Messages

16

PHP Selector / Re: Fresh install on CentOS 7 PHP version switcher erroring out.

« on: January 14, 2022, 09:27:12 PM »

Perhaps are you trying to compile PHP version "7.3.0"..?!
This is a very old version, PHP 7.3 current branch is in version 7.3.33...!!

17

E-Mail / Re: X-Envelope-From and From different

« on: January 14, 2022, 09:14:58 PM »

It may be that you have a specific E-mail where the sender is trying to confuse the recipient, but this cannot be concluded from E-mail senders. Me, for example, use it this way, X-Envelope-From is different from Mime-From, for the same domain, for historical and convenience reasons, and they are absolutely legitimate E-mails.

=>Envelope From (RFC5321)
Used by the SMTP server to generate NDR (Non-Delivery Report)
Used by SPF filter to determine if it came from the designated IP address.

=>Mime Header From (RFC5322)
Used by the email client to display information in the From field.
Used by DMARC filter to confirm if the message is authentic

Also, there are many legitimate reasons for the envelope sender and the From header not to match.
Rejecting mails based on that is not a good idea.

Anyway, if you need, you must implement through DKIM and DMARC policies.
Check this page to do it, and know the notices:
https://support.google.com/a/answer/10032169?hl=en

18

Dovecot / Re: Error: autoexpunge: Couldn't create dovecot.autoexpunge.lock lock: file_create_l

« on: January 13, 2022, 08:41:55 PM »

Sorry, but nothing is possible to solve with a "Disk Quota Exceeded" error message.
Solve that problem, and try again.

19

Apache / Re: Performance

« on: January 13, 2022, 08:38:40 PM »

This is too much specific to your platform (memory available, speed machine, etc.) and profile of your users (heavy acessed? heavy memory use? etc).
It's literally impossible to suggest values to these parameters.

But you can start by the suggestion of this file:
/usr/local/apache/conf/extra/httpd-mpm.conf

Code: [Select]

# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestWorkers: maximum number of worker threads
# MaxConnectionsPerChild: maximum number of connections a server process serves
#                         before terminating
<IfModule mpm_event_module>
    StartServers             3
    MinSpareThreads         75
    MaxSpareThreads        250
    ThreadsPerChild      25
    MaxRequestWorkers      400
    MaxConnectionsPerChild   0
</IfModule>

After trying the above values, you should fine-tune your configuration to the desired performance profile.

20

Information / Re: Cannot log into my cPanel

« on: January 13, 2022, 08:26:37 PM »

Try logging in, and then immediately issue the following command:

Code: [Select]

tail -20 /usr/local/cwpsrv/logs/error_log
Post the results here.

21

Apache / Re: Performance

« on: January 12, 2022, 09:17:21 PM »

(...)
Since MPM is turned off by default in httpd.conf

No. It's enabled the module "mpm_event".

Check with:

Code: [Select]

# /usr/local/apache/bin/apachectl -M | grep -i mpm


(...)
Current setup is Nginx -> Apache -> PHP-FPM 7.xx

Besides Apache settings should i change any other settings to better utilize the resources?

Thanks in advance

The MPM Event is needed to run PHP-FPM.
You can choose another MPM just with PHP-CGI.
It is a Apache module/PHP limitation.

Surely, PHP-FPM have a superior performance, included with Nginx<->Varnish<->Apache, but you can have different problems with greedy caching with Varnish.
Your choice.

22

Nginx / Re: vHost conf file keeps reseting to the orig, tpl file has some errors

« on: January 12, 2022, 09:06:36 PM »

Why there is an editor there if the admin is not supposed to change the vHost file? The editor gives you a sense that you can edit it and it stays there! On the other hand, an static viewer gives you a sense that you can just see the contents and there is another way to edit it!

Yes, I agree: in my opinio,those files should be locked for editing, and there should be a warning that any changes will be overwritten in the next update. On the other hand, the documentation mentions that the changes made will be overwritten, so it is only possible to keep the changes with new files created from clones of those files.

When I apply the custom templates via the "WebServers Domain Conf" page, I get 50x error. I can not restart apache if I select the default all_methods template. The spacing in that file is not correct. I only described one scenario for Nginx_apache, I have other problems on another VM where I try to change the Nginx vhost conf for my NodeJS app.

