Error given by ( Squirrel Mail ) and ( Horde Mail )

//*** Error on the screen will be like this  ***// :--

root@fs1 [/scripts]# ./fixwebmail

chown: cannot access `/usr/local/etc/cpanel/base/webmail/data': No such file or directory

chmod: cannot access `/usr/local/etc/cpanel/base/webmail/data': No such file or directory

--------------------***********--------------------***********-------------------

Just follow few steps is given below to solve this kind of issue :-

Step 1).

 Try to Un-checking HordeMail & SquirrelMail in WHM >> Tweak Settings >> Save >> Re-check >> Save.

Then try it now.

 -------------------------*******************-------------------------

Step 2). 

A>

Is there any usecpphp file in /var/cpanel/ directory?.

If not create it by the following command

touch /var/cpanel/usecpphp

B>

If the file is Still exist,Then run the following commands :-

cp -p /usr/local/cpanel/base/3rdparty/squirrelmail/config/config_default.php /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php

C>

This will solve your problem, If problem Still exists run the following commands on server :-

/scripts/updatenow

/scripts/makecpphp

-----------------------**********-------------*********--------------------------

Error (98)Address already

//** Error **// :-

If we get this kind of  error, of while try to restart  httpd:httpd  not running, trying to start

(98)Address already in use:- make_sock: could not bind to address 0.0.0.0:443

no listening sockets available, shutting down

******************************--------------********************************

** Unable to open logs Then Simply fire the command which is given below :--

netstat -lpn | grep '0.0.0.0:80'

It will show the result something like:

tcp        0      0 0.0.0.0:80                  0.0.0.0:* LISTEN      14829/httpd

*Note:- Then kill the PID & kill all the processes of the service & try to restart it.

******************************--------------********************************

This will fix the (98)Address already in use error...

IP Attack

/// How to insert an -IP- into firewall is given below :--

********************

Step 1--

 first check which IP is hitting your site number of times by :-

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

********************

Step 2--

 Then you can insert this IP into firewall by :-

apf - d  ip

to allow an ip ; 

foist remove the entry from deny_hosts.rules using pico command & then execute.

apf  -a  ip

********************

Authentication Error when Changing User Passwords in Linux

** Authentication Token Manipulation Error when Changing User Passwords in Linux ** :--


----------------------

. Error on the screen :--

*************************************

You may get an error, such as Authentication Token Manipulation Error while trying to change passwords for a user.

. For example :--

#passwd user

#Authentication Token Manipulation Error


[Note] :--

1]      This error is being produced because you are using shadowed password files & the shadow does not have entry for this user. i.e, /etc/passwd has an entry for this user, but /etc/shadow does not.

2]       In order to resolve this, you can either add the entry manually or recreate the shadow file. You can use pwconv to recreate the shadow file, See the manpage for more details on this.


*****************------------------******************

BLock Port IN iptables

//**Fire this command on server**//

 

-------------------

iptables -A FORWARD -p tcp --dport 25 -j DROP

-------------------

How to test if Linux server disk (SCSI / SATA) or hard disk going bad

//** How do I test if my Linux server SCSI / SATA hard disk going bad? **// :--

****************************************************************

One of our regular sends us a question :--

    How can I test if my hard disk is going bad? I see few errors in /var/log/messages file.

I/O errors in /var/log/messages indicates that something is wrong with the hard disk and it may be failing.

Next thing is check hard disk for error using smartctl command, which is control and monitor utility for SMART disks.

smartctl controls the Self-Monitoring, Analysis and Reporting Technology (SMART) system built into many ATA-3 and later ATA, IDE and SCSI-3 hard drives. The purpose of SMART is to monitor the reliability of the hard drive and predict drive failures, and to carry out different types of drive self-tests.

smartctl is a command line utility designed to perform SMART tasks such as printing the SMART self-test and error logs, enabling and disabling SMART automatic testing, and initiating device self-tests.

Make sure S.M.A.R.T. support is enabled in the BIOS.

Next run following command to see if your hard disks support S.M.A.R.T technology:

# smartctl -i /dev/sdb

Now enable SMART:

# smartctl -s on -d ata /dev/sdb

Output:

smartctl version 5.33 [x86_64-redhat-linux-gnu] Copyright (C) 2002-4 Bruce Allen

Home page is http://smartmontools.sourceforge.net/

=== START OF ENABLE/DISABLE COMMANDS SECTION ===

 

SMART Enabled.

