Category Archives: cPanel

14Feb/18

How to disable AutoSSL notifications to the customers cpanel account emails

Recently many of our customers had asked us how they can disable AutoSSL notifications to the end user cpanel account emails. So we guys made a reasearch on this and got the cpanel forum link which this discussion was already going on and saw a script.

Save the below to /root/autossldisable.sh, chmod 755 autossldisable.sh and then run it with ./autossldisable.sh

#!/bin/bash
cd /var/cpanel/users
for user in *
do
    cpapi2 --user=$user CustInfo savecontactinfo notify_autossl_renewal=0 notify_autossl_renewal_coverage=0 notify_autossl_expiry_coverage=0 notify_autossl_expiry=0 notify_ssl_expiry=0
done

This will disable  5 AutoSSL notices off for every user on the server.

Hope this helps

Update : Good news is that by Cpanel 70 version, you will have these options available at Manage Autossl section in the WHM

Reference and Courtsey for the above script : forum.cpanel.net

Reference Link for full discussion : https://forums.cpanel.net/threads/ssl-notifications-in-cpanel-68.614395/

 

 

 

 

14Nov/16

How to change PHP handler from Server Backend

PHP handler means the way apache software on the server serves PHP scripts. On cPanel/WHM Servers there are four PHP handlers : SuPHP, DSO, CGI, FastCGI. suPHP is the default handler on cPanel/WHM Servers. You might be familiar with switching the PHP handler from Web Host Manager(WHM) but most of us are not sure how to do the same from server backend. This article will enlighten how to switch PHP handler on a cPanel/WHM Server.

Continue reading

27Oct/16
cPanel to Plesk Migration

cPanel to Plesk – How to Migrate a hosting account ?

Migration from cPanel to Plesk

Plesk and cPanel have different business models and features, requiring the conversion of migrated objects during deployment on the destination server. I am referring the way to migrate a cPanel hosting account to Plesk

For example: Parked domains in  cPanel converts to domain aliases in Plesk.

Some objects and settings will not migrate due to the technical limitations

For example: Encrypted FTP user’s password in cPanel will not migrate to Plesk.

 Plesk generates new passwords for FTP users during the deployment process and reports them in the migration results report.

This article explains the process of migrating accounts from cPanel to Plesk control panel using the Plesk Migration & Transfer Manager tool.

Plesk’s built-in Migration Manager is available only on latest versions of Plesk like 11.0,11.5,12.0,12.5

Open the Migration & Transfer Manager in the Plesk GUI:

Tools & Settings > Migration & Transfer Manager 
and click the Start New Migration button.

Step 1:

On the first step of the migration wizard, input the source server hostname (or IP address), the SSH server’s port, and the root user password. Then choose the options to migrate the whole server or to perform a selective migration.

Leave the Use rsync transport option enabled — this will improve the speed and reliability of the data transfer, as well as lower the free disk space requirements for both the source and the destination servers.

Migration Settings

untitled

You can specify the location of temporary migration data on the source (Migration & Transfer Agent upload path) and destination (Temporary Files Location) servers. If the source server hosts large databases or the Use rsync transport option has been disabled, it is recommended you to choose paths to locations with enough free disk space

Step 2:

If selective migration was selected in the previous step, the Migration & Transfer Manager wizard will present a screen with a list of accounts on the source server, each with a check-box to select.

Additionally, you can choose the options to transfer all data, mail only, or everything except mail. By default, all data will migrate.

Step 3:

The next step IP address mapping  allows you to choose an IP mapping scheme.(i.e. which IP addresses the domains will have on the destination server, based on the IP addresses they had on the source server)

Two or more shared IP addresses can maps to a single shared IP address on the Plesk server. But mapping of dedicated IP addresses can be done one-to-one.

IP addresses will be changed in domain’s DNS records and hosting setup during deployment.

untitled2

 

Step 4:

After that, your migration will start. Progress can be monitored on the Migration & Transfer Manager screen. Upon completion, the Migration and Transfer Manager will report on the general status of the migration. (Completed or Completed with errors)

untitled3

If the migration finishes with errors, links to view or download the migration results report will be available on the migration process screen. To access it, click on the source server’s hostname in the list of migrations

For migration assistance, you can contact us. Also we will manage cPanel and Plesk servers with lowest rates, you can check our cPanel Server Management for more details.

