Thursday, August 29, 2013

Simplest rules to Redirect using .htaccess

Simplest rules to Redirect using .htaccess

How to write rewrite rule (URL rewriting, mod_rewrite)
(1) Redirect site from http to https :
Add the below in .htaccess file in public_html
===================================================
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
===================================================

(2) Redirecting a domain to another domain via .htaccess
Example :- redirect shaz.com to google.com
===================================================
RewriteEngine on
RewriteCond %{HTTP_HOST} ^shaz\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.shaz\.com$
RewriteRule ^/?$ “http\:\/\/www\.google\.com\/” [R=301,L]
===================================================
(3) Redirect users to access the site with WWW
example :- redirect shaz.com to www.shaz.com
Add the below in .htaccess file
===================================================
RewriteEngine on
RewriteCond %{HTTP_HOST} ^shaz\.com$ [NC]
RewriteRule ^(.*)$ http://www.shaz.com/$1 [L,R=301]
===================================================

(4) Redirect page to another page within public_html
example :- to redirect home.html to index.php
===================================================
RewriteEngine on
RewriteRule ^home.html$ index.php
===================================================

example2 :- rewrite site shaz.com/kb/index.php to shaz.com/blog/index.html
go to kb directory and create a .htaccess file
+++++++++++++++++++++++++++++++++++++++++++++++++++
#cd public_html/kb
#touch .htaccess
#vi .htaccess
+++++++++++++++++++++++++++++++++++++++++++++++++++
===================================================
RewriteEngine on
RewriteRule ^index.php$ /blog/index.html
===================================================

Install GeoIP in cPanel serve

To install GeoIP in cPanel server, run the following command as root,


root@server1 [~]# cd /var/cpanel/easy/apache/custom_opt_mods/

root@server1 [~]# wget http://docs.cpanel.net/twiki/pub/EasyApache3/CustomMods/custom_opt_mod-mod_geoip.tar.gz

root@server1 [~]# tar -zxf custom_opt_mod-mod_geoip.tar.gz

root@server1 [~]# /scripts/easyapache

Next compile it with easyapache,

root@server1 [~]# /scripts/easyapache

Then select the Mod_GeoIP in the Short Options List.

To block a certain country IP range, you do not need to know which IP range it is and what you need is to use the GeoIP feature.

Next, you will need to insert the following command to the .htaccess file,

Example

=========================================

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CN$
RewriteRule ^(.*)$ http://www.google.com [L]

========================================

The command use to redirect China IP to google.com.

Ref: http://docs.cpanel.net/twiki/bin/view/EasyApache3/CustomMods

http://dev.maxmind.com/geoip/mod_geoip2

Tuesday, August 20, 2013

Shell Loop Example

#!/bin/csh
# demoloop.csh - Sample loop script
set j = 1
while ( $j <= 5 )
echo "Welcome $j times"
@ j++
end

output

----------------

Welcome 1 times
Welcome 2 times
Welcome 3 times
Welcome 4 times
Welcome 5 times

===================

 

foreach i (*)
if (-f $i) then
echo "$i is a file."
endif
if (-d $i) then
echo "$i is a directory."
endif
end

----------------------------

mycal.pl is a file.
skl is a directory.
x is a file.
x.pl is a file.
y is a file.

Find and delete the empty files and directories

The reason why it is important to find and delete the empty files in UNIX / LINUX is that there might be issues with processing the multiple utilities that may also comprise of the rm command.

Here are the steps that will help you to find and delete the empty files and directories:

find . -type d -empty — for directory
find . -type f -empty — for files

Delete the empty directories present under the ‘current directory’ with the use of the following command:

find . -type d -empty -exec rmdir {} \;

In order to check the count of files that are in use by the users, the following command can be used:

wc -l find . -type f -empty | wc -l
&
For non-empty files count :
find . -type f -not -empty | wc –l

In all the examples mentioned above, replace ‘.-dot’ with the directory absolute path under which you would like to search the files.

Thursday, August 15, 2013

Changing an FTP User’s Path + Cpanel

By default, your main FTP (cPanel) user will have and FTP path to the user’s home folder, and each FTP user you create after that will have a path that you specify with you create the account in cPanel > FTP accounts.

