Jul 14

Small application for disabling mod_security for specific domains on cPanel server

Posted on Tuesday, July 14, 2009 in cpanel, linux, mod_security, script

Alright, I’m lazy so I always make a script/utility for anything and everything. Another fine piece of lazygineering.

This little script disables mod_security on specific domains that you pick, mod_security2 does not allow disabling it from .htaccess and it’s pretty annoying to do the same work all over and over again, why not make it one line only.

Introducing, disable_modsec — Enjoy lazy cPanel server admins.

#!/usr/bin/perl


use strict;

use lib qw(/usr/local/cpanel);

use Cpanel::AcctUtils::DomainOwner;
if ($ARGV[0])

{

  # Get username

  my $username = Cpanel::AcctUtils::DomainOwner::getdomainowner($ARGV[0]);

  my $domain = $ARGV[0];
  # Create directory for config

  system ('mkdir -p /usr/local/apache/conf/userdata/std/2/'.$username.'/'.$domain);
  # Create config file

  open (CONFIG, ">>/usr/local/apache/conf/userdata/std/2/".$username.'/'.$domain.'/modsec.conf');

  print CONFIG "\nSecRuleEngine Off\n";

  close CONFIG;

# Enable vHost includes system ('/scripts/ensure_vhost_includes --user='.$username); } else { print("Usage: disable_modsec [domain]\n"); }

Tags: application, cpanel, disable mod_security2, linux, problems, small script

Jul 2

Useful little bit of code – List all domains on cPanel server

Posted on Thursday, July 2, 2009 in cpanel

Need to list all domains on the server (no subdomains, etc)?

Here’s the magical code:

cat /etc/userdomains | awk -F ':' '{ print $1 }' | sed 's/.*\.$.*\.$/\1/' | sort -u

Jun 20

cPanel humor: Uninstalling cPanel

Posted on Saturday, June 20, 2009 in cpanel, funny, humor

It’s always been known that once you install cPanel, you cannot uninstall it, the only way to get rid of it reinstall the server completely. However, I was doing some work on a server and ran into this file:

/usr/local/cpanel/uninstall

And the content:
#!/bin/sh # Uninstall script for Cpanel rm -f "/usr/local/cpanel/uninstall" #### END OF UNINSTALL echo "Cpanel has been uninstalled."

Nice to know that developers still have a sense of humor. cPanel’s developers are always known to be down to earth guys and I can assure you that’s true! (not if that little bit of code in a production program didn’t prove it! )

Tags: cpanel, funny, humor

Jan 5

Horde broken or not working correctly on cPanel server

Posted on Monday, January 5, 2009 in cpanel, fix, horde, linux, quick fix

Simple, short & sweet post, this should easily fix any problems you’re having

/usr/local/cpanel/bin/update-horde --force

Also, this might be useful to run hourly, I leave this on our servers “just in case”.

(mysqlcheck --auto-repair eximstats ; mysqlcheck --auto-repair horde) >/dev/null 2>/dev/null

Tags: cpanel, horde, problems, short fix

Dec 30

Migrating cPanel reseller accounts with root WHM access

Posted on Tuesday, December 30, 2008 in backup, cpanel, migration

We have a few clients that were WHM resellers and upgraded to VPS with root cPanel, however there is no main easy way to migrate WHM reseller account to a root account under WHM, that’s where we started playing around and making our own script. You need root access to the source and final server to do this, this looks like the fastest way to do this at the moment.

First of all, we need to get all the accounts and create a backup of their accounts, this is done using a couple of bash lines and parsing the file /etc/trueuserowners. That file contains every account on the server and the accounts that own it. This following will go over that file, take out the resellers accounts and back them up one by one. The best way to make sure no mistake happens is to ensure that /home or /home2 or any other /home directories because the /scripts/pkgacct creates them there. We also use cpuwatch not to create excessive load on the server when creating the backup. It will stop the process once load averages go higher than 10.

for i in `cat /etc/trueuserowners | grep resellerusername | awk -F ':' '{ print $1; }'`; do /usr/local/cpane/bin/cpuwatch 10 /scripts/pkgacct $i; done;

Usually this takes a while so this is what you can do if it’s halfway done to save time

/usr/bin/rsync --delete -avvxHt --progress -e ssh /home/cpmove-* 1.2.3.4:~

This will start moving the files from the old server to the new one, we use rsync so that we can just run it again after the full backup is done so we don’t have to restart the whole process again. Once it’s done and all data has been moved, another loop, I did this one quickly however I think it could be cleaner, if someone has a better way to do with (regexp?), please let me know.

for i in `ls | grep cpmove- | awk -F '.' '{ print $1 }' | awk -F '-' '{ print $2 }'`; do /scripts/restorepkg $i; done;

After finishing that, you should be all done!

