11
CSF Firewall / Re: CWP add temporary allow ip on login control panel
« Last post by overseer on March 27, 2024, 06:19:59 PM »Also consider changing your admin port from 2031 and/or 2087, which are commonly scanned by script kiddies. (And of course, you would NEVER use 2030 -- the port without SSL.)
https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/
https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/
12
Mod_Security / Re: test mod security..???
« Last post by Starburst on March 27, 2024, 06:19:16 PM »What did the logs show?
You should receive a Forbidden if it blocks an attack like it should, and the log should reflect that.
Also Comodo released ruleset version 1.241 that fixes the WooCommerce bug.
You should receive a Forbidden if it blocks an attack like it should, and the log should reflect that.
Also Comodo released ruleset version 1.241 that fixes the WooCommerce bug.
13
Mod_Security / Re: test mod security..???
« Last post by overseer on March 27, 2024, 06:16:51 PM »Why does your URL show an appended SQL query?
14
Migration from other control panels / Re: Possibility of CWP to CWP Migration
« Last post by Starburst on March 27, 2024, 06:14:37 PM »Acronis Cyber Protect Connect has a Pay as you Go plan, which is nice.
iDrive has some nice pricing, and claim to have HIPPA, SOX, GLBA, SEC/FINRA certification, which I don't think Acronis has, but I could be wrong.
Both have a GUI interface that you control the backups & restores from.
iDrive has some nice pricing, and claim to have HIPPA, SOX, GLBA, SEC/FINRA certification, which I don't think Acronis has, but I could be wrong.
Both have a GUI interface that you control the backups & restores from.
15
Mod_Security / test mod security..???
« Last post by venty on March 27, 2024, 05:07:44 PM »Hi,
when I click the test mod security button: https://prnt.sc/UtFDAi3VYELK
, the result is this: https://prnt.sc/JgSZ1-UxDYNU
Where could the problem be?
Thanks in advance!
BR
Venty
when I click the test mod security button: https://prnt.sc/UtFDAi3VYELK
, the result is this: https://prnt.sc/JgSZ1-UxDYNU
Where could the problem be?
Thanks in advance!
BR
Venty
16
Migration from other control panels / Re: Possibility of CWP to CWP Migration
« Last post by Karl Heron on March 27, 2024, 02:15:10 PM »I use Acronis Cyber Protect Connect for remote admin of desktops & servers (ARD, RDC, VNC), so I can speak well of its infrastructure on that front -- it handily beats out LogMeIn, GoToMyPC, AnyDesk. I imagine their Cloud Backup product to be equally good, albeit pricey. I think you'd be better off $$/$$$ per month rolling your own DR (disaster recovery) server -- either on a SOHO fiber connection (I have 100Mbit symmetric) or at a data center. It all depends on your needs and available budget. But at least have SOMETHING off site to receive your backups even if it isn't viable to run a server from it, you can push the backup to an alternate remote server or whatever scenario fits your use case.
I think I need low-budget recovery. so my current condition is need to automatically send a backup database to my server database. but I cant do that using CWP.Admin. or maybe create backup database using backup feature on CWP.Admin? can i automatic restore it?
17
CSF Firewall / Re: CWP add temporary allow ip on login control panel
« Last post by Starburst on March 27, 2024, 12:12:57 PM »Note, in CWP, CSF controls IPTables.
In CSF, TCP_IN, you can block ports 2030 & 2031, and just whitelist your IP address.
Whitelisted IP's have access to all ports, whether listed or not in TCP_IN.
That way you don't have to worry about hacker brute-forcing your login.
In CSF, TCP_IN, you can block ports 2030 & 2031, and just whitelist your IP address.
Whitelisted IP's have access to all ports, whether listed or not in TCP_IN.
That way you don't have to worry about hacker brute-forcing your login.
18
CSF Firewall / CWP add temporary allow ip on login control panel
« Last post by andreiv on March 27, 2024, 11:46:23 AM »When I login the admin panel CWP add an temporary entry in csf to allow for 24 hours my own client IP.
I dont understand why my IP from where I loggin is added automatically in cwp/csf in section Temporary Allow and Deny IP entries.
I saw in iptables that the IP was added in Chain ALLOWIN after I've logged in CWP.
What is the default rule for port CWP accessing port 2031 in iptables : I saw policy INPUT drop and :
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:2031
Is there a way to change this behaviour: I mean to not be added automatically IP in CWP after in logged in CWP (/var/lib/csf/csf.tempallow ) ? I would like to see the configuration for this behaviour
I want to understand what is this and how can I change in order not to be added my IP automatically:
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- [my IP] 0.0.0.0/0
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 [my IP]
If for example a hacker succeed to login on cwp (steel the password etc ), cwp will add the hacker IP on temporary list then what is the benefit ?
i would like to know the advantages of the chain ALLOWIN
Thank you
I dont understand why my IP from where I loggin is added automatically in cwp/csf in section Temporary Allow and Deny IP entries.
I saw in iptables that the IP was added in Chain ALLOWIN after I've logged in CWP.
What is the default rule for port CWP accessing port 2031 in iptables : I saw policy INPUT drop and :
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:2031
Is there a way to change this behaviour: I mean to not be added automatically IP in CWP after in logged in CWP (/var/lib/csf/csf.tempallow ) ? I would like to see the configuration for this behaviour
I want to understand what is this and how can I change in order not to be added my IP automatically:
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- [my IP] 0.0.0.0/0
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 [my IP]
If for example a hacker succeed to login on cwp (steel the password etc ), cwp will add the hacker IP on temporary list then what is the benefit ?
i would like to know the advantages of the chain ALLOWIN
Thank you
19
PHP / Re: 503 Service unavailable
« Last post by Wonder on March 27, 2024, 12:28:39 AM »Did you check (and increase) max execution time, memory limit, etc. in your php.ini?Yes, was the first I was try.
In this moment, I have this values:
('memory_limit', '256M')
('upload_max_filesize', '128M');
('post_max_size', '256M');
('max_input_time', '-1');
('max_execution_time', '-1');
('default_socket_timeout', '-1');
And I try with 512M, 256M and 512M (in the order, mem limit, upload max, post max...)
Also I try with 1024M, 512M and 1024M.
Same result all time...
Thanks for your reply.
20
PHP / Re: 503 Service unavailable
« Last post by overseer on March 26, 2024, 08:52:18 PM »Did you check (and increase) max execution time, memory limit, etc. in your php.ini?