cPanel Hosting Stuff

This article helps you to enable suphp on Linux servers with Cpanel..

Take the backup of httpd.conf and php.ini files.

cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bk

cp /usr/lib/php.ini /usr/lib/php.ini.bk

Now run
/scripts/easyapache

go through the options and select suphp and complete the steps.

Once it is done, login to WHM - onfigure Suexec and PHP

Change the PHP 5 Handler from DSO to suphp.

Click on Save New Configuration.

Done, You have completed the installation and now you can check the top command to see php processes will run with user name instead of nobody. But still apache processes run as nobody.

Now we have to change the ownerships and permissions….

Set owner of all user files

for CPAccess in `ls -A /var/cpanel/users`; do chown -R $CPAccess:$CPAccess /home/$CPAccess/public_html; done

for CPAccess in `ls -A /var/cpanel/users`; do chown $CPAccess:nobody /home/$CPAccess/public_html; done

Set permissions of all user files

find /home*/*/public_html -type d -perm 0777 -exec chmod 755 {} \;
find /home*/*/public_html -type f -perm 0777 -exec chmod 755 {} \;
find /home*/*/public_html -type f -perm 0666 -exec chmod 644 {} \;

find the .htaccess files which contains php settings like php_value

find /home/*/public_html -name .htaccess -type f | xargs grep -rl php_

It will give the list, so you can comment the php settings and add it on php.ini

Apache , htaccess and Front Page

If domain is having SSL certificate you can find following files in folders.

CRT : /etc/ssl/certs/www.domain.com.crt
RSA KEY : /etc/ssl/private/www.domain.com.key
CSR : /etcssl/certs/www.domain.com.csr
CA File : /usr/local/apache/conf/ca.txt ( optional )

Apache , htaccess and Front Page

font=Arial]APACHE LOG FILES[/font]

In order to effectively manage a web server, it is necessary to get feedback about the activity and performance of the server as well as any problems that may be occuring. The Apache HTTP Server provides very comprehensive and flexible logging capabilities.

Apache maintains two log files namely Error_log and access_logs

Error_log >>>> /usr/local/apache/logs/error_log
Access_log >>>> /usr/local/apache/logs/access_log

You can see more recent errors or entries from log files by entering following command at root prompt.

tail -20 /usr/local/apache/logs/error_log << displays last 20 entries
tail -200 /usr/local/apache/logs/access_log <<< Last 200 entries.

A very wide variety of different messages can appear in the error log. Most look similar. The error log will also contain debugging output from CGI scripts. Any information written to stderr by a CGI script will be copied directly to the error log.

Note: Always check apache logs to resolve apache issues and save time

Apache , htaccess and Front Page

To fix Front Page problem completely. I mean service.pwd file issue.
Login to WHM >> Update config >> Select cpanel update MANUAL RELEASE TREE
Then login to Shell and do

/scripts/upcp

The above fucntions will upgrade cpanel to
WHM 9.9.3 cPanel 9.9.6-R10

Cpanel 9.9.6-R10 fixes Front Page service.pwd wrong permissions problem.

If you are still getting problem, Then try following commands one by one.

/scripts/updatenow
/scripts/initfpsuexec
/scripts/fp-auth

Apache , htaccess and Front Page

“509 Bandwidth Limit exceeded error” occurs when the bandwidth allocated to an account exceeds.

At that time the cPanel creates an empty file by that domain name in the /var/cpanel/bwlimited directory.

To view such sites please do the following

1) Go to the /var/cpanel/bwlimited directory

2) And remove the file which has name of his domain or subdomain .

But see to it that you touch those files again and ask the client to purchase additional bandwidth.

Apache , htaccess and Front Page

To view the contents of a certificate:

cd /etc/ssl/certs

openssl x509 -noout -text -in filename.crt

To view the contents of a private key:

cd /etc/ssl/private

openssl rsa -noout -text -in filename.key

If the modulus number and exponent of the cert and key match,
they are paired correctly. If not, they are mismatched and apache
will not start with ssl enabled.

To view the contents of a csr file:

openssl req -noout -text -in filename.csr

Apache , htaccess and Front Page

If you have your web site set up in Microsoft’s FrontPage, it is not difficult to add more users, and arrange their individual access, to your web site using FrontPage itself. Depending on your user’s requirements YOU can specify their access ‘permissions’.

There are 3 types of access open to FrontPage users, permissions to:

Browse — the user can browse the files in the web (read access only).

Author — the user can browse and change the files in a web (read and write access only).

Administer — the user can browse and change the files in the web; but, can also administer the web by adding and removing users (full access).

