This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
CentOS-WebPanel Bugs / No backups since running a manual, NEW Backup (beta)
« on: November 25, 2023, 01:40:28 PM »
As stated in the title, my scheduled backups stopped working, months ago, after I ran a manual backup job using the NEW Backup (beta) menu item. I tried disabling and re-enabling my original Backup Configuration scheduled backups but it made no difference.
So what I ended up doing was disabling the old Backup Configuration scheduled backups and adding new scheduled backups using the NEW Backup (beta) menu. This seems to work but now I get the following text in the Anacron email:
I don't use quotas. All accounts and packages are set to unlimited.
What's causing the No such file or directory errors and how can I fix?
Also, I'm now getting this in the email titled: Cron <root@cwp> /usr/local/cwp/php71/bin/php-cgi -d max_execution_time=100000000 -q /usr/local/cwpsrv/htdocs/resources/admin/include/cron_newbackup.php
So what I ended up doing was disabling the old Backup Configuration scheduled backups and adding new scheduled backups using the NEW Backup (beta) menu. This seems to work but now I get the following text in the Anacron email:
Code: [Select]
/etc/cron.daily/cwp:
====================================================
============= CentOS Web Panel Cron ================ ====================================================
###########################
Firewall Flush Daily Blocks
###########################
######################
Update Server Packages
######################
Redirecting to /bin/systemctl restart cwpsrv.service Redirecting to /bin/systemctl restart httpd.service Redirecting to /bin/systemctl reload httpd.service Redirecting to /bin/systemctl reload httpd.service Redirecting to /bin/systemctl restart httpd.service
Date which backup script is using: 2023-11-25 08:23:33
/etc/cron.daily/cwp_bandwidth:
sh: /usr/sbin/repquota: No such file or directory
sh: /usr/sbin/repquota: No such file or directory
sh: /usr/sbin/repquota: No such file or directory
sh: /usr/sbin/repquota: No such file or directory
sh: /usr/sbin/repquota: No such file or directory
sh: /usr/sbin/repquota: No such file or directory
I don't use quotas. All accounts and packages are set to unlimited.
What's causing the No such file or directory errors and how can I fix?
Also, I'm now getting this in the email titled: Cron <root@cwp> /usr/local/cwp/php71/bin/php-cgi -d max_execution_time=100000000 -q /usr/local/cwpsrv/htdocs/resources/admin/include/cron_newbackup.php
Code: [Select]
tar: .: file changed as we read it
tar: .: file changed as we read it
tar: .: file changed as we read it
tar: .: file changed as we read it
tar: .: file changed as we read it
tar: .: file changed as we read it
2
MySQL / Re: Cannot access website without saving database permissions and password twice
« on: July 05, 2023, 12:24:36 AM »...I noticed I still won't be able to access the website in question, unless I go back to the MySQL Manager, set the password again (even if it's the same password as before)...
This is still an issue. I migrated a few websites from CWP to CWP and couldn't figure out why I could not access the websites. I spent a few hours trying a lot of different things to no avail. Finally, I came across your post. I too had to change the password for every account. I just used the original passwords.
3
Updates / Re: How to upgrade the OS
« on: July 03, 2023, 11:12:01 AM »I would just pay the additional $$...I went ahead and did just that since the price for Pro is still reasonable. I really appreciate the fact that the dev's have kept the pricing affordable for hobbyists and small business unlike some other entities; DNS Made Easy comes to mind
I did find the problem... It was related to licensing but not in the way that I suspected. It turned out to be that my masquerading rule was being overridden by web shaping so my public IP address was not matching what I specified. Had I simply ran curl "http://www.centos-webpanel.com/ip/" in the beginning, I would have fixed the issue much sooner and could probably perform my migration with a single license.
4
CentOS-WebPanel Bugs / Re: IP Manager
« on: July 02, 2023, 01:32:31 AM »
Same issue... Still not fixed.
5
Updates / Re: How to upgrade the OS
« on: July 01, 2023, 03:57:44 PM »
My problem:
Can't get CWP Pro activated on new server.
