Category Archives: CPanel

Steps in hardening your mail service :

Some of the things which can be done from WHM to harden your mail service :

=========================
From WHM Main >> Server Configuration >> Tweak Settings:
* POP3 connection limit option prevents lots of POP3 connections.
* POP3 flood prevention option.
* Prevent “nobody” from sending mail : This will ensure that PHP
scripts user the ownership of user “nobody” will not be able send any mails.
* In service manager you can find the option “antirelay” . Turn
this off so that each time POP3 connects authentication would be required.

=========================

Try to use Secure protocols and related ports

POP3S 995
IMAPS 993
SMTPS 465

These are just basics in hardening the mail system. More ones to follow……

404 Not found error along with the original 404 error_document ?

Issue is, do you get an additional 404 Not Found error when trying to access a non-existent file which should actually be redirected to an ErrorDocument.

For eg, when I try to access the following (noactualfile) :
Not Found

The requested URL /~joelta/noactualfile was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

How to remove the above error log for the error document ?

Fix : Use the following lines in the .htaccess of the domains in question

=============

ErrorDocument 400 default
ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 410 default
ErrorDocument 500 default

=============

 

Not able to unpark a domain from WHM ?

Issue : A domain created as parked from cPanel can be deleted from cPanel, but fails to be unparked from WHM, with the following error message shown :

“The system cannot determine the base domain site cpanel”

Reason : On checking, we can see that the parked domain does not have any entry in DNS records nor in httpd config

Solution : # /scripts/upcp –force , it would update and fix any issue at cpanel for which DNS is found missing for park domains

Receving email to upgrade WP-scripts ?

An email notifying to update WP-scripts is shown to be directed to the server contact email id.

It would look like this :
Subject: Software Security Notice – Script Installs need upgrading

In order to protect the security of your users’ website, we recommend that you upgrade the following scripts that were installed via the “Scripts Library” in your cPanel interface:

Issue: If the user removed the script by deleting the directory
it was installed into, he probably did not remove the database.

Fix :
# ls /home/*/.cpaddon
# ls /home/*/.cpaddons
# ls -al /home/xxx/.cpaddons
# ls -al /home/xxx/.cpaddons -h
# cat /home/xxx/.cpaddons/cPanel::Blogs::WordPress.0.yaml ((whichever script is mentioned))
# rm -rf /home/xxx/.cpaddons/cPanel::Blogs::WordPress.0.yaml

 

Facing SSL error ?

jo

The above warning might show up each time when any of cPanel services are used.
This is because cPanel / Webmail is configured to work by the server’s shared / self-signed SSL
This is not a security problem and you can safely disregard it.

To get around this issue though, either accept the certificates and tell your browser to ignore the warnings, or purchase an SSL certificate that is mapped to your main server hostname and then assign that certificate to all of the cPanel services.

 

cPanel cheatsheet !!

  • Set the correct ownership for files under an account # /scripts/chownpublichtmls
  • Update cPanel # /scripts/upcp
  • Fix the cPanel license issue # /usr/local/cpanel/cpkeyclt
  • Check the current Apache PHP Handler # /usr/local/cpanel/bin/rebuild_phpconf --current
  • Set the PHP Handler to DSO # /usr/local/cpanel/bin/rebuild_phpconf 5 none dso 1
  • Set the PHP Handler to suPHP # /usr/local/cpanel/bin/rebuild_phpconf 5 none suphp 1
  • Set the PHP Handler to cgi # /usr/local/cpanel/bin/rebuild_phpconf 5 none cgi 1
  • Check the cPanel version # /usr/local/cpanel/cpanel -V
  • Delete an account # /scripts/killacct 'accountname'
  • Information about main domains as well as sub domains # /etc/userdomains
  • Information about main domains and not sub domains # /etc/trueuserdomains
  • Information about reseller accounts # /var/cpanel/mainaccountname.accts
  • List the modules compiled with PHP # php -m
  • Check the path of the global configuration file # php -i |grep php.ini
  • Install the module imagemagick # /scripts/installimagemagick
  • EasyApace logs # /usr/local/cpanel/logs/easy/apache/build..
  • Inspecting the load in server # /var/log/dcpumon/toplog*
  • Inspecting specific domain connections # /usr/local/apache/domlogs/domain
  • Find connections to web-server # lynx http://localhost/whm-server-status
  • Tweak settings in WHM, backend file # cat /var/cpanel/cpanel.config
  • If changes are made from backend for the above file, run # /usr/local/cpanel/whostmgr/bin/whostmgr2 –updatetweaksettings
  • Check cPanel product version from # cat /etc/cpupdate.conf
  • Create email accounts from backend # /scripts/addpop
  • Setting catchall and forwarders for a domain in # vim /etc/valiases/domain
  • Setting email filters # vim /etc/vfilters/domain
  • Account creation defaults can be seen from # cat etc/wwwacct.conf
  • Root owned domains # cat /var/cpanel/root.accts
  • Reseller accounts information # cat /var/cpanel/username.accts

MySQL upgrade from WHM or script failed ?

