Hello everyone,
I’m facing a critical issue with my webserver that started suddenly overnight. The only change made was a routine update, and since then, my webserver has been down for three days. This downtime is severely affecting my community, and I am at a loss trying to identify and fix the problem.
Here are the details:
server os version: Centos 7
- Issue: Webserver stopped working unexpectedly
- Last Action: Performed a routine update
- Duration of Downtime: 3 days
- Current Control Panel: CyberPanel
- Current Version: 2.3
- Build: 5
- Current Commit:4510b6974ece0495a2942965722e0e85c9310bb1
- vhost conf
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails
enableGzip 1
enableBr 1
enableIpGeo 1
cgroups 1
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 1
logLevel WARN
rollingSize 500M
keepDays 3
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 7
rollingSize 200M
keepDays 10
compressArchive 1
}
index {
useServer 0
indexFiles index.php, index.html
}
scripthandler {
add lsapi:cyber2926 php
}
accessControl {
allow ALL
}
lsrecaptcha {
enabled 1
siteKey 6LdLUWQpAAAAAFU1TKy4qTyq3vk-C-h1u7eogrGj
secretKey
type 1
maxTries 3
regConnLimit 1000
}
extprocessor cyber2926 {
type lsapi
address UDS://tmp/lshttpd/cyber2926.sock
maxConns 500
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 0
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp70/bin/lsphp
extUser cyber2926
extGroup cyber2926
memSoftLimit 1047M
memHardLimit 1047M
procSoftLimit 50
procHardLimit 500
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
enableIpGeo 1
}
rewrite {
enable 1
autoLoadHtaccess 1
logLevel 9
}
vhssl {
keyFile /etc/ssl/cf/privkey.pem
certFile /etc/ssl/cf/cert.pem
ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384
enableECDHE 1
renegProtection 1
sslSessionCache 1
sslSessionTickets 1
enableSpdy 15
enableQuic 1
enableStapling 1
ocspRespMaxAge 86400
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
- Rewrite rules
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(js|css|jpeg|jpg|gif|png|ico|map)(\?|$) /404error.php [L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
<IfModule mod_php.c>
php_flag disable_functions "exec, system, pcntl_exec, popen, proc_open, shell_exec"
</IfModule>
- CyberPanel main log files
2024-06-08 12:03:13.947235 [INFO] [139209] [Module:mod_security] ParseConfig entry, level 1, Mod_Security v3.0.12
2024-06-08 12:03:13.947466 [DEBUG] [139209] [Module:mod_security] ParseConfig parameter[0] modsecurity off
2024-06-08 12:03:13.947488 [INFO] [139209] [Module:mod_security] Enable flag interpreted as 0
2024-06-08 12:03:13.947492 [DEBUG] [139209] [Module:mod_security] ParseConfig parameter[1] modsecurity_rules
secdebugloglevel 1
secdebuglog /usr/local/lsws/logs/modsec.log
secauditengine off
secauditlogrelevantstatus "^(?:5|4(?!04))"
secauditlogparts AFH
secauditlogtype Serial
secauditlog /usr/local/lsws/logs/auditmodsec.log
secruleengine off
2024-06-08 12:03:13.947495 [INFO] [139209] [Module:mod_security] setSecRule value:
secdebugloglevel 1
secdebuglog /usr/local/lsws/logs/modsec.log
secauditengine off
secauditlogrelevantstatus "^(?:5|4(?!04))"
secauditlogparts AFH
secauditlogtype Serial
secauditlog /usr/local/lsws/logs/auditmodsec.log
secruleengine off
, type: 1
2024-06-08 12:03:13.947752 [DEBUG] [139209] [Module:mod_security] ParseConfig parameter[2] modsecurity_rules_file /usr/local/lsws/conf/modsec/rules.conf
2024-06-08 12:03:13.947759 [INFO] [139209] [Module:mod_security] setSecRule value: /usr/local/lsws/conf/modsec/rules.conf, type: 2
2024-06-08 12:03:13.948151 [DEBUG] [139209] [Module:mod_security] ParseConfig parameter[3] modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf
2024-06-08 12:03:13.948163 [INFO] [139209] [Module:mod_security] setSecRule value: /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf, type: 2
2024-06-08 12:03:14.022230 [INFO] [139209] [Module: modcompress 1.1] has been initialized successfully
2024-06-08 12:03:14.022348 [INFO] [139209] [Module: moddecompress 1.1] has been initialized successfully
2024-06-08 12:03:14.022474 [INFO] [139209] [Module: cache 1.66] has been initialized successfully
2024-06-08 12:03:14.022575 [INFO] [139209] [Module: mod_security mod_security 1.4] has been initialized successfully
2024-06-08 12:03:14.022655 [DEBUG] [139209] [SSL] [CONFIG] Create SslContext: 0x2d12ca0.
2024-06-08 12:03:14.022783 [DEBUG] [139209] [SSL:0x2d12ca0] Create SSL_CTX: 0x2ea2978
2024-06-08 12:03:14.023281 [DEBUG] [139209] [SSL:0x2d12ca0] Enable renegociation protect
2024-06-08 12:03:14.023290 [DEBUG] [139209] [SSL:0x2d12ca0] Set SSL protcol: 28
2024-06-08 12:03:14.023294 [DEBUG] [139209] [SSL:0x2d12ca0] Enable ECDHE
2024-06-08 12:03:14.023298 [DEBUG] [139209] [SSL:0x2d12ca0] Enable session ticket.
2024-06-08 12:03:14.023302 [DEBUG] [139209] [SSL:0x2d12ca0] set ALPN: 12.
2024-06-08 12:03:14.023306 [DEBUG] [139209] [SSL:0x2d12ca0] set Cipher: ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv2:+EXP.
2024-06-08 12:03:14.023312 [DEBUG] [139209] [SSL:0x2ea2978] set ciphers to ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH
2024-06-08 12:03:14.023363 [DEBUG] [139209] [SSL:0x2d12ca0] set Cipher: ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv2:+EXP.
2024-06-08 12:03:14.023368 [DEBUG] [139209] [SSL_CTX:0x2ea2978] private_key_method not enabled
2024-06-08 12:03:14.023371 [DEBUG] [139209] [SSL:0x2d12ca0] Enable asynchronized private key signing.
2024-06-08 12:03:14.023374 [DEBUG] [139209] [SSL_CTX:0x2ea2978] Cert compression not enabled
2024-06-08 12:03:14.023378 [DEBUG] [139209] Config listener [adminListener] [*:7080]
2024-06-08 12:03:18.025501 [ERROR] [139209] HttpListener::start(): Can't listen at address adminListener: Address already in use!
2024-06-08 12:03:18.025555 [ERROR] [139209] HttpServer::addListener(adminListener) failed to create new listener
2024-06-08 12:03:18.025563 [ERROR] [139209] [config:admin:listener:adminListener] failed to start listener on address *:7080!
2024-06-08 12:03:18.025571 [ERROR] [139209] [config:admin:listener] No listener is available for admin virtual host!
2024-06-08 12:03:18.025840 [ERROR] [139209] Fatal error in configuration, exit!
I am genuinely satisfied with CyberPanel and would prefer not to switch to a different control panel. However, this prolonged outage is making me consider migrating to a new panel if a solution isn’t found soon.
If anyone has experienced similar issues or has any insights into what might be causing this problem, your help would be greatly appreciated. Any troubleshooting tips, diagnostic steps, or solutions would be invaluable.
Thank you in advance for your assistance!