Saturday 30 June 2012

RVsitebuilder Installation in cPanel

How to install RVsitebuilder in cPanel?

 1. SSH to your cPanel server as root and run command 

/scripts/makecpphp

2. Download the installer using the command below: 

cd /usr/local/cpanel/whostmgr/docroot/cgi/ 
rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/ 
rm -f rvsitebuilderinstaller.tar
wget http://download.rvglobalsoft.com/rvsitebuilderinstaller.tar
tar -xvf rvsitebuilderinstaller.tar
chmod 755 addon_rvsitebuilder.cgi 
rm -f rvsitebuilderinstaller.tar

3. Open root WHM, at the left menu under Plugins section, you will find RVSiteBuilder Installer menu.

4. Click RVSiteBuilder Installer to begin the installation process.

5. After complete the installation, you will be sent to RVSiteBuilder Manager automatically. Please configure RV SiteBuilder immediatly.

Done!! Your cPanel should show the RVSiteBuilder as a feature in all cPanel users. Special note for specific cPanel skin:


  • RVSkin - It will automatically integrate RVSiteBuilder to RVSkin. You may need to edit the Package-Feature list if RVSite Builder doesn't show up, or you don't want some hosting packages access to it.



  • X3, X Skin and some which support addon api - It will automatically display on cPanel. You are also able to manage the feature list in WHM Feature Manager.



  • CPSkins - You have to manually integrate it by editting file /usr/local/cpanel/base/frontend/themename/index.html. Insert on the top of the page, and edit /usr/local/cpanel/base/frontend/themename/main.php. Place in the area you want to show the RVSiteBuilder Icon. Don't edit file RVS2CPSkinmenu.html. Your change will be lost when you update RVSiteBuilder. If you want to edit it, just copy its name and change the cpanel include path to the new one.
Posted by at 1 comment:
Labels:

Monday 25 June 2012

Hardening the linux server or cenos 5/6.2

How to harden the centos 5 or centos 6.2



SPRI (Priority Scheduler)
cd /root/
wget http://www.rfxn.com/downloads/spri-current.tar.gz
tar xvfz spri-*.tar.gz
cd spri-*
./install.sh
spri -v



PRM (Process Resource Monitor)
cd /root
wget http://www.rfxn.com/downloads/prm-current.tar.gz
tar xvfz prm-*.tar.gz
cd prm-*
./install.sh
prm -j




Temporary Directory Hardening
-----------------------------

/bin/cp /etc/fstab /etc/fstab.bak


Use df to check if a /tmp partition is already present.

[if no /tmp partition present]
cd /usr
dd if=/dev/zero of=/usr/tmpMnt bs=1024 count=2000000


mke2fs -j /usr/tmpMnt


cd / 
cp -R /tmp /tmp_backup 


mount -o loop,noexec,nosuid,rw /usr/tmpMnt /tmp 
chmod 0777 /tmp 
/bin/cp -R /tmp_backup/* /tmp/ 
rm -rf /tmp_backup 


nano -w /etc/fstab 




At the very bottom add 
/usr/tmpMnt /tmp ext3 loop,noexec,nosuid,rw 0 0


nano -w /etc/fstab
change “defaults” to loop,noexec,nosuid,rw
mount /tmp


rm -rf /var/tmp
ln -s /tmp /var/tmp



If a symlink is not possible, then /var/tmp is most likely also a partition. In this case, /var/tmp must be hardened with loop,noexec,nosuid,rw in fstab as well.



