We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Search found 92 matches
- Wed Mar 20, 2024 5:23 pm
- Forum: General Discussion
- Topic: Future OS Compatibility
- Replies: 8
- Views: 4041
Re: Future OS Compatibility
There are already Vesta alternatives for Ubuntu and Debian.
If you want to focus on a single distro, i hope it is Centos and it's variants (Almalinux and Rocky Linux).
If you want to focus on a single distro, i hope it is Centos and it's variants (Almalinux and Rocky Linux).
- Sun Aug 14, 2022 3:41 pm
- Forum: General Discussion
- Topic: VestaCP Alternative
- Replies: 13
- Views: 33878
Re: VestaCP Alternative
There is also a fork of Vesta that works on RHEL based distros. In this case, it works with Centos 7, Centos Stream 8, Alma Linux 8 and Rocky Linux 8. https://github.com/madeITBelgium/vesta PS: In less than 2 years, Centos 7 will go EOL, and since VestaCP doesn't support newer versions of RHEL based...
- Sat Oct 23, 2021 6:59 pm
- Forum: General Discussion
- Topic: Question to VestaCP legitimate owners. Is original VestaCP secure?
- Replies: 8
- Views: 48244
- Wed May 09, 2018 10:18 am
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
It has been about a month since the 1st post regarding the exploited servers. At a result of the exploits, one patch was issued. We also know some of the code was reviewed by Rack911labs (Patrick) and he noticed several root compromise vulnerabilities (6). I know that many users are running with th...
- Tue Apr 17, 2018 10:45 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
I always disable exec, system, popen, proc_open and shell_exec.
- Sat Apr 14, 2018 12:47 am
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
This is Patrick from Rack911 Labs, a Software Security Auditing company.Sent off 6 security vulnerabilities to [email protected] with 3 of those leading to a easy root compromise. The other 3 are still very serious flaws, password / hash disclosures, etc.
I'll send off more once they fix those.
- Tue Apr 10, 2018 6:26 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
Found this in my nginx-error.log 2018/04/09 03:52:05 [error] 8641#0: *32 "/usr/local/vesta/web/_asterisk/index.php" is not found (2: No such file or directory), client: 46.161.55.106, server: _, request: "GET /_asterisk/ HTTP/1.1", host: "myip:8083" Wow this is exactly the same i got. Same IP and o...
- Tue Apr 10, 2018 6:18 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
Only my dev vps was infected and after cleaning it up and updating vesta, today i got a log in the nginx-error.log: 2018/04/09 03:55:52 [error] 1124#0: *8 "/usr/local/vesta/web/_asterisk/index.php" is not found (2: No such file or directory), client: 46.161.55.106, server: _, request: "GET /_asteris...
- Tue Apr 10, 2018 5:56 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659
Re: Got 10 VestaCP servers exploited
First of all, there was no reports about hacks on 0.9.8-20. Please update your servers as soon as possible. For those who are interested in technical details here is how authentication model looked like in previous releases: - PHP script /api/index.php receives user password via POST request - then...
- Tue Apr 10, 2018 12:32 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 757659