Web Hosting , Ethical hacking and lots more ...

Unknown

DNS cache is most common problem in now a days and largely its create difficulty to web developer and technician who are working to solve the web issue.You can clear the DNS cache from your local machine by using following commands as per your local machine operating system.

1) For Windows

- Start -> Run -> type cmd
-In command prompt, type

ipconfig /flushdns

2) For Linux

- To restart the nscd daemon, type

/etc/rc.d/init.d/nscd restart in your terminal
3) For Mac OS X

- type lookupd -flushcache in your terminal to flush the DNS resolver cache.
ex: bash-2.05a$ lookupd -flushcache

4) For WIN 7

Here is how to fix that corrupted DNS cache in WIN 7.

1. Click the Microsoft Start logo in the bottom left corner of the screen
2. Click All Programs
3. Click Accessories
4. RIGHT-click on Command Prompt
5. Select Run As Administrator
6. In the command window type the following and then hit enter:

ipconfig /flushdns

Unknown

Recently we have seen on-going global attack on WordPress installations across every web host in existence. This attack is well organized and specially targets the file wp-login.php. Some of the ramifications of this attacks are

1) Sites are loading extremely slow.
2) Unable to login to WordPress Admin Panel.
3) Website could even intermittently go down for undisclosed periods of time.

So what needs to bed one. Here are some tips we will let you know to protect your WordPress blog.

1) Make sure that you keep updated your WordPress blog with all the plugins ,themes to the most current WordPress version. WordPress team is constantly upgrading and patching the software for
inherent security.

2) We may recommend you to change your WordPress admin panel password as soon as possible. Make sure your password is atleast eight ten characters long and contain a random mixture of character as well as special symbols.

3) We may recommend you to allow access to wp-login.php file from only limited IP’s.

order deny,allow
Deny from all
allow from 1.2.3.4

Note: – Please replace 1.2.3.4 with your actual IP address. We do not guarantee a solution or fix for this issue, But with the above methods we managed to stopped the attacks atleatst temporarly. Try it at your own risk.

Unknown

HAProxy stands for High Availability Proxy, for the High Performance TCP/HTTP load balancing.

Installation Steps :

# yum -y install wget gcc gcc-c++ autoconf automake make

# wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.20.tar.gz /download

# tar -zxf haproxy-1.4.20.tar.gz

# cd haproxy-1.4.20

# make TARGET=centos

# cp haproxy /usr/sbin/haproxy

Now take configuration files :

# wget http://layer1.rack911.com/haproxy/haproxy-standard.cfg -O /etc/haproxy.cfg

# wget http://layer1.rack911.com/haproxy/haproxy.init -O /etc/init.d/haproxy

================================================
Sample /etc/haproxy.conf file:

global
maxconn 4096
pidfile /var/run/haproxy.pid
daemon

defaults
mode http
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000

listen server0 192.168.1.1:80
mode http
balance roundrobin
server server1 192.168.1.2:80 check ( Replace with your public IPs)
server server2 192.168.1.3:80 check
================================================
Start the load balancer now

Note : Just make sure you have set a proper data syncronization between your two web-servers

Unknown

Maldet also known as Linux Malware Detect virus scanner for Linux.

Go to the below path:

    cd /usr/local/src/

Download the tar file using the below link:

    wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract the file using the below command:

    tar -xzf maldetect-current.tar.gz

go to the maldet folder:

    cd maldetect-*

Now, run the below command to install maldet:

    sh ./install.sh or sudo sh ./install.sh

It will give below output:

    Linux Malware Detect v1.3.4
    (C) 1999-2010, R-fx Networks
    (C) 2010, Ryan MacDonald
    inotifywait (C) 2007, Rohan McGovern
    This program may be freely redistributed under the terms of the GNU GPL

    installation completed to /usr/local/maldetect
    config file: /usr/local/maldetect/conf.maldet
    exec file: /usr/local/maldetect/maldet
    exec link: /usr/local/sbin/maldet
    cron.daily: /etc/cron.daily/maldet

    maldet(32517): {sigup} performing signature update check…
    maldet(32517): {sigup} local signature set is version 2010051510029
    maldet(32517): {sigup} latest signature set already installed



To update the maldet use the below commands:

    maldet –update-ver

    maldet –update[/i]

To scan the files:

    maldet -a /home/username/

It will scan all the files and provide you the output:

To scan all user uder public_html paths under /home*/ this can be done with:

    root@server[~]# maldet –scan-all /home?/?/public_html

To scan the same path but the content that has been created/modified in the last 5 days:

    root@server[~]# maldet –scan-recent /home?/?/public_html 5

To scan but forget to turn on the quarantine option, you could quarantine all malware results from a previous scan with:

    root@server[~]# maldet –quarantine SCANID

If you wanted to attempt a clean on all malware results from a previous scan that did not have the feature enabled, you would do with:

    root@server[~]# maldet –clean SCANID

If you had a file that was quarantined from a false positive or that you simply want to restore (i.e: you manually cleaned it), you can use the following:

    root@server[~]# maldet –restore config.php.2384
    root@server[~]# maldet –restore /usr/local/maldetect/quarantine/config.php.2384

Unknown

Hello,

If domain is giving the error of "Bandwidth Limit Exceeded" you can unsuspend it from WHM or terminal as well.

From WHM :

To bring the website back online or un-suspend the bandwidth exceed-er, use the option
WHM >> Account Functions >> Unsuspend Bandwidth Exceeders >> click “Proceed”.

