Pages

Saturday 30 June 2012

cpsrvd not running

If Cpanel is not running on the server and you are getting following,

# service cpanel status

cpsrvd dead but pid file exists
entropychat is stopped
melange is stopped
stunnel is stopped
interchange is stopped
qrunner is stopped

Then if you try to restart cpsrvd and if you are getting following error,

# /usr/local/cpanel/cpsrvd restart

Cwd object version 3.11 does not match $Cwd::VERSION 3.14

Then please try running following to fix the problem,

rm -rf /usr/local/cpanel/modules-install/pro-* (kill old version of pro modulres)
echo -n > /var/cpanel/addonmoduleversions/pro
/scripts/upcp --force

This will fix the problem and Cpanel will start working again.
Posted by at No comments:
Labels:

Tuesday 26 June 2012

CPanel Proxy - WHM Proxy Domain

What is CPanel Proxy Support?

CPanel proxy support allows you to access both the domain.com/cpanel and domain.com/webmail as subdomains. Additionally the normal CPanel ports for both the control panel and webmail are proxied through port 80. There are quite a few firewalls that block 2082, 2083 et. cetra as they are not standard ports.

The following once enabled should work:
http://cpanel.domain.com
http://webmail.domain.com
http://whm.domain.com

Requirements
CPanel
mod_rewrite
mod_proxy

How to enable CPanel Proxy

1. Open the WHM and access tweak settings:

Main >> Server Configuration >> Tweak Settings

2. Enable the following options:

Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port (requires mod_rewrite and mod_proxy)

Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts. When this is initially enabled it will add appropriate proxy
subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)

This will setup all new accounts with the proper records; existing ones will need to be added via the /scripts/proxydomains script.

I would recommend disabling this one as you probably don’t want a client to break the setup for their domain trying to fix it:

Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains

3. For existing accounts open a shell prompt as root. All you need to do now is to setup the sub-domains so that customers can access them. The best way to do this is to specify the username:
Example:
/scripts/proxydomains --user=username add
Usage:
/scripts/proxydomains --user=mycpaneluser add
To do all accounts on the server (which can take a while):
/scripts/proxydomains add
To list all the options for this script simply type
/scripts/proxydomains 

4. Add this to httpd.conf

# CPANEL/WHM/WEBMAIL/WEBDISK PROXY SUBDOMAINS
<VirtualHost xx.xx.xx:80 *>
    ServerName $hostname
    ServerAlias cpanel.* whm.* webmail.* webdisk.*
    DocumentRoot /usr/local/apache/htdocs
    ServerAdmin system@hostname
    <IfModule mod_security2.c>
        SecRuleEngine Off
    </IfModule>
    UserDir disable
    RewriteEngine On
    <IfModule core.c>
        SSLProxyEngine On
    </IfModule>
    RewriteCond %{HTTP_HOST} ^cpanel\.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2083/$1 [P]
    RewriteCond %{HTTP_HOST} ^webmail\.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2096/$1 [P]
    RewriteCond %{HTTP_HOST} ^whm\.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2087/$1 [P]
    RewriteCond %{HTTP_HOST} ^webdisk\.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2078/$1 [P]
    RewriteCond %{HTTP_HOST} ^cpanel\.
    RewriteRule ^/(.*) http://127.0.0.1:2082/$1 [P]
    RewriteCond %{HTTP_HOST} ^webmail\.
    RewriteRule ^/(.*) http://127.0.0.1:2095/$1 [P]
    RewriteCond %{HTTP_HOST} ^whm\.
    RewriteRule ^/(.*) http://127.0.0.1:2086/$1 [P]
    RewriteCond %{HTTP_HOST} ^webdisk\.
    RewriteRule ^/(.*) http://127.0.0.1:2077/$1 [P]
    UseCanonicalName Off
</VirtualHost> 
Posted by at No comments:
Labels:

