Messages

1

CentOS 8 Problems / Re: reboot problem

« on: January 25, 2024, 10:07:54 PM »

The 'shutdown' command is just a symlink to systemctl.
If the system does not answer 'shotdown' command, may be needed to try directly the systemctl command:

Code: [Select]

systemctl reboot
If the command does not work, you must need to investigate the logs, with the command:

Code: [Select]

journalctl -xe
If you don't undestand the logs, post the related lines here.

Regards,
Netino

2

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 13, 2024, 02:55:12 AM »

It happened to every single html webiste. Even one index.html static website, at the second click sent Forbiden.

Have you tried checking the file '/usr/local/apache/logs/modsec_audit.log', searching for what reason your sites are being blocked?

3

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 12, 2024, 01:43:17 AM »

That happened before some minutes. At every CWP PRO where I user mod_security with Comodo WAF then every site blocks every user.

So I modified it in order to fix. What do you suggest?

Are you using WordPress, with WooCommerce plugin.?!

WooCommerce was updated, and have a new cookies scheme that conflicts with Comodo WAF.
If so, try to downgrade WooCommerce to the old working version.

Regards,
Netino

4

PHP Selector / Re: Varnish reverse promxy selection by hosting client

« on: January 05, 2024, 07:35:37 PM »

No.
This is available only at root CWP panel, in Webserver Settings -> Webserver Domain conf -> select the username of your user -> Click in the button "View/Edit configuration", and choose the template of preference.

5

PHP Selector / Re: Redis Memcache with PHP-FPM Varnish

« on: January 05, 2024, 07:25:58 PM »

If somehow the redis server was installed, it may not have been activated.
Try:

Code: [Select]

# systemctl start redis


If it was enabled, you may have installed redis on another port, other than the default port 6379.
Check with:

Code: [Select]

# netstat -tupln | grep redis-server...and check if it is up and responding on port 6379.

Regards,
Netino

6

CentOS-WebPanel Bugs / Apache config file 'empty.conf' is turning Varnish unusable?

« on: December 13, 2023, 02:13:11 AM »

I tested if the varnish cache is working in my installation, like per tutorial here:
https://wiki.centos-webpanel.com/varnish-cache-test

But I checked the varnishd server is not working at all.

The file '/usr/local/apache/conf.d/empty.conf' is making varnish, nginx, Cloudflare, etc, unusable?
Has anyone else had this type of problem?

This configuration file is adding some Apache headers, to tell the proxies not to store cached pages, and asking them to fetch a new page from the server.
The headers are as follows:

File '/usr/local/apache/conf.d/empty.conf':

Code: [Select]

   (...)
    <filesMatch "\.(js)$">
        Header set Cache-Control "private"
    </filesMatch>
    <filesMatch "\.(x?html?|php)$">
        Header set Cache-Control "private, must-revalidate"
    </filesMatch>
   (...)

From google:
=============================================
Cache-Control: Private - The private response directive indicates that a resource is user specific—it can still be cached, but only on a client device. For example, a web page response marked as private can be cached by a desktop browser, but not a content delivery network (CDN).
=============================================
Cache-Control: must-revalidate - Indicates that once the resource is stale, a cache (client or proxy) must not use the response to satisfy subsequent requests without successful validation on the origin server.
=============================================

In other words, this configuration file is completely disabling caching for varnish, nginx, Cloudflare, etc.
Does this just happen to me, or is anyone else having this problem?

Regards,
Netino

7

Information / Re: Ebury trojan on all of my CWP servers

« on: March 25, 2023, 03:05:25 AM »

You can quickly check if you are infected with Ebury by checking if the file /usr/lib64/libkeystats.so exists or by running the following command through the console -

Code: [Select]

ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"

Definitely, this command to check can get a false positive.
I have several servers, I'm checking these, and just one have the file '/usr/lib64/libkeystats.so', but all my servers are being pointed as "System infected" through this command.

