This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
181
Information / Re: Is CWP still maintained?
« on: October 09, 2025, 01:00:50 PM »
Here is the CVE, and even advised has to secure against it, dated 2024-09-27...
https://www.wiz.io/blog/critical-rce-php-cgi-vulnerability
But @cyberpscae is correct.
https://www.wiz.io/blog/critical-rce-php-cgi-vulnerability
But @cyberpscae is correct.
182
Information / Re: Is CWP still maintained?
« on: October 09, 2025, 12:53:41 PM »
One more time, apparently I have to be very KISS with you...
The RCE Vulnerability was a PHP RCE VULENABILITY
That affected, CWP, cPanel, aaPanel, and MANY Others that run PHP...
You just singling out and blaming CWP IS mis-information, and not the root cause.
Please go use cPanel or some other control panel.
The RCE Vulnerability was a PHP RCE VULENABILITY
That affected, CWP, cPanel, aaPanel, and MANY Others that run PHP...
You just singling out and blaming CWP IS mis-information, and not the root cause.
Please go use cPanel or some other control panel.
183
Information / Re: Is CWP still maintained?
« on: October 09, 2025, 12:20:44 PM »@Starburst You are going offtopic - that is not the point here. I stated that in the previous message exactly to reinforce the point.
The fact that you are providing KB articles, and NOT the CWP team, is the problem here. You are NOT the CWP team...
And you left back the questions: you KNOW what changed in the updates? Do you know anything that is made in every update?
I see that you provided false information in the CWP exploit topic, stating that it wasn't a CWP exploit.... when it was.
This alone shows how little comunication is made from the team.... is a random member in the forum that is providing the information without any "official" knowledge of what is happening.
Is great that you are trying to help anyone around here, and great if you have the back for that as a sysadmin... but you are NOT the CWP team and cannot make sentences for them about the control panel, because is NOT your own creation/development.
Fine, they don't expect any help from us or probably any others here other than the 'Official CWP team'...
But also don't spread Mis-information about CWP, that you clearly don't have the experience or knowledge to talk about...
We are a CWP partner company, and not some 'random' forum member...
184
Information / Re: Is CWP still maintained?
« on: October 09, 2025, 12:17:54 PM »Again, the PHP Injection Attack, had nothing to do with CWP.
But happened to older servers that where not updated and their PHP hardened.
PHP Injection Attacks are common by script kiddies. And just don't happen to CWP.
GoDaddy's servers are constantly getting hacked, which are using Amazon AWS. lol
There are several articles out there on has to secure you php.ini config.
That is NOT true.
The issue WAS a vulnerability in CWP. Is NOT fault from the users.
https://fenrisk.com/rce-centos-webpanel
https://gbhackers.com/centos-web-panel-vulnerability/
So not, wasn't the users fault. it WAS a vulnerabilty in CWP.
Yes, but other control panels HAD this problem also, even Chrome did...
As did cPanel:
https://sploitus.com/exploit?id=948E719F-C0C9-518E-969F-C65D0D6FBE65
https://www.reddit.com/r/webhosting/comments/1d1jg3v/help_hacker_keeps_injecting_code_into_my_cpanel/
https://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07
https://stackoverflow.com/questions/550879/php-injection-attack-how-to-best-clean-up-the-mess
Look at gbhackers, they list all the vulnerabilities with PHP: https://gbhackers.com/multiple-php-vulnerabilities/
https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=30062
aaPanel even had the same issue:
https://fenrisk.com/rce-aapanel
PHP even has a comment about it:
https://www.php.net/manual/en/mongodb.security.request_injection.php
Even Chrome had been affected...
https://gbhackers.com/technical-details-and-exploit-released-for-chrome-flaw/
https://cybersecuritynews.com/10-year-old-roundcube-rce-vulnerability/
post-authenticated remote code execution vulnerability that exploits PHP object deserialization.
I could continue on, but don't blame CWP, when they where clearly not the only one who had this.
But systems that has proper PHP security hardening survived the attacks.
Our ModSecurity systems caught the PHP Injection Attacks as well, and blocked them.
No system is 100%, but this was NOT a CWP bug, but rather a PHP common code vulnerability that affect ALL system running PHP.
185
Information / Re: Is CWP still maintained?
« on: October 09, 2025, 11:49:51 AM »
@Starburst
And even more, your guides can help... but do we know you? Who are you exactly?
You are providing guides to make critical changes in our systems, that some people without knowledge follow... and yes, the could work. But your guides provide your own mirrors, with your own code in the mix.
How do we know that we can trust you and your code?
Some people will follow your guides, without knowing what are they doing.
And you can be a great person, don't get me wrong. You appear to be here to help... but we are in the internet....
I look at your guides, and they are ok - but i would be worry to use code that is in a unknown mirrror. Would be better if CWP team provide those instead? Yes, it will, because at least CWP we know...
I am a very old and warped SysOp.

Our servers have been running CWP since 2019.
We are also a large mirror provider for ELRepo. So if you use that repo, you probably connect to one of our servers around the globe.
As well as a mirror in England for MariaDB.
Which also gave use the unique ability to do what we did for CSF.
Any 'code' we offer is in plain English to say, and you can see exactly what it is doing.
Also any feedback is welcome to make our guides better, as we aim to be more than 'OK'.
As any company the KB has article we used allot, and there are some that are not public, since those usually very company to company with specific settings.
186
Installation / Re: Can't get CWPpro to activate
« on: October 09, 2025, 11:26:51 AM »
Is your server behind a NAT (aka internal IP)?
187
Information / Re: Is CWP still maintained?
« on: October 08, 2025, 12:54:55 AM »In 28/08/2025 i sent a ticket to support:
"Since CSF will no longer be updated, is there any alternative for CWP? Since there is no firewall directly in the CWP (only the CSF integration), this can have big downsides for the panel.
