Category: Cpanel

How to Enable WordPress Toolkit in Cpanel/WHM
WordPress Toolkit in Cpanel/WHM allows you to easily install and manage WordPress websites.

To install WordPress Toolkit, log in to WHM as user root.

Go to
```
WHM > WHM Marketplace
```
On the Next page, you have the option to install WordPress Toolkit.

Methood 2: Usuing command line

To install WordPress Toolkit in Cpanel server, login to SSH as user root, then run the following command.
```
curl https://wp-toolkit.plesk.com/cPanel/installer.sh | sh
```
After installation, you will be able to see WordPress Toolkit in CPanel.

You can enable/disable WordPress toolkit under Feature Manager in WHM.
```
WHM > Packages > Feature Manager
```
How to install WordPress using WordPress Toolkit

This video will show how to install WordPress using WordPress Toolkit in Cpanel Server.

Uninstall WordPress Toolkit

If you want to remove WordPress Toolkit, run
```
rpm -e wp-toolkit-cpanel
```
See Cpanel Server, WordPress
March 29, 2021

Check if Cpanel Server need reboot from command line

To check if Cpanel/WHM server need reboot from command line, run

whmapi1 system_needs_reboot

Example

On a server with latest kernal

[root@ns522466 ~]# whmapi1 system_needs_reboot
--- 
data: 
  details: {}

  needs_reboot: 0
metadata: 
  command: system_needs_reboot
  reason: OK
  result: 1
  version: 1
[root@ns522466 ~]#

On a server that need reboot

[root@server22 ~]# whmapi1 system_needs_reboot
--- 
data: 
  details: 
    kernel: 
      boot_version: 3.10.0-962.3.2.lve1.5.42.el7.x86_64
      running_version: 3.10.0-962.3.2.lve1.5.39.el7.x86_64
    updates: 
      glibc: 2.17-323.el7_9
      linux-firmware: 20200421-80.git78c0348.el7_9
      openssl-libs: 1:1.0.2k-21.el7_9
  needs_reboot: 1
metadata: 
  command: system_needs_reboot
  reason: OK
  result: 1
  version: 1
[root@server22 ~]#

See Getting WHM Access from SSH on Cpanel Server

March 20, 2021

Roundcube Webmail Logs in Cpanel Server
Roundcube logs that are located at the following paths:
```
/var/cpanel/roundcube/log/errors
/var/cpanel/roundcube/log/sendmail
```
/var/cpanel/roundcube/log/sendmail have logs for every email sent.

See Cpanel
January 31, 2021
How to Disable Mailman in cPanel?
Mailman is a mailing list management software that comes by default on Cpanel Servers. Most websites don’t need this feature. Most small sites don’t need email discussion features provided by Mailman, mostly used by large scale open-source software for email discussion.

To disable Mailman, login to WHM

Method 1

In WHM, search for “service manager”, click on “Service Manager” link. On next page, make sure checkboxs right side of Mailman is not checked.

Method 2

Go to
```
WHM > Server Configuration > Tweak Settings
```
Search for mailman.

Set value for “Enable Mailman mailing lists” to Off. Scroll down, click the “Save” button.

See Cpanel Server, Cpanel Server Setup
December 28, 2020
Disable cPHulk Brute Force Protection
Cpanel Servers have a bruceforce attack detection module called cPHulk Brute Force Protection. In case your server have another bruteforce detection software like ConfigServer Security & Firewall, you may need to disable cPHulk Brute Force Protection as you don’t need 2 software for same purpose running on the server.

To disable cPHulk Brute Force Protection, run
```
/usr/local/cpanel/bin/cphulk_pam_ctl --disable
```
You can also use
```
https://SERVER_IP:2087/scripts2/doautofixer?autofix=disable_cphulkd
```
Or login to WHM, Go to
```
WHM Home > Security Center > cPHulk Brute Force Protection
```
click OFF button to disable cPHulk.
December 11, 2020

Modify Apache Virtual Host for a site in Cpanel Server

On Cpanel server Apache configuration file get recreated every time you modify or add a new web site. In cause you need to modify VirtualHost entry for a web site hosted in cpanel, you should not edit /etc/apache2/conf/httpd.conf file.

If you open /etc/apache2/conf/httpd.conf and check virtual host entry for a web site, you will see line like

# Include "/etc/apache2/conf.d/userdata/std/2_4/USERNAME/DOMAINNAME/*.conf"
# Include "/etc/apache2/conf.d/userdata/ssl/2_4/USERNAME/DOMAINNAME/*.conf"

in non-ssl and ssl virtual host entry for a domain. To modify virtual host entry, you need to create the folder, then create a file with extension .conf

Then rebuilt httpd.conf by running

/usr/local/cpanel/scripts/rebuildhttpdconf

During rebuild, the script will check for the conf file, if found the line get uncommented (remove # from beginning of Include line).

For a web site, i need to protect it with password. This is a feature available in cpanel, but i want it done on server side, so no one accidently make this site public by deleting .htacess.