IF /tmp is hardened by cpanel’s /scripts/securetmp. Remove the line from /etc/rc.d/rc.local and then reboot. It will come back without a /tmp partition and then you can follow the instructions above



SSH Server Hardening
---------------------

nano -w /etc/ssh/sshd_config



Uncomment #Protocol 2, 1
Change to Protocol 2


Append these lines to the bottom:
LoginGraceTime 120 


IgnoreRhosts yes 


X11Forwarding no 




/etc/rc.d/init.d/sshd restart


DISABLE DIRECT ROOT LOGIN


If he already has an su user, good. If not:


REPLACE XXX with 3 numbers


groupadd anyuserxxx
useradd anyuserXXX –ganyuserXXX
passwd anyuserXXX
type password


nano -w /etc/group
Search for wheel, then append “anyuserxxx” 


So it should be “root,anyuserXXX”


nano -w /etc/ssh/sshd_config


PermitRootLogin no (and uncomment)


At the bottom add
AllowUsers anyuserXXX




ChkRootKit
--------------
cd /root/
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
mv chkrootkit.tar.gz /usr/local/src/
cd /usr/local/src/
tar -zxf chkrootkit.tar.gz
cd /usr/local/src/chkrootkit*
make sense
cd /root
mv /usr/local/src/chkrootkit* /usr/local/chkrootkit



cd /etc/cron.weekly

Code: Select all

#!/bin/bash


EMAIL=your@domain.com


/usr/local/chkrootkit/chkrootkit -q | mail -s "ChrootKit Scan Report - $(hostname)" $EMAIL


chmod 755 /etc/cron.weekly/chkrootkit.sh




RkHunter
------------

cd /root

wget http://space.dl.sourceforge.net/project/rkhunter/rkhunter/1.3.8/rkhunter-1.3.8.tar.gz

wget http://space.dl.sourceforge.net/project/rkhunter/rkhunter/1.3.8/rkhunter-1.3.8.tar.gz
tar -zxf rkhunter-1.3.4.tar.gz
cd rkhunter*
./installer.sh --layout default --install




cd /etc/cron.weekly

Code: Select all


#!/bin/bash

EMAIL=your@domain.com
rkhunter  -c --sk --summary -q |  mail -s "Rkhunter Scan Report - $(hostname)" $EMAIL


chmod 755 /etc/cron.weekly/rkhunter.sh




Installing CSF firewall
------

wget http://www.configserver.com/free/csf.tgz

tar -xzf csf.tgz

cd csf

sh install.sh



Next, test whether you have the required iptables modules:



perl /etc/csf/csftest.pl


Posted by at 3 comments:

Thursday 21 June 2012

./wp-blog-header.php error [function.require]:failed to open stream


You have installed Wordpress and are seeing the following error:
Warning: require(./wp-blog-header.php) [function.require]: failed to open stream: No such file or directory in "\xyz\xyz.com\wwwroot\index.php" on line 17
Warning: require(./wp-blog-header.php) [function.require]: failed to open stream: No such file or directory in "\xyz\xyz.com\wwwroot\index.php" on line 17
This is most likely because you have installed wordpress into the wwwroot instead of a sub-directory.  Wordpress be default assumes it will be installed in a sub-directory.

To solve this problem, modify the index.php file as follows only if your WordPress installation is running in your root directory. You only need to change the following line:
require('./wp-blog-header.php');
To this:
require('wp-blog-header.php');
If your WordPress installation is not running in the root directory, then you just need to insert the path to your header file.  
Posted by at No comments:

Sunday 17 June 2012

Install/upgrade curl in Litespeed webserver

How to install Curl in LiteSpeed webserver?

Kindly follow the steps below to know how to install curl in litespeed webserver.


1) Go to lsws directory


# cd /opt/lsws/phpbuild/php-5.2.6/

2) Check the compiled modules with litespeed and check the current status.

# cat config.nice
# cat config.status
#cat config.nice

3) Now you need to recompile the litespeed with the module

# ./configure --prefix=/opt/lsws/lsphp5 --with-litespeed --with-config-file-path=../php --with-mysql=../mysql --with-zlib --with-zlib-dir=.. --with-gd --with-jpeg-dir=.. --with-png-dir=.. --enable-shmop --enable-track-vars --enable-sockets --enable-sysvsem --enable-sysvshm --enable-magic-quotes --with-curl=/opt/curlssl/
# make
# make test
# make install

Once the installation is complete, you can check the compiled modules using the following command

# /opt/lsws/lsphp5/bin/php -m
# /opt/lsws/lsphp5/bin/php -i |grep curl 


Thats it Litespeed is compiled with CURL module. :) 

-= by Hemanth =-
Posted by at 1 comment:
Labels: , ,

Saturday 16 June 2012

Remove a space in front of word or words in a file

How to remove space in front of a word in a file?



