WP AutoShield®: One-Click WordPress Security from cPFence: Page 6 - Enhance Control Panel

WP AutoShield®: One-Click WordPress Security from cPFence

cPFence

Thanks for the feedback! cPFence sends an update notification with every new release, including a link to the changelog page that provides quick insights and best practices for newly added features. If you’re not receiving those emails, we recommend switching to SMTP using the following command:

cpfence --enable-cpfence-smtp

This should ensure you stay up to date with all the latest updates and improvements.

bgeek

cPFence Cool! Thank you very much! Will change to SMTP soon.

Another question is, is there a way to update all the servers at once? Currently I'm running every command on each server one by one, not too bad, but it would be much better if one change on the CP could be passed to every cluster server automatically.

MediaServe

bgeek I've started using https://servercat.app/ for SSH. It's not the greatest client (can't seem to configure any sort of keepalive, and the dialog even when you submit exit are unnecessary) but it has some features in terms of docker visuals and submitting commands easily to an Enhance cluster of servers. Only available for MacOS/iOS though.

cPFence

bgeek

You’re welcome! We’re actively working on a feature to enable bulk commands across the entire cluster. It’s already being used in-house by our team, and we’re in the process of implementing it into cPFence for everyone. Stay tuned!

bgeek

MediaServe Thank you buddy! I've tried servercat once. Didn't last long as it was a bit buggy at that time.

I was actually expecting something like, if I do an cPFence upgrade on the CP, it can pass the upgrade command to every server in the cluster. Then, I realized this could be a bit risky.

xyzulu

MediaServe I've started using https://servercat.app/ for SSH

Termius is my goto. I've used it for about 10 years now I think.

elcapitanph

Hi CPfense this is diffrence from the topic can I use like this cpfence --blacklist-country CN,IN,TW or do i need really add it one by one ?

cPFence

elcapitanph

Currently, you’ll need to add them one by one.

Note: This will completely bypass IPDB protection for the specified countries.

elcapitanph

cPFence Thank you all good now I just replace Bitninjan thanks

cPFence

Version 3.3.21 (14th January 2025)

Added

Introducing cPFence MultiRun Tool for Bulk Server Management
- Designed for experienced system administrators, the MultiRun Tool enables you to execute commands across all servers in your Enhance cluster effortlessly. Say goodbye to tedious individual server management and hello to true cluster-wide efficiency.

Key Highlights:

Effortless Cluster Management: Automatically fetch server IPs and set up a synchronized Tmux session to run commands across all servers in one go.
Collaborative Real-Time Monitoring: Share sessions with your team for collaborative bulk operations and monitor commands as they execute cluster-wide.
Flexible and Versatile: Supports any Linux commands, from WordPress management to system-level tasks.

Getting Started:

Ensure passwordless SSH login is enabled across all servers for seamless functionality.
Run the command cpfence --multirun to launch the tool.
Attach to the Tmux session with tmux attach to begin executing commands cluster-wide.

⚠️ Note: This tool is extremely powerful and is intended for experienced administrators. Misuse can result in unintended consequences across all servers. Proceed with extreme caution.

Read the full guide on setting up and using the MultiRun Tool:
Simplify Cluster Management with cPFence Bulk Tools + MultiRun.

rdbf

cPFence

Does this assume root can login over SSH?

cPFence

xyzulu

I second this, great tool! The paid version also offers a bulk run feature across multiple hosts.

pratik_asabe

xyzulu We are using termius pro for years! hands down great tool!

slimx

cPFence Introducing Owl AutoMySQL®: One-Click MySQL Resource Limits from cPFence

Owl AutoMySQL automates the monitoring and management of abusive MySQL users, solving a major pain point for shared hosting servers with high user volumes. It ensures optimal server performance by preventing resource abuse, all without manual intervention.

One-Click Activation:
Activate with a single command: cpfence --owl-automysql-on
Owl AutoMySQL will begin 24/7 smart monitoring and management instantly.

Customizable Exclusions:
Exclude specific websites or priority clients by adding them to your configuration file: /opt/cpfence/config.conf.

