Messages

1186

FTP / Re: Change home directory for anonymous login

« on: January 23, 2023, 12:55:21 AM »

I started with ProFTPd, did a quick dabble with WS-FTP then pretty quickly jumped ship over to pure-ftpd. Lean, mean FTP in its purest form -- secure but lots of features. So I was glad to see it included with CWP as a bullet point, but as states I don't use FTP anymore (and have FTP running on an alternate port on only one server -- the better to avoid script kiddie scans).

1187

CentOS-WebPanel Bugs / Re: goaccess statistic report for monthly has no data

« on: January 23, 2023, 12:41:17 AM »

I can confirm that on all 3 of my CWP servers, the monthly directories are empty. (I have daily and weekly entries aplenty.) So that would imply it is a default configuration that needs to be changed. I haven't looked into it, because it's not something of critical importance to me nor the end users on the server.

1188

Other / Re: Create new disk (home2) because /home is full

« on: January 23, 2023, 12:38:45 AM »

I think you would have to do a virtual filesystem for what you are proposing to do...

1189

iptables / Re: ssh brute force attacks to random ports/users

« on: January 23, 2023, 12:37:37 AM »

I HIGHLY recommend NOT running sshd on either ports 22 nor 2222 -- as FritzFrog and others scan those ports. Script kiddies will pound your server all day long on port 22, so in this case, you can have a measure of security by obscurity by running sshd on an alternate port.

1190

Nginx / Re: ModSecurity not working with NGINX

« on: January 23, 2023, 12:32:03 AM »

Unfortunately, it's not free:

The NGINX ModSecurity WAF is available to NGINX Plus customers as a downloaded dynamic module at an additional cost. You can try the NGINX ModSecurity WAF free for 30 days. To purchase or add the NGINX ModSecurity WAF to an existing NGINX Plus subscription, contact the NGINX sales team.

1191

CentOS 5 Problems / Re: Continuous reduction of hosting space

« on: January 22, 2023, 08:43:30 PM »

And consider implementing logrotate so you don't wind up with ever-bloating log files. Keep 7 (or at least 4) compressed logs, rotated weekly. Then you can still look back at errors, traffic patterns, or security breaches but not have to contend with log bloat!

1192

How to / Re: Upgrade PhpMyAdmin

« on: January 22, 2023, 08:37:51 PM »

Things I don't want tidied up/reverted behind my back simply get a

Code: [Select]

chattr +i <file>or

Code: [Select]

chattr +i <directory>So in this case:

Code: [Select]

chattr +i /usr/local/cwpsrv/var/services/pma/

1193

DNS / Re: DigitalOcean DNS or CWP7 DNS?

« on: January 22, 2023, 08:34:31 PM »

Cloudflare 
Definitely not CWP DNS, in my experience. They simply can't replicate the worldwide redundancy of local resolvers near your server and near the end users.
1.1.1.1
1.0.0.1

1194

Functions / Re: Dark Mode for Text Editor

« on: January 22, 2023, 06:35:37 PM »

Unfortunately, the code editor is IonCube encoded, which makes it rather opaque:

Code: [Select]

/usr/local/cwpsrv/var/services/users/codeEditor.php
Maybe you could use a browser plugin to flip the form control around:

Code: [Select]

<select class="form-control" onchange="selectTheme(this.value)" data-ddg-inputtype="unknown">
                    <option value="default">Light Mode</option>
                    <option value="monokai">Dark Mode</option>
                </select>
Meanwhile, if you want to fix the English grammar of the File Manager interface, the file to edit is here:
/usr/local/cwpsrv/var/services/users/cwp_lang/en/filemanager.ini

1195

CentOS-WebPanel Bugs / Re: [CWP Pro] Bug Cron Jobs Section not usable.

« on: January 22, 2023, 06:16:43 PM »

Cronjobs are critical and I'm surprised CWP has not sorted this still.

Well, I'm not too surprised. But I've learned to work around a lot. And at this point my 3 CWP servers are pretty stable so not a lot of ongoing action with configuration changes. And I do 1/2 the work in the terminal anyway because it's fine-grained configuration outside the scope of the CWP web interface.

1196

FTP / Re: Change home directory for anonymous login

« on: January 22, 2023, 06:13:17 PM »

Probably -- I didn't look at the build options for CWP's pure-ftpd. You'd probably have to re-build it yourself with the full selection of features. At this point, I'm only using sftp on my servers, and CrushFTP for a full-featured FTP/SFTP/web interface workgroup file sharing site.

1197

CentOS 7 Problems / Re: CWP Apache domlogs cover 50% of my disk

« on: January 22, 2023, 06:03:47 PM »

What I am suggesting is that you truncate them to 0 bytes -- then start fresh with log rotation (keeping only 7 copies) that are compressed. So it won't build up like that again -- much more manageable but still there for reference in case of an error or security breach.

1198

New Modules / Re: [module] PhpMyAdmin auto login

« on: January 22, 2023, 06:22:48 AM »

In my opinion, this should actually be reversed. I don't like auto-logins to security-sensitive areas.

If you don't want phpMyAdmin auto-login, you can simply set the MySQL root password to something different than your system root password. And make sure to update /root/.my.cnf -- then PMA will go to its login screen instead of auto-logging in with your system root credentials (that you also use for CWP).

1199

CentOS Configuration / Re: Defualt root Cron list

« on: January 22, 2023, 06:17:45 AM »

/usr/local/cwp/php71/

**sigh**
Sure, it's actually php 7.2, but shouldn't we be moving past the 7.x branch and onto 8.1, given that 7.4 EOL'd in Nov 2022? We're now firmly into 2023.
Then again, this forum version is now 10 years out of date. A full decade! **sigh**

1200

FTP / Re: Change home directory for anonymous login

« on: January 22, 2023, 06:14:23 AM »

I used to be a pure-ftpd jockey for 10 years, but then switched over to CrushFTP.

Not sure your exact needs, but you could create a group called nochroot or roamers (whatever you like) and put all non-anonymous FTP users in it that you want to be able to roam the filesystem freely:

Code: [Select]

ChrootEveryone no

# If the previous option is set to "no", members of the following group
# won't be caged. Others will be. If you don't want chroot()ing anyone,
# just comment out ChrootEveryone and TrustedGID.

TrustedGID 10
Or you could ChrootEveryone and set up symlinks in privileged subdirs that let those users break out of the chroot jail:

Symbolic links can be followed when users are chrooted, even when they are pointing out of the chroot jail. This unique feature makes shared content easy to set up.