cPanel Hosting Stuff

Hi,

Manually installation:

1. Download the latest Apache source distribution from www.apache.org

2. Unpack the source distribution.
The source distribution comes as a compressed archive. Let’s say that we are
installing Apache 1.3.12 (apache_1.3.12.tar.gz). Uncompress and untar the
archive with the following command:

$ tar -zxvf apache_1.3.12.tar.gz

This will create a directory named apache_1.3.12 in your current working
directory. We’ll call this the Apache source directory.

3. RTFM. RTFM. RTFM. Please read the README file in the Apache source
directory.

4. Configuring your environment to compile Apache.

The source distribution comes with a script called configure, which checks
your environment for the necessary support files (like headers, shared
libraries and utility programs) that are required to successfully compile
Apache. To configure, change directory to the Apache source directory and type

$ ./configure –prefix=/usr/local/apache

The prefix argument indicates where we wish to install Apache. This command
will output several lines on the screen. Essentially this command creates the
Makefiles for the build according to your system configuration. If there are
errors in configure, you may be missing some header files or utility programs
which you must install before proceeding.

5. Compile Apache.
Once configure runs successfully you can compile Apache using the make command

$ make

This will output several lines on the screen indicating that it is compiling
and linking Apache. This should normally conclude with no errors, however if
any errors occur, they will usually be caused due to missing utility programs
or libraries. The Apache FAQ has some pointers if you get stuck
(http://www.apache.org/docs/misc/FAQ.html)

6. Install Apache
Apache installs itself in /usr/local/apache by issuing the command

$ make install

If this concludes successfully your system now has Apache installed. You
should see Apache’s installation files in /usr/local/apache and the main
configuration file in /usr/local/apache/conf called httpd.conf

7. Configure Apache
Apache is configured through a single file /usr/local/apache/conf/httpd.conf.
This file consists of a number of Apache Directives, which determine the
various operating parameters of the Apache server. For purposes of a simple
installation, you will need to modify only a few directives described below

DocumentRoot - This is the location of the directory from which HTML files are
served. You can replace the default by any directory. The directive,

DocumentRoot “/usr/local/apache/htdocs”

instructs Apache to serve files from /usr/local/apache/htdocs. In other words,
when you try and access http://servername/somepage.html in a browser, Apache
will serve the file /usr/local/apache/htdocs/somepage.html.

Directory options - Once the DocumentRoot is defined, you must instruct Apache
how to serve and handle various files found in that directory. This is
achieved by modifying the Directory directive. The Directory directive has
various options such as execution of server side includes, whether to follow
symbolic links from the directory, access control to the directory etc. In our
configuration file, we need not change anything.

Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all

That’s about it. Apache is now configured for default behavior and web
serving. If there are any other parameters that you need to set, the
configuration file is well commented and pretty much self-explanatory.

8. Starting Apache
Apache comes with a script named apachectl that facilitates starting,
stopping, restarting apache.

$ /usr/local/apache/bin/apachectl start
/usr/local/apache/bin/apachectl start: httpd started

To stop apache use /usr/local/apache/bin/apachectl stop

9. Test your installation
Once Apache is running, fire up your web browser and access http://localhost/.
If your installation was successful and Apache is running, you should see a
test page saying something like “If you can see this, it means that the
installation of the Apache web server software on this system was successful”.

CONGRATULATIONS! You now have a successful installation of Apache running on your system!

Cpanel Basics

So many people are getting their own dedicated servers but are completely clueless about security. Usually they leave it up to the  company where they purchase it or hire someone. That’s fine but   make sure you have these 10 items covered.

1) Use a Firewall

Make absolutely sure that your server has a firewall running all the time. A firewall is like a screen door to your porch. It blocks out flies, rodents and other pests but you can still walk out and use your BBQ. If someone ever were to get into your server, which is very very likely, the first thing they’re going to try and do is upload something to start a daemon or their own service like an IRC server or use a port to launch attacks to other systems. A firewall with egress and ingress protection can stop both incoming and outgoing attacks even when you’re not aware of it. We recommend using APF on Linux systems or TinyFirewall on Windows Servers. These are software firewalls so there’s no extra monthly cost like a hardware firewall. For very busy systems a hardware firewall is recommended so it takes the burden off your system CPU/RAM and resources to do the work.

Know what ports are open and why, know how to block and unblock an IP. These are basic things you need to understand in the daily security of your system. If someone from an IP begins a brute force attack you want to know how to stop them, right away.

2) Update your kernel and OS

Make sure your server is using current, updated software. Use the stable version which has been tested more than any beta and update as soon as possible. An old kernel can lead to an easy target for your server. If you’re not sure then ask your provider for the latest update.

3) Monitor Logs

Do you know what logs record which activities? How often are they updated and rotated?
LogWatch is a great tool to email you the daily reports of your systems activity of anything it determines unusual, EG repeated failed logins. Besides using this you should check your logs manually to see what’s up. Tail –f /var/log/messages and view your Apache logs as well.

