Messages

1

Information / Re: Roundcube big security issue.

« on: Today at 06:32:48 PM »

Yes, ModSecurity.
I have Como rules installed with ModSecurity, and it is blocking these access.

Regards,
Netino

2

Information / Re: Has anyone already migrate to Almalinux8 in a CentoOS7 OpenVZ container?

« on: Today at 05:43:32 PM »

I find seems is nearly impossible, quoted from:
https://github.com/plesk/centos2alma/issues/87

Unfortunately, the news is not optimistic. We have investigated and it appears that there is no way to use Elevate (or any other Leapp-based tool) to convert the OS inside a container. This conclusion is based on two facts:

1. The Leapp upgrade process is based on the Interim System, which upgrades certain packages. It can be described as a temporary OS that replaces CentOS 7 packages with AlmaLinux 8 packages. Leapp does not modify packages inside CentOS 7 itself but rather performs preparations and reboots into an initrd OS that performs the actual transformation.
2. When we describe containers broadly, we can consider them as a form of isolation within your kernel. So it has no own bootloader, kernel or something where you could start temporary OS.
Therefore, there is no way to start the initrd inside a container. This is why the Leapp framework and as a result our current centos2alma tool cannot be used to convert the OS inside any container (e.g., Docker, Virtuozzo, etc).

Regarding vzupgrade, if I understand correctly, it is a tool to upgrade the bare-metal server that hosts virtual machines and containers. We have attempted to use it to convert a Virtuozzo container on our side without success. Additionally, there is the vzdeploy tool that can be used to convert CentOS 7 into VZLinux 7 inside a container. However, it simply reinstalls packages from the VZLinux repository within the container. As far as I can see, it cannot convert your CentOS 7 into VZLinux 8, for example. Therefore, it does not appear to be a solution to your problem.

We are also exploring other options for container owners:

1. As far as I know, Virtuozzo allows you to convert a container into a virtual machine. And a Virtuozzo virtual machine can be converted using any leapp based instrument (including centos2alma), so this seems to be the simplest way to resolve the issue.
2. You could use the Plesk migrator tool to migrate your Plesk from the CentOS 7 container to an AlmaLinux 8 container. Obviously you have to have this AlmaLinux 8 container somewhere.
3. Try converting your container with vzdeploy into VZLinux 7 and inquire with the Virtuozzo developers if there is any way to convert VZLinux 7 to VZLinux 8 inside a container.

I hope this information will be helpful in addressing your situation. Additionally, we will reach out to the Virtuozzo developers to inquire about their perspective on the problem.

3

Information / Has anyone already migrate to Almalinux8 in a CentoOS7 OpenVZ container?

« on: Today at 05:07:34 PM »

Has anyone already migrate to Almalinux8 in a CentOS7 OpenVZ container?

I already know is needed to upgrade to Centos8, before to install AlmaLinux8, with the migration tool:
https://wiki.almalinux.org/documentation/migration-guide.html#how-to-migrate

But there are a indication this can be made the upgrade to AlmaLinux in a container, like this post:
https://bugs.almalinux.org/view.php?id=140

But I haven't tried it myself yet.
Has anyone tried this, and did it work?

Regards,
Netino

4

CentOS 8 Problems / Re: reboot problem

« on: January 25, 2024, 10:07:54 PM »

The 'shutdown' command is just a symlink to systemctl.
If the system does not answer 'shotdown' command, may be needed to try directly the systemctl command:

Code: [Select]

systemctl reboot
If the command does not work, you must need to investigate the logs, with the command:

Code: [Select]

journalctl -xe
If you don't undestand the logs, post the related lines here.

Regards,
Netino

5

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 13, 2024, 02:55:12 AM »

It happened to every single html webiste. Even one index.html static website, at the second click sent Forbiden.

Have you tried checking the file '/usr/local/apache/logs/modsec_audit.log', searching for what reason your sites are being blocked?

6

Mod_Security / Re: mod_security with Comodo WAF locks out everbody

« on: January 12, 2024, 01:43:17 AM »

That happened before some minutes. At every CWP PRO where I user mod_security with Comodo WAF then every site blocks every user.

So I modified it in order to fix. What do you suggest?

Are you using WordPress, with WooCommerce plugin.?!

WooCommerce was updated, and have a new cookies scheme that conflicts with Comodo WAF.
If so, try to downgrade WooCommerce to the old working version.

Regards,
Netino

7

PHP Selector / Re: Varnish reverse promxy selection by hosting client

« on: January 05, 2024, 07:35:37 PM »

No.
This is available only at root CWP panel, in Webserver Settings -> Webserver Domain conf -> select the username of your user -> Click in the button "View/Edit configuration", and choose the template of preference.

