Install Imagick on Cpanel Server

Imagick is a PHP extension that utilizes the ImageMagick software suite for image processing. It's widely used for creating, editing, composing, and converting images. This guide will take you through the steps of installing ImageMagick and the Imagick PHP extension on a cPanel server.

Step 1: Installing ImageMagick

1. Access Your Server:

Log in to your server as the root user via SSH:

ssh root@server

2. Navigate to the Source Directory:

cd /usr/local/src/

3. Download ImageMagick:

wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz

4. Extract the Archive:

tar zxvf ImageMagick.tar.gz

5. Configure and Install:

Navigate to the ImageMagick directory (the name might vary based on the version):

cd ImageMagick-*

Now, compile and install ImageMagick:

./configure
make
make install

6. Install Perl Module:

If you need PerlMagick, the Perl interface for ImageMagick, continue with these steps:

cd PerlMagick
perl Makefile.PL
make
make install

7. Confirm ImageMagick Installation:

Verify that ImageMagick is installed:

which convert

Expected output: /usr/local/bin/convert

Step 2: Installing Imagick PHP Extension

1. Download Imagick for PHP:

wget http://pecl.php.net/get/imagick-2.3.0.tgz

2. Extract the Archive:

tar -zxvf imagick-2.3.0.tgz

3. Navigate to the Imagick Directory:

cd imagick-2.3.0

4. Prepare Imagick for PHP:

phpize
./configure
make
make install

5. Update PHP Configuration:

Edit the php.ini file used by your PHP installation. The location of this file can vary, but typically it's found in /usr/local/lib/php.ini:

vi /usr/local/lib/php.ini

6. Add Imagick Extension:

In the php.ini file, add the following line to enable the Imagick extension:

extension="imagick.so"

Save and close the file.

Step 3: Restart the Web Server

After updating the PHP configuration, restart Apache to apply changes:

/scripts/restartsrv_httpd

Conclusion

You've successfully installed ImageMagick and the Imagick PHP extension on your cPanel server. This setup allows you to leverage powerful image processing capabilities directly from PHP scripts. Test the installation by running a PHP script that utilizes Imagick functions to ensure everything is working correctly. Remember to regularly update both ImageMagick and the Imagick extension to maintain security and functionality.

Installing ffmpeg-php with php5.4

 

yum update
yum install gcc make automake bzip2 unzip patch subversion libjpeg-devel yasm

Installing the DAG repo for ffmpeg

yum install http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

yum install ffmpeg ffmpeg-devel ffmpeg-libpostproc
yumum install mplayer

 

In cpanel install all the needed modules

/scripts/installruby
gem install flvtool2

yum install mencoder gpac gpac-libs

Lets get ffmpeg-php

wget http://downloads.sourceforge.net/ffmpeg-php/ffmpeg-php-0.6.0.tbz2
tar xjf ffmpeg-php-0.6.0.tbz2
cd ffmpeg-php-0.6.0
sed -i 's/PIX_FMT_RGBA32/PIX_FMT_RGB32/g' ffmpeg_frame.c
phpize
./configure
make
Note: If you are running php5.4 you may need to make following change then run “make” above again:

pico ffmpeg_movie.c
in ffmpeg_movie.c:
row 311: list_entry *le; TO zend_rsrc_list_entry *le;
row 346: list_entry new_le; TO zend_rsrc_list_entry new_le;
row 360: hashkey_length+1, (void *)&new_le, sizeof(list_entry), TO hashkey_length+1, (void *)&new_le,sizeof(zend_rsrc_list_entry),

Now let’s really install everything

make test
make install
## will get a out put as below
Installing shared extensions: /usr/local/lib/php/extensions/no-debug-non-zts-20100525/

pico /usr/local/lib/php.ini
Now add following to end of file but substitute no-debug-non-zts-20100525 below for where it installed it in your “make install” command above

extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20100525"
extension="ffmpeg.so"

 

