Quantcast
Channel: Linux CPanel / WHM
Viewing all 101 articles
Browse latest View live

How to install Lighttpd for FLV streaming

January 12, 2015, 1:42 am
$
0
0
Lighttpd is a free web server designed for speed, with all the essential functions of a web server.  The low memory footprint (compared to other web servers) small CPU load and speed optimizations  make lighttpd suitable for servers that are suffering load problems, or for serving static media separately from dynamic content. You can install lighttpd as reverse proxy with apache webserver.








We can now setup lighttpd as reverse-proxy for apache.

How to install Lighttpd for FLV streaming

find lighttpd rpm repository
http://pkgs.repoforge.org/lighttpd/
or
yum install lighttpd
vi /etc/lighttpd/lighttpd.conf
change lighttpd port to 81
server.port = 81
server.use-ipv6 = “disable”
server.username  = “nobody”
server.groupname = “nobody”
touch /var/log/lighttpd/error.log
touch /var/log/lighttpd/access.log
chown -R nobody.nobody /var/log/lighttpd
/etc/init.d/lighttpd restart
When you get restart error like this errors then check with log file permissions.
Starting lighttpd: (log.c.118) opening errorlog ‘/var/log/lighttpd/error.log’ failed: Permission denied
vi /etc/lighttpd/modules.conf
make sure modules and including these for flv steaming…
include “conf.d/simple_vhost.conf”
include “conf.d/flv_streaming.conf”
include ” conf.d/secdownload.conf”
vi conf.d/simple_vhost.conf
example entry
$HTTP[“host”] =~ “(^|\.)www.lighttpdexample\.com:81$” {
server.document-root = “/home/cpanel/public_html/”
secdownload.secret          = “vAfddsv4$%4″
secdownload.document-root   = “/home/cpanel/public_html/media/videos”
secdownload.uri-prefix      = “/flv/”
secdownload.timeout         = 36000
flv-streaming.extensions = ( “.flv” )
h264-streaming.extensions = ( “.mp4″ )
}
or
$HTTP[“host”] != “^(fotoblow.tamilcomedy\.info)$” {
simple-vhost.server-root = “/home/username/public_html/”
simple-vhost.default-host = “fotoblow.tamilcomedy.info”
simple-vhost.document-root = “fotoblow”
}
$HTTP[“host”] =~ “(^|\.)fotoblow.tamilcomedy\.info:81$” {
server.document-root = “/home/username/public_html/fotoblow/”
}
$HTTP[“host”] =~ “(^|\.)www.cpanelkb\.net:81$” {
server.document-root = “/home/username/public_html/fotoblow/”
}
$HTTP[“host”] =~ “(^|\.)tamilcomedy\.info:81$” {
server.document-root = “/home/username/public_html/fotoblow/”
}

Then enable steaming modules.
vi conf.d/flv_streaming.conf
server.modules += ( “mod_flv_streaming”)
flv-streaming.extensions = ( “.flv” )
Normally apache will running on port 80, these entries will redirect .flv extension to port 81. Add the following code in your apache configuration.
vi /etc/httpd/conf/httpd.conf
Add the following entries blow domain config
ProxyPassReverse / http://%{HTTP_HOST}:81/
RewriteEngine on
RewriteCond   %{REQUEST_URI} .*\.(gif|png|jpg|flv|mp4|mp3)$
RewriteRule ^/(.*) http://%{HTTP_HOST}:81/$1 [P]
That’s all !!!

Now restart apache webserver and check your lighttpd access logs /var/log/lighttpd/access.log.
Search

Enable SMTP Authentication on cpanel

January 12, 2015, 1:44 am
$
0
0
POP before SMTP authentication allows you to send messages via a POP mail server for 30 minutes before you will need to re-authenticate a session through SMTP.

POP before SMTP authentication is disabled in WHM by default. To enable this option, navigate to WHM’s Service Manager (Home >> Service Configuration >> Service Manager) and select the Antirelayd checkbox.

While POP before SMTP authentication is secure but if the customer will be able to check the email from an office, the current public IP belongs to that office IP has been added to email white list and any one from that network can be send email using this smtp server without any authentication for 30 minutes.