20Oct/16

MongoDB install in cPanel

During these days the request for MongoDB installation on Linux servers is high because the developers are really like the same.MongoDB is officially a “NoSQL” database. NoSQL refers to a database with a data model other than the tabular format used in relational databases such as MySQL, PostgreSQL, and Microsoft SQL. MongoDB features include: full index support, replication, high availability, and auto-sharding. MongoDb is usually used to store large amount of data. MongoDB helps you to integrate database information into your apps easier and faster.

MongoDB officially still not supported on cPanel servers but there is a way to install MogoDB on cPanel server and there are many users using them. The install is possible because actually cPanel server is a Linux server itself. Only problem we have is we need to create the mongo databases from shell and the users and administer it so as well.

Today we are going to install MongoDB in a cPanel server powered by Centos 6

Technical requirements

root access
PHP-pear for full pecl support
PHP-devel package installed to compile extension manually

Now we are performing the MongoDB install via MongoDB Repo

  • Login to the server via ssh as root user.
  • create a file named /etc/yum.repos.d/mongodb.repo
vim /etc/yum.repos.d/mongodb.repo
  • In my case I am using a 64bit operating system. So need to add below lines.
[mongodb]
name=MongoDB Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=1
  • use below lines if you are using a 32 bit operating system.
[mongodb]
name=MongoDB Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/i686/
gpgcheck=0
enabled=1
  • Save the file in the vim editor.
  • Install MongoDB using Yum
yum install mongo-10gen mongo-10gen-server

imgpsh_fullsize

  • At this point, we have installed MongoDB on our server + cPanel box.
  • Configure MongoDB to start on boot and manually start the service.
chkconfig mongod on
service mongod start
  • Check MongoDB Service Status
service mongod status
  • Summary List of Status Statistics
mongostat
  • Enter the MongoDB Command Line
mongo
  • By default, running this command will look for a MongoDB server listening on port 27017 on the localhost interface.if you wanted to connect to a local MongoDB server listening on port 435984
mongo --port 22222
  • Install MongoDB PHP Extension, so php code can interact with MongoDB
pecl install mongo
/scripts/restartsrv_httpd
  • Once installed we can verify the same using below command.
    php -i | grep mongo -i

So now we completed the initial setup needed for MongoDB install on a cPanel server. Please post your comments below.

How to find Spamming in cPanel

cPanel is a Linux based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site. cPanel is one of the commonly used web hosting control panel. cPanel will install all the necessary softwares, which are required for a domain hosting. One of the common issue you might encounter is spamming in cPanel . Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services.
Continue reading

21Jun/16

Custom php.ini on LiteSpeed with cPanel

Custom php.ini set up in Cpanel

PHP configuration directives are specified in the php.ini file. We can make immediate changes in the functionality of php through php.ini file. Making changes to the default PHP configuration will effect all the users. So we can create Custom php.ini files for individual users.

To enable custom php.ini in litespeed webserver in cPanel, we need to make changes in the litespeed configuration from WHM

Litespeed server from WHM -> Litespeed configuration -> Admin Console ->configuration -> server -> External App ->lsphp5

Click on edit and make changes to the following sections.

Environment: Adding “PHPRC=$VH_ROOT” in environment section

suEXEC user: In this section add the username of account for that php.ini is enabled and add the group name of account for suEXEC group

Main -> Litespeed web server –> quick configuration of PHP suEXEC settings

Enable PHP suEXEC should be “Yes

Finally we need to restart litespeed webserver from backend(SSH).

# /etc/init.d/lsws restart

Now we can edit the PHP setting for specific user by creating a custom php.ini file on their home directory.

Check it and verify the user using custom php configuration

Test it by putting a info.php file

#vi /home/admin/public_html/info.php
<?

phpinfo();

?>
#chown user:user /home/admin/public_html/info.php

Go to the URL like http://your-domain.com/info.php

Check whether the new path is updated in ‘Loaded configuration file’ shown in info.php page (like below image)

pp

11May/16

Install WordPress Using cPanel cPAddon Option.

WHM is famous web-hosting control panel that are used for creating websites, email accounts, create database etc using their control panel. This is will lower the head ache of web hosting owners.

WordPress is a web software that are used commonly for website creation specifically for blogs, apps etc. Many of them are opting WordPress because of simplicity. There are many people that have a requirement of one click install for wordpress. So in this article we are trying to explain how we can enable and install wordpress using the cPAddon option available in WHM/cPanel.

