Author Topic: Very Strange Update beahviour (every 4 hours), what is going on? (Worried)  (Read 36863 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
@GotEm4

What alternative would you recommend? What did you migrate your system to?

Offline
*
I've had very good luck with webmin on other systems. So, it was very easy to install and setup for me this go-around.
It also offers more freedom and control.

Offline
*
I've had very good luck with webmin on other systems. So, it was very easy to install and setup for me this go-around.
It also offers more freedom and control.
Thank you for your response.

Offline
**
Yes code is for reason obviously encrypted... There are hundreds sites like this using same protection to hide code from eyes and keep it hard to see it and find easy bugs and exploit them... This give some time to developers to fix errors if they update panel and missed something.
If you are so skilled why do you use free panel when there are something like webmin old enough and known for sure maybe there are not bugs inside?

For sure if someone wanna to hack your server and have knowledge you are gonna be fu... does not even mater what are you using.

Well maybe its encrypted for some other reason maybe they will sell it later who knows.
but don't talk like that and send negative picture to other users. I used 2 3 panels free before this and every single one have failed after year or two and lost support and upgrades well that's risk with free panels.

If you selling hosting you should consider before and buy something what have some guaranties but I think there is nothing online who can give you something like that. That's my opinion.

Guy's its free what are you expecting if you are planing to sell hosting and work with something like that you should have knowledge to check every settings and check servers every day. Security here does not point only to CWP oh I will install it and I m secure wtf if you are thinking like that than every single idiot can sell hosting. Every single service installed with cwp maybe can be exploited in the future who knows.....

Offline
*
Yes code is for reason obviously encrypted... There are hundreds sites like this using same protection to hide code from eyes and keep it hard to see it and find easy bugs and exploit them... This give some time to developers to fix errors if they update panel and missed something. 

I'm going to take it easy on you since it is obvious there is a comprehension issue occurring on your part. I am fully aware of the various technologies used to protect source code. That is not the issue. The issue is having a major security flaw present for almost a week now, and having the devs basically say "oh, nothing to worry about - move along!". Along with their nonchalant replies regarding their slow GUI leaves one with a rather......Bad taste in their mouths.

If you are so skilled why do you use free panel when there are something like webmin old enough and known for sure maybe there are not bugs inside?
Does Emeril Lagasse go to mcdonalds? I'm sure he does. If he is a master chef - ? That makes him a s#it chef!  Same line of thinking on your part. Even though I could, you are right, for-go the control panel all together - I do like to test out new technologies and offerings. It's only human to be curious.

For sure if someone wanna to hack your server and have knowledge you are gonna be fu... does not even mater what are you using.

That is 100% correct. But by using CWP, you and the rest of the users are/will make it considerably easier to let hackers into your systems.

Well maybe its encrypted for some other reason maybe they will sell it later who knows.
That would be funny. Doubt there would be any buyers. Not only that - but I'm pretty sure the REAL CENTOS would sue the pants off of them for unauthorized use of their name. Surprised they haven't already.

but don't talk like that and send negative picture to other users.
If "product x" kills your cat/blinds you/turns you into a babbling idiot - please do not warn other consumers! You will ruin their experience... Pu-lease. I'm not saying anything that isn't true. And if nobody speaks up - nothing will ever get done to fix the serious security issues for the users that still use this product. 

Guy's its free what are you expecting

Just because it is free does not mean one should give the devs a pass on glaringly serious security holes in the code. While it's nice to see that CWP has one cheerleader - taking the "Hide your head in the sand" approach does not better the product. CWP needs to hear from real people in the real world.

What they do with that input is up to them, obviously. Seeing their lack of concern though, is a very troubling sign.

Offline
*
Can someone tell me what this means exactly ? I understand no update need it's the last line that confuses me. and I'm not running php54 I'm on v7

Email subject /usr/local/cwp/php54/bin/php -d max_execution_time=1000000 -q /usr/local/cwpsrv/htdocs/resources/admin/include/cron.php

######################
Update Server Packages
######################
Your CWP version: 0.9.8.20

No update needed, your CWP is up to date.
sh: service: command not found
« Last Edit: July 09, 2016, 02:35:58 PM by driftwood »

Offline
**
Can someone tell me what this means exactly ? I understand no update need it's the last line that confuses me. and I'm not running php54 I'm on v7

Email subject /usr/local/cwp/php54/bin/php -d max_execution_time=1000000 -q /usr/local/cwpsrv/htdocs/resources/admin/include/cron.php

######################
Update Server Packages
######################
Your CWP version: 0.9.8.20

No update needed, your CWP is up to date.
sh: service: command not found

in email subject is full command line which checking for updates calling php file simple as that rest down is what its says information about version. last line well who knows you should ask this security experts which are talking around but seems no one of them could tell you exactly whats that except developers...

Offline
**
Yes code is for reason obviously encrypted... There are hundreds sites like this using same protection to hide code from eyes and keep it hard to see it and find easy bugs and exploit them... This give some time to developers to fix errors if they update panel and missed something. 

I'm going to take it easy on you since it is obvious there is a comprehension issue occurring on your part. I am fully aware of the various technologies used to protect source code. That is not the issue. The issue is having a major security flaw present for almost a week now, and having the devs basically say "oh, nothing to worry about - move along!". Along with their nonchalant replies regarding their slow GUI leaves one with a rather......Bad taste in their mouths.