This will reset the bandwidth usage to zero for the account. To increase the bandwidth limit for the account, use the option

WHM >> Account Information >> “View Bandwidth Usage”

From Shell :

vi /var/cpanel/users/USERNAME
change BWLIMIT (Increase the value)
/scripts/updateuserdomains
cd /var/cpanel/bwlimited/

remove the files related to that user or domain
OR
rename the fies with suffix _bk
e.g.;
user_bk
domainname.com_bk
www.domainname.com_bk

This will bring the website back online..

Unknown

You can follow below steps to reset bandwidth of a Domain in cpanel server through Shell :

************************************************

ssh to your server
cd /var/cpanel/bandwidth.cache/
vi domainname.com and/or vi username
replace contents with 0
save and quit

************************************************

Unknown

SNMP itself does not define which information (which variables) a managed system should offer. Rather, SNMP uses an extensible design, where the available information is defined by management information bases (MIBs). MIBs describe the structure of the management data of a device subsystem; they use a hierarchical namespace containing object identifiers (OID).

SNMP is based on the manager/agent model consisting of an SNMP manager, an SNMP agent, a database of management information, managed SNMP devices and the network protocol.SNMP was derived from its predecessor SGMP (Simple Gateway Management Protocol) and was intended to be replaced by a solution based on the CMIS/CMIP (Common Management Information Service/Protocol) architecture. This long-term solution, however, never received the widespread acceptance of SNMP.

SNMP traps obviously contain information specific to the SNMP protocol such as Enterprise ID, Generic Trap and Specific Trap. Since SNMP is a UDP-based protocol and messages can therefore be lost, SNMP traps should be avoided where events can be received through other mechanisms such as log file encapsulation.

Summary:

Not very secure
SNMP version 2 is addressing this
Extended security is possible with current protocol (example: DES and MD5)
Does not reduce its power for monitoring

Unknown

SNMP itself does not define which information (which variables) a managed system should offer. Rather, SNMP uses an extensible design, where the available information is defined by management information bases (MIBs). MIBs describe the structure of the management data of a device subsystem; they use a hierarchical namespace containing object identifiers (OID).

SNMP is based on the manager/agent model consisting of an SNMP manager, an SNMP agent, a database of management information, managed SNMP devices and the network protocol.SNMP was derived from its predecessor SGMP (Simple Gateway Management Protocol) and was intended to be replaced by a solution based on the CMIS/CMIP (Common Management Information Service/Protocol) architecture. This long-term solution, however, never received the widespread acceptance of SNMP.

SNMP traps obviously contain information specific to the SNMP protocol such as Enterprise ID, Generic Trap and Specific Trap. Since SNMP is a UDP-based protocol and messages can therefore be lost, SNMP traps should be avoided where events can be received through other mechanisms such as log file encapsulation.

Summary:

Not very secure
SNMP version 2 is addressing this
Extended security is possible with current protocol (example: DES and MD5)
Does not reduce its power for monitoring

Unknown

To display the default Apache page how do I set the primary IP address for my cPanel environment .

Log into your cPanel web server via Secure Shell (SSH).

Located the httpd.conf file using the following command:

located httpd.conf
Open the httpd config file found in step 2 using the following command:

pico /usr/local/apache/conf/httpd.conf
Find the first VirtualHost container in the file. It will look similar to the following: (xx.xx.xx.xx will be the primary IP address of your server)

BytesLog domlogs/cptemp.safesecureweb.com-bytes_log ServerName cptemp.safesecureweb.com DocumentRoot /usr/local/apache/htdocs
Above this section, add the following:

ServerAlias xx.xx.xx.xx ServerAdmin admin@domain.com DocumentRoot /usr/local/cpanel/htdocs ServerName xx.xx.xx.xx
Save and exit the file.

Test the config file to ensure the text you entered is properly formatted using the following command:

/etc/init.d/httpd configtest
Assuming the test returns the message Syntax OK, restart Apache using the following command:

/etc/init.d/httpd restart
The restart of Apache will make your websites unavailable for a few seconds.

Unknown

Open a web browser and connect to your cPanel Control Panel located at https://ip address:2087.
Login as the Administrator using the information sent to you in your setup email.
Under the Welcome message click Next.
Read the cPanel license agreement and click I Agree.
Enter the requested information:

Main Shared Virtual Host IP: enter the IP of your VPS Hostname: enter your domain name. If you do not currently have a domain name, you can ignore this field Primary Nameserver: enter the primary name server for your domain name; if you are using HostMySite's nameserver, enter ns1.lnhi.net Secondary Nameserver: enter the secondary name server for your domain name; if you are using HostMySite's nameserver, enter ns2.lnhi.net Tertiary Nameserver: enter the tertiary name server for your domain name; if you are using HostMySite's nameserver, enter ns3.lnhi.net
Click Save.
Click Next Step to begin the Initial Quota Scan.
Click Next Step to continue past the Setup Nameserver screen.
Click Next Step to continue past the Setup Resolver Config screen.
For Step 6, enter a root MySQL password and click Change Password.
Click Finish.

