what can cause CWP to announce updates that are no longer valid? Why does removing the "read" notifications not stop CWP from still announcing that the machine has updates available?
5
How to / Re: Upgrade PhpMyAdmin
« on: November 28, 2024, 07:53:50 AM »
Hi there!
I have CWP + Almalinux 8.10 and I just wanna help others who will come this days for:
I have CWP + Almalinux 8.10 and I just wanna help others who will come this days for:
- Upgrade PHPMyAdmin in CWP: https://web.archive.org/web/20230129015402/https://www.uxlinux.com/how-to-update-phpmyadmin-latest-version-on-cwp-centos-webpanel/
- Upgrade MariaDB 10.X to 10.11: https://www.alphagnu.com/topic/548-upgrade-mariadb-105-to-11/
- Autologin problems? That help me: "Sandeep says: you need to login with password then phpmyadmin autologin will work."
From our forum: http://forum.centos-webpanel.com/centos-webpanel-bugs/error-when-accessing-phpmyadmin-from-the-user-side/msg34930/#msg34930
6
Updates / Re: Why not implement TLS 1.3 support per default
« on: July 29, 2024, 11:40:20 AM »There is a simple way to enable this, along with HTTP/2.0 & ALPN:
https://www.mysterydata.com/how-to-enable-tls-1-3-in-apache-on-cwp-control-web-panel-centos-7-centos-8-el7-el8/
New destination of this recommendation is https://www.alphagnu.com/topic/47-how-to-enable-tls-13-in-cwp-nginx-reverse-proxy/
But... it is not so simple if you use apache / nginx /varnish
So, have someone a fresh idea how to implement TLS 1.3 in 2024?
7
Backup / Re: Restore backup
« on: July 13, 2024, 12:48:30 AM »
I'm back with good news. I managed to restore an account on a newly configured server.
The procedure involves the creation on the new server of the same user account name for which you made a backup. Then upload the username.tar.gz file to the new server in the /newbackup/full/manual/accounts/ area
Now from the CWP panel go to the Newbackup (beta) section > Restore backup tab
Tick the default location and choose Frequency: Manual, Backup: Full, User Accounts: yours and click the Restore Now button
Depending on how big your backup is, you can wait a few minutes.
Domains, emails, databases and others are successfully restored!
The Restore Backup option in the Newbackup section (beta) works!
The procedure involves the creation on the new server of the same user account name for which you made a backup. Then upload the username.tar.gz file to the new server in the /newbackup/full/manual/accounts/ area
Now from the CWP panel go to the Newbackup (beta) section > Restore backup tab
Tick the default location and choose Frequency: Manual, Backup: Full, User Accounts: yours and click the Restore Now button
Depending on how big your backup is, you can wait a few minutes.
Domains, emails, databases and others are successfully restored!
The Restore Backup option in the Newbackup section (beta) works!
8
Backup / Re: Restore backup
« on: July 12, 2024, 10:28:50 PM »
Personally, I have migrated / moved / restored many times, the server, accounts or websites on a CWP. However, I always preferred to do everything by hand.
You made me want to test the Newbackup (Beta) option, because theoretically it makes a total backup, and practically it has the possibility of restoring that backup. In addition, see for yourself that no one in the community confirms this procedure.
So far, the total backup I downloaded via FTP (logged in as user) to the local PC is ok. I chose backup per user account with all options checked. Run manually not with automatic execution (daily, weekly or monthly).
In this regard, due to specific connection configurations (SSH with key) I was forced to move the backup file to /home/username/ to be able to download it locally (with changing permissions from root to user using the chown command).
The file is loaded in the /newbackup/ folder or in the restoration process you choose another folder depending on how you uploaded it to the new server (FTP or SSH). Pay attention to the backup file, it needs root permissions, not user permissions.
So before running the restore on the new server,
I migrate the VPS from Centos 7 to Almalinux 8, and because I work on the same server, I decided to backup it, then wipe the OS and reinstall Almalinux 8, then install CWP (of course PRO) and then to restore the backup.
I'm back with news about running the procedure to restore an account backup in CWP.
PS: I'm not gullible, I also manually backed up websites, databases, emails and other custom settings from the server. I'm not worried about reconfiguring the Webserver, but just in case the automatic restore fails, I have plan B, manual restore (as I'm used to).
You made me want to test the Newbackup (Beta) option, because theoretically it makes a total backup, and practically it has the possibility of restoring that backup. In addition, see for yourself that no one in the community confirms this procedure.
So far, the total backup I downloaded via FTP (logged in as user) to the local PC is ok. I chose backup per user account with all options checked. Run manually not with automatic execution (daily, weekly or monthly).
In this regard, due to specific connection configurations (SSH with key) I was forced to move the backup file to /home/username/ to be able to download it locally (with changing permissions from root to user using the chown command).
The file is loaded in the /newbackup/ folder or in the restoration process you choose another folder depending on how you uploaded it to the new server (FTP or SSH). Pay attention to the backup file, it needs root permissions, not user permissions.
So before running the restore on the new server,
Code: [Select]
chown root:root /newbackup/username.tar.gz
if you worked non-root like I did.I migrate the VPS from Centos 7 to Almalinux 8, and because I work on the same server, I decided to backup it, then wipe the OS and reinstall Almalinux 8, then install CWP (of course PRO) and then to restore the backup.
I'm back with news about running the procedure to restore an account backup in CWP.
PS: I'm not gullible, I also manually backed up websites, databases, emails and other custom settings from the server. I'm not worried about reconfiguring the Webserver, but just in case the automatic restore fails, I have plan B, manual restore (as I'm used to).
9
CentOS-WebPanel GUI / Re: Login issues with CWP
« on: November 02, 2023, 11:41:15 AM »deleting and creating a new user worked for me.
For me was enogh just to create a new user.
Then I try to log in with the old user, and everyting was ok!
I delete the new user and Centos Web Panel for users works fine!
Pages: [1]