Where Does cPanel Put It?

Posted by Nessa | Tags: ,,, | Posted on December 17, 2008

5

I can think of a few things that are wrong with that title but in all seriousness…don’t you ever wonder where cPanel stores the config changes that you make in WHM?  Automation is the key nowadays, and lately that’s required me to get a little down and dirty with cPanel to find its deepest secrets. *This information is not official documentation, nor is it backed up by cPanel or set in stone.  In other words, don’t blame me if you mess up your server.

These are files that store the information read and used by WHM (as of 11.23.6)

  • IP addresses: /etc/ips
  • Reserved IPs: /etc/reservedips
  • Reserved IP reasons: /etc/reservedipreasons
  • IP address pool: /etc/ipaddrpool
  • Access hash (WHM remote access key): /home/user/.accesshash or /root/.accesshash
  • cPanel update preferences: /etc/cpupdate.conf
  • Basic cPanel/WHM setup:  /etc/wwwacct.conf
  • System mail preferences: /etc/localaliases
  • Exim open relay list: /etc/alwaysrelay
  • Server-wide max emails per hour: /var/cpanel/maxemailsperhour
  • Tweak settings: /var/cpanel/cpanel.config
  • Packages: /var/cpanel/packages/
  • Features: /var/cpanel/features/
  • User data: /var/cpanel/users/ and /var/cpanel/userdata
  • Apache templates: /var/cpanel/templates/apache(1,2)
  • Exim config template: /etc/exim.conf.localopts
  • Exim mail IPs: /etc/mailips
  • rDNS for mail ips: /etc/mail_reverse_dns
  • Clustering: /var/cpanel/cluster/root/config
  • Service manager: /etc/chkserv.d
  • Users and their domains: /etc/userdomains
  • Users and their main domains: /etc/trueuserdomains
  • Users and their owners: /etc/trueuserowners
  • Main cPanel IP: /var/cpanel/mainip
  • cPanel version: /usr/local/cpanel/version
  • Resellers: /var/cpanel/resellers
  • Reseller nameservers: /var/cpanel/resellers-nameservers

These are a few scripst that you can use to achieve the same  results of their WHM equivalents:

  • Initialize quotes: /scripts/initquotas
  • Compile Apache: /scripts/easyapache  (you can pass additional options – see EasyApache 2 docs)
  • Update cPanel: /scripts/upcp
  • Enable/disable tweak settings: /scripts/smtpmailgidonly on|off
  • Change PHP API and suExec settings: /usr/local/cpanel/bin/rebuild_phpconf
  • Suspend an account: /scripts/suspendacct <user> <reason>
  • Terminate an account: /scripts/killacct <user>

Obviously there are a ton more, and just about anything done in WHM can be done directly on the server.  The main things to remember:

Scripts are mainly stored in /scripts and /usr/local/cpanel/bin

Data files are in /var/cpanel

Config files are in /etc/ and /usr/local/cpanel

daybreakers

All Up in My Twitter…

Posted by Nessa | Tags: , | Posted on September 6, 2008

4

So people at work have been nagging me to get a Twitter

account — why?  So they know everything I’m doing all the time?  Finally I just decided to go with the flow and so far it hasn’t been that bad — as soon as I joined and started “watching” my boss, I had like 6 co-workers join as watchers.  I think the idea of Twitter is great, but it kind of seems like a stalking tool.  I mean, anyone can “watch” you and know exactly what you’re doing.  Good thing they at least have a block tool to keep the creeps out, eh?

Anywho, you can see my status at any time on my side bar.  And if you’re not a creepy pervert, feel free to watch me as well =)

Setting up cPanel Proxies

Posted by Nessa | Tags: , | Posted on July 26, 2008

2

It’s been about a while since cPanel 11.1 came out and the proxy script from cpanelproxy.net that we all know and love stopped working. Well, the cPanel devs came through for us again and incorporated an Apache-based proxy feature to natively allow users behind firewalls to connect to cPanel over port 80, similar to the way the previous php-based cpanel proxy worked. This was a peace of cake on new server setups, where all you had to do was check on the proxy options in WHM “Tweak Settings” and include mod_proxy in your Apache build. However, I had a very difficult time getting this to work on previous servers that did not already have those features. After bringing this up to Mr. Ken from cPanel (who, by the way, is the most awesomest person in the cpanel bunch), I was finally able to come up with a procedure for getting this to work without having to completely recompile Apache which is a no-no on more mature production servers.

First, if you haven’t already, run a cpanel update to the latest version which at the time of my writing is 11.23. Once the update is complete, log into WHM > Tweak Settings and check off these options (only the first is required):


Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port

Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts.

Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains

Now, to install mod_proxy (for Apache 1.3 and 2.x)

Download the source for your Apache version. If you’re not sure what that is, you can find out from your phpinfo file or in some cases by typing ‘httpd -v’ from command line.

wget http://apache.mirrors.tds.net/httpd/apache_1.3.41.tar.gz
tar -xvzf apache_1.3.41.tar.gz
cd apache_1.3.41/src/modules/proxy (will just be /modules/proxy for Apache 2 sources)

You need to compile the mod_proxy module with apxs to add it to httpd.conf. For Apache 1.3.x:

/usr/local/apache/bin/apxs -i -a -c mod_proxy.c

For Apache 2.2 (not sure about 2.0 since we don’t run that version on any of our systems) I found that you have to compile mod_proxy with two of its submodules in order for the proxy feature in cpanel to work:

/usr/local/apache/bin/apxs -i -a -c mod_proxy.c proxy_util.c
/usr/local/apache/bin/apxs -i -a -c mod_proxy_http.c

The restart Apache and verify that it is able to start. In my case, when I just compiled the mod_proxy module I got some error about ap_proxy_lb_workers, but when I added proxy_util that fixed the problem. Then I wasn’t able to get the cpanel proxy feature to work without mod_proxy_http. There is one last step with Apache, where you need to add the proxy virtualhost entries in. cPanel has this set up as one virtualhost entry for all the subdomains as well as https, which didn’t quite work in my case because we have shared SSL certificates on the main IP. So I added the following lines between the <VirtualHost> tags for the main hostname and shared ssl hostname:

ServerAlias cpanel.* webmail.*
RewriteEngine On
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteRule ^/(.*) http://127.0.0.1:2082/$1 [P]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteRule ^/(.*) http://127.0.0.1:2095/$1 [P]
UseCanonicalName Off

These are just the ones for webmail and cpanel, but webdisk and whm ones can be added as well.

All you need to do now is setup the subdomains so that customers can access them. The best way to do this is to specify the username:

/scripts/proxydomains --user=username add

To do all accounts on the server (which can take a while):

/scripts/proxydomains add

To list all the options for this script simply type /scripts/proxydomains .

v-nessa.net is de-Googled

Posted by Nessa | Tags: , | Posted on July 21, 2008

11

Um….what?

I thought something was up when for the last month my traffic rate went from 300,000 in May to only 24,000 in June, even moreso when I found out my pagerank dropped from a 6 to a 4. I was de-Googled! Apparently a month or so ago a spam comment slipped past Akismet and got posted to my blog, and that meant that my site no longer meets the “quality” guidelines for Google. I found the post and removed it, but upon filling out their reconsideration form it appears that it takes 4-6 weeks to be reviewed and added back. Man, that sucks….

Anywho, I’d hate to do this mainly because I’m lazy, but I’ve set WordPress to send new comments to moderation again so I have to manually approve them. What I’m confused about is that if my site doesn’t meet quality guidelines for Google, where does this guy fit in?

How to Add Services to Chkservd

Posted by Nessa | Tags: ,, | Posted on June 28, 2008

4

.!.
.!.

Chkservd is the service in cPanel that checks to make sure that services are running, then restarts them if necessary. It’s also responsible for the ‘Service Manager’ section in cPanel, which is an interface where added services can be easily checked on and off.
To add a new service, create a line in /etc/chkserv.d/chkservd.conf in the same format as the others:

service:1

1 means the service should be enabled, 0 means it’s off.
In /etc/chkserv.d each service has its own file. Create a file called as the name of the service you are monitoring. The contents of the file are in the format of:

#SERVICE = PORT, SEND, RESPONSE, RE-START COMMAND

There are two ways that cPanel checks services with chkservd:

  • Connection-based monitoring – By default, cPanel will try to connect to the service’s specified port, issue a command, and if a response is received within 10 seconds it will consider the service to be online. For instance, FTP:
service[ftpd]=21,QUIT,220,/scripts/restartsrv_ftpserver
  • Process-based monitoring – cPanel will check for a specific process to determine whether it is online. For instance, named:
service[named]=x,x,x,/scripts/restartsrvr_bind,named,named|bind

If you have more than one restart command, you can separate them with semicolons in order of preference that they should be run. Output of these commands will be logged to the chkservd.log
After you’ve created the service’s configuration file, restart chkservd:

/etc/init.d/chkservd restart

You should then see the service listed in WebHost Manager in the ‘service manager section’
Chkservd logs are in /var/log/chkservd.log. Checks are done every 8 minutes, and everyone online service gets a +, offline services get a -. If the service is determined to be offline, the restart command(s) specified in that service’s chkservd configuration file is issued and the output is logged.

If you don’t even have chkservd installed, it’s probably missing and you need to install it.

Alternative PHP Caching FTW

Posted by Nessa | Tags: , | Posted on June 27, 2008

4

.!.

We get a TON of requests for the PHP APC pecl module because after having adopted suPHP into our configuration, eAccelerator is worthless. It’s quick to install, and especially if you’re running suPHP or phpsuexec, each user can maintain their own settings within their local php.ini without me having to do anything — basically the best thing that a lazy system admin can ask for.

