Recent Posts
81
PostgreSQL / Re: Error starting postgres
« Last post by gilliard on October 09, 2025, 09:11:27 PM »[root@cwp ~]# ls -l /usr/lib/systemd/system/postgresql.service
-rw-r--r-- 1 root root 0 Oct 9 13:25 /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# ^C
[root@cwp ~]# cat /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# cat /usr/lib/systemd/system/postgresql.service
[root@cwp ~]#
-rw-r--r-- 1 root root 0 Oct 9 13:25 /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# ^C
[root@cwp ~]# cat /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# cat /usr/lib/systemd/system/postgresql.service
[root@cwp ~]#
82
Information / Re: Is CWP still maintained?
« Last post by cyberspace on October 09, 2025, 07:58:49 PM »CWP isn't maintained by huge number of people. If you want to make CWP more reliable then I recommend you invest more than $1/month into the CWP project or offer some other help for CWP or run your own similar project You will find it is more expensive than $1/month.
If you don't like it then why do you use CWP and not cPanel/DirectAdmin/Plesk ? Do you like to pay nothing and get everything ? Seems so...
The last "update" in what was really changed was in version 0.9.8.1188, released in 13/11/2024.
After that there is updates, but no one knows in what.
And this is the OFFICIAL WEBSITE of CWP. Is not me, is not made up. You CANNOT provide any info about what was updated after 13/11/2024 besides numbers that increase in the CWP panel.
If you don't like it then why do you use CWP and not cPanel/DirectAdmin/Plesk ? Do you like to pay nothing and get everything ? Seems so...
83
Information / Re: Is CWP still maintained?
« Last post by djprmf on October 09, 2025, 06:29:59 PM »And i found out this: https://control-webpanel.com/changelog
The last "update" in what was really changed was in version 0.9.8.1188, released in 13/11/2024.
After that there is updates, but no one knows in what.
And this is the OFFICIAL WEBSITE of CWP. Is not me, is not made up. You CANNOT provide any info about what was updated after 13/11/2024 besides numbers that increase in the CWP panel.
If you don't see any issue in this lack of transparency, just because "is free"... oh boy.
The last "update" in what was really changed was in version 0.9.8.1188, released in 13/11/2024.
After that there is updates, but no one knows in what.
And this is the OFFICIAL WEBSITE of CWP. Is not me, is not made up. You CANNOT provide any info about what was updated after 13/11/2024 besides numbers that increase in the CWP panel.
If you don't see any issue in this lack of transparency, just because "is free"... oh boy.
84
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« Last post by djprmf on October 09, 2025, 06:21:27 PM »Starburst already gave the answer above:You need to have your php.ini secured, and run ModSecurity with the latest OWASP CRS ruleset.And he has guides for updating ModSecurity and the OWASP CRS ruleset (tested on both AlmaLinux 8 and 9):
Along with running the latest PHP version you choose, 8.1, 8.2, 8.3 or 8.4
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-12-running-cwp-and-apache-on-almalinux-9/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-owasp-crs-ruleset-running-cwp-and-apache-on-almalinux-9/
Those guides are pointless for this issue.
They are to protect the websites, not the CWP itself. The RCE was a exploit in the CWP file manager, not in the websites.
Kindle don't provide false information, and dont mislead users to somethint that is not. You don't appear to even know what is a exploit... even less to provide info about waf protection rules - that, again, DO NOTHING about this issue in CWP.
85
Information / Re: Is CWP still maintained?
« Last post by djprmf on October 09, 2025, 06:17:39 PM »Just because the product is free that doesn't mean that security issues should be hidden.
You are literally saying that is better to have a SECURITY ISSUE, in a control panel that many use in they servers, just because "its free". That is NOT a good answer to give, and not a very good idea to have if you manage any kind of server - even more if you have clients in it.
Just because something is "free" doesn't excuse everything. And a security issue is not something that should be hidden.
Anyone that think other wise doesn't know anything about server management and should not be consider a sysadmin - that is a fact in the industry, not something made up by me...
Are you for real? I know that people that use CWP not always have the biggest knowledge about server management and sysadmin in general - and that IS FINE. But have people say that it is better to have security issues hidden than disclosed... is just ridiculous.
And i read that sentence over and over again: "go to other panel". Do you understand that, if everyone does that, CWP just cease to exist, right? The panel that you are supporting here... you are not helping at all with statements like that.
And is not a first thing: Sentora was one example.
