-
Been playing with aapanel here are some things I would like to see for clearos that worked fine in aapanel
1. More current SQL server Mysql 8.x
2. Letsencrypt working behind cloudflare proxy
3. Fail to ban working on websites with throttling thru a CDN such as cloudflare
4. Settings for email relays in gui
5. On a os such as ubuntu 20.x lts with security updates
6. PHP 8.1
7. Cron management via GUI -
-
Nick Howitt wrote:
Von Royce Wallace wrote:
Nick are you back in action?
Michael reversed the contract termination.
Happy to hear, I wondred off into the world of aapanel because of my concerns about security updates. I may come back aapanel has a lot to offer but its not as well dressed as clearos.
I did learn a lot though and for me its all about learning.
cant wait to see what you guys do concering the whole centos thing -
-
Nick Howitt wrote:
I would really need to think about your question, but, for inside your LAN you can only use LE certs an FQDN's that are valid internally, so probably not proxy.intranet.mydomain.com. What you can do to get round that is in your internal DNS server, make your external FQDN's resolve to the ClearOS LAN IP and then use the external FQDN internally.
Nick are you back in action? -
-
I am jumping ship...
I sent the night loading ubuntu server os (supported) and aapanel and it does everything I want it to and then some.
Supported from what I can tell, email, web, MySQL and an extremely easy to use interface to manage everything.
In ways it is miles ahead of clearos and in others it is lacking.
Mixed bag, but when I go to sleep at night I know I will be patched or will soon to be patched. -
-
Hi Von, Yep. Still here and cranking. Many are still planning on long-term updates, developments, and advancements.
-
-
Hi Von, Yep. Still here and cranking. Many are still planning on long-term updates, developments, and advancements.
-
-
Hello is anyone there? I am a paid member... Is the captain still at the wheel? What about Pwnkit and other security patches!
If not let me know so I can start moving to another platform such as cpanel or cloudpanel or etc.
-
-
Nick Howitt wrote:
Sad, but, as well as that, there are now 2 unpatched CVE's which Redhat have rated Critical:
CVE-2021-44790 - somewhere in apache/httpd
CVE-2021-44142 - samba
PwnKit (CVE-2021-4034) is not classed as critical by Redhat, just Important and there are a number of other CVE's classified as Important with a higher score than PwnKit which are also needing patches.
It seems that Clearcenter have made an edict about the terms they now want to apply to their staff and the edict is more important than their customers.
The mitigation
For Pwnkit is
chmod 0755 /usr/bin/pkexec
Sort of a bandaid util you get the patches (if they ever come)
The other two cve do not seem to apply first one module is not loaded
Second samba does not have the entry in smb.conf -
-
Man Nick this forum support is built on your expertise. Its why I paid the money for it because I knew someone would be there to point me in the right direction if I asked. You have been instrumental in me setting up my website, sql, email etc.
Now the future is very unclear as they must move on to something else for their linux platform and there is no one to support it like you did, wow...
I am going to have to start looking around at other options. Now that it's vulnerable!
I thought you did a hell of a job, always on point and responsive.
If they wish to jump the hurdle for the next OS, they will need you or someone like you rowing the boat.
I wish you the best. -
Toggle Sidebar