To disable the feature “Authenticate POP before SMTP” in WHM/Cpanel server by simply executing the following command.

To Enabling SMTP authentication

 /usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::Antirelayd

ResellerClub and WHMCS: You are not authorized to perform this action

April 28, 2015, 7:06 am

How to disable gzip output on lightspeed server accounts

August 16, 2015, 4:19 pm
$
0
0
You can use .htaccess to disable gzip output if your website is running under a lightspeed server.

Open .htacess file and append following lines.

    php_flag zlib.output_compression Off
    RewriteEngine On
    RewriteRule . – [E=no-gzip:1]
    RewriteRule ^(.*)$ $1 [E=no-gzip:1]

Find Linux OS is 32 or 64bit

August 16, 2015, 4:20 pm
$
0
0
There are several situations where you need to confirm whether your Linux OS installed  is 32bit or 64bit. People normally use uname -a to find it. But the following command will tell you exactly the machine   architecture.

    getconf LONG_BIT

getconf utility shall conform to the Base Definitions volume of IEEE Std 1003.1-2001, Section 12.2, Utility  Syntax.

eg:

[root@localhost ~]# getconf LONG_BIT
32
[root@localhost ~]#

My machine is 32bit.

Previous value removed by cPanel transfer auto-merge

January 3, 2016, 5:40 pm
$
0
0
So i have been doing a hardware upgrade, and during the migration of the accounts, the target server named zone files got polluted with stuff like this:

( ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; 2015112200 ;Serial Number ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; 43200 ;refresh ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; 7200 ;retry ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; 2419200 ;expire ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; 86400 ;minimum ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT
; ) ; Previous value removed by cPanel restore auto-merge on 20151223145307 GMT



In order to clean things up, you can do something like this:

1 –  backup your named folder : cd /var;tar czf named.tgz named

2 – cd /var/named

perl -i.bak -ne ‘next if (/^; .+ ; Previous value removed by cPanel transfer auto-merge on/); print;’ /var/named/*.db

/scripts/restartsrv_named

/scripts/restartsrv_named

cPanel force remove an ip address

January 3, 2016, 5:47 pm
$
0
0
If you want to remove an ip address in cPanel, and sometimes the remove button is not there, just edit the file /etc/ips, remove the ip address in question, and then do a restart of the system aliases.

/etc/rc.d/init.d/ipaliases restart

This will work on cPanel / linux/centos

Should save you some headaches.

Enjoy!

unable to check htaccess file

January 3, 2016, 5:50 pm
$
0
0
Permission denied: /home/USERNAME/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

for fix, follow the procedure below:

cd ~USERNAME

chmod a+rx public_html
 
Enjoy!
Search

Setting up emails to forward and delete automatically

March 22, 2016, 3:13 am
$
0
0
The developers at cPanel removed the aging option in the latest version. However, you actually don’t need to have the email address setup in Mail > Add/Remove/Manage Accounts.

For example, let’s say you want any emails that goes to sales@yourdomain.com to forward to you@gmail.com. You don’t have to set up sales@yourdomain.com in Mail > Add/Remove/Manage Accounts.

Just go into cPanel > Mail > Forwarders > Add Forwarder.

In the first box you would enter ‘sales’ and then you would select the correct domain (if you have more than one domain set up). In the second box you enter you@gmail.com.

Now, when someone emails sales@yourdomain.com, the email will be forwarded to you@gmail.com. This way, nothing will be sitting on the server taking up space and you won’t have to worry about cleaning up old emails.

How to Replace MySQL with MariaDB

September 17, 2016, 4:54 am
$
0
0
 Backup existing MySQL data

Make sure to save all existing data just in case there are any issues.

    cp -Rf /var/lib/mysql /var/lib/mysql-old
    mv /etc/my.cnf /etc/my.cnf-old

Disable the targets so cPanel no longer handles MySQL updates

The following will mark the versions of MySQL we distribute as uninstalled so they are no longer maintained by cPanel/WHM

    /scripts/update_local_rpm_versions –edit target_settings.MySQL50 uninstalled
    /scripts/update_local_rpm_versions –edit target_settings.MySQL51 uninstalled
    /scripts/update_local_rpm_versions –edit target_settings.MySQL55 uninstalled

Remove existing MySQL RPM’s so theres a clean slate for MariaDB

The below command will uninstall the MySQL RPM’s!

