Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
46
Suggestions / Logging Real Visitor IP Addresses of the Cloudflare
« on: July 29, 2018, 10:04:31 PM »
Hello
-Please add this feature to the next version of the CWP.
- Another suggestion is to make the address of the folders in file manager to be copyable. for example when I go to home/ bla/ bla
I can not copy the address and I have to type it.
Thanks
-Please add this feature to the next version of the CWP.
- Another suggestion is to make the address of the folders in file manager to be copyable. for example when I go to home/ bla/ bla
I can not copy the address and I have to type it.
Thanks
47
Apache / I did not find them in /usr/local/apache/conf/httpd.conf
« on: July 28, 2018, 06:22:04 AM »
Hello
How can I change these fields in apache?
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
I did not find them in /usr/local/apache/conf/httpd.conf
How can I change these fields in apache?
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
I did not find them in /usr/local/apache/conf/httpd.conf
48
CentOS-WebPanel GUI / I do not have acces to SSH, CWP and my site is down. What can I do?
« on: July 26, 2018, 10:49:56 PM »
Hi
I used the rules from this link
https://javapipe.com/ddos/blog/iptables-ddos-protection/
for Iptables but now I do not have acces to SSH, CWP and my site is down. What can I do?
I used the rules from this link
https://javapipe.com/ddos/blog/iptables-ddos-protection/
for Iptables but now I do not have acces to SSH, CWP and my site is down. What can I do?
49
CentOS-WebPanel GUI / Another app is currently holding the xtables lock
« on: July 26, 2018, 07:18:15 PM »Hello
I wanted to config IPtable.
I set the rule in /etc/sysctl.conf
I added this rule too iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
As was said in :
https://javapipe.com/ddos/blog/iptables-ddos-protection/
I did this too:
iptables -P INPUT DROP
iptables -P FORWARD DROP
but now when I want to login to CWP it takes a about 3 minutes to let me in/
I think the problem is with the rule:
I want to detelet it but it says :
Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
I think it doesnot stop.
When I use #service iptables stop
The output is:
Redirecting to /bin/systemctl stop iptables.service
Does it means Iptables has stoped?
After that I can not enter the CWP quicker.
I think Iptables was not installed. I used yum and installed it. maybe it caused the problem..
How can I solve it
Thanks
50
iptables / I do not have /etc/sysconfig/iptables file.
« on: July 26, 2018, 03:04:21 PM »
Hello
I want to config /etc/sysconfig/iptables filebut it doesnot exist. Does it mean IPtable is not active?
Thanks
I want to config /etc/sysconfig/iptables filebut it doesnot exist. Does it mean IPtable is not active?
Thanks
51
iptables / Re: How can I config IPTABLES for DDOS aatacks?
« on: July 26, 2018, 10:58:16 AM »
How can find the type?
They hammer index,php of the Wordpress or visit the pages that are not available.
I am using Cloudflare too.
As it seems it's kind of Vrute Force Attack.
They hammer index,php of the Wordpress or visit the pages that are not available.
I am using Cloudflare too.
As it seems it's kind of Vrute Force Attack.
52
Updates / Re: What does "yum reinstall cwpsrv cwpphp" do?
« on: July 26, 2018, 10:52:11 AM »
You are rith. It was not loaded for me before.
Now it says:
/
11G
.channels
36K
.well-known
16K
backup
3.7G
boot
202M
etc
40M
home
2.3G
lost+found
16K
media
4.0K
mnt
4.0K
opt
4.0K
root
1.7M
share
84K
srv
4.0K
tmp
11M
usr
2.9G
var
1.5G
What should I remove in Var and usr?
Thanks
Now it says:
/
11G
.channels
36K
.well-known
16K
backup
3.7G
boot
202M
etc
40M
home
2.3G
lost+found
16K
media
4.0K
mnt
4.0K
opt
4.0K
root
1.7M
share
84K
srv
4.0K
tmp
11M
usr
2.9G
var
1.5G
What should I remove in Var and usr?
Thanks
53
Updates / Re: What does "yum reinstall cwpsrv cwpphp" do?
« on: July 26, 2018, 10:43:55 AM »
Thanks
As it seems it's not the log.
I do not know how can I list files and find it.
71M /var/log/
83M /usr/local/apache/logs/
91M /usr/local/cwpsrv/logs/
11M /tmp
1.7M /root
546M /var/lib/mysql/
As it seems it's not the log.
I do not know how can I list files and find it.
71M /var/log/
83M /usr/local/apache/logs/
91M /usr/local/cwpsrv/logs/
11M /tmp
1.7M /root
546M /var/lib/mysql/
54
iptables / How can I config IPTABLES for DDOS aatacks?
« on: July 26, 2018, 10:29:37 AM »
Hello
Here
https://javapipe.com/ddos/blog/iptables-ddos-protection/
it says to put this code :
in your /etc/sysctl.conf file and apply the settings with sysctl -p.
I go to /etc/sysctl.conf it says:
"Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5)."
What can I do?
Can I add the code to /etc/sysctl.conf directly or have to breate a new file ?
