Cpanel version check
/usr/local/cpanel/cpanel -V
Useful Link
http://wiki.asmallorange.com/VPS
Forum
http://www.eukhost.com/forums/f16/cpanel-logs-6748/
http://twiki.cpanel.net/
http://forums.cpanel.net/
Enable ssh access for a domain
chsh -s /bin/bash <username>
.htaccess
http://corz.org/serv/tricks/htaccess.php
http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/#gen1
Hidden C-panel command
1) Reset the Firewall Settings- https://example.com:2087/scripts2/doautofixer?autofix=iptablesflush
2)Reset the SSH Settings – http://example.com:2086/scripts2/doautofixer?autofix=safesshrestart
3)bsdbindfix – http://example.com:2086/scripts2/doautofixer?autofix=bsdbindfix
4)Autorepair – http://example.com:2086/scripts2/doautofixer?autofix=autorepair
5)compress Zlib -http://example.com:2086/scripts2/doautofixer?autofix=Compress-Zlib-1.42.tar.gz
6)compresszlibfix-http://example.com:2086/scripts2/doautofixer?autofix=compresszlibfix
7)dbdmysql-http://example.com:2086/scripts2/doautofixer?autofix=dbdmysql
Cooldiagnose_apache_conf-http://example.com:2086/scripts2/doautofixer?autofix=diagnose_apache_conf
9)fpindexfile-http://example.com:2086/scripts2/doautofixer?autofix=fpindexfile
10)libxml2-2.6.28.tar.gz-http://example.com:2086/scripts2/doautofixer?autofix=libxml2-2.6.28.tar.gz
11)libxml64fix-http://example.com:2086/scripts2/doautofixer?autofix=libxml64fix
12)pro*-http://example.com:2086/scripts2/doautofixer?autofix=pro*
13)spamd_dbm_fix-http://example.com:2086/scripts2/doautofixer?autofix=spamd_dbm_fix
14)test-http://example.com:2086/scripts2/doautofixer?autofix=test
15)vfilterfix-http://example.com:2086/scripts2/doautofixer?autofix=vfilterfix
16)yumduprpmfix-http://example.com:2086/scripts2/doautofixer?autofix=yumduprpmfix
17)resellerresourceacctounts-http://example.com:2086/scripts2/doautofixer?autofix=resellerresourceacctounts
18)horde_sqmail_current_fix-http://example.com:2086/scripts2/doautofixer?autofix=horde_sqmail_current_fix
Awstats config file
/usr/local/cpanel/3rdparty/bin/awstats.pl
Script to update amstats
/scripts/runweblogs [username]]
http://wiki.asmallorange.com/HOWTOEnableAwstatsBrowser
verify that the setting is actually enabled, by checking the AWStats Configuration File for a particular user.
1. Login via SSH as root
2. cd /home/username/tmp/awstats
3. grep AllowToUpdateStatsFromBrowser awstats.example.com.conf
4. It should be set to AllowToUpdateStatsFromBrowser=1
5. If not, edit the file and save.
6. restart cpanel : service cpanel restart
check the server is Suexec or not
[root@xx.xx.xx.xx ~]#/usr/local/cpanel/bin/rebuild_phpconf --current
If server is Suexec then result would look like
DEFAULT PHP: 5
PHP4 SAPI: suphp
PHP5 SAPI: suphp
SUEXEC: enabled
Ref : http://www.host.co.in/forums/f37/how-check-if-server-suexec-not-821/
Spam assasin settings (resource_limit_mem)
cat /etc/mail/spamassassin/local.cf
Script to reset password of a domain
/scripts/chpass <username> < "password" >
/script/ftpupdate
Bash script to backup cpanel accounts
#!/bin/bash
user='USERNAME'
/scripts/pkgacct $user
mv -f /home/cpmove-$user.tar.gz /home/$user/$user.tar.gz
exit
Script for restoring multiple accounts from backup
It is assumed that all the backup files are already present in the /home directory in the tar.gz format.
#!/bin/bash
#######################
for i in `ls | grep tar.gz | cut -d- -f2 | cut -d. -f1`
do
echo “Restoring $i….”
