cPanel Configuration Files and Handy Commands for Shell

cPanel Configuration Files and Handy Commands for Shell

cPanel Configuration Files and Handy Commands for Shell

Since I use cPanel and CentOS alot now a days, I want to make sure that I have a handy place I can keep and search for anything I might need for configuring or managing the servers.

Without any further ado, I present you the most comprehensive list of cPanel Stuff, I have ever seen 😉

Configurations and Services They Are Tied To

  • CPanel

    • Configuration File: cpanel.config
    • Path: /var/cpanel/cpanel.config
    • Service: cpanel
  • Apache

    • Default Port: 80
    • Configuration File: httpd.conf
    • Path: /etc/httpd/conf/httpd.conf Or /usr/local/apache/conf/httpd.conf
    • Service: httpd
  • Exim

    • Configuration File: exim.conf
    • Path: /etc/exim.conf
    • Service: exim
  • Bind

    • Default Port: 53
    • Configuration File: named.conf
    • Path: /etc/named.conf
    • Service: named
    • DB location: /var/named
  • FTP server

    • proftp
      • Default Port: 20, 21
      • Configuration File: proftpd.conf
      • Path: /etc/proftpd.conf
      • Service: proftpd
    • pureftp
      • Default Port: 20, 21
      • Configuration File: pure-ftpd.conf
      • Path: /etc/pure-ftpd.conf
      • Service: pure-ftpd
  • MySQL

    • Default Port: 3306
    • Configuration File: my.cnf
    • Path: /etc/my.cnf
    • Service: mysql
    • Recommended Configuration
      • query_cache_type=1
        query_cache_size=16M
        query_cache_limit=1M
        sort_buffer_size=4M
        join_buffer_size=4M
        tmp_table_size=4M
        max_heap_table_size=4M
        thread_cache_size=16M
        max_connections=250
        max_allowed_packet=16M
        key_buffer_size=128M
        read_buffer_size=256K
  • PHP

    • Configuration File: php.ini
    • Path: /usr/local/lib/php.ini
    • Recommended Configuration
  • nGinx

    • Configuration File: nginx.conf
    • Path: /etc/nginx/nginx.conf
    • Service: nginx
    • Recommended Global Configuration
      • user www-data;
        worker_processes 8;
        pid /run/nginx.pid;
        
        events {
         worker_connections 768;
         # multi_accept on;
        }
        
        http {
        
         sendfile on;
         tcp_nopush on;
         tcp_nodelay on;
         keepalive_timeout 10;
         types_hash_max_size 2048;
         server_tokens off;
         fastcgi_read_timeout 3600;
         include /etc/nginx/mime.types;
         default_type application/octet-stream;
         access_log /var/log/nginx/access.log;
         error_log /var/log/nginx/error.log;
         gzip on;
         gzip_disable "msie6";
         gzip_vary on;
         gzip_proxied any;
         gzip_comp_level 9;
         gzip_buffers 16 32k;
         gzip_min_length 50;
         gzip_types 
         text/css
         text/plain
         text/javascript
         application/javascript
         application/json
         application/x-javascript
         application/xml
         application/xml+rss
         application/xhtml+xml
         application/x-font-ttf
         application/x-font-opentype
         application/vnd.ms-fontobject
         image/svg+xml
         image/x-icon
         application/rss+xml
         application/atom_xml;
         
         ignore_invalid_headers on;
         client_max_body_size 1024M;
         client_body_buffer_size 15m;
         client_header_timeout 400;
         client_body_timeout 400;
         send_timeout 400;
         connection_pool_size 256;
         client_header_buffer_size 4k;
         large_client_header_buffers 4 32k;
         request_pool_size 4k;
         output_buffers 4 32k;
         postpone_output 1460;
         open_file_cache max=10000 inactive=10m;
         open_file_cache_valid 2m;
         open_file_cache_min_uses 1;
         open_file_cache_errors on;
         include /etc/nginx/conf.d/*.conf;
         include /etc/nginx/sites-enabled/*;
        }
        

         

    • Recommended VHost Configuration

      • NOTE: Since CPanel needs Apache to run, we have to set nGinx and php-fpm as proxies.  This one is made special for WordPress
      • server {
                listen 80;
                server_name www.yourdomainname.com;
                rewrite ^(.*) http://yourdomainname.com$1 permanent;
        }
        server {
                listen 80;
                server_name yourdomainname.com;
        
                client_max_body_size 5m;
                client_body_timeout 60;
        
                access_log /var/log/nginx/yourdomainname.com.log;
                error_log /var/log/nginx/yourdomainname.com error;
        
                root /home/theaccountname/public_html;
                index  index.html index.php;
        
                ### root directory ###
                location / {
                        try_files $uri $uri/ /index.php?$args;
                }
        
                ### security ###
                error_page 403 =404;
                location ~ /. { access_log off; log_not_found off; deny all; }
                location ~ ~$ { access_log off; log_not_found off; deny all; }
                location ~* wp-admin/includes { deny all; }
                location ~* wp-includes/theme-compat/ { deny all; }
                location ~* wp-includes/js/tinymce/langs/.*.php { deny all; }
                location /wp-includes/ { internal; }
                #location ~* wp-config.php { deny all; }
                location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php)$ {
                        types { }
                        default_type text/plain;
                }
        
        	# Uncomment this to block access
                #  location ~* wp-admin {
                #      allow <YOUR_IP>;
                #      allow 127.0.0.1;
                #      deny all;
                #  }
        