Unfortunately, cPanel’s interface does not currently let you change the FTP paths for your main account or sub-accounts, but you can easily change these in the FTP user configuration files. Each cPanel user has a file in/etc/proftpd (yes, even if you use pure-ftp), which contains the information about the FTP users for that account. A sample FTP user file for the cPanel ‘user1′ may look like this:

newuser:$1$K4v6EN_V$gmV/YZVYP1w/oJRy/72cg.:2110:2098:user1:/home/user1/public_html/newuser:/bin/ftpsh
user1:$1$21PI_llg$mkBe12xsL2K3YZPSkM.3..:2110:2098::/home/user1:/bin/ftpsh
user_logs:$1$21PI_llg$mkBe12xsL2K3YZPSkM.3..:2110:2098:user1:/usr/local/apache/domlogs/user1:/bin/ftpsh


If you want to change the FTP root for any of the users, simply make the change in this file and restart your FTP service.

Tuesday, August 13, 2013

Cannot open /var/log/sa/sa07: No such file or directory

After installing sar I cannot run "sar -q" to get the output. I have waited few hours and still the same error.
Below is the error that I receive :

root@server [~]# sar -q
Cannot open /var/log/sa/sa08: No such file or directory
root@server [~]#

Solution :
Most probably its because of the cron.
First check if service cron is running.

/etc/init.d/crond status

If not restart that

/etc/init.d/crond restart
/etc/init.d/syslog restart

Monday, August 12, 2013

DDOS attack measures Sysctl

 

We can confirm it by checking the result of netstat command:

netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c
This will show the states and number of connections at that time. The different states that are visible mostly in servers are:

1. ESTABLISHED - This will be legitimate connections established to the server
2. SYN_SENT - The client will be actively attempting to establish a connection.
3. SYN_RECV - A connection request has been received from the network.
4. FIN_WAIT - The socket is closed, and the connection is shutting down.
5. TIME_WAIT - The socket is waiting after close to handle packets still in the network.
6. LISTEN - The socket is listening for incoming connections.
7. LAST_ACK - The remote end has shut down, and the socket is closed. Waiting for acknowledgement.
If the number of connections in SYN_SENT, SYN_RECV, TIME_WAIT, FIN_WAIT are very large in the rate of 1000s then the server is surely under attack.

As a first step we can tweak the values set for SYN_SENT, SYN_RECV, TIME_WAIT, FIN_WAIT in the file /etc/sysctl.conf. Reduce the value of net.ipv4.tcp_fin_timeout to 3 or 5. Normally it will be set to 120 as default. Make the following changes in /etc/sysctl.conf

# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 3
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
Then execute the command :

sysctl -p
Then we will have to find out how the attack is being performed, is it from any particular IP or from large number of IP addresses to the server. If it is from any particular IP to the server, then we can fix it by blocking the IP in the firewall. If it is from a large number of IP with one or 2 connections then we will have to find more details to stop it. But will will not be able to completely stop the DDOS attack, we will have to tweak some settings in the server so that the number of connections can be reduced.

Once we reach the result that the server is under attack by checking the number of connections in different state, we need to find to which port the attack is being done. Suppose the number of connections in state SYN_RECV is large. Then we can get the details using the following command:

netstat -lpan | grep SYN_RECV | awk '{print $4}' | cut -d: -f2 | sort | uniq -c | sort -nk 1
The result will be the number of connections and the port open in the server. If the second field is 80 then the attack is to apache port.

In addition to the netstat command, you can use tcpdump command to find out if there is dos attack to a particular port.

tcpdump -nn -tttt -i any port 80
Similarly you can give different ports to find out to which port attack is being done. For example, port 53, 25 etc.

Once you understand the port you need to figure out is the attack done on a particular domain or IP. Suppose the attack is done on port 80, then we can tweak the apache settings as follows:

1. Increase the MaxClients so that we can prevent the condition of apache reaching its limit, since apache could not serve new requests. MaxClients can be set to a max value of the limit set in ServerLimit
2. Set KeepAlive on to set the KeepAliveTimeout
3. KeepAliveTimeout value to be reduced to 3 or 5

So the settings will be as follows:

MaxClients 500
KeepAlive On
KeepAliveTimeout 3
/etc/init.d/httpd restart
In order to narrow down the issue, we need to find out if the attack is on any particular IP in the server. This can be found using the following command:

netstat -lpan | grep SYN_RECV | awk '{print $4}' | cut -d: -f1 | sort | uniq -c | sort -nk 1
After confirming the attack to the IP, we need to find out if the attack is made to a particular domain in that IP or to the IP as a whole. For that, you can check the apache error logs or top command. If in the apache error logs, you are finding the errors for a particular domain, then you will have to perform steps to prevent attack to the domain. For that we can perform the following steps:

1. We can block the connections to the domain using modsecurity. CSF is connected to modsecurity so that if we write rule to block a domain, the IP from whcih connections to the domain are made will be blocked. Since it is DDOS attack, there will be many IPs connecting to the server and blocking high number of IP addresses can cause load in the server and thus server can go down. In order to prevent that, you will have to first block the checking of modsecurity in lfd.

In /etc/csf/csf.conf, set the following:

LF_MODSEC = "0"
csf -r
Then, in the modsecurity configuration file, you can add the following:

SecRule REQUEST_FILENAME|ARGS|ARGS_NAMES|REQUEST_HEADERS|!REQUEST_HEADERS:Referer "domain\.com"
2. You can block the acesses to port 80 of the domain in the firewall using the following command:

iptables -I INPUT -p tcp --dport 80 -m string --string "domain.com" --algo bm -j DROP
3. If the connections are still not getting reduced, then you can limit the number of connections to the domain using bandwidth module as follows:

/scripts/setbwlimit --domain=domain.com --limit=256000
By executing the above command, a file named /usr/local/apache/conf/userdata/std/2/account/domain.com/cp_bw_all_limit.conf will be created. The content of the file will be :

<IfModule mod_bw.c>
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>
<IfModule mod_bandwidth.c>
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>
Add a line “MaxConnection all 1″ such that the number of connections will be limited to 1. So the contents will be as follows:

<IfModule mod_bw.c>
MaxConnection all 1
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>
<IfModule mod_bandwidth.c>
MaxConnection all 1
ForceBandWidthModule On
BandWidthModule On
BandWidth all 256000
</IfModule>
4. If nothing helped, you can nullroute the IP using the command:

iptables -I INPUT -d XX.XX.XX.XX -j DROP
If the domain is having dedicated IP, then there is no need of above steps, you can directly make the IP down, by deleting the IP from the /etc/ips and restarting ipaliases. But in case of main shared IP, this cannot be done. We will have to reduce the TTL of the domains and change all the domains except the domain to which attack is being made to a free IP after 4 hours and then make the IP down after that so that the attack will be there for only 4 hours. But in such cases there will be issue with cpanel license etc. We will also have to make sure of the name server setting of the domain to which attack is being made. If the domain is using remote name servers, then we cant change any DNS setting of the domain in the server.

In order to prevent this in future, you can add the following commands:

iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP

Linux tune the VM subsystem.

Linux allows you to tune the VM subsystem. However, tuning the memory subsystem is a challenging task. Wrong settings can affect the overall performance of your system. I suggest you modify one setting at a time and monitor your system for sometime. If performance increased keep the settings else revert back.

Say Hello To /proc/sys/vm

The files in this directory can be used to tune the operation of the virtual memory (VM) subsystem of the Linux kernel:
cd /proc/sys/vm
ls -l

Sample outputs:

total 0
-rw-r--r-- 1 root root 0 Oct 16 04:21 block_dump
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_background_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_expire_centisecs
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_writeback_centisecs
-rw-r--r-- 1 root root 0 Oct 16 04:21 drop_caches
-rw-r--r-- 1 root root 0 Oct 16 04:21 flush_mmap_pages
-rw-r--r-- 1 root root 0 Oct 16 04:21 hugetlb_shm_group
-rw-r--r-- 1 root root 0 Oct 16 04:21 laptop_mode
-rw-r--r-- 1 root root 0 Oct 16 04:21 legacy_va_layout
-rw-r--r-- 1 root root 0 Oct 16 04:21 lowmem_reserve_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 max_map_count
-rw-r--r-- 1 root root 0 Oct 16 04:21 max_writeback_pages
-rw-r--r-- 1 root root 0 Oct 16 04:21 min_free_kbytes
-rw-r--r-- 1 root root 0 Oct 16 04:21 min_slab_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 min_unmapped_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 mmap_min_addr
-rw-r--r-- 1 root root 0 Oct 16 04:21 nr_hugepages
-r--r--r-- 1 root root 0 Oct 16 04:21 nr_pdflush_threads
-rw-r--r-- 1 root root 0 Oct 16 04:21 overcommit_memory
-rw-r--r-- 1 root root 0 Oct 16 04:21 overcommit_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 pagecache
-rw-r--r-- 1 root root 0 Oct 16 04:21 page-cluster
-rw-r--r-- 1 root root 0 Oct 16 04:21 panic_on_oom
-rw-r--r-- 1 root root 0 Oct 16 04:21 percpu_pagelist_fraction
-rw-r--r-- 1 root root 0 Oct 16 04:21 swappiness
-rw-r--r-- 1 root root 0 Oct 16 04:21 swap_token_timeout
-rw-r--r-- 1 root root 0 Oct 16 04:21 vfs_cache_pressure
-rw-r--r-- 1 root root 0 Oct 16 04:21 zone_reclaim_mode
pdflush

