NiyasHussain.com

Usually when install cPanel using IP on the first time, your license will be fine.
But when you add new hostname to your server, cPanel said “Invalid License File” and you can’t login again.

With the new version of cPanel, refresh browser no more working.
Dont worry, here the solution

Login to your server as root, then run this command:

# /usr/local/cpanel/cpkeyclt

Stop PHP nobody Spammers

PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Watching your exim_mainlog doesn’t exactly help, you see th email going out but you can’t track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you’ll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)

Requirements:
We assume you’re using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we’re only tested it on a Cpanel/WHM Red Hat Enterprise system.

Time:
10 Minutes, Root access required.

Step 1)
Login to your server and su - to root.

Article provided by WebHostGear.com

Step 2)
Turn off exim while we do this so it doesn’t freak out.
/etc/init.d/exim stop

Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

Step 4)
Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n”;
}
else {

print INFO “$date - $PWD -  @infon”;

}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach  (@ARGV) {
$arg=”$arg” . ” $_”;
}

open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

Step 5)
Change the new sendmail permissions
chmod +x /usr/sbin/sendmail

Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7)
Start Exim up again.
/etc/init.d/exim start

Step
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log

Sample Log Output

Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory -  nobody x 99 99   Nobody / /sbin/nologin

Log Rotation Details
Your spam_log file isn’t set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.

pico /etc/logrotate.conf

FIND:
# no packages own wtmp — we’ll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}

ADD BELOW:

# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}

Notes:
You may also want to chattr + i /usr/sbin/sendmail so it doesn’t get overwritten.

Enjoy knowing you can see nobody is actually somebody =)

For Video Tutorials,

http://www.cpanel.net/products/cpwhm/cpanel11/tutorials.html

For Docs,

http://www.cpanel.net/docs/cpanel/

And

http://niyashussain.com

Add these lines into httpd.conf file

RLimitMEM 1220953088  (can change the value)
RLimitCPU 240

Explanation:

If you are using cPanel/WHM then you’ve got an option in your WHM to limit memory usage by apache processes (RLimitMEM), the option is under Security -> Modify Apache Memory Usage.

This option executes the script: /scripts/apachelimits. It works fine on dedicated systems, it reads the /proc/meminfo file for the currently installed memory and sets the limit accordingly.

Unfortunately the script is useless on a VPS, since a VPS uses a part of the system memory. As a result, the generated values are wrong and cause problems for many people.

I’ve written a perl script, based on the original cPanel apachelimits, which is for VPS servers hosted by Jag. The script will properly give you the setting based on the memory your VPS is allowed to use.

The script does NOT modify your configuration, it just prints the setting and it lets you copy/paste it, just in case you are not happy with the result.

Just copy/paste the following code into a file, make it executable with “chmod +x file.pl” and run it with “./file.pl”. You may also place it in your ~/bin directory if you want to frequently run it.

#!/usr/bin/perl
use lib ‘/scripts’;
use SafeFile;

print “\nSearching for VPS Memory Limit………….: “;
$file = ‘/proc/user_beancounters’;
open(INFO, $file);
@lines = <INFO>;
close(INFO);

$lines[9] =~ s/\s+/:/g;
print $lines[9].”\n”;
@words = split(/:/, $lines[9]);
$size = $words[4];
print “Found VPS memory limit (estimated)………: “.int($words[4]/1024*4).” MB\n”;

$lines[8] =~ s/\s+/:/g;
@words = split(/:/, $lines[8]);
print “Current VPS memory usage (estimated)…….: “.int($words[2]/1024*4).” MB\n”;

print “Calculating RLimitMEM………………….: “;
$size = int( $size / 2 );
$size = int( $size * 1024 );
print “$size”;
$size = int( $size / 3 );
print “, $size\n”;

$meg = int( $size / ( 1024 * 1024 ) );
print “Suggested apache child process limit…….: “.$meg.” MB\n\n”;
print “You may add the following into your /etc/httpd/conf/httpd.conf:\n\nRLimitMEM “.$size.”\n\n”;

Resolution from cPanel:

We provided an auto fixer that more reliably resolves this issue. It does so by checking each XDNS entry in each user file, in /var/cpanel/users, against the entries in /var/cpanel/deleteddomains.yaml. If there is not a corresponding match in the deletedomains.yaml file, then the XNDS entry is converted to a DNS entry.