What does " apply the settings with sysctl -p" mean?
Thanks
Here
https://javapipe.com/ddos/blog/iptables-ddos-protection/
it says to put this code :
Code: [Select]
kernel.printk = 4 4 1 7
kernel.panic = 10
kernel.sysrq = 0
kernel.shmmax = 4294967296
kernel.shmall = 4194304
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
vm.swappiness = 20
vm.dirty_ratio = 80
vm.dirty_background_ratio = 5
fs.file-max = 2097152
net.core.netdev_max_backlog = 262144
net.core.rmem_default = 31457280
net.core.rmem_max = 67108864
net.core.wmem_default = 31457280
net.core.wmem_max = 67108864
net.core.somaxconn = 65535
net.core.optmem_max = 25165824
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 16384
net.ipv4.neigh.default.gc_interval = 5
net.ipv4.neigh.default.gc_stale_time = 120
net.netfilter.nf_conntrack_max = 10000000
net.netfilter.nf_conntrack_tcp_loose = 0
net.netfilter.nf_conntrack_tcp_timeout_established = 1800
net.netfilter.nf_conntrack_tcp_timeout_close = 10
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 10
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_last_ack = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 20
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 10
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.ip_no_pmtu_disc = 1
net.ipv4.route.flush = 1
net.ipv4.route.max_size = 8048576
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.tcp_congestion_control = htcp
net.ipv4.tcp_mem = 65536 131072 262144
net.ipv4.udp_mem = 65536 131072 262144
net.ipv4.tcp_rmem = 4096 87380 33554432
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 4096 87380 33554432
net.ipv4.udp_wmem_min = 16384
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 400000
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_fin_timeout = 10
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 60
net.ipv4.tcp_keepalive_probes = 10
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.ip_forward = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.rp_filter = 1in your /etc/sysctl.conf file and apply the settings with sysctl -p.
I go to /etc/sysctl.conf it says:
"Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5)."
What can I do?
Can I add the code to /etc/sysctl.conf directly or have to breate a new file ?
What does " apply the settings with sysctl -p" mean?
Thanks
55
Updates / Re: What does "yum reinstall cwpsrv cwpphp" do?
« on: July 25, 2018, 01:58:00 PM »
The size of all of them are like what you sent here. Not more than 54 M.
56
SSL / Re: What should I do to have SSL on Wordpress with Nginx+ Apache+Varnish webserver?
« on: July 25, 2018, 01:56:03 PM »
I did but no result. I could not have force SSL but then I removed the Varnish now I do not have any problem with SSl.
57
CentOS-WebPanel Bugs / Re: Why SSH port doesnot change?
« on: July 24, 2018, 06:17:54 PM »
I removed the # character from the beginning of the line and now changed.
It shoud look this way:
It shoud look this way:
Code: [Select]
port 2211
58
CentOS-WebPanel Bugs / Why SSH port doesnot change?
« on: July 24, 2018, 03:53:28 PM »Hi
I changed SSH port 2 days ago in config file /etc/ssh/sshd_config and in CSF firewall and restartd SSH and CSF Firewall many times but I receive a warning about it always:
"WARNING: Security vulnerability! Your server is using default SSH Port 22, to make your server more secure change SSH port in config file /etc/ssh/sshd_config and in CSF firewall !
After changes are done don't forget to restart SSH and CSF Firewall. "
Thanks for your help
59
SSL / Re: SSL depends on Wenserver?
« on: July 24, 2018, 03:22:54 PM »
Thanks for your attention and answer.
Just now I did it.
The problem was the code that I used for htaccess .
I use this now:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Just now I did it.
The problem was the code that I used for htaccess .
I use this now:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
60
SSL / Re: SSL depends on Wenserver?
« on: July 24, 2018, 07:19:49 AM »
Thanks for your answer
The main problem is force SSL./
I wanted to use this manual:
https://www.wpbeginner.com/wp-tutorials/how-to-add-ssl-and-https-in-
wordpress/
I did not get any result and after adding the codes that he mentioned to the
.httaccess the site does not work but when I vhange the http to https in
"option" part of the database without using any code it behaves differently
on each subdomain.
On one subdomain http forces to https and on the other subdomain it doesnot
happen at the same situation and and setting.
Take a look at these subdomains please:
http://blog.salamzaban.com
http://level.salamzaban.com
Level subdomain goes to https but blog subdomain doesnot go to https automaticly.
Thanks
The main problem is force SSL./
I wanted to use this manual:
https://www.wpbeginner.com/wp-tutorials/how-to-add-ssl-and-https-in-
wordpress/
I did not get any result and after adding the codes that he mentioned to the
.httaccess the site does not work but when I vhange the http to https in
"option" part of the database without using any code it behaves differently
on each subdomain.
On one subdomain http forces to https and on the other subdomain it doesnot
happen at the same situation and and setting.
Take a look at these subdomains please:
http://blog.salamzaban.com
http://level.salamzaban.com
Level subdomain goes to https but blog subdomain doesnot go to https automaticly.
Thanks
