All Activity

Sandeep can you please convert this for 24gb ram the numbers seem very large when i did it.

After reviewing the code, I've made some improvements for better readability and maintainability. The functionality remains the same, but the code is now more structured and clearer. Here's the revised version: perlCopy # added by Navid if ($config{LF_MODSEC} && $globlogs{MODSEC_LOG}{$lgfile} && $line =~ /^\[\S+ \S+ \S+ \S+ \S+\] \[(\w*)?:error\] (\[pid \d+(:tid \d+)\]) \[client \S+:\S+\] \[client (\S+)\] ModSecurity:(( \[[^\]]+\])*)? Access denied/,/) { my $ip = $4; $ip =~ s/^::ffff://; $ip =~ s/:\d+$// if split(/:/, $ip) == 2; my $ruleid = "unknown"; if ($line =~ /\[id "(\d+)"\]/) { $ruleid = $1; } if (checkip($ip)) { return ("mod_security (id: $ruleid) triggered by", $ip, "mod_security-custom", "4", "80,443", "1"); } else { return; } } # ended by Navid Changes made to the code: Replaced the and operator (&&) instead of and for better Perl coding practice. Reorganized the conditional checks to be more concise and easier to read. Simplified the conditional statement for removing the port number from the IP address. Added curly braces for better clarity and readability. Note: if there is missed please advice me. thank you.

What webserver(s) you use?

I hope this will help some one any advise is welcomed. I have a VPS with 32g’s of ram, and 8 CPU’s. I use CWP on it to host 24 accounts for in-house domains I manage all running WordPress on low traffic websites. My main site has 17 active plugins and three that I activate on a per / use basis for wp-admin tasks only and it has the most traffic. So I have been using Nginx & Varnish & Apache using WordPress as the Varnish default vhost template. I am developing a WordPress Multi-site that I hope will gain traction. I have opened it up for registration for sites and memberships. So for the first time in years I looked at tweaking the server now before it grows larger and becomes more active with visitors / members. For 3 years now I have not been using any caching plugins for WP except for the Redis official plugin. At one point a couple of years ago I enabled cache on all WP installations. Before too long I had caching errors and it happened again using W3 Total Cache plugin again selecting redis for object / DB caching. The issue is that I would be and some visitors served another domain / wordpress site on the this same server. Security became a concern as I have /wp-admin/ rewritten to /”secret-admin”/ across all my sites on the server and I was getting served up login urls @ another site. As admin using the brave browser it is a struggle to clear out the cache on the client side and visitors like me and crawlers might have to wait a while for it to expire locally. On any event I loos site traffic and it sets of the search engines and browser warnings. I did some quick research and by trial and error have come to the conclusion Opcode (APC-APCu) seems to be the right setting for the VPS (KVM). W3TC suggested that I use Advanced Disk Caching option for a shared hosting environment - I first tried redis as it consistently gave the best performance gains according to the benchmark testing I did in the plugins initial setup and I thought W3TC would keep it from polluting other WP caches on the server. I tried memchached, it seemed to work well, php-fpm and mariadb calmed down quite alot. I then reconfigured W3 to use Opcode and so far it has outperformed memecached. My question is using Opcode (APC-APCu) instead of Advanced Disk Caching the right choice? Technically each WP installation is in a shared server environment with different cwp user accounts and W3TC says that disk caching is the best option. Am I naive in thinking Opcode (APC-APCu) is safe and or the right choice given all the shared hosting sites are in house? Again I hope this helps someone and if you have feed back I look forward to hearing it.

Hi, kindly some one help us on how to update/ upgrade Mode Security to latest version : v3.0.13 on cwp panel please thank you so much

Currently I’m using: ./configure --with-apxs=/usr/local/apache/bin/apxsShould I be building it another way for CWP?

Yes, you can. You will create the main account: User Accounts → New Account. For the additional domain, you will create that under the menu: Domains → Add Domain. That will ask you for the user, which you created above under User Account. Then you can either point to the root of the same directory, or a sub-folder. Or you can user Cloudflare to redirect the domain to another.

