81
Installation / Re: Cannot login into the admin panel anymore
« Last post by Nagataka on October 12, 2025, 01:02:05 PM »Thanks again for your quick reply.
The good thing, no serious stuff is running on this, so a reinstall shouldn't be a problem.
Again thanks for your help.
The good thing, no serious stuff is running on this, so a reinstall shouldn't be a problem.
Again thanks for your help.
82
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« Last post by overseer on October 12, 2025, 12:54:47 PM »Those .c files don't appear to be IoC related to the patched CWP vulnerability. Likely they are part of another PHP injection attack -- multiple competing gangs are attempting to compromise servers on any given day. So the recommendation is to harden your PHP install right away, then engage in clean up & full postmortem.
Better to batten down the hatches rather than bailing water out of the ship...
Better to batten down the hatches rather than bailing water out of the ship...
83
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« Last post by pedromidiasf on October 12, 2025, 12:16:24 PM »Where did you find those files? Inside /home or anywere else?
I also have this 198.144.182.13 IP in my logs.
Also found out that he also has created wordpress accounts, this is his data:
user: wpadminerlzp
email: wpadmin@volovmart.ru
date: 2020-06-14 00:00:00 (by looking at this 00:00:00, I assume this was SQL inserted)
I also have this 198.144.182.13 IP in my logs.
Also found out that he also has created wordpress accounts, this is his data:
user: wpadminerlzp
email: wpadmin@volovmart.ru
date: 2020-06-14 00:00:00 (by looking at this 00:00:00, I assume this was SQL inserted)
84
Installation / Re: Cannot login into the admin panel anymore
« Last post by overseer on October 12, 2025, 10:51:43 AM »CWP is in beta for EL9 distributions, so there are still some bugs and this is definitely one of them. But CentOS Stream is definitely a beta quality OS, so a shaky foundation on which to build a server. A piece of friendly advice: consider using AlmaLinux 9 instead. It is definitely firmly in the EL tradition! Meanwhile, that is the advice offered by the CWP devs to resolve the issue:
We are working on resolving this issue, a quick fix is to go to this fileCode: [Select]nano /etc/login.defs
and comment out the following lineCode: [Select]SHA_CRYPT_MAX_ROUNDS 5000
toCode: [Select]#SHA_CRYPT_MAX_ROUNDS 5000
After this you can change the user's password from the cwp administration panel and you will be able to login.
85
Installation / Re: Cannot login into the admin panel anymore
« Last post by Nagataka on October 12, 2025, 09:56:23 AM »Sorry, that advice was if you had changed the MariaDB root password. You mean the system user root password! Are you on an EL9 distribution (AlmaLinux 9, Rocky Linux 9)?
If so open /etc/login.defs
Find:
SHA_CRYPT_MAX_ROUNDS 10000
Replace with:
#SHA_CRYPT_MAX_ROUNDS 10000
Reboot. Now re-set the root's password and it will login successfully.
Sorry for the lack of information, i am indeed running CentOS 9
Code: [Select]
[mothew@server01 ~]$ hostnamectl
Static hostname: server01.soberlife.nl
Icon name: computer-vm
Chassis: vm 🖴
Machine ID: 432a6a92f65e49c3b3181e8f0e7f2cab
Boot ID: bc1q4h3rk4hgruu7auyf0dpxtx6hsh86xpq04jx5g5
Virtualization: vmware
Operating System: CentOS Stream 9
CPE OS Name: cpe:/o:centos:centos:9
Kernel: Linux 5.14.0-522.el9.x86_64
Architecture: x86-64
Hardware Vendor: VMware, Inc.
Hardware Model: VMware Virtual Platform
Firmware Version: 6.00
I did as you suggested, but still cannot login to CWP.
But thanks for the tip at least!

86
Installation / Re: Cannot login into the admin panel anymore
« Last post by overseer on October 11, 2025, 11:52:49 PM »Sorry, that advice was if you had changed the MariaDB root password. You mean the system user root password! Are you on an EL9 distribution (AlmaLinux 9, Rocky Linux 9)?
If so open /etc/login.defs
Find:
SHA_CRYPT_MAX_ROUNDS 10000
Replace with:
#SHA_CRYPT_MAX_ROUNDS 10000
Reboot. Now re-set the root's password and it will login successfully.
If so open /etc/login.defs
Find:
SHA_CRYPT_MAX_ROUNDS 10000
Replace with:
#SHA_CRYPT_MAX_ROUNDS 10000
Reboot. Now re-set the root's password and it will login successfully.
87
PostgreSQL / Re: Error starting postgres
« Last post by overseer on October 11, 2025, 11:47:08 PM »Did you install postgres via yum/dnf or via the CWP web admin panel? If via the panel, you would need to call it via the version number you installed. For example, with version 17:
Code: [Select]
systemctl unmask postgresql-17
systemctl start postgresql-17
systemctl enable postgresql-17
(I do not run pgSQL on my servers, so I did a test installation via the CWP GUI to discover this little nuance.)88
PostgreSQL / Re: Error starting postgres
« Last post by gilliard on October 11, 2025, 02:31:57 PM »Now after the remove command, even after reinstalling postgres, it no longer appears to start along with the other services.
89
PostgreSQL / Re: Error starting postgres
« Last post by gilliard on October 11, 2025, 02:24:46 PM »yes...
[root@cwp ~]# rm -f /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# systemctl enable postgresql.service
Failed to enable unit: Unit file postgresql.service does not exist.
[root@cwp ~]# systemctl start postgresql.service
Failed to start postgresql.service: Unit postgresql.service not found.
[root@cwp ~]#
[root@cwp ~]# rm -f /usr/lib/systemd/system/postgresql.service
[root@cwp ~]# systemctl enable postgresql.service
Failed to enable unit: Unit file postgresql.service does not exist.
[root@cwp ~]# systemctl start postgresql.service
Failed to start postgresql.service: Unit postgresql.service not found.
[root@cwp ~]#
90
CentOS 8 Problems / Re: packages update error AlmaLinux 8
« Last post by Starburst on October 11, 2025, 02:01:54 PM »@overseer
Please reframe posting any of our help or articles in the furture when 'djprmf' is helping in a thread, that user made it clear our help and knowledge is not wanted by other users...
Please reframe posting any of our help or articles in the furture when 'djprmf' is helping in a thread, that user made it clear our help and knowledge is not wanted by other users...