Category: Cpanel

How to stop all services on a cpanel server

To stop all services on a cPanel server, you can follow commands in the command line interface.

systemctl stop tailwatchd.service
systemctl stop dnsadmin.service
systemctl stop sw-engine.service
systemctl stop dovecot
systemctl stop exim
systemctl stop named
systemctl stop pure-ftpd
systemctl stop cpdavd
systemctl stop cpanel
systemctl stop spamd
systemctl stop jetmongod.service
systemctl stop cphulkd.service
systemctl stop mysqld.service
systemctl stop cpanel_php_fpm.service
systemctl stop ea-php83-php-fpm.service
systemctl stop ea-php82-php-fpm.service
systemctl stop ea-php80-php-fpm.service
systemctl stop ea-php74-php-fpm.service
systemctl stop ea-php73-php-fpm.service
systemctl stop crond
systemctl stop chronyd.service
systemctl stop cpanellogd.service
systemctl stop wp-toolkit-background-tasks.service
systemctl stop wp-toolkit-scheduled-tasks.service
systemctl stop rngd.service

Back to Cpanel Server

November 13, 2024

Install Memcached on cPanel Server
Login to WHM as user root, go to Terminal or login to SSH as user root. Then run the command
```
yum install memcached
```
Enable memcached to start on boot.
```
systemctl enable memcached
```
Configure memcached

Default configuration on AlmaLinux 9 look like the following
```
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1"
```
edit configuration file
```
vi /etc/sysconfig/memcached
```
Lets change cache size to 128 mb

Find
```
CACHESIZE="64"
```
Replace 64 with 128

In AlmaLinux 9, memcached only listen on loop back interface IP address (127.0.0.1,::1). If your configuation don’t restrict memcache to listen to 127.0.0.1, change your options line as follows.
```
OPTIONS="-l 127.0.0.1 -U 0"
```
This will restrict memcached to listen on IP address 127.0.0.1 and -U 0 disable UDP. This is done to protect memcachd installation from attacks.

Restart memcached with
```
systemctl restart memcached
```
To verify memcached is running, run
```
[root@server1 ~]# netstat  -lntp | grep memc
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      2224258/memcached   
[root@server1 ~]# 
```
We have memcached listening on 127.0.0.1:11211

Now we have memcached deamon running. We need PHP module installed.

Installing memcached PHP module

To list all available memcached PHP module, run
```
yum search php-memcached
```
To install memcache module for PHP 8.2, run
```
yum install -y ea-php82-php-memcached
```
For PHP 8.0, install package ea-php80-php-memcached, similarly, for PHP 8.1 install ea-php81-php-memcached.

If you use CloudLinux PHP selector, memcached is already installed on the system. You can enable the module using PHP Selector.

Back to memcached
December 19, 2023
How to change MySQL Datadir in Cpanel Server
If the disk partition that stores MySQL data directory runs out of disk space, you may need to consider moving the MySQL data directory to another partition. Before you do the MySQL data directory change, make sure you take a backup of all your databases using mysqldump.
```
mysqldump --events --routines --triggers --all-databases | gzip -9 > "$(date +%F-%H%m%S)"-mysql-backup.sql.gz
```
First, disable MySQL monitoring, so MySQL won’t auto start while we do the data directory migration
```
whmapi1 configureservice service=mysql enabled=1 monitored=0
```
Stop the MySQL server
```
systemctl stop mysqld
```
In this case, we have free disk space in /home partition so we will move the MySQL data directory to this partition. Create a directory to store MySQL data, and copy the MySQL files to it.
```
mkdir /home/mysql-data
rsync -avzP /var/lib/mysql/ /home/mysql-data/
chown -R mysql:mysql /home/mysql-data/
```
Rename /var/lib/mysql directory, create an empty directory for MySQL socket
```
mv /var/lib/mysql /var/lib/mysql-backup
mkdir /var/lib/mysql/
chown mysql:mysql /var/lib/mysql/
```
Update my.cnf file
```
vi /etc/my.cnf
```
Add
```
socket=/var/lib/mysql/mysql.sock
datadir=/home/mysql-data/
```
MariaDB 10.1 or newer does not allow MySQL data in /home directory. To make datadir work from /home, edit file
```
vi /etc/systemd/system/mariadb.service.d/override.conf
```
Add
```
[Service]
ProtectHome=false
ProtectSystem=off
```
Since we edit systemd file, we need to reload
```
systemctl daemon-reload
```
Start MySQL
```
systemctl start mysqld
```
At this point, MySQL will work from the new data directory. Verify sites are working properly.