Type the following command to see current wake up time of pdflush:
# sysctl vm.dirty_background_ratio

Sample outputs:

sysctl vm.dirty_background_ratio = 10
vm.dirty_background_ratio contains 10, which is a percentage of total system memory, the number of pages at which the pdflush background writeback daemon will start writing out dirty data. However, for fast RAID based disk system this may cause large flushes of dirty memory pages. If you increase this value from 10 to 20 (a large value) will result into less frequent flushes:
# sysctl -w vm.dirty_background_ratio=20

swappiness

Type the following command to see current default value:
# sysctl vm.swappiness

Sample outputs:

vm.swappiness = 60
The value 60 defines how aggressively memory pages are swapped to disk. If you do not want swapping, than lower this value. However, if your system process sleeps for a long time you may benefit with an aggressive swapping behavior by increasing this value. For example, you can change swappiness behavior by increasing or decreasing the value:

# sysctl -w vm.swappiness=100
dirty_ratio

Type the following command:
# sysctl vm.dirty_ratio

Sample outputs:

vm.dirty_ratio = 40
The value 40 is a percentage of total system memory, the number of pages at which a process which is generating disk writes will itself start writing out dirty data. This is nothing but the ratio at which dirty pages created by application disk writes will be flushed out to disk. A value of 40 mean that data will be written into system memory until the file system cache has a size of 40% of the server's RAM. So if you've 12GB ram, data will be written into system memory until the file system cache has a size of 4.8G. You change the dirty ratio as follows:
# sysctl -w vm.dirty_ratio=25

 

Bash History: Display Date And Time For Each Command

If the HISTTIMEFORMAT is set, the time stamp information associated with each history entry is written to the history file, marked with the history comment character. Defining the environment variable as follows:
$ HISTTIMEFORMAT="%d/%m/%y %T "
OR

 
$ echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

 

Where,
%d - Day
%m - Month
%y - Year
%T - Time
To see history type
$ history

Sunday, August 11, 2013

Windows Run Command

WINDOWS RUN Commands !!!