Now run overall-health self-assessment test:

# smartctl -d ata -H /dev/sdb

Output:

------******START OF READ SMART DATA SECTION ******------

SMART overall-health self-assessment test result: PASSED

 You can read more data from hard disk by typing following command:

# smartctl -d ata -a /dev/sdb

A note about RAID controller

To look at ATA disks behind 3ware SCSI RAID controllers, use syntax such as:

# smartctl -a -d 3ware,2 /dev/sda

# smartctl -a -d 3ware,0 /dev/twe0

Extended self-test of drive

You need to begin an extended self-test of drive /dev/hdc. You can issue this command on a running system. The results can be seen in the self-test log visible with the ´-l selftest´ option after it has completed.

# smartctl -d ata -t long /dev/sdb

If any one of these test reports error, replace hard disk and restore data from backup.

 

****************************************************************

Optimize hard drive access performance

//** Steps for optimizing HARD DRIVE access performance is as follows **//:--

** Hdparm :--

 

      The following optimizations techniques can be applied to (E)IDE drives to utilize 32 bit I/O & DMA more effectively. 

 

-----------------*******************---------------------

. Step 1 :--

**Get info: hdparm /dev/hda 

**Get more info: hdparm -I /dev/hda 

**Test Speed: hdparm -tT /dev/hda 

**Increase Speed: hdparm -d1 -c3 -u1 /dev/hda 

. Step 2 :--

-d1: Turn on DMA (0: off) 

-c3: IDE chipset support 

0: Disable 

1: Enable 

3: 32 bit transfer 

 

-u1: Get/set interrupt umask. Driver ignores other interrupts during processing of disk interrupts. (0: off) 

 

Test Speed Again: hdparm -tT /dev/hda 

 

The Red Hat 7.1+/8.0 configuration uses /etc/rc.sysinit to call scripts /etc/sysconfig/harddisks. 

(Earlier systems used: /etc/sysconfig/harddiskhda, /etc/sysconfig/harddiskhdb, etc) to run hdparm upon boot. 

 

File: /etc/sysconfig/harddisks: 

    USE_DMA=1

    EIDE_32BIT=1

**Note:- Turn off hdparm DMA access: hdparm -d0 /dev/hda 

Links: 

** hdparm man page. 

-Optimizing hard drive performance with hdparm. 

  (ATA, UDMA & hdparm)

 

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!********************!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

All Done.

How to check CRON-JOB

***Just Fire Following Command On The Server ***:--

---------------------------------

**This is to check users cron job**

Command :--

   crontab -u mwda0820 -l

----------------------

How to Disable PING Command on server

//** Command to disable ping on the server solution given below **//:--

                            

 Step 1>

Command to disable PING:-

echo "1" >> /proc/sys/net/ipv4/icmp_echo_ignore_all

********************************************

                             

 Step 2>

Command to enable PING :-

echo "0" >> /proc/sys/net/ipv4/icmp_echo_ignore_all

**********************************************

                              

Step 3>

**Note:--Ping can also be disbale to following command :-

# iptables -A INPUT -p icmp -j DROP

--------------------------************----------------------------

What is dos attack

//** follow the insruction below **// :-

DOS attack :-

/home/virtual/public_html/vtc

--------------------********************------------------------

** This will also help you :-



netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

route add xxx.xx.xx.xxx reject

netstat -n | grep :80 | wc -l;uptime ; netstat -n | wc -l


-----------------------------------------------------------

** Also do this to lower down the server load :-


Steps to lower the load, If you want stats to continue to run even with a high load,Then Edit

/var/cpanel/cpanel.config & change extracpus to a number larger then 0

(run/usr/local/cpanel/startup afterwards to pickup the changes)


--------------------********************------------------------

How to configure Outlook

//** Following steps are useful for setup an account in outlook **//: -

**************------------***************


*  Open up outlook express.

*  Goto the menu at the top called "Tools".

*  On the menu please select "Accounts".

*  Across the top you will see several tabs(all, mail, news, directory service) . Please click on the one entitled   "Mail".

*  Click the add button (found on the right hand side).

*  A menu appears. Please select "mail".

*  Please type in your name

*  Click Next.

