Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
61
Installation / Re: no domain with new user
« on: January 30, 2019, 02:17:37 PM »
Your root website will not show up under Domains > List Domains; it will only appear under User Accounts > List Accounts. If you add domains to that user, they will show up under Domains > List Domains...
That first domain and in fact all domains associated with a new user will not appear under domains. The reason you cannot reach the domain is likely a port conflict with NGINIX. In my case when trying to use NGINIX two things happened. One, the domain was directed to /usr/local/apache/htdocs, so I received the default CWP banner page. And secondly, a website in the default location could not be reached. Due to this misconfiguration, I simply switched back to using Apache as my webserver and have no issues. In doing so, the default first user domain directed properly into the /home/USERNAME/public_html.
NGINIX setup and reverse proxies are difficult to manage by comparison to simple Apache in CWP. There are also a lot of bugs in the setup in addition to the setup being much more difficult.
That first domain and in fact all domains associated with a new user will not appear under domains. The reason you cannot reach the domain is likely a port conflict with NGINIX. In my case when trying to use NGINIX two things happened. One, the domain was directed to /usr/local/apache/htdocs, so I received the default CWP banner page. And secondly, a website in the default location could not be reached. Due to this misconfiguration, I simply switched back to using Apache as my webserver and have no issues. In doing so, the default first user domain directed properly into the /home/USERNAME/public_html.
NGINIX setup and reverse proxies are difficult to manage by comparison to simple Apache in CWP. There are also a lot of bugs in the setup in addition to the setup being much more difficult.
62
CentOS-WebPanel Bugs / Security - Hide all processes if not owned by the user - Deactivates on reboot.
« on: January 23, 2019, 04:27:22 PM »
Title says it all. The hide processes once set on permanent does not stay set after a reboot; it becomes disabled.
63
Installation / Re: CWP7 cwpsrv fails first on install, fix this breaks Apache
« on: January 22, 2019, 08:24:44 PM »
Creating the certificate for the domain manually works and did not (yet) break either the cwpsrv or httpd services. Someone needs to take a look at the SSL generation script(s) used when you check the SSL option while creating a domain, there is something wrong with it.
64
Installation / Re: CWP7 cwpsrv fails first on install, fix this breaks Apache
« on: January 22, 2019, 08:15:10 PM »
After running:
I took a guess that is was a certificate mismatch or mess up on the first user root domain, so I deleted the certificate and Apache restarted without issue. This was not a big shocker considering what broke cwpsrv.service was a hostname mismatch (for the CWP panel) that occurred right after I created the first user account with an SSL domain.
Something is wrong with you Let's Encrypt SSL generation. I fear generating an SSL again for this site because I will be pushing running out of my allotment of SSL's before getting any websites (well Apache) to work and stay working.
Could someone give me some guidance as well as look into either what the dev's changed about the Let's Encrypt SSL generation scripts in CWP along with what certbot/Let's Encrypt might have changed about their system in the last month?
I had no issues like this prior until you guys pushed a bunch of updates.
Oh and I am a paid Pro user...
Code: [Select]
strace -f -o apache.trace /usr/local/apache/bin/httpdI took a guess that is was a certificate mismatch or mess up on the first user root domain, so I deleted the certificate and Apache restarted without issue. This was not a big shocker considering what broke cwpsrv.service was a hostname mismatch (for the CWP panel) that occurred right after I created the first user account with an SSL domain.
Something is wrong with you Let's Encrypt SSL generation. I fear generating an SSL again for this site because I will be pushing running out of my allotment of SSL's before getting any websites (well Apache) to work and stay working.
Could someone give me some guidance as well as look into either what the dev's changed about the Let's Encrypt SSL generation scripts in CWP along with what certbot/Let's Encrypt might have changed about their system in the last month?
I had no issues like this prior until you guys pushed a bunch of updates.
Oh and I am a paid Pro user...
65
Installation / CWP7 cwpsrv fails first on install, fix this breaks Apache
« on: January 21, 2019, 06:58:54 PM »
Third install with the same results - utter failure. Everything works fine until you set up your first username/root domain. When you generate an SSL certificate for your root domain (while creating the first user) it breaks the webpanel - cwpsrv service crashes with a hostname certificate conflict.
This is a copy of the log after I ran the only thing that resolves the hostname.crt mismatch. In order to get the panel back up, I had to run:
sh /scripts/generate_hostname_ssl
This allows cwpsrv.service to start and the panel is accessible. The problem comes thereafter as you can see from my log - generating a new certificate totally breaks Apache. I have been having this problem for 2 to 3 weeks and cannot get past the breakdown of Apache. I have rebuilt vhosts and done everything I can think of and Apache stays broken.
