Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Starburst

Pages: 1 [2] 3 4 ... 85
16
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: February 02, 2025, 12:51:55 AM »
And it works for both CWPfree and CWPpro.  ;D

17
If the service is not installed, it won't show on the dashboard.

You can try to uninstall it using
Code: [Select]
dnf remove clamav* clamd
Is there some reason you don't want an AV on your server?

18
Information / Re: database special characters password
« on: February 02, 2025, 12:48:40 AM »
It seems in general, CWP doesn't like special characters.

20
Installation / Re: AL 9 server not upgrading to CWP Pro
« on: January 30, 2025, 04:47:59 PM »
This is my IP

192.119.111.125

I've run all sort of commands, nothing happens!

I added your IP (192.119.111.125) to our partner account (temporarily).

Run
Code: [Select]
/scripts/update_cwp
You should have CWPpro now.  ;)

21
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 30, 2025, 04:43:33 PM »
Well looks like I got OWASP ruleset 4.11.0 working OK with ModSecurity on AL9.

Which is good, considering I activated it on a live production server, after I noticed I wasn't logged into my test box on my desk.   :-[

I'll be posting a KB article later today.

But yea, when they split the company both halves started offering their own paid  'ruleset'.
The 'new' endpoint doesn't see CWP, only cPanel, DA, and Plesk and installs as a standalone, which doesn't play well with CWP.

22
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 28, 2025, 11:36:03 PM »
We use Apache, and not Nginx.

There is more script support for Apache, and the performance benefit of Nginx is negatable.

OWASP old & Comodo both work fine, which is the odd thing.

If Xcitium did kill the free Comodo ruleset, that only leave OWASP of being free for users to choose.

23
Installation / Re: AL 9 server not upgrading to CWP Pro
« on: January 28, 2025, 11:31:15 PM »
If you Base IPv4 matches what's in the system.

Try running:
Code: [Select]
/scripts/update_cwp

24
Installation / Re: ...server under AL9?
« on: January 28, 2025, 01:57:01 AM »
I've posted the basic setup steps here in the forums a couple times.
Here it is again, or you also have options of people that can get the basic installed for you.

You can't have any services installed before installing CWP.

So if Apache is working 'out of the box', you are installing AlmaLinux 9.4 LAMP.
That won't work.

Reimage with the bare AlmaLinux 9.5

Setup your networking, hostname, timzone.

Then:

Code: [Select]
dnf install dnf-plugins-core
Code: [Select]
dnf install elrepo-release epel-release -y
Code: [Select]
dnf config-manager --set-enabled crb
Code: [Select]
dnf --refresh update
Code: [Select]
dnf install nano wget ipset ebtables iptables ipset-service uuid uuid-devel libuuid-devel m4 pcre pcre-devel zlib-devel perl-DBD-MySQL perl-IPC-Cmd perl-Pod-Html perl-Sys-Hostname perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch perl-GDGraph libtool s-nail htop sysstat python3-perf ImageMagick ImageMagick-devel nmap make quota cockpit* -y
Code: [Select]
dnf --refresh update
Code: [Select]
dnf install clamav* clamd
Code: [Select]
dnf clean all
Code: [Select]
cd /usr/local/src
Code: [Select]
wget http://centos-webpanel.com/cwp-el9-latest
Code: [Select]
sh cwp-el9-latest
Code: [Select]
dnf install spamassassin amavis
Reboot

Configure & Start CSF

UPDATE DEPENDENCIES
Code: [Select]
dnf install php-cli libsodium libsodium-devel php-sodium php-pecl-zip  php-pecl-mailparse php-mbstring php-pear php-devel php-pecl-imagick
Code: [Select]
pecl channel-update pecl.php.net
To updated MariaDB follow:
https://www.alphagnu.com/topic/23-upgrade-mariadb-1011-in-cwp-centos-7-centos-8-stream-almalinux-78-rockylinux-78/

The one string to re-install MariaDB has been updated, or you'll get an error.
Run this instead:
Code: [Select]
dnf install MariaDB-server MariaDB-client net-snmp perl-DBD-MySQL --allowerasing
There are other steps, but everyone customizes their servers differently.