    /scripts/check_cpanel_rpms –fix –targets=MySQL50,MySQL51,MySQL55

Create a yum repository for MariaDB

    vi /etc/yum.repos.d/MariaDB.repo

place the following inside of it depending on the DISTRO (https://downloads.mariadb.org/mariadb/repositories/):

    [mariadb]
    name = MariaDB
    baseurl = http://yum.mariadb.org/5.5.29/centos6-amd64/
    gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
    gpgcheck=1

Remove php from the /etc/yum.conf file then run the following commands

    yum install MariaDB-server MariaDB-client MariaDB-devel
    /etc/init.d/mysql start
    mysql_upgrade
    /etc/init.d/mysql restart

Add php back to the /etc/yum.conf file to ensure future php updates don’t get clobbered

Rebuild easyapache/php to ensure modules are intact/working

    /scripts/easyapache –build

For more information you can verify with http://blog.cpanel.net/mysql-mariadb/.

cPanel FTP Connection issues

September 17, 2016, 5:00 am
$
0
0
Here we have few steps to verify cpanel FTP connection related issues in your server. Most of problems will happen in your IPTABLES or CSF firewall settings. Any way first you should check your FTP is running fine.

Use the following command in your cpanel server to check FTP is listen.

root@server1 [~]# ftp localhost

If the response is as follows, the issue may be related to configuration of your Firewall.

Trying ::1...

Connected to localhost (::1).
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 07:01. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
Name (localhost:root):

If you get response like “ftp:connect:Connection refused” it means your FTP service is not running or may be running , but the process has failed. Anyway try to restart your FTP service or check your FTP port 21 is listening.

To verify that pure-ftpd is running and the server is listening on port 21.

root@server1 [~]# service pure-ftpd status
pure-ftpd (pid 1784) is running...

+------+---------+-------+------+-------------------------------------------+
| PID | Login |For/Spd| What | File/IP |
+------+---------+-------+------+-------------------------------------------+
| 1391 | ? | 00:10 | IDLE | |
| '' | '' | '' | '' | -> localhost |
+------+---------+-------+------+-------------------------------------------+

or

root@server1 [~]# lsof -i tcp:21
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ftp 1390 root 3u IPv6 13784077 0t0 TCP localhost:42432->localhost:ftp (ESTABLISHED)
pure-ftpd 1391 root 4u IPv4 9809 0t0 TCP *:ftp (LISTEN)

Run the FTP localhost command again to verify it.

This is the most common server-side issue with pure-ftpd. If this procedure did not resolve the issue, you can view the log to find other possible reasons for the failure. You can view your server’s error logs by running the following command:

root@server1 [~]# tail -f /var/log/messages | grep pure-ftpd

Firewall Status

Stop your firewall and check FTP whether its working.

service iptables stop

CSF

/etc/init.d/csf stop
If you are using Pure-FTPd, which is the default, you can define the passive-mode port range by editing /etc/pure-ftpd.conf and uncomment the following directive:

Code:
# Port range for passive connections replies. - for fire walling.

# PassivePortRange 30000 50000

Once you have removed the hash mark (#) from the line starting with “PassivePortRange“, restart Pure-FTPd and edit your firewall configuration to allow traffic on the same port range.

Remove virtfs and Disable for users

September 17, 2016, 5:06 am
$
0
0
VirtFS provides a jailed shell environment for users who connect to a server via SSH. The jailed shell acts as a container for the user, and does not allow the user to access other users’ home directories on the server. Unlike a normal shell environment, a jailed shell environment prevents access to data outside of the user’s home directory.

Consuming lot of disk space ?

Most of server got large disk space due to this virtfs. You can Disable VirtFS,Remove VirtFS and Unmount the bind mounts. CPanel provides a script to remove the virtfs mounts. Remove virtfs and Disable for users in your cpanel server

Do not delete /home/virtfs/username folder directly because its hard link with user account.



