This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Sentora 1.0.0 patch (Centos 6.x Only)
#1
Sentora 1.0.0 patch (Centos 6.x Only)
Affected OS: installer prior to 1.0.2/ Centos 6.x Only
Don't apply to Installer >1.0.2 and Ubuntu 12/7, Centos7

We noticed that CGI module was still loaded by default in centos 6.x installs for sentora and was not disabled in a clean way.

You can easily install patch by downloading patching script:

Code:
https://raw.githubusercontent.com/sentora/sentora-installers/master/centos6_cgi_patch.sh

One line command.

Code:
wget https://raw.githubusercontent.com/sentora/sentora-installers/master/centos6_cgi_patch.sh && bash centos6_cgi_patch.sh


Notice the current installer HAVE been already patched. Only previous installs require this patch.

The patch also disable webdav & some unused modules, feel free either to enable them back or not.


The key is commenting "LoadModule cgi_module modules"

Thanks for 911labs (Patrick, Steven) for bringing up CGI could cause issues.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Coldfusion Freelance

10$ free to start your VPS

Reply
Thanks given by: tkramer
#2
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Typo: P

wget https://raw.githubusercontent.com/sentor...i_patch.sh && bash centos6_cgi_patch.sh
Reply
Thanks given by: Me.B
#3
RE: Sentora 1.0.0 patch (Centos 6.x Only)
(03-27-2015, 08:30 PM)Active8 Wrote: Typo: P

wget https://raw.githubusercontent.com/sentor...i_patch.sh && bash centos6_cgi_patch.sh

Thanks fixed ;-)
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Coldfusion Freelance

10$ free to start your VPS

Reply
Thanks given by:
#4
RE: Sentora 1.0.0 patch (Centos 6.x Only)
(03-27-2015, 05:51 PM)Me.B Wrote: Notice the current installer HAVE been already patched. Only previous installs require this patch..

I reinstalled Sentora on CentOS6 30 minuts ago and the LoadModules which the patch disabled were not commented out..
So i still had to apply the patch.


Edit:

This morning i got an email that my server was down with the reason "Port open but incorrect HTTP session", so i looked at the error log from httpd and found this:
Code:
[Sun Mar 29 07:24:09 2015] [error] Module mod_ldap missing. Mod_ldap (aka. util_ldap) must be loaded in order for mod_auth_ldap to function properly Configuration Failed 

But this module was disabled by the installer and this patch..
When i enabled this module and restarted httpd it worked again.

Did you know:

There are clever Sentora Documents?
And a working SEARCH option?
And don't forget GOOGLE!


=------=
My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons
=------=
Reply
Thanks given by:
#5
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Ok will remove it commented
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Coldfusion Freelance

10$ free to start your VPS

Reply
Thanks given by:
#6
RE: Sentora 1.0.0 patch (Centos 6.x Only)
After applying this , httpd is stoppped, people dont use this patch or your sentora install will be broken
(tested with a fresh install of sentora)

Or go to /etc/httpd/conf/httpd.conf and uncomment LoadModule ldap_module modules
Reply
Thanks given by:
#7
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Yep already should be patched waiting for the pull to be accepted TGates
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Coldfusion Freelance

10$ free to start your VPS

Reply
Thanks given by:
#8
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Done.
-TGates - Head of Support

SEARCH the Forums or read the DOCUMENTATION before posting!
Modules Maintained: 13 - Module Installs: 108k+

Find my support helpful? Donate HERE
Help me to help you by getting your domains using this link:
GoDaddy - Domains
Reply
Thanks given by:
#9
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Thanks that would fix it.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Coldfusion Freelance

10$ free to start your VPS

Reply
Thanks given by:
#10
RE: Sentora 1.0.0 patch (Centos 6.x Only)
Hello,
I have install lasted sentora version.Could I need install this path?Or this is option path?
Reply
Thanks given by:


Possibly Related Threads...
Thread Author Replies Views Last Post
Upgrading ZPanel 10.1.* to Sentora - Alpha/Beta kandrews 56 44,354 03-12-2017, 09:09 PM
Last Post: buracat
sentora 1.0.3 & critical patch for sentora 1.0.x Me.B 24 32,979 10-11-2015, 10:20 PM
Last Post: Finallf
From ZPanel upto Sentora 5050 41 54,423 09-18-2015, 08:21 PM
Last Post: kandrews

Forum Jump:


Users browsing this thread: 1 Guest(s)