• We have a 5 STAR service and only happy clients ! 5 Star Rating
  • sales@plothost.com

Basic WHM Setup

The first thing you will want to do after installing cPanel/WHM is to go to the Basic WebHost Manager Setup menu. Here you can configure basic things like:

  • contact options: contact email address, ICQ contact number, HipChat Room users to notify, Pushbullet API
  • the server IP address options: IPv4/IPv6 addresses (only one address for each) to use to set up shared IPv4/IPv6 virtual hosts, location where new user home directories will be created, default cPanel interface package, if you want to automatically create a cgi-bin script alias for users, style for the Apache logs (combined or common)
  • default nameservers you want to use and their IP addresses (from the interface you can configure up to 4 nameservers)

whm basic setup

To access the Basic WebHost Manager Setup menu, follow the steps:

  1. Log in to WHM.
  2. Go to Server Configuration >> Basic WebHost Manager Setup
  3. Here modify the options you want and in the end, click the Save Changes button.

The movie tutorial for this KB post:

Share this post:

WHM/cPanel ConfigServer plugins

ConfigServer WHM/cPanel plugins are developed by a UK company – Way to the Web Limited. They have free and paid plugins.

1. ConfigServer Security & Firewall (csf) – free

csf1

csf is a very powerful firewall. It has many options: you can check the server security, you can search log files, edit/add/remove IPs etc.

2. ConfigServer ModSecurity Control (cmc) – free

cmc1

cmc is a very useful plugin if you are using mod_security. It allows you to remove rules for specific accounts, to turn on/off mod_security for the server etc.

3. ConfigServer Explorer (cse) – free

cse1

Many times web hosting admins prefer to use the shell for file operations, but for beginners, this is a great tool. You can create/rename/delete/move both files and directories. You can also search the server for specific files.

4. ConfigServer Mail Queues (cmq) – free

cmq1

cmq is a tool to view the mail server queue. 

5. ConfigServer Mail Manage (cmm) – free

cmm1

With cmm you can manage user email accounts, create new accounts, set the hourly limit, manage forwarders etc.

6. ConfigServer eXploit Scanner (cXs) – $60/server

cXs is a tool that will scan your server files. It will scan files uploaded by users. A similar free product is maldet

7. Outgoing Spam Monitor (osm) – $40/server

A tool that will monitor email activities on the server. See more details on the product’s page.

Share this post:

Database only backups in WHM

 Some clients asked us if you can set up only database backups in WHM. For some, this will sound strange, but there are users who want such a feature. 

You can access WHM backup settings via WHM->Backup->Backup Configuration. Unfortunately, there is no option at this moment to backup only users’ databases.

whm database backup

As of September 25, 2018, this cPanel request is in “Open Discussion” status. You can comment and vote at cPanel Feature Requests Site

 

What solutions do you have? You can use bash commands. One command to backup all the databases on the server to a .gz archive is:

root@www [/backup]# mysqldump --all-databases | gzip > /backup/$(date +%Y-%h-%d)-alldatabases.sql.gz

This will create a backup with all MySQL/MariaDB databases on the server. The filename will include the current date. (e.g. 2018-Sep-25-alldatabases.sql.gz) You can modify the command per your needs. You can also create a cron job to run it at specific times.

Another possibility is to backup each database on the server individually. For this create a new file like backupdbs.sh  The content of the file is:

#!/bin/bash

mysql=/usr/bin/mysql
mysqldump=/usr/bin/mysqldump
date=$(date +%Y-%h-%d)

backupdir="/backup"
mkdir -p $backupdir/$date

databases=`$mysql -e "SHOW DATABASES;" | grep -Ev "(Database|information_schema)"`
for db in $databases; do
echo $db
$mysqldump --opt --databases $db | gzip > "$backupdir/$date/$db.sql.gz"
done

To run the script:

root@www [/backup]# perl backupdbs.sh

As in the previous case, you can also adjust the script per your needs and create a cron job.

