Migrate EasyApache 3 to EasyApache 4 and ntPHPselector Installation

Here I am  discussing the migration of Easyapache 3 to Easyapache 4 and the ntPHPselector installation ( version 4 )and the things taken care while installing the plugin. The Migration section of WHM’s EasyApache 4 interface (Home >> Software >> EasyApache 4) displays your system’s version of EasyApache and allows you to migrate to and from EasyApache 3 (EA3) and EasyApache 4 (EA4). Continue reading

How to find Spamming in cPanel

cPanel is a Linux based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site. cPanel is one of the commonly used web hosting control panel. cPanel will install all the necessary softwares, which are required for a domain hosting. One of the common issue you might encounter is spamming in cPanel . Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services.
Continue reading

26Jan/19

Security breach found in PHP “PEAR” library service

The PEAR server is in a stopped state until safety is confirmed. Its maintainers found that there was a security breach such as an attack on the server “PEAR” which provides a library available in PHP.

Users who downloaded and installed PEAR PHP in the last 6 months from the official website of the PEAR pear-php.net, were may be infected so you should quickly download the Github version and install it. If they downloadeded “go-pear.phar” file after December 20, 2018 are asking for confirmation that the file has not been altered, and if the corresponding file was downloaded before December 20, 2018 Even if PEAR installation is executed, PEAR warns the user “It is prudent to check the system”.

Below is official website of PEAR. As of January 24, 2019, the server is still down. Also, the official blog that details are written is also downed and can not be accessed.

You can use the below steps to check the go-pear.phar file’s vulnerability.

  • Login via SSH to your server where you are currently using PEAR.
  • Go to the directory where you currently downloaded the go-pear.phar file, most likely your user’s home directory.
# cd ~user
  • Check the md5sum value.
# md5sum go-pear.phar
  • The above command will return value like this. 1e26d9dd3110af79a9595f1a77a82de7
  • The infected file has the above hash value. If you see this value returned, you should proceed to disable the previous PEAR installation files and folders.
# mv go-pear.phar go-pear.phar_infected
# mv .pearrc .pearrc_infected
# mv pear pear_infected
  • Next, download a fresh copy of the go-pear.phar file from github
# wget https://github.com/pear/pearweb_phars/blob/master/go-pear.phar
  • You can then re-install PEAR using file downloaded from github
14Feb/18

How to disable AutoSSL notifications to the customers cpanel account emails

Recently many of our customers had asked us how they can disable AutoSSL notifications to the end user cpanel account emails. So we guys made a reasearch on this and got the cpanel forum link which this discussion was already going on and saw a script.

Save the below to /root/autossldisable.sh, chmod 755 autossldisable.sh and then run it with ./autossldisable.sh

#!/bin/bash
cd /var/cpanel/users
for user in *
do
    cpapi2 --user=$user CustInfo savecontactinfo notify_autossl_renewal=0 notify_autossl_renewal_coverage=0 notify_autossl_expiry_coverage=0 notify_autossl_expiry=0 notify_ssl_expiry=0
done

This will disable  5 AutoSSL notices off for every user on the server.

Hope this helps

Update : Good news is that by Cpanel 70 version, you will have these options available at Manage Autossl section in the WHM

Reference and Courtsey for the above script : forum.cpanel.net

Reference Link for full discussion : https://forums.cpanel.net/threads/ssl-notifications-in-cpanel-68.614395/

 

 

 

 

14Feb/18

MagicSpam Extension Installation fails in Plesk 17

Recently we faced the below error while trying to install MagicSpam free version via plesk interface and got installed via command line using the rpm from the plesk download section. Since the plesk download section had too old version and plesk was showing an upgrade option and free version was not working (which I installed from rpm available at plesk )

Error while trying to install / upgrade from plesk interface is the below 
Failed
 Installation of extension has failed
 
 Execution of /usr/local/psa/tmp/modulehfmXQh/plib/scripts/pre-install.php failed with exit code 1 and the output:
 Failed to find operating system package manager rpm or dpkg.
 Contact [email protected] with full details of your installation for assistance.

Normal rpm installation and yum install was working fine. Continue reading

18Jan/18

ntPHPSelector version 4.2.0 released

New version of ntPHPselector with 7.2 support is released. It is added with email notification for any license check related errors. Server owner/administrator needs to update the contact email address via ntPHPselector WHM front end. Also added fix for the scanning of additional ini files for php 5.3

Features
[+] Fixed the additional scanning of ini files.
[+] Alert for license error
[+] Added 7.2 support

Current users will get instructions for updating the plugin from the plugin support department. New users can order the service from the following page.

https://www.nixtree.com/nt-php-selector.php

05Jan/18

Critical Intel CPU Bug – Meltdown and Spectre Vulnerabilities

Critical Intel CPU Bug – Meltdown and Spectre Vulnerabilities

CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre.Earlier this week, serious security problem – CPU Bug has been found in the Intel/AMD/ARM CPUs. According to various teams including Google Project Zero, CPU data cache timing can be abused efficiently to leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. These vulnerabilities are known by name ‘Meltdown’ and ‘Spectre’.

You can read more about attack from this link

There are 3 known variants for this CPU Bug: Continue reading

20Jun/17

Recompile PHP 5.3 in ntPHPselector version 4

ntPHPselector plugin allows user to select preferred PHP version per directory on the same domain. Our new ntPHPselector version 4  released for the cPanel servers with EasyApache 4 version, which support php versions 5.3, 5.4, 5.5, 5.6, 7.0 and 7.1. By default 5.3 is disabled. You need to recompile it after enabling it from “Settings” tab after the installation.

ntPHPselector manually recompile the php version 5.3, since it is removed from EasyApache 4. You need to recompile the php version 5.3 using from your end using the interface available inntPHPselector WHM module.  Continue reading