If all is good, enable cpanel service monitoring for MySQL
```
whmapi1 configureservice service=mysql enabled=1 monitored=1
```
If you are using CloudLinux CageFS, sites won’t work. You need to run these 2 commands to get MySQL working for websites.
```
cagefsctl --disable-all
cagefsctl --enable-all
```
Remove old MySQL datadir

We have renamed original MySQL data directory as /var/lib/mysql-backup, you can take a backup of this directory and delete it to free up disk space.

Back to MySQL
October 5, 2023
CageFS make Node.js available to all users by default
On CloudLinux server, when you install alt-nodejs packages, binary files get installed at
```
/opt/alt/alt-nodejs16/root/bin/node
```
When SSH into a user and run the command “node”, it won’t work. When deploying Node.js application with Cpanel, you will be given a command, that is used to switch to the environment with specific version of node.js the application is using.

If you want to make node.js available to all users by default, even with out a node.js application configured, you do the following
```
ln -s /opt/alt/alt-nodejs16/root/bin/node /usr/bin/node
ln -s /opt/alt/alt-nodejs16/root/bin/npm /usr/bin/npm
ln -s /opt/alt/alt-nodejs16/root/bin/npx /usr/bin/npx
```
This will make “alt-nodejs16” as the default Node.js, if you need to use another version of Node.js default, change the paths as required. If you don’t have it installed, install it with
```
yum install -y alt-nodejs16
```
Create file
```
vi /etc/cagefs/conf.d/node.cfg
```
Add following content
```
[node]
comment=Node
paths=/usr/bin/node, /usr/bin/npm, /usr/bin/npx
```
Update CafeFS and remount all users
```
cagefsctl --force-update
cagefsctl -M
```
Now Node.js will be available to all users by default.

Back to CageFS
June 7, 2023
How to upgrade Ubuntu 18.04 to Ubuntu 20.04 LTS
Ubuntu 18.04 is a long-term support release that was launched in April 2018. It will reach its end of life on April 30, 2023, which means that it will no longer receive security updates and bug fixes from Canonical. If you are still using Ubuntu 18.04, you might want to consider upgrading to a newer version to keep your system secure and up-to-date.

To upgrade Ubuntu 18.04, first install all software updates with following command
```
apt update & apt upgrade -y
apt dist-upgrade
```
After software upgrade, reboot the server so it boot with newer kernel.
```
reboot
```
To upgrade Ubuntu to next Long term supported release, run
```
do-release-upgrade
```
This will upgrade Ubuntu to version 20.04 LTS. This version is supported until Apr 2025. If you wanted to upgrade to Ubuntu 22.04, you can run above commands again, that will upgrade your server to Ubuntu 22.04.

Back to Ubuntu
May 26, 2023
Cloudflare Restore Real IP Address in Cpanel Server
When using Cloudflare, website visitors visit the Cloudflare CDN server configured as a reverse proxy server. Cloudflare CDN server fetches pages from your web server and caches them for a while, serving them to subsequent visitors. Your web application may report Cloudflare CDN server IP ad visitor IP as all requests to your website are coming from Cloudflare CDN. This can be a problem when you have an e-commerce website where you need to check visitor IPs to detect fraud signups/orders.

To restore the original visitor IP for visitors on cPanel Server running the Apache web server, you can use mod_remoteip. You can install mod_remoteip in WHM > EasyApache 4 > Apache Modules

You can also install mod_remoteip using command line
```
dnf install ea-apache24-mod_remoteip
```
Login to SSH as user root or WHM > Terminal, then edit the file
```
vi /etc/apache2/conf.modules.d/370_mod_remoteip.conf 
```
At end of the file, add
```
RemoteIPHeader CF-Connecting-IP
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/12
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32
```
You can find Cloudflare IP address at

https://www.cloudflare.com/ips/

Restart Apache
```
systemctl restart httpd
```
Back to Cloudflare
April 24, 2023
How to Migrate CentOS 7 cPanel Server to Almalinux 8
CentOS Linux was discontinued at the end of 2021 in favor of CentOS Stream. CentoS 7 will continue to be supported through the remainder of the RHEL 7 life cycle, which will end on June 30, 2024. If you are using CentOS 7 server with cPanel, it is better to upgrade to AlmaLinux 8, which is a clone of RHEL 8 supported by cPanel.