1. Accessibility Controls -
access.cpl
2. Accessibility Wizard - accwiz
3. Add Hardware Wizard -
hdwwiz.cpl
4. Add/Remove Programs -
appwiz.cpl
5. Administrative Tools - control
admintools
6. Automatic Updates -
wuaucpl.cpl
7. Bluetooth Transfer Wizard -
fsquirt
8. Calculator - calc
9. Certificate Manager -
certmgr.msc
10. Character Map - charmap
11. Check Disk Utility - chkdsk
12. Clipboard Viewer - clipbrd
13. Command Prompt - cmd
14. Component Services -
dcomcnfg
15. Computer Management -
compmgmt.msc
16. Control Panel - control
17. Date and Time Properties -
timedate.cpl
18. DDE Shares - ddeshare
19. Device Manager -
devmgmt.msc
20. Direct X Troubleshooter -
dxdiag
21. Disk Cleanup Utility - cleanmgr
22. Disk Defragment - dfrg.msc
23. Disk Management -
diskmgmt.msc
24. Disk Partition Manager -
diskpart
25. Display Properties - control
desktop
26. Display Properties - desk.cpl
27. Dr. Watson System
Troubleshooting Utility -
drwtsn32
28. Driver Verifier Utility - verifier
29. Event Viewer - eventvwr.msc
30. Files and Settings Transfer
Tool - migwiz
31. File Signature Verification
Tool- sigverif
32. Findfast - findfast.cpl
33. Firefox - firefox
34. Folders Properties - control
folders
35. Fonts - control fonts
36. Fonts Folder - fonts
37. Free Cell Card Game - freecell
38. Game Controllers - joy.cpl
39. Group Policy Editor (for xp
professional) -
gpedit.msc
40. Hearts Card Game - mshearts
41. Help and Support - helpctr
42. HyperTerminal - hypertrm
43. Iexpress Wizard - iexpress
44. Indexing Service - ciadv.msc
45. Internet Connection Wizard -
icwconn1
46. Internet Explorer - iexplore
47. Internet Properties - inetcpl.cpl
48. Keyboard Properties - control
keyboard
49. Local Security Settings -
secpol.msc
50. Local Users and Groups -
lusrmgr.msc
51. Logs You Out Of Windows -
logoff
52. Malicious Software Removal
Tool - mrt
53. Microsoft Chat - winchat
54. Microsoft Movie Maker -
moviemk
55. Microsoft Paint - mspaint
56. Microsoft Syncronization Tool -
mobsync
57. Minesweeper Game - winmine
58. Mouse Properties - control
mouse
59. Mouse Properties - main.cpl
60. Netmeeting - conf
61. Network Connections -
controlnetconne ctions
62. Network Connections -
ncpa.cpl
63. Network Setup Wizard -
netsetup.cpl
64. Notepad - notepad
65. Object Packager - packager
66. ODBC Data Source
Administrator -
odbccp32.cpl
67. On Screen Keyboard - osk
68. Outlook Express - msimn
69. Paint - pbrush
70. Password Properties -
password.cpl
71. Performance Monitor -
perfmon.msc
72. Performance Monitor -
perfmon
73. Phone and Modem Options -
telephon.cpl
74. Phone Dialer - dialer
75. Pinball Game - pinball
76. Power Configuration -
powercfg.cpl
77. Printers and Faxes - control
printers
78. Printers Folder - printers
79. Regional Settings - intl.cpl
80. Registry Editor - regedit
81. Registry Editor - regedit32
82. Remote Access Phonebook -
rasphone
83. Remote Desktop - mstsc
84. Removable Storage -
ntmsmgr.msc
85. Removable Storage Operator
Requests -
ntmsoprq.msc
86. Resultant Set of Policy (for xp
professional) -
rsop.msc
87. Scanners and Cameras -
sticpl.cpl
88. Scheduled Tasks - control
schedtasks
89. Security Center - wscui.cpl
90. Services - services.msc
91. Shared Folders - fsmgmt.msc
92. Shuts Down Windows -
shutdown
93. Sounds and Audio - mmsys.cpl
94. Spider Solitare Card Game -
spider
95. SQL Client Configuration -
cliconfg
96. System Configuration Editor -
sysedit
97. System Configuration Utility -
msconfig
98. System Information -
msinfo32
99. System Properties - sysdm.cpl
100. Task Manager - taskmgr
101. TCP Tester - tcptest
102. Telnet Client - telnet
103. User Account Management -
nusrmgr.cpl
104. Utility Manager - utilman
105. Windows Address Book -
wab

Thursday, August 8, 2013

Cpanel error-sorry-that-domain-is-already-setup-remove-it-from-httpd-conf/

It may be possible that you may come across an issue of adding a domain via WHM create account function and get the following error:

Sorry, that domain is already setup (remove it from httpd.conf)

Getting the above error simply means that the domain still exists in the virtualhost in apache configuration file known as httpd.conf . There are two main reasons why it has shown you this error.

Reason One:

It might be possible that the domain you are trying to create is being used as a primary domain for one of the accounts or may be it has been used as an addon domain or parked for other domains and accounts.

Reason Two:

Or it may be possible that you are facing some technical issues such as the addon, parked or the primary domain is not removed completely from the system after using the removing function.