To disable VirtFS, system administrators can disable jailed shell access through WHM’s Tweak Settings interface (Home >> Server Configuration >> Tweak Settings) and Manage Shell Access interface for that cpanel user account WHM >> Account Functions >> Manage Shell Access.

Then use the following commands whether its still available.
# grep username /etc/passwd
If it does, you’ll need to change it to Bash or any other shell.

# crontab -l -u username
If you notice SHELL=”/usr/local/cpanel/bin/jailshell” in the output, you’ll need to edit user’s crontab and delete that line.

#w | grep -i username
If it is, you should inform him to log out or, if you feel like it, you can log him out by yourself.
You can unmount all active VirtFS mounts
#/scripts/clear_orphaned_virtfs_mounts –clearall
You can verify mount point for particular account

#grep -i username /proc/mounts
you will some thing like this

root@cpanel# cat /proc/mounts | grep username
/dev/xvda1 /home/virtfs/username/lib ext3 ro,nosuid,relatime,errors=continue,user_xattr,acl,barrier=0,data=ordered,jqfmt=vfsv0,usrjquota=quota.user 0 0
/dev/xvda1 /home/virtfs/username/bin ext3 ro,nosuid,relatime,errors=continue,user_xattr,acl,barrier=0,data=ordered,jqfmt=vfsv0,usrjquota=quota.user 0 0
/dev/loop0 /home/virtfs/username/var/tmp ext3 rw,nosuid,noexec,relatime,errors=continue,barrier=1,data=ordered 0 0
devtmpfs /home/virtfs/username/dev devtmpfs rw,nosuid,noexec,relatime,size=1002360k,nr_inodes=250590,mode=755 0 0
/dev/xvda1 /home/virtfs/username/usr/sbin ext3 ro,relatime,errors=continue,user_xattr,acl,barrier=0,data=ordered,jqfmt=vfsv0,usrjquota=quota.user 0 0
/dev/xvda1 /home/virtfs/username/home/username ext3 rw,noatime,errors=continue,user_xattr,acl,barrier=0,data=ordered,jqfmt=vfsv0,usrjquota=quota.user 0 0

then you should unmount and then remove it

#/scripts/clear_orphaned_virtfs_mounts

#for i in `cat /proc/mounts | grep /home/virtfs | cut -d ‘ ‘ -f 2 ` ; do umount $i ; done

cPanel performance tweaks, Memory Consumption

September 17, 2016, 5:10 am
$
0
0
Every cpanel server should be need to optimize according to your server usages, I hope the following articles will help to improve your cpanel server performance.

Run your cron jobs at off peak hours.

Stopping SpamAssassin

Go to WHM > Server Configuration > Tweak Settings > Disable Spamd

And:

Go to WHM > Service Manager > Disable Spamd

Disable Anonymous FTP



Go to Service Configuration =>> FTP Configuration

Stopping Mailman

If you or none of your customers aren’t running any mail listings through cPanel, it would be a good idea to disable Mailman.

Go to WHM > Server Configuration > Tweak Settings > Disable Mailman

Catch all can use up many resources and storage space, To disable CatchAll

Go to WHM > Server Configuration > Tweak Settings > Change to :fail:

Tweak Apache to reduce lot of memory.

vi /etc/httpd/conf/httpd.conf

Change the following settings depending on your server usages.

MinSpareServers 5
MaxSpareServers 10
StartServers 5

Save and restart apache now.

/etc/init.d/httpd restart

Install PHP accelerator (Recompile Apache with eAccelerator)

Compiling Apache with mod_deflate Gzip Module

Turn Off unwanted statistis

Analog Stats, etc.,

dd command to migrate VPS on linux platform

September 16, 2017, 2:09 pm
$
0
0
First create new vps with same configuration on another node. It doesn’t matter new vps is having os or not or you can choose any OS.

Once same configuration VPS setup done then use below command to migrate VPS.

    dd if=/dev/guestos/kvm2351_img | ssh 10.10.10.10 “dd of=/dev/guestos/kvm2520_img

Once migration is completed then try starting VPS on new node.

Can’t locate DateTime perl module

September 16, 2017, 2:13 pm
$
0
0
If you are getting below error while installing any application on linux then perl date time module is missing.

