WHM Plugin

[vivek]

Main functionalities:
1.Install/Uninstall LiteSpeed Web Server.

Uninstall litespeed from WHM ? Its too dangerous if a hacker got root password. Isnt it ?

3.One click switch between Apache and LiteSpeed.

It is not working. At least for me.
When I click , "Switch to Apache", it killed litespeed but failed to load apache.
Then I had to restart apache manually .

Same thing, When I clicked "Switch to Litespeed" , it killed apache but failed to load litespeed .

Any feedback is greatly appreciated.

Actually,
I will say,
Whm plugin is just useless. All I can see "Compile PHP" is the only useful function.

Vivek

 

[layer]

Uninstall litespeed from WHM ? Its too dangerous if a hacker got root password. Isnt it ?

If someone has the root password, what's stopping them from deleting all accounts on the system? To me that is more dangerous than uninstalling LiteSpeed, considering it's simple enough to reinstall and the sites would still be served by Apache.

 

[mistwang]

Uninstall litespeed from WHM ? Its too dangerous if a hacker got root password. Isnt it ?

he can do a lot more dangerous things than uninstalling LSWS if he get the root. doesn't he?

It is not working. At least for me.
When I click , "Switch to Apache", it killed litespeed but failed to load apache.
Then I had to restart apache manually .

Same thing, When I clicked "Switch to Litespeed" , it killed apache but failed to load litespeed .

We need to investigate, what will happen if you click it again?

Whm plugin is just useless. All I can see "Compile PHP" is the only useful function.

Different user will have different opinion, to me, it will save a lot headaches for some one not very familiar with Linux shell and administration in general.

 

[vivek]

If someone has the root password, what's stopping them from deleting all accounts on the system? To me that is more dangerous than uninstalling LiteSpeed, considering it's simple enough to reinstall and the sites would still be served by Apache.

What if the hacker dont know the ssh port ?
He cant do rm -rf
and thus he cant make the server offline.( other than shutdown which is not possible thru cPanel/whm)

He can only change some cpanel settings as well as terminate some accounts.
If you are a serious server administrator ,watching your server always , then you can easily find that the domains are getting removed. You can login to ssh with your own ssh key and change your root password if the hacker already changed it.


But what if lsws is uninstalled ?
Downtime for ALL domains + headache for me to install lsws again.

 

[vivek]

he can do a lot more dangerous things than uninstalling LSWS if he get the root. doesn't he?

Well , he cant make the whole server offline if the ssh port is anonymous.
But he can make downtime if whm plugin is there.

We need to investigate, what will happen if you click it again?

I didnt do that. Actually I am not bothering about this plugin since its useless for me

Different user will have different opinion

Exactly,
Lauren asked "Any feedback is appreciated"
So I told my experience, nothing wrong.
You must be knowing me mistwang, I am not the one who is posting against lsws just for fun

No more comments .

Vivek

 

[mistwang]

Well , he cant make the whole server offline if the ssh port is anonymous.
But he can make downtime if whm plugin is there.

When LSWS was uninstalled via the plugin, the Apache httpd should be restarted automatically, the real issue is why Apache does not get started when "switch to Apache" is selected.

 

[capbiker]

Ok this might be a stupid question, I have just upgraded to the latest version of LSWS and I note that with the upgrade that the Cpanel WHM plugin is included with it.

What I am wondering, is does the plugin get installed automaticlly or would I need to login as root and through SSH install it? Because it doesn't seem to appeared within the cpanel on my server.

cap

 

[mistwang]

Looks like there is some problem with the built-in install in 3.3.15, please install it manually.

 

[ffeingol]

capbiker,

It does not show in cPanel as there is not functionality (that I know of) on a per domain level. You need to long into WHM as root. Go all the way to the bottom (in the left menu) and it should show under Plugins.

Frank

 

[capbiker]

capbiker,

It does not show in cPanel as there is not functionality (that I know of) on a per domain level. You need to long into WHM as root. Go all the way to the bottom (in the left menu) and it should show under Plugins.

Frank

I was looking in the WHM at the plugins at the bottom. And the only plugins that are being shown is the other ones that I have installed for the WHM cpanel.

I haven't gotten around to installing it manually yet, and will most probably do it in a couple of days once I have gotten 5 minutes. The reason why I was asking was because I had upgraded to lastest version and saw that it was included with the upgraded and couldn't find it as I wanted to try it out.

cap

 

[ffeingol]

OK, I've installed several servers via the web upgrade and the plugin showed in WHM w/o having to do anything manual.

 

[capbiker]

Decided to post this here, just a suggestion. Maybe for the next version of the script included a way of updating your config settings for the WHM. Because I have released that I have entered in the wrong directory for the location of the LSWS, and cannot see any way of updating it to the correct location. Without reinstalling it all from scratch.

cap

 

[Lauren]

and cannot see any way of updating it to the correct location. Without reinstalling it all from scratch.

Agreed. Need to add validation of that definition.

Thanks,
Lauren