Monthly Archives: February 2020

Can’t add addon domain in cPanel

When trying to add an addon domain you get this warning message:

(XID u46g7m) Sorry, the domain is already pointed to an IP address that does not appear to use DNS servers associated with this server. Please transfer the domain to this servers nameservers or have your administrator add one of its nameservers to /etc/ips.remotedns and make the proper A entries on that remote nameserver.

cPanel Add Addon Domain message
cPanel Addon Domain Message

The message is related to a WHM option. The option is Allow Remote Domains. As you see below, cPanel doesn’t recommend enabling it.

Allow Remote Domains [?]
Allow creation of parked/addon domains that resolve to other servers (e.g. domain transfers) This can be a major security problem. If you must have it enabled, be sure not to allow users to park common Internet domains.

WHM info

If you are a cPanel user you should contact your host and ask for a solution.

If you have root server access and you want to enable Allow Remote Domains:

1. Log into WHM as root

2. Go to Server Configuration -> Tweak Settings

3. On the Domains tab look for the Allow Remote Domains option and enable it.

4. Click the Save button. Now cPanel users will be able to add domains that resolve to remote servers.

Error while sending QUERY packet

This error means that the MySQL/MariaDB server is not able to process the request. You will see in the error_log files entries like:

[21-Feb-2020 21:34:00 UTC] PHP Warning:  Error while sending QUERY packet. PID=4697 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030
[21-Feb-2020 21:34:00 UTC] PHP Warning:  Error while sending QUERY packet. PID=4726 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030
[21-Feb-2020 21:34:00 UTC] PHP Warning:  Error while sending QUERY packet. PID=4734 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030
[21-Feb-2020 21:34:19 UTC] PHP Warning:  Error while sending QUERY packet. PID=4734 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030
[21-Feb-2020 21:34:19 UTC] PHP Warning:  Error while sending QUERY packet. PID=4726 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030
[21-Feb-2020 21:34:19 UTC] PHP Warning:  Error while sending QUERY packet. PID=4697 in /home/flighting/public_html/wp-includes/wp-db.php on line 2030

This issue can happen during a site/server attack. Because of the huge number of requests, at some point, the SQL server might be killed, or it can produce errors.

Error while sending QUERY

Another cause can be the server configuration. Some hosts limit the maximum number of database requests in a specific time interval.

In any case, it’s a server thing, and you should ask your host about the warnings.

A server admin should check the database – if there are any tables that need to be repaired. You can check our article on how to optimize MySQL/MariaDB tables.

Add CAA DNS record to your domains

CAA is an IETF standard that controls which certificate authorities (CAs) can issue certificates for your domain.

Certificate authorities (CAs) will check first the CAA record for the domain. If the record does not matches the specific values for that authority, it will refuse to issue the certificate.

The CAA record was introduced to prevent vulnerabilities in the certificate authority validation systems.

The Certification Authority Authorization (CAA) DNS Resource Record
allows a DNS domain name holder to specify the Certification
Authorities (CAs) authorized to issue certificates for that domain.
Publication of CAA Resource Records allows a public Certification
Authority to implement additional controls to reduce the risk of
unintended certificate mis-issue.

RFC 6844

A CAA DNS record will look like:

plothost.com.	IN	CAA	0 issue sectigo.com

Check with your CA, what values you should use for the CAA record. We put some links to a few of CA in the Resources section of this article.

A simple tool for generating CAA records according to your certificate authority is here https://sslmate.com/caa/

Resources:
RFC 6844
DigiCert CAA
Sectigo CAA
LetsEncrypt CAA

Deny access to .htaccess and other hidden files

There are many security guides that recommend protecting your hidden files (.htaccess, .htpasswd etc.) with .htaccess rules.

So to protect your hidden files, just add this code snippet to your main site .htaccess file.

# Deny access to hidden files - files that start with a dot (.)
<FilesMatch "^\.">
Order allow,deny
Deny from all
</FilesMatch>

If you are using a VPS or dedicated server, you can add this code in the /home/.htaccess file, so it will protect hidden files on all the sites.

Notice that you will still be able to edit the file via FTP/control panel File Manager.

Related articles:
.htaccess articles

Block directory access with .htaccess rules

It’s very simple to block access to a directory. We will use in this article some rules for the .htaccess file. Just add the following lines in your .htaccess file:

RedirectMatch 403 ^/folder_name/?$
ErrorDocument 403 default

The above lines will block folder access but will permit access to resources inside the folder. To block access to the folder and all its content, use:

RewriteRule ^folder_name/?$ - [F,L]
ErrorDocument 403 default


The rule can help in blocking some server attacks. An example from our Apache logs:

     20 /usr/local/apache/domlogs/getimages.domainname.com:191.5.199.250 "POST /admin/
     20 /usr/local/apache/domlogs/getimages.domainname.com:85.101.157.105 "POST /admin/
     20 /usr/local/apache/domlogs/getimages.domainname.com:91.139.203.119 "POST /admin/
     21 /usr/local/apache/domlogs/getimages.domainname.com:187.120.145.248 "POST /admin/
     21 /usr/local/apache/domlogs/getimages.domainname.com:213.166.150.190 "POST /admin/
     21 /usr/local/apache/domlogs/getimages.domainname.com:77.31.75.180 "POST /admin/
     21 /usr/local/apache/domlogs/getimages.domainname.com:91.93.49.135 "POST /admin/
     22 /usr/local/apache/domlogs/getimages.domainname.com:170.84.172.187 "POST /admin/
     23 /usr/local/apache/domlogs/getimages.domainname.com:123.193.236.74 "POST /admin/
     23 /usr/local/apache/domlogs/getimages.domainname.com:27.111.43.138 "POST /admin/
     23 /usr/local/apache/domlogs/getimages.domainname.com:62.240.2.74 "POST /admin/
     24 /usr/local/apache/domlogs/getimages.domainname.com:178.149.203.99 "POST /admin/
     25 /usr/local/apache/domlogs/getimages.domainname.com:114.157.222.182 "POST /admin/
     25 /usr/local/apache/domlogs/getimages.domainname.com:93.86.254.50 "POST /admin/
    327 /usr/local/apache/domlogs/getimages.domainname.com:195.244.36.34 "POST /admin/

In this case, just put the first code snippet in the /home/.htaccess file. The rules in this file will be applied to all domains on the server.

Related articles:
.htaccess articles

Page 1 of 2
1 2