*  Type your emailid in the 'E-mail address'

*  Click Next.
*  Please check that POP3 is selected at the top of the screen,

*  In the field called "Incoming mail(POP3, IMAP OR HTTP) server" please type in "mail.<domainname>"

*  In the field called "Outgoing mail(SMTP) server" please type in the smtp server that your isp gave you for example:-

   mail.<domainname>

*  Click next.

*  In the field entitled "Account name" please type your account name

*  In the field entitled "Password" please type in your password. This password was the password you used  when you set up your mailbox,

*  Click the "next" button

*  Click "finish"

*  Click "close"


**************------------***************

This will setup a new account So click the button "send/recv" to check it

POP3/IMAP Server

//** Some steps are given below **// :-

Install Dovecot < POP3/IMAP Server > :-

**--**

    Dovecot is a very popular POP3/IMAP Server, The main Difference beween POP3 &IMAP is while accessing your EMAIL with outlook if you use POP3 & IMAP the mail is download to your COMPUTER & DELETED from Server,With IMAP the mail is retained in the server,If any problem occurs while downloading the EMAIL are lost with POP3, The configuration file is located at /etc/dovecot.conf

yum install dovecot

**--**
 
   Open the dovecot config file.etc/dovecot.conf & make tis following chnages.You may need to comment / uncomment certain lines

protocols=imap imap pop3 pop3s

**--**

   Look for the line auth default  & male these changes,Be careful with the lines as they are heavily commented out,

auth default{
mechanisms=plain login
passdb pam{
}
userdb passwd{
}
socket listen{
client{
path=/var/spool/postfix/private/auth
mode=0660
user=postfix
group=postfix
}
}

------------------***************************------------------

Simple function [ FIND ]

//** Fire the given command on Server **//:-

 

************

find . -type f -exec grep a7rar '{}' ';'

********

How to take backup..

//**Following steps will guide how to take back up **// :--

**[NOTE] :--

                You will have to take fullbackup of all the accounts from your ,Previous hosting panel with the following steps.(your previous hosting should have Cpanel).

** Login to the individual account control panel.

** You will find an option called as "Backup"

** Click into it.

** In there you will find any option called "Generate/Download a Full Backup"

** Click in it and the backup process will start

** Later on you will have to move the database from the old server to the new server through FTP and we would help you in restoring all the backed up file back to normal.

 

------------------------------

All Done...

How to Catch spammers on Cpanel

//**Just follow given steps below**// :-

**Follow the steps given below to catch Spammers sending mails from scripts ( nobody emails ) :--

1] Edit /etc/exim.conf

 ------------------------------------------------------------------------

2] On the second line add :-

log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn \

Make sure all that comes on a single line,

 ------------------------------------------------------------------------

3] Save and exit,

 ------------------------------------------------------------------------ 

4] Restart Exim,

A keep a watch on /var/log/exim_mainlog as you should be able to trace path to directory from which the spammer(s) is / are spamming,

 ------------------------------------------------------------------------

** If the spammer is not spamming using formmail scripts then go through following steps :--

1 ] 

       Get the message ID from the header of the spam, It should be in format like 1DWJj4-00042i-74 ( this is the most important step else all thats given below is crap ).

2 ] 

       grep exim_mainlog with the message ID, ( Ex : grep 1DWJj4-00042i-74 /var/log/exim_mainlog ).

3 ] 

       Check the time on which the spam was sent and also check all that is shown after grep,

4 ] 

       If you find out the domain name or path of the scripts from exim_mainlog then go ahead & suspend the spammer, else proceed to step 5.

5 ] 

       Use this message ID to check the original message or bounced message in /var/spool/exim/input/. You should see 2 files there, one with -D at end & one with -H at the end, 

( Ex : /var/spool/exim/input/4/1DWJj4-00042i-74-D & /var/spool/exim/input/4/1DWJj4-00042i-74-H ) This 2 files will have all the information that was sent in the spam message & if it was sent using mailing list then you will catch the username of spammer in auth_sender part of this files, If it shows nobody then its your bad luck Proceed to step 6.

6 ] 

       If exim_mainlog shows the spams originating from /tmp of the server & check the file in /tmp of the server. wner of the file will be seen as nobody:nobody, Take down the time of creation of file. This time is what we need to find out who uploaded the script, You will need to convert this time into the time format of /usr/local/apache/logs/error_log & then in the format of the domlogs located at /usr/local/apache/domlogs/*

7 ]

       for file in /usr/local/apache/domlogs/*; do cat $file |grep “example”; done; ( you cannot do direct grep for the query here as it will give error that the arguement list is too long ).

