cPanel bugfix: Can’t receive email via mail client

There’s a bug in cPanel which prevents user from checking mail from mail client, while you can login to webmail without a problem and you can send out email without a problem.

To fix this, SSH into server/vps, try to receive email within mail client using account that client provided and then run: tail -f /var/log/messages

just to make sure it’s this problem. It should be something similar to this:

server1 popa3d(pam_unix)[13128]: check pass; user unknown
server1 popa3d(pam_unix)[13128]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
server1 popa3d[13128]: Authentication failed for UNKNOWN USER from 127.0.0.1

then: cd /etc/xinetd.d/ and edit these files:

pop3s
popa3d
popa3ds
cpimap

You’ll see one line saying:

disable = ‘no’

make it

disable = ‘yes’

Save and exit. Then restart xinetd and cppop and it should be alright.

SSL Failed

While Restarte ing Cpanel it shows SSL service failed as :

===================================================================
Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services:
Starting Melange Chat services:
Starting cPanel ssl services: [FAILED]
Starting mailman services: Starting Mailman’s master qrunner.
===================================================================

Then just follow the following steps to solve the error:

1) Please check the stunnel version running on the Server / VPS by using the command “ps -aux | grep stunnel”

===================================================================
root@server [~]# ps -aux | grep stunnel
cpanel 23844 0.0 0.0 3832 1620 ? S Aug22 0:00 /usr/bin/stunnel-4.15local /usr/local/cpanel/etc/stunnel/default/stunnel.conf.run
root 1620 0.0 0.0 1432 444 pts/0 S Aug24 0:00 grep stunnel
===================================================================

Here the stunnel version is 4.15 “stunnel-4.15local”

2) Open stop stunnel file using vi and it will show the following contents:

===================================================================
root@server [~]# vi /usr/local/cpanel/etc/init/stopstunnel
#!/usr/bin/perl

killstunnel();
sub killstunnel {
system(“/scripts/ckillall -9 stunnel”);
system(“/scripts/ckillall -9 stunnel-3.22local”);
system(“/scripts/ckillall -9 stunnel-4.00local”);
system(“/scripts/ckillall -9 stunnel-4.02local”);
system(“/scripts/ckillall -9 stunnel-4.04local”);
system(“/scripts/ckillall -9 stunnel-4.05local”);
}
===================================================================

3) Copy the second last line and paste it below that line and change the stunnel version to 4.15 local. The file should look as :

===================================================================
root@server [~]# vi /usr/local/cpanel/etc/init/stopstunnel
#!/usr/bin/perl

killstunnel();
sub killstunnel {
system(“/scripts/ckillall -9 stunnel”);
system(“/scripts/ckillall -9 stunnel-3.22local”);
system(“/scripts/ckillall -9 stunnel-4.00local”);
system(“/scripts/ckillall -9 stunnel-4.02local”);
system(“/scripts/ckillall -9 stunnel-4.04local”);
system(“/scripts/ckillall -9 stunnel-4.05local”);
system(“/scripts/ckillall -9 stunnel-4.15local”);
}
===================================================================

Save and exit from the file.

4) Restart the cPanel and check if error persist. Smile

===================================================================
Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services:
Starting Melange Chat services:
Starting cPanel ssl services: [ OK ]
Starting mailman services: Starting Mailman’s master qrunner.
===================================================================

Fantastico phpbb installation error

If you are getting following error while installing phpbb from Fantastico

——————————————————————
Warning: fileperms(): Stat failed for /home/qededu/.fantasticodata/temporary/phpBB2 (errno=2 – No such file or directory) in /usr/local/cpanel/3rdparty/fantastico//includes/enc_functions.php on line 287

Warning: is_file(): Stat failed for /home/qededu/public_html/test/config.php (errno=13 – Permission denied) in /tmp/cpanel_phpengine.1146740152.297467947.16752673597 on line 1147
1) File: /home/qededu/public_html/test/config.php [ERROR! ]

Warning: is_file(): Stat failed for /home/qededu/public_html/test/data.sql (errno=13 – Permission denied) in /tmp/cpanel_phpengine.1146740152.297467947.16752673597 on line 1147
2) File: /home/qededu/public_html/test/data.sql [ERROR! ]
——————————————————————-

