Starburst

Figured it out.

Sandeep, I was using the additional code so LFD would just send the 1 paragraph out to the blacklists, but when I switch to OWASP latest it stopped working. Any ideas? Thanks

Since the Comodo ruleset it dead, has anyone had luck getting Apache, Mod_Security, CSF/LFD and OWASP CRS all working tother? I see from the log file, entries are being added, and /var/log/lfd/log show the file is being monitored. BUT no email notifications are being sent, and the bad IP isn’t being added to /etc/csf/csf.deny to be blocked by CSF. Weird part is, Comodo and OWASP old both work. This is a problem with OWASP latest. CWP version is 0.9.8.1190

Just wanted to confirm this is the fix to migrate CWP from AL8 to AL9 using CWP → CWP Migration.

RoundCube 1.5.9 works greats also. Just need to change the 8 to a 9.

I just always use https://www.alphagnu.com/topic/24-cwp-–-control-web-panel-install-latest-apache-2462-version/

No, The OWASP 4.x ruleset works with Mod Security 2.9.7 and Apache 2.4.62 The only problem, is notifications are not being sent by LFD from the Mod Security log (something isn't being triggered). Otherwise when I look at the log, attacks are being blocked as they should be.

Would like to update ModSecurity from 2.9.7 to 3.0.12, along with using the Latest OWASP Ruleset 4.0.7 Is there a guide how to accomplish this?

You should post this over at the Official CWP forums.

Yes, your reply the 1st time fixed it. 🙂 Had sent you a tip, hope you got it.

Tried to send you a message, but got: You are only allowed to send 0 messages per day. Please try again later. But lookup ticket # 920288... I now see what some people are talking about...

Apache 2.4.60 just got released today. 🙂

Is there a way besides the script in the /scripts folder to update phpMyAdmin? The script in the directory say it has the latest, but is running 5.1.1, and the current version (as of 2024-06-07) is 5.2.1. Thanks

This looks to enable HTTP/2, but not ALPN. How can ALPN be enabled? Thanks

How is this file different than adding it to the disable_functions in the main php.ini? Thanks

Is there any way to get PHP Defender that uses Snuffleupagus to work the PHP 8.2.x on AlmaLinux 8.x?

I've successfully updated AlmaLinux 8.x to 9.x Took awhile to get the sequence right, but stuck on PHP 7.4.33. Just waiting on CWP 9 now.

I know it's AL 9.3. But when I do the PHP /configure line, I keep getting: checking for iconv support... yes checking for iconv... yes checking if iconv is glibc's... yes checking if iconv supports errno... no configure: error: iconv does not support errno At which point, it won't continue. Any ideas? Getting PHP working is the last step.

It must have been a ghost. No error messages, other than Let's Encrypt saying the domain wasn't pointed to the IP or was .htaccess restricted, would just load to the first site in the user list using the shared IP. Did an images restore, and updated Apache again, and all is working. Very weird. Never seen a problem like that in 5 years of running CWP.

vhost is created correctly in /usr/local/apache/conf.d/vhosts/ with the right IP. Tried deleting & recreating, still isn't seen.

Having a weird problem after this latest rebuild. No new sites or domains added are working. Under Admin -> WebServer Settings -> Apache Re-Build, it's not showing 2.4.58, only the older 2.4.57 Rebuilt to the older version, and then also rebuilt in vhosts under Admin -> WebServer Settings -> WebServers Main Conf Rebuilt again to 2.4.58, still no joy. Any suggestions?

What about if you need ionCube support/enabled?

FYI 2.4.58 was released on 2023-10-19

Do you have a build option so ionCube Loaders can be done at the same time? Since ionCube Loaders 13.0.x supports PHP 8.1.x and 8.2.x now.

Just tried the 1.6.3 upgrade and gave: # bin/installto.sh /usr/local/cwpsrv/var/services/roundcube Unsupported PHP version. Required PHP >= 7.3. So since CWP still uses the obsolete PHP 7.1, we are limited to old version of RoundCube. Is there an ETA when CWP might finally make it to PHPP 8.1, 8.2 or the new 8.3 RC? No to mention 0.9.8.1170 is behind on it's PHP version now by quite a bit with 8.1 & 8.2.