25
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 28, 2025, 01:39:23 AM »
The defaults are:
Quote
HTACCESS_LOG = "/usr/local/apache/logs/error_log"
MODSEC_LOG = "/usr/local/apache/logs/error_log"
SSHD_LOG = "/var/log/secure"
SU_LOG = "/var/log/secure"
SUDO_LOG = "/var/log/secure"
FTPD_LOG = "/var/log/messages"
SMTPAUTH_LOG = "/var/log/maillog"
POP3D_LOG = "/var/log/dovecot-info.log"
IMAPD_LOG = "/var/log/dovecot-info.log"
IPTABLES_LOG = "/var/log/messages"
SUHOSIN_LOG = "/var/log/messages"
BIND_LOG = "/var/log/messages"
SYSLOG_LOG = "/var/log/messages"
WEBMIN_LOG = "/var/log/secure"
CWP_LOG = "/var/log/cwp_client_login.log"

CUSTOM1_LOG = "/var/log/cwp_client_login.log"
CUSTOM2_LOG = "/usr/local/apache/domlogs/*.log"

I followed the OWASP docs, and changed MODSEC_LOG to MODSEC_LOG = "/usr/local/apache/logs/modsec_audit.log"
When that failed, I added it to the next empty custom entry CUSTOM3_LOG, still no joy.

I've put another paid ticket in to CWP.
They argued the last ticket that didn't solve the problem was closed as being 'resolved'

What's weird is that the OWASP old ruleset works OK, but if you select OWASP latest it breaks everything.
You still see it stop attacks if your view the ModSecurity log.

Just added "/usr/local/cwpsrv/logs/*_log" to CUSTOM3_LOG, which was empty.
Will see if that works.

Also have a virtual meeting with Xcitium (company who bought Comodo) next week, to find out what there plans are for the future of that ruleset.
Because of right now it's dead.

Hopefully this will get resolved.

I'm not sure about anyone else, but this simple thing has turned into a large cluster.





26
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 26, 2025, 11:02:50 PM »
I've tried different ways, just can't get OWASP to talk to CSF, even using the documentation.
It 'should' work, I see it in the logs, but CSF refuses to add the IP's and send notifications.

27
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 26, 2025, 12:53:00 AM »
i switched back to OWASP latest rules but they are not blocking malicious attempts . i can see in logs its detecting but attempt is not blocked  :-[

on the other hand comodo waf rules keeps blocking everything  :-\ before last update everything was fine and comodo waf rules were the best

Yea, there is a bug CWP has been made aware of with the OWASP latest not working.

28
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 26, 2025, 12:51:18 AM »
I tried that juggling, and it didn't work.

There is a problem with the OWASP latest ruleset that I've notified CWP about.

I've only found 2 semi-good replacements, but both are paid:

https://malware.expert/

https://atomicorp.com/modsecurity-rules/

And then there is course the company who bought Comodo, Xcitium. But their website doesn't even work

29
Other / Re: Support Ticket Issue
« on: January 24, 2025, 11:56:17 PM »
Via their support ticket system.

Most problems can not helped here on the forums.

What problem are you having?

--

And if you can include the following:

What 'errors' and/or 'messages' are being displayed in the logs?

What distro are you are you running CWP on?

CWP Free or CWPpro?

VPS or Dedicated?

Public or NAT?

30
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« on: January 24, 2025, 11:50:49 PM »
The Comodo ruleset isn't a CWP problem.

I can't login with my UN/PW on their site for months now - waf.comodo.com
Seems like the new company who took them over want you to buy their ruleset.

They also haven't responded to emails.

So at this point I'm saying that ruleset is dead, thanks to another takeover.

Pages: 1 [2] 3 4 ... 85