Sunday, May 29, 2011

sshd fail


** If you have changed the shell default Port 22 on a cPanel powered server , restarting sshd from the WHM will fail. You have to ssh to the server and issue the following command to restart sshd…

    * /sbin/service sshd restart

** To, temporarily, reset your shell port back to 22, run the following command from the Address field in browser:

      SERVER_MAIN_IP:2087/scripts2/doautofixer?autofix=safesshrestart

Now, you should be able to access shell, and you need to restart sshd at the prompt using the command mentioned above
 
Posted by at No comments:

Thursday, May 26, 2011

Session save path


//**To make writable session save path **// :--

Just put the following code in your :-


--------------------------

.htaccess file :

php_value session.save_path '/tmp' 

--------------------------

Posted by at No comments:

Tuesday, May 24, 2011

sendmail

//** Follow the instruction **// :--

Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -f in squirrelmail


***Solution  Quite a hard one to track down this one :-
--------------
First SSH into your server and run :--

/scripts/fixeverything
/scripts/upcp --force
/scripts/eximup --force

if that does not fix the issue run the following commands :--

cd /usr/sbin
mv sendmail sendmail.157979
ln -s /usr/sbin/exim /usr/sbin/sendmail
mv /etc/eximmailtrap /etc/eximmailtrap.157979

All sorted, it should be

****************

Posted by at No comments:

Monday, May 23, 2011

Scanner

//** Just fire the given command **// :--


#!/bin/sh
echo " Searching for Banking folders"
find . -name "*bankofamerica*" -print

echo " Searching for banking strings in files"
find . -exec grep -q "onlinebanking" '{}' \; -print
Posted by at No comments:

Sunday, May 22, 2011

rsync process to restore accounts from old drive


//**Direct Admin rsync process to restore accounts from old drive**//


******************************

#Transfer /home data

rsync -av --progress /backup/root/home /


#Transfer important files from /etc drive.

rsync -av --progress /backup/root/etc/passwd /etc
rsync -av --progress /backup/root/etc/shadow /etc
rsync -av --progress /backup/root/etc/group /etc
rsync -av --progress /backup/root/etc/exim.conf /etc
rsync -av --progress /backup/root/etc/exim.pl /etc
rsync -av --progress /backup/root/etc/system_filter.exim /etc
rsync -av --progress /backup/root/etc/exim.crt /etc
rsync -av --progress /backup/root/etc/exim.key /etc
rsync -av --progress /backup/root/etc/proftpd.conf /etc
rsync -av --progress /backup/root/etc/proftpd.vhosts.conf /etc
rsync -av --progress /backup/root/etc/proftpd.passwd /etc
rsync -av --progress /backup/root/etc/hosts /etc
rsync -av --progress /backup/root/etc/resolve.conf /etc
rsync -av --progress /backup/root/etc/named.conf /etc


rsync -av --progress /backup/root/etc/virtual/domainowners /etc/virtual
rsync -av --progress /backup/root/etc/virtual/domains /etc/virtual
rsync -av --progress /backup/root/etc/virtual/pophosts /etc/virtual


rsync -av --progress /backup/etc/virtual/majordomo/* /etc/virtual/majordomo



# Transfer HTTPD and configuration files

rsync -av --progress /backup/etc/httpd/conf/httpd.conf /etc/httpd/conf
rsync -av --progress /backup/etc/httpd/conf/ips.conf /etc/httpd/conf
rsync -av --progress /backup/root/etc/httpd/conf/ssl.crt /etc/httpd/conf

rsync -av --progress /backup/etc/httpd/conf/ssl.key/server.key /etc/httpd/conf/ssl.key


# Transfer logs and databases

rsync -av --progress /backup/var/named/* /var/named/
rsync -av --progress /backup/var/spool/virtual/* /var/spool/virtual
rsync -av --progress /backup/var/spool/mail/* /var/spool/mail
rsync -av --progress /backup/var/spool/cron/* /var/spool/cron
rsync -av --progress /backup/var/www/* /var/www
rsync -av --progress /backup/var/log/* /var/log
rsync -av --progress /backup/var/lib/mysql/* /var/lib/mysql