Here is a problem with your template. After creating and applying it, you should check how it looks in your Apache or Nginx server configuration files. Check for errors, and fix templates.

Lets just repeat that if I clone the default tpl file without any changes, I can not make it work. I've tried both "Nginx -> apache -> PHP-CGI" and "Nginx -> apache -> proxy" option. Maybe you need to give it a try yourself and give me more insights. Please note that I dont have php-fpm. I am using php switcher v2.

When creating a .tpl file, it is mandatory to also create its corresponding .stpl file, or the template will not be available to be chosen and assigned to your site, either for PHP-FPM or PHP-CGI.

23

CentOS 7 Problems / Re: Problems with Mail Service

« on: January 12, 2022, 08:56:30 PM »

Check you logs by queue id, like:

Code: [Select]

# grep C5BADEE08CC /var/log/maillog
of

Code: [Select]

# grep ABBFDEE005D /var/log/maillog
...and post the results here.

24

CentOS 7 Problems / Re: 403 Forbidden Error on Virtual Host

« on: January 12, 2022, 08:44:47 PM »

I don't have any problem executing this command in my server.

You already checked your /usr/local/apache/domlogs/*.error.log files.?!

Regards,
Netino

25

CentOS-WebPanel GUI / Re: Mod_Security's Security incidents wrong IP

« on: January 12, 2022, 12:01:30 AM »

This is a ModSecurity issue, and it will not be fixed in 2.x versions.
Check:
https://github.com/SpiderLabs/ModSecurity/issues/811

Regards,
Netino

26

Nginx / Re: vHost conf file keeps reseting to the orig, tpl file has some errors

« on: January 11, 2022, 11:52:50 PM »

I am using Apache-Nginx as the webserver. I want to allow all the HTTP methods (PUT, DELETE) on a host by changing the vHost file. When I change that via the "WebServers Configuration Editor" to add a line, it reverts to the template file after a while.

I tried adding a configuration via the "Manage WebServers Configuration" page, but the "All_methods" tpl file does not work. I can't successfully restart the httpd service, it complains about the conf file. I tried cloning the default tpl file to create my own template, but I can't make it work with my web current web serv Apache_nginx.

As the last option, I tried to edit the default.tpl and default.stpl file, it worked but I am just surprised that its back to the orig file now!

You must avoid to change directly the vhosts/*.conf files.
They will always be overwritten when the webservers are rebuilt.

Instead of to change directly the vhosts conf files, you must create additional custom templates, simply copying and change them.
After that, you must apply the customized template to you site in CWP, "WebServers Domain Conf".

If you customize your webserver configuration, you *must* customize too the webserver templates in "/usr/local/cwpsrv/htdocs/resources/conf/web_servers/", otherwise, they will always be overwritten when CWP is updated.
(check there your webservers files used)

The templates per-si are *always* overwritten when CWP is updated too. So, you *must* to create additional files in that directories, instead to change it.
Copy an existant file, change the name of the file, one for .conf and another for .ssl.conf (always two files, obligatorily). This is needed to the template is showed in the "WebServers Domain Conf".

You can check this link to do it:
http://wiki.centos-webpanel.com/webservers-vhost-templates

One diverse way to avoid this customization above (in webserver templates) is to create your new custom files directly in 'conf.d' diretories of your webservers, avoiding to change the system config webserver files. You can use it, if possible.

Regards,
Netino

27

E-Mail / Re: Fake users sending spam

« on: January 11, 2022, 11:47:30 PM »

