Tag: cpanel

  • How To See Currently Running Processes in Cpanel/WHM Server

    How To See Currently Running Processes in Cpanel/WHM Server

    To see the currently running process on Cpanel/WHM server, log in to WHM.

    Search for “process” on the left-top corner search box.

    CPanel WHM process

    Under System health, click on “Process Manager”

    WHM > System Health > Process Manager

    Cpanel Process Manager

    This page list all running process. On the left of each process, you have the option to kill a process and trace.

    The “trace” option allows you to see what the process is doing. It uses strace command to attach a process and show the result.

    kill option allows you to kill a process. There is an option to kill all processes owned by a specific user.

    On the left menu, there is another link “Show Current Running Processes”, this just shows a read-only process list. You won’t be able to interact with it.

    Another option is to search for “terminal” in WHM, click on Terminal Link. This will open the Terminal connection to the server, here you can run Linux commands. You can use the following Linux commands to see the running process.

    ps aux
top

    Back to Cpanel Server

  • Disable catch-all email on Cpanel Server

    To disable catch-all email address for all sites hosted on Cpanel Server, run

    sed -i 's/^\*: [^ ]*$/*: :fail: ADDRESS DOES NOT EXIST/g' /etc/valiases/*

    Back to Cpanel Server

  • How to fix Cpanel Server shared IP address show customer site

    On a Cpanel Server, when you visit a shared IP address used by multiple websites, you will see the website of the first VirtualHost entry. This is not good when you have multiple customer websites as your other customers may visit the IP and see the site associated with the first VirtualHost entry and complain about this. I had customers reporting that their site is hacked when this happened to them.

    The solution is to add a VirtualHost entry for the IP address. So when visitors use IP address, that VirtualHost shows up.

    On Cpanel Server, you can do this by editing 

    vi /etc/apache2/conf.d/includes/pre_virtualhost_global.conf

    Add content

    
DocumentRoot /var/www/html



DocumentRoot /var/www/html

suPHP_UserGroup nobody nobody


AllowOverride All


SSLEngine on

SSLCertificateFile /var/cpanel/ssl/cpanel/cpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/cpanel.pem
SSLCertificateChainFile /var/cpanel/ssl/cpanel/cpanel.pem
SSLUseStapling Off



SecRuleEngine On

    In the above code, replace YOUR_SERVER_IP_HERE with your actual server IP address. If you have multiple IP addresses, repeat the code above for each of your IP addresses.

    Now restart Apache

    systemctl restart httpd

    See Cpanel Server

  • CPanel SSL Renew on password protected site

    CPanel SSL Renew on password protected site

    We have a site where we host demo websites that we do for our customers. We don’t want search engines to index these sites or strangers to see them. So it is password protected. The problem is Cpanel Auto SSL needs to access URI like /.well-known/ for SSL domain validation. With password protection, SSL domain verification fails and you won’t be able to renew the SSL certificate.

    In this post, I am doing it for domain demo.hostonnet.com with Cpanel username hostond.

    cpanel password protected site ssl

    Redirect HTTP to HTTPS

    I want to force all buy SSL verification requests to get redirected to HTTPS. For this, i created a folder

    mkdir -p /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/

    Now create a file

    vi /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/force-ssl.conf

    Add following content to it.

    RewriteEngine On 
RewriteCond %{REQUEST_URI} !^/\.well-known/
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

    This will redirect all requests that do not start with URI .well-known to HTTPS.

    Password Protect site

    Since HTTP only allows domain validation (pages inside folder .well-known) and redirects all other requests to HTTPS, we only need to password protect the HTTPS side of the website.

    First, create a directory

    mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/

    Create file

    vi /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/password.conf

    Add following content

    
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/demo-hon-htpaswd
    Require valid-user

    Setting Password

    HTTP Basic authentication password is stored in file /etc/apache2/demo-hon-htpaswd. To set password, use htpasswd command.

    To create a user, use

    htpasswd -c /etc/apache2/demo-hon-htpaswd admin

    This will create a user with the username “admin”. You will be asked to enter a password.

    Now restart apache

    systemctl restart httpd

    See Cpanel Server

  • Cpanel Mail Server

    To see the current mail server setup on the Cpanel server, run

    [root@server78 ~]# /scripts/setupmailserver --current
Current mailserver type: dovecot
Current storage format: maildir or mdbox
[root@server78 ~]#

    Cpanel Provide Following Mail servers

    SMTP: exim
POP/IMAP: courier, dovecot

    Roundcube mail logs in Cpanel

    tail -f /var/cpanel/roundcube/log/errors

    See exim mail server, Cpanel Server

  • How to Enable WordPress Toolkit in Cpanel/WHM

    How to Enable WordPress Toolkit in Cpanel/WHM

    WordPress Toolkit in Cpanel/WHM allows you to easily install and manage WordPress websites.

