Author Topic: Did 0.9.8.1239 remove extra DB users?  (Read 615 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #15 on: July 02, 2026, 01:37:00 AM »
Some of my clients having the same issue. The privilege users are gone and need to be readd.

Offline
**
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #16 on: July 02, 2026, 02:38:01 AM »
Mmm can confirm strange happening with this update.

No SQL user problems for me but it did make some sort of change. I use certs instead of user/password to access SFTP & all my logins were denied this morning. I had to allow password auth and then match users with IPs to secure as a work around.

Web Design, Development & Web Hosting
https://6sense.com.au

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #17 on: July 02, 2026, 03:39:57 AM »
question: And who is the hacker right now?

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #18 on: July 02, 2026, 12:30:13 PM »
Hi,

This update has caused serious problems on my servers. For the last two days, MySQL users have been deleted repeatedly.

As a temporary workaround, I added an `exit` at the beginning of the `temp_hacker_check` script to prevent it from running again, because it was causing damage to my configuration.

Another problem is that the cleanup log is extremely basic. It only shows when the script starts and finishes, but it does not clearly log what users were deleted, what changes were applied, or why those actions were taken. This makes it very difficult to audit the damage or understand exactly what happened.

In my opinion, this script is not at the level of quality and safety expected from CWP. A security cleanup script should not silently delete MySQL users or modify server access without clear logging, confirmation, backups, or at least a safer detection method.

Please review this update and the `temp_hacker_check` script urgently, because it can break production servers and remove legitimate database users.

Thank you.

Offline
*****
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #19 on: July 02, 2026, 02:03:19 PM »
Just a little recommendation: in addition to running daily backups, also consider running AutoMySQLBackup to dump you DB daily:
https://github.com/sixhop/AutoMySQLBackup

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #20 on: July 02, 2026, 09:29:18 PM »
I believe its an attemp of the programers to close cwpro forever, this cannot happend, we are paying for this licence.

Come on , wtf are you doing? breaking everything people worked for.

OMG so unreliable i have like 25 servers, ALL BROKEN. i just want to die.

That is odd.
All of our servers are still intact with all the user and system accounts.

But seeing this thread did make my heart skip a beat.

I am curious, what OS are you guys that lost users running?

Alma 8.

All the servers had users with @% cause i need to, everything went to shit.

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #21 on: July 03, 2026, 12:09:26 AM »
So, what should we do now regarding `temp_hacker_check`?

I have temporarily added an `exit` at the beginning of the script to prevent it from running. Should I also remove its write/execute permissions?

Honestly, I do not feel comfortable having this script running on my servers. Everything was working fine before, and what I need most is stability. I can take care of security on my side.

In some services, I do have MySQL users with host `%`. Is that really considered so abnormal or dangerous that they should be removed without prior notice or confirmation?

In my opinion, updates like this should not be pushed to the Stable branch, especially if Stable is supposed to mean “at least two weeks tested.”

I would like to know what you plan to do with this script, so I can prepare accordingly and also have an official recommendation on how to proceed. For the past two days, I have been waking up to complaints from clients because they are getting errors when trying to connect to their databases.

I hope that, for now, adding an `exit` at the beginning of the script is enough to prevent further issues, but I do not think this is a proper long-term solution.

I really hope you can review whether something went wrong with this update and adjust it properly. From my side, I want to reiterate that I would prefer to be able to disable this script completely, as I do not need it.

Thank you!

Offline
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #22 on: July 03, 2026, 03:39:53 AM »
This things keep being deleted everyday. Lol

Online
*
Re: Did 0.9.8.1239 remove extra DB users?
« Reply #23 on: July 03, 2026, 10:21:55 AM »
And here we have the issues that happen when we have no changelog of new updates... We never know what have changed.