How does this actually "prevent the resource abuse" exactly?
I have one client for example their site uses MySQL heavily They have 200,000 products (with variations), so the CPU usage is always quite high. Is OWL AUTOMYSQL going to effect this site? I don't want the site to crash out...

cPFence WordPress Bulk Management:
Gone are the days of relying on tools like MainWP or InfiniteWP to bulk manage your WordPress sites. With cPFence, you can now handle it all seamlessly with server-wide commands:
cpfence --bulk-install-wp-plugin: Search and install any WordPress plugin using a name, ZIP file path, or URL to ZIP server-wide.
cpfence --bulk-uninstall-wp-plugin: Deactivate and uninstall any WordPress plugin server-wide using the plugin slug.

This is EXCELLENT! Thank you!

cPFence New server migration with hundreds of sites? Ensure they’re clean and reset to a secure state with ease:
cpfence --bulk-force-wp-core-files: Force restore WordPress core files to default server-wide (for experienced system administrators only).

With this feature, does this just "re-install wordpress minus the config file and wp-content"?

xyzulu

I was the same till i saw MobaXterm, it's just "WOW".

MediaServe

xyzulu This was my choice for a long time too, but on MacOS it has the habit of wiping the entire host/keychain list if you're running out of disk storage.

twest

xyzulu thanks for the tip, just got Termius setup today and I love it! The sync with mobile is awesome too!

babylon

pratik_asabe me too i got it from my university for free. GREAT VALUE!

cPFence

elcapitanph Thank you all good now I just replace Bitninjan thanks

Welcome aboard! Don’t forget to activate WP-AutoShield and Owl AutoMySQL for optimal one-click protection and load stability.

cpfence --wp-autoshield-on
cpfence --owl-automysql-on

cPFence

rdbf

Yes, a passwordless SSH login setup is required. If you’re using a custom username, let the tool generate the server list from the database first, then manually edit it to replace the username:

nano ~/enhance_servers.txt

rdbf

cPFence

So if I disabled root via SSH, but use the same 'admin' username everywhere with passwordless SSH, with passwordless sudo, it will work too? That would be great.

cPFence

rdbf

Yes, it will work. Just edit the list using:

nano ~/enhance_servers.txt

Replace the username with your preferred one. If you're on the main CP, it can generate the IPs automatically for you. If not, you can manually add them, one per line.

admin@192.168.1.1
admin@192.168.1.2
admin@192.168.1.3

rdbf

cPFence

Just to add, the ssh key still needs to be generated as root (not with sudo) when running the cpfence command with root, otherwise you need to mess around with ssh-add. And also, logging in using the admin account, the session on the control panel (local) will still ask for the admin account password. Anyways, experienced linux admins would have either known this, or made it work in no time. The feature is advertised for experienced users, so fair enough.

cPFence

slimx This is EXCELLENT! Thank you!

You are welcome!

slimx How does this actually "prevent the resource abuse" exactly?
I have one client for example their site uses MySQL heavily They have 200,000 products (with variations), so the CPU usage is always quite high. Is OWL AUTOMYSQL going to effect this site? I don't want the site to crash out...

It simply monitors MySQL for long-running queries (default: 30+ seconds, but this can be adjusted in the config file) and terminates those queries along with the scripts generating them. Anyone managing WordPress hosting without CloudLinux will likely encounter this issue , WordPress is full of poorly optimized plugins and themes that often generate resource-hogging queries.

If you have a client who legitimately needs queries running longer than 30 seconds, you have two options: either add them to the exclude list or move them off the shared hosting environment. Realistically, any website requiring such long queries isn’t a good fit for shared hosting anyway. That’s why hosting companies that choose not to use CloudLinux, like HostGator, implement their own automatic in-house solutions with restrictions similar to Owl AutoMySQL on all servers.

slimx With this feature, does this just "re-install wordpress minus the config file and wp-content"?

Yes, all content is left intact, only the core WordPress files are auto-downloaded and replaced. This is an effective way to instantly clean any infections in the core files, especially if you’re dealing with a large number of websites migrated from another company. It’s always a good practice to use this tool.

However, keep in mind that some clients may have made unwise edits to core files. While modifying core files is not recommended and rarely occurs, it could happen in the shared hosting environment, as you are likely aware.

« Previous Page Next Page »