Scenario:
I currently have a CentOS 7 server with CWP Pro. It's been running great for several years but I would like to migrate to a new AlmaLinux 8 server. I want to migrate each account/domain, one-by-one, over the course of couple of months so I will need both CWP servers up and running. Once all have been migrated and fully tested on the new server, I will delete the original CentOS 7 server.
My CWP servers are VM's hosted on my own network, behind a WAF (reverse-proxy) so I am using the same public IP address for both the old and new CWP servers. I cannot get CWP Pro to activate on the new server.
Since the CWP Pro license is tied to the public IP, I should be able to accomplish what I'm attempting with a single license, shouldn't I?
Can't get CWP Pro activated on new server.
Scenario:
I currently have a CentOS 7 server with CWP Pro. It's been running great for several years but I would like to migrate to a new AlmaLinux 8 server. I want to migrate each account/domain, one-by-one, over the course of couple of months so I will need both CWP servers up and running. Once all have been migrated and fully tested on the new server, I will delete the original CentOS 7 server.
My CWP servers are VM's hosted on my own network, behind a WAF (reverse-proxy) so I am using the same public IP address for both the old and new CWP servers. I cannot get CWP Pro to activate on the new server.
Since the CWP Pro license is tied to the public IP, I should be able to accomplish what I'm attempting with a single license, shouldn't I?
6
PHP / Re: Install PHP 8.X - PHP Version Switcher
« on: November 28, 2022, 01:47:08 PM »
PHP 7.4 is EOL tomorrow.
Even though PHP 8.1 is a selectable option in CWP's PHP Switcher, it still fails to "switch" from PHP 7.4 to PHP 8.1. The process runs and shows it completed but PHP 7.4 remains.
Is this still the only method of "switching" to PHP 8.1?
UPDATE: After running PHP Switcher a second time, it did update to PHP 8.1. Not sure why it did not complete on the first go around. Didn't see any errors in the rebuild log. So it would seem that the workaround linked above is no longer necessary; just use the CWP Admin->PHP Settings->PHP Version Switcher
Is this still the only method of "switching" to PHP 8.1?
UPDATE: After running PHP Switcher a second time, it did update to PHP 8.1. Not sure why it did not complete on the first go around. Didn't see any errors in the rebuild log. So it would seem that the workaround linked above is no longer necessary; just use the CWP Admin->PHP Settings->PHP Version Switcher
7
PHP / Re: PHP 7.4 - 500 server error
« on: November 27, 2022, 09:05:57 PM »
@Starburst
Thanks for the suggestions but this is not a permissions issue. I can build and use PHP 7.3, 8.0 and 8.1 using the PHP Selector in the CWP admin. When I build PHP 7.4 in the PHP Selector, it builds it but I get 500 server errors.
With that said, I did try your suggestions but they made no difference.
As another test, I updated the root PHP from 7.3 to 7.4 using the PHP Switcher in the CWP Control Panel. Now I have a working version of PHP 7.4 but PHP 7.4 in the PHP Selector still does not work. I still get 500 server errors when I add AddHandler application/x-httpd-php74 .php to any .htaccess file, on any domain. So it does seem to be something specific to PHP Selector.
Thanks for the suggestions but this is not a permissions issue. I can build and use PHP 7.3, 8.0 and 8.1 using the PHP Selector in the CWP admin. When I build PHP 7.4 in the PHP Selector, it builds it but I get 500 server errors.
With that said, I did try your suggestions but they made no difference.
As another test, I updated the root PHP from 7.3 to 7.4 using the PHP Switcher in the CWP Control Panel. Now I have a working version of PHP 7.4 but PHP 7.4 in the PHP Selector still does not work. I still get 500 server errors when I add AddHandler application/x-httpd-php74 .php to any .htaccess file, on any domain. So it does seem to be something specific to PHP Selector.