    To install WordPress Toolkit, log in to WHM as user root.

    Go to

    WHM > WHM Marketplace

    WordPress Toolkit WHMCS

    On the Next page, you have the option to install WordPress Toolkit.

    Install wordpress toolkit on cpanel server

    Methood 2: Usuing command line

    To install WordPress Toolkit in Cpanel server, login to SSH as user root, then run the following command.

    curl https://wp-toolkit.plesk.com/cPanel/installer.sh | sh

    After installation, you will be able to see WordPress Toolkit in CPanel.

    WordPress Toolkit CPanel

    You can enable/disable WordPress toolkit under Feature Manager in WHM.

    WHM > Packages > Feature Manager

    WordPress Toolkit WHM Feature Manager

    How to install WordPress using WordPress Toolkit

    This video will show how to install WordPress using WordPress Toolkit in Cpanel Server.

    Uninstall WordPress Toolkit

    If you want to remove WordPress Toolkit, run

    rpm -e wp-toolkit-cpanel

    See Cpanel Server, WordPress

  • Check if Cpanel Server need reboot from command line

    To check if Cpanel/WHM server need reboot from command line, run

    whmapi1 system_needs_reboot

    Example

    On a server with latest kernal

    [root@ns522466 ~]# whmapi1 system_needs_reboot
--- 
data: 
  details: {}

  needs_reboot: 0
metadata: 
  command: system_needs_reboot
  reason: OK
  result: 1
  version: 1
[root@ns522466 ~]#

    On a server that need reboot

    [root@server22 ~]# whmapi1 system_needs_reboot
--- 
data: 
  details: 
    kernel: 
      boot_version: 3.10.0-962.3.2.lve1.5.42.el7.x86_64
      running_version: 3.10.0-962.3.2.lve1.5.39.el7.x86_64
    updates: 
      glibc: 2.17-323.el7_9
      linux-firmware: 20200421-80.git78c0348.el7_9
      openssl-libs: 1:1.0.2k-21.el7_9
  needs_reboot: 1
metadata: 
  command: system_needs_reboot
  reason: OK
  result: 1
  version: 1
[root@server22 ~]#

    See Getting WHM Access from SSH on Cpanel Server

  • How to Disable Mailman in cPanel?

    How to Disable Mailman in cPanel?

    Mailman is a mailing list management software that comes by default on Cpanel Servers. Most websites don’t need this feature. Most small sites don’t need email discussion features provided by Mailman, mostly used by large scale open-source software for email discussion.

    To disable Mailman, login to WHM

    Method 1

    In WHM, search for “service manager”, click on “Service Manager” link. On next page, make sure checkboxs right side of Mailman is not checked.

    WHM Cpanel Service Manager

    Method 2

    Go to

    WHM > Server Configuration > Tweak Settings

    Search for mailman.

    Cpanel/WHM disable mailman

    Set value for “Enable Mailman mailing lists” to Off. Scroll down, click the “Save” button.

    See Cpanel Server, Cpanel Server Setup

  • Red Hat Killing CentOS Linux, Fight for CentOS clone

    Red Hat Killing CentOS Linux, Fight for CentOS clone

    RedHat, parent company of CentOS Linux announce it will stop supporting CentOS 8, the latest version of CentOS. CentOS is build from the source code RHEL, making a free version of stable and well-tested enterprise ready RHEL Linux. CentOS 7 will keep getting security updates until it reaches End Of Life June 30th, 2024. For Red Hat, maintaining CentOS wont help with their business. Now they don’t need to maintain CentOS, this will force many users to pay for Red Hat Enterprise Linux (RHEL).

    RedHat Killing CentOS Linux

    The new version of CentOS known as CentOS Stream is a rolling release. It will be used as a staging version of RHEL. Red Hat expect CentOS Stream to be stable and allow community participation as users will be able to contribute to CentOS Steam. With CentOS, community contribution was limited because it was a copy of RHEL.

    CentOS is populary used in web hosting servers as cpanel only supposed RHEL based Linux. With death of CentOS 8, cpanel have announced they will accelerate investment in development efforts to support additional operating systems. cPanel will suport Ubuntu LTS and expect to deliver a production-ready version in late 2021. After Ubuntu LTS, they will look into supporting Debian. Ubuntu is very popular with Cloud Servers as it come with latest software compared to CentOS. With many developers already using Ubuntu on their Desktop, supporting Ubuntu is wise decision by cpanel.