4) Backups
I still never understand why no one backs up their data yet you spend hundreds of hours working on your website or application then you absolutely must have a second hard drive for backups or use a remote back up system or a combination of these.

5) Limit Access to a Minimum

Do not give users more access than the absolute minimum they require. Never give them shell access, restrict file access to a bare minimum and leave other services turned off by default until specifically requested and you determine that its safe to do so.

6) Lock down PHP and use Mod_Security with Apache

PHP is actually a large security risk but there are a few things to do to help lock it down. CGI has Suexec,which helps runs proccesess as the user and PHP has something similar called PHPSuexec but there are a few downfalls. You should also use open_base directory protection, have safe_mode on system wide, turn off register_globals, enable_dl and allow_url_open to help lock things down further.
You can use server wide protection with mod_security, a web server filter that can watch all requests to see if they match a rule and react by logging, denying the request or other programs. I highly recommend this on Apache based servers and can be extremely useful in blocking attacks and stopping hackers before they do any damage. Mod_Security Installation

7) Lock /tmp /var/tmp and /dev/shm partitions

On Linux each partition can have certain access restrictions. Since /tmp /var/tmp and /dev/shm are world writable directories they’re often home to uploads, sessions storage and hacker executables. Since anyone can read-write-excute anything from these directories it becomes a major security concern. With /etc/fstab however you can limit what can be done in these locations. If you see defaults beside the /tmp line remove it and replace it with noexec,nosuid this will stop any executables from being allowed to run. Do the same for /dev/shm and make /var/tmp and shortcut (symbolic link) to /tmp.

Intrusion Detection System (IDS)

An intrusion detection system or IDS is like a burglar alarm on your server. It keeps a record of which files were changed when and alerts you of anything new or altered. This is critical because hackers usually try to replace binary applications like ps, top, netstat and others. This means when you run this new version of ps or top to see processes running they make it so it actually HIDES their hacker software, even though its running it won’t show up. Some IDS systems include TripWire, Snort and AIDE. Chkrootkit installation

9) Review Processes Running and Remove Extra Software

You can’t protect a system if you don’t know what’s on it. If a hacker adds an extra process that you see in PS but you wouldn’t notice if you didn’t know what should be there usually. Know what runs on your system and why which user. How does Perl or Apache run, under which user? You can check your processes usually with top or ps auxfww which gives you a tree view. Check these every time you login to your server.

10) Keep an Eye on the Servers Performance

Know what speed your server is running at and how much bandwidth it uses on a daily basis. If an attacker compromises your system and you don’t know you’ll probably notice the system responding slowly or using a lot of bandwidth. If you don’t know what your system is usually like how will you notice something out of the ordinary. This is all common sense but some people never bother to check until they ask their provider after a system has been slow for 2 weeks

Knowing your system makes you one step ahead of an intruder. Check it often and ask an expert if you’re ever over your head. There are MANY other things you can and should do to ensure your server is secure but these are a few basics that everyone should use.

REF : whmdestek.com forums.

cPanel Help

SERVICE CURRENTLY NOT AVAILABLE!
Error No. [0×01F4]

In order to solve that, you have to modify the following file:
/usr/local/cpanel/base/3rdparty/roundcube/program/include/rcube_mdb2.inc

change
return “FROM_UNIXTIME($timestamp)”;
to
return sprintf(”FROM_UNIXTIME(%d)”, $timestamp);

Cpanel Basics

We can disable mod security for a domain, add following lines to virtual host entry.

vi /usr/local/apache/conf/httpd.conf

find the domain virtualhost entry and add

<IfModule mod_security2.c>

SecRuleEngine off

</IfModule>

save and exit

service httpd restart

Cpanel Basics

Make sure that you are running proftp or pure-ftp, since in proftp there is no option for quota modification in cpanel.

If you want this option please change it to pure-ftpd, you can do this from WHM - service configuration - Ftp configuration.

cPanel Help

If the mysql is not starting after mysql upgrade from 4.1 to 5.0, please do the following to get it work.

open my.cnf

vi /etc/my.cnf

comment or remove the line

basedir=/var/lib/

save and exit

service mysql start

That’s it.

cPanel Help

If you unable to change the File permissions using cPanel …
Login to the ssh

open usr/local/cpanel/base/frontend/x/files/changeperm.html
Find the line with <cpanelFilema …..
Put a space between cpanel & Fileman
Save the file . ..

cPanel Help

About: cPanel And Plesk

CPANEL

cPanel and Plesk are the two popular control panels that are provided by most of the web hosting services to aid the users create and modify their websites easily. cPanel is available only with Linux operating system, whereas, Plesk is available with the Linux as well as with the Windows operating system. However, the latest version of cPanel that will be released in the year 2008 will be compatible with both the operating systems.

When buying a hosting account, you must make several decisions. One of the important decisions is to consider about which control panel to choose that will be the easiest and also will have better in-built web utilities. There are many web control panels available, but the most popular are the cPanel or Plesk. Below is the comparison of cPanel and Plesk which should help you decide which of the two will suit your web needs.

