This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Varnish / Excessive resource usage: varnishlog
« on: December 10, 2018, 11:41:56 AM »
Hi!
Since I've installed Varnish (together with Nginx, Apache & PHP-FPM), I get an email every hour with »
and the exeeded time get longer and longer…
Do we really need this varnishncsa for varnish to work?
Can I stop & disable this process or is it necessary?
Thank you!
Ben
Since I've installed Varnish (together with Nginx, Apache & PHP-FPM), I get an email every hour with »
Code: [Select]
Time: Mon Dec 10 12:18:19 2018 +0100
Account: varnishlog
Resource: Process Time
Exceeded: 27038 > 1800 (seconds)
Executable: /usr/bin/varnishncsa
Command Line: /usr/bin/varnishncsa -a -w /var/log/varnish/varnishncsa.log -D -P /run/varnishncsa/varnishncsa.pid
PID: 3460 (Parent PID:3460)
Killed: No
and the exeeded time get longer and longer…
Do we really need this varnishncsa for varnish to work?
Can I stop & disable this process or is it necessary?
Thank you!
Ben
2
Suggestions / Re: Suggestion voting-system / Feature Requests board
« on: December 10, 2018, 11:20:23 AM »That will be a great idea, however, CWP team may not bother looking at this thread as they are FREE.
Anyhow, +1 from my side.
LOL
What is the suggestion board for, if not suggesting something to the staff?
3
CSF Firewall / Re: too many connections (8) from this ip
« on: December 10, 2018, 11:16:45 AM »
Did you put the IP address on the firewall whitelist?
4
Scripts / Re: StingRay's Dark Theme for CWP
« on: November 22, 2018, 11:32:08 AM »
THANK YOU @raylee <3
I was waiting for an admin dark theme for years!!!
I was waiting for an admin dark theme for years!!!
5
Suggestions / Nginx Ultimate Bad Bot Blocker
« on: November 22, 2018, 10:46:51 AM »
Hi!
Could please integrate "Nginx Ultimate Bad Bot Blocker" into CWP (pro)
THANK YOU!
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/
Could please integrate "Nginx Ultimate Bad Bot Blocker" into CWP (pro)
THANK YOU!
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/
6
Suggestions / Suggestion voting-system / Feature Requests board
« on: November 22, 2018, 10:43:57 AM »
Hi!
Could we please have an suggestion voting-system / feature requests board for CWP where we can upvote the features we like to see?
That would be great!
Here are some options - some of them are free »
Could we please have an suggestion voting-system / feature requests board for CWP where we can upvote the features we like to see?
That would be great!
Here are some options - some of them are free »
7
Nginx / Re: NGINX and SSL issue
« on: November 22, 2018, 08:55:25 AM »
Go to » https://YOURSERVERIP:2031/admin/index.php?module=list_domains
and delete the domain "guidadelgusto.com"
This will also delete the SSL certificate and your problem .conf file.
Check it, if it is still there delete "/etc/nginx/conf.d/guidadelgusto.com_ssl.conf" manually over SSH or FTP!
Then go to https://YOURSERVERIP:2031/admin/index.php?module=add_domain
and add the domain again.
Now you should be fine with SSL and with "Apache + nginx".
and delete the domain "guidadelgusto.com"
This will also delete the SSL certificate and your problem .conf file.
Check it, if it is still there delete "/etc/nginx/conf.d/guidadelgusto.com_ssl.conf" manually over SSH or FTP!
Then go to https://YOURSERVERIP:2031/admin/index.php?module=add_domain
and add the domain again.
Now you should be fine with SSL and with "Apache + nginx".
8
Nginx / Nginx Ultimate Bot Blocker
« on: November 22, 2018, 08:42:07 AM »
Does anyone have experience with Nginx Ultimate Bot Blocker?
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
I installed it after the instructions step by step, but I can't see any effect.
Step 10 failed for me.
I still get an "200 OK" when I should get an "(52) Empty reply from server" reply.
Any ideas?
@CWP Staff
Could you integrate this into future releases of CWP (pro)?
That would be awesome!
Thank you ^^
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
I installed it after the instructions step by step, but I can't see any effect.
Step 10 failed for me.
I still get an "200 OK" when I should get an "(52) Empty reply from server" reply.
Any ideas?
@CWP Staff
Could you integrate this into future releases of CWP (pro)?
That would be awesome!
Thank you ^^
9
CSF Firewall / Re: lots of open ports, but not sure what they are being used for
« on: November 22, 2018, 08:25:15 AM »
All well-known ports »
https://de.wikipedia.org/wiki/Liste_der_standardisierten_Ports
Pleas google first before making a forum request.
Thank you!
https://de.wikipedia.org/wiki/Liste_der_standardisierten_Ports
Pleas google first before making a forum request.
Thank you!
10
CSF Firewall / Re: Editor in CWP for /etc/csf/csf.pignore ?
« on: November 22, 2018, 08:16:15 AM »
Well …
"/etc/csf/csf.pignore" is not needed very often, so I guess there is no link in the menu for it.
BUT
You can edit any file on the server with the "?module=file_editor&file=" module!
