Posts Tagged ‘ cPanel/WHM ’

Eximstats db growing huge

If the server have heavy email activity and “The interval, in days, to retain Exim stats in the database” is set to a high value then the eximstats DB size will be very large. First you need to findout if there is any spamming activity going on the server and stop it if any. The MySQL process for huge size eximstats DB will be very CPU consuming, so consider deleting the stats and lowering the value of “The interval, in days, to retain Exim stats in the database” in WHM tweak settings.

Cleaning large eximstats mysql database:

Login to mysql
#mysql

mysql> use eximstats
mysql> delete from sends;
mysql> delete from smtp;
mysql> delete from failures;
mysql> delete from defers;

Advertisements

Internationalized Domain Name (IDN)

Internationalized Domain Name (IDN)

An IDN is a domain name which consists at least one non-english character. So to say, the domain names which are in any native language except English can be called as IDN.Examples: ?????.co.il ( Hebrew domain name )

Issues: Cpanel does not support adding the IDN directly, so you will receive an error when you will directly enter the domain name in text box while adding a new account.

Fix : As the non-english character are not directly supported you need to conert them to theire equivalant PunyCode with the help of IDN conversion tool.Enter your domain name and get the equivalent PunyCode and use the resultant domain name to add the new domain.

Get the Punycode for ?????.co.il from the link http://mct.verisign-grs.com/index.shtml
Enter the domain name ?????.co.il in input box , select the radio button Native characters, and click convert

The equivalent code is : xn--4dbrk0ce.co.il

use the above code to add a new domain in WHM/Cpanel

Enable zipped mysql dump support for cPanel PhpMyAdmin

In phpmyadmin, while imporing a zipped database dump you might get an error as follows:

You attempted to load file with unsupported compression (application/zip). Either support for it is not implemented or disabled by your configuration. Enable .zip file import from cPanel phpmyadmin

This error occurs basically as there is no zip support enabled for phpmyadmin on the server. In order to enable the suppport you can do the following:

This will need reconfiguration of the internal cpanel php installation
Follow the steps given below:

Open the file

/var/cpanel/easy/apache/profile/makecpphp.profile.yaml.

[root@~]# nano /var/cpanel/easy/apache/profile/makecpphp.profile.yaml

Locate for the line which says:
Cpanel::Easy::PHP5::Zip: 0

Here 0 indicates the support is disabled. In order to enable the support replace the 0 with 1.
The entry will look as follows:

Cpanel::Easy::PHP5::Zip: 1

3) Save and quit the editor.

4)Rebuild PHP with the changes made.

[root@~]# /scripts/makecpphp

This rebuild process may take some time to complete. Once done, try to dump the zipped database in phpmyadmin.
It should now resolve the error.

Install ClamAV in Centos with Cpanel

Cpanel WHM Installation

The easiest way to install clam antivirus in cpanel is through install plugin option in Cpanel WHM .

Go > WHM > Cpanel Install Plugin > Enable Clamav Connector

Manual Installation

You can install clamav by compiling RPM packages.

1. Compiling source: download from clamav site.
2. Installing RPM package. Download

I tried to download and compile source package, but i got zlib error complaining the version not updated. so tried RPM and just able to install for myself.

By default clamav doesnt come with centos or perhaps with yum. You have to find rpm repository and install it.

Here is how you install clam antivirus (freely available) in centos running with cpanel.

yum install clamd

[OR]

yum install clamav

If it doesnt work use this

rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm

follow this instructions here based on centos version (Locate B2 in that page)

after installing that you can issue

yum install clamd

[OR]

yum install clamav

either of those should work.

Once you have installed clamav in your centos…here are some of the basic commands using the software..

1. To update the antivirus database

> freshclam

2. To run antivirus and print infected files

clamav -ri /home

3. To remove infected files and emails.

clamav -ri --remove /home

3. Running as Cron Daily Job

To run antivirus as a cron job (automatically scan daily) just run crontab -e from your command line. Then add the following line and save the file.

02 1 * * * root clamscan -R /var/www

This will run the cron job daily @ 1.02 AM by scanning the public html. You can change the folder to whatever you want for mail etc.

Awstat Logging a single IP on Nginx Server

When you see awstat logging a Single IP for any domains in a Nginx Server, note that Nginx is configured in port 82 and apache with port 80. Nginx will be running as reverse proxy for Apache, we don’t want our log file to record the proxy IP. We want the real IP as usual. Otherwise the log files will show only the Proxy IP. So we need to install mod_rpaf which is “Reverse Proxy Add Forward” module for Apache. Our older team used a module like “realip2_module” for doing this.

Install steps:

cd /usr/local/src
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
tar -xzf mod_rpaf-0.6.tar.gz
cd mod_rpaf-*
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

Once installed, we need to load the module into Apache configuration. Since cPanel already has Include Editor for Apache, we will use that functions.

Login to WHM > Service Configuration > Apache Configuration > Include Editor > Pre Main Include > All Versions and paste following text:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
RPAFenable On
RPAFproxy_ips 127.0.0.1 64.235.229.101 # replace the value with your server IP which are logged same on domlogs of domains 
RPAFsethostname On
RPAFheader X-Real-IP

Click Update > Restart Apache and Nginx.
Check and verify the IP from the logs.

Note: In this module we have one limitation is that, we need to add the IPs manually in RPAFproxy_ips.

Commands to Check SSL cert’s validity and other details

1. Get complete available details of an SSL certificate

openssl x509 -text -in ssl.cert 2. Who issued the certificate?

openssl x509 -noout -in ssl.cert -issuer

3. To whom the certificate was issued?

openssl x509 -noout -in ssl.cert -subject

4. To check the expiry date of SSL certificate

openssl x509 -noout -in ssl.cert -dates

5. To get SSL cert’s hash value

openssl x509 -noout -in ssl.cert -hash

6. To get SSL cert’s MD5 fingerprint

openssl x509 -noout -in ssl.cert -fingerprint

To check CSR: openssl req -noout -text -in new.csr 

To check key: openssl rsa -noout -text -in new.key 

Regenerating /etc/userdomains file

cPanel has many scripts in /usr/local/cpanel/bin/ directory. The following script will help you to regenerate /etc/userdomains file.

Note: If any existing /etc/userdomains file in the server, delete or move it first before executing following scripts.

/usr/local/cpanel/bin/userdata_update

and then run

/scripts/updateuserdomains