Saturday, November 29, 2014

How to change main domain of a cPanel reseller account with an existing domain name?

 Here are some tips on cPanel reseller account modification. It’s quite simple if the new domain you wish to set as primary of your WHM re-seller is not under the same account. It can be simply managed from the “Modify an Account” section. You can simply modify the account information from this location. As it is a re-seller, you must do the following steps after modifying the account.

    Make sure that;You do not want the current domain and data. If you need it, please take backups.
    Change reseller ownership of all accounts under that reseller to the new username.
    Check resellers name-servers, if they are using their own.
    Switch reseller priveliges to new user.
    And so on.

Here I am listing some steps to changing the reseller main account that I have done few days ago for a client. His actual requirement is:

"Change the cPanel reseller account's main domain to an already existing domain under his reseller account"

He wants to set up “” (already existing under his re-seller account) as main domain for his re-seller account. Also, wanted to terminate the current main domain “”.

1, I created a backup of “” (The domain he actually wants to set as main domain).
2, Terminated that account “” (To avoid conflict when modifying the existing domain with new).
3, Modified the existing account with new domain name, I didn’t changed the $user name. The user name change will cause problem with all his accounts’ ownership and its little complex.
4, Replaced the “public_html” contents with the data from the backup I created.
5, Also, replaced the “email” folders with new.
6, As it was a WordPress site, created a database and restored it from the backup. (Need to edit the username details in database, makes sure that you have made the necessary changes in Site URL and home in your WordPress database).

That’s it…!!

Unable to establish a PHP session – PHPMyAdmin error

PHPMyAdmin error

Do you ever come across the following error when you access PHPMyAdmin from cPanel.
Access Denied Unable to establish a PHP session. If you believe that this is in error or inadvertent, contact your system administrator and ask them to review your server settings.

Normally, you will get this error when the permission or ownership of the tmp folder for this user is wrong. That is, make sure the ownership of /home/$username/tmp folder has ownership set to $user and permission as 755. If it is not, you will face the same problem.

1. SSH into the server as root.

2. Check the permission and ownership of /home/$user/tmp folder. Set ownership as $user.

# chown $user. /home/$user/tmp

3. Set permission of the tmp folder to 755.

#chmod 755 /home/$user/tmp

That’s it!!!

$user can be replaced with your respective username.

How to replace MySQL with MariaDB in cpanel

MariaDB is an enhanced drop-in replacement for MySQL. MySQL 5.1 is compatible with MariaDB 5.1, 5.2 and 5.3. MySQL 5.5 is compatible with MariaDB 5.5.

Make sure to save all existing data just in case there are any issues.

    cp -Rf /var/lib/mysql /var/lib/mysql-old
    mv /etc/my.cnf /etc/my.cnf-old

Disable the targets so cPanel no longer handles MySQL updates

The following will mark the versions of MySQL we distribute as uninstalled so they are no longer maintained by cPanel/WHM

    /scripts/update_local_rpm_versions –edit target_settings.MySQL50 uninstalled
    /scripts/update_local_rpm_versions –edit target_settings.MySQL51 uninstalled
    /scripts/update_local_rpm_versions –edit target_settings.MySQL55 uninstalled

How to Block an IP Address on a Linux server

To block an IP on your Linux server you need to use iptables tools  and netfilter firewall. First you need to log into shell as root user. To block an IP address you need to type the iptables command as follows:

# iptables -A INPUT -s IP-ADDRESS -j DROP

Replace IP-ADDRESS with your actual IP address. For example, if you wish to block an ip address 103.575.713.93 for whatever reason then type the command as follows:

# iptables -A INPUT -s 103.575.713.93 -j DROP

If you have IP tables firewall script, add the above rule to your script.If you just want to block access to one port from an ip 103.575.713.93 to port 22 then type command:

# iptables -A INPUT -s 103.575.713.93 -p tcp --destination-port 22 -j DROP

How to Setup Minecraft on a Linux CentOS Server

Installation is quite straightforward:

rm -fv csf.tgz
tar -xzf csf.tgz
cd csf

Next, test whether you have the required iptables modules:

perl /usr/local/csf/bin/

Don't worry if you cannot run all the features, so long as the script doesn't
report any FATAL errors

Saturday, September 20, 2014

Customize your default apache page in cpanel

You just have to login to your server via ssh.
Navigate to /usr/local/apache/htdocs

    # cd /usr/local/apache/htdocs

And finaly edit the file index.html

    # nano index.html

If you list the content of /usr/local/apache/htdocs you will see that you can also modify the content of other error pages that cpanel’s apache outputs.

End you are done

How to catch spammer or Scammer in Cpanel server?

1. Open exim.conf
pico /etc/exim.conf

2) Find this;
Ctrl + W: hostlist auth_relay_hosts = *

Runtime configuration file for Exim #

3) After hostlist auth_relay_hosts = *

add the following

log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
4) The final result should look like this

hostlist auth_relay_hosts = *

Friday, September 19, 2014

How to redirect to

Here is the steps:-

Make changes to zone db ( Ie /var/named/
create a subdomain webmail
entry wil be like this

    ========================== IN A IN A IN MX 0
    mail IN CNAME
    www IN CNAME
    ftp IN A
    cpanel IN A
    whm IN A
    webmail IN A
    webdisk IN A

mod_security: Access denied eror code 403

You may get the following error in Apache logs:-

mod_security: Access denied with code 403. Error reading request body, error code 70007:

The timeout specified has expired

1. Open the Apache configuration file

root@server1 [~]#vi /usr/local/apache/conf/httpd.conf

2. Change the  Timeout value to 300

3. Restart Apache service.

root@server1 [~]# /etc/init.d/httpd restart

Issue will be fixed.

How to disable PHP functions per domain?

If you want to disable the PHP functions  for a particular  domain, just put the following entry in the .htaccess corresponding to the domain.

php_flag engine off

You may also put the following entry in the virtual host entry  in httpd.conf corresponding to the domain.

php_admin_flag engine off

Restart httpd once this is done.

Different ports used on cPanel server

Here is the list of different ports used on cPanel server:-

20 –> FTP (Inbound/Outbound,TCP/UDP)
21 –> FTP (Inbound/Outbound,TCP/UDP)
22 –>SSH (Inbound,TCP)
25 –>SMTP (Inbound/Outbound,TCP)
26 –>SMTP (Inbound/Outbound,TCP)
37 –>RDATE (Outbound,TCP)
43 –>WHOIS(Outbound,TCP)
53 –>DNS (Inbound/Outbound,TCP/UDP)
80 –>HTTP (Inbound/Outbound,TCP)
110 –> POP3(Inbound,TCP)
143 –>IMAP4(Inbound,TCP)
443 –>HTTPS(Inbound,TCP)
465 –>SMTP (TLS/SSL)(Inbound/Outbound,TCP/UDP)
873 –> RSYNC(Outbound,TCP/UDP)
993 –>IMAP4 (SSL)(Inbound,TCP)
995 –>POP3 (SSL)(Inbound,TCP)
2082 –>CPANEL(Inbound,TCP)
2083 –>CPANEL (With SSL)(Inbound,TCP)
2086 –>WHM (Inbound,TCP)
2087 –>WHM (With SSL)(Inbound,TCP)
2089 –>cPanel licence(Outbound,TCP)
2095 –>WEBMAIL(Inbound,TCP)
2096 –>WEBMAIL (With SSL)(Inbound,TCP)
3306 –>MYSQL (Inbound/Outbound,TCP)

Enableing passive mode in FTP server with CSF firewall

Passive mode is always very important for ftp servers, if you are running csf firewall and cannot connect to ftp server then it means that range of passive ports is blocked in firewall. Here are simple steps

1) Add Passive Port range 30000-350000 to your Pureftp or Proftp configuration file

i) For Pure FTP

open /etc/pure-ftpd.conf, and this line

PassivePortRange    30000 35000

ii) For pro FTP

Open /etc/proftpd.conf, and add this line

PassivePorts    30000 35000

iii) Now add these ports in CSF config

Open /etc/csf/csf.conf

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,30000:35000"

iv) restart csf and ftp

service csf restart
service pureftpd restart (or)
service proftpd restart

Now you will not get error while connecting to ftp
That's it!