Just check the permission of tar file. Try to run following commands:

root@venus [~]# whereis tar
root@venus [~]# ls -al /bin/tar

If permission of /bin/tar is not 755 just change it to 755.
root@venus [~]#ls -al /bin/tar
-rwx—— 1 root root 149484 Mar 13 10:57 /bin/tar*
root@venus [~]#chmod 755 /bin/tar*
root@venus [~]# ls -al /bin/tar
-rwxr-xr-x 1 root root 149484 Mar 13 10:57 /bin/tar*

Mails are not delivering from Mail Queue Manger

Mails are not delivering from Mail Queue Manger and throwing connection refused error then just follow the following steps and add the iptables rules:

1) Go to shell of Linux server.
2) service iptables save
3) service iptables stop
4) Add following rules
iptables -A INPUT -p tcp –dport 953 -j ACCEPT
iptables -A INPUT -p tcp –dport 53 -j ACCEPT
iptables -A INPUT -p udp –dport 53 -j ACCEPT
iptables -A INPUT -p udp –dport 953 -j ACCEPT
5) service iptables start

Installing mod_evasive (formally known as mod_dosevasive)

Login to the server and execute

cd /usr/local/src

wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz

tar -zxvf mod_evasive_1.10.1.tar.gz
cd mod_evasive

For apache 2.0.x

/usr/sbin/apxs -cia mod_evasive20.c

Then add add this too httpd.conf

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

For apache 1.3.x

/usr/local/apache/bin/apxs -cia mod_evasive.c

Then add this too httpd.conf

<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 6
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

Now just restart apache and the installation is complete.

/etc/init.d/httpd restart

Rkhunter Installation

Rkhunter is a very useful tool that is used to check for trojans, rootkits, and other security problems. This tutorial will touch on installing and setting up a daily report for rkhunter.
Installing:

wget -c http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz
tar -zxvf rkhunter-1.2.7.tar.gz
cd rkhunter-1.2.7.tar.gz
./installer.sh

Now you can run a test scan with the following command:

/usr/local/bin/rkhunter -c
How to setup a daily scan report?

pico /etc/cron.daily/rkhunter.sh

add the following replacing your email address:

#!/bin/bash
(/usr/local/bin/rkhunter -c –cronjob 2>&1 | mail -s “Daily Rkhunter Scan Report” email@domain.com)

chmod +x /etc/cron.daily/rkhunter.sh
I just got a false positive!! What do i do?

False positives are warnings which indicates there is a problem, but aren’t really a problem. Example: some Linux distro updated a few common used binaries like `ls` and `ps`. You (as a good sysadmin) update the new packages and run (ofcourse) daily Rootkit Hunter. Rootkit Hunter isn’t yet aware of these new files and while scanning it resports some “bad” files. In this case we have a false positive. You could always have your datacenter or a system administrator check out the server to verify that it is not compromised.

Installing Mod_Bandwidth

Following are the steps to install mod_bandwidth

1. Login to your server via SSH as root.

2. Type: mkdir /root/mod_bw

3. Type: cd /root/mod_bw

4. Type: wget ftp://ftp.cohprog.com/pub/apache/module/1.3.0/mod_bandwidth.c

5. Type: /usr/local/apache/bin/apxs -c /root/mod_bw/mod_bandwidth.c -o /usr/local/apache/libexec/mod_bandwidth.so

6. Type: mkdir /usr/local/apache/bw_limit

7. Type: mkdir /usr/local/apache/bw_limit/link

8. Type: mkdir /usr/local/apache/bw_limit/master

9. Type: pico -w /etc/httpd/conf/httpd.conf

10. Locate the following Line: LoadModule rewrite_module libexec/mod_rewrite.so

11. Before the above line add this:
LoadModule bandwidth_module libexec/mod_bandwidth.so

12. Now locate this line: AddModule mod_env.c

13. Before the above line add this:
AddModule mod_bandwidth.c

14. Now locate this line: # Document types.

15. Before the above line add this:
BandWidthDataDir “/usr/local/apache/bw_limit”
BandWidthModule On

16. To enable mod_bandwidth on a virtual host locate the virtual host entry for the specified domain/acount you wish to limit. Just before the line add the following:
BandWidthModule On
BandWidth all 512

The 512 can be replaced with whatever rate you wish to limit the acount too.

