Server Migration Bluck Migration Reseller Migration Migration Script

Want to migrate more than one account / s from one server to another server then you need to create packages for each accounts . You can easily create packages by using this script.

1) Create one text file username-migration.txt file and add the the user name , which you want to create packages.

2) Create Migration directory for to move all the cpmove files from /home directory to Migration directory.

then use the following command to create cpmove packages and moved to “Migration” directory.

root@delinux # for i in `cat /home/username-migration.txt`;do /scripts/pkgacct $i; mv /home/cpmove-$i.tar.gz /home/Migration/;done

For migrating Reseller and/or Bulk accounts between cpanel servers:

For Reseller Accounts:-

root@delinux # cat /etc/trueuserowners  | grep username | awk '{print "/scripts/pkgacct "$1}'

root@delinux # cat /etc/trueuserowners  | awk '{print $1}' > 1.txt

then remove the sign “:” from 1.txt

root@delinux # for i in `cat 1.txt`;do /scripts/pkgacct $i; mv /home/cpmove-$i.tar.gz /home/Migration/;done

Then move the “Migration" folder and 1.txt file to remote server and by using following command restore all the accounts.

root@delinux # for i in `cat 1.txt`;do /scripts/restorepkg $i;done

 

Importing Big mysqldump + Progress Bar

I have been facing hard time to import a big dump file (27 GB in size to be exact). It could take hours to load data in so it could be worth to watch the progress of this import. Fortunately, Linux has always had a convenient way to do this. I just need to install pv,  which can monitor the progress of piping data.

Enough with talking, let’s start installing!

CentOS 6.4 box, so it requires me to install EPEL repo at the first place:

$ rpm -Uhv http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Install pv using yum:

$ yum install -y pv

Installation done. Let the importing begin!

$ pv /home/user/my_big_dump.sql | mysql -uroot -p
928MB 0:07:41 [ 2.3MB/s] [==>                                                      ]  4% ETA 2:35:52

So now I can sit back and relax while watching up the import progress. If no error occurred, the import could finish within two and a half hours. Cheers!

Disable Direct Root Login in cpanel server

Another security measure you can take to lock down a Linux server is to disable the root user login in the SSH server.

First you need to add new admin user

root@server1 [~]# adduser admin
root@server1 [~]# passwd admin

Please keep admin password

root@server1 [~]# vi /etc/group
Make sure admin user wheel settings

wheel:x:10:root,admin

Modifying The sshd_conf File

Remember, backing up any important system file before you modify it is always a good idea!

 

root@server1 [~]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup

1. Copy and paste this line to edit the file for SSH logins

root@server1 [~]# vi /etc/ssh/sshd_config

2. Find the line
Protocol 2, 1

3. Uncomment it and change it to look like
Protocol 2

4. Next, find the line
PermitRootLogin yes

1. Uncomment it and make it look like PermitRootLogin no




2. Save the file Ctrl+X then Y then enter

7. Now you can restart SSH
root@server1 [~]# /etc/rc.d/init.d/sshd restart


SSH into your server as 'admin' and gain root access by su

Configure e-mail authentication in cPanel

E-mail authentication in cPanel is based upon two complementary technologies, DKIM and SPF, that help reduce the amount of spam.

DomainKeys Identified Mail (DKIM)

You can use DKIM to verify that an incoming e-mail message is actually from the stated sender, and that the message has not been altered during transit. When DKIM is enabled, the sender digitally signs a message using a private key. The recipient uses DNS to retrieve the sender's public key and verify the message's signature. If the signature is invalid, then the message is assumed to be forged and therefore spam.

Enabling DKIM - To enable DKIM, follow these steps:
In the Mail section of the cPanel home screen, click Email Authentication. Under DKIM, click Enable.

Disabling DKIM - To disable DKIM, follow these steps:
In the Mail section of the cPanel home screen, click Email Authentication. Under DKIM, click Disable.

Sender Policy Framework (SPF)
SPF helps prevent spammers from forging messages that implicate your domain as the sender. As a result, SPF can also reduce the amount of bounce messages that you receive (also known as backscatter spam). SPF uses DNS records that specify the mail servers and IP addresses that are authorized to send e-mail messages from a domain.

Enabling SPF - To enable SPF, follow these steps:
In the Mail section of the cPanel home screen, click Email Authentication. Under SPF, click Enable.

Changing SPF advanced settings:
After you have enabled SPF, you can modify its configuration. You can add additional IP addresses or mail servers that are authorized to send e-mail for your domain. For example, you may want to do this if you use a third-party mail server.

How to install Softaculous in cPanel

Overview :- The following guide will show you how to install Softaculous on cPanel.