Unknown

[Root @ example ~] # yum -y install BIND BIND-utils
It is set assuming that the global address [192.16.0.80/29], private address [10.0.0.0/24], the following settings in the domain name, and [server.world]: Setting BIND. Please replace to suit your environment. (192.16.0.80/29 is actually the address for private)

[Root @ example ~] # echo 'OPTIONS = "-4"' >> / etc / sysconfig / named # If you do not want to use the IPv6 (you will not be set if used) set [Root @ example ~] # vi / etc / named.conf / / / / Named.conf / / / / Provided by Red Hat bind package to configure the ISC BIND named (8) DNS / / Server as a caching only nameserver (as a localhost DNS resolver only). / / / / See / usr / share / doc / bind * / sample / for example named configuration files. / /

options { # (Listens to port 53 on all interfaces of the server) Comment # listen-on port 53 {127.0.0.1;}; # (If you do not want to use the IPv6) change listen-on-v6 {None;}; directory "/ Var / named"; dump-file "/ Var / named / data / cache_dump.db"; statistics-file "/ Var / named / data / named_stats.txt"; memstatistics-file "/ Var / named / data / named_mem_stats.txt"; # (Where the internal network, etc.) to allow range queries allow-query {Localhost; 10.0.0.0/24; }; # (Range / the place if there is a secondary DNS) range to allow the transfer of information zone allow-transfer {localhost; 10.0.0.0/24;}; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; / * Path to ISC DLV key * / bindkeys-file "/ etc / named.iscdlv.key"; }; logging { channel default_debug { file "data / named.run"; severity dynamic; }; };

# Change the following line from all view "internal" { match-clients { localhost; 10.0.0.0/24; }; zone "." IN { type hint; file "named.ca"; }; zone "server.world" IN { type master; file "server.world.lan"; allow-update {none;}; }; zone "0.0.10.in-addr.arpa" IN { type master; file "0.0.10.db"; allow-update {none;}; }; include "/ etc/named.rfc1912.zones"; }; view "external" { match-clients {any;}; allow-query {any;}; recursion no; zone "server.world" IN { type master; file "server.world.wan"; allow-update {none;}; }; zone "80.0.16.172.in-addr.arpa" IN { type master; file "80.0.16.172.db"; allow-update {none;}; }; };

# Allow-query ⇒ (specify the internal network, etc.) to allow range queries # Allow-transfer ⇒ (range / the place if there is a secondary DNS) range to allow the transfer of information zone # Recursion ⇒ Whether you are allowed to retrieve comeback # View "internal" {~}; ⇒ describes the definition for internal # View "external" {~}; ⇒ describes the definition for the external
# *. *. *. *. Place of in-addr.arpa is about to enter what was to reverse the network address # If the 10.0.0.0/24 # Network Address ⇒ 10.0.0.0 # Range of network ⇒ 10.0.0.0 - 10.0.0.255 # How to specify ⇒ 0.0.10.in-addr.arpa

# If 192.16.0.80/29 # Network Address ⇒ 192.16.0.80 # Range of network ⇒ 192.16.0.80 - 192.16.0.87 # How to specify ⇒ 80.0.16.172.in-addr.arpa

Unknown

Create the new file roundcube.sh and insert the following code.
#!/bin/sh
for ROUNDCUBE in `ps aux | grep roundcube | awk -F ” ” ‘{print $10}’ | awk -F “:” ‘{print $1}’`;
do
if [ $ROUNDCUBE -ge 20 ]; then
pkill -u cpanelroundcube
echo “kill roundcube process roundcube”;
fi
done
You can add the cron job to run the above script after a specific time period, if you are facing the roundcube cpu usage issue continuously.Add following line under the crontab by using the crontab -e, it will run the cron after every 10 minutes.
*/10 * * * * sh /root/roundcube.sh;

Unknown

The following script you can use to check the Server uptime?
root@admin[/usr/local/apache/cgi-bin]# nano loads
#!/bin/bash
echo Content-type: text/plain
echo
echo $(hostname)
echo “=>”
echo $(uptime)

Unknown

If you have a cPanel based server, adding an SPF record or domain keys entries for domains are so much easier than manually entering them.
cPanel provides the following scripts/commands to help us through this task:

# /usr/local/cpanel/bin/domain_keys_installer

# /usr/local/cpanel/bin/spf_installer

Note:: This would add the records for all domains under this cPanel account. Meaning for all Addon domains too.

Unknown

If the database inside the cPanel shows 0 mb, it is because the database cache file of the user is not updated.

To fix this, login to server via SSH and edit the below file:

vi /var/cpanel/cpanel.config

check disk_usage_include_sqldbs=0 and change it to disk_usage_include_sqldbs=1, if the line noe found, simply add it to the bottom.

You can do the same via WHM >> Main >> Server Configuration >> Tweak Settings >> SQL >>
Include databases in disk usage calculations >> Set that to On.

Then run the below command:
/scripts/update_db_cache

Unknown

Exim is a mail transfer agent (MTA) used on Linux/Unix-like operating systems. It is freely available under the GNU GPL and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

Normally default port for exim is 25. but most of the ISP block port 25. so it is necessary that an altername port for exim is open on server. Following are the steps to configure alternate port on cpanel/WHM installed on the server.

1) Login to WHM as root.

2) In WHM click on Main >> Service Configuration >> Service Manager

3) Now tick the check box under Exim on another port and also enter the alternate port no: in the corresponding text box.

Unknown

Many times it happens that horde wont allow user to login to webmail.
Try following command to fix the issue

root@server[~]#/usr/local/cpanel/bin/checkperlmodules root@server[~]#/scripts/fullhordereset root@server[~]#myisamchk -r /var/lib/mysql/horde/horde_sessionhandler.MYI

If still you have problem then check the ownership for session directory present in /var/cpanel/userhomes/cpanelhorde directory.

root@server[~]#ll /var/cpanel/userhomes/cpanelhorde
drwx–x–x 4 cpanelhorde cpanelhorde 4096 June 5 2012 ./ drwx–x–x 7 root root 4096 Dec 17 01:48 ../ drwxr-x— 2 cpanelhorde cpanelhorde 4096 June 5 2012 mail/ drwx—— 2 cpanelhorde cpanelhorde 4096 Jan 27 14:01 sessions/

Session directory should be cpanelhorde.cpanelhorde ownership recursively

Unknown

Login to shell using root user and follow the following steps to enable HTML view of horde webmail.
root@server[~]# vi /usr/local/cpanel/base/horde/imp/config/mime_drivers.php
Search for the line
—-
/**
* HTML driver settings
*/
$mime_drivers['imp']['html']['inline'] = false;
—–
and replace it with
——–
/**
* HTML driver settings
*/
$mime_drivers['imp']['html']['inline'] = true;
——–
Save the changes and restart the following services.
root@server[~]#service cpanel restart
root@server[~]#/scripts/restartsrv_courier

Unknown

If you are getting error like Can’t create new tempfile: ‘tablesname.TMD file error while repairing corrupted database tables please try use following command to fix it.
Solution :
You need to just run below command on the shell.
# myisamchk -r -f tables.MYI
Thats all.

