VirtFS (Jailed Shell)

Overview cPanel & WHM uses VirtFS to provide a jailed shell environment for users who connect to a server via SSH. The jailed shell acts as a container for the user, and does not allow the user to access other users’ home directories on the server. Unlike a normal shell environment, a jailed shell environment increases  security for […]

Read More

HOW TO DISABLE SYMLINKS ON LINUX WHM/CPANEL

Login to WHM/cPanel server via SSH with root access and execute following commands: [box] $ wget http://layer1.rack911.com/before_apache_make -O /scripts/before_apache_make $ chmod 700/scripts/before_apache_make[/box] And then recompile apache by previous saved profile: [box] $ /scripts/easyapache[/box] That is all, you can also check for any symbolic links already created: [box] $ find /home*/*/public_html -type l[/box] This will output […]

Read More

Protecting your cPanel/WHM server from SSLv3 POODLE vulnerability

Here is a quick script for you to check if your cPanel/WHM server is vulnerable. Execute the following as root. If you get ANY cipher output, your server can be considered vulnerable. [box] for port in 21 443 465 993 995 2083 2087 2078 2096; do echo “Scanning $port”; for cipher in $(openssl ciphers -sslv3 […]

Read More

Apache did not start on cPanel

Error log contains: [emerg] (28)No space left on device: Couldn’t create accept lock or [crit] (28)No space left on device: mod_rewrite: could not create rewrite_log_lock Configuration Failed Checking your disk shows that you have plenty of space. The problem is that apache didn’t shut down properly, and it’s left myriads of semaphore-arrays left, owned by […]

Read More

How to disable php scripts execution in 777 folders

Many times malware php scripts are uploaded to sites when 777 (or just enough)  permision folders are present. Sometimes you just can’t set permissions to a secure level (because of crap applications) so you have to secure these folders another way. One solution is to use .htaccess files for example to stop direct php access/execution […]

Read More

Deleting nouser Files – cleanup after cPanel

Not many CPANEL server admin knows that when they delete user account, there are some of those user files that still left on the server. Because user has been deleted, so the files will be owned by nouser. This can be a problem when your server is highly cycled (you add and delete users very […]

Read More

How to configure Exim on a cPanel server to use a smart host

A Smart Host is a SMTP server that will accept mail from another server and then deliver the mail for that server.  For example, server1 is setup to use server2 as a smart host. Anytime someone sends e-mail on server1 it is automatically relayed to server2 regardless of the MX entrys for the domain. Server2 then accepts […]

Read More

upgrade clamav on cpanel

First, download the latest version from Sourceforge:   wget http://sourceforge.net/projects/clamav/files/clamav/0.97.5/clamav-0.97.5.tar.gz Extract it and move into that directory: tar -xzf clamav-* cd clamav* Compile: ./configure –prefix=/usr make make install Comment out examples in the config files: replace “Example” “#Example” — /usr/etc/freshclam.conf replace “Example” “#Example” — /usr/etc/clamd.conf Get the new virus definitions: freshclam Then just make sure […]

Read More

cPanel reset permissions Script

!/bin/bash # Script to fix permissions of accounts if [ “$#” -lt “1” ];then echo “Must specify user” exit; fi [email protected] for user in $USER do HOMEDIR=$(egrep ^${user} /etc/passwd | cut -d: -f6) if [ ! -f /var/cpanel/users/$user ]; then echo “$user user file missing, likely an invalid user” elif [ “$HOMEDIR” == “” ];then echo […]

Read More

nginx installation on cPanel

cd /usr/local/src/ wget http://nginxcp.com/latest/nginxadmin.tar tar xf nginxadmin.tar cd publicnginx ./nginxinstaller install   if python crashes follow the steps below:   cd /usr/local/src/ wget http://www.python.org/ftp/python/2.5.2/Python-2.5.2.tgz tar fxz Python-2.5.2.tgz cd Python-2.5.2 ./configure make make install fresh install killall -9 nginx cd /usr/local/src/publicnginx ./nginxinstaller uninstall ./nginxinstaller install /etc/init.d/httpd restart

Read More

find exim spam

[root]#exim -bpr | grep “<*@*>” | awk ‘{print $4}’|grep -v “<>” | sort | uniq -c | sort -n the below script will show you the maximum no of email currently in the mail queue have from or to the email address in the mail queue with exact figure. [root]#exim -bpr | grep “<*@*>” | […]

Read More