Some of the things which can be done from WHM to harden your mail service :
From WHM Main >> Server Configuration >> Tweak Settings:
* POP3 connection limit option prevents lots of POP3 connections.
* POP3 flood prevention option.
* Prevent “nobody” from sending mail : This will ensure that PHP
scripts user the ownership of user “nobody” will not be able send any mails.
* In service manager you can find the option “antirelay” . Turn
this off so that each time POP3 connects authentication would be required.
Try to use Secure protocols and related ports
These are just basics in hardening the mail system. More ones to follow……
Issue is, do you get an additional 404 Not Found error when trying to access a non-existent file which should actually be redirected to an ErrorDocument.
For eg, when I try to access the following (noactualfile) :
The requested URL /~joelta/noactualfile was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
How to remove the above error log for the error document ?
Fix : Use the following lines in the .htaccess of the domains in question
ErrorDocument 400 default
ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 410 default
ErrorDocument 500 default
Issue : A domain created as parked from cPanel can be deleted from cPanel, but fails to be unparked from WHM, with the following error message shown :
“The system cannot determine the base domain site cpanel”
Reason : On checking, we can see that the parked domain does not have any entry in DNS records nor in httpd config
Solution : # /scripts/upcp –force , it would update and fix any issue at cpanel for which DNS is found missing for park domains
An email notifying to update WP-scripts is shown to be directed to the server contact email id.
It would look like this :
Subject: Software Security Notice – Script Installs need upgrading
In order to protect the security of your users’ website, we recommend that you upgrade the following scripts that were installed via the “Scripts Library” in your cPanel interface:
Issue: If the user removed the script by deleting the directory
it was installed into, he probably did not remove the database.
# ls /home/*/.cpaddon
# ls /home/*/.cpaddons
# ls -al /home/xxx/.cpaddons
# ls -al /home/xxx/.cpaddons -h
# cat /home/xxx/.cpaddons/cPanel::Blogs::WordPress.0.yaml ((whichever script is mentioned))
# rm -rf /home/xxx/.cpaddons/cPanel::Blogs::WordPress.0.yaml
The above warning might show up each time when any of cPanel services are used.
This is because cPanel / Webmail is configured to work by the server’s shared / self-signed SSL
This is not a security problem and you can safely disregard it.
To get around this issue though, either accept the certificates and tell your browser to ignore the warnings, or purchase an SSL certificate that is mapped to your main server hostname and then assign that certificate to all of the cPanel services.
When trying to upgrade MySQL server from WHM or via script,
# /scripts/mysqlup –force,
Do you face the below error message?
-bash-3.00# /scripts/mysqlup –force
Failed to download http://httpupdate.cpanel.net/RPM01/centos/unknown/i386/MySQL-server-5.1.63-0.i386.rpm
Failed to install mysql51.
Reason : In this particular scenario, if you analyze the logs, we can find that there is some issue with the rpm file to be fetched. If you observe the link from which the update is trying to fetch the required rpms we can see that the link actually doesnt point to a valid page. If you manually try to access the above link via a web-browser this results in ‘Not Found’. In the link, you can see a keyword ‘unknown’ in the space allocated for rpm distribution version.
Fix : Change the wrongly specified rpm_dist_version.
Change it from
/var/cpanel/sysinfo.config. Change the “rpm_dist_ver” to point
the current centOS version, that is 4 or 5.
Then proceed with upgrading process.
This can be an issue not only during MySQL upgrade, rather when any upgrade relating
with the use of RPM’s is specified. ( eg : Pure-FTPd )
After installing ionCube loader via EasyApache or using the script,
/scripts/phpextensionmgr install IonCubeLoader
Do you face any issues with PHP?
Do you get the following error message when you tried to check the version of PHP using the command,
# php -V :
The ionCube PHP Loader is disabled because of startup problems. Segmentation fault
Reason : Usually happens due to double entries in the php.ini file (/usr/lib/php.ini)
Remove one line or comment one line,
Can remove ionCube by running the following script :
# /scripts/phpextensionmgr uninstall IonCubeLoader
Do you want to remove fantastico and its services from your server?
Unfortunately, no easy method to remove it from front-end.
SSH to the server and issue the following commands.
# rm -rf /var/netenberg/
# rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/
# rm -rf /usr/local/cpanel/3rdparty/fantastico*
# rm -rf /usr/local/cpanel/base/frontend/*/fantastico
# rm -f /usr/local/cpanel/base/frontend/x/cells/fantastico.html
# rm -f /usr/local/cpanel/whostmgr/docroot/cgi/addon_fantastico.cgi
After removing fantastico from the server, does any of the cPanel accounts shows the fantastico icon ?
You can remove it by doing the following :
From the backend, go to
and delete the line corresponding to “Fantastico_De_Luxe”
WHM->Packages->Feature Manager, remove the fantastico check box
Do you happen to get an internal error page when trying to access csf via WHM?
Reason : Perl scripts used by csf seems to be oudated.
Fix this issue by updating the concerned csf scripts.
# curl -s configserver.com/free/csupdate|perl
A weird situation is when you can see the databases, its tables and so on from phpmyadmin of the concerned cPanel account, but is actually found missing under the ‘Databases’ section.
Reason : This issue occurs due to the lack of mapping of databases
Error faced : Waiting for ftpserver to restart..finished.
pure-ftpd (/usr/sbin/pure-ftpd -O clf:/var/log/xferlog –daemonize -A -c50 -B –
C8 -D -E -fftp -H -I15 -lextauth:/var/run/ftpd.sock -L2000:8 -m4 -p30000:35000
-s -S21 -U133:022 -u100 -i -pure-authd (/usr/sbin/pure-authd -s
/var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth) running as root
with PID xxxxx (pidfile check method)
Reason : Pure-ftpd service doesn’t work with CallUploadScript set to yes in
/etc/pure-ftpd.conf file. That is because the pure-uploadscript service is not getting
started while restarting the pure-ftpd service.
# /usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd.conf
Then restart the pure-ftpd service —
# /etc/init.d/pure-ftpd restart
Ever came across a situation in which /root/.cpanel/comet consumes considerable amount of disk space?
Reason : This issue happens when high number of emails are in the mail queue manager which can occur when spamming is carried out in the server.
Manually purging the files would be an effort-consuming task.
Clear the comet directory as shown :
This is a common issue with cPanel when trying to update
The complete error message :
“fatal: Your RPM database appears unstable. It is not possible at the moment to install a simple RPM”
Reason : RPM database gets corrupted over a while, hence preventing cP from updating.
# mkdir /root/old_rpm_dbs/
# mv /var/lib/rpm/__db* /root/old_rpm_dbs/
# rpm --rebuilddb ( rebuilds the RPM database )
# /scripts/upcp ( cPanel update )