8 ] 

       If the results in step (2) have shown some domain name or some username in common as sender of the spam but now you dont see that domain name on the server then check /var/cpanel/accounting.log to see if that account has been terminated from the server ( Ex : grep ebayspammer.com/var/cpanel/accounting.log ).

All that we need to know is importance of /var/log/exim_mainlog, /var/log/formmail.log, /usr/local/apache/logs/error_log, /usr/local/apache/domlogs/*,

/var/spool/exim/input/*/* and the files uploaded in /tmp of the server, Major spamming issues are caught using the time of sending the spam,You will need to work on your own when you get across such issue & use your logic to convert the time of sending the spams to the time format of respective log files I mentioned above,

*****************************************************************

All Done..

How to register a domain with using extra IPS

//  Let's get started with following simple steps  // :-

1. >

       Login to your registrar panel (Godaddy, Enom, etc..).

2. > 

      Select the domain you want to use & find where you can 'Register New DNS'

3. >

      Put in ns1.yourdomain.com and ns2.yourdomain.com in the respective fields.

4. >

      Put in the IP addresses < either yours or the ones provided to you by your host >

5. >

      Hit the save or submit button.

    ** NOTE:- If you are a regular reseller the rest is done by your host on their end so notify them that you            .         have done your part, If you run a dedicated server, read on.

6. >

      Login to your WHM panel as "root",

7. >

      Go to 'Reseller Center', select 'mydomain.com'. Click on the 'Edit Domains/Privilages' icon.

8. >

      When the page loads scroll down & put in the new nameservers, in this case ns1.mydomain.com &  

          ns2.mydomain.com.

9. >

       Save them & scroll down to 'DNS Function' and select 'Edit DNS Zone'.

10. >

      You will notice that the new nameservers are now located in the top 2 text fields Scroll all the way down 

          to where it says 'Add new A entries'.

11. > 

        In the first text field put in the nameserver & in the second empty text field put in the IP address. So it 

          will look something like this:-

          ns1.mydomain.com 14400 IN A 1.1.1.1

          ns2.mydomain.com 14400 IN A 1.1.1.2

12.  > 

         Click Save & you are done Enjoy.

 

-------------------------************--------************-----------------------------

Commands to open tcp or udp ports on the servers

//**Following commands use to open tcp or udp ports on the server **// :--

** Before using commands for opening the port,Please make sure the specific port is already opened & what is the use of that port **

You can verify the port with  :-

netstat -nap | grep : <port no>

(1)  You can open TCp port with.

iptables -A INPUT  -p tcp –dport <port no> -j ACCEPT

 

------------------------------------****************------------------------------------------

(2) You can open UDP port with

iptables -A INPUT -p udp –sport <port no>  -j ACCEPT

after that

 

 ------------------------------------****************------------------------------------------

 

(3) Service iptables save

and for flushhing iptables us

iptables -F 

 iptables -A INPUT -s 210.0.143.122 -j DROP

203.162.3.147

iptables -L

service iptables save

 

------------------------------------****************------------------------------------------

Properly Rejected Invalid Emails

//**Just read the method given below to resolve this issue**//  :--

*******************************

Mail queue fill up with bounce messages to non-existant spammer email addresses, By default. If an email comes into your server addressed to an invalid recipient, Exim will accept the message from the delivering agent, and then generate a return email to them explaining that the address is invalid, With this little tweak, you can make exim tell the delivering agent,Tthat address is invalid at the time the message is being delivered.

Method 1)

. Open WHM and click on Exim Configuration Editor

. Click on the Switch to Advanced Mode button.

. Scroll down until you see the section on ACL's. You'll see three boxes. In the middle box, locate the section that reads - See Section A:

--------------------------------------------------------------------------------------------

Method 2) Recommended

. Login into SSH and su to root.

. pico /etc/exim.conf

. Ctrl + W and type in: accept  domains , Notice the two spaces. Look for something like this below.

Section A :-

accept  domains = +local_domains

accept  domains = +relay_domains

accept  hosts = +relay_hosts

accept  condition = ${perl{checkrelayhost}{$sender_host_address}}

Between

accept domains = +local_domains

&

accept domains = +relay_domains

add the following:

endpass

message = unknown user

verify = recipient

Make sure each line lines upYou might need to add two spaces before each line, The final section will look like this :-

accept domains = +local_domains

endpass

message = unknown user

verify = recipient

accept domains = +relay_domains

accept hosts = +relay_hosts

accept condition = ${perl{checkrelayhost}{$sender_host_address}}

Scroll all the way to the bottom and click on Save.