Saturday, September 6, 2014

How to install CHKRootkit

Product Name: CHKROOTKIT
Product Version: 0.49

Description: chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.
It can be used from a “rescue disc” (typically a LiveCD) or it can optionally use an alternative directory from which to run all of its own commands. These techniques allow chkrootkit to trust the commands upon which it depends a bit more.

There are inherent limitations to the reliability of any program that attempts to detect compromises (such as rootkits and computer viruses). Newer rootkits may specifically attempt to detect and compromise copies of the chkrootkit programs or take other measures to evade detection by them.
Step 1: Downloading and Installing it:

cd /usr/local/src
wget md5sum -c chkrootkit.md5
tar -zxvf chkrootkit.tar.gz
mkdir /usr/local/chkrootkit
mv /usr/local/src/chkrootkit*/* /usr/local/chkrootkit
cd /usr/local/chkrootkit
make sense Step 2: Adding program to daily cron job
There you go! should be installed, and you will get a mail daily with a status on your system

How to install Malware Detect (Maldet) for CentOS 6 / Linux

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

There is nothing complicated in installation process, but root access to your server is required. 
Installation via SSH

cd /usr/local/src/
tar -xzf maldetect-current.tar.gz
cd maldetect-*
sh ./ or sudo sh ./
maldet --update-ver
maldet --update

To scan a folder, for example /home you should type maldet -a /home.

Sunday, July 6, 2014

DDOS – How attack check

Whenever the load in the server increases due to a particular user in the server. Check the following:

You can check the user in top.

Find the domain owned by the user:

    grep username /etc/userdomains

use the following command after you get the domain name:

    less /usr/local/apache/domlogs/ | awk ‘{print $1}’ | sort | uniq -c | sort -n

How to install WHMSonic in cpanel

Login to your server root SSH and copy/paste the following command fully and run it.

    cd /root/; rm -f; wget; chmod +x; ./

Sample installation output:

    * WHMSonic Setup v2.1.11 *
    WHMSonic installer is now installing the latest version. This may take a few minutes, please wait…
    –2013-11-29 00:55:15–
    Connecting to||:80… connected.
    HTTP request sent, awaiting response… 200 OK
    Length: 10530510 (10M) [application/zip]
    Saving to: `’

How to Configure Multiple shared IP’s in WHM

It is not possible to add multiple shared IP’s from WHM but it is possible to do it from SSH.

First of all we need to create a /var/cpanel/mainips/ directory if it is not present.

    mkdir /var/cpanel/mainips/

Then we have to create a file.

    vi /var/cpanel/mainips/root

Add all IP’s into it. save the file and quit.

How to install kloxo panel in centos

Go to below path.

    cd /usr/local/src

Use the wget Command to download latest version of Kloxo Auto Installer Script


Give proper permission.

Friday, May 2, 2014

How To Unblock an IP Address in APF

Advanced Policy Firewall, or APF, is a software firewall commonly installed on  servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.

 Pre-Flight Check

  • These instructions are intended specifically for unblocking an IP Address in APF.
  • I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
  • For further details, see our in-depth look at the APF firewall.

Check APF for Your IP Address

Let’s say that you want to check whether or not a specific IP address, maybe , is blocked by APF. That’s easy!