# Transfer frontpage config files

rsync -av --progress /backup/usr/local/frontpage/*.cnf /usr/local/frontpage

# Transfer directadmin configuration and user files

rsync -av --progress /backup/usr/local/directadmin/* /usr/local/directadmin


Cpanel :---

rsync -vrplogDtH /mnt/old/usr/local/apache/conf /usr/local/apache
rsync -vrplogDtH /mnt/old/var/named /var
rsync -vrplogDtH /mnt/old/home/* /home
rsync -vrplogDtH /mnt/old/usr/local/cpanel /usr/local
rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib
rsync -vrplogDtH /mnt/old/var/cpanel /var
rsync -vrplogDtH /mnt/old/usr/share/ssl /usr/share
rsync -vrplogDtH /mnt/old/var/ssl /var
rsync -vrplogDtH /mnt/old/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty
rsync -vrplogDtH /mnt/old/var/log/bandwidth /var/log
rsync -vrplogDtH /mnt/old/usr/local/frontpage /usr/local
rsync -vrplogDtH /mnt/old/var/spool/cron /var/spool

***************************-------------***************************
Posted by at No comments:

Saturday, May 21, 2011

Retry timeout error

//** Just follow the instruction **//:--

*********************************************

[root@server ~]# cd /var/spool/exim/db
[root@server db]# ll
total 66664
-rw-r-----  1 mailnull mail    12288 Jun 26 02:47 callout
-rw-r-----  1 mailnull mail    12288 Jun 26 02:47 misc
-rw-r-----  1 mailnull mail 79605760 Aug  5 11:46 ratelimit
-rw-r-----  1 mailnull mail        0 Jun 26 02:47 ratelimit.lockfile
-rw-r-----  1 mailnull mail   167936 Aug  5 11:45 retry
-rw-r-----  1 mailnull mail        0 Jun 26 02:49 retry.lockfile
-rw-r-----  1 mailnull mail    45056 Aug  5 11:45 wait-remote_smtp
-rw-r-----  1 mailnull mail        0 Jun 26 02:58 wait-remote_smtp.lockfile
[root@server db]# rm retry
rm: remove regular file `retry'? y
[root@server db]# rm retry.lockfile
rm: remove regular empty file `retry.lockfile'? y
[root@server db]# rm  wait-remote_smtp
rm: remove regular file `wait-remote_smtp'? y
[root@server db]# rm wait-remote_smtp.lock
rm: cannot lstat `wait-remote_smtp.lock': No such file or directory
[root@server db]# rm wait-remote_smtp.lockfile
rm: remove regular empty file `wait-remote_smtp.lockfile'? y
[root@server db]# service exim restart
Shutting down exim: [  OK  ]
Shutting down spamd: [  OK  ]
Starting exim-26: [  OK  ]
Starting exim: [  OK  ]
Starting exim-smtps: [  OK  ]
[root@server db]# sendmail -v "ncarey@sympatico.ca"

************************************************
Posted by at No comments:

Friday, May 20, 2011

Restore cpanel from data secondry drive using rsync



//** Just follow the given insruction **// :-


# /etc User / IP's + passwd files

rsync -av --progress /oldhd/etc/passwd /etc/

rsync -av --progress /oldhd/etc/shadow /etc/

rsync -av --progress /oldhd/etc/group /etc/

rsync -av --progress /oldhd/etc/wwwacct.conf /etc/

rsync -av --progress /oldhd/etc/quota.conf /etc/

rsync -av --progress /oldhd/etc/domainalias /etc/

rsync -av --progress /oldhd/etc/remotedomains /etc/

rsync -av --progress /oldhd/etc/reservedipreasons /etc/

rsync -av --progress /oldhd/etc/reservedips /etc/

rsync -av --progress /oldhd/etc/secondarymx /etc/
rsync -av --progress /oldhd/etc/localdomains /etc/
rsync -av --progress /oldhd/etc/userdomains /etc/
rsync -av --progress /oldhd/etc/valiases /etc/
rsync -av --progress /oldhd/etc/vfilters /etc/
rsync -av --progress /oldhd/etc/vmail /etc/
rsync -av --progress /oldhd/etc/trueuserdomains /etc/
rsync -av --progress /oldhd/etc/ips /etc/
rsync -av --progress /oldhd/etc/domainips /etc/
rsync -av --progress /oldhd/etc/services /etc/



ftpd files

rsync -av --progress /oldhd/etc/sysconfig/pure-ftpd /etc/sysconfig/
rsync -av --progress /oldhd/etc/pure-ftpd.conf /etc/
rsync -av --progress /oldhd/etc/pure-ftpd /etc/
rsync -av --progress /oldhd/etc/proftpd /etc/
rsync -av --progress /oldhd/etc/proftpd.* /etc/