The cPanel and Plesk both offer similar basic features. Using either, you can easily create, or edit, or delete e-mail accounts, thereby manage all your email accounts, as well as also perform all domains or sub-domains maintenance from either of the control panels. You can also upload all your files and manage them from your cPanel or Plesk account. There are other add-ons available with both and for most of the webmasters, these capabilities are sufficient to produce and manage good websites.
cPanel

cPanel (Control Panel) is a very popular graphical web-hosting control panel used to simplify the administration of websites. The cPanel is provided by the cPanel Inc. It is a proprietary product. cPanel is chiefly used by the commercial hosting services and being a proprietary product, it requires monthly license fees.

cPanel is a very popular control panel and is used by most of the web designers and web masters now-a-days. It was mainly designed for Speed Hosting. cPanel is based on Perl scripts and requires no access to the database most of the time. It is an excellent graphical user interface (GUI) which helps in developing and designing the website attractively and giving it a professional look.

cPanel has many features like the FTP, e-mail management, domain and sub-domain control, back-up facility, database management, etc. cPanel even takes extremely less time than most other to load. Web developers can have their own applications and add-ons like ‘Fantastico’ and ‘RVSkins’ installed using cPanel.

cPanel even has a statistics sidebar, which gives you every detail of your website, for example, the domain name, e-mail accounts, disk space usage, SQL database, monthly bandwidth used, sub-domains, parked domains, and many more exciting applications are provided by the cPanel.

cPanel even provides Web Host Manager (WHM), which is specifically used for simplifying the reseller web hosting. By using this feature, you can easily set up a reselling account and resell web hosting service.

Migration of your website and the web hosting account to another web hosting service is easily possible through the site migration module as the cPanel. This makes it very easy to transfer your entire site or some important data from one site to another.

PLESK

Plesk is the most preferred website control panel now-a-days, as it is more reliable compared to any other website control panel. The fact that, it is compatible with the world-renowned Windows operating system makes it more special. Plesk has different versions for Windows and the Linux operating systems. You can even use the same control panel for different operating systems. Plesk is also very easy to learn. This makes it very easy for the users to learn this control panel and, in turn, saves a lot of time and money.

However, the main disadvantage of Plesk is that the web developers and the web designers cannot create their own applications and add-ons in Plesk. Also, there is some security problem noted with Plesk. Hackers can easily gain access into this control panel even if the user name and password are changed often.

So, if you want the control panel which is compatible with Widows as well as Linux operating systems, then you can choose Plesk. However, if you want the easiest control panel which allows you to install many attractive programs, then you need to choose the cPanel.

More notes on the cPanel and Plesk that will help you decide further:

The cPanel and Plesk both have a great graphical user interface (GUI) to begin your work from. It is said that the cPanel has the better GUI and is user-friendly as well. The Plesk graphical user interface (GUI) can appear a bit difficult to a first-time user. cPanel must have been designed specifically for the novice users than the Plesk design, hence the cPanel is preferred by the novice and also by the professionals.

cPanel is being provided by almost all the major web hosting services and includes the Fantastico Deluxe installer that again includes many wonderful web utilities and powerful scripts. Using the Fantastico, you can easily install forum blogs, content management systems (CMS), e-mail accounts, community boards or forums, even install the e-Commerce shopping cart solutions, and other web tools to make your website very professional easily. There is absolutely no need to know web programming, coding, or advanced database knowledge. You can install all these utilities and scripts and have them running within minutes.

Plesk also provides an application pack. Plesk also can use major third-party web utilities, but the cPanel and Fantastico seems to be in more demand.

To credit Plesk, by the way, it can support both the UNIX and Windows based web servers while cPanel can only be used on UNIX-based web servers. As the UNIX based servers are not expensive to utilize, most of the webmaster will prefer the cPanel as it costs less to host their websites.

Cpanel Basics

The most important properties required to connect DB from scripts ( PHP,CGI or Perl ) are

database server : localhost
database name : cpanelusername_testdb
database username : cpanelusername_dbuser
database user password : *****

cPanel Help

Ports that can/must be open to run cPanel behind a firewall:

port service protocol direction

20  ftp tcp inbound/outbound
21 ftp tcp,udp inbound/outbound
22 ssh tcp inbound
25 smtp tcp inbound/outbound
26 smtp tcp inbound/outbound
37 rdate tcp outbound
43 whois tcp outbound
53 DNS tcp/udp inbound/outbound
(inbound is only needed if you run your own public DNS server)
80 http tcp inbound/outbound
110 pop3 tcp inbound
113 ident tcp outbound
143 imap4 tcp inbound
443 https tcp inbound
465 smtp tls/ssl tcp/udp inbound/outbound
873 rsync tcp/udp outbound
993 imap4 ssl tcp inbound
995 pop3 ssl tcp inbound
2082 cpanel tcp inbound
2083 cpanel ssl tcp inbound
2086 whm tcp inbound
2087 whm ssl tcp inbound
2089 cp licence tcp outbound
2095 Webmail tcp inbound
2096 Webmail SSL tcp inbound
3306 mysql tcp (only if you need to connect remotely)
6666 chat tcp inbound

cPanel Help