Do you as developers ever install this panel to make sure it works properly and does not crash after you push updates? This is incredibly aggravating and makes CWP7 utterly worthless as it can only host the panel while Apache is broken.
Please ask for any logs, but none are more interesting than what I posted above and below. I just want a developer to try and install the panel and create a username who's domain is secured with SSL and see what I am describing happen before your own eyes. I am totally sick of this!!! Three weeks with no working hosting is not acceptable and experimenting time and time again just uses all of my Let's Encrypt certs until I have to wait another week before starting over just to have it break again identically.
systemctl status httpd.service -l
journalctl -xe
There is nothing in the Apache error log that is helpful - I know the configuration has failed:
Code: [Select]
Jan 21 13:33:38 helium11 systemd: Stopped CentOS Web Panel service (daemon).
Jan 21 13:33:38 helium11 systemd: Starting CentOS Web Panel service (daemon)...
Jan 21 13:33:38 helium11 cwpsrv: cwpsrv: [emerg] SL_CTX_use_PrivateKey_file("/etc/pki/tls/private/hostname.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
Jan 21 13:33:38 helium11 cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test failed
Jan 21 13:33:38 helium11 systemd: cwpsrv.service: control process exited, code=exited status=1
Jan 21 13:33:38 helium11 systemd: Failed to start CentOS Web Panel service (daemon).
Jan 21 13:33:38 helium11 systemd: Unit cwpsrv.service entered failed state.
Jan 21 13:33:38 helium11 systemd: cwpsrv.service failed.
Jan 21 13:33:44 helium11 systemd: cwpsrv.service holdoff time over, scheduling restart.
Jan 21 13:33:44 helium11 systemd: Stopped CentOS Web Panel service (daemon).
Jan 21 13:33:44 helium11 systemd: Starting CentOS Web Panel service (daemon)...
Jan 21 13:33:44 helium11 cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jan 21 13:33:44 helium11 cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jan 21 13:33:44 helium11 systemd: Started CentOS Web Panel service (daemon).
Jan 21 13:33:47 helium11 systemd: Stopping CentOS Web Panel service (daemon)...
Jan 21 13:33:47 helium11 systemd: Stopped CentOS Web Panel service (daemon).
Jan 21 13:33:47 helium11 systemd: Starting CentOS Web Panel service (daemon)...
Jan 21 13:33:47 helium11 cwpsrv: cwpsrv:the configuration file /usr/local/cwpsrv/conf/cwpsrv.conf syntax is ok
Jan 21 13:33:47 helium11 cwpsrv: cwpsrv:configuration file /usr/local/cwpsrv/conf/cwpsrv.conf test is successful
Jan 21 13:33:47 helium11 systemd: Started CentOS Web Panel service (daemon).
Jan 21 13:35:01 helium11 systemd: Started Session 9 of user root.
Jan 21 13:35:52 helium11 systemd: Stopping Web server Apache...
Jan 21 13:35:53 helium11 systemd: Stopped Web server Apache.
Jan 21 13:35:53 helium11 systemd: Starting Web server Apache...
Jan 21 13:35:53 helium11 systemd: httpd.service: control process exited, code=exited status=1
Jan 21 13:35:53 helium11 systemd: Failed to start Web server Apache.
Jan 21 13:35:53 helium11 systemd: Unit httpd.service entered failed state.
Jan 21 13:35:53 helium11 systemd: httpd.service failed.
Jan 21 13:36:25 helium11 dbus[4436]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service'
Jan 21 13:36:25 helium11 systemd: Starting Hostname Service...
Jan 21 13:36:25 helium11 dbus[4436]: [system] Successfully activated service 'org.freedesktop.hostname1'
Jan 21 13:36:25 helium11 systemd: Started Hostname Service.
Jan 21 13:36:31 helium11 systemd: Unit httpd.service cannot be reloaded because it is inactive.
Jan 21 13:36:32 helium11 systemd: Unit httpd.service cannot be reloaded because it is inactive.
Jan 21 13:36:42 helium11 systemd: Starting Web server Apache...
Jan 21 13:36:43 helium11 systemd: httpd.service: control process exited, code=exited status=1
Jan 21 13:36:43 helium11 systemd: Failed to start Web server Apache.
Jan 21 13:36:43 helium11 systemd: Unit httpd.service entered failed state.
Jan 21 13:36:43 helium11 systemd: httpd.service failed.
Jan 21 13:38:14 helium11 systemd: Unit httpd.service cannot be reloaded because it is inactive.
Jan 21 13:38:23 helium11 systemd: Starting Web server Apache...