When trying to upgrade MySQL server from WHM or via script,

# /scripts/mysqlup –force,

Do you face the below error message?

======

-bash-3.00# /scripts/mysqlup –force
Failed to download http://httpupdate.cpanel.net/RPM01/centos/unknown/i386/MySQL-server-5.1.63-0.i386.rpm
Failed to install mysql51.

======

Reason : In this particular scenario, if you analyze the logs, we can find that there is some issue with the rpm file to be fetched. If you observe the link from which the update is trying to fetch the required rpms we can see that the link actually doesnt point to a valid page. If you manually try to access the above link via a web-browser this results in ‘Not Found’. In the link, you can see a keyword ‘unknown’ in the space allocated for rpm distribution version.

Fix : Change the wrongly specified rpm_dist_version.

Change it from /var/cpanel/sysinfo.config. Change the “rpm_dist_ver” to point
the current centOS version, that is 4 or 5.

Then proceed with upgrading process.

This can be an issue not only during MySQL upgrade, rather when any upgrade relating
with the use of RPM’s is specified. ( eg : Pure-FTPd )

Facing issues to PHP after installing ionCube loader ?

After installing ionCube loader via EasyApache or using the script,
# /scripts/phpextensionmgr install IonCubeLoader

Do you face any issues with PHP?

Do you get the following error message when you tried to check the version of PHP using the command, # php -V :

=========
The ionCube PHP Loader is disabled because of startup problems. Segmentation fault
=========

Reason : Usually happens due to double entries in the php.ini file (/usr/lib/php.ini)

Remove one line or comment one line,
;zend_extension=”/usr/local/IonCube/ioncube_loader_lin_5.3.so”

FYI,

Can remove ionCube by running the following script :

# /scripts/phpextensionmgr uninstall IonCubeLoader

Wish to remove fantastico?

Do you want to remove fantastico and its services from your server?

Unfortunately, no easy method to remove it from front-end.

SSH to the server and issue the following commands.

# rm -rf /var/netenberg/
# rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/
# rm -rf /usr/local/cpanel/3rdparty/fantastico*
# rm -rf /usr/local/cpanel/base/frontend/*/fantastico
# rm -f /usr/local/cpanel/base/frontend/x/cells/fantastico.html
# rm -f /usr/local/cpanel/whostmgr/docroot/cgi/addon_fantastico.cgi

After removing fantastico from the server, does any of the cPanel accounts shows the fantastico icon ?

You can remove it by doing the following :
From the backend, go to /var/cpanel/registered_cpanelplugins 
and delete the line corresponding to “Fantastico_De_Luxe”

Then,
WHM->Packages->Feature Manager, remove the fantastico check box

 

Pureftpd unable to start with the following error !

Error faced : Waiting for ftpserver to restart..finished.

pure-ftpd (/usr/sbin/pure-ftpd -O clf:/var/log/xferlog –daemonize -A -c50 -B –
C8 -D -E -fftp -H -I15 -lextauth:/var/run/ftpd.sock -L2000:8 -m4 -p30000:35000
-s -S21 -U133:022 -u100 -i -pure-authd (/usr/sbin/pure-authd -s
/var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth) running as root 
with PID xxxxx (pidfile check method)

Reason : Pure-ftpd service doesn’t work with CallUploadScript set to yes in  /etc/pure-ftpd.conf file. That is because the pure-uploadscript service is not getting
started while restarting the pure-ftpd service.

Fix :

# /usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd.conf

Then restart the pure-ftpd service — # /etc/init.d/pure-ftpd restart

cPanel — Do you see /root/.cpanel/comet eating disk space ?

Ever came across a situation in which /root/.cpanel/comet consumes considerable amount of disk space?
Reason : This issue happens when high number of emails are in the mail queue manager which can occur when spamming is carried out in the server.

Manually purging the files would be an effort-consuming task.

Clear the comet directory as shown :

# /usr/local/cpanel/bin/purge_dead_comet_files

cPanel issue — “fatal: Your RPM database appears unstable” !!

This is a common issue with cPanel when trying to update

The complete error message :

“fatal: Your RPM database appears unstable. It is not possible at the moment to install a simple RPM”

Reason : RPM database gets corrupted over a while, hence preventing cP from updating.

Fix :

# mkdir /root/old_rpm_dbs/
# mv /var/lib/rpm/__db* /root/old_rpm_dbs/
# rpm --rebuilddb ( rebuilds the RPM database )
# /scripts/upcp ( cPanel update )