Join the community today
Register Now

re-entering password while adding nginx vhost domain bug

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by noly, Jul 28, 2017.

  1. noly

    noly Member

    40
    9
    8
    Jul 24, 2017
    Frankfurt/Germany
    Ratings:
    +15
    Local Time:
    11:49 PM
    1.13.3
    10
    • CentOS Version: CentOS 7 64bit
    • Centmin Mod Version Installed: 123.09beta01
    • Nginx Version Installed: 1.13.3
    • PHP Version Installed: 7.0.20
    • MariaDB MySQL Version Installed: 10.1.25
    • When was last time updated Centmin Mod code base ? : code is uptodate
    • Persistent Config:
      NGXDYNAMIC_NGXPAGESPEED='y'
      NGINX_PAGESPEED='y'


    When choosing ...

    Code:
    Auto generate FTP password (recommended) [y/n]: n 
    while adding a Nginx vhost and choosing a password which is not strong enough then the system warns you.
    That's great!
    But...
    ...you get into a loop where you are asked to...

    Code:
    re-enter FTP password for test (enter password):
    ..re-entering the password doesn't solve the loop.
     
  2. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:49 AM
    Nginx 1.13.x
    MariaDB 5.5
    that usually happens when the password isn't strong enough...

    tried using Strong Password Generator to generate a stronger password ? simple passwords will get rejected and re-prompted as centmin mod's password checking routine checks to make sure password you manually set is strong :)
     
  3. noly

    noly Member

    40
    9
    8
    Jul 24, 2017
    Frankfurt/Germany
    Ratings:
    +15
    Local Time:
    11:49 PM
    1.13.3
    10
    Which i think is great! :) I like it a lot that centmin forces you to choose a strong password....
    ...but not fair to put admin in a loop for punishment that he didn't in the first place. :bag:
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,031
    6,588
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,780
    Local Time:
    7:49 AM
    Nginx 1.13.x
    MariaDB 5.5
    yeah i have to figure out how to make the loop end after say 3-5 attempts and abort or something

    but it's better than folks specifing passwords like = password, or 123 heh

    but there should be a message saying why you are in a loop i.e.
    Code (Text):
    Do you want to continue with Nginx vhost site creation ? [y/n] y
    
    Enter vhost domain name to add (without www. prefix): domain.com
    
    Create a self-signed SSL certificate Nginx vhost? [y/n]: n
    
    Create FTP username for vhost domain (enter username): ftp1
    Auto generate FTP password (recommended) [y/n]: n
    Create FTP password for ftp1 (enter password): pass
    !! password strength not strong enough !!
    !! do not use common dictionary words !!
    !! do not use short passwords !!
    !! do not use simplistic passwords !!
    
    re-enter FTP password for ftp1 (enter password): pass123
    !! password strength not strong enough !!
    !! do not use common dictionary words !!
    !! do not use short passwords !!
    !! do not use simplistic passwords !!
    
    re-enter FTP password for ftp1 (enter password): pass234
    !! password strength not strong enough !!
    !! do not use common dictionary words !!
    !! do not use short passwords !!
    !! do not use simplistic passwords !!
    
    re-enter FTP password for ftp1 (enter password): 8ey6M2265uW226uDX
    
    FTP username you entered: ftp1
    FTP password you entered: 8ey6M2265uW226uDX
    
     
    Last edited: Jul 28, 2017
  5. noly

    noly Member

    40
    9
    8
    Jul 24, 2017
    Frankfurt/Germany
    Ratings:
    +15
    Local Time:
    11:49 PM
    1.13.3
    10
    My bad...i thought one would stick forever in the loop even if she/he types in a strong password.:blackeye:
    But yes, a notice wouldn't hurt...but should be priority #9837294. :rolleyes:
     
    • Funny Funny x 1
  6. elargento

    elargento Member

    284
    16
    18
    Jan 4, 2016
    Ratings:
    +37
    Local Time:
    6:49 PM
    10
    You can resolve that by entering a different password rather than 12345 :D