Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Steff

Pages: [1] 2 3 ... 5
CentOS 7 Problems / session token expired, please reload the page
« on: May 08, 2022, 05:57:51 PM »
I have a couple of customers who have this error message pop up and they cannot log in to their accounts.
The error message is:
session token expired, please reload the page
My server is configured as follows:
Webserver Nginx and Apache
Nginx and Apache running on default templates and both running 7.3 FPM with default templates and forced for Apache

Domain server configuration is 7.3 fpm and all templates set to default

Mod Security is set to Combo WAF (V1.223) and process all rules

There is no cron job set to clear server cache

The customers are having problems logging in to a Wordpress site running Woocommerce
Wordpress version 5.9.3 and Woocommerce 6.4.1
I'm not running any pluging cache, so the only cache is server side
The site does have an htaccess file (used mostly for Yoast)
And site wide the security is handled by Wordfence Pro v7.5.9

Customers are reporting that if the refresh the browser after having the error, they still cannot log in or enter address details. Some have cleared cache on their devices and some have tried other browsers, but still get the error.
This suggests to me that this is server side and probably a misconfiguration with cache and security.

Anyone have any idea where I should start with this please. I'd be very grateful for any help.

Other / Re: Nginx-Apache-WP Rocket
« on: January 08, 2022, 08:42:58 PM »
Sound advice, you've been very helpful. Thanks again  :)

Other / Re: Nginx-Apache-WP Rocket
« on: January 08, 2022, 08:13:40 PM »
Thanks that's really helpful.

I did have the server setup for Varnish, but have just set back to Nginx-Apache because, as you said, it was too aggressive. Fast!, but way too volatile.
I'm using PHP-FPM 7.3 and wondered what advantage php 8 might bring to the table.

Other / Nginx-Apache-WP Rocket
« on: January 08, 2022, 07:17:14 PM »
I'm just after a general opinion from anyone who may have run a mix like Nginx and Apache with a Wordpress plugin WP Rocket.
I'm asking as I get a little volatile response from cache now and then and find that I have to clear cache on server side as well as plugin often.
My knowledge of server side caching is limited and I'm keen not to be overdoing the cache setup.
Is there a better way... or is the setup I have ok?

CentOS 7 Problems / Re: Too many 301 redirects
« on: July 02, 2021, 08:50:26 PM »
Have you checked if the domain is set to redirect -
Thanks for the reply.
I did discover that my domain register was redirecting the domain after all. They said they do it for dormant domains and then redirect to their advertising site... Bit of a cheek and I didn't have any control over the redirects so I had to be polite.
needless to say, I've moved.
I do really appreciate your reply I was pulling my hair out to be honest.

CentOS 7 Problems / Too many 301 redirects
« on: July 01, 2021, 02:49:32 PM »
Just wondering if anyone could help me with this.
I have a domain that until recently I only used for emails. Today I decided to place a website on the domain but before I could do so I found that all the browsers i visited tells me that the domain has too many 301 redirects.
Right now there is no htaccess files anywhere. I've rebuilt Apache, cleared cache on browser as well as CWP. Checked with the domain register to make sure no redirects have ever been put in place.

So as I can't find any reason for the 301 redirects, could this account have a malware infection? Or could there be another reason.
I do have other accounts hosted on CWP (about 12) and none of them are effected.

CSF Firewall / Re: My firewall is off and i can't turn it on
« on: July 26, 2020, 07:49:29 PM »
If you have a dynamic IP address at your client machine (home PC/laptop) then sign up for a dynamic IP service (ex. Add this new FQDN to /etc/csf/csf.dyndns. Then set CSF DYNDNS_IGNORE=1 and DYNDNS_INTERVAL=600 - you'll not get locked out again.

A reboot is normal, when (re)installing a firewall due to the low-level interaction with the kernel and iptables.

