C-panel study in short

Posted on November 18, 2010 by ashraflinux

===================== Some c-panel  Study============================================

 

This are my personnel  notes  If want it to very short just to refer if we forget. So I do not care if you do not understand. This are some C-panel  things which we did at our office.  If you want a lengthy documentation then Google it.

Command to know c-panel installed on the server

root@cp1 [/home/admin]# /usr/local/cpanel/cpanel -V

11.26.20-STABLE_49708

root@cp1 [/home/admin]#

 

 

(1)  How to check extenstion available on cPanel server

 

 

We can run following command from shell to check extenstion available on  server but make sure that you have logged in as root user.

root@server [~]# /scripts/phpextensionmgr list

It will give followings result.

root@server [~]# /scripts/phpextensionmgr list
Available Extensions:
EAccelerator
IonCubeLoader
Zendopt
SourceGuardian
PHPSuHosin

 

(2)   How to add nameservers from shell.

Most of the time on cPanel dedicated server we add nameservers from WHM but some time we are not able to access WHM. In that case we can add nameservers from shell by using root login details.

Login in to server as root user and run following commands.

root@server[~]#/scripts/adddns –domain ns1.your_domain.com –ip=111.222.222.1

root@server[~]#/scripts/adddns –domain ns2.your_domain.com –ip=111.222.222.2

You can use your domain name instead of your_domain.com in above command with the respective ips which you want to use for your nameservers.

root@server[~]#service named restart
or
root@server[~]#/etc/init.d/named restart

 

(3)   How to turn off CGI execution server wide

 
Most servers owners do not allow there clients to run cgi. We can disable the cgi by using following code in server main Apache configuration file.

Login in to shell as root user and open  httpd.conf file and following line.

Options -ExecCGI

And restart  apache service.

 

(4) Horde Failed to connect to localhost:25 error message

On Shared server as well  as on Dedicated server some time we are facing large connection issue to SMTP port 25 at that time mostly we disable SMTP port 25 and enable any other port for SMTP but after changing SMTP port mostly we receive following error message in Horde webmail.

There was an error sending your message: Failed to connect to localhost:25 [SMTP: Invalid response code received from server (code: 421, response: Too many concurrent SMTP connections; please try again later.)]

To resolve above error simply change SMTP port from 25 to new SMTP port  in following file.

root@server [/usr/local/cpanel/base/horde/imp/config]# Pico servers.php

And change following line

From

‘smtpport’ => 25,

To

‘smtpport’ => 26,

I  have taken new port as 26 for example you can use any port as per your requirement.

 

(5) How to disable root login and enable key authentication    on Dedicated server?

 

How to disable root login and enable key authentication on Dedicated server?

Refer following steps to disable direct root login.

1. SSH into your server as root user.

2. Open file sshd_config in your favorite editor

pico /etc/ssh/sshd_config

3. Find the line

Protocol 2, 1

4. Uncomment line and change it to look like

Protocol 2

5. Now find the line
PermitRootLogin yes

6. And Uncomment libe and make it look like as
PermitRootLogin no

7. Save the file sshd_config file,

8. Restart SSH service
/etc/rc.d/init.d/sshd restart

Once root login disabled on server generate authentication key by using following steps.

1. Add user for example we will add user support

useradd support

2.Assigne user support in wheel group.

usermod -G wheel support

3. Set correct permission for sudoers files.

chmod 644 /etc/sudoers

4. Now open sudoers file and set followings line in sudoers file.

pico /etc/sudoers

# User privilege specification
root    ALL=(ALL) ALL

# Same thing without a password
%wheel        ALL=(ALL)       NOPASSWD: ALL

5. Make sure that sudo file binery file is secure.

chmod 4111 /usr/bin/sudo

If you are not sure about sudo binery path then run commamd to confirm the path.

which sudo

6.Now create .ssh directory in support users home directory.

cd /home/support

mkdir .ssh

7. Now generate the key by using PuTTYgen software and save the key on your local machine as support.ppk file.

8. Create authorized_keys file in .ssh directory and copy content from file support.ppk to authorized_keys file.

9. Confirm permission and ownership for files.

cd /home

ll | grep support

The ownership shuold be

drwx——    7 support support          4096 Jul 10 03:44 support

cd /home/support

ll | grep .ssh

drwxr-xr-x    2 root   root        4096 Jul 12  3:34 .ssh/

ll .ssh

The ownership shoud be

drwxr-xr-x 2 root    root    4096 Jul 12 03:22 ./
drwx—— 7 support support 4096 Jul 12 03:44 ../
-rw-r–r– 1 root    root    224  Jul 12 03:40 authorized_keys

Note : Do not close current Shell until you are able to access server with the support.ppk key

 

If you have any doubts feel free to contact me:
ashraf.mohammed83@gmail.com

 

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a comment