You may receive a result similar to:

/etc/apf/deny_hosts.rules:# added on 04/25/14 13:42:01 with comment: {bfd.courier}

The above means that BFD detected a brute force attack from the IP on port 25, and automatically added a rule to APF to prevent future connections specifically from that IP address

Unblock an IP Address
If the IP address is denied in APF and you want to remove it, then use this command:

apf -u

If the command is successful, you should get a result similar to:

apf(12721): {trust} removed from trust system

APF then needs to be restarted for the change to take effect:
apf -r

If you’d prefer a more advance firewall for APF, see our tutorial on how to install and configure CSF and its security plugin LFD (Login Failure Daemon).

Basic SSH

If you have an account on a cPanel server with shell access or your own VPS or Dedicated server running Linux then SSH is a powerful tool to have in your skill set.

SSH (aka Secure Shell) is a way of logging into your server from a remote computer such as your home desktop or laptop. The remote connection utilizes encryption on both the server’s end and your end to keep the entire session secure.

The most common type of connection that our support department uses is to SSH into a server as the root user. Logging in as root allows you to make systemwide changes, restart important services, and perform many other tasks that only the root user is allowed to do (by default).

If you are going to initiate your remote connection from a Linux or Mac OS X computer you can start using SSH by opening up the Terminal application. Linux users should know how to find the terminal, and Mac OS X users need only open their Applications folder and then the Utilities folder to find Unfortunately SSH is not built-in to Windows, so you will need to download an application like PuTTY.

Thursday, May 1, 2014

Show Scripts Sending email WHM

To trace php script sending email, first you will need root SSH access to server and enable log selector for exim which will help you to generate extra/well defined logs for exim.

To do this Access WHM as root. Access Service Configuration >> Exim Configuration Editor. Click on Advance Editor.

Under exim.conf section you will see #!!# cPanel Exim 4 Config
and you can add following code in the text box.

How Uninstall Attracta

You can run below script as root. It disables all traces of Attracta from the server.

/scripts/attracta/uninstall-attracta is a symlink to /usr/local/cpanel/3rdparty/attracta/scripts/uninstall-attracta in newer versions. In older versions, you'll need to use the /u/l/c location.

As there are a number of different components to the Attracta integration, it's definitely recommended to use the uninstall-attracta script to ensure everything is cleaned up fully.

Saturday, March 29, 2014

Can I Upgrade the Kernel on your VPS

It is generally understood that a server running Linux needs to have a relatively recent kernel version or at least one that has been securely patched to fix any vulnerabilities. For dedicated servers, a kernel upgrade is not big deal; a simple install, reboot and you are done. For a virtual private server, it can differ depending on the technology and method of deployment your provider uses.

On OpenVZ, for example, the virtual OS does not actually use its own kernel. It relies on the host’s kernel. Therefore, upgrading your kernel package will not actually have an effect and might even produce errors. Instead, you can either depend on your hosting provider to update the kernel periodically or you might be able to use some internal method that the host has to update the kernel to latest.

How to Create Cron Jobs with Webmin

Webmin is a web-based system administration tool for Linux and other Unix-like servers. Webmin provides a graphical interface for many of the tasks you would normally have to perform from the command line. Best of all, it is free and open source. One task you might have trouble performing from the Linux shell is creating cron jobs. Fortunately, Webmin has a cron job module.

    Navigate to the cron job module page
    Click “Create a new scheduled cron job”
    Under “Execute cron job as”, enter the username you want to run the cron job
    Select whether you want the cron job to be active (selecting no will create it but leave it inactive until you change this setting)
    Type the command string in the command field
    If you have data you need sent to the command, enter it in the “input to command” field
    Select the time you want for “when to execute”. The dropdown menu will give general times like “hourly”. Alternatively, you can use “Times and dates selected below” and setup your own schedule.
    Optionally, setup “Date range to execute” to limit the cron job to a time period. After it expires, it will not run again.
    Click “create” to finish.

How to backup configuration files on Webmin

Most Linux items that need backing up are stored in user home directories. This usually includes virtual web server directories as well, depending on the web server and settings you are using. One exception to this rule is configuration files. These are stored in /etc and other places. When it comes time to backup, many people backup database files and home directories but forget about configuration files. Webmin has a solution.