# /var

rsync -av --progress /oldhd/var/cpanel /var/
rsync -av --progress /oldhd/var/spool/cron /var/spool/
rsync -av --progress /oldhd/var/netenberg /var/



# /usr config - 3rdparty

rsync -av --progress /oldhd/usr/share/ssl /usr/share/
rsync -av --progress /oldhd/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty/
rsync -av --progress /oldhd/usr/local/cpanel/base/frontend /usr/local/cpanel/base/



# Apache

rsync -av --progress /oldhd/usr/local/apache/conf /usr/local/apache/
rsync -av --progress /oldhd/usr/local/frontpage /usr/local/



# Mysql config

rsync -av --progress /oldhd/root/.my.cnf /root/
rsync -av --progress /oldhd/etc/my.cnf /etc/



# Named

rsync -av --progress /oldhd/var/named /var/
rsync -av --progress /oldhd/etc/named.conf /etc/
rsync -av --progress /oldhd/etc/rndc.conf /etc/



# Mysql

rsync -av --progress /oldhd/var/lib/mysql /var/lib/




-*-*-*-*-*-*-*-*-*-*-*


#for RSYNC of home create  a sh file add the following lines, execute the file as sh file.sh


for SITE in `ls /oldhd/var/cpanel/users`

do

rsync -av --progress /oldhd/home/* /home/

done



rsync -av --progress /oldhd/etc/trueuserowners /etc/

exec,passthru,system,proc_open,popen




****************************************

All done....
Posted by at No comments:

Thursday, May 19, 2011

How to reset Mysql Password

//** STEPS ARE AS FOLLOWS **// :-

----------********-----------

**********How to reset Mysql root password on directadmin server:--


#mysql --user=`grep "^user=" /usr/local/directadmin/conf/mysql.conf | cut -d= -f2` --password=`grep "^passwd=" /usr/local/directadmin/conf/mysql.conf | cut -d= -f2`


mysql>use mysql


mysql>update user set password=PASSWORD("newpassword") where User='root';

----------********-----------
Posted by at No comments:

Wednesday, May 18, 2011

Port Forwarding

//** Just fire the command given below **//


*******

Port Forwarding In Linux.

--------------------------------

http://www.2nrds.com/port-forwarding-in-linux

********
Posted by at No comments:

Tuesday, May 17, 2011

How to sets a Permissions on Linux


//**Permission Sets**//:-

     1) - Execute

     2) - Write

     3) - Write and Execute

     4) - Read

     5) - Read and Execute

     6) - Read and Write

     7) - Read, Write and Execute

*



Posted by at No comments:

Monday, May 16, 2011

permission denied

//** Just follow the commands**// :-

Shutting down Mailman's master qrunner
No child with pid: 9522
[Errno 3] No such process
Stale pid file removed.
Processing user1
/bin/pwd: failed to stat `.': Permission denied
Processing user2
/bin/pwd: failed to stat `.': Permission denied
Processing user3
/bin/pwd: failed to stat `.': Permission denied
Processing user4
/bin/pwd: failed to stat `.': Permission denied
Processing user5
/bin/pwd: failed to stat `.': Permission denied



FIX
chmod +s /bin/pwd
/scripts/enablefileprotect 
Posted by at No comments:

Sunday, May 15, 2011

openvz

  //** Just follow the below commands **// :-

**********************************

  106  vzctl create 215 --ostemplate centos-5-i386-default --config vps.basic
  107  vzctl set 215 --onboot yes --save
  108  vzctl set 215 --hostname hk05.sinoservers.com --save
  109  vzctl set 215 --ipadd 91.207.192.206 --save
  110  vzctl set 215 --numothersock 120 --save
  111  vzctl start 215
  112  vzlist
  113  vzctl set 215 --diskspace 15G:17G --save
  114  ifconfig
  115  vzlist
  116  vzctl set 215 --diskspace 5G:7G --save

*********************************
Posted by at No comments:

Saturday, May 14, 2011

Park error

//** Just follow the given instruction below **// :--

/var/cpanel/users/username
/scripts/updateuserdomains
/var/named/domain.db
/etc/named.conf
/usr/local/apache/conf/httpd.conf
/etc/localdomains
/etc/userdomains
/etc/trueuserdomains
/etc/trueuserowners
/etc/valiases/domain.com
/etc/vdomainaliases/domain.com
/etc/vfilters/domain.com

********************************

If an etc directory exists for the addon it will fail.