Soooo, here’s how you install it:


wget http://pecl.php.net/get/APC-3.0.17.tgz
tar -xvzf APC-3.0.17.tgz

phpize
./configure && make && make install

Then just add “extension=/apc.so” to your php.ini and you’re done. With PHP under Apache this will load the APC module for everyone, but for suPHP users you’ll need to add it to their php.ini which will also allow them to modify their own APC settings. These are the ones I recommend using:

apc.enabled = 1
apc.shm_segments = 1
apc.shm_size = 30
apc.optimization = 0
apc.ttl = 7200
apc.user_ttl = 7200
apc.num_files_hint = 1000
apc.mmap_file_mask = /tmp/apc.XXXXXX

Now, if you want to get even sexier with it I came across this little tool that monitors the performance of APC on your server.

Santa (kind of) Brings Nessa a Brother

Posted by Nessa | Tags: , | Posted on June 24, 2008

0

.!.

For Christmas this year my sisters and I bought my mom a Pomeranian that she named Teddy (though my sisters and dad subsequently named him Simon, Maverick, Titus, and Leo). Side note: here’s documented evidence that my Dad does indeed like dogs:

Now ask me why it took me 17 years to beg my dad for a dog, and I still didn’t get one until I was 20 when I was already out of the house. Anyways, we in the Vasile household believe that pets are as much part of a family as people are, which is why I animately insist that my son, Capone, and my niece, Harley, are the only grandkids that my parents are getting anytime soon. Well, this concept kept in mind, the addition of Teddy means that I have a new 4-year-old half brother. I’ve always been the youngest in the family but I’ve so far completely my sisterly duty of taking my little bro to see Santa clause with his uncle Capone:

Merry Christmas!!!

The Big 21

Posted by Nessa | Tags: , | Posted on June 21, 2008

6

.!.

Well, my 21st birthday is finally here…yay! Of course, all that means to me is that I can now do everything I’ve already been doing for the last four years, only now I’d be doing it legally. So happy birthday to me, I’m getting plastered tonight.

FYI, no pics yet — the party is this Friday the 25th so I’ll have plenty then and I’ll post ‘em here.

Fedora Chokes on Firefox

Posted by Nessa | Tags: , | Posted on June 17, 2008

2

.!.

We use Fedora in my Linux classes at school, so I was equally pissed off of when I found out that the stock firefox installation doesn’t support ssl…in other words you can’t get to secure pages. Since the entire schooli ntranet is on a secure connection it pretty much sucks when you can’t access your email and assignments. I was the only person in the class who was able to fix this and be able to finish my shit during class instead of doing it for homework.

The error you get when accessing secure pages in Firefox on Fedora is:

Unexpected response from server
Firefox doesn’t know how to communicate with the server.

You can fix this in three commands:

yum update nss (or yum install nss, if it’s not installed)
yum remove firefox
yum install firefox

The Super-Duper Way to Run Backups

Posted by Nessa | Tags: , | Posted on June 15, 2008

1

.!.

I often worry about my PC at work — it’s about 3 or 4 years old now and I’ve already crashed it twice by running Ubuntu updates and not letting them finish. Luckily I have my home drive mounted as a separate partition so reinstalling the OS isn’t a huge inconvenience aside from having to reinstall all my apps.

After doing some googling I came across SBackup, which is a simple backup program to back up whatever on your system to wherever you want to keep your backups — without having to configure a script.

First, install sbackup via apt-get, yum, or whatever other package manager you use:

$ sudo apt-get install sbackup

Then open the backup manager under System > Administration > Simple Backup Config

Now, I used the custom backup settings because I didn’t want to back up everything on my system — all I’m concerned about is everything in my home directory, such as my Documents, email, and porn browser settings. To select what you want backed up, go to the Include tab and Add Directory or Add File to include files and folders in your backups.

Naturally there are some files within your selected folders that you don’t want to back up, like your trash and cache. You can add those under the Exclude tab.

Next set your timing — I did ‘precisely’ every day at 5pm when I won’t be here to experience the extreme lag of my 14G home directory being tarred up. As for the Purging options, I chose Logarithmic so that I don’t have old backups that I don’t need — I only need the backups in case my PC crashes and I lose everything, so I don’t care about backups from two weeks ago.

The destination part is where you want your backups to go. The default is /var/backup, but if your PC crashes, that isn’t going to be very convenient for you. Therefore one of the two options should be the one you go with:

- Custom local directory: If you have a floppy disk (which I pray you do not) or a USB drive, you can usually find those in the /media directory and have those mounted to copy your backups

- Remote directory: If you have FTP or SSH access to a remote server, you can have your backups uploaded. The syntax is simple:

ssh://user:password@serverip:/remote/dir

After you have everything configured, save your settings and hit Backup Now! to run a test and make sure everything is working.