Instructions are as follows:

1. Open FrontPage and open your web site.

2. Log in as one of your ‘administrative’ FrontPage users.

3. Go to the Tools in the menu, select Security and click on Permissions.

4. Click on the Users tab.

5. Click on the Add button.

6. Select the User from the Names box and click on the Add button. The user should now be listed in the Add names box.

7. Specify the type of access to give the user (Browse, Author or Administer).

8. Click on the OK button.

9. The FrontPage user will now be created

Apache , htaccess and Front Page

To check http connections on a server that is having high number of httpd processes running you can check that from the shell itself there is no need to login into WHM.

Just give the command :

service httpd fullstatus

This will provide the similar output as of the WHM.

If you get error as :

Not Found

The requested URL /server-status was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to
use an ErrorDocument to handle the request.

Then do the following :

1) open the httpd.conf file

2) Find the following lines

#<Location /server-status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from .example.com
#</Location>

Uncomment them and also change the Allow line to “Allow from localhost”.

3) Save and restart the httpd

Now you can check connections from shell itself.

Note You need to have mod_status enabled on the server for the above command to work.

And similarly to check the mysql connections you can use the following commands:

mysqladmin processlist

OR

mysqladmin proc

Always try to get rid of WHM/cPanel and try to do the same thing in shell and become more productive by using it.

Apache , htaccess and Front Page

General cause of this following error.
“HTTP Error 302 - Moved temporarily”.

The 302 response from your Web server should always include an alternative URL to which redirection should occur. If it does, a Web browser will immediately retry the alternative URL. So you never actually see a 302 error in a Web browser, unless perhaps you have a corrupt redirection chain e.g. URL A redirects to URL B which in turn redirects back to URL A. If your client is not a Web browser, it should behave in the same way as a Web browser i.e. immediately retry the alternative URL.

If the Web server does not return an alternative URL with the 302 response, then either the Web server sofware itself is defective or your Webmaster has not set up the URL redirection correctly.
==============================

Resolving 302 errors - CheckUpDown
==============================

Redirection of URLs may occur for low-level URLs (specific URLs within your Web site such as www.isp.com/products/index.html) when you reorganise your web site, but is relatively uncommon for the top-level URLs (such as www.isp.com) which most CheckUpDown users ask us to check. So this error should be fairly infrequent.

The 302 response from your Web server should always include an alternative URL to which redirection should occur. If it does, CheckUpDown automatically tries the alternative URL. This in turn may possibly lead to another redirection which CheckUpDown then tries. This continues for a maximum of 5 redirections. As soon as 5 redirections have occurred, CheckUpDown gives up and reports the 302 error for your account. So you should only ever see the 302 error if 1) your Web server gives no alternative URL on the 302 response or 2) the number of redirections exceeds 5. This second condition should be fairly unlikely - and may indicate a recursive pattern e.g. URL A redirects to URL B which in turn redirects back to URL A.

You first need to check that the IP name we use to check for your account is accurate. If you or your ISP have configured something so that any access using this name should now be redirected to another name, then you need to update your CheckUpDown account to start using the new name.

If you believe that the IP name we use is exact (should not be redirected), please try accessing the current URL using a Web browser. Note carefully which URL actually gets displayed, because your browser may silently switch to a substitute URL if it receives an 302 message from your Web server. If you see any evidence of a new URL, try accessing that directly from your browser. If this works (you see your Web site as expected), then this new URL is what you may need to update on your CheckUpDwon account. If this is a temporary redirection, then you may also need to reinstate the original IP name at a later date when the redirection is no longer effective.

If none of the above help, we can analyse the underlying HTTP data streams we receive from your Web server. These can provide additional information about the new URL(s) which your Web server thinks we should be accessing. Before doing this, we prefer you to identify any deliberate changes on your side, liaising with your ISP if needs be.

302 errors should occur infrequently, because top-level URLs do not change often. If they do change, then this is typically because a redirection URL is being suggested. This pervasive change is unlikely to occur by accident, so most often we can resolve this error by updating our system records for your account following a deliberate change of URL on your part, whether this change is temporary or permanent.
=====================================

Apache , htaccess and Front Page

If any client site having problems with mod_security rules we can add following directives to disable mod_security for his site.

Just add following lines to his virtual host entry :

<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>

For mod_security2

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

Note: Mod_security implemented for good reason like preventing spamming through forms and to protect dos attacks. Don’t disable by if client request to disable it. we need to check what client is doing and what errors he is getting.

Apache , htaccess and Front Page