I have static ip's but that is good advise for others should they have dynamic ip's. I never got locked out of the firewall as I added the static ip's of my locations to the list. CSF was just being a bit stubborn ;)

CSF Firewall / Re: My firewall is off and i can't turn it on
« on: July 26, 2020, 06:29:18 PM »
Thanks for the reply cynique
I did already have the testing set to zero and firewalld was also disabled.
I have since fixed this but never actually gotten to the real reason for the problem. From what I could see the issue stems from country ip blocking, but in the end I was forced to reinstall CSF and reboot the server as forcing the services to restart wouldn't work.

CSF Firewall / My firewall is off and i can't turn it on
« on: July 24, 2020, 07:18:55 PM »
Hi guys,
I noticed that my firewall was off and so I tried to turn it on but it wouldn't. I then tried to restart the services and still it is off and then I tried to force the restart of services and still it is set to off.
I did get a message saying
[root@server ~]# csf -e
csf and lfd are not disabled!
and that is a bit puzzling as the firewall is actually off.
I have (although I really didn't want to) rebooted the server and still the firewall is off.
Any help with this is much appreciated.

CentOS 7 Problems / Re: Excessive resource usage
« on: June 26, 2020, 06:07:04 PM »
although I agree that best practice is to build a server without a GUI, I have reasons for it. The server also runs a CCTV backup system and hence Gnome. It was installed as part of the Centos install and not the add on version.
Re-installing the server seems very severe way of dealing with Gnome. That almost borders on the Microsoft advice.

CentOS 7 Problems / Excessive resource usage
« on: June 26, 2020, 11:02:01 AM »
I'm getting emails about excessive resource usage and there are a couple of accounts that are problematic.
I've increases the timeout from 1800 to 15000 but still get the email warnings.
I don't want to stop the warnings as that isn't a good idea, but I do need help in understanding how to deal with this account that is using up resources.
The culprit is Gnome desktop and I have tried to stop the service and restart the firewall, but the errors still come.
Here's an email:
Time:         Thu Jun 25 22:59:25 2020 +0100
Account:      gdm
Resource:     Process Time
Exceeded:     362636 > 15000 (seconds)
Executable:   /usr/libexec/gsd-sharing
Command Line: /usr/libexec/gsd-sharing
PID:          3085 (Parent PID:2814)
Killed:       No

At the moment I'm getting about 900 emails a day

The other account that is as bad is:

Time:         Thu Jun 25 22:59:25 2020 +0100
Account:      avahi
Resource:     Process Time
Exceeded:     362653 > 15000 (seconds)
Executable:   /usr/sbin/avahi-daemon
Command Line: avahi-daemon: running [srv1.local]
PID:          1002 (Parent PID:1002)
Killed:       No

Anyone know where I should be looking to bring these accounts back in line and stop the excessive resource usage please

CentOS 7 Problems / Re: Memory and Cache usage high
« on: June 21, 2020, 06:03:11 PM »

Found several instance of Netdata running on the server (funny as I've never installed Netdata). I have since uninstalled it and forced a reboot of the server and all seems fine again. Ram now running at 6% cache at 9% as expected.

Has anyone else had this happen to them?

CentOS 7 Problems / Memory and Cache usage high
« on: June 21, 2020, 02:04:03 PM »
I've notice a sudden increase in RAM and CACHE usage that doesn't seem to be easing. I'm running CWP pro and this is on a Dell Power edge with 48gb DDR3 ram and dual Intel Xeon X5675 @ 3.07GHz
Apart from expected services I'm running:
MOD Security

Should I be concerned at this usage?

E-Mail / Re: email spam
« on: June 18, 2020, 08:36:11 PM »
Solved ish!

Thanks for the great link. It proved very useful as it highlighted the error I made with DKIM. Although I had installed SPF and DKIM I hadn't placed a default domain key in the dns zone. Now I know that this is don automatically by CWP, but if you are using the DNS Manager it wont be in your dns unless you add it.

Next issue was the spam. I actually found 155 malware viruses in the home/temp file of a domain I was hosting for a third party. I've since deleted the contains of the temp folder and so far no more spam.
Oh and I went through the backups of the daily, weekly and monthly to remove the contains of the temp folder in those backups.

E-Mail / Re: email spam
« on: June 18, 2020, 06:03:32 PM »
Excellent. Thank you studio4host

Pages: [1] 2 3 ... 5