Requirements :-    A server with cPanel,  If you have a firewall, then please allow access to download all packages from *.softaculous.com

Note: Please allow access to the following domains to your firewall as these are the mirrors used to download the script packages.
api.softaculous.com (IP : 216.18.221.243)
s1.softaculous.com (IP : 108.61.84.171)
s2.softaculous.com (IP : 23.29.77.179)
s3.softaculous.com (IP : 142.4.49.46)
s4.softaculous.com (IP : 188.138.10.177)

Installing Softaculous

Note: Before starting the installation make sure ionCube Loaders are enabled. You may refer to the following guide Enable_Ioncube_cPanel. Please make sure that the Ioncube loader is selected for the backend copy of PHP. Now SSH to your server and enter following commands:

Install from command line

Log into server via ssh.
root@server1 [~]#  cd /usr/local/cpanel/whostmgr/docroot/cgi
root@server1 [~]#  wget -N http://www.softaculous.com/ins/addon_softaculous.php
root@server1 [~]#  chmod 755 addon_softaculous.php
root@server1 [~]#  /usr/local/cpanel/3rdparty/bin/php /usr/local/cpanel/whostmgr/docroot/cgi/addon_softaculous.php

To install from WHM 

Log into server via ssh.
root@server1 [~]#  cd /usr/local/cpanel/whostmgr/docroot/cgi
root@server1 [~]#  wget -N http://www.softaculous.com/ins/addon_softaculous.php
root@server1 [~]#  chmod 755 addon_softaculous.php

Then go to WHM –> Plugins–>softaculous– Instant Installs



Thats it the installation of Softaculous is completed!

How to Remove All messages From the Mail Queue : Exim

Exim is a (MTA) mail transfer agent used on linux operating systems. It is freely available under the GNU GPL and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

To print a list of the messages in the queue, enter:

# exim -bp

To remove a message from the queue, enter:

# exim -Mrm {message-id}

To remove all messages from the queue, enter:

# exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash

Dallas Marlow, suggested following clean command:

# exim -bp | exiqgrep -i | xargs exim -Mrm

How to remove exim mails for a particular user from server Mail Queue

Exim is a (MTA) mail transfer agent used on linux operating systems. It is freely available under the GNU GPL and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.

“spams”, its one of the major issue that a system admin has to deal with throughout his job. First you need to find the user who is generating it. You can get it from the mail headers. Once you find the user, disable the script that was responsible for spams, but it may have already kept thousands(may be lacks) of mails in the exim queue waiting for its chance to get delivered. To delete these mails one by one is impossible. In a cPanel server having exim mail, you can use the following command to delete mails in the current queue generated by that particular user only.

To print a list of the messages in the queue, enter:

# exim -bp

To remove a message from the queue, enter:

# exim -Mrm {message-id}

Delete Mail Linux Exim Server

To delete email for a particular user use shell pipes. By default the exim mail queue is located at /var/spool/exim/input directory. To delete email for a particular user called exim@linuxeasy.net, enter:

# exiqgrep -ir email@domain.com | xargs exim -Mrm
# exiqgrep -ir vivek@nixcraft.co.in | xargs exim -Mrm

Linuxeasy to help you.

 

Creating an SSH key in PuTTY

Requirements

PuTTY


PuTTYgen


Pageant

Generate the Key

Run PuTTYgen.exe.



Click "Generate" and move your mouse.



Once the key is generated, enter your key passphrase. Be sure to use a strong password; read our guide here.

Then click 'Save public key' and 'Save private key.'

Select & configure your user

Let's choose a user for which to create the SSH key. In our example, the user is "thatguy" for "mt-example.com." This is an already existing FTP user with SSH access.

Connect to your (dv) Dedicated-Virtual Server as the root user.

su thatguy
cd /var/www/vhosts/mt-example.com
mkdir .ssh
chmod 700 .ssh
cd .ssh
vi authorized_keys2

Cut and paste on one line your public ssh key.



It should look similar to the following:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBvo93MZvQS8gtB5+fy8yPT+6SrZfJAA4C4lJYydp/pf8KfXTU303xLiTSrXcwDOSUykBi7DVdloOIpZQtQOFJMEwXx+wMWausxp0T5W//pfMfZYTg4ZDDQwWG4bUAl+l6pFDwQwEtm2KN6C4lyfJNMDNqdtjqw9/HvAfO5xoyceQ==

You will want to protect the file and change its owner to the user in question. In this case, it will be 'thatguy.'

chmod 600 authorized_keys2
chown thatguy:psacln .ssh

Add the private key

Run Pageant.exe.



This application runs in the background. When it loads, it should be displayed in your tray.



Right click the icon and click on "Add Key."

Connect using your SSH key with PuTTY

Open PuTTY and connect as "thatguy@mt-example.com."