cPanel provides an open-source script to upgrade your CentOS 7 installation to AlmaLinux.

https://github.com/cpanel/elevate

Download elevate-cpanel

To download elevate-cpanel, run
```
wget -O /scripts/elevate-cpanel https://raw.githubusercontent.com/cpanel/elevate/release/elevate-cpanel
chmod 700 /scripts/elevate-cpanel
```
Update the server
```
yum update
/scripts/upcp
```
Reboot the server
```
reboot
```
Check for upgrade blockers

You need to run this script to see if any software installed on your server is computable or not.
```
/scripts/elevate-cpanel --check --upgrade-to=almalinux
```
If there is no problem detected, you can run the upgrade script.

Upgrade to AlmaLinux 8

To upgrade to AlmaLinux, run
```
/scripts/elevate-cpanel --start --upgrade-to=almalinux
```
Server will auto restart during the upgrade process. Once it is finished, you will have AlmaLinux 8.

Back to Cpanel
March 24, 2023
How to Benchmark Cpanel server
Benchmarking a server helps to determine its performance score. By benchmarking a server, you can also compare its performance score with other servers. Benchmarking can also help identify any issues with the server that may be causing poor performance, such as faulty hardware or software.

To benchmark a Cpanel Server, I will use Geekbench 5.

Create a script
```
vi benchmark.sh
```
Add following content
```
whmapi1 configureservice service=cpsrvd enabled=1 monitored=0 > /dev/null 2>&1
whmapi1 configureservice service=mysql enabled=1 monitored=0 > /dev/null 2>&1
whmapi1 configureservice service=httpd enabled=1 monitored=0 > /dev/null 2>&1
/scripts/restartsrv_cpsrvd --stop > /dev/null 2>&1
/scripts/restartsrv_mysql --stop > /dev/null 2>&1
/scripts/restartsrv_httpd --stop > /dev/null 2>&1

wget -S https://raw.githubusercontent.com/serverok/server-setup/master/benchmark/geekbench-5.sh
bash ./geekbench-5.sh

/scripts/restartsrv_cpsrvd --start > /dev/null 2>&1
/scripts/restartsrv_mysql --start > /dev/null 2>&1
/scripts/restartsrv_httpd --start > /dev/null 2>&1
whmapi1 configureservice service=cpsrvd enabled=1 monitored=1 > /dev/null 2>&1
whmapi1 configureservice service=mysql enabled=1 monitored=1 > /dev/null 2>&1
whmapi1 configureservice service=httpd enabled=1 monitored=1 > /dev/null 2>&1

rm -f geekbench-5.sh
```
https://gist.github.com/serverok/83d6f79fc47d0060c72538c066849950

What the script will do is stop MySQL, Apache and Cpanel, then run the greekbench. After benchmarking is completed Apache, MySQL and Cpanel will be started.

To start the benchmark, run following command.
```
benchmark.sh
```
IMPORTANT: when you run benchmark, web server stop serving websites, so only do this when you have less visitors like night time or during server setup.

After the benchmark is finished, scroll up, you will see benchmark result like the following

You can find server benchmarks results i have taken at

https://browser.geekbench.com/user/55314

Back to Geekbench
January 5, 2023
How to Upgrade MySQL/MariaDB in WHM cPanel Server
cPanel server supports MySQL and MariaDB. In most cases MySQL and MariaDB are compatible, you will be fine with either of them.

Find current MySQL version

Before you upgrade, find out what version of MySQL or MariaDB you are using with the command
```
mysql --version
```
In this server, we have MariaDB 10.3.37.

You can note down the rpm files, so you know the exact RPMs names in case you need to revert back.
```
rpm -qa | egrep -i "(mysql|mariadb)" | grep -v php | grep -v alt
```
Backup MySQL database

Before upgrading MySQL take a backup of the MySQL folder.

Disable Monitoring for MySQL/MariaDB so it won’t auto start
```
whmapi1 configureservice service=mysql enabled=1 monitored=0
```
Stop MySQL
```
/scripts/restartsrv_mysql --stop
```
Take a copy of MySQL data directory
```
mkdir -p ~/mysql-backup
cp -r /var/lib/mysql/ ~/mysql-backup/
```
If you use a non-default MySQL data directory location, you may need to change the path /var/lib/mysql.

