Community
I deleted a website long ago but a folder keeps being created for it at /home/website.com, no matter how many times I delete it. The only thing that the folder contains is an empty public_html folder.
I have deleted all unused databases from mariadb, and searched the remaining ones for the wesbite name and didn’t find anything. I have deleted any extra system users as well.
What could be causing this?
Please share your cyberpanel version also go to the delete website and truly to do the deletion 2 3 times and then check
Latest version, but it has been happening for months. To clarify, it doesn’t show in Cyberpanel - it only creates the folder that I can see via the ssh cli. E.g cd /home ls. So there’s nothing to delete.
Hello, I have same issue, did you find any solution?
No, I never solved it. The deleted folder keeps coming back.
That looks like a fun thing to hunt and debug.
When you delete the website, how long does it take for the folder to re-appear?
Or the folder is recreated as soon as you delete it?
Or is a random time?
Or after a system restart?
Did you have ssl on the website?
Any automatic backup?
same… because this is old one… i hope locked and focus on new post
Are you running any Docker containers with a bound volume? Could be that the container is recreating the folder, otherwise maybe a forgotten cronjob setting?
No Docker installed.
When you delete the website, how long does it take for the folder to re-appear?
Did you have ssl on the website?
Any automatic backup?
Similar for me. Random time. Sometimes maybe minutes sometimes days. I don’t really monitor it.
I’m thinking perhaps it’s an ssl thing now that you mention it - there’s probably a cert still somewhere and it tries to recreate the folder when there’s some cron or other process to check/renew it.
But I have no idea how I’d debug such a thing.
I found something like that, I tried and I hope it works;
Nice one. I just did that and removed the /home/persistent-domain-name folder again as well - will have to wait to see if it persists!
@usmannasir There’s also many other domains that I deleted a while ago in /etc/letsencrypt/live. Should these not be deleted when you delete a website?
This didn’t work - the phantom website came back today at 00:07. However the folder in /etc/letsencrypt/live did not come back. Running find / -iname domain.com shows that the only folder/file is /home/domain.com
Try this to search inside all files:
grep -insr "domain.com" /*
Will take a long time. So try to limit it to specific folders, if doesn’t work then do a full search.
grep -insr "domain.com" /etc/*
grep -insr "domain.com" /usr/*
grep -insr "domain.com" /opt/*
grep -insr "domain.com" /home/*
I just ran this grep -rlw "domain.com" /* --exclude-dir={proc,tmp,mnt,bin,boot,opt,snap,srv,sys,run} instead so as to only print the filenames.
/root/.local/share/nano/search_history
/root/allDB.sql
/root/.acme.sh/domain.com_ecc/domain.com.conf
/root/.acme.sh/domain.com_ecc/domain.com.csr.conf
/root/.bash_history
/usr/local/lscp/cyberpanel/logs/access.log
/usr/local/lsws/logs/access.log
/usr/local/lsws/logs/access.log.2022_06_04
/usr/local/lsws/conf/httpd_config.conf0,v
/usr/local/maldetect/logs/event_log
/var/lib/redis/dump.rdb
/var/lib/mysql/mysqld-bin.000083
/var/lib/mysql/mysqld-bin.000091
/var/lib/mysql/mysqld-bin.000039
/var/lib/mysql/mysqld-bin.000024
/var/lib/mysql/mysqld-bin.000013
/var/lib/mysql/mysqld-bin.000020
/var/lib/mysql/mysqld-bin.000028
/var/lib/mysql/mysqld-bin.000037
/var/lib/mysql/mysqld-bin.000119
/var/lib/mysql/mysqld-bin.000069
/var/lib/mysql/mysqld-bin.000023
/var/lib/mysql/ib_logfile0
/var/lib/mysql/mysqld-bin.000042
/var/lib/mysql/mysqld-bin.000035
/var/lib/mysql/mysqld-bin.000098
/var/lib/mysql/mysqld-bin.000097
/var/lib/mysql/mysqld-bin.000034
/var/lib/mysql/mysqld-bin.000087