If the error is due to the first reason, you can easily remove the domain name from the cPanel account and even if it is not removed and come up with the following error:

Error from park wrapper: Sorry, you do not control the domain

Follow the steps given below:

First you should find out who owns the domain, enter the following command:

/scripts/whoowns example.com

Even if it didn’t show any results, enter the following command string:

grep example.com /var/cpanel/users/*

You will get the result something like the following:

root@server [~]# grep example.com /var/cpanel/users/*
/var/cpanel/users/exam:XDNS1=example.com

As you can see, we could easily find the owner of the domain (example.com), the next step is to edit the following files with the corresponding user and remove the lines associated with the domain (example.com) you have problem with.

/var/named/example.com.db
Remove the virtualhost for example.com from /etc/httpd/conf/httpd.conf
/var/cpanel/users/username [remove entries related to domain]
/etc/userdomains
/etc/localdomains
vim /etc/named.conf [remove entries related to domain]
Remove DNS entry in WHM
Run /scripts/updateuserdomains as root on the server

That’s it!

 

In this case you may find the databases under /var/lib/mysql directory via shell, but missing in cPanel interface.

/scripts/update_db_cache
/usr/local/cpanel/bin/setupdbmap

Increase max emails per hour for a single domain in cPanel

You can change the maximum number of emails allowed for a particular domain to a different number than the system default using the following backend file.

vi /var/cpanel/maxemails

Just add the entry “domain.com = 100″ . Now 100 is the maximum email per hour limit for domain.com.

Also make sure to execute the following script after updating /var/cpanel/maxemails.

/scripts/build_maxemails_config

Monday, August 5, 2013

Some Open Vz Commands and Configuration files

Some Open Vz Commands and Configuration files

Following are some important commands which are normally used while working on a Hardware Node.
1) vzlist -a : Shows list of all the VPS’s hosted on the Node.
2) vzctl start VPS_ID: To start the VPS.
3) vzctl stop VPS_ID : To stop (Shut Down) the VPS
4) vzctl status VPS_ID : To view the status of the particular VPS
5) vzctl stop VPS_ID –fast : to stop the VPS quickly and forcefully
6) vzctl enter VPS_ID : To enter in a particular VPS
Configuration Commands
1) vzctl set VPS_ID –hostname vps.domain.com –save: To set the Hostname of a VPS.
2) vzctl set VPS_ID –ipadd 1.2.3.4 –save : To add a new IP to the hosting VPS.
3) vzctl set VPS_ID –ipdel 1.2.3.4 –save : To delete the IP from VPS.
4) vzctl set VPS_ID –userpasswd root:new_password –save : to reset root password of a VPS.
5) vzctl set VPS_ID –nameserver 1.2.3.4 –save : To add the nameserver IP’s to the VPS.
6) vzctl exec VPS_ID command : To run any command on a VPS from Node.
7) vzyum VPS_ID install package_name : To install any package/Software on a VPS from Node.
Here VPS_ID refers to the ID of the Particular VPS.
8)vzctl destroy VPS_ID-To destroy particular vps
9)vzcalc -v VPS_ID-To show resources used by a VPS
10)vzcpucheck-To check CPU usage by OpenVZ
11)vzcpucheck -v-To get CPU usage per VPS
12)vzctl exec 103 df-to Execute commands inside particular vps container.
Default Locations

/vz - Main directory for OpenVZ.
/vz/private - Each VPS is stored here i.e. container's private directories
/vz/template/cache - You must download and store each Linux distribution template here.
/etc/vz/ - OpenVZ configuration directory.
/etc/vz/vz.conf - Main OpenVZ configuration file.
/etc/vz/conf - Softlinked directory for each VPS configuration.
Network port - No network ports are opened by OpenVZ kernel.

If /home is full on a cpanel server, how do we configure the /home on another partition?

add a new hard drive, format and mount it as /home2 after this is done, we have two options to tell cpanel to utilize /home2. Edit /etc/wwwacct.conf and set HOMEDIR as /home2. All new accounts will be created in /home2   or Edit /etc/wwwacct.conf and set HOMEMATCH as /home*. All new accounts will be created in /home or /home2 depending upon the amount of free space in /home or /home2

Remove IP from brute force

To unblock the IP please doe the following steps .