Since Pageant.exe has your passphrase stored, you connect without entering your password:

Allow certain IP's for services in CSF

Add the following line in your /etc/csf/csf.allow

tcp|in|d=3306|s=192.168.x.x
tcp|out|d=3306|d=192.168.x.x

Restart csf with : csf -r

This will allow incoming/outgoing connections to port 3306

Assign a dedicated IP to Sub-domain

By default cPanel supports the usage of one dedicated IP per account. You can get around this by editing few files on the cPanel server, Please check the same below

• Configuration file of a domain is stored under /var/cpanel/userdata/<username>/ directory,  so for a sub-domain please edit /var/cpanel/userdata/$USER/$SUBDOMAIN.$DOMAIN  change the IP value to a new ‘dedicated’ IP

# vi  /var/cpanel/userdata/$USER/$SUBDOMAIN.$DOMAIN.COM

change the value of the option “IP” to the dedicated IP

• Now one you edit the file and you need to rebuild Apache configuration.

 # /scripts/rebuildhttpdconf

• Edit the dns zone for the subdomain (which will likely be attached to the parent domain) and update the "A" record to point to that IP.

# vi /var/named/domain.com.db

and change the A record set for the sub-domain to the dedicated ip we assigned and restart named service

• Edit /etc/domainips and add an entry for that sudomain to point to the IP

dedicated ip>: subdomain.domain.com

• Save the file and rebuild the IP pool

# /scripts/rebuildippool

cPanel logs for access, Apache, email, error, ftp, mysql, and WHM

cPanel logs most activity that happens on a server to log files so you can go back and review log entries for problems, instead of having to be on the server at the time of them happening.

This guide will cover the locations of the log files for things such as access logs, Apache web server logs, email logs, error logs, ftp logs, MySQL logs, and WHM logs.

cPanel logs

Access logs and user actions	/usr/local/cpanel/logs/access_log
Account transfers and misc. logs	/var/cpanel/logs
Auditing log (account creations, deletions, etc)	/var/cpanel/accounting.log
Backup logs	/usr/local/cpanel/logs/cpbackup
Brute force protection (cphulkd) log	/usr/local/cpanel/logs/cphulkd.log
Cpanel dnsadmin dns clustering daemon	/usr/local/cpanel/logs/dnsadmin_log
Cpanel taskqueue processing daemon	/usr/local/cpanel/logs/queueprocd.log
DBmapping	/usr/local/cpanel/logs/setupdbmap_log
EasyApache build logs	/usr/local/cpanel/logs/easy/apache/
Error log	/usr/local/cpanel/logs/error_log
Installation log	/var/log/cpanel
License updates and errors	/usr/local/cpanel/logs/license_log
Locale database modifications	/usr/local/cpanel/logs/build_locale_database_log
Login errors (CPSRVD)	/usr/local/cpanel/logs/login_log
Horde	/var/cpanel/horde/log/
RoundCube	/var/cpanel/roundcube/log/
SquirrelMail	/var/cpanel/squirrelmail/
Panic log	/usr/local/cpanel/logs/panic_log
Per account bandwidth history (Cached)	/var/cpanel/bandwidth.cache/{USERNAME}
Per account bandwidth history (Human Readable)	/var/cpanel/bandwidth/{USERNAME}
Service status logs	/var/log/chkservd.log
Tailwatch driver tailwatchd log	/usr/local/cpanel/logs/tailwatch_log
Update analysis reporting	/usr/local/cpanel/logs/updated_analysis/{TIMESTAMP}.log
Update (UPCP) log	/var/cpanel/updatelogs/updated.{TIMESTAMP}.log
WebDisk (CPDAVD)	/usr/local/cpanel/logs/cpdavd_error_log
Website statistics log	/usr/local/cpanel/logs/stats_log

cPanel access log

Access logs and user actions	/usr/local/cpanel/logs/access_log

cPanel apache log

Apache restarts done through cPanel and WHM	/usr/local/cpanel/logs/safeapcherestart_log
Domain access logs	/usr/local/apache/domlogs/{DOMAIN}
Processing of log splitting	/usr/local/cpanel/logs/splitlogs_log
suPHP audit log	/usr/local/apache/logs/suphp_log
Web server and CGI application error log	/usr/local/apache/logs/error_log

cPanel email log

Delivery and receipt log	/var/log/exim_mainlog
Incoming mail queue	/var/spool/exim/input/
Log of messages rejected based on ACLS or other policies	/var/log/exim_rejectlog
Unexpected/Fatal error log	/var/log/exim_paniclog
IMAP, POP login attempts, transactions, fatal errors and spam scoring	/var/log/maillog	/var/log/messages
Mailman	/usr/local/cpanel/3rdparty/mailmain/logs

MySQL log

MySQL error log	/var/lib/mysql/{SERVER_NAME}.err
MySQL slow query log (if enabled in my.cnf)	/var/log/slowqueries