To do this, i created folders

mkdir -p /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/

In this cause, cpanel user name is “serverok” and the web site url is demo.serverok.in

I created .conf file in both folders

vi /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/password.conf
vi /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/password.conf

Add content

AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/apache2/serverok-htpaswd Require valid-user Now rebuild httpd.conf with

/usr/local/cpanel/scripts/rebuildhttpdconf

Restart Apache with

systemctl restart httpd

Now when i visit the web site, it ask for password. We have not yet created password file, so create it with

htpasswd -b -c /etc/apache2/serverok-htpaswd USERNAME_HERE PASSWORD_HERE

See Cpanel Server, Apache

December 9, 2020

Configure Cpanel Server service using whmapi1
To disable monitoring of MySQL service, run
```
whmapi1 configureservice service=mysql enabled=1 monitored=0
```
This wil prevent MySQL service get auto started.

To enable Monitoring for MySQL service, run
```
whmapi1 configureservice service=mysql enabled=1 monitored=1
```
If you want to disable a service, change enabled=1 to enabled=0

See whmapi1
December 7, 2020
Cpanel Server Setup
Configure Service Manager

* disable eximstats. It use mysql to store log, better disable it. WHM > Service Manger > Eximstats = DISABLE

FTP Server Config (pureftpd)

* FTP Server Configuration > TLS Encryption Support = Disabled
* FTP Server Configuration > Allow Anonymous Logins = No
* FTP Server Configuration > Allow Anonymous Uploads = No
* FTP Server Configuration > Allow Logins with Root Password = No

Security Center Configuration

* WHM > Security Center > Apache mod_userdir Tweak = ENABLE
* WHM > Security Center > Compiler Access = DISABLE
* WHM > Security Center > PHP open_basedir Tweak = ENABLE
* WHM > Security Center > Manage External Authentications > Configure = ALL OFF
* WHM > Security Center > Shell Fork Bomb Protection = ENABLE
* WHM > Security Center > SSH Password Authorization Tweak = DISABLED
* WHM > Security Center > cPHulk Brute Force Protection = DISABLE (use CSF)

Service Configuration

* Service Configuration > cPanel log rotation configuration
* home > service configuration > exim configuration manger > Scan outgoing messages for spam and reject based on spamassassin® internal spam_score setting [?] on

Other Settings

* change main shared ip – home »server configuration »basic cPanel & whm setup
* add new ip address – home »ip functions »add a new ip address ( 192.168.4.128-255 format)
* home »server configuration »Basic cPanel & whm Setup
* home »server configuration »tweak settings

* home »service configuration »exim configuration manger
* home »service configuration »php configuration editor
* home »system health »background process killer
* main >> backup >> configure Backup
* home »software »easyapache (apache update) Suphp enable on easyapache
* plugins >> configserver security and firewall

See Cpanel Server
November 5, 2020
Cpanel Statistics Software Configuration

Cpanel provide 3 different Statistics programs (Analog, AWStats and Webalizer). Enabling all 3 is not required as it use more CPU and do same task. AWStats is best out of the 3. Most users will be happy with just Awstats.

With better stats like Google Analytics, even Awstats is not required.

So i only enable Awstats, disable other 2.

See Cpanel Server Setup

November 5, 2020

powerdns cpanel

# service pdns status
25512: Child running on pid 25514
#

PowerDNS Process

# ps aux | grep pdns
root     25512  0.0  0.0 111124  3264 ?        Ssl  15:53   0:00 /usr/sbin/pdns_server --daemon --guardian=yes
named    25514  0.0  0.1 417752  7668 ?        Sl   15:53   0:00 /usr/sbin/pdns_server-instance --daemon --guardian=yes
#

PowerDNS Config File

vi /etc/pdns/pdns.conf

October 25, 2020

Update Cpanel License Key

To update cpanel server license, run

/usr/local/cpanel/cpkeyclt

Example

[root@pbcp-22-01 ~]# /usr/local/cpanel/cpkeyclt
Updating cPanel license...Done. Update succeeded.
Building global cache for cpanel...Done
[root@pbcp-22-01 ~]#

Back to Cpanel Server

October 11, 2020

Enable ModSecurity in Cpanel Server
Login to WHM. Go to ModSecurity™ Vendors.

By default cpanel come with “OWASP ModSecurity Core Rule Set V3.0” rule. To enable it click on “+ install” link right side.

To add a third party rule set, click on “Add Vendor” button.

To install comodo WAF rules, enter
```
https://waf.comodo.com/doc/meta_comodo_apache.yaml
```
Click “Load”, you will see some info auto filled, scroll down and clikc “Save” button.

Now you have Comodo WAF rules enabled on your server.

See ModSecurity
October 1, 2020

Category: Cpanel

Methood 2: Usuing command line

How to install WordPress using WordPress Toolkit

Uninstall WordPress Toolkit

Method 1

Method 2

Configure Service Manager

FTP Server Config (pureftpd)

Security Center Configuration

Service Configuration

Other Settings

PowerDNS Process

PowerDNS Config File