For Cphulkd
---------------

Login to mysql on the server as root user and connect to the cphulkd database.

mysql> use cphulkd;

You will now connect to database cphulkd. Now type in sql query
just to confirm if your IP is really blocked there.

mysql> SELECT * FROM `brutes` WHERE `IP`=’x.x.x.x’;

It will list your IP if it got blocked . The next step is to unblock the IP using the below command.

mysql> DELETE FROM `brutes` WHERE `IP`=’x.x.x.x’;

once it done quit the mysql by typing

mysql> quit

In this way your IP will be removed from brute force

[ERROR] /usr/sbin/mysqld: Can't open file: (errno: 24)

[ERROR] /usr/sbin/mysqld: Can't open file: (errno: 24)
Upon checking the mysql logs in /var/lib/mysql/HOSTNAME.err, I got error as :

-----------------------------------------------------------------------------
[ERROR] /usr/sbin/mysqld: Can't open file: './database/table.frm' (errno: 24)
-----------------------------------------------------------------------------

errno: 24 simply means that too many files are open for the given process. There is a read-only mysql variable called open_files_limit that will show how many open files are allowed by the mysqld. A lot systems set this to something very low, like 1024. When creating a large number of partitions or tables, MySQL may mysteriously stop working and will generate this eeror.
Add the following parameter in /etc/my.cnf file and restart mysql service.
[mysqld]open_files_limit = 100000

How to fix incorrect disk usage showing for a user in Cpanel

A customer complains that their reported disk usage is too high, that they are not using so much space. What do you do?

1. Get their username and login to WHM to see if WHM is actually reporting the amount of space usage they say. If WHM does show extreme disk usage....

2. Login to SSH and cd to their home directory
cd /home/theirusername

du -h

This will give a human readable display of folder by folder listing and space usage, with a total at the end. THIS WILL BE ACCURATE.

3. So, du -h shows a lower number than WHM? Then their is probably a backup file somewhere on the server with the same UID as this user.

4. Now, you need to locate the uid of the customer. You will need to know their username.

vi /etc/passwd

5. Once that file is open, run a search on their username

/theirusername

That will show a 5 digit number and a smaller number. The larger number should be the UID.

6. Now, go to shell and run the following command (where, in this example, 33025 is the UID of the user)

find / -uid 32025

A folder by folder listing will be displayed. It may take some time to process. When completed, you should scroll back through the output to find the files. Files in /home/username are fine as well as /etc/valiases, etc. LOOK for files in your backup directory that may have the same UID as your user. If found, that is usually the culprit.

CURL Error: 7 - couldn't connect to host WHMCS

WHMCS ResellerClub Issue with API Access

1.) Check that your IP is whitelisted in WHMCS
---> Login to WHMCS go to -->Setup-->General Settings-->API IP Access Restriction
Add your Primary Server IP or your Static IP here see what your whmcs use...

2.) Next make sure you have the correct setting under
--->Setup-->Products/Services-->Domain Registrars-->Choose Registrar Module: Resellerclub --> Add the correct ResellerID and Password here.

You can find the resellerID once you login to your ResellerClub account on the right you will see an human image next to feedback select "Manage Profile" from the dropdown and grab your Reseller Id:

3.) Next you would want to add your IP address to the API on the resellerclub.com account.
Login to your resellerclub account go to -->Settings-->API and under section:
Accessing the API - Specify the IP addresses from where you will make API requests. (IP ranges and netblocks are not accepted.)
Include your IP address and select --> Allow API Access

That should get you in and resolve your issues if not check whether PHP is compiled with curl (On cpanel you can go to SSH and run --> /scripts/easyapache configure easyapache with Curl options enabled.

Webmail mail login error

Log to be checked if using roundcube

 

tail -fn0 /var/cpanel/roundcube/log/errors

 

That's the error - "[04-Jun-2011 02:51:01 +0400]: IMAP Error: Login failed for contact @ koh.ro from 95.76.242.5. AUTHENTICATE PLAIN: Authentication failed. in /usr/local/cpanel/base/3rdparty/roundcube/program/include/rcube_imap.php on line 192 (GET /cpsess7117936613/3rdparty/roundcube/index.php)"

Fix

Please go to WHM > Change Hostname and ensure to re-save the new hostname. After doing that, move these files:

Code:
cd /etc
mv userdomains userdomains.bak110603
mv trueuserdomains trueuserdomains.bak110603
mv domainusers domainusers.bak110603
After moving those files, then run this command:

Code:
/scripts/updateuserdomains
You will get messages about the files you've moved no longer existing. Those files will be recreated by the command.