********************************
rm -Rf /home/username/etc/domain.com/

************----------------------!!!!!!!!!!!-------------------------************
Posted by at No comments:

Friday, May 13, 2011

open a port in linux


Follow the command given below :-


*******************

How to open port 21 in iptables ::

-------------------------

root@fs8 [/home]# iptables -I INPUT -p tcp -i eth0 --dport 2222 -j ACCEPT

*******************
Posted by at No comments:

Wednesday, May 11, 2011

MySQL-Sock


//** Just follow the command given below **//:--

---------------------------------------

** First check if you have Spanned processes for mysql by the following command :--

netstat -apn or ps -aux 

Then.. 

service mysql stop 

Check for any mysql PID and give the following command with the Process ID 

kill -9 PID 

killall -e -9 mysqld 

Once the process is killed mysql is cleaned from the server. 

Check under /tmp partition if you the socket file created like ( mysql.sock --> /var/lib/mysql/mysql.sock ) If not then.. 

----------------------------------------

**Do the following :--

touch /var/lib/mysql/mysql.sock 

chmod 0777 /var/lib/mysql/mysql.sock

Then under /tmp 

ln -s /var/lib/mysql/mysql.sock mysql.sock ( this command will create the socket linked to /var/lib/mysql/ ) 

Finally restart mysql server if the problem still persist try to increase the mysql connections from /etc/my.cnf 
 
----------------------------------------*****************----------------------------------------
Posted by at No comments:

Tuesday, May 10, 2011

How to Mount Hard Drive


//** Just follow the given instruction below **// :--


*****************************************************************

root@server [~]# fdisk -l

Disk /dev/hda: 120.0 GB, 120034123776 bytes
255 heads, 63 sectors/track, 14593 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hda1 * 1 14593 117218241 83 Linux

Disk /dev/sda: 160.0 GB, 160041885696 bytes
255 heads, 63 sectors/track, 19457 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 535 4192965 82 Linux swap / Solaris
/dev/sda3 536 19457 151990965 83 Linux


Once detected, /dev/hda1, just mount it using mount /dev/hda1 /backup assuming that the backup folder is already in place

root@server [/]# mount /dev/hda1 /backup/

root@server [/]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 141G 16G 118G 12% /
/dev/sda1 99M 11M 83M 12% /boot
tmpfs 1008M 0 1008M 0% /dev/shm
/usr/tmpDSK 485M 11M 449M 3% /tmp
/dev/hda1 111G 188M 105G 1% /backup


So the secondary drive has been mounted as /backup.

Now to make it permanent you will need to edit /etc/fstab.

/dev/hda1 /backup ext3 defaults 1 1

*****************************************************************

Mounted and completed.


Note:-
Please keep this information in your KB for future reference..

Posted by at No comments:

Monday, May 9, 2011

Modsec Rules

//** Just follow the given instruction Given below //** :-

   **< make sure that you have compiled apache with mod security >

-------------------------------------------------------------------------

     -  cd /usr/local/apache/conf;mkdir modsecurity;cd modsecurity;

     -  browse the url http://gotroot.com/ and choose tar file "All in one downloads for modsec 2.0-2.1" and wget it.
        It will dowload all rules for mod seurity.
        go to - /usr/local/apache/conf/modsecurity and wget the rules
        wget http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/apache2-gotrootrules-modsec2.0-latest.tar.gz

     -  nano /usr/local/apache/conf/modsec.conf
        search line start with "include"
        delete that line and add line as below-
        Include "/usr/local/apache/conf/modsecurity/*.conf"

     -  service httpd restart.

-------------------------------------------------------------------------
All Done...
Posted by at No comments:

Sunday, May 8, 2011

While running repairs on the databases, I am getting these types of error messages

//**Just follow the step given below**// :--

------------********------------

user_database
error : Not enough memory (367039) for blob at 2700532
error : Corrupt
 
-----------*********------------

Fix :: cpanel >> tweat Settings >> Max Memory

change the limit to 0                                                                                                                                                                                              
*****--*****--*****--***** 


All done.
Posted by at No comments:

Saturday, May 7, 2011

how to find what causing high load on server

//** To find out what's causing the high load just fire the below command **// :--


-------------------------------------------
top -b -i -n 20 >> ./top_procs

-------------------------------------------

Posted by at No comments:

Friday, May 6, 2011

Solution on Disk usage for domain shows 0 mb in plesk linux

//**Its very simple just fire the given command**// :--

**Just run the statistics manually :--
------------------------------

cd /usr/local/psa/admin/sbin/
./statistics
------------------------------

Done..
Posted by at No comments:

