CWP - Control WEB Panel

Can't understand why CWP configures apache vhosts listening on the public IP and not in localhost/127.0.0.1. Why is this setup if it's behind a nginx proxy and not serving pages outside? It shouldn't be better to use 127.0.0.1?

• 4 replies
• 4.1k views

Sandeep B. replied December 4, 20231 yr

In this tutorial we’ll install most awaited php version in CWP control panel as php switcher. This easy guide will guide you upon how to install PHP 8 easily. PHP 8.2 comes with numerous improvements and new features such as: New readonly Classes Allow true, false, and null as Standalone Types Disjunctive Normal Form (DNF) Types Redact Sensitive Parameters in Back Traces New mysqli_execute_query Function and mysqli::execute_query Method Fetch enum Properties in const Expressions Allow Constants in Traits Deprecate Dynamic Properties (and New #[AllowDynamicProperties] Attribute) Deprecate Partially Supported Call…

• 5 replies
• 8.7k views
• 1 follower

Sandeep B. replied November 29, 20231 yr

I have a problem with the site When paying via PayPal it appears broken content-length header Use the PayPal Demo Portal SandBox As shown

• 3 replies
• 7.5k views

Sandeep B. replied November 28, 20231 yr

I've a question about this step. After doing this there is a problem on CWP -> DKIM Manager where the zone appears duplicated and the signed one is not recognized. How can it be solved for CWP? What are the additional steps to get it working?

• 3 replies
• 4.4k views

Sandeep B. replied November 28, 20231 yr

Can't see the option to update PHP to latest 8.1.25 build. Can anyone tell how to update version? Thanks in advance,

• • 
• 7 replies
• 9.6k views
• 1 follower

Sandeep B. replied November 26, 20231 yr

Hi Master Could you please enlighten us how to install mod_qos against the now so popular slow loris attacks on our Apache server.

• 2 replies
• 3.8k views

Ling replied November 17, 20231 yr

Hi, I have a trouble to put ssl certificate on a domain with private ip. Thanks

• 2 replies
• 4.8k views
• 1 follower

Jovanny replied November 14, 20231 yr

When using a Cloudflare proxy in front of the CWP dashboard it gives a invalid session, so cwp.hostname.com:2031 doesn't works. How can it be solved? I've tried bypassing Cloudflare (gray cloud in panel) to DNS only. But doesn't work? There is any setup working?

• 3 replies
• 2.7k views

Sandeep B. replied November 10, 20231 yr

Hi, Thanks for the forum. How to put https in the link form streaming on shoutcast and icecast I have the link http://mysite.com:15000 by example how to make it https Thanks again

• 2 replies
• 8.2k views
• 1 follower

Jovanny replied November 9, 20231 yr

Hi Guys! Trying to find info, I got here! and I've seen plenty of very interesting things!! I hope anyone can help me out.. I have a server with Centos 7.9 and CWP.. problem is, after a penetration test, they say that a critical issue showed up.. and need to be fixed CVE-2022-2068.. I have OpenSSL 1.0.2k-fips 26 Jan 2017 in the system. (this is what openssl version shows) but in php it shows.. OpenSSL Library Version OpenSSL 1.0.1e-fips 11 Feb 2013 OpenSSL Header Version OpenSSL 1.0.1e-fips 11 Feb 2013 Anyway.. I found a way to update openssl in the syst…

• 4 replies
• 12.2k views

CyberFred replied November 8, 20231 yr

There are several bugs in the user panel under File Management / Directory Protection The directory protection manipulates the .htaccess and .htpasswd files in a user directory in order to limit the access from the web to these directories. 1. The predefined .htaccess file contains a typo error "memebers only" instead of members only 2. The mechanism fails completely if there is a .htaccess file already present. Instead of scanning the existing .htaccess and appending the predefined blocking content, no action is performed at all. Only the .htpassword file is generated, which is useless as such without the blocking content in .htaccess 3. If removing t…

Recently I can not login to CWP user panel anymore over the side server:2083/login/ Just a blank page appears, no content Tried rollback to earlier versions, no effect. Checked different browsers, no effect Disabled modsecurity, firewall, no effect A login over the root panel / list users works without problem, as the login page is circumvented here Initially this clearly worked in 1170 version with 2FA. Now the whole thing dissapeared, really dont know why this happened.

• 16 replies
• 9.1k views

Ling replied October 6, 20231 yr

dear Sandeep B. how are you ? I have had a problem for a few days with my emails. I am receiving an email from my own email account I have configured My host has: rDns Ok dkim: ok spf: ok Dmarc: Ok Ip: Ok when looking at the headers I noticed that the ip is not from my server. I don't know what I should do to stop these scam emails from arriving. Thank You. the scam email is the following ----------------------------------------------------------------------------------------- **Message removed**

• • 
• 6 replies
• 18k views
• 1 follower

jonatitom replied October 2, 20231 yr

Dear Master I have cwp with centos 7 . i get frequently issue from cwp my firewall stop auto after couple of hours after that i disable csf -x & re enable csf -e after that it work. but again after sometime it will stop automatically. Regards & Thanks

• 10 replies
• 3k views

Sandeep B. replied September 24, 20231 yr

As a thank you to your efforts re 2FA: I tell you some flaws in CWP control panel, so you can remove it 1. In the dashboard 1.1 in the firewall manager 1.1.1. sub control panel for CSF 1.1.1.1 In the blacklist configuration Press delete a permanent entry It says "Remove emporary entry" instead "Remove temporary enry" Actually it should say "Remove permanent entry" because those are permanent entries ----- 1.1.1.2 In the whitelist configuration Press delete a permanent entry It says "Remove emporary entry" instead "Remove temporary enry" Actually it should say "Remove permanent entry" because those are…