Unknown

Sometimes it happens that your database get corrupted due to many reason like it does not get restored properly or server get rebooted while updating database etc…. and you have tried to repair it using phpmyadmin and it does shows that it has repaired but it is not.
Solution :
Login to server with root access
Stop mysql using following command
/etc/init.d/mysql stop
Run following command to check all teh tables in teh database
/usr/bin/myisamchk /var/lib/mysql/databasename/*.MYI
Run following command to repair all teh tables in the database
/usr/bin/myisamchk -r /var/lib/mysql/databasename/*.MYI
Then recheck again using following command
/usr/bin/myisamchk /var/lib/mysql/databasename/*.MYI
Restrart MySql service using following command
/etc/init.d/mysql restart

Unknown

Magento – “Failed to mkdir” Error

Many times when you try to install a new theme or application from
"Magento Connect Manager” , you may encounter the error :

ERROR: failed to mkdir

To fix this issue follow the below steps :

root@server[#] cd /home/username/public_html/downloader
root@server[#] vi config.ini

It will show something like this :

preferred_state=stable
use_custom_permissions_mode=1
mkdir_mode=0777
chmod_file_mode=0777
chmod_file_mode_executable=0777
tmp_dir=../var/tmp

Now make the below changes :

preferred_state=stable
use_custom_permissions_mode=0
mkdir_mode=0777
chmod_file_mode=0777
chmod_file_mode_executable=0777
tmp_dir=../var/tmp

That’s all you are done.

Unknown

Sometimes, you may face an issue related to syslogd showing down in service WHM >> Main >> Server Status >> Service Status
The issue can be resolved by
Checking related RPM on server
# rpm -q sysklogd
If its not installed, you can install it by
# yum install sysklogd
after installation, you will have to restart the service by
# /etc/init.d/syslog restart
Check the service in Service Manager in WHM, reenable it and check the status in Service Status.
Its done!

Unknown

For zend encoded files, you may face following error

Fatal error: Unable to read 32654 bytes in 
/home/xxx/public_html/includes/functions.php on line 0

Its most probable the related files for the script are uploaded in ASCII mode, 
all encoded files must be uploaded in binary mode.

01. You need to reupload all files in binary mode, 
or set the transfer mode to auto in FTP client.
02. Check if short_open_tags in set as On in PHP configuration ie php.ini
03. Check if you have updated versions for Zend optimizer or ionCube loaders.

In most cases, files reupload in binary mode resoves the issue.

Unknown

To remove MailScanner and the MailScanner Front-End, run these commands in shell as root:

cd /usr/mscpanel
sh uninstall.msfe.sh

cd /root
wget http://www.configserver.com/free/msinstall.tar.gz
tar -xzf msinstall.tar.gz
cd msinstall/
sh uninstall.sh

Remove the sare rules and MailScanner-specific SpamAssassin configuration files (in shell as root):

cd /etc/mail/spamassassin/
rm -fv *sare* configserver.cf mailscanner.cf

To remove the MailScanner Configuration icon from cPanel, go to WHM > Packages > Feature Manager. Edit the "disabled" Feature List and uncheck the box for MailScanner Configuration.

Remove the root cron jobs that run mscpanel.pl, sa_rules.sh (or rules_du_jour), and the cronjob that restarts clamd (in shell as root):

crontab -e

Remove the following lines (if they exist - they may or may not be there) from /scripts/postupcp:

#!/bin/sh
perl /usr/mscpanel/mscheck.pl

Reset Exim Configuration (if desired), in WHM > Exim Configuration Editor > Reset All Configs to Defaults. This is not required. To remove our install of clamav, run these commands in shell as root:

killall clamd

/bin/rm -Rfv /usr/bin/clam*
/bin/rm -Rfv /usr/sbin/clam*
/bin/rm -Rfv /usr/lib/libclam*
/bin/rm -Rfv /usr/share/clam*
/bin/rm -Rfv /usr/include/clam*
/bin/rm -Rfv /usr/bin/freshclam*
/bin/rm -Rfv /usr/etc/clamav*
/bin/rm -Rfv /var/clamd

/bin/rm -Rfv /usr/local/bin/clam*
/bin/rm -Rfv /usr/local/sbin/clam*
/bin/rm -Rfv /usr/local/lib/libclam*
/bin/rm -Rfv /usr/local/share/clam*
/bin/rm -Rfv /usr/local/include/clam*
/bin/rm -Rfv /usr/local/bin/freshclam*
/bin/rm -Rfv /usr/local/etc/clamav*
/bin/rm -fv /etc/init.d/clamd
/bin/rm -fv /etc/cron.daily/freshclam
/bin/rm -fv /etc/cron.hourly/freshclam
/bin/rm -fv /etc/cron.d/freshclam

In WHM > Service Configuration > Service Manager > Additional Services uncheck both boxes for clamav.