The auto fixer can be ran manually as:

/scripts/autorepair repair_xdns_entries

Or from within WHM as:

https://IP:2087/scripts2/doautofixer?autofix=repair_xdns_entries

Indeed, until you upgrade to build 30944 you will probably need to run that auto fixer each night/morning.

The scenario we tracked down pertained to deletion of domains. When a domain was removed, either via WHM or cPanel, an erroneous internal check would cause all Parked, Sub and Addon domains in the user file (/var/cpanel/users/user) to be marked as removed (XDNS). This would then
trigger a cascade of events during upcp, such as removal of the email accounts.

Related to this was a condition where if the domain being removed was already removed, then the primary domain in the user file would be marked as both DNS and XNDS.

The erroneous checking is resolved in builds 30944 and higher. This problem only afflicted cPanel 11.24.

If you’re a sysadmin of Cpanel server, you might be aware of the JailShell. Its nothing but a User Shell with limited privileges. Users requesting for shell access to the webhosting server are provided with such shell instead of bash (Which provides root level privileges to users) .

Jailshell limits the users access to their home directory and keeps rest of the file system safe. Still there are chances of such users breaking into your system, so be sure of providing shell access to your servers. Jailshell mounts the filesystems of the users, who login via SSH under a directory called /home/virtfs. This contains users home directory and a false file system which links back to system directories like /bin, /usr etc.

NOTE: Be careful! Don’t remove any folder which is inside /home/virtfs, NEVER. As I said earlier, this folder links back to your systems root file system. You might end up screwing up your server if you attempt it.

So, we got to know that the Jailshell provides a restricted shell access to users and mounts the home directory temporarily at /home/virtfs.

Now, what if you still see the directories of different users mounted under /home/virtfs?

Right, this normally happens when users forget to logout properly from their SSH sessions. As a system admin, you’re responsible to unmount these directories safely.

How do I do that?

You can find all the virtfs mounts in /proc/mounts. Run cat /proc/mounts.

Now, its time to unmount them one by one. For that you have to take the second column of the output. Or write a simple for loop as follows.

for i in `cat /proc/mounts | awk ‘{print $2}’`;do;umount $i;done

If you want to unmount the virtfs of a perticular user, you can simply add an another pipe to for condition with grep username.

Now, you’re done with cleaning of your virtfs.

Hello,

Quite few times your server’s main/shared IP address may get black listed by most of RBLs due to x reasons.
In such situations, it would be very difficult to receive/send some important emails due to this black list.
In such situation a quick solution is to route the emails through a secondary IP address on the same server which is not black listed under those RBLs.

The mail server on cpanel i.e exim allows you to change the default IP address used by the mail server so that you would be able to route all emails through this new secondary IP address.

Here are the step by step instructions for you to configure your exim mail server to use new IP address.

Step 1 : Shutdown the exim service.
# service exim stop or /etc/init.d/exim stop

Step 2 : Edit your exim configuration file.
# vi /etc/exim.conf

Step 3: go to “remote_smtp” section under “TRANSPORTS CONFIGURATION”.
By default it would look like below:

Quote:
remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_ho stname}}
Step 4 : Remove or comment line containing “interface” and “helo_data” and add new “interface” to match with that of your new IP address. It should look like as follows:
Quote:
remote_smtp:
driver = smtp
interface = 12.12.12.12 # Your IP address.
Step 5 : Save your changes and exit out from your exim configuration file.

Note : Dont forget to set read only attributes on exim configuration file, so that it wont get reset to default automatically.

You can do it using following command:
# chattr +aui /etc/exim.conf

Step 6 : start exim service on your server.
# service exim restart or /etc/init.d/exim restart

Step 7 : Make sure to set reverse DNS for this new IP address to point a valid FQDN.

