Control Web Panel

WebPanel => Installation => Topic started by: SeaTea on September 25, 2014, 07:41:53 PM

Title: SSH / Quota warning on Centos after install
Post by: SeaTea on September 25, 2014, 07:41:53 PM
I have installed CWP on my VPS with Centos 6 and all seems to work fine.  I have configured most things and have set my SSH server to an alternative port and have configured firewall accordingly.  However after login at admin panel the dashboard shows:
Quote
WARNING: Security vulnerability! Your server is using default SSH Port 22, to make your server more secure change SSH port in config file /etc/ssh/sshd_config and in CSF firewall !
After changes are done don't forget to restart SSH and CSF Firewall.

and also:
Quote
WARNING: Quota! Quota is not installed on your server and you will not be able to limit users disk space!
You can install Quota using command: yum -y install quota

But quota is installed.

Is this a 'normal' bug in dashboard or did I do something wrong ?
Title: Re: SSH / Quota warning on Centos after install
Post by: Smartay on September 26, 2014, 10:57:12 AM
+1 always get this after install even if i make sure quota is done before panel is even loaded
Title: Re: SSH / Quota warning on Centos after install
Post by: Administrator on September 27, 2014, 06:04:28 PM
you will need to check this tutorial, if you have VPS then you will need to contact your hosting company
http://forum.centos-webpanel.com/centos-configuration/how-to-setup-user-quotas/
Title: Re: SSH / Quota warning on Centos after install
Post by: erm3nda on December 16, 2014, 06:54:14 AM
I got same problem after install serveral game servers from ssh console.
I've tried to install quota but warned me about i cannot install it.

Finally, because was not a customer account, i tried to quotaoff -vaug but result was fail again due to permissions i guess, dont remember now. (https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-disk-quotas-managing.html (https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-disk-quotas-managing.html))

Finally2, i ran a command from root, setquotas user 0 0 0 0 -a and fully disable for that user.

I will add quotas on the /etc/fstab asap, rather than bruteforce quota to off.
Thank you for instructions.
Title: Re: SSH / Quota warning on Centos after install
Post by: autark on January 28, 2015, 08:17:13 AM
It would be nice to be able to permanently disable these warnings. For users who choose not to change SSH port for example, it's annoying to see that warning every time you log in.  And for anybody who questions not changing SSH port, here is an excellent writeup: https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/

Much better to disable root login altogether. Only allow SSH via key authentication with a non-root account and sudo to root (with that user on the root wheel). Much safer than obscuring your SSH port#... with CSF/LFD enabled you're going to lock out the port scanners and unauthed root login attempts anyway. Let them try and fail.

Any idea how to permanently disable these warnings? Config for that would be so nice.
Title: Re: SSH / Quota warning on Centos after install
Post by: erm3nda on January 28, 2015, 09:01:17 AM
While is not the proper solution, you can CONTROL anything in your browser.

Actually im using GM(firefox)/TM(chrome) userscripts on a lot of webpages i dont like how looks. (Including this forum width http://forum.centos-webpanel.com/other/old-forum-style/msg1270/#msg1270 (http://forum.centos-webpanel.com/other/old-forum-style/msg1270/#msg1270))

You can install that extension and hide it. Anyway, it is showing a little before removal.

Example code:
Code: [Select]
// ==UserScript==
// @name        cwp hide danger alert
// @namespace   cwphd
// @description Hides the fucking warning messages on cwp panel
// @include     http://YOUR URL:2030/index.php?chk=*
// @version     1
// @require  http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
// ==/UserScript==

// JQuery Compatibility statement

this.$ = this.jQuery = jQuery.noConflict(true);

$(".alert-danger").remove();
If you wanna hide all messages, just put alert instead alert-danger.
Title: Re: SSH / Quota warning on Centos after install
Post by: Administrator on February 03, 2015, 09:06:36 PM
if the quota works on your system then it could be a bug, if somebody noticed this kind of issue report it and it will be fixed for the new version.
Title: Re: SSH / Quota warning on Centos after install
Post by: erm3nda on February 04, 2015, 07:21:11 PM
I have only the SSH por22 warn, wich i dont like too.
Title: Re: SSH / Quota warning on Centos after install
Post by: Administrator on March 11, 2015, 04:48:28 PM
hundreds of thousands of server world wide are under ssh bruteforce attacks so having port 22 as default is considered as a much much higher security risk and its not recommended.
Title: Re: SSH / Quota warning on Centos after install
Post by: erm3nda on March 12, 2015, 02:44:19 PM
A good password with:

Will consume +10 years on average to bruteforce it.

If you configure your vps correctly you have not to worry lammer-level attacks. Also became funny. Many friend of my say "tell me your ip, i will put down your website in few minutes" and im still here :)

GREAT PASSWORD + CSF ANTI-DDOS SCRIPT + ANTI-SLOWLORIS when build apache from cwp is your friend.

Keepass power!