You can then install clamavconnector via WHM > Manage Plugins if desired. if you want to re-enable SpamAssassin through cPanel:

WHM > Tweak Settings > SpamAssassin > tick
WHM > Service Manager > spamd > tick both boxes
WHM > Feature Manager > Edit a Feature List > disabled > Edit > SpamAssassin and SpamAssassin Spam Box > tick
WHM > Feature Manager > Edit Feature List - edit any feature lists that you want to allow access to the SpamAssassin configuration in cPanel

Unknown

Following error can come in plesk control panel while setting up/updating physical hosting for a domain in the plesk control panel...
------------------
External component has thrown an exception.
In IIS7NativeProvider module
Exception type: System.Runtime.InteropServices.SEHException
at _CxxThrowException(Void* , _s__ThrowInfo* )
at ServerManagerFactory.getHttpRedirectSection(String location)
at IIS7ServerManager.getSitesInfo(IIS7ServerManager* , list:allocator >* sitesInfo)
-----------------

Here is the quick workaround :

Open IIS, expand sites.
In my case, I found an entry "SITE_*****" under sites which was stopped. I was not able to delete it directly from IIS. I used the following command to remove the entry from IIS.
-------------------
C:\> cd %systemroot%\System32\inetsrv
C:\Windows\System32\inetsrv>APPCMD delete site SITE_*****
SITE object "SITE_*****" deleted
-------------------
You need to restart the IIS.

If you still find the entry "SITE_*****" under sties in IIS, then you need to manually delete the respective entries from the applicationhost.config file.

Note : It is highly recommended to take the backup of applicationhost.config file before making any changes. You can also copy the entire "inetserv" folder as a backup.

Unknown

Inbound spam is the scourge of the modern internet and, the inconvenience to users aside, can cause serious performance and resource issues on the server. These can affect both the server overall and the timely deliver of clean email in particular.

The best way to tackle inbound spam is at the entry point into the server - the MTA, i.e. exim the SMTP server of choice for cPanel. By blocking spam before it has even entered the server you save both on server resources used when delivering the email in addition to 3rd party tools to help detect spam further along the email relay process.

To do this you need to do work at the RCPT stage of the SMTP protocol. This occurs during the transaction between the sender and recipient SMTP servers and comes before the actual body of an email arrives on a server. The primary form of spam attack is the Dictionary Attack:

A common technique for spammers to use is what is known as a dictionary attack on a domain. A dictionary attack, in our context, is a single SMTP connection that attempts to send email from a spam source to a random set of names on our domain, e.g. bob@ourdomain.com fred@ourdomain.com harry@ourdomain.com, in the hope that one of the many hundreds that we try will get a hit and deliver our spam.

This technique is used by spammers mainly because most people don't advertise their email addresses (due to spam!) and they want to access this untapped market.

To prevent this type of spam getting through, it is essential that you do not use the Default Address (catchall) feature within cPanel to receive emails wherever possible. You should always setup specific Forwarders (aliases) for any email addresses you use and set the Default Address to :fail: for each domain.

By using :fail: exim will automatically reject email at the SMTP RCPT stage and make dictionary attacks redundant. Additionally, you can use exim ACLs to block such spammers who repeatedly perform dictionary attacks to further relieve the server of the load from dealing with them

Another preventative measure is to enable the WHM options:

WHM > Exim Configuration Editor > Verify the existance of email senders.
WHM > Exim Configuration Editor > Use callouts to verify the existance of email senders.

These two options have exim check that any server that attempts to relay email to your server can actually receive email in reply. This is part of the RFC requirements of an SMTP server and the inability of a server to do so indicates a likely spammer.

There are numerous other checks that you can also perform at the SMTP RCPT stage in exim ACLs. Examples are using RBL checks to reject email from IP addresses that originate from IP addresses that are know to harbour spammers, e.g.:

deny message = Message rejected - $sender_fullhost is in an RBL, see $dnslist_text
!hosts = +relay_hosts
!authenticated = *
dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org

You can also check the format of email headers to ensure that they're RFC compliant, which many spam servers are not. A typical example is checking the SMTP HELO/EHLO protocol command to ensure it's correctly structured, e.g.:

deny message = HELO/EHLO set to my IP address
condition = ${if match {$sender_helo_name}{11.22.33.44} {yes}{no}}

(where 11.22.33.44 is your servers main IP address)

deny message = EHLO/HELO does not contain a dotted address
condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}

Finally, once the email has passed through these hoops, you can implement a 3rd party application to scan emails and tag them as likely spam. cPanel has an inbuilt solution that uses SpamAssassin to score email likely to be spam. You can then have such emails filtered to a special account or the client can filter such emails based on the email header record modifications made by SpamAssassin.

An alternative is to use a more thorough tool such as MailScanner which can be very effective at scoring spam emails.

Unknown

In MailWatch I am getting MySQL Errors such as "Could not connect to database: Access denied for user 'mailwatch'@'localhost' (using password: YES)". How can I fix it?

perl /usr/local/cpanel/whostmgr/docroot/cgi/mailwatch/install/mwadd.pl

Above command should fix your issue.

Unknown

If WordPress Permalink shows blankpage, do below

[root@server1 ~]# vi /wp-admin/includes/misc.php and change the line as indicated below

Search for function got_mod_rewrite

and replace below like in it .

From

$got_rewrite = apache_mod_loaded(‘mod_rewrite’, true); //old line with false negative;

To

$got_rewrite = true;//force the response to true as we know mod_rewite is installed

Unknown

=====================================================

If you are receiving the error for mod_security, access denied with error code 403 when you check
the error logs for any account. You can disable the mod_security for that account by adding a
=====================================================
simple code in his .htaccess
==================
SecFilterEngine Off
SecFilterScanPOST Off
==========================

And to enable just remove these two line from .htaccess.

