Category: cPanel Howto

How to Verify the cPanel License

If you suspect that your cPanel and WHM license is not functioning:

Run either of the following commands from your server’s command line interface:

curl -L http://cpanel.net/showip.cgi
lynx -dump http://cpanel.net/showip.cgi

Next, visit http://verify.cpanel.net.

Enter the IP address you obtained in step 1.

Our website will display the status of your license.

If your server’s IP (from step 1) does not match the IP address on your license, contact cPanel Customer Service for further assistance.

If your IP address matches the license, and you are still experiencing problems, run the following script to verify your license:

/usr/local/cpanel/cpkeyclt

Once the script runs, you should be returned promptly to the command line with no messages if it works properly. If it takes longer than a few seconds, you may be experiencing connectivity issues.

Breaking Internet Censorship Ltd – Anonymous Hosting can help you fix this issue, their servers are located in Ecatel, a private data center with multiple gigabyte backbones located in The Netherlands. This means that you are assured of reliability and stability hosting with us.

If cpkeyclt fails, ensure that you are able to resolve our licensing servers. To test that you can resolve our servers. use the following command:

host auth.cpanel.net

You may also need to ensure that the time and date of the server are not set too far into the future or past.

How to ODBC support on a cPanel server

You first have to install the devel packages for unixodbc, then add a line in rawopts file and rebuild Apache+PHP.

1. Install the UnixODBC devel packages:

yum install unixODBC unixODBC-devel

2. You now need to create a file “all_php5″ to add a line to enable odbc so that apache build will pick it up from there. File all_php5 is for PHP5 and all_php4 is for PHP4.

pico /var/cpanel/easy/apache/rawopts/all_php5

3. Add the following line:

–with-unixODBC=/usr

4. Rebuild Apache/PHP using the “easyapache” script and the above file will be picked up automatically:

/scripts/easyapache

Once the compilation completes, you should have odbc module compiled with PHP. You can check the module either using a phpinfo() file OR through shell by executing:

php -i | grep odbc

How to Delete cPanel Frozen Emails

Howto check number of emails in the mail queue:

exim -bpc

To check the email ID, sender and receiver of the each email:

exim -bp | more

To delete frozen emails from the mail queue, execute:

exim -bp | grep ‘frozen’ | awk ‘{print $3}’ | xargs exim -Mrm

similarly, to delete emails sent using a script’

exim -bp | grep ‘<>’ | awk ‘{print $3}’ | xargs exim -Mrm

How to Change the cPanel FTP port

If you are looking to change the Ftp port on your server from 21 to a non-standard port say 2121, you need tweak the ‘bind’ option in the Ftp configuration file.  On a cPanel server with pure-ftp as a Ftp server, you need to edit the pure-ftpd.conf file

# pico /etc/pure-ftpd.conf

Search for the line:

# Bind 127.0.0.1,21

and add the following line below it

Bind *,2121

where, 2121 is the new port you want the Ftp server to listen to.

Save the Ftp configuration and restart the ftp service.

# service pure-ftpd restart

Using the netstat command you can check if the new port is in ‘LISTEN’ state

# netstat -al | grep 2121

How to Increase cPanel Memory for Java

In order to increase memory limit for Java, perform the following steps, edit the file:

/var/cpanel/tomcat.options

Insert the following 2 lines:

Xmx200M
Xms100M

where, Xmx is the upper limit and Xms is the lower limit. You have to replace the values as per your requirement. Save the file and restart the tomcat service:

root@server [~]#/scripts/restartsrv tomcat

How to add Domainkeys for a Domain

“DomainKeys” is an anti-spam software application that uses a public key, cryptography to authenticate the sender’s domain. cPanel offers a installer script “domain_keys_installer” using which the DomainKeys can be created and added automatically for a domain.

By default the DomainKeys is not added when the account is created on the server, it has to be added manually. SSH to your server and execute:

/usr/local/cpanel/bin/domain_keys_installer

where, is the username of the domain.

The DomainKey is automatically added in the DNS zone file of the domain located at /var/named/domainname.db file. To add DomainKeys for the existing domains, use the following script

for i in `cat /etc/trueuserdomains | awk ‘{print $2}’`
do
/usr/local/cpanel/bin/domain_keys_installer $i;
done;

NOTE: If you are using a 3rd party name servers for your domain, you will have to add the DomainKeys in the DNS zone of your domain created on their servers.