Just put the following into your addressbar »
https://YOURSERVERIP:2031/admin/index.php?module=file_editor&file=/etc/csf/csf.pignore
(YOURSERVERIP is replaced with your servers IP address obviously! ^^)
And then just make a bookmark in your browser
"/etc/csf/csf.pignore" is not needed very often, so I guess there is no link in the menu for it.
BUT
You can edit any file on the server with the "?module=file_editor&file=" module!
Just put the following into your addressbar »
https://YOURSERVERIP:2031/admin/index.php?module=file_editor&file=/etc/csf/csf.pignore
(YOURSERVERIP is replaced with your servers IP address obviously! ^^)
And then just make a bookmark in your browser
11
CSF Firewall / Re: Is it necessary to enable CSF Firewall or Mod security in Centos Web Panel ?
« on: November 22, 2018, 07:24:49 AM »
I would STRONGLY RECOMMEND IT!
I have a small VPS with ~5 websites on it and my VPS gets attacked permanently! =/
I use CWP7pro and I installed Comodo WAF for ModSecurity- which does a GREAT job protecting my WordPress sites (without me making any manual exception Rules)!
10€ for CWP Pro is totally worth it and the guys build CWP absolutely deserve our support (IMO).
I have a small VPS with ~5 websites on it and my VPS gets attacked permanently! =/
I use CWP7pro and I installed Comodo WAF for ModSecurity- which does a GREAT job protecting my WordPress sites (without me making any manual exception Rules)!
10€ for CWP Pro is totally worth it and the guys build CWP absolutely deserve our support (IMO).
12
CSF Firewall / Re: ip deny /allow access
« on: November 22, 2018, 07:08:41 AM »
Be careful!!!
I once blocked several countries in my /etc/csf/csf.conf.
CC_DENY = "CN,IN,RO,RU,BR,UA,NL,UK"
And then a few days later AutoSSL (renewal of SSL certificates) wasn't working anymore.
I WAS UNABLE to create new SSL certificates!
I've found out that blocking NL (Netherlands) was the root cause for it.
Let's Encrypt is located in NL and it needs to connect to generate SSL certificates!
Furthermore the support wrote me the following »
So keep that in mind
I once blocked several countries in my /etc/csf/csf.conf.
CC_DENY = "CN,IN,RO,RU,BR,UA,NL,UK"
And then a few days later AutoSSL (renewal of SSL certificates) wasn't working anymore.
I WAS UNABLE to create new SSL certificates!
I've found out that blocking NL (Netherlands) was the root cause for it.
Let's Encrypt is located in NL and it needs to connect to generate SSL certificates!
Furthermore the support wrote me the following »
So keep that in mind
14
CSF Firewall / Re: CWP Countries servers are in ?
« on: November 22, 2018, 06:43:45 AM »
Be careful!!!
I once blocked several countries in my /etc/csf/csf.conf.
CC_DENY = "CN,IN,RO,RU,BR,UA,NL,UK"
And then a few days later AutoSSL (renewal of SSL certificates) wasn't working anymore.
I WAS UNABLE to create new SSL certificates!
I've found out that blocking NL (Netherlands) was the root cause for it.
Let's Encrypt is located in NL and it needs to connect to generate SSL certificates!
Furthermore the support wrote me the following »
So keep that in mind
I once blocked several countries in my /etc/csf/csf.conf.
CC_DENY = "CN,IN,RO,RU,BR,UA,NL,UK"
And then a few days later AutoSSL (renewal of SSL certificates) wasn't working anymore.
I WAS UNABLE to create new SSL certificates!
I've found out that blocking NL (Netherlands) was the root cause for it.
Let's Encrypt is located in NL and it needs to connect to generate SSL certificates!
Furthermore the support wrote me the following »
So keep that in mind
15
CSF Firewall / Re: CWP access - CSF iptable tcp ports 2030,2031,2082,2083,2086,2087,2095,2096
« on: November 22, 2018, 06:18:49 AM »
Hi!
same here …
I've got the following in my /etc/csf/csf.conf
So what do the ports: 2082,2083,2086,2087,2095,2096
actually do?
Wikipedia tells me cPanel, but I dont use cPanel!
Does CWP(pro) use these ports in any way?
Can we remove/block them withour any trouble?
@n8v8r
I've removed 2030, because 2031 is more secure.
Here is a list of all the well-known ports »
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
2082,2083,2086,2087,2095,2096 are used for cPanel
same here …
I've got the following in my /etc/csf/csf.conf
Code: [Select]
# Allow incoming TCP ports
TCP_IN = "25,53,80,443,2031,2082,2083,2086,2087,2095,2096"
# Allow outgoing TCP ports
TCP_OUT = "25,53,80,113,443,587,2031,2082,2083,2086,2087,2095,2096"
So what do the ports: 2082,2083,2086,2087,2095,2096
actually do?
Wikipedia tells me cPanel, but I dont use cPanel!
Does CWP(pro) use these ports in any way?
Can we remove/block them withour any trouble?
@n8v8r
I've removed 2030, because 2031 is more secure.
Here is a list of all the well-known ports »
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
2082,2083,2086,2087,2095,2096 are used for cPanel