How to Setup Reverse DNS in WHM

One of the often overlooked aspects of web hosting is reverse DNS. A website will not connect to users who type in a domain name if the forward DNS does not identify the IP address associated with it, but some domains do not have reverse DNS, despite it being an established Internet standard.

Among other uses, reverse DNS can help security-conscious users and professionals verify that the relationship between a domain and an IP address is valid, which helps prevent spam, phishing, and other nefarious activities.

When you manage your server with WHM from cPanel, it is easy to setup reverse DNS records for your IP addresses. Just follow these steps:

Create a reverse DNS zone file

Friday, March 28, 2014

mod_security best rules

# Deprecated due to security issues so it should be off:
SecCacheTransformations Off

# Check Content-Length and reject all non numeric ones
SecRule REQUEST_HEADERS:Content-Length "!^\d+$" "deny,log,auditlog,msg:'Content-Length HTTP header is not numeric', severity:'2',id:'960016'"

# Do not accept GET or HEAD requests with bodies
SecRule REQUEST_METHOD "^(?:GET|HEAD)$" "chain,phase:2,t:none,deny,log,auditlog,status:400,msg:'GET or HEAD requests with bodies', severity:'2',id:'960011',tag:'PROTOCOL_VIOLATION/EVASION'"
SecRule REQUEST_HEADERS:Content-Length "!^0?$" t:none

Cpanel log locations



cPanel Installation Logs:

Apache domlogs:

How to troubleshoot mysql database server high cpu usage/slowness


1. Firstly find out what's causing server CPU high usage
Normally, we firstly will notice that server cpu load is high, run 'top' to confirm which process is contributing the cpu high usage, it's mysql or other process. Also, run uptime, vmstat 2 and iostat -x to find out if there's any abnormal situation.

Here, we need some baseline to compare with, before the problem happens and server is running fine, we should have recorded some baseline information first such as the output of:

vmstat 2 20
top -b -n 5
iostat -x 5 | grep sdb

2. check mysql error log , slow query log etc from /etc/my.cnf

How to Setup FTP with ProFTPD in Webmin

After installing Webmin on a VPS, you may be wondering how to add and configure FTP users. With Webmin it is not a one-click process, but the procedure is still fairly simple. To install proftpd and add a user, follow these steps:

Login to webmin at http://xx.xx.xx.xx:10000 (may be https:// for Debian/Ubuntu system)
Access the Webmin Modules option via Webmin > Webmin Configuration
Select Standard module from
Click the button on the right of that option
Choose: proftpd
Click Install Module
On the left sidebar, after installation, click Refresh Modules
Click Create a new user accessed via System > Users and Groups
Provide a username for what is to be your FTP account
Select Normal Password and provide a unique, complex password for the account
If desired, select a custom home directory, otherwise choose Create home directory near the bottom of the options.
Select New Group with same name as user
Click Create
Once this is done, you should be able to access FTP with the username
and password you selected, using your server's IP address as the host.

Allowed memory size of x bytes exhausted (tried to allocate xbytes)

Fatal error: Allowed memory size of x bytes exhausted (tried to allocate xbytes)

The error normally occurs when PHP tries to process a big database records or when importing or exporting. To solve the error, there are two fixes. One is to increase PHP memory limit of the account by using a custom php.ini file. But sometimes it won't work.

If it didn't work, then you can fix the error by increasing the memory of the particular PHP script (displayed in error message) by adding an additional line at the top of the script:

Enable Iptables Modules for a VPS

Below was the error while trying to install CSF in one of the OpenVz containers:

    [root@abc ~]# perl /etc/csf/
    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...FAILED [ 4294967295] - Required for csf to function
    Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_limit/xt_limit...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_recent...FAILED [Error: iptables: Unknown error 4294967295] - Required for PORTFLOOD and PORTKNOCKING features
    Testing xt_connlimit...FAILED [Error: iptables: Unknown error 4294967295] - Required for CONNLIMIT feature
    Testing ipt_owner/xt_owner...FAILED [Error: iptables: Unknown error 4294967295] - Required for SMTP_BLOCK and UID/GID blocking features
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for MESSENGER feature
    Testing iptable_nat/ipt_DNAT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for csf.redirect feature