*******************************

how to Setting or customising Server Security

//**Fire the following given command on the server**// :--

 

*************--**--**************

#system-config-securitylevel

 & also

/etc/sysconfig/selinux

 

*************--**--**************

All done..

What is Bad Blocks ?

//**Check out the following commands for BAD BLOCKS **//:--

Badblocks [options] device block-count

    

    System administration command, Search device for bad blocks. You must specify the number of blocks on the device (block-count). e2fsck and mke2fs will invoke badblocks automatically when given the -c option.

**Options:--

-b 

    blocksize

    Expect blocksize-byte blocks,

************************************

-c   blocksize

    Test blocksize-byte blocks at a time. Default is 16,

 ***********************************

-f

    Force a read/write or nondestructive write test on a mounted device. Use only when /etc/mtab incorrectly reports a device as mounted.

************************************

-i file

    Skip test of known bad blocks listed in file.

 ************************************

-n

    Perform a nondestructive test by writing to each block & then reading back from it while preserving data,

************************************

-o file

    Direct output to file,

************************************

-p number

    Repeat search of device until no new bad blocks have been found in number passes, Default is 0.

************************************

-s

    Show block numbers as they are checked

************************************

-t pattern

    Test blocks by reading and writing the specified pattern. You may specify pattern as a positive integer or as the word random, If you specifiy multiple patterns, badblocks will test all blocks with one pattern, and then test all blocks again with the next pattern. Read-only mode will accept only one pattern It will not accept random.

************************************

-v

    Verbose mode

************************************

-w

    Test by writing to each block & then reading back from it.

 

 

--------------------------------------------------------------------------------------------------------

How to fix the error -License File Expired-

//**To deal with such issue is very easy just follow given instructions**// :--

First we need to check the license on http://verify.cpanel.net/ to ensure that it is still licensed

If it's not Then please contact who you purchase the license from directly

**If it says it is valid, try the following commands as root via SSH:-

---------------------------------------

# rdate -s rdate.cpanel.net

# /usr/local/cpanel/cpkeyclt

 

---------------------------------------

Solution for MIME

//**Follow the Instruction**//:--

If your web site is running on linux server and want to make it stream windows media.Then you have to do following steps :<<

     Step. 1 >

 

First, you have to configure mime type in apache web server to recognize the windows media file .asx .

     Step. 2 >

Log on to linux server as a root, At the dollar prompt, type as following below

Change directory to etc folder

$ cd /etc

Edit mime.types file

$ vi mime.types

     Step. 3 >

Then press i at your keyboard to enter text below You can place this text below any where in the file mime.types.

Application/x-mplayer2 asx m3u

      Step. 4>

Then press Esc key.

      

     Step.5 >

 

Then press Shift key and colon key, You will see, it appears at the bottom of the file.

Type as below at colon prompt to quit and save

:wq

******************---------------------------------------------*********************

Stats not working at all

//**If the Stats in the server are not working please follow instruction**//:-

WHM - Server Configuration - Tweak Settings ' Delete each domain's access logs after stats run ' must be unchecked ,After this it should work properly.

**There are also some scripts available to fix this issue:--

/scripts/updatenow

/scripts/updateuserdomains

/scripts/fixeverything

/scripts/upcp –force

 

 

Enjoye 

Spamming From User By Hidding Domain Name

**//Refer the solution given as below//** :---

-It seems that some user is spamming from your server,then for quick action clear the exim mail queue.

'rm -rf /var/spool/exim/input' 

It will do it, But you should investigate more and  find the source script or domain & take actions so as to really help you out of this kind of issue.

***********--------------************

Fire the below mentioned command at your command prompt to find the domain which is being used by spammers for spamming :--

# exim -bpr | exiqsumm -c | head

And Then

#exiqgrep -ir <domain> | xargs -n1 exim -Mrm

That should remove any Email that is in the queue that is waiting to be delivered to POP accounts at [domain]

***********--------------************

Total info of PHP

***To check php info of a domain enter the following code in a file in pulic_html of the domain** :::---

 

 

********-----------**********

      <?phpinfo();?>

********-----------**********

And then all the info will POP on your screen up to you..