Category Archives: Uncategorized

27Jul/19

How to install Directadmin Control panel in Centos 7

One of the Best and Simple Control panel for Webhosting Companies

Directadmin is one of the best and simple control panel I have used in my last 10 years career and I will suggest this as an alternate to cPanel for every one. Due to recent Price Hike of cPanel license, it seems fortunes for Directadmin team is on their way and will get a good boosting from now on.

Directadmin has different kind of licenses and you should select the most suitable ones for you.

You can look in the below links for more details on licenses

https://directadmin.com/pricing.php

Installation Steps

IMP Note : Never Install this or any other control panel in a production server even if it is just having a lamp. Always use a freshly Os reloaded with Latest OS available at the time of the installation. In my case I am using Centos 7.x

Also update to the latest available updates and kernel before proceeding and secure ssh if possible before working on this.

[root@ntv ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

[root@ntv ~]# yum update

** If kernel is updated, please reboot the server and then proceed further

Install the Pre install commands needed for directadmin. This differs with each kind of os and you need to refer the below link and use respective details

https://help.directadmin.com/item.php?id=354

[root@ntv ~]# yum install psmisc net-tools systemd-devel libdb-devel perl-DBI perl-Perl4-CoreLibs xfsprogs rsyslog logrotate crontabs file kernel-headers

You need to have atleast a trial license to install this and need to update license details prior to installation. You need to confirm the ip and Os version are corectly setup in the client area of the directadmin.

For the trial license , you need to register yourself in this link’s Order Now option . https://www.directadmin.com/features_list.php

To install panel it is simple 3 steps

wget https://www.directadmin.com/setup.sh
chmod 755 setup.sh
sh setup.sh

There will be many questions asked while installation and make sure you give them the correct answers.

If you need any Installation / Setup / Migration assitance you can contact us any time or can order our Directadmin Per Server Management plan which will cover most of these.

Please contact us for any such helps and we are always ready to help you.

To ORDER our Directadmin Per Server Management plan, Please click here

You can refer more on from the Official guide as well using the below links

https://www.directadmin.com/installguide.php

26Jan/19

Security breach found in PHP “PEAR” library service

The PEAR server is in a stopped state until safety is confirmed. Its maintainers found that there was a security breach such as an attack on the server “PEAR” which provides a library available in PHP.

Users who downloaded and installed PEAR PHP in the last 6 months from the official website of the PEAR pear-php.net, were may be infected so you should quickly download the Github version and install it. If they downloadeded “go-pear.phar” file after December 20, 2018 are asking for confirmation that the file has not been altered, and if the corresponding file was downloaded before December 20, 2018 Even if PEAR installation is executed, PEAR warns the user “It is prudent to check the system”.

Below is official website of PEAR. As of January 24, 2019, the server is still down. Also, the official blog that details are written is also downed and can not be accessed.

You can use the below steps to check the go-pear.phar file’s vulnerability.

  • Login via SSH to your server where you are currently using PEAR.
  • Go to the directory where you currently downloaded the go-pear.phar file, most likely your user’s home directory.
# cd ~user
  • Check the md5sum value.
# md5sum go-pear.phar
  • The above command will return value like this. 1e26d9dd3110af79a9595f1a77a82de7
  • The infected file has the above hash value. If you see this value returned, you should proceed to disable the previous PEAR installation files and folders.
# mv go-pear.phar go-pear.phar_infected
# mv .pearrc .pearrc_infected
# mv pear pear_infected
  • Next, download a fresh copy of the go-pear.phar file from github
# wget https://github.com/pear/pearweb_phars/blob/master/go-pear.phar
  • You can then re-install PEAR using file downloaded from github
05Jan/18

Critical Intel CPU Bug – Meltdown and Spectre Vulnerabilities

Critical Intel CPU Bug – Meltdown and Spectre Vulnerabilities

CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre.Earlier this week, serious security problem – CPU Bug has been found in the Intel/AMD/ARM CPUs. According to various teams including Google Project Zero, CPU data cache timing can be abused efficiently to leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. These vulnerabilities are known by name ‘Meltdown’ and ‘Spectre’.

You can read more about attack from this link

There are 3 known variants for this CPU Bug: Continue reading

Stop using custom php.ini in ntPHPselector.

I am writing this post to give an idea about how to use custom php.ini and stop using custom php.ini in ntPHPselector. Since we got some request form some of the customers about the same, so I am adding this as blog for others to check.

How to use custom php.ini

There are several instances that may require you to modify a setting in the php.ini file for your website, such as increasing the PHP upload limit. The customer need to copy the default php.ini ( collect it from the php info page ) and alter the values based on the site requirements.

