Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Starburst

Pages: 1 ... 32 33 [34] 35 36 ... 119
496
Information / Re: No CSF on rocky8 install
« on: February 27, 2025, 01:27:33 AM »
Before installing CWP on AlmaLinux, run:

Code: [Select]
update-crypto-policies --set DEFAULT:SHA1
Then all their steps:

dnf --refresh update
cd /usr/local/src
wget http://centos-webpanel.com/cwp-el9-latest
sh cwp-el9-latest

497
Installation / Re: ...server under AL9?
« on: February 25, 2025, 05:49:09 PM »
For the
Quote
Repository 'mariadb' is missing name in configuration, using id.

Check the MariaDB.repo file.

It should look something like:

Quote
[mariadb]
name = MariaDB
baseurl = https://rpm.mariadb.org/10.11/rhel/$releasever/$basearch
gpgkey = https://rpm.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck = 1

And then when you run a dnf clean all, it will usually show x file removed.

10.11.11 is the current version, and the 10.11 is a LTS (5 year) supported version.

498
Information / Re: No CSF on rocky8 install
« on: February 25, 2025, 01:32:06 AM »
Yea. Rocky has had an issues with missing libraries since the start.

That's why AlmaLinux 8 or 9 is the recommended version.
Also because I think it's the free version of CloudLinux (allot of the same developers)

Usually csf lives in /etc/csf.

499
Information / Re: Roundcube big security issue.
« on: February 24, 2025, 01:12:04 AM »
Sent you a DM.

Just out of curiosity I deleted the /usr/local/cwpsrv/var/services/roundcube/logs/errors.log, and it's still trying to download it form somewhere.

Not sure how I got sucked into this blackhole, it's 0113...

500
Information / Re: Roundcube big security issue.
« on: February 23, 2025, 10:42:47 PM »
So neither fix did anything on a system without the Comodo ruleset.

Interesting.

Followed what @rcschaff, and @cyberspace posted.

Both /usr/local/cwpsrv/conf/cwp_services.conf & /usr/local/cwpsrv/conf.d/webmail.conf where updated.

https://webmail.DOMAIN.COM/logs/errors.log still allowed the error log to be downloaded.

Port 2095 & 2096 have to be public also.

The team who builds Roundcube is blaming this on a deleted .htaccess file, which are confirmed there with proper permissions like @Vinayak posted.
So the webserver should be looking at those rule denying access as well.

501
Installation / Re: Public beta of CWP for AlmaLinux 9 Available
« on: February 23, 2025, 10:19:26 PM »
From scratch, the CWP script automatically queries your OS.

502
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: February 21, 2025, 01:04:19 AM »
The other never auto updated either for some reason, but this manually update won't.

Path names would all change to the new version, so I'm not sure how a script might do this or not.

503
Information / Re: Roundcube big security issue.
« on: February 21, 2025, 12:58:34 AM »
All of our CWP installation didn't have this issue.

Logs where not accessible, the screen up up with the generic permission denied screen.

But a working ModSecurity properly configured seems to block it, along with updating to RoundCube 1.5.9, which is a LTS version.

504
CentOS 9 Problems / Re: Can not log in control panel
« on: February 19, 2025, 10:39:37 PM »
Their site shows they offer AlmaLinux 8 and 9, as well as custom images.

If you don't need PHP support under 7.4, I would go with AlmaLinux 9.

505
CentOS 8 Problems / Re: Problem with webmail roundcube
« on: February 19, 2025, 12:55:01 AM »
Did you update RoundCube to 1.5.9 or are you using the default installed 1.4.11 version?

506
Suggestions / Re: kindly update comodo waf rules as its outdated since long
« on: February 19, 2025, 12:53:46 AM »
CWP has no control over 3rd party rules, such as the now abandoned Comodo ruleset.

Comodo split into 2 different companies, and neither wanted to continue updates after 1.241.

Best is to follow my KB articles (tooting my own horn. What can I say, it was a Taco Bell night.) on how to update ModSecurity and use the latest OWASP ruleset.

507
Updates / Re: MariaDB update problem CWP7PRO
« on: February 15, 2025, 11:23:29 PM »
Fact is, it does NOT recommend CentOS 7.

The instructions at https://control-webpanel.com/installation-instructions are current, and not outdated.

They Recommend:
Quote
Alma Linux 8 & 9 MINIMAL or BOOT (RECOMMENDED STABLE/LATEST)
The best option in 2024 is still the AlmaLinux 8.

You sound like that other CWP hater that got kicked off.
Wondering if your back under a different handle.

If you have a question, and need help, fine.

But if you start posting mis-information and hate about CWP you'll probably get kicked off.

508
This updated installer fixes the old installer.

https://kb.starburstservices.com/uncategorized/updated-cwp-installer-script-for-almalinux-8-with-mariadb-10-6/

Any comment or feedback, let me know.

509
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: February 15, 2025, 08:33:43 PM »
The only thing left is to:

nano crs-setup.conf

Code: [Select]
# SecDefaultAction "phase:1,log,auditlog,pass"
# SecDefaultAction "phase:2,log,auditlog,pass"


Uncomment:

Code: [Select]
SecDefaultAction "phase:1,log,auditlog,deny,status:403"
SecDefaultAction "phase:2,log,auditlog,deny,status:403"

510
Installation / Re: ...server under AL9?
« on: February 15, 2025, 08:29:41 PM »
After you have install CWP and completed the step above that one and have CSF configured.

I always like to get CSF/LFD running as fast as I can on a box to protect it.

Pages: 1 ... 32 33 [34] 35 36 ... 119