8
PHP / Re: PHP 7.4 - 500 server error
« on: November 27, 2022, 12:21:39 PM »Code: [Select]
[root@cwp ~]# tail -f /var/log/php-selector-rebuild.log
Don't forget to run 'make test'.
Installing shared extensions: /opt/alt/php74/usr/lib/php/extensions/no-debug-non-zts-20190902/
Creating config file
Build Completed
###################
Error:Can't add notification!
Full log:
https://pastebin.pl/view/raw/cd53102c
9
PHP / PHP 7.4 - 500 server error
« on: November 27, 2022, 04:45:29 AM »
I have rebuilt PHP, twice, via PHP Selector but I cannot use PHP 7.4.x. If I add the following to .htaccess, I get 500 server error:
I get the following in the Apache error log:
I also have PHP 7.3, PHP 8.0 and PHP 8.1 installed and all three work if I use AddHandler application/x-httpd-php73 or 80 or 81 .php in .htaccess.
This issue seems to be specific to PHP 7.4.
Anyone else encounter this? How do I fix?
Code: [Select]
AddHandler application/x-httpd-php74 .php
I get the following in the Apache error log:
Code: [Select]
[Sat Nov 26 21:59:04.995013 2022] [:error] [pid 31607:tid 139976842884864] [client 33.123.248.25:0] SecurityException in Application.cpp:498: Handler not found in configuration, referer: https://mysite/test
[Sat Nov 26 21:59:04.995495 2022] [:error] [pid 31607:tid 139976842884864] [client 33.123.248.25:0] Caused by KeyNotFoundException in Configuration.cpp:241: Handler "application/x-httpd-php74" not found, referer: https://mysite/test
[Sat Nov 26 21:59:04.995535 2022] [core:error] [pid 31607:tid 139976842884864] [client 33.123.248.25:0] End of script output before headers: yourls-loader.php, referer: https://mysite/test
I also have PHP 7.3, PHP 8.0 and PHP 8.1 installed and all three work if I use AddHandler application/x-httpd-php73 or 80 or 81 .php in .htaccess.
This issue seems to be specific to PHP 7.4.
Anyone else encounter this? How do I fix?
10
Updates / Re: Snort rule blocking updates
« on: December 23, 2021, 01:08:19 PM »You did not add any error in your post actually.
From the log snippet I posted...
Code: [Select]
action="drop"
The Snort rule causes the connection to the CWP update server to drop.
11
Updates / Snort rule blocking updates
« on: December 17, 2021, 04:04:19 PM »
Just want to share this...
I tried updating CWP Pro from within the admin panel and by command (sh /scripts/update_cwp --verbose). Both methods failed without any errors. The admin panel would remain covered by a modal with a spinner icon. The terminal window would display only the following:
My CWP is behind a gateway device that utilizes Snort for IPS. I had to not only disable a particular rule but also reboot the gateway device. Simply reloading the Snort rules was not sufficient ¯\_(ツ)_/¯
The rule: 21420 (https://www.snort.org/rule_docs/1-21420)
Log snippet:
Hope this may help others.
I tried updating CWP Pro from within the admin panel and by command (sh /scripts/update_cwp --verbose). Both methods failed without any errors. The admin panel would remain covered by a modal with a spinner icon. The terminal window would display only the following:
Code: [Select]
[root@cwp ~]# sh /scripts/update_cwp --verbose
====================================================
============= CentOS Web Panel Cron ================
====================================================
###########################
Firewall Flush Daily Blocks
###########################
######################
Update Server Packages
######################
My CWP is behind a gateway device that utilizes Snort for IPS. I had to not only disable a particular rule but also reboot the gateway device. Simply reloading the Snort rules was not sufficient ¯\_(ツ)_/¯
The rule: 21420 (https://www.snort.org/rule_docs/1-21420)
Log snippet:
Code: [Select]
2021:12:17-09:43:17 gateway snort[27335]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt" group="340" srcip="151.80.90.199" dstip="192.168.0.110" proto="6" srcport="80" dstport="46488" sid="21420" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2021:12:17-09:44:41 gateway snort[27335]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt" group="340" srcip="198.27.104.40" dstip="192.168.0.110" proto="6" srcport="80" dstport="49798" sid="21420" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2021:12:17-09:44:41 gateway snort[27335]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt" group="340" srcip="198.27.104.40" dstip="192.168.0.110" proto="6" srcport="80" dstport="49798" sid="21420" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
2021:12:17-09:45:21 gateway snort[27335]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="drop" reason="FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt" group="340" srcip="137.74.148.116" dstip="192.168.0.110" proto="6" srcport="80" dstport="52826" sid="21420" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"
Hope this may help others.