    •  Log into WHM control panel
    •  Go to Home »cPanel »Install cPAddons Site Software
    •  Select WordPress from the list and click “Update cPAddon Config ” option.
      wordpress1
    • Once the update completes, go to Home »cPanel »Manage cPAddons Site Software and
      make sure WordPress is checked, and click “Update Moderation”.

wordpress2

  • Now WordPress is available to installed through cPanel of each websites. So log
    into cPanel for your domain. go to Site Software option >> select wordpress >>
    Fill up the necessary information >> Click Submit Moderation Request
  • Now Go back to WHM >> Home »cPanel »Manage cPAddons Site Software and approve
    the wordpress install request.
  • Once approved the WordPress should be installed under the website with in few
    minutes.
14Sep/15

cPanel/WHM Successful logins

For getting the successful cPanel/WHM logins, using the following commands.

For getting the successful cPanel logins.

cat /usr/local/cpanel/logs/session_log | grep "myuser" | grep "NEW .*app=cpaneld" 
# "myuser" is cPanel username

xx.xx.xx.xx [09/11/2015:13:17:40 -0000] NEW myuser:bOMyuserz8hKvThis1XUgnISnh4AWMMXSampleKgHE3lString1JpnOSiK5a45t3 address=122.165.84.98,app=cpaneld,creator=myuser,method=handle_form_login,path=form,possessed=0

For gettign successful WHM logins

cat /usr/local/cpanel/logs/session_log | grep "root" | grep "NEW .*app=whostmgrd" 
# Use required WHM user instead of "root"

xx.xx.xx.xx [09/05/2015:07:22:39 -0000] NEW root:KGJsPXy_h243av2XchbPGBajfsSDj0eRz4ryHIj_tGZtYODFSZVb5s4rkdx20LJd address=xx.xx.xx.xx,app=whostmgrd,creator=root,method=handle_form_login,path=form,possessed=0
13Dec/14

Detecting WordPress Outbound Bruteforce attack

We have heard a lot about the WordPress inbound Bruteforce attacks. On checking we can see the inbound attack IP’s  may have cpanel installed and  are actually generating from some other server which is infected.

Two day before,we  got a message from a client of ours saying data center has informed them that server is infected and is generating attacks on other servers. Initially I am not able to get any of the details regarding the attack as no rogue process is running neither scan using gave me any valid clue on this attack .

I was just checking the result of tcpdump to see the what all data is being transferred from the server.

user@host ~ # tcpdump -A -i eth0 -s 1500 port not 22

While checking the results I can see something is going on and many wp-login.php entry was going on.

Sample tcpdump Output (changed domain and hostnames)

v.G....pPOST /restaurants/wp-login.php HTTP/1.0^M
Host: domain.com^M
Content-Type: application/x-www-form-urlencoded^M
Content-Length: 30^M
^M
log=admin&pwd=minedoruksay2940
06:15:22.056294 IP host5.domain.com > host6.domain.com48202: Flags [P.], seq 2779525802:2779527849, ack 2761432155, win 3216, options [nop,nop,TS val 166530731 ecr 1994475337], length 2047

I tried to stop apache and mysql ,psa, and still some process were running as www-data user and the process was some thing like the below.

www-data 1258 10.8 1.5 18327 1268 ? Ssl Dec10 129:10 /usr/bin/host 

I took the lsof result of this command and I got the culprit (account ) responsible for this attack 🙂 Thanks to lsof command to give me correct location and scripts.

Relevant output from lsof command

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
host 20636 username cwd DIR 9,2 4096 60874901 /var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js
host 20636 username rtd DIR 9,2 4096 2 /
host 20636 username txt REG 9,2 120240 68160132 /usr/bin/host
host 20636 username DEL REG 9,2 60817452 /var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/bruteforce.so
host 20636 username mem REG 9,2 22928 23855190 /lib/libnss_dns-2.11.3.so
host 20636 username mem REG 9,2 51728 23855282 /lib/libnss_files-2.11.3.so
host 20636 username mem REG 9,2 12582912 60827148 /var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/.frsdfg
host 20636 username DEL REG 9,2 60817412 /var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/libworker.so
cwd : /var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js

The above entry from lsof means attack is being generated from this folder and scripts are located in this location.

/var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/bruteforce.so

/var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/.frsdfg

/var/www/vhosts/domain.com/site1/wordpress/wp-content/plugins/subscribe2/extension/readygraph/assets/js/libworker.so

Above 3 files are the main hack files in which /bruteforce.so was not present in the server at that time . This script was removed soon after the attack in initiated.

To fix this , I have removed the entire “js” folder and then kill all these process. Also asked client to remove the plugin. It will be good if we can remove the host binary (/usr/bin/host) file. If it is there, they can again come back with the attack and can kill the server reputation within few hours.