(...)
Jan 11 08:44:43 cwp postfix/smtpd[17250]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 commands=2/3
Jan 11 08:44:43 cwp cbpolicyd[10726]: module=Quotas, action=defer, host=127.0.0.1, helo=myserver.tdl, from=collatedbg@myserver.tdl, to=b.lichtenberg@random.de, reason=quota_match, policy=6, quota=
3, limit=4, track=Sender:@myserver.tdl, counter=MessageCount, quota=11.58/10 (115.8%)
Jan 11 08:44:43 cwp postfix/smtpd[17251]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <b.lichtenberg@random.de>: Recipient address rejected: 1; from=<collatedbg@myserver.tdl> to=<b.lichtenberg@random.de> proto=ESMTP helo=<myserver.tdl>
Jan 11 08:44:43 cwp postfix/smtpd[17251]: lost connection after RCPT from localhost[127.0.0.1]
Jan 11 08:44:43 cwp postfix/smtpd[17251]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 commands=2/3
Jan 11 08:44:43 cwp cbpolicyd[17260]: module=Quotas, action=defer, host=127.0.0.1, helo=myserver.tdl, from=f_ycqxcyirp@myserver.tdl, to=frank-rilling@random.de, reason=quota_match, policy=6, quota=3, limit=4, track=Sender:@myserver.tdl, counter=MessageCount, quota=11.58/10 (115.8%)
Jan 11 08:44:43 cwp postfix/smtpd[17258]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 450 4.7.1 <frank-rilling@random.de>: Recipient address rejected: 1; from=<f_ycqxcyirp@myserver.tdl> to=<frank-rilling@random.de> proto=ESMTP helo=<myserver.tdl>
Jan 11 08:44:43 cwp postfix/smtpd[17258]: lost connection after RCPT from localhost[127.0.0.1]
Jan 11 08:44:43 cwp postfix/smtpd[17258]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 commands=2/3
Jan 11 08:45:17 cwp postfix/smtpd[17254]: warning: hostname examsection.earacheevince.com does not resolve to address 212.192.246.26
Jan 11 08:45:17 cwp postfix/smtpd[17254]: connect from unknown[212.192.246.26]
Jan 11 08:45:20 cwp postfix/smtpd[17254]: warning: unknown[212.192.246.26]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan 11 08:45:20 cwp postfix/smtpd[17254]: lost connection after AUTH from unknown[212.192.246.26]
Jan 11 08:45:20 cwp postfix/smtpd[17254]: disconnect from unknown[212.192.246.26] ehlo=1 auth=0/1 commands=1/2
(...)

The spam is coming from localhost. It doesn't appear to be an open relay. It looks like some script on the server itself is allowing this sending attempt. The web logs for the same time and/or spam start time should be investigated to try to identify which scripts are allowing this.
The following files/directories must be scanned:
/usr/local/apache/logs/
/usr/local/apache/domlogs/
/usr/local/cwpsrv/var/services/roundcube/logs/

28

E-Mail / Re: how to know the spam source

« on: January 09, 2022, 03:33:00 AM »

Hello,

 Is there any way to know which site sending spam email in the server, i have scanned the server many times, how to know the source of the spam ?

How did you conclude that there is mail spam on your server?
What log files?

29

CentOS-WebPanel Bugs / Re: After update or script update, my conf files of vhosts al revert to default

« on: January 09, 2022, 03:29:45 AM »

(...)
Hello Netino,

Sorry the delay. I'm not the one who add domains to CWP, and I don't know exactly whats the procedure that my partners follow. I tried yesterday to edit a domain using the "select template" method, and it seems that the nightly rebuild keep the changes and the site is still working.

To summarize (please, correct me if I misunderstand): I have to create a template for every site that has a configuration detail. For example, if I don't want to have webmail support for a site, I have to create a template for that. If a site should not have "AllowOverride All", it is necessary to create a template for that. And so on. Like seati pointed before, it is necessary to have a template for every difference that a site has with another site in the same server. Right?
(...)

Yes, you are right.
Any new customization needs a new template.
But the same single template can be applied to a group of sites.

30

CentOS-WebPanel Bugs / Re: After update or script update, my conf files of vhosts al revert to default

« on: January 09, 2022, 03:19:21 AM »

(...)
Did you read all previous posts? A template shouldn't be something that needs to be created for each website, the definition of "template" in computing is:
a preset format for a document or file, used so that the format does not have to be recreated each time it is used.
So if we need to create a "template" for each website, then it's not a template, but a custom config.

But you don't have to create a new template for each site!
You can create just one template for all other sites.
So you set and use the same template for that customized sites.
You only need to create a new template just when you have a new type of customization. For a new site, or new group of sites.

(...)
Again, my hack works... but I have mixed feelings about having to do some custom coding to go around a bug that wasn't there... if CWP had rebuilt vhosts from the beginning, then it would be my choice to do some custom coding, go the "cwp way" or install another panel. But the fact that this "feature" (a.k.a. "bug") appeared out of nowhere with the last update and without any previous notice is what troubles me.

I don't know what bug are you mentioning, but the templates are a feature for the panel.