Step 8 : Try sending a test email and you will find that, it was sent using this new IP address configured under your exim configuration.

You can verify it by checking the header of new email under exim’s log file i.e /var/log/exim_mainlog

First SSH into your server and run :-

/scripts/fixeverything
/scripts/upcp –force
/scripts/eximup –force

if that does not fix the issue run the following commands:-

cd /usr/sbin
mv sendmail sendmail.157979
ln -s /usr/sbin/exim /usr/sbin/sendmail
mv /etc/eximmailtrap /etc/eximmailtrap.157979

All sorted, it should be.

IF NOT, then follow these,

#vi /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php

$useSendmail = false;

to:

$useSendmail = true;

restart cpanel and exim service.

Install the openldap rpms

WHM>Software>Install RPM
- installed openldap
- installed openldap-servers
- installed openldap-devel - if it is not installed, you’ll get “Cannot find ldap.h” error while recompiling - this also needs cyrus-sasl-devel installed
(If cyrus-sasl-devel won’t install - find your existing version and download it from the centos mirror
- installed openldap-clients - for working from command line
Recompile Apache

if you are using php5, add the following in /var/cpanel/easy/apache/rawopts/all_php5

–with-ldap=/usr

Then run /scripts/easyapache

After compilation run php -m to check that ldap support is added.

Earthling:
With the upcoming “VPS Optimized” version of cPanel/WHM making it’s way out (it’s recently moved from the EDGE to CURRENT tree), Doug has asked me to post some of the ways I tweak a cPanel/WHM VPS to reduce the background memory and CPU usage and leave more resources for actual hosting. I’m also going to post some how-tos on securing VPSs over the next few days and weeks. I should also mention that this is by no means my own work - I have learned much from other forums, and by experimenting on a test VPS I have specifically to “break things”

In order to keep the How-Tos tidy, we’re also going to start a separate thread for feedback, comments, suggestions and queries so that, if necessary, we can come back to the original how-tos and edit/update/correct them, so please do not reply to this - Please use this thread for any feedback: http://www.solarvps.com/forums/showthread.php?p=1169#post1169

So, here goes - Whenever I get a new cPanel/WHM VPS (or server) here’s the first things I adjust or tweak to cut down on resource usage:

1) Mailman - Mailman is a memory glutton. It runs constantly as a process, gobbling memory for no good reason. If you don’t need it, pop into WHM >> Server Configuration >> Tweak Settings and turn it off by unchecking the box. If you need a good mailing list, then PHPList (http://www.phplist.com) works fine, uses resources only when it needs it, and also comes with Fantastico if you have it.

2) While in Tweak Settings, there’s some other adjustments you can make:

a) Mail >> Number of minutes between mail server queue runs (default is 60). Each time the mail queue runs it increases load - The default of 60 can safely be reduced to 120 or even 180 on a busy server. Whilst there I also disable Boxtrapper Spam Trap and SpamAssassin Spam Box delivery, on the basis that whilst the server will filter out most of the spam coming in, it’s then up to the users to employ filters in their email clients etc in order to filter out the rest of the rubbish - Using Boxtrapper and SpamBox simply puts more load on the server. (These 2 options also need to be disabled in the feature lists you use so that they don’t show up as available in clients’ cPanels).

b) Also under the Mail section, I set the “Default catch-all/default address behavior for new accounts” to fail - there’s no need to collect unwanted or unroutable mail in catch-all folders.

If you’re doing this to a server with accounts already on it, changing this setting will not change those existing accounts, which are probably set to the default of BLACKHOLE. You can enforce the change onto all existing accounts by logging in via SSH and running the command:

perl -pi -e “s:blackhole:/:fail:/g;” /etc/valiases/*

c) Further down in the Tweak Settings section are the settings for Stats programs. Turn off Reverse DNS Lookup for AWStats, disable Analog Stats (pretty useless really) and just run with AWStats (if you need it) and Webalizer. All stats programs run processes to collate the stats so if you can get away with using just Webalizer all the better.

d) Further down under tweak Settings, in the System section, is an option “Conserve Memory at the expense of using more cpu/diskio.” If you’re running a server that is always maxing out on memory usage this may be an option to try, but you should bear in mind that it does slightly reduce speed of processing, and you should check with Jag Support that, as a result, you’re not using more than your share of CPU resources.

