Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - itmonitor

Pages: [1] 2
1
Informations / Re: How to enable CWP Panel packages auto update
« on: April 24, 2019, 07:30:59 AM »
Please, what is the code I should add in the crontab to make the server reboot after it had done all the updates?

Hi, nope. I do not think so.
But you can add some cronjob (under root user) like the below one:
Code: [Select]
* * */1 * * yum -y -q update 2>/dev/null

2
@adamjedgat thank you for the reply :-) @gtman I reboot the server and the problem goes away. Thank you for the help.

3
Informations / CWP "Danger hidden processes" message will not go away
« on: April 23, 2019, 07:28:14 AM »
Hi!

Every time I log into CWP Panel, there is this message "Danger: Hidden Processes - SECURITY ISSUE". I click on the hyperlink "here" and it opens a page where I click the green button "Enable Protection". I do this for every user listed in the drop-down menu in this CWP Panel page. I click on the X to close the warning message "Danger: Hidden Processes - SECURITY ISSUE" will never go away. On testing each user, all have Status Active Permanent Enabled.

However, when I login into the CWP Panel the next day, there it is again the warning message "Danger: Hidden Processes - SECURITY ISSUE". I check the users, all are Permanent Enabled.

Please, any advice to fix this issue is welcome.

rgs.

4
Informations / Re: How to enable CWP Panel packages auto update
« on: April 23, 2019, 07:20:14 AM »
Hi Igor, thank you! :-)

Hi, nope. I do not think so.
But you can add some cronjob (under root user) like the below one:
Code: [Select]
* * */1 * * yum -y -q update 2>/dev/null

5
Informations / Re: How to enable CWP Panel packages auto update
« on: April 18, 2019, 07:00:45 PM »
The packages listed at CWP>yum manager>List of Available Packages for Update.

Is there a way to set them to update automatically once they are available or alternatively, once per day at a certain hour?

6
Informations / Re: CWP email send on login
« on: April 14, 2019, 05:38:25 PM »
ok, thank you.

7
Installation / Re: Adding CAA record on CWP
« on: April 14, 2019, 05:27:47 PM »
it works. Thank you.  :)

8
Apache / Re: HSTS in CWP
« on: April 14, 2019, 01:33:01 PM »
Hi, thank you.

9
thank you.

10
Informations / How to enable CWP Panel packages auto update
« on: April 13, 2019, 09:24:23 AM »
Hi, please how to enable packages autoupdate for CWP Panel?

11
Apache / Re: HSTS in CWP
« on: April 13, 2019, 09:19:22 AM »
Hi, please, any advice is welcome. Looking forward to your replies.

12
Apache / HSTS in CWP
« on: April 10, 2019, 03:21:43 PM »
Hi! Not sure this is the right forum. Could anybody point me to instructions on how to setup HSTS in CWP?

Any advice is welcome.

Rgs

IM

13
Informations / Re: CWP email send on login
« on: March 18, 2019, 02:19:06 PM »
Login in what services..??
Login at CWP.

14
Hello. We are trying to install AutoSSL certificates through CWP. After some trials and with the help of the Let's Encrypt support, seems like CWP is merging the cert.pem and fullchain.pem . This results in duplicate SSL installs for a domain and increases website load time. Please, see the thread here https://community.letsencrypt.org/t/lets-encrypt-outlook-office-365-target-principal-name-is-incorrect/88942/6

also, when installing an AutoSSL certificate through CWP, it will install but will not display in the CWP SSL cert list page.

On my side, I am ready to cooperate with CWP to find/solve any bugs - if any.

Any advice to solve those issues is welcome.

IM

15
Mod_Security / OWASP is triggering on Roundcube login in CWP
« on: March 14, 2019, 08:39:20 PM »
Hi!

OWASP triggers on a xss attack and blocks email sending/forwarding in Roundcube. It will work only when I disable mod_security. Please, any advice to sole this issue is welcome.

Code: [Select]
[Thu Mar 14 21:17:20.802643 2019] [:error] [pid 22926:tid 140178286909184] [client 95.90.228.143:1153] [client 95.90.228.143] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\ballowscriptaccess\\\\b|\\\\brel\\\\b\\\\W*?=" at ARGS:_message. [file "/usr/local/apache/modsecurity-owasp-old/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "304"] [id "973301"] [rev "2"] [msg "XSS Attack Detected"] [data "Matched Data: rel= found within ARGS:_message: <p>test</p>\\x0d\\x0a<div id=\\x22_rc_sig\\x22>&nbsp;</div>\\x0d\\x0a<p>&nbsp;</p>\\x0d\\x0a<p>el 2019-03-14 13:27, ;:</p>\\x0d\\x0a<blockquote><!-- html ignored --><!-- head ignored --><!-- meta ignored -->\\x0d\\x0a<div class=\\x22pre\\x22>gracias, cual es el numero del booking del cami&oacute;n y el numero del contenedor? no los encuentro en el fichero que me enviaste.<br /> <br /> <br /> j. sobota <br /> aksert <br /> t: +49 6132 977197 | f: +4..."] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "www.www.www
"] [uri "/webmail/"] [unique_id "xxx"], referer: http://xxx.xxx.xxx/webmail/?_task=mail&_action=compose&_id=15578827575c8ab6cb5ce70

Pages: [1] 2