    Can’t locate DateTime.
    pm in @INC (@INC contains: /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .) at gatherbot_en.pl line 13.
    BEGIN failed–compilation aborted at gatherbot_en.pl line 13.

You can use below command to install Datetime on server.

    yum install perl-DateTime-TimeZone


After that if you are getting below error.


    Can’t locate Date/Parse.pm in @INC

Then please run below command. It will ask to install some modules then keep on typing yes or hit enter.

    cpan install Date::Parse
Search

Encrypting MySQLDump

September 16, 2017, 2:57 pm
$
0
0
If  you are looking to Encrypt your MySQL database dump for security reasons than you can  use the ccrypt tool  to encrypt your dump.sql file.

Follow the below simple steps to  achieve the database dump encryption and decryption :

  1. Create a  encryption key file as /root/.backup_keyfile and add the password/key in  that file.
  2. This keyfile  will be used to  encrypt and decrypt the data [dump.sql file]
Now, that we have created the encryption  file we just need to  execute the below commands:

mysqldump --opt  opsview |  ccrypt  -k /root/.encryptkeyfile > opsview.sql


This will encrypt the opsview.sql file and to  decrypt the opsview.sql file use :

[root@opsview-test ~]# cat opsview.sql | ccrypt -d -k /root/.backup_keyfile > opsview1.sql

This will  decrypt the opsview.sql file, easy  isn’t it,

List all cPanel users having Wildcard Remote Mysql Access

October 2, 2017, 3:02 pm
$
0
0
Remote MySQL option in cPanel allows other webservers to access the MySQL database on your server remotely.
Remote MySQL option can be very handy, if  you want  to allow applications like shopping carts or guestbooks on your other servers to access the databases.
But on the contrary, if the Remote MySQL option is not handled with  care  then  it can lead to database hacks.
So, If you want to find out all cPanel users having Wildcard Access enabled then  you can  use the below simple command :

root@server[#]mysql -N  mysql -e "Select User from user where Host='%'" | awk  -F _ '{print $1}' | uniq

Backup Single Table from a database using MySQLdump

October 2, 2017, 3:07 pm
$
0
0
We normally backup entire database using mysqldump utility but what if only one table gets corrupt and you  only want to  restore  that table from backup.
In that case you can  use the below simple steps to backup and restore a single mysql table using   mysqldump utility.

Backup:

mysqldump -u -p databasename tablename > tablename.sql
 example :

mysqldump  psa BackupsScheduled > BackupsScheduled.sql -u admin -p`cat /etc/psa/.psa.shadow`


 Restoration :

mysql -u -p  databasename  <  tablename.sql
 for example :

mysql  psa < BackupsScheduled.sql -u admin -p`cat /etc/psa/.psa.shadow`

Setup Putty Window Title Permanently

October 2, 2017, 3:10 pm
$
0
0
I was working on a migration of servers and for that I was manually setting up the Window Title for each server in  putty but the changes last only till I press Enter on  keyboard.
It’s often gets difficult to memorize the putty session, if  a proper title is not set and hence I was looking for a solution  to setup a permanent windows title for a server in putty and found that the same can be achieved by modifying/updating the below two settings in Putty:
  • In Window -> Behavior  set your desired Window Title
  • In Terminal ->Features check Disable remote-controlled window title changing

Roundcube : failed to open log file /var/log/httpd/suexec_log

October 2, 2017, 3:14 pm
$
0
0
While working on a issue for one of the client, I found that the Webmail link was giving 500 internal server error for Roundcube and checking the apache error logs I was getting the below errors.

failed to open log file /var/log/httpd/suexec_log
fopen: Permission denied
[Mon Aug 18 16:50:08 2014] [warn] [client x.x.x.x] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server
[Mon Aug 18 16:50:08 2014] [error] [client x.x.x.x] Premature end of script headers: index.php
 Further checking , I’ve found that the below file was missing :

/var/www/cgi-bin/cgi_wrapper/cgi_wrapper

So, I’ve copied that file from one of my other server and restarted apache service and this fixed the issue with  500 internal error for roundcube.
Note :: The cgi_wrapper file should have 755 permission with ownership of root

Viewing all 101 articles
Browse latest View live
Search