Saturday, December 28, 2013

curl: (77) Problem with the SSL CA cert (path? access rights?)

This is an issue with  ca-certificates that bundles with the server. You may simply need to reinstall the  following packages for fixing this issue.

# yum reinstall ca-certificates

# yum reinstall openssl
 This will fix your issues, with   curl: (77) Problem with the SSL CA cert (path? access rights?)

How to Configure Multiple shared IP’s in WHM

You can’t add multiple shared IPs in WHM GUI, but it’s possible to do so via SSH (login as root).
First, you need to create a /var/cpanel/mainips/ directory, if it doesn’t exist:
# mkdir /var/cpanel/mainips/
Then, create a /var/cpanel/mainips/root file, with all the Ips as folllows
Basically, each line is an additional shared IP in WHM. That’s it!
You can verify from WHM>>Home>>IP Functions>>Show/Edit Reserved IPs

Change of default page in cpanel/WHM

In WHM, look for "Account Functions" and choose "Skeleton Directory". This will show you where your directory is. Anything you add to your skel directory will automatically be added to the users directory when you create a new account.

If you place a default HTML page within the "public_html" sub-directory then it will be included within the public_html directory of the user's new account upon creation.

Example paths:


Saturday, December 7, 2013

How to fix the FTP time out error

How to resolve the error :

[bash]!connection failed – connection timed out
!connectio:error 0
PORT xxx,xxx,x,x,x,xxx
500 Illegal PORT command
!Failed "port"
!Retrieve of folder listing failed (0)[/bash]

This  error occurs when we are able to connect using FTP but folder listing fails!
1)Login to the WHM==> FTP Server Selection
2)change the FTP server to Pure-FTPD from PRO-FTP  ==>  Save
3)Now ssh into the server as root and open the pure-ftp conf file /etc/pure-ftpd.conf
4)Find the FTP port no: used the “PassivePortRange” from the config file
5)Add the port range into the config file
for eg :
[bash][/bash]PassivePortRange 30000 40000[bash][/bash]
6)Save and quit
7)Open the  csf(firewall) config file, add the ftp port along with the passive port range
eg :
[bash][/bash]# Allow incoming TCP ports
TCP_IN = “20,22,25,53,80,110,143,443,465,587,993,995,2001,2077,2078,2082,2083,2086,2087,
8)Restart csf & Pure-ftpd

How to fix the WHM CSF security test errors!

As a part of ensuring security, we perform a CSF security scan from WHM. We may get the following error after the scan
Check csf LF_SCRIPT_ALERT option WARNING This option will notify you when a large amount of email is sent from a particular script on the server, helping track down spam scripts
To fix this error :  ssh into the server and edit the csf configuration file
vi /etc/csf/csf.conf
search for LF_SCRIPT_ALERT = “0″
Change the value from “0″ to “1″ to fix the issue.
Don’t forget to restart the CSF
You may also get the following error :

cPanel icons missing on WHM

Usually WHM allows you to login to the cPanel accounts from the “List Account” option. But sometimes you may not able see the cPanel icons which prevents you to login to the cPanel account as root.
goto “Tweak Settings” and uncheck the option below
Disable login with root or reseller password into the users’ cPanel interface. Also disable switch account dropdown in themes with switch account feature.

How to change Linux root password temporarily.

This is a simple technique by which you can have your our root password temporarily and change it back to the real one after use. The condition is
* You are logged in as root and you don’t know the root password
Back-up the current shadow file.
[root@localhost ~]# cp /etc/shadow /etc/shadowbkup
Change the current root password the desired one.

How to transfer a cPanel account to DirectAdmin.

The file structure and back-ups for both control panels are entirely different and its quite difficult to restore the files transfered from one to another control panel manually. There is a script available which can convert a cPanel back-up to the format that of a DirectAdmin. The convert process is quite simple.

Download the conversion script from here .
*You can download it using the terminal :
*Create two directories import and export :
mkdir import export

Find Linux OS is 32 or 64bit.

There are several situations where you need to confirm whether your Linux OS installed  is 32bit or 64bit. People normally use uname -a to find it. But the following command will tell you exactly the machine   architecture.
getconf LONG_BIT
getconf utility shall conform to the Base Definitions volume of IEEE Std 1003.1-2001, Section 12.2, Utility  Syntax.
[root@localhost ~]# getconf LONG_BIT
[root@localhost ~]#
My machine is 32bit.

How to disable gzip output on lightspeed server accounts

You can use .htaccess to disable gzip output if your website is running under a lightspeed server.
Open .htacess file and append following lines.
php_flag zlib.output_compression Off
RewriteEngine On
RewriteRule . – [E=no-gzip:1]
RewriteRule ^(.*)$ $1 [E=no-gzip:1]

How to configure NAT with iptables on a VPS.

NAT ( network-address-translation ) with iptables  helps us in how to select the packets we want to mangle. We can easily configure NAT on a OpenVZ VPS by following the below steps.
Lets first consider a VPS in which NAT is not enabled. Trying to POSTROUTE from VPS throws you errors.
iptables -t nat -A POSTROUTING -s -o venet0 -j SNAT –to
or iptables -t nat -nvL
iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
To Enable NAT :
* Login to Node server.
Check vzcinfiguration file to find whether NAT is enabled or not.
grep -i iptables /etc/vz/vz.conf
You will get

Exim: remove mails in queue from a particular sender.E

“spams”, its one of the major issue that a sys admin has to deal with throughout his job.  First you need to find the user who is generating it. You can get it from the mail headers.  Once you find the user, disable the script that was responsible for spams, but it may have already kept thousands(may be lacks) of mails in the exim queue waiting for its chance to get delivered.  To delete these mails one by one is impossible.  In a cPanel server having exim mail,  you can use the following command to delete mails in the current queue generated by that particular user only.

SSH into the server

    exiqgrep -i -f | xargs exim -Mrm

-i print messages id
-f from address
-Mrm remove mails

Remove mails to a particular sender in the queue :-

    exiqgrep -i -t | xargs exim -Mrm

-t to address

How to enable DKIM in cPanel server.

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit and one can use this to prevent from getting blacklisted by the free email providers like Yahoo, MSN and Google. DKIM can increase the mail authenticity.

cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.

Check if exim is compiled with DKIM support enabled.

 [bash]root@server # /usr/sbin/exim -dd 2>&1 | grep Experimental_DKIM[/bash]
    [bash]Support for: crypteq iconv() IPv6 PAM Perl OpenSSL Content_Scanning Old_Demime Experimental_SPF Experimental_SRS
    Experimental_DomainKeys Experimental_DKIM[/bash]