This will fix your issues, with curl: (77) Problem with the SSL CA cert (path? access rights?)# yum reinstall ca-certificates # yum reinstall openssl
Saturday, December 28, 2013
curl: (77) Problem with the SSL CA cert (path? access rights?)
This is an issue with ca-certificates that bundles with the server. You
may simply need to reinstall the following packages for fixing this
issue.
How to Configure Multiple shared IP’s in WHM
You can’t add multiple shared IPs in WHM GUI, but it’s possible to do so via SSH (login as root).
First, you need to create a /var/cpanel/mainips/ directory, if it doesn’t exist:
You can verify from WHM>>Home>>IP Functions>>Show/Edit Reserved IPs
First, you need to create a /var/cpanel/mainips/ directory, if it doesn’t exist:
Then, create a /var/cpanel/mainips/root file, with all the Ips as folllows# mkdir /var/cpanel/mainips/
Basically, each line is an additional shared IP in WHM. That’s it!10.0.0.10 10.0.0.12
You can verify from WHM>>Home>>IP Functions>>Show/Edit Reserved IPs
Change of default page in cpanel/WHM
In WHM, look for "Account Functions" and choose "Skeleton Directory".
This will show you where your directory is. Anything you add to your
skel directory will automatically be added to the users directory when
you create a new account.
If you place a default HTML page within the "public_html" sub-directory then it will be included within the public_html directory of the user's new account upon creation.
Example paths:
If you place a default HTML page within the "public_html" sub-directory then it will be included within the public_html directory of the user's new account upon creation.
Example paths:
/root/cpanel3-skel /root/cpanel3-skel/public_html /root/cpanel3-skel/public_html/index.html
Saturday, December 7, 2013
How to fix the FTP time out error
How to resolve the error :
This error occurs when we are able to connect using FTP but folder listing fails!
Resolution:
1)Login to the WHM==> FTP Server Selection
2)change the FTP server to Pure-FTPD from PRO-FTP ==> Save
3)Now ssh into the server as root and open the pure-ftp conf file /etc/pure-ftpd.conf
4)Find the FTP port no: used the “PassivePortRange” from the config file
5)Add the port range into the config file
for eg :
7)Open the csf(firewall) config file, add the ftp port along with the passive port range
eg :
[bash]!connection failed xx.xx.xxx.xxx – connection timed out
!connectio:error 0
PORT xxx,xxx,x,x,x,xxx
500 Illegal PORT command
!Failed "port"
!Retrieve of folder listing failed (0)[/bash]
This error occurs when we are able to connect using FTP but folder listing fails!
Resolution:
1)Login to the WHM==> FTP Server Selection
2)change the FTP server to Pure-FTPD from PRO-FTP ==> Save
3)Now ssh into the server as root and open the pure-ftp conf file /etc/pure-ftpd.conf
4)Find the FTP port no: used the “PassivePortRange” from the config file
5)Add the port range into the config file
for eg :
[bash][/bash]PassivePortRange 30000 40000[bash][/bash]6)Save and quit
7)Open the csf(firewall) config file, add the ftp port along with the passive port range
eg :
[bash][/bash]# Allow incoming TCP ports8)Restart csf & Pure-ftpd
TCP_IN = “20,22,25,53,80,110,143,443,465,587,993,995,2001,2077,2078,2082,2083,2086,2087,
2095,2096,30000:40000″[bash][/bash]
How to fix the WHM CSF security test errors!
As a part of ensuring security, we perform a CSF security scan from WHM. We may get the following error after the scan
Check csf LF_SCRIPT_ALERT option WARNING This option will notify you when a large amount of email is sent from a particular script on the server, helping track down spam scripts
To fix this error : ssh into the server and edit the csf configuration file
vi /etc/csf/csf.conf
search for LF_SCRIPT_ALERT = “0″
Change the value from “0″ to “1″ to fix the issue.
Don’t forget to restart the CSF
You may also get the following error :
cPanel icons missing on WHM
Usually WHM allows you to login to the cPanel accounts from the
“List Account” option. But sometimes you may not able see the cPanel
icons which prevents you to login to the cPanel account as root.
