Apache logging issues after NGINX Manager uninstall

Netcrusher

Active Member
Mar 8, 2011
38
2
58
I noticed a few minutes ago, that on all my cPanel servers where I once had NGINX Manager installed, the folder /etc/apache2/logs/domlogs is filled with a lot of files having the filename as the visitors IP addresses. I reinstalled NGINX Manager, removed all files and they don't reappear. But after removing NGINX Manager, the files start to generate again.

I think that some Apache configurations aren't getting back to their original state after NGINX uninstall, but don't know which and what to change.
This issue isn't existent on servers that never had NGINX Manager installed. I'm on 106.0.10.

Please help and thanks!
 
Last edited by a moderator:

Netcrusher

Active Member
Mar 8, 2011
38
2
58
After some troubleshooting, I think I've found the issue.

The file /etc/apache2/conf.d/includes/pre_virtualhost_global.conf still contains the following, which should be removed:
Code:
<IfModule remoteip_module>
    RemoteIPHeader X-Forwarded-For
    LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    RemoteIPHeader X-Forwarded-For
</IfModule>
 
  • Like
Reactions: cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
Thanks for that - since you said you were uninstalling just a manager, I had assumed it was a different tool, as our Nginx Manager itself can't be uninstalled.

On a test machine, I installed Nginx through the Nginx Manager tool, which just installs the package the same as it would through the EasyApache 4 interface. However, I don't see that any of the Apache include files were modified as part of that work. Is it possible there was some other customization done on the machine as well?
 

Netcrusher

Active Member
Mar 8, 2011
38
2
58
No, there are no special customisations. From WHM, when accessing the NGINX Manager option, you can also uninstall it.
Apache files are modified when installing / uninstalling NGINX Manager. You can clearly what's being changed on install / uninstall, because the interface has a live log that shows everything being done.

The code I discovered that isn't removed is required for the correct IP passthrough from NGINX back to Apache, so it's clearly added by the NGINX installation.
 

Netcrusher

Active Member
Mar 8, 2011
38
2
58
And first of all, I decided to stop using NGINX Manager, because one day, after upcp cron job ran, something broke. Some NGINX configurations had errors that prevented it from running, making all the hosted websites go offline. This was a few months ago and this happened simultaneously on more servers that had the jobs running at the same time.

I think better testing should be done before pushing updates to RELEASE branches... or maybe I should switch to STABLE.
 

Netcrusher

Active Member
Mar 8, 2011
38
2
58
Sorry, but that isn't an option. I can't allow any external access to the servers I manage.
Maybe that code was added there by the version of NGINX Manager I had installed in the past, I don't know what the current version does.