BPS on CyberPanel on Linode

Home Forums BulletProof Security Pro BPS on CyberPanel on Linode

Viewing 15 posts - 1 through 15 (of 35 total)
  • Author
  • #40104
    Ljubomir Manojlovic

    WP site on CyberPanel on CentOS 8 on Linode.

    Like usually, I have message about to enable htaccess files manually in setup wizard options tab. When I do it, appear several other warnings, mainly pointing on Root Folder BulletProof Mode Activate button (should be manually activated first) and Folder BulletProof Mode Activate button (should be activated second). Neither this was unusual case for me.

    However, problem is that manually cannot be activated ANYTHING (on entire tab page of B-Core Security Modes).

    What now?

    AITpro Admin

    Did you run the Pre-Installation Wizard and Setup Wizard after enabling htaccess files on the Setup Wizard Options page?  If you are unable to manually submit any Forms then the most likely cause for that problem is ModSecurity > https://forum.ait-pro.com/forums/topic/mod-security-common-known-problems/. Several BPS forms have Encrypt/Decrypt buttons to evade/bypass ModSecurity.

    Ljubomir Manojlovic

    Well, I’m not sure how that could be the issue as I have on Google Cloud Platform on Ubuntu 20 same CyberPanel and there was no such issues despite that ModSecurity is enabled. As you know (I guess that you know), on CyberPanel cannot be done itself uninstallation (cli mess only), so I just disabled all tree sections of ModSecurity (so, complete) and nothing changed in BPS.

    My conclusion is that CentOS is reason, probably is security policy issue, as Ubuntu doesn’t have such feature. Maybe not even ContOS itself, but for sure is policy as we cannot know what did with policy CyberPanel packager (LST).

    Briefly, any advice?

    AITpro Admin

    I can’t really offer an advice because I am not sure what the cause of the problem is.  If you want me to login to this website and take a look at things to see if I can figure out the cause of the problem then send a WordPress Administrator login to this website to:  info at ait-pro dot com.

    AITpro Admin

    I just thought of something that could be the cause of the problem > file/folder permissions or more likely a file/folder Ownership problem.  Go to the BPS > System Info page > all of your Script Owner User ID’s (UID) and File Owner User ID’s should be identical/the same ID/number.

    Ljubomir Manojlovic

    I set you access to all infrastructure and sent you email.

    Ljubomir Manojlovic

    Your email server not accept emails.


    You missed part where I wrote that credentials are same for CyberPanel and for WordPress. So, just try.

    AITpro Admin

    Ok I am logged into the WordPress website now.  My host uses Spam Assassin.  If there are a lot of links in an email Spam Assassin will reject the email.

    AITpro Admin

    The reason you are seeing the htaccess Files Disabled Notice on first time installation of BPS Pro is that the necessary Apache Modules are not loaded or there is a server configuration problem with Apache modules.  This is what I see when I check the BPS Pro > System Info page.  I have not run the Setup Wizards on this site.  There is no point in doing that until the Apache Module issue/problem is fixed first.

    Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No):
    200:200:200:200: mod_access_compat and mod_authz_core or mod_rewrite are not Loaded
    200: mod_security Module is not Loaded|Enabled|IfModule: Yes

    Ljubomir Manojlovic

    To be honest, I’m without any idea what to do now. I asked support by Linode, but ….

    I’m actually completely confused.

    1) On ‘apachectl -M’ I have

    # apachectl -M
    AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using li291-196.members.linode.com. Set the 'ServerName' directive globally to suppress this message
    Loaded Modules:
    core_module (static)
    so_module (static)
    http_module (static)
    access_compat_module (shared)
    actions_module (shared)
    alias_module (shared)
    allowmethods_module (shared)
    auth_basic_module (shared)
    auth_digest_module (shared)
    authn_anon_module (shared)
    authn_core_module (shared)
    authn_dbd_module (shared)
    authn_dbm_module (shared)
    authn_file_module (shared)
    authn_socache_module (shared)
    authz_core_module (shared)
    authz_dbd_module (shared)
    authz_dbm_module (shared)
    authz_groupfile_module (shared)
    authz_host_module (shared)
    authz_owner_module (shared)
    authz_user_module (shared)
    autoindex_module (shared)
    brotli_module (shared)
    cache_module (shared)
    cache_disk_module (shared)
    cache_socache_module (shared)
    data_module (shared)
    dbd_module (shared)
    deflate_module (shared)
    dir_module (shared)
    dumpio_module (shared)
    echo_module (shared)
    env_module (shared)
    expires_module (shared)
    ext_filter_module (shared)
    filter_module (shared)
    headers_module (shared)
    include_module (shared)
    info_module (shared)
    log_config_module (shared)
    logio_module (shared)
    macro_module (shared)
    mime_magic_module (shared)
    mime_module (shared)
    negotiation_module (shared)
    remoteip_module (shared)
    reqtimeout_module (shared)
    request_module (shared)
    rewrite_module (shared)
    setenvif_module (shared)
    slotmem_plain_module (shared)
    slotmem_shm_module (shared)
    socache_dbm_module (shared)
    socache_memcache_module (shared)
    socache_shmcb_module (shared)
    status_module (shared)
    substitute_module (shared)
    suexec_module (shared)
    unique_id_module (shared)
    unixd_module (shared)
    userdir_module (shared)
    version_module (shared)
    vhost_alias_module (shared)
    watchdog_module (shared)
    dav_module (shared)
    dav_fs_module (shared)
    dav_lock_module (shared)
    lua_module (shared)
    mpm_event_module (shared)
    proxy_module (shared)
    lbmethod_bybusyness_module (shared)
    lbmethod_byrequests_module (shared)
    lbmethod_bytraffic_module (shared)
    lbmethod_heartbeat_module (shared)
    proxy_ajp_module (shared)
    proxy_balancer_module (shared)
    proxy_connect_module (shared)
    proxy_express_module (shared)
    proxy_fcgi_module (shared)
    proxy_fdpass_module (shared)
    proxy_ftp_module (shared)
    proxy_http_module (shared)
    proxy_hcheck_module (shared)
    proxy_scgi_module (shared)
    proxy_uwsgi_module (shared)
    proxy_wstunnel_module (shared)
    systemd_module (shared)
    cgid_module (shared)
    http2_module (shared)
    proxy_http2_module (shared)

