Category: Cpanel

  • Enable ModSecurity in Cpanel Server

    Enable ModSecurity in Cpanel Server

    Login to WHM. Go to ModSecurity™ Vendors.

    cpanel modsecurity vendors

    By default cpanel come with “OWASP ModSecurity Core Rule Set V3.0” rule. To enable it click on “+ install” link right side.

    To add a third party rule set, click on “Add Vendor” button.

    To install comodo WAF rules, enter

    https://waf.comodo.com/doc/meta_comodo_apache.yaml
    

    Click “Load”, you will see some info auto filled, scroll down and clikc “Save” button.

    cpanel modesecurity add vendor

    Now you have Comodo WAF rules enabled on your server.

    cpanel modesecurity comodo WAF

    See ModSecurity

  • jetbackup

    JetBackup is a remote backup program for Cpanel Servers. You can get it from

    https://docs.jetbackup.com/v5.2/adminpanel/generalInformation.html#installation-guide

    To install Jetbackup for Cpanel, run

    yum install http://repo.jetlicense.com/centOS/jetapps-repo-latest.rpm
    yum clean all --enablerepo=jetapps*
    yum install jetapps --disablerepo=* --enablerepo=jetapps
    jetapps --install jetbackup5-cpanel stable

    Once installed, you need to do the following

    1) Add a backup destination
    2) Create a Backup Jobs

  • Stop xmlrpc.php attack on Cpanel Server

    xmlrpc.php is part of wordpress. It is used for some API. This is used by hackers to bruteforce WordPress installations, that can cause high server load and slow server performance.

    On cpanel server, to prevent xmlrpc.php attack go to

    WHM > Service Configuration > Apache Configuration > Include Editor

    click on “Pre Main Include”, then select your apache version.

    On text box below, paste

    
      RedirectMatch 301 /xmlrpc.php http://127.0.0.1/
    
    

    Click Update.

    Prevent xmlrpc.php attack on Cpanel Server

    All request to xmprpc.php will be blocked.

  • How to Install ImunifyAV on Cpanel Server

    ImunifyAV is a Free version of a malware scanner for websites. To install ImunifyAV on Cpanel

    yum install imunify-antivirus imunify-antivirus-cpanel

    To start/stop, run

    systemctl start imunify-antivirus
    systemctl stop imunify-antivirus

    If that did not work, you can use the following command, which works on Cpanel, Plesk, and DirectAdmin server

    wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh
    bash imav-deploy.sh

    Install Cpanel Plugin

    By default, ImunifyAV doesn’t show up in the Cpanel interface. To enable the Cpanel plugin, run

    /usr/share/av-userside-plugin.sh

    To uninstall the ImunifyAV Cpanel plugin, run

    /usr/share/av-userside-plugin.sh -r

    It is provided by package “imunify-antivirus”. You can find it with yum whatprovides “*/av-userside-plugin.sh”.

    Uninstall ImunifyAV

    To uninstall ImunifyAV free version, run

    yum remove imunify-antivirus imunify-antivirus-cpanel imunify-notifier imunify-common

    See ImunifyAV

  • CloudLinux PHP versions missing in PHP Selector

    CloudLinux PHP versions missing in PHP Selector

    On a Cpanel server running CloudLinux, PHP Selector did not show all PHP versions.

    cloudlinux php selector

    I reinstalled EasyApache profile “CloudLinux + All PHP Options + OpCache + mod_lsapi”.

    WHM EasyApache 4  PHP missing

    Even after installing EasyApache profile with all PHP versions, PHP 7.2 and PHP 7.4 was missing on this server.

    To fix, the problem, i run

    yum clean all
    yum install -y alt-php72* 
    yum install -y alt-php74*
    yum install -y alt-php73*
    
  • CloudLinux PHP Selector on Cpanel Server

    CloudLinux come with PHP Selector, this allow you to select differnt PHP versions. When you enable PHP selector, you should do the following.

    1) EasyApache 4 and bild profile "CloudLinux + All PHP Options + OpCache + mod_lsapi".
    2) MultiPHP Manager > System PHP Version set to any ea-php Version
    3) MultiPHP Manager > System PHP-FPM click "Turn Off" button.
    4) MultiPHP Manager > set INHERIT php version for domain.
    5) Users PHP selector > choose needed alt-php version and modules.
    6) WHM > Feature Manager > default => disable MultiPHP Manager and MultiPHP INI Editor.
    

    Related Posts

    Enable CloudLinux PHP lsapi
    CloudLinux

  • Cpanel Exim Bypass SMTP authentication for specific IP address.