Also under the System section, ensure that you have checked the “Do not start deprecated Melange 1.10 chat server.” option.

3) Spamassassin: Spamassassin is also a memory hungry beast in its default setup, but you can reduce this very easily. In WHM scroll right down the left-hand menus until you get to the cPanel section and click on Manage Plugins. There are two plugins in there that you should enable - spamdconf and cronconfig (more on this one in a minute). Once you have checked those two options, scroll down to the bottom and click Save. Your server will then contact the cPanel servers and install those 2 plugins for you in a minute or so. Once done, refresh the left hand frame in your browser (the one containing the WHM menus) and you’ll see a new section right at the bottom (You will already have this section if you run Fantastico, but these new 2 options will be added to it).

Select “Setup Spamd Startup Configuration” and you will presented with 4 option boxes, the second of which is the one we want. Setting “Maximum Children” to 2 (no, this isn’t birth control LOL) will restrict the number of processes Spamassassin fires up on startup, each of which eats memory. Once you save this the server will restart Ensim to build in the new setting - this can take up to a minute to restart, so just be patient.

4) Cron times: Cron jobs use memory and CPU resources, so it’s best to check that they run in off-peak hours (usually overnight). The other option we just added in the Manage Plugins section has added a menu option “Configure cPanel Cron Times” in the Plugins section at the bottom of the WHM menu. Within that section are 2 settings for the times that your cPanel Update runs (if you run it automatically) and the time your backup runs. You can change and “commit” each of these times to something more sensible. Also, if you run Fantastico, there’s another option in the Fantastico settings for the time the daily Fantastico update cron job. This is all very much a matter of preference, and depends a lot on when your server is least busy but, for example, one of my standard settings for these would be:

cpbackup = 01:00AM
cpupdate = 03:00AM
Fantastico = 04:00AM

This allows each cron job enough time to run before another one starts so that you don’t get 2 resource-hungry routines overlapping. The actual times you use depend on when your own server is least busy. You should also check right up at the top of the WHM menu under Server Time that the server is actually running in the Time Zone you expect - You cannot change this on a VPS but you should ensure that the server time is actually reasonably correct and not set to a timezone that would actually cause your cron jobs to run in peak hours - this actually happened to me once when I discovered that a USA server was actually set to GMT and all my crons were running seven hours earlier than I thought, slap bang in the middle of one of the busiest periods

5) FTP: In WHM >> Service Configuration, there is an option to change 2 settings for FTP. By default the first will be set to use pure-ftpd (this is good) and the second is to allow anonymous FTP (this is very bad). Unless you really want half the world (the bad half) discovering that you run an open FTP server, turn anonymous OFF. Each FTP session uses resources, so you should also be careful about how many FTP logons you allow each account in your Feature Lists. Up to 3 is fine - anything over 10 is getting silly and simply invites your users to use your server for file sharing.

OK, so I guess that’s enough for the first section, and following these settings will reduce your memory usage. More soon, and please feel free to comment on or query any of this in the new thread under cPanel in these forums.

Check the following first,

1. goto ” cd /var/lib/mysql/horde ” and check if there is a file named ” horde_sessionhandler.frm ”

2. move all the file named “horde_sessionhandler” with other name

3. Or you can goto mysql and can drop the table “horde_sessionhandler”. It will show error message some times. If so use the step 2, so that the table gets moved automatically.(Remember that if you are using step2 skip the step 3)

4. Now type in shell “mysql”

5. It will take to mysql prompt . type “use horde”;

6. copy this command and paste there :

drop table horde_sessionhandler;

CREATE TABLE horde_sessionhandler (session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL,session_data LONGBLOB,PRIMARY KEY (session_id)) ENGINE = InnoDB;

flush privileges;

Quit and restart mysql

/etc/init.d/mysql restart

7. quit from mysql and restart mysql.