    2) On ‘systemctl status httpd’ I have

    # systemctl status httpd
    ● httpd.service - The Apache HTTP Server
    Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
    Active: inactive (dead)
    Docs: man:httpd.service(8)

    Any idea what it mean?

    AITpro Admin

    I could take some logical guesses, but they would only be guesses since I have never heard of CyberPanel before.  I think the best place to get answers to CyberPanel questions is on the CyberPanel forum site > https://forums.cyberpanel.net/

    Ljubomir Manojlovic

    Problem is buggy marketplace package. Raw OS image and new install script solve all issues. Remaining question is only about htaccess enable/disable. As CyberPanel run on OpenLiteSpeed server and not on Apache, should I to enable htaccess or not? If I enable it, I have warnings about bulletproof modes, but it can be now manually activate.

    So, should I manually to enable htaccess or not?

    AITpro Admin

    This forum site is using LiteSpeed (not OpenLiteSpeed) and Apache…

    Server Type: Apache
    Operating System: Linux
    WP Filesystem API Method: direct
    Server API: litespeed CGI Host Server Type

    The Apache Module checking code is actually checking htaccess code as well.  Typically you would see something similar to this below on the BPS Pro > System Info page if htaccess code tests/checks show that htaccess code is working on a website.

    Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No):
    403: mod_access_compat is Loaded|Order, Allow, Deny directives are supported|IfModule: Yes
    403: mod_authz_core is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes
    403: mod_authz_host is Loaded|Order, Allow, Deny directives are supported|BC: Yes|IfModule: Yes
    200: mod_rewrite Module is Loaded|IfModule: Yes
    403: mod_security2 Module is Loaded|Enabled|IfModule: Yes

    So yes, you can try and manually enable htaccess files on the BPS Pro > Setup Wizard > Setup Wizard Options page. Let me know what happens.

    AITpro Admin

    LiteSpeed Web Server vs OpenLiteSpeed and Apache info.


    OLS and LSWS both have the ability to understand Apache rewrite rules, configuration files, and ModSecurity, making it easy to switch from Apache to LiteSpeed.

    Ljubomir Manojlovic

    Well … it is not exactly my area. However, I did as follow:

    1. Manually enabled htaccess write
    2. On new warning, manually activated BP mode and folder
    3. Applied Preinstallation wizard (all green)
    4. Applied Installation wizard (all green)
    5. Output on info is

    Server Type: LiteSpeed
    Operating System: Linux
    WP Filesystem API Method: direct
    Server API: litespeed CGI Host Server Type
    Apache Modules|Directives|Backward Compatibility(Yes|No)|IfModule(Yes|No):
    200:200:200:200: mod_access_compat and mod_authz_core or mod_rewrite are not Loaded
    200: mod_security Module is not Loaded|Enabled|IfModule: Yes
    cURL: cURL Extension is Loaded Version: 7.61.1
    cURL OpenSSL Version (Used by PayPal, etc.): OpenSSL/1.1.1g
    OpenSSL Library: OpenSSL 1.1.1g FIPS 21 Apr 2020
    Zend Engine Version: 3.4.0
    Zend Guard|Optimizer: A Zend Extension is Not Loaded
    Zend OPcache: Zend OPcache is Enabled Version: 7.4.15
    ionCube Loader: ionCube Loader Extension is Loaded Version: 100404
    Suhosin: Suhosin is Not Installed|Loaded
    APC: APC Extension is Not Loaded
    eAccelerator: eAccelerator Extension is Not Loaded
    XCache: XCache Extension is Loaded but Not Enabled
    Varnish: Varnish Extension is Not Loaded
    Memcache: Memcache Extension is Not Loaded
    Memcached: Memcached Extension is Loaded

    However, it seems that BPS working.

Viewing 15 posts - 1 through 15 (of 35 total)
  • You must be logged in to reply to this topic.