Just use this command to remove the space in front.

cat filename |cut -d":" -f2 |sort | sed -e 's/^[ \t]*//'

Now it will show you the output. If you want the output added inside a file just use this 

 cat filename |cut -d":" -f2 |sort | sed -e 's/^[ \t]*//' > filename.txt
Posted by at 1 comment:
Labels: , ,

Mailscanner : Allow extensions like .docx, .dox,

How to allow some other extensions like .docx, .app and etc in the mailscanner?

I have followed this post to allow the .zip extensions to  in the mailscanner.

http://linux-bloggers.blogspot.in/2012/06/mailscanner-allow-zip-tar-gz-extension.html


However, when I am trying to send email of my word doc and other files, that are being blocked by mailscanner. How to allow it?

Solution:-

You have two solutions to solve the issue.

Solution1:- Disable the SPAM scanner and virus scanner for that user alone via cPanel.
1) Go to cPanel > Emails > Mailscanner configuration.
2) Select the the domain name under SPAM and VIRUS option set it the options to "NO" and save the settings.

This will allow that domain to send emails with all the extensions.

Solution2:-


This is serverwide changes. Where the editing will reflect to all the domain in the server.

1) Login to the server with the root access
2) locate the file name "filename.rules.con"

in cPanel server it will be available in /etc/MailScanner/filename.rules.con

3) vi /etc/MailScanner/filename.rules.con
4) in that file, find the place which has specified "allow"
5) add the following syntax to allow the extension


allow \.docx$ - -
allow \.xlsx$ - -
allow \.app - -
allow \.x(ml)?\d{0,}\.rel$ - - 

Save the file and restart your mail scanner. Thats it. Your mailscanner will allow the specified extensions to all the domain in the server.

Note: When you add the syntax " allow \.docx$ - - ", you should use "TAB key" to leave a space between them. DO NOT use "spacebar" to leave the space. Beware!!!!! ;-)

Posted by at No comments:
Labels: , ,

Mailscanner: allow .zip .tar .gz extension in email

How can I configure MailScanner to allow zip/archive files through even if they contain an exe file or other potentially dangerous filename or filetype?

You can configure MailScanner to not check archives (zip, tar.gz etc).

 1) Go to WHM > MailScanner > MailScanner Configuration

and search for 'Maximum Archive Depth'.

2) Change that to 0 to disable it.

That's it. The mailscanner will allow the .zip, .tar and etc. The attachments will still be scanned for viruses.
Posted by at No comments:
Labels:

Friday 8 June 2012

Authentication erorr IIS home page

When you try to access the website, you will be getting an error message stating as follows:

=====
Authorization Error
=====

Its a known issue if you are running Plesk with IIS.

You can resolve the issue by performing the following.

===========
 

Anonymous access to the site was enabled in IIS:>IIS -> Web site -> domain.com -> Directory Security -> Enable anonymous access




Remove the .Security file from C:\Inetpub\vhosts\domain.com and reconfigure vhost via the following command: C:\Program Files\Parallels\Plesk\admin\bin>websrvmng --reconfigure-vhost --vhost-name=domain.com 

 
If the passwords for system user and IIS user seemed to be out of synchronization, change the password for IIS user on that domain and do the same in Computer Management -> Local Users and Settings -> Users -> IUSR_domain
Verify other domains are not having the same issue.

After performing the above, execute the following command from command prompt.
websrvmng --reconfigure-vhost --vhost-name=domainname.com


 Have a Great Surfing!!!!!
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)