Enable Iptables Modules for a VPS:-

Sunday, March 9, 2014

How to Import/Export MySQL Databases with SSH

To export a MySQL database, access your Dedicated Server or VPS via SSH and run:

# mysqldump -u username -p database_name > dumpfile.sql

To import a MySQL Database, run:

# mysql -u username -p database_name < dumpfile.sql

How to Clear cPanel/WHM Brute Force Log from SSH

If you find that you have accidentally been locked out of your WHM/cPanel server by Brute Force Detection, you can log in to your Server or VPS via SSH and run the following command to clear the brute force log:

# echo “delete from brutes; delete from logins;” | mysql cphulkd

How to Check CPU Info with SSH on Linux

To check the CPU allocation and information on your VPS, simply log in to SSH as root, and run the following command:

# cat /proc/cpuinfo

How to Install IonCube loader

IonCube is a PHP module extension that loads encrypted PHP files, and speeds up webpages that are being displayed.

It is often required for a lot of PHP-based applications.

Download ioncube from their site according to your system:

So for example, for linux x86,

# cd /usr/local/src
# wget
# tar -xfz ioncube_loaders_lin_x86.tar.gz
# mv ioncube /usr/local

Use a text editor to open up php.ini in /usr/local/lib/phi.ini and insert:
according to your php version. Save and restart httpd.
# nano -w /usr/local/lib/php.ini
# service httpd restart

Monday, February 10, 2014

How to uninstall Trendy Site Builder

Quick tutorial to remove trendy site builder.

cd /usr/local/cpanel/base/frontend/x3
rm -rf trendysitebuilder
rm -f trendysitebuilder.tar.gz
rm -f /usr/local/cpanel/Cpanel/
cd /usr/local/cpanel/whostmgr/docroot/cgi
rm addon_trendysitebuilder.php
rm -rf trendysitebuilder
/usr/local/cpanel/bin/unregister_cpanelplugin /usr/local/cpanel/bin/trendysitebuilder.cpanelplugin
rm -f/usr/local/cpanel/bin/trendysitebuilder.cpanelplugin

Thursday, January 23, 2014

Disabling an email account

How can a particular email account be ‘disabled’ temporarily. Note that the email account should not be ‘deleted’ ? Is this possible at all via cPanel?

There is no direct functionality in cPanel at the moment for this. This feature might be added at a later stage.
However, you can achieve this functionality by modifying a few entries via SSH.

Comment out the entries related to the particular email account in the following locations:

Make sure that you just comment them and NOT delete them as you might need them back later.

Where to check the version of Horde

Where can I check the current version of Horde webmail client running with cPanel ?

If you have ‘root’ SSH access to the server then, simply open the file /var/cpanel/horde/version using your favorite editor and you’ll be able to see the current Horde version.

How to limit the overall size of emails

How can the overall size of an email including attachment, encoding etc. be limited to a pre-defined value?

This can be done in the following way :
Go to WHM >> Main >> Service Configuration >> Exim Configuration Editor
In the first box where you can type ( right below where you see ‘#!!# cPanel Exim 4 Config’ ), add the following directive :
message_size_limit = 100M
This will limit the overall size of the message to 100Mb

Not able to login to FTP accounts using root password

 Not able to login to FTP accounts using root password
Was able to login to all FTP accounts using the root password earlier but now it doesn’t seem to work. Where to check that?

Go to WHM >> Main >> Service Configuration >> FTP Server Configuration.
At the bottom of the page, you’ll find an option as ‘Allow Logins with Root Password’
Make sure that it is set to ‘Yes’ and save the settings.

This should resolve the issue.