12
CentOS 7 Problems / Re: .htaccess deny access not working
« on: February 10, 2021, 01:34:37 PM »
After lots of testing, this seems to work but I would like to know if this is the most efficient solution:
Should I add/remove anything (other than the comments) to the new rule?
All that I'm trying to do is bypass that nginx static files rule for specific directories that rely on .htacces files.
Code: [Select]
location / {
#### MY NEW RULE ###
location ~ /(my_files/uploads/files|dir1|dir2) {
#deny all;
#return 404;
proxy_pass http://192.168.1.5:8181;
include proxy.inc;
}
#### MY NEW RULE ###
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh)$ {
root /home/<userAccount>/<site.tld>;
expires max;
try_files $uri @backend;
}
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
proxy_pass http://192.168.1.5:8181;
include proxy.inc;
}
Should I add/remove anything (other than the comments) to the new rule?
All that I'm trying to do is bypass that nginx static files rule for specific directories that rely on .htacces files.
13
CentOS 7 Problems / Re: .htaccess deny access not working
« on: February 09, 2021, 12:48:43 PM »...convert Apache .htaccess rules to nginx syntax.Since that nginx rule applies to the root of the website, can a block of code be simply added to the nginx vhost conf file that will exempt specified directories from that rule so .htaccess files can be used to forbid access to those specific directories? If so, can you please provide a code sample and where it should be placed in the nginx conf file. In other words, I want to keep that rule as the default for the website but exempt specific directories from it.
14
CentOS 7 Problems / .htaccess deny access not working
« on: February 09, 2021, 06:01:57 AM »
My CWP is set up with Nginx & Varnish & Apache.
I'm using a few different web apps that come with their own custom .htaccess files that do different things for different directories. One thing that was puzzling me is the fact that some .htaccess files were not denying access to some directories even though the files are properly coded. It took me a long time to figure out that the following block in the NGINX vhost config files is causing the issue:
So even if I have a proper .htaccess file which denies access to a directory, users can still view/download (via web browser) any of the file types that are specified in the code snippet above.
So what is the proper way to fix this situation of the .htaccess files being essentially bypassed?
I'm using a few different web apps that come with their own custom .htaccess files that do different things for different directories. One thing that was puzzling me is the fact that some .htaccess files were not denying access to some directories even though the files are properly coded. It took me a long time to figure out that the following block in the NGINX vhost config files is causing the issue:
Code: [Select]
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh)$ {
root /home/<userAccount>/mysite.com;
expires max;
try_files $uri @backend;
}
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
proxy_pass http://192.168.1.5:8181;
include proxy.inc;
}
So even if I have a proper .htaccess file which denies access to a directory, users can still view/download (via web browser) any of the file types that are specified in the code snippet above.
So what is the proper way to fix this situation of the .htaccess files being essentially bypassed?
15
CentOS-WebPanel Bugs / Re: BUG: Nginx Vhosts created with shared IP when set to other IPs
« on: July 17, 2020, 04:55:45 PM »Quote
And today I've realized that if you do any changes that trigger the .conf files be rebuilt, you must manually edit each of the domains conf files again. Ugh! Now that is a pain.I reported this bug two years ago
What's the point of being able to specify specific IP's for each user/domain if that info is not being used when CWP rebuilds the vhosts?
Come on Devs... Please fix this.
If anyone reading this post has a support contract with CWP, please open a ticket for this.