============================================

OR

============================================

=====================================================
Disable Mod_Security for any User Domain :
=====================================================
Go to :

pico /usr/local/apache/conf/modsec2.conf

and add following lines within file :
=====================================================

SecRule SERVER_NAME "yourdomain.com" phase:1,nolog,allow,ctl:ruleEngine=off

=====================================================
NOte:Replace yourdomain.com with the actual Domain name
=====================================================

Unknown

Enable killwhom command at Linux server

If killwhom command is not added in your server.then do below steps :

pico /bin/killwhom

add following code.

---

ps -auxf|grep $1|awk '{print "kill -9 " $2}'

---

Save the File

chmod 700 /bin/killwhom

and run the command :)

Unknown

How to enable register_globals for a single website without putting an entire server security at risk?

* Go to your control panel and then click on File manager.
* In your file manager, enter the public_html folder.
* In the public_html folder you will see a file called .htaccess.
* Select the .htaccess file and click on edit in the upper right hand corner.
* Copy and paste the text line shown below at the bottom of .htaccess file and then save it:

php_value register_globals 1

This will turn your register_globals on and your script will work properly. Why is register_globals

disabled in the first place? Leaving register_globals turned on poses a security risk for an entire web

server. It should therefore only be enable on a case by case situation and only per website.

Unknown

cPanel backend configuration files and log files paths

=======================================
/var/cpanel
=======================================
accounting.log - Contains a list of accounting functions performed such as account removal and creation

cpanel.config – Tweak settings for whm can be done in this file

mainip – Main ip of the server is specified in this file

maxemail - Maximum emails per hour for a domain can be specified here The format is like the following domainname=number

Run the script /scripts/build_maxemails_config after editing this file This will create a file named after the corresponding domain name inside the directory maxemailsperdomain with the value specified in it.

Maxemailsperhour - Server wide maximum emails per hour can be set in this file. It applies to the whole domains in the server. You only need to insert the corresponding value in the file. A value of zero means unlimited.

Resellers-nameservers – This file gives you the name of the nameservers used by reseller users

resellers – This file lists the privileges of different reseller users
=======================================
packages/ - This directory contains files for all the packages created under the WHM and the corresponding files will give all the details related to that package
=======================================
suspended/ – This directory contains files for all the suspended users. You can get the

reason for suspension from the corresponding user file.
=======================================
Users/ – This directory contains cpanel user files which contain all the information

related to a cpanel account.
=======================================
Zonetemplates/ - This directory contains templates for zone files, which will be used for creating zone file for a particular domain when a user is created
=======================================
bandwidth/ - This directory contains files named after the domain names which give separate http and all bandwidth usages for a particular day
=======================================
datastore/ - This directory contains sub directories named after the cpanel user name which contains two files named mysql-db-count and mysql-disk-usage .These files give you the number of databases a user have and the total disk space used by all these databases respectively.
=======================================
/etc
=======================================
localdomains – This file contains domains which are using the local mail server.

remotedomains - This file contains domains which are using a remote mail server instead of the local mail server

userdomains - All the domains of users are listed in this file including the addon, parked and subdomains along with their username.

trueuserdomains - The main domains of all cpanel uesrs are listed in this file along with their username

trueuserowners – All cpanel users along with their owners are listed in this file

wwwacct.conf - This is the default file used in cpanel account creation Information from this file is taken when an account is created

mailips - The ip which should be used for sending mails can be specified in this file Different ips can be set for different domains for sending mails and that can be specified in the file like the following domainname: ip address

ips – This file lists all the ips in the file except the main shared ip

ips.dnsmaster – This file lists all the ips of nameservers used by different domains

ipaddrpool – Lists the ip addresses in the server which are free

cpupdate.conf - Cpanel updation configuration can be done in this file Once you edit this file do not forgot to run the script /scripts/upcp

cpbackup.conf - Cpanel backup configuration can be done in this file You can enable or disable cpanel backup using this file.

Valiases/ - Email forwarders and catchall for a domain can be specified in the corresponding file inside this directory.

The format is like the following *: accountname

vfilters - Email filters can be specified in the corresponding file inside this directory.
=======================================
/usr/local/cpanel
=======================================
bin/ – Cpanel binaries are located in this directory

version – You can get cpanel version from this file
=======================================
logs/ - All log files of cpanel are located inside this directory.

They are

error_log – cpanel logs any error it incurs in this file

license_log – All cpanel license update attempts are logged in this file stats_log – The stats daemon logs the output from all

the status generators like awstats, webalizer.

access_log – General information pertaining to cPanel requests is logged in this file
=======================================
base/ – Files of phpmyadmin, webmail etc are located in this directory

3rdparty/ – Files of mailman, fantastico etc are located in this directory

Important Log Files
=======================================
Apache
=======================================
/usr/local/apache/logs – It is the main log for apache

/usr/local/apache/domlogs/ – Domain specific logs are located inside this directory

/usr/local/apache/logs/access_log – This log records all requests processed by the server
=======================================
Exim
=======================================
/var/log/exim_mainlog - An entry is created inside this log every time a message is received or delivered

/var/log/exim_rejectlog - An entry is created inside this log every time a message is rejected based on either ACLs or other policies

/var/log/exim_paniclog - An entry is created inside this log when exim doesn’t know how to handle an error

/var/log/messages – General information and login attempts of FTP are logged here

/var/log/secure - General information and login attempts of SSHD are logged here

/var/log/maillog - The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.