How to block emails from a specific address using Exim

How to block emails from a specific address on a cPanel/WHM server using Exim ?

This is fairly easy to achieve with Exim.
First you’ll need to find the system filter file for Exim. This can be found out through WHM >> Main >> Service Configuration >> Exim Configuration Editor.
Towards the middle of the page, under the section ‘Filters’ , you ‘ll find the path to the file.
Open that file via SSH using your favorite editor and add the following to it :

    if first_delivery
    and ( (“$h_from:” contains “”)
    then fail

How to hide DNS controls from resellers/users

The server is mainly used for serving webpages and FTP. Certain things like DNS functions and email are not required as they are being handled externally. How can these be hidden from resellers/users?

DNS, email or any other functionality can be handled through ‘Feature Lists’ in WHM. Just go to WHM >> Feature Manager. Edit/create a feature list and enable/disable functions as required. Assign this ‘feature list’ to the particular ‘package’ which is assigned to the accounts.

How to find the number of user accounts via shell

There is no control panel installed on the server. So, how can the total number of user accounts on the system be determined?

Use the following command to find the total number of accounts on the system :
cat /etc/passwd | wc -l
Note : This will also include system accounts like root, mail etc.
To list all the accounts on the system then use the following :
cat /etc/passwd | cut -d”:” -f1

Turn off bandwidth monitoring

Issue :
How to turn off the bandwidth monitoring module in cPanel ?

Solution :
Go to WHM >> Service Configuration >> Service Manager.
Look for ‘cPBandwd’. Make sure that the check box besides that is unchecked.
Save the settings and that should be it !

How to change the default email settings

Issue :
Whenever a new account is created, the server sends out an email notification. Where can this setting be accessed and modified?

Fix :
Just go to WHM >> Basic cPanel/WHM Setup >> Server Contact Email Address.
You can make the required changes there.

How to enable SuPHP

 Issue :
 How to enable SuPHP

Solution :
Login to WHM.
Go to “Service Configuration >> Apache Configuration >> Configure PHP and Suexec” and check if SuPHP is available in the drop down menu. If it is available then select it and save the configuration after a dry run.
SuExec should also be available in the same drop down with an on/off option.

If SuPHP is not available then you need to run EasyApache via “WHM >> Software >> EasyApache (Apache Update)” and select SuPHP in the available options. You can also run EasyApache via console by using the following cPanel scipt :


Change in hostname causing redirection on secure access

Issue :
The server hostname was changed. Ever since that, secure access such as redirects to https://servername.old:2087

Fix :
This happens when the SSL certificate has not been reset for the services.
Go to WHM >> Manage Service SSL Certificates.
Re-issue all the service certificates.

This should resolve the issue!

SpamAssassin : WHM ACL Options : Reject mails with spam score at SMTP time

Issue :

It seems that by default, it is set to reject mails with a spam score of more than 20 at SMTP time. How to change the value of spam score for rejecting the mails at SMTP time ?

Solution :

You can do that by doing the following :

1. Go to WHM >> Main >> Service Configuration >> Exim Configuration Editor
2. Look for the section ‘ACL Options’ .
3. The first parameter under that deals with the spam score setting at SMTP time. De-select the check box corresponding to that.
4. When you de-select the check box, it will give you the other available options. Check the box corresponding to the desired value.
5. Click on ‘Save’ at the bottom to save the settings.

How to unblock IP address blocked by Brute force

METHOD to unblock all the IP addresses:

Command to disable cPHulk:

root@bigbang [~]# /usr/local/cpanel/bin/cphulk_pam_ctl – -disable
Command to enable cPHulk:
root@bigbang [~]# /usr/local/cpanel/bin/cphulk_pam_ctl – -enable

Removing blocked IP addresses manually from cPHulk’s database:

1.first login into mysql

2.then : use cphulkd;
mysql> use cphulkd; * from brutes;
mysql> SELECT * FROM brutes WHERE `IP`=’’;

mysql> DELETE FROM brutes WHERE `IP`=’’;