Can i add an account domain1.com and then point domain2.com to the same folder.? So if i have a php file it says welcome to domain1 if i open it on domain1.com and it says domain2 if i open domain2.com?

So it seems by default CWP send out 3 paragraphs with attacks, and the above code, cut it down to 1 paragraph. Which in turn sites like AbuseIPDB can accept automatically.

Hi, dear Sandeep thank you so much for you a very nice and useful guide on cURL. but as you know the latest is cURL 8.11.1 could you please confirm and update the code for the latest cURL??? note: does the Latest cURL is capable with cwp? thank you and waiting for you guide. regards.

thank you so much this topic help me a lot your sincerely

Hi, dear masters, I would like to install the latest version of the cURL on centos 7 Kindly guide me on how can apply this scenario because I did as below; rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm yum --enablerepo=city-fan.org update curl libcurl libcurl-devel but it is not working. thank you so much.

would love to see this updated to work on alma and rocky

I upgraded nginx to version: nginx/1.26.2 using the guide here. version 1016000 instead of 1026002 in /etc/nginx/nginx.conf:1 There is an error in mismatch in the objects buildID’s How can I resolve it? Thanks for any insight you can share. Feb 3 23:27:32 net systemd[1]: Starting nginx - high performance web server... Feb 3 23:27:32 net nginx[2242722]: nginx: [emerg] module "/etc/nginx/modules/ngx_http_brotli_filter_module.so" version 1016000 instead of 1026002 in /etc/nginx/nginx.conf:1 Feb 3 23:27:32 net systemd[1]: nginx.service: Control process exited, code=exited status=1 Feb 3 23:27:32 net systemd[1]: nginx.service: Failed with result 'exit-code'. Feb 3 23:27:33 net systemd[1]: Failed to start nginx - high performance web server.

Goaccess isnt producing montly stats for me,. also never has. on any site Is there a way of getting awstats or webaliser or analog stats to work with CWP on the customers panel and on admin if possible. customers are most important

I have been using SSDNODES for going on 4 years now. Have a dual sever set up - 8 CPU - 32GB RAM - [480GB NVMe] is under $125.00 / year. Never had any down time, never had any resource issues. KVM’s. CentOS / Alma / Rocky / images offered for use with CWP. For me it is the best value and I got a server in a NOC a couple of hours away from where I live. This is an honest recommendation. https://www.ssdnodes.com/manage/aff.php?aff=932

Figured it out.

I can report it does. Thank you Sandeep for another great topic.

To check it against PCRE, could you post just one line from your logs not being catched..?! Regards, Netino

Sandeep, I was using the additional code so LFD would just send the 1 paragraph out to the blacklists, but when I switch to OWASP latest it stopped working. Any ideas? Thanks

Thank-You!Sandeep. I went from having 16gb of disk space left to now having only used 28% of a 475GB ssd! I was thinking a storage upgrade was in order. Four years I think of logs… Issue I ran into is “truncate: cannot open '/var/log/cwpsecure/reject_003.log' for writing: No such file or directory” after chmod and executing “ sh /root/clearlog.sh” CWP Secure CentOS Kernel is not active so I #’ed it out. and all is well. I also implemented @torettos tip re mail and roundcube. Much appreciated, thank you both. I set cron for 6 months “0 0 1 /6 /usr/bin/sh /root/clearlog.sh”

Will this work with AlmaLinux 8.10 ?

Since the Comodo ruleset it dead, has anyone had luck getting Apache, Mod_Security, CSF/LFD and OWASP CRS all working tother? I see from the log file, entries are being added, and /var/log/lfd/log show the file is being monitored. BUT no email notifications are being sent, and the bad IP isn’t being added to /etc/csf/csf.deny to be blocked by CSF. Weird part is, Comodo and OWASP old both work. This is a problem with OWASP latest. CWP version is 0.9.8.1190

I tried to upgrade phpmyadmin to 5.2.2 but autologin doesn’t work. Is there any possible way to make it work with CWP in AL9