17. Save the file and exit.
CTRL-X then Y then enter.

18. Type: service httpd restart

19. Type: cd /usr/sbin

20. Type: wget ftp://ftp.cohprog.com/pub/apache/module/cleanlink.pl

What is cleanlink?
Cleanlink is a deamon that is used to clean links created by mod_bandwidth when they aren’t removed properly by the server. (When a httpd process doesn’t terminate the usual way.)

21. Type: chmod 755 cleanlink.pl

22. Type: pico -w cleanlink.pl

23. Change $LINKDIR to the following:
$LINKDIR=”/usr/local/apache/bw_limit/link”;

24. Save the file and exit.
CTRL-X then Y then enter.

25. Type: perl cleanlink.pl

26. Type: pico -w /etc/rc.d/rc.local

27. Scroll down to the very end of the file and add the following:
# The following line Launches CleanLink for Mod_Bandwidth
perl /usr/sbin/cleanlink.pl

28. Save the file and exit.
CTRL-X then Y then enter.

mod_bandwidth has many options. If you wish to modify mod_bandwidth and enable more options please visit the documentation available by the programmer here: http://www.cohprog.com/v3/bandwidth/doc-en.html

Installing eAccelerator

To install eAccelerator on a Server just follow the following steps:

1) Login as root in SSH

2) Run the following commands in the following order:

cd /

mkdir ea

cd ea

wget http://jaist.dl.sourceforge.net/sourceforge/eaccelerator/eaccelerator-0.9.3.tar.gz

tar xvzf eaccelerator-0.9.3.tar.gz

cd eaccelerator-0.9.3

export PHP_PREFIX=”/usr”

$PHP_PREFIX/bin/phpize

./configure –enable-eaccelerator=shared –with-php-config=$PHP_PREFIX/bin/php-config

make

make install

3) Edit php.ini – usually it’s /etc/php.ini or /usr/local/lib/php.ini

Find this:

;Windows Extensions

Above this, comment out or remove the PHPA or mmcache lines if you have them. Replace them with this:

To install as a ZEND extension:

zend_extension=”/ea/eaccelerator-0.9.3/modules/eaccelerator.so”
eaccelerator.shm_size=”16″
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1″
eaccelerator.optimizer=”1″
eaccelerator.check_mtime=”1″
eaccelerator.debug=”0″
eaccelerator.filter=”"
eaccelerator.shm_max=”0″
eaccelerator.shm_ttl=”0″
eaccelerator.shm_prune_period=”0″
eaccelerator.shm_only=”0″
eaccelerator.compress=”1″
eaccelerator.compress_level=”9″

OR to install as a PHP extension:

extension=”/ea/eaccelerator-0.9.3/modules/eaccelerator.so”
eaccelerator.shm_size=”16″
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1″
eaccelerator.optimizer=”1″
eaccelerator.check_mtime=”1″
eaccelerator.debug=”0″
eaccelerator.filter=”"
eaccelerator.shm_max=”0″
eaccelerator.shm_ttl=”0″
eaccelerator.shm_prune_period=”0″
eaccelerator.shm_only=”0″
eaccelerator.compress=”1″
eaccelerator.compress_level=”9″

4) Create the cache directory by doing the following at the command line

mkdir /tmp/eaccelerator

chmod 0777 /tmp/eaccelerator

5) Restart Apache

service httpd restart.

Any folder name starting with ‘dev’ gives Internal Server

If there is a problem with any folder under any site starting it’s name with ‘dev’, It gives Internal Server Error…. while accessing any scripts inside it. This problem is mainly caused by ‘mod_security’. You will have to check if ‘mod_security’ is enebled on the server, If so you will have to disable it in order to get those scripts running.

Splitting Files…

Many times we have to transfer big files. But due to bad network or bad connection transfer time outs when transferring such a big file.

To override this, you can split this file into small size files, transfer it and then join it again.

Here are the steps for it.

Make sure you have root privilages to do this.

1) Login to the shell where the file is stored.

2) Run the command
split –bytes=sizeoffileyouwanttosplit filename
(split –bytes=1000M backup.tar.gz)

3) Copy the files to destination.

4) Join them once again using the command.
echo file1 << file2.