Softaculous <![CDATA[Heartbleed Vulnerability]]> Background:

If I understood Heartbleed correctly, there was a pointer assignment without a bounds check in the C source code of the heartbeat extension to OpenSSL, leading to a buffer overflow attack wherein a correctly crafted heartbeat request would make a vulnerable server dump upto 64k blocks of RAM with no checks on whether that 64k block crosses over into RAM areas of other apps.

This means HB allows an attacker to slowly read the RAM contents of the server.

This means the following are possibly compromised (assuming worst case):
1. unix usernames - so if you made any smart username to get some additional security, that's gone. Not only that if /etc/passwd is read, then all additional users by and for OS services are also exposed.
2. unix password hash - depending on how good the attacker is at reversing / matching hashes, your password is gone. If there is an area in RAM (timing is important) that your password is being compared with the hash (you are logging in) then your password is in plaintext - for computing the hash to compare with the stored one.
3. SSL certificates, private keys - this is the real blow.
The attacked does nothing, just reads your certs and keys and henceforth copies all encrypted traffic between you and the server, and puts a couple of servers to the task of decrypting your entire traffic. In maybe 10MB of traffic that you cause in one session logged in to any secure app, at 2-3 locations passwords will be moved around. This is what he is looking for.
Slowly, he builds a database of all your information.
Attacker does this for every server that is HB vulnerable and attacks communication and all users of all such servers.
Now he has a huge DB of private info to sell. He may also sell the certs and keys on the darknet.

Effectively, you as a user, and worse, as a server administrator, have no idea how much data has been slowly accumulated by some random node on the internet between you and the server. Or if you are not paying attention to your logs, maybe someone has logged in and read everything.
And you wont know a thing about it.


The most worrying part is that your certificates and keys that you use, thinking that you have patched the HB vulnerability are still known to the attacker.

So any Heartbleed vulnerable server is not cleaned up until every password of every user is changed AFTER every SSL key and SSL cert is revoked and reissued. Am i right?

I deleted and re-issued all my Apache SSL keys and certs.

However, I am unable to delete and re-issue the control panel certificate. Please instruct as to how that is done. I changed all certs and keys from IP to primary domain to all addon domains.
But the SSL cert I get on the control ports has not changed.

I guess this is the cert with webuzo's nginx and it might have a separate location from certs for the web server?

Thanks in advance.
Sun, 20 Apr 2014 11:33:42 GMT
<![CDATA[Broken installs using Softaculous]]> Sun, 20 Apr 2014 08:24:26 GMT <![CDATA[CentOS and root access (Webuzo 2.2.1)]]> (Network is unreachable, invalid IP addresses, etc)

This thread details my struggle and some links I found useful in solving similar issues:

Hope they help.]]>
Sat, 19 Apr 2014 18:56:34 GMT
<![CDATA[APC - could not find extension]]>
i downloaded the version for thread safe and it seems to be working ok now]]>
Sat, 19 Apr 2014 14:38:31 GMT
<![CDATA[APC - could not find extension]]>

and the error is:

PHP Strtup: Unable to load dynamic library 'D:\Ampps\php\ext\apc_3113_beta_php54_vc9_win7-2008_nts.dll' - The specified module could not be found.]]>
Sat, 19 Apr 2014 14:13:34 GMT
<![CDATA[APC - could not find extension]]>
I've installed AMPPS to use as my webstack for developing in symfony2

Ive downloaded the apc extention and put it in my X:\AMPPS\php\ext folder

I have added
PHP Code


to the php.ini file

when i start up apache i get could not find extention
PHP Code


I have checked that the extension folder is correct, the php.ini file i have edited is correct, otherwise it wouldn't try to load the APC extention.

any ideas as to why this isn't working.

Symfony2 says it is reccomended to have this extension, i am using php 5.4.25 as my development environment is PHPstorm v6 and that requires php5.4 for the debugging facilities.
Sat, 19 Apr 2014 14:08:35 GMT
<![CDATA[Hetzner - The viifbr0 is not started. Please run service virtnetwork start]]> Virtualizor's techs have tried and failed so far.
Hetzner is not helpful at all (as always) in matters like these.

Sat, 19 Apr 2014 13:45:02 GMT
<![CDATA[Create LVG, ovh...]]> Sat, 19 Apr 2014 13:37:13 GMT <![CDATA[Hetzner - The viifbr0 is not started. Please run service virtnetwork start]]>
Here is what my files look like. Hope it helps someone.

my /etc/sysconfig/network-scripts/ifcfg-eth0 (changed the netmask and originally added the gateway)
SCOPE="peer xxx.xx.29.225"

And my route-eth0 (made no changes to this file)
# routing for eth0

And my virtualizor ip pool NETMASK is set to as per the previous solution.

Side note.  I contacted Hetzner and got this response.
Dear Client,

we are not able to help you here further because we don't offer any software
support for root servers. Please have a look at our wiki for information about IP

Mit freundlichen Grüßen / Best Regards

Dirk Vetter

Hetzner Online AG
08223 Falkenstein / Germany

Not exactly helpful. lol. But with the help of this post I got it figured out. Thanks!

Sat, 19 Apr 2014 13:08:15 GMT
<![CDATA[CentOS and root access (Webuzo 2.2.1)]]>
I used webuzo under VMWare workstation - then I "converted" it to / imported to vSphere ESX 5.1

Now this VM does not see the configured eth0 and what ever else I add or remove (devices) will not be seen - so...

I need root access....

Or tell me that this root password is not possible to get and I'll go back to setting up everything from the zero. Or from turnkey... :(

Hints? Help?


Sat, 19 Apr 2014 11:56:06 GMT