/var/lib/mysql/mysqld-bin.000086
/var/lib/mysql/mysqld-bin.000124
/var/lib/mysql/mysqld-bin.000147
/var/lib/mysql/mysqld-bin.000002
/var/lib/mysql/mysqld-bin.000111
/var/lib/mysql/mysqld-bin.000041
/var/lib/mysql/mysqld-bin.000170
/var/lib/mysql/mysqld-bin.000025
/var/lib/mysql/mysqld-bin.000125
/var/lib/mysql/mysqld-bin.000167
/var/lib/mysql/ibdata1
/var/lib/mysql/mysqld-bin.000036
/var/lib/mysql/mysqld-bin.000132
/var/lib/mysql/mysqld-bin.000143
/var/lib/lsphp/session/lsphp73/sess_qatb9smvb83rjcivocsh0h69dk
/var/lib/lsphp/session/lsphp73/sess_kd99cknn890it0809tqmai46hs
/var/log/sudo-io/00/04/6M/ttyin
/var/log/sudo-io/00/04/6M/ttyout
/var/log/sudo-io/00/04/7L/ttyin
/var/log/sudo-io/00/04/7L/ttyout
/var/log/sudo-io/00/04/7U/ttyin
/var/log/sudo-io/00/04/7U/ttyout
/var/log/sudo-io/00/04/7O/stdout
/var/log/sudo-io/00/04/84/ttyout
/var/log/sudo-io/00/04/1D/ttyout
/var/log/sudo-io/00/02/U6/ttyout
/var/log/sudo-io/00/02/VZ/ttyout
/var/log/sudo-io/00/00/4Z/ttyout
/var/log/sudo-io/00/03/I2/ttyout
/var/log/lynis.log
/var/log/lynis-report.dat
They mostly seem tobe log files. This one seems most suspicious/promising /usr/local/lsws/conf/httpd_config.conf0,v
I see the domain many times there, but not sure what is really happening in it. There’s also plenty of other previously-used domains listed in that file that are not having this problem
About the conf,v file, i noticed i also got old domains but no folder creation at home about them.
I thought it could be something on the cyberpanel scripts, perhaps some paths/crons that changed from an older version that were still running, but that would had to show there.
Perhaps one of those mysql’s has any config that cyberpanel fetches and uses at any cronjob/function?
But on the other hand, if older domains also exist there but don’t create folders then wouldn’t make sense.
Yeah, its a mystery. Evidently SOMETHING is creating it, but who knows what…
I did a search of all sql databases and didn’t find anything related to this domain…
Yeah i already deleted it. I just restarted the server and it wasn’t recreated, which is typical. I’ll have to check tomorrow/in the future to see what happens
Wait, i just noticed all of these files by doing find / -iname "*domain.com*" - the wildcards returned more results that weren’t there with just find / -iname domain.com
/root/.acme.sh/domain.com_ecc
/root/.acme.sh/domain.com_ecc/domain.com.cer
/root/.acme.sh/domain.com_ecc/domain.com.csr
/root/.acme.sh/domain.com_ecc/domain.com.conf
/root/.acme.sh/domain.com_ecc/domain.com.key
/root/.acme.sh/domain.com_ecc/domain.com.csr.conf
I see no reason why those should still exist so will delete them and see what happens. Though, that folder contains lots of domains that aren’t currently in use…
So far the folder hasn’t re-appeared. I’ll have to check back in a week or two. But, I’m optimistic that this /root/.acme.sh folder is the problem…
It didn’t re-appear anymore?
Not yet! I’ve set a reminder to look in a couple weeks and will report back then
I just checked again and the folder hasn’t come back. I’ve marked my previous post as the solution.
plogical/vhost.py
line 398-401
### Delete ACME Folder
if os.path.exists('/root/.acme.sh/%s' % (items.domain)):
shutil.rmtree('/root/.acme.sh/%s' % (items.domain))
Into:
### Delete ACME Folder
if os.path.exists('/root/.acme.sh/%s' % (items.domain)):
shutil.rmtree('/root/.acme.sh/%s' % (items.domain))
### Delete _ecc
if os.path.exists('/root/.acme.sh/%s_ecc' % (items.domain)):
shutil.rmtree('/root/.acme.sh/%s_ecc' % (items.domain))
Thanks, I will look into this.
That indeed looks like the problem/solution. Or perhaps even just add a wildcard to the existing code - something like %s*
Edit - some instructions for doing this using glob python - Use wildcard with os.path.isfile() - Stack Overflow