/scripts/restorepkg $i
echo “$i restored”
echo “====================”
done
echo “Restoration completed”
#######################
IP issue
/etc/init.d/ipaliases restart // for enable summy ip's
Easy Apache
Backup : /usr/local/apache.backup
Log : /usr/local/cpanel/logs/easy/apache/build.
easy apache compilation filed :
cd /home
mv cpapachebuild cpapachebuild_old
mv cpeasyapache cpeasyapache_old
cPanel script to restart SSH and change ssh port as 22
https://ip:2087/scripts2/doautofixer?autofix=safesshrestart
Certificate installation for services
---------------------------------------
https://ip:2087/scripts2/manageservicecrts
Steps to secure server from WHM
--------------------------------
Number (or all) of accounts to display per page in list accounts == 30
Disable : Allow users to park subdomains of the server’s hostname main domain
Disable : Allow users to Park/Addon Domains on top of domains owned by other users.
Disable : Allow users to Park/Addon Domains on top of domains owned by other users.
Disable : Allow resellers to create accounts with subdomains of the server’s hostname main domain
Disable : Allow Creation of Parked/Addon Domains that are not registered
Disable : When adding a new domain, automatically create A entries for
the registered nameservers if they would be contained in the zone
Enable : Prevent users from parking/adding on common internet domain
Enable : Silently Discard all FormMail-clone requests with a bcc: header in the subject line Set Default Mail to FAIL.
Disable : Track the origin of messages sent though the mail server by adding the X-Source headers. The maximum each domain can send out per hour = 300
Prevent the user “nobody” from sending out mail to remote addresses : Disable should enabled on server with phpsuexec.
Disable : BoxTrapper Spam Trap
Disable : Add the mail. prefix for mailman urls
Disable : Send passwords in plaintext over email when creating a new acccount
Disable : Awstats Reverse Dns Resolution
Disable : Analog
Disable : Allow users to update Awstats from cPanel
Number of days between processing log files and bandwidth usage = 1
Enable : Delete each domain’s access logs after stats run
The load average above the number of cpus at which logs file processing should be suspended = 10
Enable : Keep Stats Log between cPanel restarts
Disable : Allow Perl updates from RPM based linux vendors
Enable : Use jailshell as the default shell for all new accounts and modified accounts
Disable : Allow cPanel users to reset their password via email
Enable : Spamassasssin
Tweak Security :
Enable PHP open_basedir Protection.
Enable mod_userdir Protection.
Enable SMTP Tweak
Disable Compilers for unprivileged users.
Logs
-------------
/var/log/cpanel*install* - These log files contain verbose logs of the cPanel installation, and should be the first point of reference for any issues which might occur ‘out of the box’ with new cPanel installations
/usr/local/cpanel/logs/error_log - cPanel logs any error it incurs here. This should always be the first place you look when you encounter errors or strange behavior in cPanel/WHM.
/usr/local/cpanel/logs/license_log - All license update attempts are logged here. If you run into any license errors when logging in, check here.
/usr/local/cpanel/logs/stats_log - The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.
/usr/local/cpanel/logs/access_log - General information pertaining to cPanel requests is logged here (Client Information, Request URI)
/var/cpanel/updatelogs/update-[TIMESTAMP].log - Contains all output from each upcp. Named with the timestamp from which the upcp process was executed.
/var/log/chkservd.log - The service monitoring daemon (chkservd) logs all service checks here. Failed services are represented with a [-], and active are represented with [+].
/usr/local/apache/logs/error_log - All exceptions caught by httpd, along with standard error output from CGI applications are logged here. The first place you should look when httpd crashes, or you incur errors when accessing a website.
/usr/local/apache/logs/suexec_log - Contains auditing information reported by suexec each time a CGI application is executed. If you receive an internal server error, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations.
/usr/local/apache/domlogs/domain.com - The general access log for each domain configured with cPanel.
/var/log/exim_mainlog ( Linux ), /var/log/exim/mainlog (FreeBSD) - Receives an entry every time a message is received or delivered
/var/log/exim_rejectlog ( Linux ), /var/log/exim/rejectlog (FreeBSD) - Receives an entry every time a message is rejected based on either ACLs or other policies (for example, aliases configured to :fail
/var/log/exim_paniclog ( Linux ), /var/log/exim/paniclog (FreeBSD) - Receives all entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be thoroughly investigated.
/var/log/xferlog - Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users.
/var/lib/mysql/$(hostname).err - This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log
DCPUMON - Cpanel
===================
/usr/local/cpanel/bin/dcpumonview