Recent Posts
11
CSF Firewall / Re: Suspicious File Alert
« Last post by overseer on April 18, 2024, 05:54:00 PM »Are you running Python 2.7 or 3.6 on that system? Do you actually make use of it for any web facing apps, or just PHP?
12
Information / Re: Running CWP (centos web panel) behind reverse proxy,is it possible to host multi
« Last post by overseer on April 18, 2024, 05:21:43 PM »Pretty good for an AI bot!
13
E-Mail / Re: SSL Cert Update Issues with Mail Server
« Last post by kandalf on April 18, 2024, 03:36:12 PM »Could you please advise of the following:
What 'errors' and/or 'messages' are being displayed or from logs?
What distro are you trying to install CWP onto? / What distro are you are you running CWP on?
Public or NAT?
I have the same error on Centos 7 server and Centos 8 Stream.
Im running with public IP.
Where can I find relevant error logs? Since the problem when this occurs is on client side, the email client fire an error telling that the certificate is insecure.
14
CSF Firewall / Suspicious File Alert
« Last post by Dangerousdave26 on April 18, 2024, 03:32:40 PM »I setup a new server last week and since I got the DNS to resolve correct (allowing it to send emails) I keep getting these 2 messages.
Note that I do not have this issue with my other install of CWP.
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/certifi/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/salt/grains/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
I scanned that directory with CalmAV and it found nothing.
Here is the file structure of the .root_0f8430_salt directory.
[root@ .root_0f8430_salt]# ls -l
total 52
-rw-r--r-- 1 root root 65 Apr 5 02:45 code-checksum
-rw-r--r-- 1 salt salt 40 Apr 1 20:23 ext_version
-rw-r--r-- 1 root root 13 Apr 5 02:45 grains
-rw-r--r-- 1 root root 158 Apr 5 02:45 minion
drwx------ 9 root root 4096 Apr 5 02:45 py3
drwx------ 6 root root 4096 Apr 5 02:45 pyall
drwx------ 3 root root 4096 Apr 5 02:45 running_data
-rw-r--r-- 1 root root 757 Apr 5 02:45 salt-call
-rw------- 1 root root 8629 Apr 5 02:45 salt_state.tgz
-rw-r--r-- 1 root root 8 Apr 5 02:45 supported-versions
-rw-r--r-- 1 root root 6 Apr 5 02:45 version
[root@ .root_0f8430_salt]#
Note that I do not have this issue with my other install of CWP.
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/certifi/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
Time: Thu Apr 18 08:05:23 2024 -0700
File: /var/tmp/.root_0f8430_salt/pyall/salt/grains/core.py
Reason: Script, file extension
Owner: root:root (0:0)
Action: No action taken
I scanned that directory with CalmAV and it found nothing.
Here is the file structure of the .root_0f8430_salt directory.
[root@ .root_0f8430_salt]# ls -l
total 52
-rw-r--r-- 1 root root 65 Apr 5 02:45 code-checksum
-rw-r--r-- 1 salt salt 40 Apr 1 20:23 ext_version
-rw-r--r-- 1 root root 13 Apr 5 02:45 grains
-rw-r--r-- 1 root root 158 Apr 5 02:45 minion
drwx------ 9 root root 4096 Apr 5 02:45 py3
drwx------ 6 root root 4096 Apr 5 02:45 pyall
drwx------ 3 root root 4096 Apr 5 02:45 running_data
-rw-r--r-- 1 root root 757 Apr 5 02:45 salt-call
-rw------- 1 root root 8629 Apr 5 02:45 salt_state.tgz
-rw-r--r-- 1 root root 8 Apr 5 02:45 supported-versions
-rw-r--r-- 1 root root 6 Apr 5 02:45 version
[root@ .root_0f8430_salt]#
15
CentOS 7 Problems / Re: Acme.sh, try to renew all domain or subdomain removed
« Last post by devloraa on April 18, 2024, 12:26:04 PM »LP Jon,
I don't think you are talking about the same problem that I have, because this is not a DNS problem I have.
Please provide more details if I misunderstood or remove your comment so the thread stay clean.
Thank you
I don't think you are talking about the same problem that I have, because this is not a DNS problem I have.
Please provide more details if I misunderstood or remove your comment so the thread stay clean.
Thank you
16
CentOS 7 Problems / Re: Acme.sh, try to renew all domain or subdomain removed
« Last post by devloraa on April 18, 2024, 12:22:42 PM »Starburst,
acme.sh must check a list of the domain to renew. It is definitely not based on the file in the folder you mentioned, because the files are not there and acme.sh still try to renew the cert for the domain.