/var/log/mysqld.log /var/lib/mysql/$(hostname).err – Mysql general informations and errors are logged in either of these two files

/var/log/chkservd.log - The service monitoring daemon (chkservd) logs all service checks here. Failed services are represented with a [-], and active are represented with [+]

/var/log/cron – An entry is created in this file when a cron is executed

/var/log/messages - General informations and errors of named are logged in this File

/var/log/dcpumon/toplog.[timestamp] - This log lists the top processes running Each five minute a new log is created

/usr/local/apache/logs/suexec_log - This log file contains auditing information reported by suexec each time a CGI application is executed.

/var/log/cpanel*install* – These log files contain verbose logs of the cPanel installation.

/var/cpanel/updatelogs/update-[timestamp.log] – It is the log file for upcp. Log entries are created when upcp runs

=================================================================================

Unknown

If you face SMTP error 535 Authentication Failed while sending an email from round cube, then you can check the following things.

vi /usr/local/cpanel/base/3rdparty/roundcube/config/main.inc.php

and change

$rcmail_config['smtp_user'] = '%u';
to
$rcmail_config['smtp_user'] = '';

Save the file

FIXED....

Unknown

===================================

sendmail: Not running with correct effective GID. Is sendmail binary setgid mailtrap?

[Error above error message shows in login SSH screen directly or you are getting this message]
just change the send mail permission using below command:
--
chmod 2755 /usr/sbin/sendmail
--

That's it..:)
===================================

Unknown

WordPress issue :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If plugin or theme is not compatible then sometimes site shows blank page and error_logs file does not generate the error logs, then need to enable the WP_DEBUG in wp-config.php file. After enabling this function, it will show an error on the site and it will find out which is the problem plugin or theme.
Syntax :

=================================
define('WP_DEBUG', true); -- to enable
define('WP_DEBUG', false); -- to disable

=================================
If 'WP_DEBUG line does not exist inside wp-config.php the add it after define('DB_COLLATE', ''); line. After disabling the problem plugin/theme you need to make define('WP_DEBUG', true); to define('WP_DEBUG', false); .

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Unknown

Some times, MySQL service doesn't work due to missing mysql.sock file , then you need to create manually mysql.sock file. Follow the below steps to create mysql.sock file.
First, login your server and check /tmp and /var/lib/mysql , you may see that there is no mysql.sock file(It is called also Symbolic file).
Follow the below steps.
cd /var/lib/mysql/
touch mysql.sock
chmod 1777 mysql.sock
chown mysql.mysql mysql.sock
Create a symlink for the sock file :-
ln -s /var/lib/mysql/mysql.sock /tmp
Once created, then restart Mysql service : service mysql restart
Your Mysql service should be back normal now.

Unknown

Some times , database size doesn't update in Cpanel . You can check it through Cpanel===> MySQL database , it shows database size “zero” even if there is available database data. You should follow below steps to resolve this.
==============================================
root@server [#] vi var/cpanel/cpanel.config
and search for following line.
disk_usage_include_sqldbs=0 ( set it to 1 instead of 0 )
wq:
then you need to run the below command to update the changes.
root@sever[#] /scripts/update_db_cache
==================================================
then you check your mysql database site, it will show correct database size,

Unknown

Some times, you get below error while posting in Joomla .

“Error : Warning: POST Content-Length of 9897293 bytes exceeds the limit of 8388608 bytes in Unknown on line 0″
then you need to increase “post_max_size” in php.ini file
post_max_size =8M
Replaced with as per your require.
post_max_size = 12 M
then check it.

Unknown

Following post discuss how to install Install LiteSpeed on Cpanel server.

Login to SSH on the server running cPanel.
# cd /usr/locel/src
# wget http://www.litespeedtech.com/packages/cpanel/lsws_whm_plugin_install.sh
# chmod 700 lsws_whm_plugin_install.sh
# ./lsws_whm_plugin_install.sh
# rm -f lsws_whm_plugin_install.sh
Register for 15days trial license:
http://www.litespeedtech.com/trial/license
* Login to WHM and click the ‘LiteSpeed Web Server’ button.
* Click ‘Install LiteSpeed’ and let it run through the installation procedure.
* Enter your license information & assign an administrator password (Don’t tick the box to start LiteSpeed immediately)
* Click ‘Build matching PHP Binary’
* Click ‘Switch to LiteSpeed’
* Click ‘Admin Web Console’ and login
Final stages of setup
* Configuration > General > Index Files > Edit
Set the following and save.
Index Files: index.html, index.php, index.php5, index.htm
Auto Index: Yes
Auto Index URI => /_autoindex/default.php
* In SSH Type:
# ln -sf /usr/local/lib/php/autoindex /usr/local/lsws/share/autoindex
* Configuration > Log > Server Log > Edit
Set the following:
Log Level: Info
Debug Level: None
* Now click ‘Actions > Graceful Restart’ to make these changes permanent.
Please note that port 7080 should be enabled in the firewall

Unknown

If your server is running with default php version 5 and you want php 4 for single account so you just can add the following line in .htaccess.
Create one .htaccess file under public_html and add the following code.

AddHandler application/x-httpd-php4 .php

now you can create phpinfo page and check it will show your default php version is php4.