Share this post:

Scan your server for PHP malware with findcrack0r.pl

The tool that we will present here is a regex-based PHP malware scanner (written in Perl). It will scan your server for PHP malicious files. In addition to cxs and maldet (links at the end of this post), this tool is very useful for ensuring your server security.

1. So, first of all, download the latest script version from https://repo.coydogsoftware.net/coydog/rxtools/blob/master/findcrack0r.pl and save it to your server.

2. Now, that you saved the script to your server, just run it with:

perl findcrack0r.pl -po /home -t $(date +%Y-%m-%d)

The command we use will scan the /home directory (including all subdirectories) only for *.php file. The script will create a directory with the current date in /home/root/support/ (like /home/root/support/2018-07-18). In this directory, the script will create two files – one for suspicious malware PHP files, the other one for the symlinks founded:

root@www [~/support/2018-07-18]# ls
./  ../  scan-20180718234534.txt  symlinks-20180718234534.txt
root@www [~/support/2018-07-18]#

 

You should adjust the command line per your needs. See below the script’s input options. You might also need to enter the full Perl path.

 

root@www [/]# perl findcrack0r.pl -h
Usage:
  -t    ticket number for output dir
  -a  account list, comma-delimited. Will search only public_html
  -b     Number of bytes per file to scan. Default is 500000
  -p    restrict searches to *.php (faster but may miss stuff)
  -S    Skip checking symlinks
  -d    grep for defacements
  -o    other directories to search, independently of -a docroots. May be needed for addon/subdomains
  -u    user homedir prefix (default /home)
  -D    Debug mode. Output a more detailed log which identifies signature matches.
  -N    Show files which do NOT match on stderr (debug feature only)
  -e       exclude files wth names ending in . Workaround if scan hangs on js
  -r    regex debugging
  -c    use cache
  -q    quiet
  -h    print this help message and quit
root@www [/]#
Please notice that the script will report many ionCube PHP encrypted files. Double-check them (and all other files) before taking any action, as they might be legit files. Make backups before deleting any files!
 
 
The script file as of July 19, 2018 – just for information –  findcrack0r.txt – download the latest version from the developer site!
 

Other security tools for your server:
https://configserver.com/cp/cxs.html
https://www.rfxn.com/projects/linux-malware-detect/

Related post: Disable dangerous PHP functions on your web hosting server

Share this post:

Where to find forwarders/autoresponders on a cPanel server

Many times while troubleshooting clients’ mail issues you will need to find out the forwarders/autoresponders they have. 

On a cPanel server, this information is kept in separate files for each domain(and subdomain) in the /etc/valiases/ directory – like /etc/valiases/domain123.com; /etc/valiases/homedomain.net etc.

After root login, look for the interested domain as:

root@www [~]# cd /etc/valiases/
root@www [/etc/valiases]# cat phdomain123.com
contact@plothost123.com: "|/home/phdomain123/pipe.php"
autoresponder@phdomain123.com: "|/usr/local/cpanel/bin/autorespond autoresponder@phdomain123.com /home/phdomain123/.autorespond"
postmaster@phdomain123.com: admin@phdomain123.com
*: ":fail: No such person at this address"
root@web [/etc/valiases]#

In our example:
– the first line is a forwarder to a file (a PHP script)
– the second line is an autoresponder for the email autoresponder@phdomain123.com
– the third line is a forwarder to an email address
– the fourth line is the default action for unrouted emails. In this case, the “No such person at this address” message will be sent back.

If you don’t like the command line, you can use a plugin for WHM called ConfigServer Mail Manage. After installation, access it from WHM->Plugins->ConfigServer Mail Manage; choose the domain from the list and click the Manage Mail Forwarders button. You will see something like:

cfs mail manage

You can also check forwarders/autoresponders by accessing the client’s cPanel account.

Related post: How to setup an Email Forwarder in cPanel

Share this post:
Page 2 of 50
1 2 3 4 50
back to top