EasyApache 3.28.8 released
Hello, everyone!
The EasyApache team has published EasyApache 3.28.8:
2015-4-21
[LIST]
Implemented case 169913: Fix intl extension linking error in PHP version 5.3.29
Implemented case 185449: Update PHP to version 5.4.40, drop 5.4.39 (with fixes for CVE-2015-1352, CVE-2014-9709, CVE-2015-2301, and CVE-2015-2783)
Implemented case 185421: Update PHP to version 5.5.24, drop 5.5.23 (with fixes for CVE-2015-1351, CVE-2015-1352, and CVE-2015-2783)
Implemented case 161417: Patched bug in Apache 2.4
EASYAPACHE CHANGE LOG:
NOTE: The documentation may take a few hours to sync up between the documentation servers.
-
As a data point, when running EasyApache, I started seeing piles of "auth failed" messages in maillog, which caused customer IPs to be blocked in CSF due to LFD (login failure detection. Had a rash of customers opening tickets due to not being able to check mail or see their sites (due to IP blocks). - Scott 0 -
Hi, I do not think running EasyApache will have any affect on CSF or the firewalls. Did you find any other correlations? 0 -
Scott and I were doing EA builds on our servers at the same time, well nearly. Right after he did his I did mine. I experienced the same exact thing. We are not hallucinating. a. It occurred [for me] on boxes running Dovecot b. It did not occur [for me] on the one box I had running Courier I don't know if it automatically "fixed" itself after the build was done, because after the builds were done I restarted exim/dovecot on the servers just to be sure it was authenticating. BTW -- the only reason CSF is involved in the discussion is because when normally authenticating clients start to fail authentication, our CSF setups start temp-blocking the IPs that are failing auth. What is really being reported here is that from start-to-finish of a build, it seems like Dovecot stopped authenticating. I only updated one Courier box, but the Courier box didn't suffer from the same thing. Mike 0 -
I'm using Dovecot here as well. During the build, my log shows non-stop 'auth failed' messages, which started here (there was nothing interesting in the log prior to the start of the failures): Apr 21 19:19:57 www14 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=2.2.2.2, lip=1.1.1.1, TLS, session=<9L1qH0UUVABCbef+> Apr 21 19:19:58 www14 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=3.3.3.3, lip=1.1.1.1, TLS: Disconnected, session= (these were the first two entries, and happened to be pop3, but there are piles of imap failures also) These auth failed messages continue from 19:19:57 until 19:33:33 (yes, almost 15 minutes!) Then I saw this: Apr 21 19:33:33 www14 dovecot: master: Warning: Killed with signal 15 (by pid=958750 uid=0 code=kill) And then: Apr 21 19:33:33 www14 dovecot: imap(info@redacted.com): Server shutting down. in=107, out=1249, bytes=107/1249 Apr 21 19:33:33 www14 dovecot: imap(jim@example.net): Server shutting down. in=449, out=1065, bytes=449/1065 Apr 21 19:33:33 www14 dovecot: imap(tom@foobar.net): Server shutting down. in=410, out=1010, bytes=410/1010 (lots and lots of these) Then a couple more auth failed messages Then: Apr 21 19:33:36 www14 dovecot: master: Dovecot v2.2.16 starting up for imap, pop3 (core dumps disabled) And THEN we had successful logins (for those customers that weren't already blocked by CSF LFD) I hope this helps. - Scott 0 -
Hi, What version cPanel are you running? Would you mind putting in a support ticket on this so we can take a look? You can use the links in my signature to put that in. 0 -
I saw this on at least three servers, all running 11.48.3.0 Release. Sure, I'll pop a ticket in. - Scott 0 -
Ticket #6412667 0 -
Hello, As an update to this, our support team could not reproduce this. Scott was asked to try running EA again and was also unable to reproduce the issue. If anyone can reproduce this again, please do let us know and please open a ticket using the link in my signature. 0
Please sign in to leave a comment.
Comments
8 comments