Jan 21 13:38:24 helium11 systemd: httpd.service: control process exited, code=exited status=1
Jan 21 13:38:24 helium11 systemd: Failed to start Web server Apache.
Jan 21 13:38:24 helium11 systemd: Unit httpd.service entered failed state.
Jan 21 13:38:24 helium11 systemd: httpd.service failed.This is a copy of the log after I ran the only thing that resolves the hostname.crt mismatch. In order to get the panel back up, I had to run:
sh /scripts/generate_hostname_ssl
This allows cwpsrv.service to start and the panel is accessible. The problem comes thereafter as you can see from my log - generating a new certificate totally breaks Apache. I have been having this problem for 2 to 3 weeks and cannot get past the breakdown of Apache. I have rebuilt vhosts and done everything I can think of and Apache stays broken.
Do you as developers ever install this panel to make sure it works properly and does not crash after you push updates? This is incredibly aggravating and makes CWP7 utterly worthless as it can only host the panel while Apache is broken.
Please ask for any logs, but none are more interesting than what I posted above and below. I just want a developer to try and install the panel and create a username who's domain is secured with SSL and see what I am describing happen before your own eyes. I am totally sick of this!!! Three weeks with no working hosting is not acceptable and experimenting time and time again just uses all of my Let's Encrypt certs until I have to wait another week before starting over just to have it break again identically.
systemctl status httpd.service -l
Code: [Select]
[root@helium11 ~]# systemctl status httpd.service -l
● httpd.service - Web server Apache
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2019-01-21 14:16:27 EST; 20s ago
Process: 20981 ExecStop=/usr/local/apache/bin/apachectl graceful-stop (code=exited, status=0/SUCCESS)
Process: 18562 ExecReload=/usr/local/apache/bin/apachectl graceful (code=exited, status=0/SUCCESS)
Process: 2013 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=1/FAILURE)
Main PID: 18977 (code=exited, status=0/SUCCESS)
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: Starting Web server Apache...
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: Failed to start Web server Apache.
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: Unit httpd.service entered failed state.
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: httpd.service failed.journalctl -xe
Code: [Select]
-- Unit httpd.service has begun starting up.
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: Failed to start Web server Apache.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit httpd.service has failed.
--
-- The result is failed.
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: Unit httpd.service entered failed state.
Jan 21 14:16:27 srv1.mydomain.com systemd[1]: httpd.service failed.
Jan 21 14:17:01 srv1.mydomain.com run-parts(/etc/cron.daily)[2648]: finished maldet
Jan 21 14:17:01 srv1.mydomain.com run-parts(/etc/cron.daily)[2654]: starting man-db.cron
Jan 21 14:17:11 srv1.mydomain.com run-parts(/etc/cron.daily)[18276]: finished man-db.cron
Jan 21 14:17:11 srv1.mydomain.com run-parts(/etc/cron.daily)[18278]: starting mlocate
Jan 21 14:17:12 srv1.mydomain.com run-parts(/etc/cron.daily)[18287]: finished mlocate
Jan 21 14:17:12 srv1.mydomain.com run-parts(/etc/cron.daily)[18289]: starting rkhunter
Jan 21 14:17:34 srv1.mydomain.com kernel: perf: interrupt took too long (2521 > 2500), lowering kernel.perf_event_max_sample_rate to 79000There is nothing in the Apache error log that is helpful - I know the configuration has failed:
Code: [Select]
[Mon Jan 21 13:20:27.891310 2019] [mpm_event:notice] [pid 18977:tid 140169689966464] AH00489: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Mon Jan 21 13:20:27.891371 2019] [core:notice] [pid 18977:tid 140169689966464] AH00094: Command line: '/usr/local/apache/bin/httpd'
[Mon Jan 21 13:35:52.999279 2019] [mpm_event:notice] [pid 18977:tid 140169689966464] AH00492: caught SIGWINCH, shutting down gracefully
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration FailedCode: [Select]
[root@helium11 ~]# /usr/local/apache/bin/apachectl -t
Syntax OK
66
Apache / Re: Apache Compiler does not install ssl_module (shared) on rebuild
« on: January 19, 2019, 01:21:13 AM »
The Apache installer should check first to see if you have any SSL certs and properly install the module if you do...
67
Apache / Re: Apache Compiler does not install ssl_module (shared) on rebuild
« on: January 19, 2019, 01:19:56 AM »
Yes, but if you already have SSL certificates and you rebuild Apache, SSL fails unless you add a new certificate according to you.
What happens when you rebuild Apache and you already have SSL certs installed and don't need to or have no domain to install a certificate on. As I mentioned, it breaks SSL.
You could have tested this before replying...
What happens when you rebuild Apache and you already have SSL certs installed and don't need to or have no domain to install a certificate on. As I mentioned, it breaks SSL.