How to monitor and auto restart cron service

Sometimes the crond service fails quite often without any clue and it becomes necessary to monitor the cron service and auto-restart it. cPanel offers ‘chkservd’, a monitoring daemon that monitors the services on the server and restart them if found offline. cPanel/WHM do not provide an option to include the ‘crond’ service under the monitoring daemon, so following are the steps you can follow to achieve it:

Create a crond file under the chkservd.d directory where all the services files are placed:

# pico /etc/chkserv.d/crond

Add the following and save the file:

service[crond]=x,x,x,/etc/init.d/crond restart,crond,root

Now you need to edit the chkservd configuration file and enable the crond service for monitoring

# pico /etc/chkserv.d/chkservd.conf

add the following line at the end of the file

crond:1

Now, save the file and restart the chkservd service for the new changes to take affect:

# /scripts/restartsrv chkservd

In order to verify if chkservd auto-restarts the crond service if found offline, stop the service manually

# service crond stop

and watch the logs

# tail -f /var/log/chkservd.log

You will notice that the crond service is restarted automatically within 5 minutes.

How to Enable Basic cPanel End-User Security

As much as you are concerned about the security of your servers, your end users are likely just as concerned about what measures you have in place to protect their accounts against hacking attempts and unauthorized access. The following tips will help you increase your server’s security for end users, for both cPanel and FTP.

1. Enable SSL encryption for cPanel,WHM, and Webmail access

You can enable SSL encryption for cPanel access to help protect users against password sniffing when entering their login credentials. To do this, go to WHM > Tweak Settings > Redirection, and set “Always redirect to SSL” to “On”, then save. You may want to install a signed SSL certificate for cPanel so that your users’ web browsers do not complain about the default self-signed certificate that cPanel uses by default. (WHM > Manage Service SSL Certificates)

2. Enable brute-force protection

Brute-force attacks occur when an attacker uses automatic combinations of usernames and passwords to eventually guess the login credentials for a user on the system. CPanel comes stock with cpHulk, an application that allows you to block possible brute-force attempts by setting limits on login attempts. To enable this, go to WHM > cPHulk Brute Force Protection, and select “enable”. From here you can fine-tune your brute-force protection settings for your server. Be careful not to set them too strict or you may end up locking out legitimate users!

3. Set up security policies

Security policies help protect user accounts by specifying password strength and expiration, and is a new feature starting in cPanel 11.28. To set these up, go to WHM > Security Center > Configure Security Policies. Here you can define requirements for user passwords, while also limiting logins to user accounts from verified IP addresses only.

How to Enable Custom RBL’s in cPanel

By default, WHM gives you the option of using Spamhaus and/or Spamcop for added SPAM protection for incoming email. If you have additional DNSBL’s (DNS-based RBL’s) that you want Exim to check email against, you can easily enable them if you’re running cPanel 11.28 or higher.

First, go to WHM > Exim Configuration Editor, and click the RBLs tab. Click Manage Custom RBLs, and you’ll see a list of any existing RBL’s that have already been enabled.

Under Add a new RBL, enter the information for the RBL you would like to add:

RBL Name: the name of the RBL, used only for reference
RBL Info URL: the url that shows up in bounce messages for blocked email, telling the sender where a lookup can be done to verify or remove a listed IP
DNS list: The hostname of the DNSBL

 

How to Install mod_cloudflare in cPanel

When using Cloudflare, all the hits to your web server will come from a Cloudflare IP address. So in order to retrieve the actual IP address from the visitor you must install mod_cloudflare.

1. Connect to your server through SSH and log in as root.

2. Change directory to /usr/local/src :

cd /usr/local/src

3. Get the source code for mod_cloudflare:

wget –no-check-certificate http://github.com/cloudflare/CloudFlare-Tools/raw/master/mod_cloudflare.c

4. Use the Apache Extension Tool to build and install mod_cloudflare:

apxs -a -i -c mod_cloudflare.c

5. Restart the Apache HTTP daemon:

service httpd restart

6. Finally, update the Apache configuration data files:

/usr/local/cpanel/bin/apache_conf_distiller –update