If you are so skilled why do you use free panel when there are something like webmin old enough and known for sure maybe there are not bugs inside?
Does Emeril Lagasse go to mcdonalds? I'm sure he does. If he is a master chef - ? That makes him a s#it chef!  Same line of thinking on your part. Even though I could, you are right, for-go the control panel all together - I do like to test out new technologies and offerings. It's only human to be curious.

For sure if someone wanna to hack your server and have knowledge you are gonna be fu... does not even mater what are you using.

That is 100% correct. But by using CWP, you and the rest of the users are/will make it considerably easier to let hackers into your systems.

Well maybe its encrypted for some other reason maybe they will sell it later who knows.
That would be funny. Doubt there would be any buyers. Not only that - but I'm pretty sure the REAL CENTOS would sue the pants off of them for unauthorized use of their name. Surprised they haven't already.

but don't talk like that and send negative picture to other users.
If "product x" kills your cat/blinds you/turns you into a babbling idiot - please do not warn other consumers! You will ruin their experience... Pu-lease. I'm not saying anything that isn't true. And if nobody speaks up - nothing will ever get done to fix the serious security issues for the users that still use this product. 

Guy's its free what are you expecting

Just because it is free does not mean one should give the devs a pass on glaringly serious security holes in the code. While it's nice to see that CWP has one cheerleader - taking the "Hide your head in the sand" approach does not better the product. CWP needs to hear from real people in the real world.

What they do with that input is up to them, obviously. Seeing their lack of concern though, is a very troubling sign.

if you did find some security issue and reported to them and everybody keeps quiet then its serious shit :) then you and developers know how to fix it we are all screwed if no one do it.

I m demanding developers to respond to this its getting hot here..

PS: don't be angry you should helping here its easy to talk about security issues you responded that I m 100% about security, and you should tell how to fix it not talking about legal or illegal name use. No one cares about name...

This is gone from bug report to illegal name use and some cats dogs whatever you can find million reasons and at the end we will agree that we are disagree in some cases :)

ADMINS RESPOND ABOUT SECURITY IF ITS POSSIBLE :)

Offline
*
I have same problem with every 4 hours automatic email and also im interested how we have CWP ver 0.9.8.20 while they said the latest ver is 0.9.8.17  ???

I hope you developer do something for this matter and fix it asas for you!

Regards

Offline
**
well every 4h is same here... well they say its ok because they had some problems with servers.
To be honest I did not have any errors in report like someone on first page copied from email they got some update linked to gmail or something like that, and yes I have too sh error after update to .20...
After checking all emails didnt find any error like guy in first or second post have, seems every one have some kind different error.
Seems everything works fine except new module letsentcrypt...
Possible update some kind bug which is not mentioned in change log in new version .20

Offline
*
cwp is now switched to automated updates, meaning that there will be no more releases every few months like before, now we will have much more developers working on it so we could have even a few updates at the same day.

Please for you who are not trusting us, stop using cwp and asking the same questions all the time.
If you want to contribute then join development and starting helping others.
AntiDDoS Protection (web + mail)
http://centos-webpanel.com/website-ddos-protection-proxy

Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp


Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor


Do you need Fast and FREE Support included for your CWP linux server?
http://centos-webpanel.com/noc-partner-list
Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Offline
*
forgot to add, for letsencrypt issue you can contact support to check it, as always we are resolving bugs for free.
AntiDDoS Protection (web + mail)
http://centos-webpanel.com/website-ddos-protection-proxy

Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp


Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor


Do you need Fast and FREE Support included for your CWP linux server?
http://centos-webpanel.com/noc-partner-list
Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Offline
**
cwp is now switched to automated updates, meaning that there will be no more releases every few months like before, now we will have much more developers working on it so we could have even a few updates at the same day.

Please for you who are not trusting us, stop using cwp and asking the same questions all the time.
If you want to contribute then join development and starting helping others.


THANK YOU :)

Offline
*
I must mention that i don't have every automated email from my server any more (it's passed more that 6 hours and there is not any email yet) after CWP update ver 0.9.8.21 but in my last email from server that i got there is same error. You can see that below:

###########################
Firewall Flush Daily Blocks
###########################


######################
Update Server Packages
######################
PHP Warning:  [obfuscated](http://...@gmail.com&version=0.9.8.21): failed to open stream: HTTP request failed! HTTP/1.1 500 Internal Server Error
 in /usr/local/cwpsrv/htdocs/resources/admin/include/cron.php on line 0
Your CWP version: 0.9.8.21

sh: service: command not found
TERM environment variable not set.
5#.###.###.##2 (i hide my IP!)

I must say that my server and website seems works normally while i had that (old) problem as well.

Regards

Offline
*
at the moment latest version is 0.9.8.23...also there will be at least one more new release today, meaning if your version at the moment is 0.9.8.23 then all works fine....also there will be no more notification emails every 4 hours.
AntiDDoS Protection (web + mail)
http://centos-webpanel.com/website-ddos-protection-proxy

Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp


Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor


Do you need Fast and FREE Support included for your CWP linux server?
http://centos-webpanel.com/noc-partner-list
Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services