Recent Posts
71
Updates / Re: Server updates don't seem to be happening
« Last post by Dangerousdave26 on May 26, 2025, 02:08:49 AM »Shout out to @overseer and Sandeep B.
I followed his Sandeep B. instructions from the thread overseer posted and all is well.
I followed his Sandeep B. instructions from the thread overseer posted and all is well.
72
SSL / Re: Unabl to update SSL cert after router upgrade
« Last post by overseer on May 25, 2025, 01:22:36 PM »I've had 2 different TP-Link routers (acting as WAPs) reset themselves to factory defaults and start DHCP'ing on networks -- creating a conflict with the main router's DHCP assignments. So I have started avoiding them, preferring Netgear for those kind of low-end home applications. Also, security and US policy concerns abound about TP-Link:
https://arstechnica.com/tech-policy/2024/12/report-us-considers-banning-tp-link-routers-over-security-flaws-ties-to-china/
https://arstechnica.com/tech-policy/2025/04/tp-links-low-router-prices-and-china-ties-reportedly-spark-us-investigation/
Agreed about Mikrotik routers -- I've installed them in a couple of locations that I manage and they are not for novices, but are rock solid once set up. Just keep the firmware up to date lest they be corralled into a botnet.
https://arstechnica.com/tech-policy/2024/12/report-us-considers-banning-tp-link-routers-over-security-flaws-ties-to-china/
https://arstechnica.com/tech-policy/2025/04/tp-links-low-router-prices-and-china-ties-reportedly-spark-us-investigation/
Agreed about Mikrotik routers -- I've installed them in a couple of locations that I manage and they are not for novices, but are rock solid once set up. Just keep the firmware up to date lest they be corralled into a botnet.
73
SSL / Re: Unabl to update SSL cert after router upgrade
« Last post by Starburst on May 25, 2025, 01:01:23 PM »Seems the problem is associated with IPv6. Make sure the nameservers point the domain to the proper IPv6 and IPv4 addresses. I think so because the IPv4 nameservers returns the IPv4 address of the domain but IPv6 nameservers returns nothing (no AAAA record).
He hasn't mentioned IPv6, so I don't think he is running it.
And CWP by default doesn't do anything with IPv6.
@henryluiz Are you running IPv4 Only, or IPv4 & IPv6?
74
SSL / Re: Unabl to update SSL cert after router upgrade
« Last post by cyberspace on May 25, 2025, 11:55:37 AM »Seems the problem is associated with IPv6. Make sure the nameservers point the domain to the proper IPv6 and IPv4 addresses. I think so because the IPv4 nameservers returns the IPv4 address of the domain but IPv6 nameservers returns nothing (no AAAA record).
75
Mod_Security / Re: 403 error
« Last post by Starburst on May 25, 2025, 08:48:41 AM »Hey guys,
I am trying to make a react application with node express backend work. I copied the backend on the root and the build on the public_html...installed everything. The application works....but I am getting delete and update requests blocked, not get and post. I get 403 error and in the mod sec console i found errors comingo from there...i disabled mod sec i think.but the 403 keeps coming out!
Any advice or suggestions? I can send screens if needed of anything.
Thanks in advance
Check your ModSecurity Log, and see what ruleset & rule is being triggered.
You then can exempt that rule for your application to run.
76
Mod_Security / Re: 403 error
« Last post by Starburst on May 25, 2025, 08:47:06 AM »@overseer thank for find that weird type-o in the URL.
Fixed it:
https://starburst.help/category/control-web-panel-cwp/modsecurity-running-with-control-web-panel/
Fixed it:
https://starburst.help/category/control-web-panel-cwp/modsecurity-running-with-control-web-panel/
77
SSL / Re: Unabl to update SSL cert after router upgrade
« Last post by Starburst on May 25, 2025, 08:42:13 AM »@overseer, I like TP-Link, but it's on a banned list for certain uses.
Wasn't trying to intimidate anyone. Just pointing out the backdoor found on their equipment.
MikroTik router software and hardware are good also.
But it's not for beginners.
Your A record looks good.
But usually beside port wording you also have to configure your NAT and Firewall to allow 2 way 80 & 443 traffic.
This has to be done in your modem as well (At least with AT&T Fiber it does), which goes back to the multiple different configs needed, makes helping on these subjects difficult.
Wasn't trying to intimidate anyone. Just pointing out the backdoor found on their equipment.
MikroTik router software and hardware are good also.
But it's not for beginners.
Your A record looks good.
But usually beside port wording you also have to configure your NAT and Firewall to allow 2 way 80 & 443 traffic.
This has to be done in your modem as well (At least with AT&T Fiber it does), which goes back to the multiple different configs needed, makes helping on these subjects difficult.
78
CentOS-WebPanel Bugs / Re: cwp_stats is taking too much space
« Last post by overseer on May 25, 2025, 02:21:44 AM »Another solution going forward is to edit /etc/goaccess/goaccess.conf:
Code: [Select]
# On-disk B+ Tree
# Specifies that each page is compressed with ZLIB|BZ2 encoding.
# Disabled by default.
#
compression zlib79
Mod_Security / Re: 403 error
« Last post by overseer on May 25, 2025, 01:40:38 AM »Consider updating to ModSecurity 2.9.8 and the current OWASP ruleset -- might reduce some false positives:
https://starburst.help/category/control-web-panel-cwp/modsecurity-running-wit-control-web-panel/
https://starburst.help/category/control-web-panel-cwp/modsecurity-running-wit-control-web-panel/
80
PHP / Re: AH01075: Error dispatching request to : (polling)
« Last post by overseer on May 25, 2025, 01:37:24 AM »Likely culprits are MalwareDetect or the Softaculous backup routine that ran just before the crash. But given that it only affects one site and one version of PHP (and not the whole server), that would be the best place to investigate. Look at what that client is running (loaded WP install with auto-backups or cron tasks?) and that version of php-fpm see if there is something loading the server at that time or if you could do some tuning on php-fpm 8.2 specifically.
