-
Starburst started following CWP to CWP account transfer not working anymore , Time to fully integrate the New Backup Beta , Updating ModSecurity to 2.9.8 and 3 others
-
Time to fully integrate the New Backup Beta
Just a FYI, JetBack seems to work with CWP unofficially. When you access the control panel for it, it shows all the CWP user accounts. Only draw back I see, if they would have to use a different control panel, UN & PW to access it.
-
Updating ModSecurity to 2.9.8
Check your main config file for the OWASP rules. Sounds like a path wasn't set correctly.
-
Solution for returning attackers when restarting CSF
Tried it, still isn't fully working. The servers use ModSecurity2.9.8 with the OWASP CRS ruleset on Apache 2.4.63 Thanks
-
Solution for returning attackers when restarting CSF
@Navid Tried your modification, but LFD gave an error:
-
Install PHP 8.3 via CWP
We run AlmaLinux 9.x Try to run these: dnf install php-cli libsodium libsodium-devel php-sodium php-pecl-zip php-pecl-mailparse php-mbstring php-pear php-devel php-pecl-imagickpecl channel-update pecl.php.netYou may need to recompile afterwards.
-
Updating ModSecurity to 2.9.8
I got ModSecurity 2.9.8 working on CWP with Apache and the OWASP latest Ruleset (4.11.0) https://kb.starburstservices.com/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-modsecurity-running-cwp-and-apache-on-almalinux-8-9/ ModSecurity 3.x isn't recommended yet @Sandeep I'll send you a DM
-
Updating ModSecurity to 2.9.8
Currently Iβm using: ./configure --with-apxs=/usr/local/apache/bin/apxsShould I be building it another way for CWP?
-
Two domain pointing to same folder
Yes, you can. You will create the main account: User Accounts β New Account. For the additional domain, you will create that under the menu: Domains β Add Domain. That will ask you for the user, which you created above under User Account. Then you can either point to the root of the same directory, or a sub-folder. Or you can user Cloudflare to redirect the domain to another.
-
Solution for returning attackers when restarting CSF
So it seems by default CWP send out 3 paragraphs with attacks, and the above code, cut it down to 1 paragraph. Which in turn sites like AbuseIPDB can accept automatically.
-
CWP update ModSecurity to 3.0.12 with OWASP Ruleset 4.0.7?
Figured it out.
-
Solution for returning attackers when restarting CSF
Sandeep, I was using the additional code so LFD would just send the 1 paragraph out to the blacklists, but when I switch to OWASP latest it stopped working. Any ideas? Thanks
-
ModSecurity, CSF/LFD and OWASP CRS not working
Since the Comodo ruleset it dead, has anyone had luck getting Apache, Mod_Security, CSF/LFD and OWASP CRS all working tother? I see from the log file, entries are being added, and /var/log/lfd/log show the file is being monitored. BUT no email notifications are being sent, and the bad IP isnβt being added to /etc/csf/csf.deny to be blocked by CSF. Weird part is, Comodo and OWASP old both work. This is a problem with OWASP latest. CWP version is 0.9.8.1190
-
CWP to CWP account transfer not working anymore
Just wanted to confirm this is the fix to migrate CWP from AL8 to AL9 using CWP β CWP Migration.
-
Update CWP RoundCube Mail Version 1.5.8 β Control Web Panel
RoundCube 1.5.9 works greats also. Just need to change the 8 to a 9.
-
cwp-httpd update fails
I just always use https://www.alphagnu.com/topic/24-cwp-β-control-web-panel-install-latest-apache-2462-version/