8. Try now… Your issue is fixed!!!!!

Sometimes these issue is found in cpanel servers.
If you are facing any such issues. Please restart the following services

/scripts/restartsrv_exim
/scripts/restartsrv_cppop
/scripts/restartsrv_imap

This will fix the issue.

If not,
/scripts/eximup –force

/scripts/courierup –force

cd /;
wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.bz2 -O ioncube_loaders_lin_x86.tar.bz2;
tar -zxf ioncube_loaders_lin_x86.tar.bz2;
chown root.root -R /ioncube

add the lines

zend_extension=”/ioncube/ioncube_loader_lin_5.2.so”
zend_extension_ts=”/ioncube/ioncube_loader_lin_5.2_ts.so”

in /usr/local/cpanel/3rdparty/etc/php.ini

This will fix the issue

Hangs, while sending emails.
—————————–

http://forums.cpanel.net/showthread.php?t=106101

A quick update. I was playing around with the roundcube configuration (/usr/local/cpanel/base/3rdparty/roundcube/config/main.inc.php) and noticed a workaround until the module is patched/updated. This workaround normally shouldnt work, but seems to work with the current problem in the module.

normally there is a series of lines which should read like this:

// SMTP username (if required) if you use %u as the username RoundCube
// will use the current username for login
$rcmail_config['smtp_user'] = ‘%u’;

or now Roundcube seems to work properly if you change it to this:

// SMTP username (if required) if you use %u as the username RoundCube
// will use the current username for login
$rcmail_config['smtp_user'] = ”;

If you haven’t already solved, this took me forever too. Found the answer deeper in one of the forum posts here. Need to look at compose.html in skins/default/templates. Around line 31 you’ll see the form tag with form name of form and action = “./”….. Change the action to “index.php”…
Starting working for me after that.

Error:

Message not sent. Server replied:

Connection timed out
110 Can’t open SMTP stream.

Solution:

If above case if you are having shell access then login to your server with root user, then edit
config file and do the changes as given below.

HTML Code:

#vi /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php

$useSendmail = false;

to:

$useSendmail = true;

restart cpanel and exim service.

cd <app_base>

eg: cd /home/username/public_html/test

/usr/bin/ruby /usr/bin/mongrel_rails start -p <port> -d -e production -P log/mongrel.pid

eg: /usr/bin/ruby /usr/bin/mongrel_rails start -p 12005 -d -e production -P log/mongrel.pid

1. Confirm quota reports are failing with repquota (repquota -ua)
2. If quotas are reported right, rm -f /home/*/.cpanel/datastore/quota*
3. Verify that quota support is enabled.
4. Determine quota enabled file systems with `mount` or `quota -v`mount -o remount,usrquota /mount/point
5. Reinitialize quotas with /scripts/initquotas
6. Completely rebuild all quota databases with /scripts/fixquotas

This is a CPanel bug that prevents users from adding domains that begin with a digit, the users will get this javascript alert:

“Sorry, your domain must not begin with a digit.”

This can be fixed via ssh, connect to the box and do this:

nano -w /usr/local/cpanel/base/frontend/x/addon/index.html

The text you need should be around line 68 check with ctrl-c in nano:

var pattern = /^[0-9]/;
if (domainname.match(pattern) != null) {
alert(”Sorry, your domain name must not begin with a digit.”);
return false;
}

You should then comment that line out via:

CPanel should now work fine with domains that begin with a digit.

To resolve this issue, create a file,

/var/cpanel/rvglobalsoft/rvsitebuilder/var/skip_validate_domain

and add the domain which is showing the fsock open error.

1. SSH to the server as root and run this command.

rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/var/INSTALL_COMPLETE.php
rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilderversion.txt
perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi

2. Go to root WHM/RVSiteBuilder, it will automatically rebuild the database for you.