                ### disable logging ###
                location = /robots.txt { access_log off; log_not_found off; }
                location = /favicon.ico { access_log off; log_not_found off; }
        
                ### caches ###
                include /etc/nginx/conf.d/caches.conf;
        
                ### php block ###
                location ~ .php?$ {
                        try_files $uri =404;
                        include fastcgi_params;
                        #fastcgi_pass 127.0.0.1:9001;
                        fastcgi_pass unix:/var/run/php-main.socket;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                        fastcgi_intercept_errors on;
                        fastcgi_split_path_info ^(.+.php)(.*)$;
                        #Prevent version info leakage
                        fastcgi_hide_header X-Powered-By;
                }
        }

         

  • php-fpm

    • Configuration File: www.conf
    • Path: /etc/php-fpm.d/www.conf
    • Service: php5-fpm
    • Recommended Configuration
      • user = nginx
        group = nginx
        pm = dynamic
        pm.max_children = 16 # 50% Available RAM
        pm.start_servers = 2 # 25% of Total CPU Cores
        pm.min_spare_servers = 1
        pm.max_spare_servers = 8 # Total CPU Cores
        pm.max_children = 10 
        pm.max_requests = 500

         

  • Networking Setup

    • /etc/sysconfig/network
    • /etc/hosts – Host entries
    • /etc/resolv.conf – Resolver Configuration
    • /etc/nameserverips – Nameserver IPs
  • clamav

    • Configuration File: clamav.conf
    • Path: /etc/clamav.conf
    • Service: clamd

Contents of /home/user

  • etc
  • mail
  • logs
  • public_html
  • public_ftp
  • hidden directories

Accessing The Control Panel

  • https://192.168.0.1:2083
    • This URL allows you to access cPanel over an encrypted connection with your IP address.
  • https://example.com:2083
    • This URL allows you to access cPanel over an encrypted connection with your domain name.
  • http://192.168.0.1:2082
    • This URL allows you to access cPanel over an unencrypted connection with your IP address.
  • http://example.com:2082
    • This URL allows you to access cPanel over an unencrypted connection with your domain name.
  • WHM Ports: 2086 and 2087
  • WebMail Ports: 2095 and 2096

Scripts & Usage (common first)

  1. Change CPanel Password
    1. /scripts/chpass username password
  2. Syncronize FTP Password
    1. /scripts/ftpupdate
  3. CPHulk Whitelisting
    1. /scripts/cphulkdwhitelist XXX.XXX.XXX.XXX # IP Address
  4. CSF/LFD Whitelisting
    1. csf -a XXX.XXX.XXX.XXX #Allow an IP Address
    2. csf -dr XXX.XXX.XXX.XXX #Remove an IP Address from the blacklist
    3. csf -r #Restart
  5. Check for Shellshock Bash Hack
    1. env X=”() { :;} ; echo shellshock” /bin/sh -c “echo completed”
    2. env X=”() { :;} ; echo shellshock” `which bash` -c “echo completed”
  6. Check for Base64 or Eval Hacks
    1. #!/bin/bash
      
      for filename in /home/* ; do
      
      	ACCT=$(stat -c '%U' "$filename");
      
      	if [ -d "$filename" -a "$ACCT" != "root" ]; then
      		#Possible File Hacks
      		find /home/$ACCT/public_html/ ( -name "*.php" ) -type f -print0 | xargs -0 grep --binary-files=without-match -ir "base64_decodes*(" | awk '{print $1}' | cut -d: -f 1 >> /possible-hacks.txt;
      		find /home/$ACCT/public_html/ ( -name "*.php" ) -type f -print0 | xargs -0 grep --binary-files=without-match -ir "evals*(" | awk '{print $1}' | cut -d: -f 1 >> /possible-hacks.txt;
      		#Possible Image Hacks
      		find /home/$ACCT/public_html/ ( -name "*" ) -type f -print0 | xargs -0 grep --binary-files=without-match -ir "base64_decodes*(" |grep 'jpg|gif|png|bmp' | awk '{print $1}' | cut -d: -f 1 >> /possible-image-hacks.txt;
      		find /home/$ACCT/public_html/ ( -name "*" ) -type f -print0 | xargs -0 grep --binary-files=without-match -ir "evals*(" |grep 'jpg|gif|png|bmp' | awk '{print $1}' | cut -d: -f 1 >> /possible-image-hacks.txt;
      	fi;
      done;
  7. Rebuild Httpd Config
    1. /scripts/rebuildhttpdconf
  8. Clean Out Old Logs
    1. find /the/path/to/search -type f -name “*.log” -mtime +30 -exec rm -f {} ;
  9. Full Account Backup
    1. /scripts/pkgacct ACCOUNTNAME
    2. backup is stored in /home as cpmove-ACCOUNT.tar.gz
  10. Full Account Restore
    1. /scripts/restorepkg –force /path/to/cpmove-file.tar.gz
  11. Verify CPanel License
    1. /usr/local/cpanel/cpkeyclt
  12. Watch an Accounts Traffic
    1. tail -f /usr/local/apache/domlogs/accountname/accountdomain.ext
  13. View All Current Connections
    1. netstat -an –inet

Scripts & Usage (alphabetical)

https://documentation.cpanel.net/display/ALD/WHM+Scripts#WHMScripts-Scripts

Categories


Let Us Help

Get You Online

Contact Us Today

Important Cookie Information
Our website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and their use, please see our Cookie Policy.