myVesta is now a totally separate project, and yes, that issue was immediately fixed in myVesta.
I think it's not fixed in Vesta.
However, I think that Vesta is building now totally new hosting panel - viewtopic.php?t=1008
Search found 949 matches
- Tue Dec 10, 2024 10:38 am
- Forum: General discussion
- Topic: VestaCP / MyVestaCP security
- Replies: 2
- Views: 1216
- Mon Dec 02, 2024 11:12 am
- Forum: myVesta
- Topic: VestaCP plugins are now FREE
- Replies: 7
- Views: 8188
Re: VestaCP plugins are now FREE
In your SSH, as root, run:
Code: Select all
echo "FILEMANAGER_KEY='FREEFM'" >> /usr/local/vesta/conf/vesta.conf
FileManager will appear in the top menu.
- Sun Nov 24, 2024 3:33 pm
- Forum: PHP
- Topic: Auto-restart for all PHP-FPM services
- Replies: 0
- Views: 2035
Auto-restart for all PHP-FPM services
If OOM Killer kills FPM services, let's add an auto-restart mechanism: for php in $(/usr/local/vesta/bin/v-list-php-apache); do echo "- Applying auto-restart for PHP $php" mkdir -p /etc/systemd/system/php$php-fpm.service.d cat <<EOF >/etc/systemd/system/php$php-fpm.service.d/override.conf ...
- Sat Oct 05, 2024 11:58 am
- Forum: General discussion
- Topic: HTTP headers
- Replies: 2
- Views: 1790
Re: HTTP headers
Put it in .htaccess
- Fri Oct 04, 2024 10:32 am
- Forum: Bug report
- Topic: BACKDOOR
- Replies: 3
- Views: 3609
Re: BACKDOOR
We forgot to reply here. There is no evidence that our servers were compromised (otherwise, this topic would burn with new cases). The user ran PHP cronjobs as an 'admin' user (which is a very bad idea), and we believe that the user's PHP scripts were compromised. The hacker then easily got high pri...
- Mon Sep 30, 2024 11:00 am
- Forum: General discussion
- Topic: Vesta 2.0: Coming Soon
- Replies: 2
- Views: 4591
Re: Vesta 2.0: Coming Soon
Vesta was acquired in early 2024 and is under new direction with a new maintainer and sponsor. As part of our plan to revitalize Vesta, we are rebuilding it from scratch with full support for modern applications and stack.s. As I understand, myVestaCP retains the functionality of VestaCP. Is it pos...
- Tue Sep 10, 2024 5:30 pm
- Forum: General discussion
- Topic: install multi PHP versions failed Package not found
- Replies: 3
- Views: 2852
- Tue Sep 10, 2024 4:37 pm
- Forum: General discussion
- Topic: install multi PHP versions failed Package not found
- Replies: 3
- Views: 2852
- Sun Aug 18, 2024 1:35 pm
- Forum: Bug report
- Topic: BACKDOOR
- Replies: 3
- Views: 3609
Re: BACKDOOR
I will advise you to send to info@myvestacp.com these files: /var/log/vesta/nginx-access.log* (wildcard means: .1.log, .2.log.gz, etc... if exists) /var/log/vesta/nginx-error.log* /var/log/vesta/system.log* /var/log/vesta/error.log* /var/log/auth.log* /var/log/syslog* /root/.bash_history Put these f...
- Thu Aug 15, 2024 4:56 pm
- Forum: General discussion
- Topic: Is myvestacp secure from local attack?
- Replies: 1
- Views: 2174
Re: Is myvestacp secure from local attack?
In default variant (nginx+apache+phpfpm) = not vulnerable, because open_basedir will prevent access to /var/run/php/ In the nginx+phpfpm variant (installed on less than 1% of myvestacp servers) = it is vulnerable from the local environment because PHP-FPM uses a local TCP port that another user can ...