Saturday 16 June 2012

How to upgrade MySQL 5.0 to MySQL 5.1 cPanel

How to upgrade MySQL 5.0 to MySQL 5.1 in a cPanel server
Login as root and edit /var/cpanel/cpanel.config.
Replace :
mysql-version=5.0 with
mysql-version=5.1
Finally run: /scripts/mysqlup
Posted by at No comments:

Squid and password authentication

yum install squid
Example of squid.conf
http_port 10000
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl ncsa_users proxy_auth REQUIRED
http_access deny !Safe_ports
http_access allow ncsa_users
visible_hostname mysite.com
coredump_dir /var/spool/squid
service squid start
Setting proxy for wget:
export http_proxy=http://anton:testinsg@mysite:10000
If you want to make it anonymous add these lines:
forwarded_for off
header_access Allow allow all
header_access Authorization allow all
header_access WWW-Authenticate allow all
header_access Proxy-Authorization allow all
header_access Proxy-Authenticate allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Accept-Charset allow all
header_access Accept-Encoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access Cookie allow all
header_access Set-Cookie allow all
header_access All deny all
acl ip4 myaclname yourip
tcp_outgoing_address yourip myaclname
Generate acl and tcp_outgoing_address:
for f in {314..372}; do echo “acl ip$((f))” myip aaa.bbb.ccc.$((f-246)) >> “blah1″; done
for f in {314..372}; do echo “tcp_outgoing_address aaa.bbb.ccc.$((f-246))” ip$((f)) >> “blah1″; done
Posted by at No comments:

How to redirect my website to be opened through HTTPS?

In order to redirect your website to be opened through HTTPS, you should add the following rewrite rule in your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://www.domain.com/%{REQUEST_URI} [R,L]
This will redirect your domain to https://www.yourdomain.com. If you wish the redirect to work without www, you should remove it from the rewrite rule:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .* https://domain.com/%{REQUEST_URI} [R,L]
Posted by at No comments:

Add swap on Linux

[root@host ~]# dd if=/dev/zero of=/swapfile bs=1024 count=1048576
1048576+0 records in
1048576+0 records out
[root@host ~]# sync
[root@host ~]# mkswap /swapfile
Setting up swapspace version 1, size = 1073737 kB
[root@host ~]# swapon /swapfile
[root@host ~]# echo “/swapfile swap swap defaults 0 0″ >> /etc/fstab
Posted by at No comments:

Skip i386 packages on a x64_86 system

I have just installed Centos 5.5 by using the Netinstall version. Seems that on my x64_86 system I have a lot of i386 packages installed. To remove them I had to :
yum -C list installed | grep i386 | awk ‘{print $1}’ | xargs yum remove -y
Also edit /etc/yum.conf and add :
exclude=*.i386 *.i486 *.i586 *.i686 *.athlon
Posted by at No comments:

Setting a PPTP VPN in CentOS 5.6

Setting a PPTP VPN in Centos. I’m using the following commands in order to set the VPN:
yum remove -y pptpd ppp
iptables --flush POSTROUTING --table nat
iptables --flush FORWARD
rm -rf /etc/pptpd.conf
rm -rf /etc/ppp
rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
yum --enablerepo=poptop-stable install pptpd
mknod /dev/ppp c 108 0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "mknod /dev/ppp c 108 0" >> /etc/rc.local
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local
echo "localip 172.16.36.1" >> /etc/pptpd.conf
echo "remoteip 172.16.36.2-254" >> /etc/pptpd.conf
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd
pass=`openssl rand 6 -base64`
if [ "$1" != "" ]
then pass=$1
fi
read -p "User: " user
echo "${user} pptpd ${pass} *" >> /etc/ppp/chap-secrets
iptables -t nat -A POSTROUTING -s 172.16.36.0/24 -j SNAT --to-source `ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk 'NR==1 { print $1}'`
iptables -A FORWARD -p tcp --syn -s 172.16.36.0/24 -j TCPMSS --set-mss 1356
service iptables save
chkconfig iptables on
chkconfig pptpd on
service iptables start
service pptpd start
echo "VPN username is ${user}, VPN password is ${pass}"
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)