8

PHP Selector / Re: Redis Memcache with PHP-FPM Varnish

« on: January 05, 2024, 07:25:58 PM »

If somehow the redis server was installed, it may not have been activated.
Try:

Code: [Select]

# systemctl start redis


If it was enabled, you may have installed redis on another port, other than the default port 6379.
Check with:

Code: [Select]

# netstat -tupln | grep redis-server...and check if it is up and responding on port 6379.

Regards,
Netino

9

CentOS-WebPanel Bugs / Apache config file 'empty.conf' is turning Varnish unusable?

« on: December 13, 2023, 02:13:11 AM »

I tested if the varnish cache is working in my installation, like per tutorial here:
https://wiki.centos-webpanel.com/varnish-cache-test

But I checked the varnishd server is not working at all.

The file '/usr/local/apache/conf.d/empty.conf' is making varnish, nginx, Cloudflare, etc, unusable?
Has anyone else had this type of problem?

This configuration file is adding some Apache headers, to tell the proxies not to store cached pages, and asking them to fetch a new page from the server.
The headers are as follows:

File '/usr/local/apache/conf.d/empty.conf':

Code: [Select]

   (...)
    <filesMatch "\.(js)$">
        Header set Cache-Control "private"
    </filesMatch>
    <filesMatch "\.(x?html?|php)$">
        Header set Cache-Control "private, must-revalidate"
    </filesMatch>
   (...)

From google:
=============================================
Cache-Control: Private - The private response directive indicates that a resource is user specific—it can still be cached, but only on a client device. For example, a web page response marked as private can be cached by a desktop browser, but not a content delivery network (CDN).
=============================================
Cache-Control: must-revalidate - Indicates that once the resource is stale, a cache (client or proxy) must not use the response to satisfy subsequent requests without successful validation on the origin server.
=============================================

In other words, this configuration file is completely disabling caching for varnish, nginx, Cloudflare, etc.
Does this just happen to me, or is anyone else having this problem?

Regards,
Netino

10

Information / Re: Ebury trojan on all of my CWP servers

« on: March 25, 2023, 03:05:25 AM »

You can quickly check if you are infected with Ebury by checking if the file /usr/lib64/libkeystats.so exists or by running the following command through the console -

Code: [Select]

ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"

Definitely, this command to check can get a false positive.
I have several servers, I'm checking these, and just one have the file '/usr/lib64/libkeystats.so', but all my servers are being pointed as "System infected" through this command.

The file 'libkeystats.so' can just be a legitimate file from the package 'keyutils-libs-1.5.8-3.el7.x86_64', if not infected.
In Centos 7, the check can be made through the following command:

Code: [Select]

rpm -qf /lib64/libkeyutils.so.1.5
Checking the server containing the file '/usr/lib64/libkeystats.so', with the instructions of the above security sites, it's pointing the file is not infected.

The packages using it can be listed by:

Code: [Select]

rpm -q --whatrequires keyutils-libs
Regards,
Netino

11

Information / [Poll] What is your current OS version?

« on: March 07, 2023, 08:38:32 PM »

Due to the EOL of Centos 7 in 2024-06-30, and the Centos Stream 8 in 2024-05-31, several people have already migrated to another version of OS, and others not. What is your version of SO (production environment)? If you chose "Other", please specify here which OS version.

12

MySQL / Re: Can not update MariaDB - Error downloading packages

« on: February 17, 2023, 08:03:08 PM »

That sounds great, but how do I do that?

You can try this:
https://wiki.centos-webpanel.com/mariadb-upgrade-to-new-version

But it's for 10.5 version. Instead, I would try to change to version 10.6, because it's a LTV - Long Term Version.

Regards,
Netino

13

MySQL / Re: Problem Danger: MySQL - BAD CONFIGURATION DETECTED

« on: March 28, 2022, 09:36:34 PM »

If the message is claiming about "BAD CONFIGURATION DETECTED", I would check the configuration.

Type here all your mysql configuration files for us to check.
Content of files '/etc/my.cnf' and all files from folder '/etc/my.cnf.d/'.

Regards,
Netino

14

Information / Re: Your cwp forum site has an ssl error

« on: March 24, 2022, 12:51:30 AM »

today i got an error while trying to visit forum.centos-webpanel.com

NET::ERR_CERT_DATE_INVALID

just for info, maybe you fix this site and renew the cert or force a https to http redirect if you don't wanna provide a https connection.

Yes, I second that: The cert is expired since yesterday.
Hello CWP Team, the forum cert was not renewed.

Regards,
Netino

15

FTP / Re: unable to connect via ftp

« on: March 21, 2022, 02:31:29 AM »

Seems your configuration is normal.
The two following lines are showin something strange, related to the same network:

Code: [Select]

Mar 15 16:38:00 vps-2434395-x pure-ftpd: (?@190.247.116.2) [INFO] fullstre@fullstreaming.ar is now logged in
Mar 15 16:38:10 vps-2434395-x pure-ftpd: (fullstreaming@190.247.116.2) [INFO] Timeout

The first one for user 'fullstre' is logged in, but the second for the same IP address for user 'fullstreaming' is not.
The second is returning "Timeout" problem, this is related to the network.
The home directory for that user really exists?