Some of the disadvantages of using custom php.ini

You lose the ability to select the php version via the control panel, if the version is not specific to the respective php version, it may cause errors.

Any changes we made on the global php.ini will not be reflected on your site

Changes you made to php.ini will not be applied instantly

Some of the web hosts will not allow to use custom php.ini. Since allowing this feature will cause resource usage abuse, which include performance issue with the server too. So they forced to disable this feature.

In ntPHPselector, you can disable the custom php.ini by un commenting the following entries under the section “phprc_paths”. By default, there is no commented entry for 5.3 in the suphp.conf. You need add the following entry manually, since it is compiled by you using ntPHPSelector interface.

[phprc_paths]
application/x-httpd-ea-php54=/opt/cpanel/ea-php54/root/etc
application/x-httpd-ea-php55=/opt/cpanel/ea-php55/root/etc
application/x-httpd-ea-php56=/opt/cpanel/ea-php56/root/etc
application/x-httpd-ea-php70=/opt/cpanel/ea-php70/root/etc
application/x-httpd-ea-php71=/opt/cpanel/ea-php71/root/etc

; entry related with PHP 5.3
application/x-httpd-php53=/opt/cpanel/nt-php53/root/etc

Restart the httpd service and check whether it is loading or not.

If you need further customization to the plugin, you can contact our support and we will help you. Also you can inform us the feature requests or bug reports

20Jun/17

Recompile PHP 5.3 in ntPHPselector version 4

ntPHPselector plugin allows user to select preferred PHP version per directory on the same domain. Our new ntPHPselector version 4  released for the cPanel servers with EasyApache 4 version, which support php versions 5.3, 5.4, 5.5, 5.6, 7.0 and 7.1. By default 5.3 is disabled. You need to recompile it after enabling it from “Settings” tab after the installation.

ntPHPselector manually recompile the php version 5.3, since it is removed from EasyApache 4. You need to recompile the php version 5.3 using from your end using the interface available inntPHPselector WHM module.  Continue reading

05Dec/16

Install and Configure Mod-Pagespeed on Linux servers

Mod-Pagespeed is an Apache/Nginx (web-server) module to speed up your website by applying certain filters that automatically optimize files to reducing number of times the browser has to make to grab web files, to reduce the size of those files and to optimize the length those files are cached. This article we will show you how to install and configure Google‘s mod-pagespeed module for Apache and Nginx web servers in RHEL/CentOS/Fedora and Debian/Ubuntu systems. Continue reading

27Oct/16

Secure and Fix dirty COW Linux Vulnerability

What is Dirty COW Vulnerability and why its called so ?

Dirty COW vulnerability allows attackers to gain root access to servers and take control over the whole system.A rare condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

What is the CVE-2016-5195 ?

CVE-2016-5195 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE.

Who found the Dirty COW vulnerability?

Phil Oester

How to check if vulnerability is affected on your server

Ubuntu/Debian

To find out if your server is affected, check your kernel version.

# uname -rv

You’ll see output like this:

Output
4.4.0-42-generic #62-Ubuntu SMP Wed Oct 26 22:10:20 IST 2016

If your version is earlier than the following, you are affected:
– 4.8.0-26.28 for Ubuntu 16.10
– 4.4.0-45.66 for Ubuntu 16.04 LTS
– 3.13.0-100.147 for Ubuntu 14.04 LTS
– 3.2.0-113.155 for Ubuntu 12.04 LTS
– 3.16.36-1+deb8u2 for Debian 8
– 3.2.82-1 for Debian 7
– 4.7.8-1 for Debian unstable

CentOS

Some versions of CentOS can use this script provided by RedHat for RHEL to test your server’s vulnerability. To try it, first download the script.

# wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh

Then run it with bash.

# sh rh-cve-2016-5195_1.sh

If you’re vulnerable, you’ll see output like this:

Output

Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .
Standard Resolution

The easiest way to protect your computers running Linux is to update your Linux distro to the latest version. You can use the following commands to update your Debian/Ubuntu/Centos and RHEL systems,also you need to reboot after updating it.

Debian/Ubuntu:
# sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade

RHEL:
# sudo yum update
# sudo reboot

CentOS:

To update your kernel on CentOS 7, run:
# sudo yum update

There is still no official update of the CentOS 5 and 6 kernel.we’re still waiting on a fix for CentOS 5 and 6. You can use this workaround from the Red Hat bug tracker.

You can find more technical details about the Dirty COW vulnerability and exploit on the bug’s official website dirtycowRedHat site and GitHub page.