The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM news - insecure apache setup

Discussion in 'EasyApache' started by chmod, Jun 4, 2004.

  1. chmod

    chmod Well-Known Member

    Joined:
    Apr 20, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    London - UK
    Hmmm, installed is 1.3.31 latest is 1.3.31.

    I upgraded the other day the insecure apache setup news message went away and now its back...

    Anyone??

    cheers

    chmod

    Edit: Errr, I`m being dumb I guess its because mod_ssl needs upgrading.. :rolleyes:
     
    #1 chmod, Jun 4, 2004
    Last edited: Jun 4, 2004
  2. Peoplespaces

    Peoplespaces Well-Known Member

    Joined:
    Oct 1, 2001
    Messages:
    217
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Same here on two servers.
     
  3. chmod

    chmod Well-Known Member

    Joined:
    Apr 20, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    London - UK
    re

    yep, after upgrading the mod_ssl the warning went away.

    chmod
     
  4. rodolfochka

    rodolfochka Active Member

    Joined:
    Feb 1, 2004
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Mexico City
    here the same!! :confused:


    and I have this:
    Apache 1.3.31

    so..??? :confused:

    what can I do???

    Rodolfochka
     
  5. chmod

    chmod Well-Known Member

    Joined:
    Apr 20, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    London - UK
    are your apache modules all up to secure versions (check on the whm news page any broken padlocks)?

    I guess the mod_ssl update came out just after I upgraded apache.
     
  6. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    yes mod_ssl was the troublemaker :)
     
  7. PbG

    PbG Well-Known Member

    Joined:
    Mar 11, 2003
    Messages:
    241
    Likes Received:
    0
    Trophy Points:
    16
    aaarrrgghhh
     
    #7 PbG, Jun 4, 2004
    Last edited: Jun 4, 2004
  8. rodolfochka

    rodolfochka Active Member

    Joined:
    Feb 1, 2004
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Mexico City
    mmm, so how do i update mod_ssl ????

    is with the easyapache script, right?

    rodolfochka
     
  9. PbG

    PbG Well-Known Member

    Joined:
    Mar 11, 2003
    Messages:
    241
    Likes Received:
    0
    Trophy Points:
    16
    yeah recompile apache you will see the new ssl versions on curl and ssl

     
  10. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    Even after running our /scripts/easyapache we are still getting the message on 3 servers. Will try again tomorrow since there is a new current upgrade on upcp.
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Kris,

    It's usually best to run /scripts/updatenow before recompiling to make sure you have the latest versions of the /scripts/ files - could be why mod_ssl wasn't upgraded. Since you're gonna wait until the next day and upcp will have root, the point is not moot ;)
     
  12. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    I always do, but there was no upgrade from the previous versions of current. All look good now though except for our main server. It is suffering from the old issue of you can only upgrade the PHP version if you select the php 4.3.7 only. That was the only way I could get it to upgrade. With all our normal options enabled for PHP this is all it would compile also:

    ./configure \
    --with-apxs=/usr/local/apache/bin/apxs \
    --with-xml \
    --enable-bcmath \
    --enable-calendar \
    --enable-ftp \
    --enable-magic-quotes \
    --with-mysql \
    --enable-discard-path \
    --with-pear \
    --enable-sockets \
    --enable-track-vars \
    --enable-versioning \
    --with-zlib

    Here is another server configured the same way after our normal run of easyapche:

    ./configure \
    --with-apxs=/usr/local/apache/bin/apxs \
    --with-xml \
    --enable-bcmath \
    --enable-calendar \
    --with-curl \
    --with-dom \
    --with-dom-xslt \
    --with-dom-exslt \
    --enable-exif \
    --with-swf=/usr/local/flash \
    --enable-ftp \
    --with-gd \
    --with-jpeg-dir=/usr/local \
    --with-png-dir=/usr \
    --with-xpm-dir=/usr/X11R6 \
    --with-gettext \
    --with-imap \
    --with-imap-ssl \
    --with-kerberos \
    --enable-mbstring \
    --enable-mbstr-enc-trans \
    --enable-mbregex \
    --with-mcrypt \
    --with-mhash \
    --with-ming=../ming-0.2a \
    --enable-magic-quotes \
    --with-mysql \
    --with-openssl \
    --enable-discard-path \
    --with-pear \
    --with-pgsql=/usr \
    --with-pspell \
    --enable-xslt \
    --with-xslt-sablot \
    --enable-sockets \
    --enable-track-vars \
    --with-ttf \
    --with-freetype-dir=/usr \
    --enable-gd-native-ttf \
    --enable-versioning \
    --enable-wddx \
    --with-xmlrpc \
    --with-zlib

    Any ideas why one server wouldn't compile everything? We aren't seeing any out of the ordinary errors on it. It is just our main server too with our site so not a big deal.
     
  13. rodolfochka

    rodolfochka Active Member

    Joined:
    Feb 1, 2004
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Mexico City
    this thing is a bug?

    I've already updated the apache , then I updated the cpanel to current version,
    All was fine....
    But 15 minutes later I clicked on the Cpanel/WHM news, and guess what!!!???:

    You are running an insecure apache setup. You should run /scripts/easyapache or if you are running cPanel 7.1.9 or later (click here) to upgrade to a newer version as soon as possible to avoid your system being compromised.

    S**t!!!!!

    and now the problem is here:

    FrontPage 5.0.2.2634a 5.0.2.2634 Insecure (the lock open)

    so, i have to update once again??


    Rodolfochka
     
  14. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    We got the error off on all servers after updatenow and easyapache. Now a few hours longer I log into the systems and there is a new Apache warning. Is there another patch?
     
  15. rodolfochka

    rodolfochka Active Member

    Joined:
    Feb 1, 2004
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Mexico City
    patches!!! patches!!! and more patches!!

    :confused:
     
  16. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    Yea, another /scripts/updatenow, /scripts/upcp and /scripts/easyapache to get the warning to go away. Hopefully the last time today.
     
Loading...

Share This Page