In fact, im helping here more that anyone else that comment: transparency MUST be something that should be in EVERY SINGLE action of a project. That is A FACT. If you hide something like a security issue, just because is Free, you are doing it wrong.
Also, @Starburst, kindle stop providing false articles about WAF protection when you clearly don't know what they do. WAF protection is to protect against potential attack vectors - like exploits. You CANNOT apply WAF rules in the CWP - your guide is to apply to the website in the servers, that is pointless (and you know why? Exactly, because the exploit here WAS IN CWP, not in because of the websites in the servers with CWP).
You are literally saying that is better to have a SECURITY ISSUE, in a control panel that many use in they servers, just because "its free". That is NOT a good answer to give, and not a very good idea to have if you manage any kind of server - even more if you have clients in it.
Just because something is "free" doesn't excuse everything. And a security issue is not something that should be hidden.
Anyone that think other wise doesn't know anything about server management and should not be consider a sysadmin - that is a fact in the industry, not something made up by me...
Are you for real? I know that people that use CWP not always have the biggest knowledge about server management and sysadmin in general - and that IS FINE. But have people say that it is better to have security issues hidden than disclosed... is just ridiculous.
And i read that sentence over and over again: "go to other panel". Do you understand that, if everyone does that, CWP just cease to exist, right? The panel that you are supporting here... you are not helping at all with statements like that.
And is not a first thing: Sentora was one example.
In fact, im helping here more that anyone else that comment: transparency MUST be something that should be in EVERY SINGLE action of a project. That is A FACT. If you hide something like a security issue, just because is Free, you are doing it wrong.
Also, @Starburst, kindle stop providing false articles about WAF protection when you clearly don't know what they do. WAF protection is to protect against potential attack vectors - like exploits. You CANNOT apply WAF rules in the CWP - your guide is to apply to the website in the servers, that is pointless (and you know why? Exactly, because the exploit here WAS IN CWP, not in because of the websites in the servers with CWP).
86
PostgreSQL / Re: Error starting postgres
« Last post by cyberspace on October 09, 2025, 06:07:11 PM »Show the output of:
Code: [Select]
ls -l /usr/lib/systemd/system/postgresql.service
cat /usr/lib/systemd/system/postgresql.service87
PostgreSQL / Re: Error starting postgres
« Last post by gilliard on October 09, 2025, 05:55:01 PM »Not works
[root@cwp ~]# systemctl is-masked postgresql.service
Unknown operation is-masked.
[root@cwp ~]# systemctl unmask postgresql.service
[root@cwp ~]# systemctl start postgresql.service
Failed to start postgresql.service: Unit postgresql.service is masked.
[root@cwp ~]# systemctl enable postgresql.service
Failed to enable unit: Unit file /usr/lib/systemd/system/postgresql.service is masked.
[root@cwp ~]#
[root@cwp ~]# systemctl is-masked postgresql.service
Unknown operation is-masked.
[root@cwp ~]# systemctl unmask postgresql.service
[root@cwp ~]# systemctl start postgresql.service
Failed to start postgresql.service: Unit postgresql.service is masked.
[root@cwp ~]# systemctl enable postgresql.service
Failed to enable unit: Unit file /usr/lib/systemd/system/postgresql.service is masked.
[root@cwp ~]#
88
Information / Re: Is CWP still maintained?
« Last post by cyberspace on October 09, 2025, 03:24:09 PM »CWP did not disclosure that. They prefer hide it under a "update", that you don't even know what is. Or do you have a changelog for the versions lauch?
Hire the CWP team, pay them wage and set your rules how they must act. In other case you accept their rules and how they support their product.
If their rules aren't acceptable for you then you need to use another product.
89
CentOS 7 Problems / Re: Clamav database update blocked by CDN
« Last post by Painkiller88 on October 09, 2025, 02:54:54 PM »ELevate is not a recommended upgrade path; you will likely introduce issues into the new system (Sandeep [a CWP dev] advises against it). Better to bring up a new AlmaLinux 8 system and use the CWP Migration module to transfer accounts. That's the route I chose and so I have a fresh system with very little cruft moved over from the old system. Fresh 'n shiny!
https://www.alphagnu.com/topic/578-does-it-possible-to-migrating-from-centos7-to-almalinux9-same-server-without-installing-to-new-server/
Ok thanks, i will have a look into it.
90
PostgreSQL / Re: Error starting postgres
« Last post by overseer on October 09, 2025, 01:43:28 PM »Code: [Select]
systemctl is-masked postgresql.service
systemctl unmask postgresql.service
systemctl start postgresql.service
systemctl enable postgresql.service