Tags: cpanel, migrating, migrating reseller account, reseller

Nov 28

/tmp clean-up script modification, sessions dying with PHP

Posted on Friday, November 28, 2008 in cpanel, linux, mysql, mysql.sock, php, tmp

It seems there there was a little flaw in the script that I wrote a while ago, any PHP sessions on the server will timeout/die after 1 hour if you run that as an hourly cronjob, I have made a small modification to the script.

The only small modification is that now, it deletes all sess_* files that have not been accessed for 5 days therefore are probably just sitting there and never going to be used again, the rest remain deleted because it’s failed uploads/etc that will never be used again.

#!/bin/bash


# Change directory to /tmp

cd /tmp
# Clean up trash left by Gallery2

ls | grep '[0-9].inc*' | xargs rm -fv
# Clean up PHP temp. session files

find /tmp -atime +5 -name 'sess_*' -print | xargs rm -fv
# Clean up dead vBulletin uploads

ls | grep 'vbupload*' | xargs rm -fv
# Clean up failed php uploads

ls | grep 'php*' | xargs rm -fv

# Clean up failed ImageMagick conversions. ls | grep 'magick*' | xargs rm -fv

Thanks!

Tags: cleanup, cpanel, errors, php, session, timeout, tmp, tmpcleanup

Nov 27

Cleaning up /tmp directory on busy cPanel web hosting servers

Posted on Thursday, November 27, 2008 in cpanel, error 22, linux, mysql, mysql.sock, php, tmp

Usually, the /tmp directory is one of the frequently accessed directories, temp files of MySQL, PHP and other applications are placed and often if processes die, left over. Uploads using PHP are always uploaded to the /tmp directory till they are complete, if you have some dying processes, you will end up with a filled /tmp directory which is hell.

Why? Because MySQL leaves and uses it’s temporary files in /tmp, and if there is no space in there, queries will start failing. Uploads from PHP or Perl are placed in there till the upload process is over, they cannot be further placed there because there is no more space left. So far, we have failing MySQL & inability to upload complete PHP files, system administrator hell.

Easy fix, you might say? Just a simply rm -rf / should take care of it? Nope. Try that, have fun trying to fix the sockets you deleted, specifically applications that depend on the mysql.sock placed in your /tmp directory, things just got worse. In case you actually did delete everything, just restart the services, they should re-appear, if they don’t, they should be somewhere else and you have to create a symbolic link using li, MySQL’s socket is usually located at /var/lib/mysql/mysql.sock.

The best way is to either have a script that cleans it up hourly if you know what usually fills it up or manually run ls -alhS /tmp | head and looking what’s causing the problem and how to avoid it in the future, I have developed a script that I run on multiple servers with no problems at the moment. It takes care of the most trash caused on a cPanel server

#!/bin/bash


# Change directory to /tmp

cd /tmp
# Clean up trash left by Gallery2

ls | grep '[0-9].inc*' | xargs rm -fv
# Clean up PHP temp. session files

ls | grep 'sess_*' | xargs rm -fv
# Clean up dead vBulletin uploads

ls | grep 'vbupload*' | xargs rm -fv
# Clean up failed php uploads

ls | grep 'php*' | xargs rm -fv

# Clean up failed ImageMagick conversions. ls | grep 'magick*' | xargs rm -fv

That usually is enough, my suggestion is to have that run as a cronjob every hour, but I’m not going in detail on how to do that, because if you don’t know how to setup a cronjob, perhaps you shouldn’t be messing around in /tmp directories and deleting stuff on the first place!

Update: This script is faulty and will cause you a lot of problems with PHP sessions, please read more information and read the new one here

Tags: cpanel, error 22, full, linux, mysql, mysql.sock, php, tmp, uploads

Nov 24

AACRAID based controllers timing out / aborting / SCSI hang

Posted on Monday, November 24, 2008 in aacraid, adaptec, cpanel, grsecurity, kernel, linux, network, raid, scsi

We’ve been lately starting to use more Adaptec RAID controllers rather than 3ware RAID controllers. 3ware has been nothing but trouble for us, dropping hard drives, even RAID5 arrays are running slower than a regular hard drive with no RAID. Our latest issue was a server just simply having a Kernel Panic when using high IO, our experience with 3ware RAID controllers & Linux is terrible.

On this other side, Adaptec has been great. We’ve been using them for a while now and see no problems at all, however there is just a small catch, Linux usually has a SCSI subsystem timeout of less than 30 seconds which results in a small difference between the controller timeout (at 35 seconds) versus the Linux timeout (at 30 seconds). This usually brings a server to a halt for a couple of seconds (and minutes in cases) till the server recovers, errors like this are thrown in the console:

aacraid: Host adapter abort request (0,1,3,0) aacraid: Host adapter abort request (0,1,1,0) aacraid: Host adapter abort request (0,1,2,0) aacraid: Host adapter abort request (0,1,1,0) aacraid: Host adapter abort request (0,1,2,0) aacraid: Host adapter reset request. SCSI hang ?

