Vesta Control Panel - Forum

Sent off 6 security vulnerabilities to info@vestacp.com with 3 of those leading to a easy root compromise. The other 3 are still very serious flaws, password / hash disclosures, etc. I'll send off more once they fix those. This is Patrick from Rack911 Labs, a Software Security Auditing company. goo...

Well, Im glad we are making full circle on our original working theory lol. We have documented proof that the correlation between the url http://<your ip>/webmail was the vector entry point on the systems we have been examining. It may not be roundcube specific, we have yet to determine this. It may...

Hi there, So, I am a little lost. It is clear you are trying to install OpenVPN, thats very clear. The purpose is not. Is it to manage VestaCP via the vpn? My Understanding: Client (You) -> VPN on same host as VestaCP -> VestaCP (Port 8083 Internal on the VPN) Is the accurate? I am trying to unders...

Hi Everyone, We have put together a survey to help us better understand the general configuration in relation to some of the working theories. If you have suggestions to broaden the survey, please let us know. https://goo.gl/forms/qXtzd6nZFrKNw7DN2 We greatly appreciate any input. It's private Haha...

Hi there, So, I am a little lost. It is clear you are trying to install OpenVPN, thats very clear. The purpose is not. Is it to manage VestaCP via the vpn? My Understanding: Client (You) -> VPN on same host as VestaCP -> VestaCP (Port 8083 Internal on the VPN) Is the accurate? I am trying to underst...

Hi Everyone,

We have put together a survey to help us better understand the general configuration in relation to some of the working theories. If you have suggestions to broaden the survey, please let us know.

https://goo.gl/forms/qXtzd6nZFrKNw7DN2

We greatly appreciate any input.

The best way to secure just about any web application is to use a firewall. White list the hosts that are necessary. Problem to many of us is that we have dynamic IPs from our ISPs and it can make accessing the vesta difficult since one ip is changed there iptables will have to be updated via ssh. ...

The best way to secure just about any web application is to use a firewall. White list the hosts that are necessary. Doesn't cut down the support tickets much though ;) True, But a unique solution is why im in business haha. Cybersecurity is not cut and dry. You may need to work around customer nee...

The best way to secure just about any web application is to use a firewall. White list the hosts that are necessary.

There might be an easier way to prevent attack and keep vesta running just by configuring http auth in /usr/local/vesta/nginx/conf/nginx.conf here is how it can be done https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ This in addition to a.... Firewa...