This list of domains that acme.sh renew is managed by CWP, I have never touched any settings linked to acme.sh/let's encrypt outside of the interface provided by CWP. I have never called acme.sh directly from the command line neither.
How does CWP tell acme.sh to generate a certificate (and to renew it)? That would be a good starting point for me to find and remove these domains from acme.sh config, and help others who'll end up in the same situation.
Edit:
Additionnaly, I see that folders of the probelamatic old domain still exsits in /root/.acme.sh/cwp_certs
So cleeearly there is something going on with cwp.
Rejecting the fact that this is not a cwp bug was not the right answer.
acme.sh must check a list of the domain to renew. It is definitely not based on the file in the folder you mentioned, because the files are not there and acme.sh still try to renew the cert for the domain.
This list of domains that acme.sh renew is managed by CWP, I have never touched any settings linked to acme.sh/let's encrypt outside of the interface provided by CWP. I have never called acme.sh directly from the command line neither.
How does CWP tell acme.sh to generate a certificate (and to renew it)? That would be a good starting point for me to find and remove these domains from acme.sh config, and help others who'll end up in the same situation.
Edit:
Additionnaly, I see that folders of the probelamatic old domain still exsits in /root/.acme.sh/cwp_certs
So cleeearly there is something going on with cwp.
Rejecting the fact that this is not a cwp bug was not the right answer.
17
Apache / Re: help me please apache no start and restart all services !!!!!!!!!
« Last post by soneigr on April 18, 2024, 08:13:46 AM »CWP doesn't support IPv6, but Apache 2.4 does.Can you make this for me, my friend?
BUT Requires manual configuration.
We use IPv4 & IPv6.
BUT with IPv6, you have to manually add it to the VHOST .conf file
Here's an example.
Goto WebServer Settings -> WebServers Conf Editor -> Tab labeled [/usr/local/apache/conf.d/vhosts/], Select the .conf you want to add IPv6 to.
At the very top you will see: <VirtualHost 1.2.3.4:80>
Simply at the top, add the IPv6, so it looks like: <VirtualHost 1.2.3.4:80 [Your IPv6]:80>
You will need to do this with both files. .conf & .ssl.conf.
But with ssl, you will have the port set to 443.
Now you have to lock the .conf files, so when CWP run it's updated it won't wipe out your config.
You can also create a template for each site, but that always seemed like a pain in the @$$.
To lock the files run:Code: [Select]cd /usr/local/apache/conf.d/vhosts/
chattr +i *.conf
To unlock run:Code: [Select]cd /usr/local/apache/conf.d/vhosts/
chattr -i *.conf
If you got lost, then you might want to hire an experienced sys admin.
Should I send you my server details so you can fix it for me? I'm using scirpt xbtitfm 4.1 for torrent tracker and the other issue I'm facing is that in the utorrent client it says http error 505. Can you fix it for me?
18
PHP / PHP 8 and XML RPC
« Last post by SG on April 18, 2024, 06:58:24 AM »Hi
I need to add PECL package https://github.com/php/pecl-networking-xmlrpc/ to PHP 8
Howto add it in the PHP PECL extensions of CWP ?
Note: on my Rocky Linux 8.9, directory /opt/alt does not exists, it cause a PHP warning in CWP. Then I have this warning:
Notice: Undefined offset: 1 in /usr/local/cwpsrv/htdocs/resources/admin/modules/php_pecl.php on line 0
Thanks for helps
Regards
19
Information / Re: Running CWP (centos web panel) behind reverse proxy,is it possible to host multi
« Last post by shelton786 on April 18, 2024, 06:45:42 AM »To configure a reverse proxy for multiple local sites using CWP7, begin by setting up and configuring CWP7 on your server. Then, edit the Apache or Nginx virtual host configuration files to define separate virtual hosts for each site you want to proxy. Within each virtual host block, use ProxyPass and ProxyPassReverse directives to specify the backend server and route incoming requests accordingly.
20
Suggestions / Re: How secure is CentOS Web Panel?
« Last post by overseer on April 18, 2024, 01:37:40 AM »If you're using an EOL older version of PHP, also consider adding PHP Defender / Sunffleupagus to your security hardening:
https://wiki.centos-webpanel.com/php-defender-snuffleupagus
This is a good in-depth fine tuning guide after the basic CWP install:
https://www.awsmonster.com/cwp-installation-and-configuration_12
https://wiki.centos-webpanel.com/php-defender-snuffleupagus
This is a good in-depth fine tuning guide after the basic CWP install:
https://www.awsmonster.com/cwp-installation-and-configuration_12