You could have tested this before replying...
68
Apache / Apache Compiler does not install ssl_module (shared) on rebuild
« on: January 16, 2019, 08:04:28 PM »
When rebuilding even the same version of Apache, the module "ssl_module (shared)" is not installed despite it being set as a conditional flag in the "Additional options available:" box. (--enable-ssl=shared)
Please fix or clarify why your Apache compiler refuses to install the "ssl_module (shared)." It would seem this would break all SSL sites.
Please fix or clarify why your Apache compiler refuses to install the "ssl_module (shared)." It would seem this would break all SSL sites.
69
Mod_Security / How to disable a rule by ID
« on: January 08, 2019, 12:01:01 PM »
I cannot seem to get modsecurity to disable ID 211190 for a website. The edit rules section is not clear on how to disable a rule by ID. I know how not to do it as it crashes Apache. Also saying, "For instructions please use our forum." when there are no instructions here is pretty silly.
Like so many things documented here on the forums and in the wiki are outdated. At least I cannot find anything on the new modsecurity interface. I don't want to have to entirely disable modsecurity just because I cannot figure out how to remove rules by ID.
Like so many things documented here on the forums and in the wiki are outdated. At least I cannot find anything on the new modsecurity interface. I don't want to have to entirely disable modsecurity just because I cannot figure out how to remove rules by ID.
70
CentOS-WebPanel Bugs / Top five processes only lists four processes.
« on: December 31, 2018, 06:24:21 PM »
The title pretty well nails it. The process list on the dashboard only shows the top four rather than five processes.
71
Installation / CWP does not use the full subdomain of the hostname address on install
« on: December 31, 2018, 05:36:35 PM »
When installing CWP7 on CentOS 7, despite the hostname already being set, the panel uses only the domain name only (ie, install authorizes "domain.com" rather than the set domain of for instance "panel.domain.com").
This is an issue the way you have Let's Encrypt SSL certificates because it fails on initial install. I know changing the hostname to what it should have been to begin with using "Change Hostname" will change the hostname (even though it reads out properly on the dashboard...) and generates a new certificate. The problem is with all of the bugs and quirks in CWP, after a couple of failed installs, the certificate maximum is reached and Let's Encrypt will no longer issue certificates for a one week period due to their rate limit.
Please make CWP actually use the entire subdomain name upon install. In fact you can only see it is incorrect in the "Change Hostname" dialogue as it reads out properly on the panel dashboard despite being set wrong in CWP.
This is an issue the way you have Let's Encrypt SSL certificates because it fails on initial install. I know changing the hostname to what it should have been to begin with using "Change Hostname" will change the hostname (even though it reads out properly on the dashboard...) and generates a new certificate. The problem is with all of the bugs and quirks in CWP, after a couple of failed installs, the certificate maximum is reached and Let's Encrypt will no longer issue certificates for a one week period due to their rate limit.
Please make CWP actually use the entire subdomain name upon install. In fact you can only see it is incorrect in the "Change Hostname" dialogue as it reads out properly on the panel dashboard despite being set wrong in CWP.
72
Installation / Re: New account domain not pointing to /home/USERNAME/public_html
« on: December 15, 2018, 08:53:04 AM »
The problem seems to have occurred because I was using NGINX instead of Apache. Changing to Apache allowed the replaced index.html in the directory /home/USERNAME/public_html to be loaded properly.
...so there must be some issue with NGINX perhaps the vhosts file? I am baffled.
...so there must be some issue with NGINX perhaps the vhosts file? I am baffled.
73
Installation / Re: New account domain not pointing to /home/USERNAME/public_html
« on: December 15, 2018, 08:23:38 AM »
Already did this - doing it again did not resolve the issue. Any other suggestions?
74
Installation / New account domain not pointing to /home/USERNAME/public_html
« on: December 15, 2018, 07:50:55 AM »
I have installed CWP and everything seemed to have gone well. The problem I am having is that the root domain created when creating the first user account at /home/USERNAME/public_html, the index.html is not what is getting read. I replaced it and continue to get the default CWP banner page rather than my index.html.
Server is set up properly and NAT'ed.
It just acts as if it is loading the banner page from someplace other than at /home/USERNAME/public_html/index.html.
Server is set up properly and NAT'ed.
It just acts as if it is loading the banner page from someplace other than at /home/USERNAME/public_html/index.html.
75
Information / Re: CWP version 0.9.8.744 totally broken.
« on: December 05, 2018, 08:10:40 PM »
The issues only occur in Chrome. It happens when the Live Processes load and the blue border on the bottom of the page that has been added loads... Chrome was working yesterday with no issues.