The file 'libkeystats.so' can just be a legitimate file from the package 'keyutils-libs-1.5.8-3.el7.x86_64', if not infected.
In Centos 7, the check can be made through the following command:

Code: [Select]

rpm -qf /lib64/libkeyutils.so.1.5
Checking the server containing the file '/usr/lib64/libkeystats.so', with the instructions of the above security sites, it's pointing the file is not infected.

The packages using it can be listed by:

Code: [Select]

rpm -q --whatrequires keyutils-libs
Regards,
Netino

8

Information / [Poll] What is your current OS version?

« on: March 07, 2023, 08:38:32 PM »

Due to the EOL of Centos 7 in 2024-06-30, and the Centos Stream 8 in 2024-05-31, several people have already migrated to another version of OS, and others not. What is your version of SO (production environment)? If you chose "Other", please specify here which OS version.

9

MySQL / Re: Can not update MariaDB - Error downloading packages

« on: February 17, 2023, 08:03:08 PM »

That sounds great, but how do I do that?

You can try this:
https://wiki.centos-webpanel.com/mariadb-upgrade-to-new-version

But it's for 10.5 version. Instead, I would try to change to version 10.6, because it's a LTV - Long Term Version.

Regards,
Netino

10

MySQL / Re: Problem Danger: MySQL - BAD CONFIGURATION DETECTED

« on: March 28, 2022, 09:36:34 PM »

If the message is claiming about "BAD CONFIGURATION DETECTED", I would check the configuration.

Type here all your mysql configuration files for us to check.
Content of files '/etc/my.cnf' and all files from folder '/etc/my.cnf.d/'.

Regards,
Netino

11

Information / Re: Your cwp forum site has an ssl error

« on: March 24, 2022, 12:51:30 AM »

today i got an error while trying to visit forum.centos-webpanel.com

NET::ERR_CERT_DATE_INVALID

just for info, maybe you fix this site and renew the cert or force a https to http redirect if you don't wanna provide a https connection.

Yes, I second that: The cert is expired since yesterday.
Hello CWP Team, the forum cert was not renewed.

Regards,
Netino

12

FTP / Re: unable to connect via ftp

« on: March 21, 2022, 02:31:29 AM »

Seems your configuration is normal.
The two following lines are showin something strange, related to the same network:

Code: [Select]

Mar 15 16:38:00 vps-2434395-x pure-ftpd: (?@190.247.116.2) [INFO] fullstre@fullstreaming.ar is now logged in
Mar 15 16:38:10 vps-2434395-x pure-ftpd: (fullstreaming@190.247.116.2) [INFO] Timeout

The first one for user 'fullstre' is logged in, but the second for the same IP address for user 'fullstreaming' is not.
The second is returning "Timeout" problem, this is related to the network.
The home directory for that user really exists?

13

FTP / Re: unable to connect via ftp

« on: March 17, 2022, 10:42:39 PM »

[root@server1 ~] # ls -alF /var/run
lrwxrwxrwx. 1 root root 6 dic  3 15:50 /var/run -> ../run/

It's just a symbolic link.
Check the real directory: ls -alF /run

14

FTP / Re: unable to connect via ftp

« on: March 16, 2022, 11:19:31 PM »

Seems you are having problem with PID file.
Check if your /var/run directory exists, and have the right permissions (0755) wih the command: ls -alF /var/run

15

CentOS 7 Problems / Re: PureFTP TLS problem

« on: March 16, 2022, 11:15:46 PM »

Hi Netino,
I've used the CWP script to install TLS on the server..
this is what is written at the end of the pure-ftpd.conf file

TLS 1
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:!SSLv3
CertFile /etc/pki/tls/private/hostname.pem

Do I need to change or add something?
thanks for helping!

The file /etc/pki/tls/private/hostname.pem must be a special file, composed by Private Key, Certificate and Intermediary Certificates.
Check that (this just can be checked by you)
If it's ok, seems your TLS configuration don't have any problem.

Try to check you /var/log/messages file, rigth after connect, issuing the following command:

Code: [Select]

# grep 'pure-ftpd' /var/log/messages | tail -50