hk@

Danke - noch eine Kleinigkeit: hätte jetzt auch das LE-Cert für den froxlor-VHost gelöscht - aber das wird anscheinend nicht wieder generiert?

merci - kann das hier bestätigen, nach einem --force sind die LE-Certs wieder gut. Krieg ich eventuell einen Tipp, wie dsa LOG_WARN wegzubekommen wäre? Danke!

Hallo, wir haben das gleiche Phänomen auf einer Froxlor-Installation. Gibt's da zufällig einen geordneten Fix? Danke, hk

and sorry for taking the wrong forum, obviously should have posted in german here, maybe you can move this thread to the international one. thank you again.

uhm, that's exactly what is (and was) running on this box, yet we got lots of mails reporting about socat.

well, the acme.sh is reporting this on a 5-minute-basis because of the --tasks job and to get rid of this had to install it but any other "get rid of this" solutions would be welcome.

today we suddenly got this: /usr/bin/php /var/www/html/scripts/froxlor_master_cronjob.php --tasks --debug [information] TasksCron: Searching for tasks to do [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Updating certificate for xxx.server.local [Tue Dec 31 15:47:09 CET 2019] It is recommended to install socat first. [Tue Dec 31 15:47:09 CET 2019] We use socat for standalone server if you use standalone mode. [Tue Dec 31 15:47:09 CET 2019] If you don't use standalone mode, just ignore this warning. [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Dec 31 15:47:08 CET 2019] Installing from online archive. [Tue Dec 31 15:47:08 CET 2019] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz [Tue Dec 31 15:47:09 CET 2019] Extracting master.tar.gz [Tue Dec 31 15:47:09 CET 2019] Installing to /root/.acme.sh [Tue Dec 31 15:47:09 CET 2019] Installed to /root/.acme.sh/acme.sh [Tue Dec 31 15:47:09 CET 2019] Good, bash is found, so change the shebang to use bash as preferred. [Tue Dec 31 15:47:10 CET 2019] OK [Tue Dec 31 15:47:10 CET 2019] Install success! [Tue Dec 31 15:47:10 CET 2019] Upgrade success! [Tue Dec 31 15:47:10 CET 2019] Removing cron job the box is ubuntu buster/sid after a bit of digging into the issue "apt install socat" did the trick. please add it to the required packages.

Hi good news! Is there a sane way for current debian-package-users to upgrade without breaking anything (ie. upgrading using the latest tar.gz)? thx, hk

Hi actually this fix is missing the removal of the compromised logfiles, otherwise it fixes future logging of passwords, but not the access to the logfile that has been compromised. I ask you to add a proper .htaccess-block for the logs-directory _and_ remove the logfiles from there as they - if kept - are still a security-risk in the current release. thx hk