    With CentOS 8 unexpected demise, many users will be looking for alternative OS. This opens up market for next CentOS clone.

    Rocky Linux

    CentOS co-founder, Gregory Kurtzer announced he will be releasing his own Red Hat Enterprise Linux (RHEL) replacement Rocky Linux. No ETA on release date yet.

    https://rockylinux.org

    You can join discussion on their reddit.com/r/RockyLinux/

    Project Lenix

    Igor Seletskiy, CloudLinux CEO and founder said they will make their own RHEL patch to patch compatible Open Source Linux – Project Lenix.

    CloudLinux is a CentOS based commerical Linux, that is popular amoung web hosting providers as it allow resource limit per user and user isolation with CageFS. They also have support for kernel update with out reboot.

    CloudLinux will be investing more than a million dollar into Project Lenix. CentOS 8 users will be able to convert into Project Lenix or CloudLinux easily with out reboot. In the announcement Igor Seletskiy said “Red Hat’s announcement has left users looking for an alternative with all that CentOS provides and without the disruption of having to move to alternative distributions. We promise to dedicate the resources required to Project Lenix that will ensure impartiality and a not-for-profit community initiative. CloudLinux already has the assets, infrastructure, and experience to carry out the mission, and we promise to be open about the process of developing Project Lenix”.

    See CentOS

  • Disable cPHulk Brute Force Protection

    Disable cPHulk Brute Force Protection

    Cpanel Servers have a bruceforce attack detection module called cPHulk Brute Force Protection. In case your server have another bruteforce detection software like ConfigServer Security & Firewall, you may need to disable cPHulk Brute Force Protection as you don’t need 2 software for same purpose running on the server.

    To disable cPHulk Brute Force Protection, run

    /usr/local/cpanel/bin/cphulk_pam_ctl --disable

    You can also use

    https://SERVER_IP:2087/scripts2/doautofixer?autofix=disable_cphulkd

    Or login to WHM, Go to 

    WHM Home > Security Center > cPHulk Brute Force Protection

    click OFF button to disable cPHulk.

    disable cPHulk

  • Modify Apache Virtual Host for a site in Cpanel Server

    On Cpanel server Apache configuration file get recreated every time you modify or add a new web site. In cause you need to modify VirtualHost entry for a web site hosted in cpanel, you should not edit /etc/apache2/conf/httpd.conf file.

    If you open /etc/apache2/conf/httpd.conf and check virtual host entry for a web site, you will see line like

    # Include "/etc/apache2/conf.d/userdata/std/2_4/USERNAME/DOMAINNAME/*.conf"
# Include "/etc/apache2/conf.d/userdata/ssl/2_4/USERNAME/DOMAINNAME/*.conf"

    in non-ssl and ssl virtual host entry for a domain. To modify virtual host entry, you need to create the folder, then create a file with extension .conf

    Then rebuilt httpd.conf by running

    /usr/local/cpanel/scripts/rebuildhttpdconf

    During rebuild, the script will check for the conf file, if found the line get uncommented (remove # from beginning of Include line).

    For a web site, i need to protect it with password. This is a feature available in cpanel, but i want it done on server side, so no one accidently make this site public by deleting .htacess.

    To do this, i created folders

    mkdir -p /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/

    In this cause, cpanel user name is “serverok” and the web site url is demo.serverok.in

    I created .conf file in both folders

    vi /etc/apache2/conf.d/userdata/std/2_4/serverok/demo.serverok.in/password.conf
vi /etc/apache2/conf.d/userdata/ssl/2_4/serverok/demo.serverok.in/password.conf

    Add content

    
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/serverok-htpaswd
    Require valid-user


Now rebuild httpd.conf with


    /usr/local/cpanel/scripts/rebuildhttpdconf

    

    Restart Apache with
    

    systemctl restart httpd

    

    Now when i visit the web site, it ask for password. We have not yet created password file, so create it with
    

    htpasswd -b -c /etc/apache2/serverok-htpaswd USERNAME_HERE PASSWORD_HERE

    

    See Cpanel Server, Apache

  • Configure Cpanel Server service using whmapi1

    To disable monitoring of MySQL service, run

    whmapi1 configureservice service=mysql enabled=1 monitored=0

    This wil prevent MySQL service get auto started.

    To enable Monitoring for MySQL service, run

    whmapi1 configureservice service=mysql enabled=1 monitored=1

    If you want to disable a service, change enabled=1 to enabled=0

    See whmapi1