    To bypass SMTP authentication for specific IP on Cpanel Exim mail server, edit file

    vi /etc/alwaysrelay
    

    Add IP or Hostname you need to allow sending email with out SMTP autentication and restart exim mail server.

    systemctl restart exim
    
  • EasyApache 4 installing PHP 5

    EDIT 2022-06-20: Cpanel completely removed support for PHP 5.6, so this method no longer works on AlmaLinux 8. If you need PHP 5.6, the best solution is to use CloudLinux, which provides support for older PHP versions. CloudLinux is a popular Linux distro used by many shared hosting providers as it allows for better security and isolates each website to its own virtual file system. You can find more information on cloudlinux at

    https://www.cloudlinux.com/os-shared/

    Cpanel have removed PHP 7.0 and older version from newer cpanel installations. Existing servers with older version of PHP will continue working.

    https://blog.cpanel.com/removal-of-php-5-6-and-php-7-0-in-easyapache-profiles/

    If you have a new cpanel server, but required older PHP version for some of your site to work, you can download EasyApache 4 profile from another server and upload to your server and provision it to get older PHP version.

    I have EA4 profile with Older PHP version available at

    https://gist.githubusercontent.com/serverok/ba144b7f04f0602a369406d7d400c87d

    To install, run following commands as root

    cd /etc/cpanel/ea4/profiles/custom
    curl -s https://gist.githubusercontent.com/serverok/ba144b7f04f0602a369406d7d400c87d/raw -o serverok-all-php.json
    

    Or save content of gist https://gist.github.com/serverok/ba97370b3184b480e29cf22c89dc69c3 as serverok-all-php.json, then upload it at

    WHM > EasyApache 4 > Upload a profile
    

    cpanel server

    Now login to WHM > EasyApache 4, you will see

    EasyApache4 php 5.6

    Click on “Provision” to install older PHP versions.

    Related Posts

    EasyApache
    Reinstall EasyApache4
    CloudLinux EasyApache 4 Profile Missing
    Cpanel Server

  • KernelCare Unknown Kernel

    On Cpanel server with KernelCare installed, i keep getting email

    KernelCare

    This is because the kernel is not yet supported by kernalcare. Since this kernal is provided by CloudLinux, you don’t have to worry. CloudLinux support said they do add support for KernelCare after 3 to 4 days of releasing new kernel.

    To disable this warning, edit file

    vi /etc/sysconfig/kcare/kcare.conf
    

    Add

    IGNORE_UNKNOWN_KERNEL=True
    

    You can find more KernelCare options at

    https://docs.kernelcare.com/config-options/

    You can always check if KernelCare supports your current kernel here:

    http://patches.kernelcare.com/

    KernelCare update kernel using cronjob in /etc/cron.d/kcare-cron

    [root@ok cron.d]# cat kcare-cron 
    31 */4  * * * root /usr/bin/kcarectl -q --auto-update
    [root@ok cron.d]# 
    

    Related Posts

    Install KernelCare
    cloudlinux

  • Disable PHP disable_functions on Cpanel Server

    Disable PHP disable_functions on Cpanel Server

    On a Cpanel Server using CentOS 7 + php-fpm, site phpinfo() shows few functions are set to disabled in disable_functions.

    PHP disable_functions

    I checked server wide PHP configuration in WHM for the PHP version the site is using. There is no disable_functions specified.

    WHM > Software > MultiPHP INI Editor > Editor Mode > PHP 7.3
    

    WHM php.ini editor

    This is because in Cpanel server running in PHP-FPM, you need to edit php-fpm pool config file at

    vi /opt/cpanel/ea-php73/root/etc/php-fpm.d/DOMAIN_NAME.conf
    

    Replace ea-php73 with whatever PHP version you selected for this web site.

    Remove the line

    php_admin_value[disable_functions] = exec,passthru,shell_exec,system
    

    Restart php-fpm with

    /scripts/restartsrv_apache_php_fpm
    

    See Cpanel Server

  • Cpanel find owner of a website

    On Cpanel server, to find username for a web site, run

    /scripts/whoowns DOMAIN_HERE
    

    Example

    Cpanel  find owner

  • Disable 2 Factor Authentication in Cpanel

    To disable 2 Factor Autentication for WHM in Cpanel Server, SSH into server as user root, run

    whmapi1 twofactorauth disable_policy
    

    Or run

    whmapi1 create_user_session user=root service=whostmgrd locale=en
    

    This will create a link for WHM login, using this link won’t require 2 Factor Authentication. After logging into WHM, you can disable 2 Factor Autentication.

    If you want 2 FA disabled for a cpanel user, run

    /usr/local/cpanel/bin/uapi --user=username TwoFactorAuth remove_user_configuration