Messages

1081

Installation / Re: How to improve site speed and security

« on: May 11, 2023, 01:19:46 PM »

Agreed with the Nginx recommendation -- it will offer you more "bang for your buck" in terms of being more performant than Apache. But it will add some complexity to your configuration and will not allow customers to use .htaccess files -- so you will need to translate any .htaccess directives from Apache syntax over to an Nginx equivalent.

If you do go with mod_security, I would recommend starting with the Comodo ruleset (available in CWP Pro). It is more beginner-friendly and less prone to generating false positives.

1082

CentOS 7 Problems / Re: Without any type of access

« on: May 11, 2023, 12:53:34 PM »

It actually sounds as if you VPS is offline if not even SSH is accessible. You may need to visit your VPS control panel and restart your VM, or start a support ticket with your host and ask them to restart your server/VPS.

1083

CentOS Configuration / Re: Help me. lfd on cwp.xxxxxx.com: Suspicious process running under user memcached

« on: May 11, 2023, 12:51:36 PM »

And to underscore the importance of not running unneeded services: memcached is often used in amplification attacks to send junk traffic at DDoS targets. Memcached is a potent weapon in this case, amplifying traffic up to 50,000x the original payload!

https://www.cloudflare.com/learning/ddos/memcached-ddos-attack/

1084

PHP / Re: Php-FPM 7.4 users sock not created after user subscription

« on: May 11, 2023, 03:16:03 AM »

Newly installed versions of php-fpm do not create a conf file for you, which in turn causes php-fpm to generate the per-user .sock. You will need to bring forward your existing php-fpm configuration and edit it to reflect the proper PHP version, then restart that version of PHP. Here is an example of copying a PHP 7.1 configuration to 7.4:

Code: [Select]

cp /opt/alt/php-fpm71/usr/etc/php-fpm.d/users/user.conf /opt/alt/php-fpm74/usr/etc/php-fpm.d/users/user.conf
perl -pi -e 's/php-fpm71/php-fpm74/g' /opt/alt/php-fpm74/usr/etc/php-fpm.d/users/user.conf
service php-fpm74 restart

1085

MySQL / Re: User can access other database

« on: May 10, 2023, 01:41:03 PM »

What distribution are you on? What version of MySQL/MariaDB are you running? Did you run mysql_secure_installation ?

1086

Installation / Re: All websites show HTTP Test Page powered by CWP | CentOS-WebPanel.com

« on: May 09, 2023, 01:39:59 PM »

Is this new behavior or just what is happening as you are in the midst of the installation/migration process? Did you run User Accounts > Fix Permissions ? Did you follow the wiki article on that subject? https://wiki.centos-webpanel.com/default-page-displayed-for-all-domains

1087

WebHosting-Billing / Re: WebHosting-Billing by CWP

« on: May 09, 2023, 06:39:41 AM »

Please note that this is not a public version, it's only for developers and testing as it has some vulnerabilities.

Scary! Think I'll pass on this one

1088

Nginx / Re: upstream timed out (110: Connection timed out) - Getting it frequently

« on: May 09, 2023, 05:58:16 AM »

Increase your timeouts so it isn't so finicky about upstream connection delays:

Code: [Select]

fastcgi_read_timeout 540;
proxy_connect_timeout 3000s;
proxy_send_timeout   3000;
proxy_read_timeout   3000;

1089

CentOS 7 Problems / Re: YUM Manager No Longer Working

« on: May 06, 2023, 03:21:27 AM »

3-it says it has been updated,
but when restarting it keeps asking for the same updates.

It usually does that if you have unmet dependencies or an update (such as MariaDB) that requires "divine intervention" -- such as when moving to a major version number that requires a manual update. You think it installed everything, but if you carefully read the results, you can see that it skipped those updates.

1090

DNS / Re: have 2 or more vps

« on: May 06, 2023, 03:15:35 AM »

Are the NS on different subnets? Otherwise, far too easy to get DDoS'ed...

1091

Postfix / Re: All inbound mail fails when enabling Spam Assassin/Avamis

« on: May 06, 2023, 03:13:30 AM »

What guide are you following for your SpamAssassin configuration? The CWP Wiki article with the local.cf or something else? Do you have zen.spamhaus.org in your RBL loop on the CWP server, or just on your testing SMTP server?

1092

CentOS-WebPanel GUI / Re: Login CWP Cloudflare

« on: May 06, 2023, 03:08:16 AM »

It should work -- did you try Cloudflare's dev mode? Did you test via a VPN from outside your LAN? Sometimes loopback/hairpin NAT requires further setup to work with your router, if that's what you are doing.

If you want to change your CWP login port, there are many guides:
https://azdigi.com/blog/en/webserver-panel-en/centos-web-panel-en/how-to-change-the-port-on-centos-web-panel-cwp/

I personally don't run under CWP's default port assignments, nor the cPanel/WHM port-alike assignments. I chose my own custom ports. But if anyone does a port scan on my server, obviously I have typical LAMP/LEMP ports open, with mail service ports open as well. It just makes it that much harder for script kiddies to pound my server and doesn't leave me susceptible to FritzFrog for SSH hack attacks.

1093

CentOS-WebPanel GUI / Re: Hide CWP Name From Hackers

« on: May 06, 2023, 03:01:10 AM »

{Last} CenturyLink. Now they are called "BrightSpeed" after they went bankrupt. But someone needs to clue them in that they forgot the "Speed" part of their name. 15Mbit/900Kbit DSL is the best they can provide at my house. 20Mbit/1.8Mbit business class at my business address — 1500 ft from their C.O. building. Ugh! I refuse to pay them any more $$ for ANYTHING for 1999-era service. It's 2023 for goodness sake!

I almost went for Starlink, but fiber is currently being installed town-wide as a municipal fiber project. So I can get 100Mbit symmetric, or perhaps I will go for the mid-tier 250Mbit symmetric! (Gigabit is just too rich for my blood...)

1094

CentOS-WebPanel GUI / Re: Hide CWP Name From Hackers

« on: May 04, 2023, 01:54:31 PM »

Definitely a simpler approach, but it doesn't work in my use case -- I'm still on D-S-Hell (DSL), so my IP changes constantly (sometimes more often than daily!)

1095

CentOS-WebPanel GUI / Re: Hide CWP Name From Hackers

« on: May 02, 2023, 05:40:15 AM »

You meticulously followed that guide? There are others, too in case that particular one wasn't complete. Or you may need to restart CWP services and/or the whole server for the changes to go into effect...

Changing the CWP login look:
http://forum.centos-webpanel.com/index.php?topic=4756.0