Unknown

ImageMagick is one of the most requested add-ons that allows for image manupulation. First, you should check GD on the server , it can be complied through easyapache.
First check Imagemagick on the server
/scripts/checkimagemagick
=======================================
Installation ImageMagick on the server
/scripts/installimagemagick
Installation will take a couple minutes as it will install other packages needed by ImageMagick.
==========================================================
Check version of Imagemagick
/usr/bin/convert --version
It will show somthing below output.
Version: ImageMagick 6.7.1-7 2011-09-13 Q16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2011 ImageMagick Studio LLC
Features: OpenMP
==========================================================
Install ImageMagick through WHM.
Go to WHM -> Software -> Module Installers -> PHP Pecl (manage). On the box below “Install a PHP Pecl” enter “imagick” and click “Install Now” button – that’s all. Restart Apache.
=========================================================
Uninstall ImageMagick
ImageMagick: /scripts/cleanimagemagick
WHM : Imagick: WHM -> Software -> Module Installers -> PHP Pecl (manage). Click on Uninstall button for Imagick
==========================================================
It can check where is located ImageMagick
# whereis convert
It will show you the directory
===================================================

Unknown

If you find that images are not loading in linux server then you should disable php functions.

php.ini is configuration file of PHP.
Find exact path of php.ini
# php -i | grep php.ini

Or you can use the another command like

# php.ini
Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => /usr/local/lib/php.ini
then search disabled disable_function in that file and remove “readfile” optionin in that line.
: wq!
then restart apache service.

All images should be work fine.

Unknown

Just follow below steps.
==============================================
cd /home/username/www
ln -s ../tmp/webalizer webalizer
chown username.username webalizer
cd ../tmp
chmod 755 ./
chmod 755 ./webalizer
==============================================
It will allow domain.com/webalizer/ for viewing stats without logging in to cpanel

Unknown

Some times , weblizer doesn’t update automatically. You have to update manually update it. Follow the below steps to update manually update webalizer.

=============================================================
/usr/local/cpanel/3rdparty/bin/english/webalizer -N 10 -D
/home/username/tmp/webalizer/dns_cache.db -R 250 -p -n domain.com -o
/home/username/tmp/webalizer
/usr/local/apache/domlogs/domain.com
===============================================================

Replace username and domain name of your hosting account.

Unknown

httpd.conf is configuration file of apache server and all important options are stored there. httpd.conf is located at /usr/local/apache/conf/httpd.conf.

vi /usr/local/apache/conf/httpd.conf

MaxClients (Total number of concurrent connections.)

It should be set reasonable value because if set high value then there is chance a complete server hang in case of a DOS attack. It can set value as per hardware configuration . If you have 2 GB or RAM set this value to 300.
This should be set to a reasonable value. I suggest using this formula to determine the right value for your server.
MaxClients = 150 x RAM (GB)
If you set low value then it can create timeout problems for your clients if the limit is reached so better set reasonable value.
ServerLimit
This value should be same as MaxClients
ServerLimit = 150 x RAM (GB)
MinSpareServers and MaxSpareServers
MaxSpareServers and MinSpareServers control how many spare (unused) child-processes Apache will keep alive while waiting for more requests to put them to use. Each child-process consumes resources, so having MaxSpareServers set too high can cause resource problems. On the other hand, if the number of unused servers drops below MinSpareServers, Apache will fork (an expensive operation) new child-processes until MinSpareServers is satisfied.
should be set below value
MinSpareServers 5
MaxSpareServers 10
If you have more them 2 GB of RAM and you run a resource intensive website consider increasing MaxSpareServers.
MaxRequestsPerChild
It should not be set lower value because it will put an unnecessary load on the apache server to recreate the child. It controls the number of request the a child serves before the child is killed
I suggest you set below value .

MaxRequestsPerChild 1000 for 1 GB RAM
10,000 for 2 GB and 0 for more than 2 GB RAM

KeepAlive and MaxKeepAliveRequests

KeepAlive provides long-lived HTTP sessions which allow multiple requests to be sent over the same TCP connection. In some cases this has been shown to result in an almost 50% speedup in latency times for HTML documents with many images, but having keepalive on is also a resource intensive setting.
Here comes the big question: To KeepAlive or not to KeepAlive?
Well the opinions are mixed here, some say to KeepAlive some say not to.

KeepAlive off
If you want to hear my option I would say NOT to KeepAlive if you are running a shared hosting business or if you want to get the most out of your hardware. You should KeepAlive only if the loading time of your pages is the most important factor in your business and you have the money to invest in a more powerful hardware. If you decide to KeepAlive I suggest you set MaxKeepAliveRequest low to something like 2 seconds.

StartServers
Sets the number of child server processes created on startup. This setting depends greatly on the type of webserver you run. If you run low traffic websites on that server set it low to something like 5. If you have resource intensive websites on that server you should set it close to MaxClients.

StartServers 5
Timeout
The amount of time Apache will wait for three things: the total amount of time it takes to receive a GET request, The amount of time between receipt of TCP packets on a POST or PUT request, the amount of time between ACKs on transmissions of TCP packets in responses.
The default value is 300. You should set time to something a bit lower. A setting of 150 is probably ok. This will also help in case of small DOS attacks like to ones targeting some phpBB forums. Do NOT set it any lower then 10 as your users will start having timeout problems.
Timeout 150
After you have done all the necessary changes you can go ahead and restart Apache.
There is an extra step that you have to do so that the changes that you done to httpd.conf aren’t lost when a recompile is done.
To also save the changes in the database you will have to run:
/usr/local/cpanel/bin/apache_conf_distiller –update
You can check to see if the changes were accepted and will not be discarded at the next apache recompile by running
/usr/local/cpanel/bin/build_apache_conf

Sample values:
MinSpareServers 5
MaxSpareServers 10
ServerLimit 600
MaxClients 600
MaxRequestsPerChild 0
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 3

Thursday 11 July 2013

Saturday 6 July 2013

Tuesday 2 July 2013

Wednesday 15 May 2013

Saturday 23 March 2013

Tuesday 12 March 2013

Saturday 9 March 2013

Thursday 7 March 2013

Saturday 23 February 2013

Saturday 16 February 2013

Friday 15 February 2013

How to enable register_globals for a single website without putting an entire server security at risk?

Monday 11 February 2013

Friday 8 February 2013

Alexa