• 2 replies
• 7.5k views

Ling replied September 12, 20231 yr

Dear Sandeep You are the brain behind CWP Control Panel. Can you enlighten us, by when CWP will get a fully functional working 2FA for both, the user panel and the Root Main Control Panel? Currently the once working (Version 1156 was the last one) 2FA of the user panel is broken (until today's 1163 version), and the Root Main Control Panel still has to rely on the outdated solution from RCSchaff, which is an inofficial 3rd Party and not officially supported anymore. I mean, nowadays for all existing control panels on the market, 2FA is state of the art. And having a 200 characters long password just for security reasons is not really advisable. CW…

• • 
• 12 replies
• 7.2k views

Ling replied September 12, 20231 yr

I'm having a problem installing SSL Wildcard on my server Look at the two attached pictures. Is there an error in adding dns? Is there any note to solve the problem?

• • 
• 14 replies
• 7.2k views
• 1 follower

bablil replied August 18, 20231 yr

In this tutorial I’ll show you the configs in order to increase the upload memory limits under CWP control panel. Below tutorial will guide you to increase upload limits quickly via command line, ensure you’ve root access and already logged into ssh terminal. Lets get started : I’ve created simple command which will increase upload limit automatically : First backup existing CWP config file and php.ini by below command : cp /usr/local/cwp/php71/php.ini /usr/local/cwp/php71/php.ini.bak cp /usr/local/cwpsrv/conf/cwpsrv.conf /usr/local/cwpsrv/conf/cwpsrv.conf.bak Since update will revert back the config files and modifications in order to preven…

• • 
• 8 replies
• 15.1k views

Sandeep B. replied August 1, 20231 yr

Varnish is an HTTP accelerator designed for content-heavy dynamic web sites as well as APIs. In contrast to other web accelerators, such as Squid, which began life as a client-side cache, or Apache and nginx, which are primarily origin servers, Varnish was designed as an HTTP accelerator. Here how you can optimize varnish cache server in CWP Install Varnish cache from CWP Webserver Settings >> Webserver conf For Centos 7/EL7 : Edit this file : /etc/varnish/varnish.params and replace all lines with the below configs : # Varnish environment configuration description. This was derived from # the old style sysconfig/defaults settings # Set this …

In this tutorial we’ll going to learn how to configure Apache mod_remoteip in order to restore original ip when using cloudflare proxy. We’ve another blog post upon how we can configure mod_cloudflare to restore ip which for some are not at all working. This is the method which is working and recommended in cloudflare website. So without wasting time lets get started with this simple steps. : Step 1 : Enabling mod_remoteip in Apache config : sed -i '/LoadModule remoteip_module modules/ s/^#//g' /usr/local/apache/conf/httpd.conf Step 2 : Now we’re going to configure cloudflare original ip config : first of all create a file named “cloudflare.c…

In this tutorial we’ll use redirect rules for HTTP to HTTPS (mod_rewrite – Apache) htaccess rule on CWP, I’m assuming you’ve already installed ssl certs and enabled https support for your website if you not done it yet then stop here this can break websites if ssl is not already installed. SSL is very important nowadays for better security and SEO benefits, if you didn’t installed ssl for your sites yet consider upgrading to https, this will build trust towards your visitors and google gives better ranking in search engine (I’m not a SEO expert but noticed this changes). Lets get started : Using Apache as main server (only) : Rewrite rule as follows, this n…

In this tutorial we’ll configure XFS disk quota in centos and CWP control web panel. In server xfs quota setup will not work because of Kernel parameter is set to “noquota” we’ll bypass and configure it with the help of below tutorial which is easy to follow and configure. The XFS quota subsystem manages limits on disk space (blocks) and file (inode) usage. XFS quotas control or report on usage of these items on a user, group, or directory or project level. Install quota packages : yum -y install quota* For EL8/RHEL 8/CentOS 8 only : dnf --enablerepo=Devel install quota* Now we’ll check the disk type and double check if it is XFS file system : …

Install OCI8 php extension in CWP/Centos8/Centos7. This OCI8 extension lets you access Oracle Database. These functions allow you to access Oracle Database. They support SQL and PL/SQL statements. Basic features include transaction control, binding of PHP variables to Oracle placeholders, and support for large object (LOB) types and collections. Oracle’s scalability features such as Database Resident Connection Pooling (DRCP) and result caching are also supported. For el8/Centos 8/stream/Rocky/Almalinux : First download the required Oracle instantclient packages : cd /usr/local/src wget https://download.oracle.com/otn_software/linux/instantclient/215000/ora…

Installation of mod_passenger in CWP- Control WebPanel in Centos 7/EL7/Centos 8 Stream/El8 easily with this below steps provided. Ensure you run this command as root user. mod_passenger enables Phusion Passenger to host Ruby, Python, and Node.js apps on the Apache server. Phusion Passenger specializes in managing these types of apps by restarting them in the case of an app crash, keeping heavy-resource usage in check, and more. By enabling this feature, you will be able to add Ruby, Python, and Node.js apps onto your server. First install some requirements like ruby gem and rack and dependencies Centos 7/EL7 : yum install apr apr-devel ruby rubygem-rake rub…

install mod_evasive module in CWP apache 2.4 to prevent from DDOS attacks. DDoS stands for Distributed Denial of Service. It is a malicious attack where multiple compromised computers are used to flood a target system or network with an overwhelming amount of traffic, causing it to become unavailable to legitimate users. mod_evasive is an Apache module designed to provide protection against Distributed Denial of Service (DDoS) attacks. It detects and blocks suspicious or malicious requests from reaching the web server, thereby mitigating the impact of such attacks. TO install mod_evasive module with apache 2.4.x follow this simple steps : Step 1 : y…