Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Starburst

Pages: 1 [2] 3 4 ... 119
16
Updates / Re: Unable to load dynamic library 'intl'
« on: June 26, 2026, 11:24:53 PM »

Code: [Select]
cd /usr/local/src/
wget https://www.php.net/distributions/php-7.2.30.tar.gz
tar -xvzf php-7.2.30.tar.gz
cd php-7.2.30/ext/intl/
/usr/local/cwp/php71/bin/phpize
./configure --with-php-config=/usr/local/cwp/php71/bin/php-config
make
make install
rm -rf /usr/local/src/php-7.2.30*

@cyberspace tried your fix with your posted 7.2 and make & make install end with:
Quote
make: *** [Makefile:284: transliterator/transliterator_class.lo] Error 1

PHP compiles OK, but now it's just showing:
Quote
[php71]# /usr/local/cwp/php71/bin/php --version
PHP Warning:  Module 'intl' already loaded in Unknown on line 0
PHP 7.4.33 (cli) (built: Apr 26 2023 00:00:00) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with the ionCube PHP Loader + ionCube24 v15.5.0, Copyright (c) 2002-2026, by ionCube Ltd.

Any ideas?

Also with the forums still being unstable, would you consider cross-posting at ayadmin.help?

17
How to / Re: OWASP_CRS 4.27.0 keeps reverting to 3.3.2 after one day?
« on: June 26, 2026, 10:50:54 PM »
Odd.

CWP doesn't run ModSecurity 3 (Mostly was a test for Nginx) and/or the 3.x ruleset it loads.

If anything CWP would load a really old 2.x ruleset.

18
Other / Re: 9 CVE's just dropped for those running Node.js
« on: June 26, 2026, 10:48:47 PM »
Welcome to the brave new world of AI-excavated exploits! Devs are getting bombarded by valid & invalid bug reports and CVE discoveries, thanks to helpful AI tools digging into source code.

Yup.

Also the more DEV's that use AI code, are putting in unknown bugs.

19
Updates / Re: Unable to load dynamic library 'intl'
« on: June 26, 2026, 10:47:36 PM »
I think the .1235/.1236 update broke something.

Noticed the update from last night didn't change the CWP version number.

Also stick with @cyberspace 's fix, the one I posted doesn't work 100%, and I'm investigating more.

20
Other / 9 CVE's just dropped for those running Node.js
« on: June 26, 2026, 03:48:16 AM »
I know Node.js isn't part of CWP, but I've seen people posting about it.

9 new CVE's just dropped for those running Node.js that are a wide range from DoS to Bypasses.

Reference: https://sysadmin.help/viewforum.php?f=80

21
Updates / Re: Unable to load dynamic library 'intl'
« on: June 26, 2026, 02:44:14 AM »
You can use @cyberspace 's way if you are running PHP 7.2

If you are running AL9 that is showing PHP 7.4, we created a KB article this morning at:
https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/fix-for-php-startup-unable-to-load-dynamic-library-intl-cwp-on-almalinux-9/

You can find out what PHP version CWP us running with:
Code: [Select]
/usr/local/cwp/php71/bin/php --version

24
Well, this is so bad that I feel uncomfortable that share it now publicly when there is no fix.

But I can say this:
BLOCK THIS IP NOW!!!! 152.53.173.29 that is the C&C server.

EDIT: Where can I send a message to an dev?

This is a Netcup IP, and they are very good at suspending service of hackers on their network.

You can send the hacker info to: abuse@netcup.de

26
I agree with some of what is said.

CWP does need to drop support for CentOS 7, that is way-way past EOL. Now, not in a year or whenever, NOW.

Once they do, they can focus on how AL9 and AL10 commands and packages work.

But until then...

27
Not all users are sysadmin, this type of panel should handle the basic stuff, keep everyting updated it one of the basic features of every panel

If you're not a Sys Admin, I would recommend hiring one to take care of the technical backend.
Or maybe stick with a Managed VPS or Shared Reseller web hosting account, where the backend is handled for you.

No panel keeps everything updated, except maybe cPanel, and from the CVE's I've seen lately, they may not even keep everything updated.

But that's also what's good about CWP, it's let you have some customization.

28
That won't work, because not everyone uses Nginx and/or PHP 8.3.

Or maybe to have a question like CyberPanel at the beginning of an install, to ask what webserver and PHP you want.

Sounds like would work best for you, is after you install and update everything, take a snapshot, and then use that to bring up a new VPS.

29
CWP team must release a urgent update that fix all the current services with issues, RoundCube, Nginx, Apache, etc.
This is urgent!
We are paying for something that its full of security issues

And you, as a Sys Admin, your job is to keep them updated, which is simple to do, there are guides all over how to keep the server updated and secure.

There have not been any recent CVE's for CWP via CISA.

If you choose not to do that, then, well ...

30
Simple solution, keep your servers updated.
And IF you are still running CentOS 7, you can expect to be hacked, running an EOL OS that is public facing.

There was a major Kernel Auth vulnerability that's has been activity exploited.
AlmaLinux released fixed Kernels on 2026-06-08 for AL8 and AL9.

Someone mentioned an old CVE for Roundcube, that only affected Roundcube Webmail versions prior to 1.5.10.
The current version is 1.5.15

Servers using Apache also had a problem, that the update to 2.4.68 fixed

Pages: 1 [2] 3 4 ... 119