The best method that usually works best is to increase the timeout higher than 45 to ensure that the Linux timeout does not occur before the RAID controller timeout, this is done per device / array.

echo '45' > /sys/block/sda/device/timeout echo '45' > /sys/block/sdb/device/timeout echo '45' > /sys/block/sdc/device/timeout

This should be done to every device, 45 is a good number however you can use what you’d like as long as it’s over 35. If you’re experiencing issues with loads going sky-high with no apparent reason, this might very well be the reason, to check if this is a possible cause, you can run the following

dmesg | grep aacraid

If you see errors like the ones that I have up there, then I suggest using that small workaround, if even after using the workaround, you’re still facing these problems, here are the suggestions/checklist that Adaptec suggests:

Check for any updated firmware for the motherboard, controller, targets and enclosure on the respective manufacturer’s web sites.

Check per-device queue depth in SYSFS to make sure it is reasonable.

Engage disk drive manufacturer’s technical support department to check through compatibility or drive class issues.

Engage enclosure manufacturer’s technical support department to check through compatibility issues.

Anyhow, just like with every Linux issue, your mileage may vary, so if you know of any other fixes or figured out a way how to fix this, feel free to post it as a comment to help others.

Tags: aacraid, adaptec, controller, hdd, linux, performence, raid, raid-10, raid-5, scsi, scsi subsystem, server, timeout

Feb 23

Helpful cPanel included application

Posted on Saturday, February 23, 2008 in cpanel, linux

cPanel may have some very annoying bugs sometimes however there are very useful bits of it that can help in general system administration, dealing with a very busy server and trying to terminate an account that has high disk usage will make the load averages go sky high however thanks to this neat little application provided with cPanel, you can forget about freaking out on high server load. I have personally tried multiple solutions (including nice) but the loads would still go high and the server would be unusable.

With every cPanel installation, there is a binary located at /usr/local/cpanel/bin/cpuwatch, what cpuwatch does is that it executes the command and monitors the load, if the load goes past the set limit, it will stop the application and resume it after the load averages are below the threshold for a few seconds, the usage for it is very simply

cpuwatch (<-p PID>| [arguments]) maxload : system load at which throttling should commence command : command to run under cpuwatch -p PID : monitor and throttle the existing process PID

Another neat feature is that it can fork a new process or attach itself to a running process, here is an example of deleting an account using SSH and setting the load average threshold to 4.0

/usr/local/cpanel/bin/cpuwatch 4.0 /scripts/killacct username

The load average will go past 4 however the process will stop running as it goes past that limit, if you already have a process running and you do not want to restart it all, you can run the following command to attach it to the process, in this case, the process ID of my process is 18274.

/usr/local/cpanel/bin/cpuwatch 4.0 -p 18274

It’s a very simple but very neat utility that has saved me a few times where I had to do major file operations and did not want the server to have high load averages, this same binary is also used when the logs are running for cPanel and as well as when the cPanel backups are running.

Feb 23

Fantastico, PHPList and blank pages

Posted on Saturday, February 23, 2008 in cpanel, fantastico, linux

I’ve lately had a few clients complaining about their PHPList installs not working properly when using Fantastico, I tried it out myself and it does indeed seem to be somewhat broken. Usually when you go the adminstration page, it simply shows and empty page and if you view the source for that page, it contains something along of these lines:

The cause of this problem seems to usually be a default Fantastico setting that is not properly set, to fix this, you will need to edit your /config/config.php and replace the following:

define("PLUGIN_ROOTDIR","/tmp");

With the following, of course replacing username by your cPanel username and making sure that the path for your account is correct (sometimes, it’s home2 instead of home).

define("PLUGIN_ROOTDIR","/home/username/tmp");

After a few days of research on this and a few angry clients, it’s all figured out so I guess why not share them with other system administrators, it’ll save them some trouble!

Search

Twitter

@allyrhodesmusic that's freakin' sweet! anytthing else I haven't gotten shocked about? 1 hour ago
@allyrhodesmusic holy. I thought you were 19-22. I'm 18 and I thought you're older than me. I'm seriously shocked lol 2 hours ago
@allyrhodesmusic wait. You're not 18?! Are you kidding?! 2 hours ago
@allyrhodesmusic did so but how is it related if I may ask :P 2 hours ago
@ashleyh_xo mmm. Lol I'm so tired I just drove mtl-tor and back in 1 day. Just got backkkk :P 19 hours ago
@ashleyh_xo sounds kindaaaaa familiar. Haha is it funnn 20 hours ago
@ashleyh_xo wait what's the name of it in french? Is it private? Lol... 2010/07/30
@ashleyh_xo I've honestly never heard of that school lol :/ 2010/07/30
@Stephanyannc sorreh, just not down for any drama or shit, really. 2010/07/29
@Stephanyannc right I'm sorry but gtfo if you think that. If that's what you think then leave meh alone kthnx 2010/07/29

/proc/sys/net/blog rants, tutorials and documents about everything server related