You can find the MySQL data directory with the command
```
root@server20 [~]# mysql -e "show variables like 'datadir';"
+---------------+-----------------+
| Variable_name | Value           |
+---------------+-----------------+
| datadir       | /var/lib/mysql/ |
+---------------+-----------------+
root@server20 [~]# 
```
Start MySQL
```
/scripts/restartsrv_mysql
```
Enable Monitoring
```
whmapi1 configureservice service=mysql enabled=1 monitored=1
```
Upgrade MySQL/MariaDB using WHM

Login to WHM as user root. Go to
```
WHM > SQL Services > MySQL/MariaDB Upgrade
```
You can also use the search box in WHM, and search for “MariaDB upgrade”.

On this page, select the MySQL or MariaDB version you need. Then click on the “Continue” button.

It will show some warnings related to MySQL/MariaDB changes. You need to check all check boxes, then click on the “Continue” button.

On this page, you get 2 options “Unattended Upgrade” and “Interactive Upgrade”. You can select any of it and click the “Continue” button to do the upgrade.

Back to cPanel Server
November 17, 2022
How to install ClamAV on cPanel Server
ClamAV is a free open-source anti-virus software. On the Cpanel server, it can be used to scam emails and website files.

To install ClamAV on the cPanel Server

1) log in to WHM as user root

2) On the Left menu, expand Cpanel > Manage Plugins

Click on Install “ClamAV for cPanel” button.

3) After ClamAV is installed, you can configure it at
```
WHM > Plugins > Configure ClamAV Scanner
```
No need to make any changes here, the default configuration is fine.

4) You can log in to the Cpanel control panel as a normal user, you will see the option to scan email or files.

Installing ClamAV though SSH

If you want to install ClamAV antivirus on cPanel server using SSH, run these 2 commands
```
/scripts/update_local_rpm_versions --edit target_settings.clamav installed
/scripts/check_cpanel_rpms --fix --targets=clamav
```
Back to Cpanel Server Setup
November 11, 2022
How to install PHP 7.4 mcrypt module in Cpanel Server
mcrypt is a PHP module, that was DEPRECATED in PHP 7.1.0, and REMOVED in PHP 7.2.0. mcrypt is removed from PHP, now it is available as a PECL module at

https://pecl.php.net/package/mcrypt

To install mcrypt on Cpanel Server, first, install libmcrypt-devel package with yum
```
yum install -y libmcrypt-devel
```
To install the module with PHP 7.4, run
```
/opt/cpanel/ea-php74/root/bin/pecl install mcrypt-1.0.5
```
After installation, you can verify from command line with
```
# /opt/cpanel/ea-php74/root/bin/php -m | grep mcrypt
mcrypt
# 
```
If you want to install with another PHP version, change ea-php74 with your PHP version.

After installing, restart Apache and php-fpm service
```
/scripts/restartsrv_apache
/scripts/restartsrv_apache_php_fpm
```
To verify, create a phpinfo() file on your website. Go to the URL, and search for mcrypt on the page. You will see

Back to Cpanel Server
October 29, 2022
How to prevent Symlink Attack on Cpanel Server

Symlink attack exploits the way Linux operating systems handle symbolic links (symlinks). A symlink is a pointer to another file or directory that is used by the operating system to access the linked file or directory. In a symlink attack, an attacker creates a symbolic link that points to a file or directory that the attacker does not have permission to access. When the web server attempts to access the linked file or directory, the attacker can gain access to it.

Symlink attacks can be used to gain access to sensitive data. On a Cpanel Server, hackers usually create a symlink to common configuration files used by popular CMS on other hosting accounts on the same server. With this hackers can get database credentials of other websites hosted on the server. Many CMS store user credentials in the MySQL database, and they will be able to change passwords and gain access to websites.

Solution 1: CloudLinux CageFS (Paid)

The best way to prevent a symlink attack on the Cpanel server is to use CloudLinux CageFS, this isolates each site into its own isolated areas, so one website’s files won’t be able to another site.

Solution 2: mod_ruid2

If you are not using CloudLinux, you can use the following method to protect against the symlink attack. mod_ruid2 is an Apache module, that can be enabled in EasyApache 4.

In WHM > Software > EasyApache 4, enable mod_ruid2.

Under WHM > Server Configuration > Tweak Settings, enable jail Apache

Go to WHM > Security Center > Security Advisor, and install KernelCare’s Free Symlink Protection.

If you enable SSH access for cPanel accounts, make sure it is “jailed Shell” under WHM > Account Functions > Manage Shell Access

Back to cPanel Server

September 17, 2022