Atomic mod security rules

ConfigServer ModSecurity Control provides an easy way of monitoring which rules are being triggered on the server in real time but more importantly, you can whitelist certain rules either globally accross the entire server or on a per account/domain basis if some of the rules conflict with a particular script or functionality (e.g. FrontPage). To install CMC, run the following:

rm -fv cmc.tgz

wget http://www.configserver.com/free/cmc.tgz
tar -xzf cmc.tgz
cd cmc
sh install.sh
cd ..
rm -Rfv cmc/ cmc.tgz
If you log in to WHM you will now see “ConfigServer ModSec Control” under “Plugins”. It’s important that you click on it because when it’s run the first time, it will create the file “modsec2.whitelist.conf” if it doesn’t already exist. If that file doesn’t exist then you’ll find Apache won’t start when we come to the end of this guide. Also while you’re here, click on “Disable modsecparse.pl”. This will disable the cPanel cron job that processes and empties the mod_security log, allowing you to use the log watching tool built in to CMC.

As to help our VPS and Dedicated Server customers who might also be effected by this we have designed the following guide to make installing Atmoic Mod Security into cPanel with little to no fuss.

Stage 1: Run the following commands at command line:

mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist
cd /usr/local/src/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
tar zxvf modsec-2.7-free-latest.tar.gz
mkdir /usr/local/apache/conf/modsec_rules/
cp modsec/* /usr/local/apache/conf/modsec_rules/
These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.

Stage 2: Configure cPanel to use the Mod Security Rules

In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.

In go to: WHM -> Plugins -> Mod Security and then click: Edit Config

In this section, delete all the current content and then paste in the following configuration:

SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial

Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf
Save this and restart Apache.

This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.

Testing

http://YOUR_HOST/foo.php?foo=http://www.example.com

should give 403

Error while connecting PHPMyAdmin

Error while connecting PHPMyAdmin
Getting the following error when connecting to PhpMyAdmin :

"#2013 Cannot log in to the MySQL server"

Solution:

# vi /usr/local/cpanel/base/3rdparty/phpMyAdmin/config.inc.php // Configuration file of PhpMyAdmin

Add localhost as follows

$cfg['Servers'][$i]['host'] = 'localhost';

save and quit the file.

Exim4 Error : "Fatal: no entropy gathering module detected"

Exim4 Error : "Fatal: no entropy gathering module detected"
I just want to share with you all the error that I came across regarding exim and here I'm providing the fix for it as well which worked perfectly for me. I tried to send email using 'mail' command which returned me this error message "Fatal: no entropy gathering module detected".

Here is the fix for this that got it working for me!

SSH to your server and perform the following steps :

# cd /dev
Here you can find either URANDOM and/or RANDOM
Delete them.

# rm -rf urandom
# rm -rf random

Now we have to remake both of them and chmod it.
# /sbin/MAKEDEV urandom
# /sbin/MAKEDEV random
# chmod 777 /dev/urandom
# chmod 777 /dev/random

Turn OFF/ON "Spam Box" in WHM

Turn OFF "Spam Box" in WHM -> Tweak Settings -> Mail.
This just allows the user to control it, but I wanted it always on and I want to forward to the ".Junk" folder anyways.
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin Spam Box: OFF
WHM -> Tweak Settings -> Mail -> Enable SpamAssassin spam filter: ON
WHM -> Exim Configuration Editor -> SpamAssassin Options -> SpamAssassin: Forced Global ON: ON

http://forums.cpanel.net/f43/can-you-change-spamassassin-spam-box-folder-223951.html

Security Update: Atomic Mod Security setup guide for cPanel

As to help our VPS and Dedicated Server customers who might also be effected by this we have designed the following guide to make installing Atmoic Mod Security into cPanel with little to no fuss.

Stage 1: Run the following commands at command line:

mkdir /var/asl
mkdir /var/asl/tmp
mkdir /var/asl/data
mkdir /var/asl/data/msa
mkdir /var/asl/data/audit
mkdir /var/asl/data/suspicious
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
mkdir /var/asl/updates
mkdir /var/asl/rules/
mkdir /var/asl/rules/clamav
mkdir /etc/asl/
touch /etc/asl/whitelist
cd /usr/local/src/
wget http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
tar zxvf modsec-2.7-free-latest.tar.gz
mkdir /usr/local/apache/conf/modsec_rules/
cp modsec/* /usr/local/apache/conf/modsec_rules/
These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.

