Apache logging issues after NGINX Manager uninstall

[Netcrusher]

I noticed a few minutes ago, that on all my cPanel servers where I once had NGINX Manager installed, the folder /etc/apache2/logs/domlogs is filled with a lot of files having the filename as the visitors IP addresses. I reinstalled NGINX Manager, removed all files and they don't reappear. But after removing NGINX Manager, the files start to generate again.

I think that some Apache configurations aren't getting back to their original state after NGINX uninstall, but don't know which and what to change.
This issue isn't existent on servers that never had NGINX Manager installed. I'm on 106.0.10.

Please help and thanks!

 

[Netcrusher]

After some troubleshooting, I think I've found the issue.

The file /etc/apache2/conf.d/includes/pre_virtualhost_global.conf still contains the following, which should be removed:

<IfModule remoteip_module>
    RemoteIPHeader X-Forwarded-For
    LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
    RemoteIPHeader X-Forwarded-For
</IfModule>

 

[cPRex]

Good job tracking that down - cPanel doesn't support the Nginx Manager tool, so it likely wouldn't properly remove everything when uninstalled from a cPanel environment.

 

[Netcrusher]

It does, it's integrated in cPanel:

NGINX® Manager | cPanel & WHM Documentation

WHM's NGINX® Manager allows you to install, uninstall, and manage your NGINX with reverse proxy and caching server.

docs.cpanel.net

 

[cPRex]

Thanks for that - since you said you were uninstalling just a manager, I had assumed it was a different tool, as our Nginx Manager itself can't be uninstalled.

On a test machine, I installed Nginx through the Nginx Manager tool, which just installs the package the same as it would through the EasyApache 4 interface. However, I don't see that any of the Apache include files were modified as part of that work. Is it possible there was some other customization done on the machine as well?

 

[Netcrusher]

No, there are no special customisations. From WHM, when accessing the NGINX Manager option, you can also uninstall it.
Apache files are modified when installing / uninstalling NGINX Manager. You can clearly what's being changed on install / uninstall, because the interface has a live log that shows everything being done.

The code I discovered that isn't removed is required for the correct IP passthrough from NGINX back to Apache, so it's clearly added by the NGINX installation.

 

[Netcrusher]

And first of all, I decided to stop using NGINX Manager, because one day, after upcp cron job ran, something broke. Some NGINX configurations had errors that prevented it from running, making all the hosted websites go offline. This was a few months ago and this happened simultaneously on more servers that had the jobs running at the same time.

I think better testing should be done before pushing updates to RELEASE branches... or maybe I should switch to STABLE.

 

[cPRex]

Could you submit a ticket with our team so we can check your system? I'm not seeing that code added when I did the installation on a test machine, so I can't say for sure where that would be coming from.

 

[Netcrusher]

Sorry, but that isn't an option. I can't allow any external access to the servers I manage.
Maybe that code was added there by the version of NGINX Manager I had installed in the past, I don't know what the current version does.