Thursday, May 5, 2011

Delete domains in plesk (getting any error)


//**Try to do the following from command line**// :--

**************************************

> "%plesk_bin%\mchk.exe" --all --fix=all
**************************************

 
If this command stop with error then try to do this

1. Backup your <MailEnable-folder>\config folder

2. remove all .tab and .sav files from your Config Folder

3. run "%plesk_bin%\mchk.exe" --all --fix=all 

**************************************
 
Enjoyed  it

Posted by at No comments:

Wednesday, May 4, 2011

To install Fantastico on VPS install & then get the ip licensed


**//Just fire the scripts given below**// :--

*********************************************
cd /usr/local/cpanel/whostmgr/docroot/cgi

tar -xzpf fantastico_whm_admin.tgz

rm -rf fantastico_whm_admin.tgz

*********************************************
And all done.
Posted by at No comments:

Monday, May 2, 2011

To catch the spammer by checking exim_mainlog

**A little bit luck & you should be able to catch the spammer by checking exim_mainlog, If you fail to catch the spammer from this then he is using some other way of spamming & to catch him you will need to understand all the steps given below :--

1.  Get the message ID from the header of the spam. It should be in format like 1DWJj4-00042i-74 < this is the most important step else all thats given below is crap >

2. grep exim_mainlog with the message ID      < Ex : grep 1DWJj4-00042i-74 /var/log/exim_mainlog >

3. Check the time on which the spam was sent and also check all that is shown after grep.

4. If you find out the domain name or path of the scripts from exim_mainlog then go ahead and suspend the spammer, else proceed to step 5.

5. Use this message ID to check the original message or bounced message in /var/spool/exim/input/. You should see 2 files there, one with -D at end and one with -H at the end. <Ex : /var/spool/exim/input/4/1DWJj4-00042i-74-D & /var/spool/exim/input/4/1DWJj4-00042i-74-H > This 2 files will have all the information that was sent in the spam message and if it was sent using mailing list then you will catch the username of spammer in auth_sender part of this files. If it shows nobody then its your bad luck Proceed to step 6.

6. If exim_mainlog shows the spams originating from /tmp of the server then check the files in /tmp of the server. user of the file will be seen as nobody:nobody. Take down the time of creation of file. This time is what we need to find out who uploaded the script. You will need to convert this time into the time format of /usr/local/apache/logs/error_log & then in the format of the domlogs located at /usr/local/apache/domlogs/*

7.  for file in /usr/local/apache/domlogs/*; do cat $file |grep "example"; done; < you cannot do direct grep for the query here as it will give error that the arguement list is too long >

8. If the results in step 2 have shown some domain name or some username in common as sender of the spam but now you dont see that domain name on the server then check /var/cpanel/accounting.log to see if that account has been terminated from the server < Ex : grep ebayspammer.com/var/cpanel/accounting.log >

All that we need to know is importance of /var/log/exim_mainlog, /var/log/formmail.log, /usr/local/apache/logs/error_log, /usr/local/apache/domlogs/*,
/var/spool/exim/input/*/* and the files uploaded in /tmp of the server. Major spamming issues are caught using the time of sending the spam, You will need to work on your own when you get across such issue and use your logic to convert the time of sending the spams to the time format of respective log files I mentioned above.

If you fail to catch active spamming on the server in short time then rename /etc/exim.conf and killall -KILL exim. If this has not stopped the process then check the running mysql processes and stop mysql if needed. If no results then stop http service or find the process ID and kill it. 


****************************************************************
Posted by at No comments:

Sunday, May 1, 2011

Steps to Catch Spammers & Scammers on cPanel Servers

[Note] **To enable extended loggin in exim to trace nobody mails,Try the following trick :--

1> Edit /etc/exim.conf

2>  On the second line add : --

log_selector = +address_rewrite +all_parents +arguments +connection_reject
+delay_delivery +delivery_size +dnslist_defer +incoming_interface
+incoming_port +lost_incoming_connection +queue_run +received_sender
+received_recipients +retry_defer +sender_on_delivery +size_reject
+skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error
+smtp_syntax_error +subject +tls_cipher +tls_peerdn

[note] * Make sure all that comes on a single line

3>  Save and exit.

4>  Restart Exim.

5>  tail -f /var/log/exim_mainlog 

*****************************************************

Posted by at No comments:
Subscribe to: Posts (Atom)