Stage 2: Configure cPanel to use the Mod Security Rules

In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.

In go to: WHM -> Plugins -> Mod Security and then click: Edit Config

In this section, delete all the current content and then paste in the following configuration:

SecRequestBodyAccess On
SecAuditLogType Concurrent
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
SecServerSignature Apache
SecUploadDir /var/asl/data/suspicious
SecUploadKeepFiles Off
SecAuditLogParts ABIFHZ
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
SecResponseBodyLimitAction ProcessPartial

Include /usr/local/apache/conf/modsec_rules/10_asl_antimalware.conf
Include /usr/local/apache/conf/modsec_rules/10_asl_rules.conf
Include /usr/local/apache/conf/modsec_rules/20_asl_useragents.conf
Include /usr/local/apache/conf/modsec_rules/30_asl_antispam.conf
Include /usr/local/apache/conf/modsec_rules/50_asl_rootkits.conf
Include /usr/local/apache/conf/modsec_rules/60_asl_recons.conf
Include /usr/local/apache/conf/modsec_rules/99_asl_jitp.conf
Include /usr/local/apache/conf/modsec2.whitelist.conf
Save this and restart Apache.

This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.

cpanel exim limit spam

Hello,

The following cPanel/Exim configuration will help you stopping spam in the server.

1. Login to WHM control panel
2. Goto Main >> Service Configuration >> Exim Configuration Manager
3. Enable RBL filtering by Basic Editor >> RBLs >> switch to “On” and if you like you may additional RBL from manage option.
4. Enable Sender Verification by Mail >> Sender Verification >> “On” this will check if the mail origin really exists.
5. Reject SPF failures by ACL Options >> Reject SPF failures >> “On” this will verify SPF records and if the SPF record is set to fails then the E-mails from those IPs will be rejected.
6. Home >> Server Configuration >> Tweak Settings
7. Turn “Initial default/catch-all forwarder destination” to “fail” this will fail the catch all feature to be sent to default cPanel account.
8. “Set Max hourly emails per domain” which will limit the E-mail flooding from the server(I normally set it to 70 which is good enough for a single domain for an hour).
9. Set “Maximum percentage of failed or deferred messages a domain may send per hour” everyone knows that Spam E-mails will have alot of non existing E-mail which will then be deferred so If we set this to say 50% the spamming E-mail account will be suspended temporarily if the deferred mails are above 50%.

10. Then save all the configuration this will stop most of spams in the server.

HOW-TO: Install APC Direct admin

Install autoconf:
Code:
apt-get install autoconf
Install APC using PECL:

Code:

pecl install apc
After install process we have messages like this:

Code:

Build process completed successfully
Installing '/usr/local/lib/php/extensions/no-debug-non-zts-20060613/apc.so'
install ok: channel://pecl.php.net/APC-3.0.19
configuration option "php_ini" is not set to php.ini location
You should add "extension=apc.so" to php.ini
Edit php.ini (via DA or directly: /usr/local/lib/php.ini)
modify extension_dir directive:
Code:

; Directory in which the loadable extensions (modules) reside.
extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613/"
Enable extension apc.so:

Code:

extension=apc.so

Resize /tmp in cpanel servers

service chkservd stop
service httpd stop
service mysql stop
service postgresql stop

lsof | grep /tmp

kill the process

umount /var/tmp

umount /tmp

vi /scripts/securetmp

replace “256000″ with “512000″

rm -rf /usr/tmpDSK
/scripts/securetmp –auto

cd /tmp

ln -s /var/lib/mysql/mysql.sock

service postgresql start
service mysql start
service httpd start
service chkservd start

Change the hostname

You have to change the hostname in the following files:

/etc/hosts
/etc/sysconfig/network
/proc/sys/kernel/hostname