FIX:-
goto “Tweak Settings” and uncheck the option below
FIX:-
goto “Tweak Settings” and uncheck the option below
Disable login with root or reseller password into the users’ cPanel interface. Also disable switch account dropdown in themes with switch account feature.
How to change Linux root password temporarily.
This is a simple technique by which you can have your our root
password temporarily and change it back to the real one after use. The
condition is
* You are logged in as root and you don’t know the root password
Back-up the current shadow file.
* You are logged in as root and you don’t know the root password
Back-up the current shadow file.
[root@localhost ~]# cp /etc/shadow /etc/shadowbkupChange the current root password the desired one.
How to transfer a cPanel account to DirectAdmin.
The file structure and back-ups for both
control panels are entirely different and its quite difficult to
restore the files transfered from one to another control panel manually.
There is a script available which can convert a cPanel back-up to the
format that of a DirectAdmin. The convert process is quite simple.
Download the conversion script from here .
*You can download it using the terminal :
*Create two directories import and export :
mkdir import export
Find Linux OS is 32 or 64bit.
There are several situations where you
need to confirm whether your Linux OS installed is 32bit or 64bit.
People normally use uname -a to find it. But the following command will
tell you exactly the machine architecture.
getconf LONG_BIT
getconf utility shall conform to the Base Definitions volume of IEEE Std 1003.1-2001, Section 12.2, Utility Syntax.
eg:
[root@localhost ~]# getconf LONG_BIT
32
[root@localhost ~]#
32
[root@localhost ~]#
My machine is 32bit.
How to disable gzip output on lightspeed server accounts
You can use .htaccess to disable gzip output if your website is running under a lightspeed server.
Open .htacess file and append following lines.php_flag zlib.output_compression Off
RewriteEngine On
RewriteRule . – [E=no-gzip:1]
RewriteRule ^(.*)$ $1 [E=no-gzip:1]
How to configure NAT with iptables on a VPS.
NAT ( network-address-translation ) with
iptables helps us in how to select the packets we want to mangle. We
can easily configure NAT on a OpenVZ VPS by following the below steps.
Lets first consider a VPS in which NAT is not enabled. Trying to POSTROUTE from VPS throws you errors.
iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o venet0 -j SNAT –to 111.140.170.134
or iptables -t nat -nvL
iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)To Enable NAT :
Perhaps iptables or your kernel needs to be upgraded.
* Login to Node server.
Check vzcinfiguration file to find whether NAT is enabled or not.
grep -i iptables /etc/vz/vz.conf
You will get
Exim: remove mails in queue from a particular sender.E
“spams”, its one of the major issue that a sys admin has to deal with throughout his job. First you need to find the user who is generating it. You can get it from the mail headers. Once you find the user, disable the script that was responsible for spams, but it may have already kept thousands(may be lacks) of mails in the exim queue waiting for its chance to get delivered. To delete these mails one by one is impossible. In a cPanel server having exim mail, you can use the following command to delete mails in the current queue generated by that particular user only.
SSH into the server
-i print messages id
-f from address
-Mrm remove mails
Remove mails to a particular sender in the queue :-
exiqgrep -i -t user@domain.com | xargs exim -Mrm
-t to address
SSH into the server
exiqgrep -i -f user@domain.com | xargs exim -Mrm
-i print messages id
-f from address
-Mrm remove mails
Remove mails to a particular sender in the queue :-
exiqgrep -i -t user@domain.com | xargs exim -Mrm
-t to address
How to enable DKIM in cPanel server.
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit and one can use this to prevent from getting blacklisted by the free email providers like Yahoo, MSN and Google. DKIM can increase the mail authenticity.
cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.
Check if exim is compiled with DKIM support enabled.
cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.
Check if exim is compiled with DKIM support enabled.
[bash]root@server # /usr/sbin/exim -dd 2>&1 | grep Experimental_DKIM[/bash]
[bash]Support for: crypteq iconv() IPv6 PAM Perl OpenSSL Content_Scanning Old_Demime Experimental_SPF Experimental_SRS
Experimental_DomainKeys Experimental_DKIM[/bash]
Subscribe to:
Posts (Atom)