Announcement here: https://configserver.com/announcement/"
The response:
"Hello.
Yes, we know about the issue.
Regards,"
Indeed, the lack of comunication is concerning.
And CWP appears even more unmaintained to this point. Nothing really is "new".
And don't forget a preaty bad security issue, that was never explained: https://forum.centos-webpanel.com/centos-webpanel-bugs/critical-multiple-cwp-servers-infected-arbitrary-php-code-execution-via-publ/
This happend, and no, is not a issue with the websites or WordPress in the server. Was a issue with CWP that was never publicly confirmed by the team, and was fixed silently with the updates.
The lack of comunication is concerning, and the lack of new updates is also concerning.
Maybe is better start to look for alternatives, because CWP appears every single day more "dead".
CWP didn't have anything to do with ConfigServer closing down.
And there is nothing else on the market like CSF/LFD.
But v15.00 works fine, and will continue working.
After all the year, CSF pretty much doesn't need any updates. Which is good.
Again, the PHP Injection Attack, had nothing to do with CWP.
But happened to older servers that where not updated and their PHP hardened.
PHP Injection Attacks are common by script kiddies. And just don't happen to CWP.
GoDaddy's servers are constantly getting hacked, which are using Amazon AWS. lol
There are several articles out there on has to secure you php.ini config.
188
CentOS 7 Problems / Re: Clamav database update blocked by CDN
« on: October 08, 2025, 12:48:14 AM »
AL9 shows the same 1.4.3 version as AL8:
And @oversser is correct, there are No, None, Zilch, Zero, Nadda more updates for CentOS 7 since it's past EOL, and has been moved to the archive vault.
You need to update the server to AL8, if you want updates.
Code: [Select]
# clamd --version
ClamAV 1.4.3/27778/Tue Sep 30 08:29:52 2025And @oversser is correct, there are No, None, Zilch, Zero, Nadda more updates for CentOS 7 since it's past EOL, and has been moved to the archive vault.
You need to update the server to AL8, if you want updates.
189
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« on: October 08, 2025, 12:40:16 AM »
1. You also need to harden your PHP configuration.
2. Not be running CentOS 7 still, update to AL8.
3. Only firewall ports that should be open, are the bare minimum your server needs.
With Admin IP's whitelisted.
2. Not be running CentOS 7 still, update to AL8.
3. Only firewall ports that should be open, are the bare minimum your server needs.
With Admin IP's whitelisted.
190
Information / Re: Is CWP still maintained?
« on: October 08, 2025, 12:38:30 AM »
CWP is still going and is alive.
As mentioned by @overseer 0.9.8.1218 was just release on 2025-10-06, and 0.9.8.1217 was on 2025-09-22.
These where both bug fixes.
It is noted that AL9 is in beta with CWP.
Never quite understood the whole Apache/Nginx/Varnish thing.
If you have a fast enough server and connection, just plain 'ol Apache works fine, and without any complicated setup/config.
You can try posting your problem at https://www.alphagnu.com/
The PHP issue is with a PHP bug, has Nothing to do with CWP.
Most of the servers where the attack went thru where running CentOS 7.
If you have your PHP configured correctly, and updated, you should be fine.
For your CSF questions, see: https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/csf-firewall-error-oops-unable-to-download-no-host-option-provided/
But if your not happy with CWP, maybe cPanel would suit your needs better.
As mentioned by @overseer 0.9.8.1218 was just release on 2025-10-06, and 0.9.8.1217 was on 2025-09-22.
These where both bug fixes.
It is noted that AL9 is in beta with CWP.
Never quite understood the whole Apache/Nginx/Varnish thing.
If you have a fast enough server and connection, just plain 'ol Apache works fine, and without any complicated setup/config.
You can try posting your problem at https://www.alphagnu.com/
The PHP issue is with a PHP bug, has Nothing to do with CWP.
Most of the servers where the attack went thru where running CentOS 7.
If you have your PHP configured correctly, and updated, you should be fine.
For your CSF questions, see: https://starburst.help/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/csf-firewall-error-oops-unable-to-download-no-host-option-provided/
But if your not happy with CWP, maybe cPanel would suit your needs better.
191
CentOS-WebPanel Bugs / Re: PHP Switcher won't switch to PHP 8.x in el9
« on: October 07, 2025, 01:55:59 PM »
CWP does NOT use the PHP Remi Repos.
If you try to use them with CWP, it will break all sorts of things.
CWP compiles PHP from the source file and then adds in options from PECL.
If you try to use them with CWP, it will break all sorts of things.
CWP compiles PHP from the source file and then adds in options from PECL.
192
CentOS-WebPanel Bugs / Re: PHP Switcher won't switch to PHP 8.x in el9
« on: October 05, 2025, 06:01:34 AM »
If you want, send me a PM with the login for SSH & the panel and I'll try & see what's going on.
193
Updates / Re: Yum Updates
« on: October 03, 2025, 10:50:18 AM »
Please advise the following:
What distro are you running CWP on?
What 'errors' and/or 'messages' are being displayed in the logs?
When doing updates, you should not see:
What distro are you running CWP on?
What 'errors' and/or 'messages' are being displayed in the logs?
When doing updates, you should not see:
Quote
try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packagesunless there is a incompatibility.
194
CentOS-WebPanel GUI / Re: PHP_FPM Selector completely broken
« on: October 03, 2025, 10:47:19 AM »195
CentOS-WebPanel GUI / Re: PHP_FPM Selector completely broken
« on: October 02, 2025, 08:37:12 PM »
Log file should be in: /var/log
Filename should be: php-rebuild.log
Filename should be: php-rebuild.log
