Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Starburst

Pages: [1] 2 3 ... 119
1
Try this:

Code: [Select]
nano /etc/login.defs
Change to:
Quote
SHA_CRYPT_MAX_ROUNDS 5000

Then change the root password using the passwd command

Something with just lower & upper case letters and Numbers.
(You can always change it later)

You might also have to clear you browser of cookies & cache.

2
The date math isn't mathing...
No offense.

The CVE you posted here, CVE-2026-57517.
https://nvd.nist.gov/vuln/detail/CVE-2026-57517

And was published on 2026-07-01. CWP had fixed that security hole as the CVE shows with 0.9.8.1225 and later.

CWP 0.9.8.1225 was pushed to servers on the night of 2026-05-06.
CWP 0.9.8.1226 was pushed to servers on the night of 2026-05-10

--

CVE CVE-2025-48703:
https://nvd.nist.gov/vuln/detail/CVE-2025-48703

And was published on 2025-09-19. CWP had fixed that security hole as the CVE shows with 0.9.8.1205 and later.

CWP 0.9.8.1205 was pushed to servers on the night of 2025-06-16.


CWP had those 2 security holes patched almost 2 months BEFORE the CVE's came out.

So if you had an up2date server, the security holes were already closed, and wouldn't allow hackers in using those methods.

I've also never seen a SysAdmin leave SSH on the default port and not behind some kind of firewall to limited access.

If you are truly running 5 servers for 5 years, I'm guessing these are EOL (2024-06-30) CentOS 7 boxes from the date you gave.

The CWP migration tool works between CentOS 7 and AlmaLinux 8.
Unfortuently, it currently doesn't between CentOS 7 and AlmaLinux 9, or AlmaLinux 8 -> AlmaLinux 9.

3
 ::)

Another new AI troll account with a very, very supicious link at the end...

4
Updates / Re: CWP7: 0.9.8.1243
« on: July 07, 2026, 02:01:01 AM »
 ::)

5
Other / Re: Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS! V3.0
« on: July 07, 2026, 01:58:05 AM »
@cgauthey Keep your AL8 server updated and don't allow shell access to users and you'll be fine.

If you're still running CentOS 7, there are no patches for an EOL OS.

Yanz Webshell has been hitting Linux Kernels and WordPress sites.

CWP fixed this CVE several versions back.
But other software, like mentioned above may still have it, if you haven't updated and secured your server.

6
@cyberspace, djprmf doesn't use CWP, he's just a troll here on the forums, users here have learned to ignore it.

cPanel has more CVE's then CWP, and Plesk has them also, along with CyberPanel.
Even HestiaCP had a CVE on on 2024-07-04 that hasn't been fixed yet.

FOSSBiling had 16 CVE's on 2026-07-06

All programs have CVE's.
It's up to the company if they want to advertise the leak, just in case someone is using an older version.

One of cPanels CVE exploit was so bad, the temporary fix was to shut down cPanel and disable all logins...

7
We are not running that 'fix'.

Happened to a couple of our AlmaLinux 9 boxes when we went thru them.

You have to go thru the GUI and File Manager to change SSH to allow passwords.

8
Looks like you are running an EOL OS - aka CentOS 8.

First I would suggest updating/switching the OS to AlmaLinux 8.

9
Updates / Re: Did 0.9.8.1239 remove extra DB users?
« on: July 01, 2026, 10:58:59 PM »
I believe its an attemp of the programers to close cwpro forever, this cannot happend, we are paying for this licence.

Come on , wtf are you doing? breaking everything people worked for.

OMG so unreliable i have like 25 servers, ALL BROKEN. i just want to die.

That is odd.
All of our servers are still intact with all the user and system accounts.

But seeing this thread did make my heart skip a beat.

I am curious, what OS are you guys that lost users running?

10
Thanks for the minor heart attack when I saw these 2 threads today.

Checked all of our servers and all the users and system accounts are still there.

11
CentOS 7 Problems / Re: MariaDB 10.11.18
« on: June 29, 2026, 12:04:00 AM »
Hi i have bought CWP Pro 7 license it's $11.99 a year, i left instructions on it to install MariaDB 10.11.18 on the cwp, i am getting no proper answers. when i open a support ticket all i get in all replies is below, i don not even have login details to my cwp

Quote
Kindly make sure, the CWP PRO license does not include any type of support, you need to signup for a support service if you want us to troubleshoot issues on your server.

https://control-webpanel.com/support-services

If you do not wish to go for the support plan, you can post your questions on the CWP Support Forum.

https://forum.centos-webpanel.com/

Regards,
Nitin P.

Please rate my reply with by clicking on the five stars under my reply :)
Not satisfied with my response? Send your comments with the ticket id at: info@centos-webpanel.com

Now you can send me a tip if you are satisfied with my assistance :)
http://support-donations.centos-webpanel.com/nitinp.html

Don't leave your server system unprotected, get CWPsecure kernel, and rest assured.
http://wiki.centos-webpanel.com/cwp-secure-centos-kernel

If you have any suggestions about CWP features or if you want to report a bug, you can contact us at info@centos-webpanel.com

You don't need to post this in multiple forums. It will just start getting you more confused.

You don't have any login info, because installation isn't included.

When you install it on your server, at the end it will give you the CWP information.
The main admin login your root UN/PW.

12
CentOS 8 Problems / Re: MariaDB 10.11.18
« on: June 29, 2026, 12:01:00 AM »
CWP installation isn't included with the license.

There is an option to add it for the additional price, if you selected it.
Or you can login, and order it from the system.

13
Updates / Re: Unable to load dynamic library 'intl'
« on: June 27, 2026, 02:27:14 PM »
Yea, I got it working.

But something has recreated the /usr/local/cwp/php71/php.d/intl.ini that I can renamed to intl.ini.old

So the
Quote
PHP Warning: Module ‘intl’ already loaded in Unknown on line 0
popped it's head back up, since PHP is trying to load intl twice, again.

14
How to / Re: OWASP_CRS 4.27.0 keeps reverting to 3.3.2 after one day?
« on: June 27, 2026, 02:24:03 PM »
You should update to 2.9.13, there have been past CVE's on older versions.

15
Updates / Re: Unable to load dynamic library 'intl'
« on: June 27, 2026, 02:00:25 AM »
Got everything fixed and running on AlmaLinux 9.8.

Created a new updated KB articles at:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/fix-for-php-startup-unable-to-load-dynamic-library-intl-cwp-error-on-almalinux-9/

Let me know if anyone find anything wrong.

Pages: [1] 2 3 ... 119