Railgun Cloudfare plugin Installation

Railgun is a single daemon that runs on a 64-bit system which uses alternative compression techniques to dramatically speed up WAN performance. It proxies traffic through a special protocol that would normally travel between CloudFlare and your origin server over HTTP. Typically, the markup of websites does not change that frequently from one request to the next. Instead of transferring the entire request between CloudFlare and your environment, Railgun will transfer only the changes in markup from one request to the next. This cuts down on bandwidth, transfer time, and overall page load times. Railgun caches these differences in memory to make page processing as fast as possible.

----------------------------------------------------------------
Railgun is available only for 64-bit systems.
---------------------------------------------------------------

Downloads
========
Ubuntu (Quantal 12.10) : https://www.cloudflare.com/static/misc/railgun/ubuntu/railgun-quantal.latest.deb
Centos/RHCEL (6): https://www.cloudflare.com/static/misc/railgun/centos/railgun-el6.latest.rpm
Centos/RHCEL (5) : https://www.cloudflare.com/static/misc/railgun/centos/railgun-el5.latest.rpm
Debian  :  https://www.cloudflare.com/static/misc/railgun/debian/railgun-squeeze.latest.deb
FreeBSD (9) : https://www.cloudflare.com/static/misc/railgun/freebsd/railgun-freebsd9.latest.tar.gz
FreeBSD(8) : https://www.cloudflare.com/static/misc/railgun/freebsd/railgun-freebsd8.latest.tar.gz


RPM-based :
execute with root privileges :

rpm -Uvh railgun-stable.X.X.x86_64.rpm

DEB-based
execute with root privileges :

dpkg -i railgun-stable.X.X.amd64.deb

FreeBSD
execute with root privileges :

tar -xzvpf railgun-stable.X.X.tar.gz
cd railgun-stable.X.X && gmake install

For getting activation token for Railgun :

curl -s https://www.cloudflare.com/api/v2/railgun/init -d "host_key=[host key]" | python -mjson.tool

Run this command for getting public IP for Railgun :

curl icanhazip.com

Next you need to install Memcache  :

yum install memcached.x86_64 php-pecl-memcache.x86_64

Configuration file :

vi /etc/sysconfig/memcached

PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="

For busy servers you need to increase the values as follows:

MAXCONN : Use 1024 max simultaneous connections; the default is 1024. For busy server             increase this number as per requirements.
 
CACHESIZE : Use 64 MB memory max to use for object storage; the default is 64 megabytes. For busy server you can set it to 512MB or 1GB (1024).

OPTIONS :  You can set server IP address (listen on address) here so that apache/php/nginx based serer can connect to the server. By default it is set to INADDR_ANY. This is an important option to consider as there is no other way to secure the installation. Binding to an internal or firewalled network interface is suggested.
                
Here is my sample update file:


PORT="11211"
USER="memcached"
MAXCONN="4096"
CACHESIZE="512"
OPTIONS="-l 192.168.1.15"

Inorder to Start / Stop / Restart Memcached Server :

# /etc/init.d/memcached start
# /etc/init.d/memcached stop
# /etc/init.d/memcached restart
# /etc/init.d/memcached status

Inorder to verify that Memcached is Running and Working :

pgrep memcached
netstat -tulpn |grep :11211

sample outputs :

tcp        0      0 192.168.1.15:11211           0.0.0.0:*                   LISTEN      24964/memcached
udp        0      0 192.168.1.15:11211           0.0.0.0:*                               24964/memcached

You need add port 2048 in csf and restart it.

Installing Google Apps Wizard Cpanel Plugin

Version Status

2.0.1 Stable Release


System Requirements

* cPanel/WHM server
* Security Tokens = on "WHM >> Main >> Server Configuration >> Tweak Settings >> Security

Installation

Run the following shell commands as root via SSH:

# wget http://google-apps-wizard-cpanel-plugin.googlecode.com/files/gaw-2.0.tar
# tar -xf gaw-2.0.tar
# cd gaw-2.0
# ./gawinstall.sh
# cd ..
# rm -Rfv gaw-2.0/ gaw-2.0.tar
Go to WHM >> Main >> Plugins >> Google Apps Wizard and click Update Now.

Upgrade

If you running version 2+ please skip this part.

# wget http://google-apps-wizard-cpanel-plugin.googlecode.com/files/gaw-2.0.tar
# tar -xf gaw-2.0.tar
# cd gaw-2.0
# ./gawupdate.sh
# cd ..
# rm -Rfv gaw-2.0/ gaw-2.0.tar

Templates support

The Google Apps Wizard plugin support third party cPanel templates.
All you need to do is to copy the default template to your third party template folder.
Template path: /usr/local/cpanel/base/frontend/x3/gaw
Example command: # cp /usr/local/cpanel/base/frontend/x3/gaw /usr/local/cpanel/base/frontend/{Your custom template folder name}/

Multi languages support

The language files folder is located at: /usr/local/cpanel/base/3rdparty/GoogleAppsWizard/lang/
The en.php is the default fallback language file so do not delete it!
To create new language files you must use an existing cPanel prefix.
You can see your available languages by navigating to: Main >> Locales >> View Available Locales.

Uninstall

# wget http://google-apps-wizard-cpanel-plugin.googlecode.com/files/gaw-2.0.tar
# tar -xf gaw-2.0.tar
# cd gaw-2.0
# ./gawuninstall.sh
# cd ..
# rm -Rfv gaw-2.0/ gaw-2.0.tar

Installing ImageMagic on Centos 6

Install ImageMagick and ImageMagick-devel using yum because we need all the dependency installed:

yum install ImageMagick
yum install ImageMagick-devel

Then continue to install Imagick php module (Edit: If you are running php 5.4.x, then you need to install imagick 3.1.0RC2, 3.0.1 will give errors, find it here:

cd /root
wget http://pecl.php.net/get/imagick-3.0.1.tgz
tar zxf imagick-3.0.1.tgz
cd imagick-3.0.1
phpize
./configure
make
make install

Find the loaded php.ini configuration using command :

php --ini

Now we have to add the extension to the php.ini file.

extension=imagick.so

Then restart Apache :

/etc/init.d/httpd restart

Cpanel log to check when hosting created and deleted

In the recent days, we all are facing the hacking issue at that time, we always see problem like account termination from the server.
At that time, we can use the following log file to investigate the issue as its providing when hosting account was created, owner changed or account deleted from the server.
For example we are checking logs for the domain test123.com and as per the following logs the hosting account for domain test123.com is created by using the root owner on dated Wed Jan 11 08:19:40 2012 and onwership is under root.

root@linux7802 [~]# cat /var/cpanel/accounting.log | grep test123.com
Wed Jan 11 08:19:40 2012:CREATE:root:root:test123.com:115.124.103.126:admin111

Now we have changed the ownership for the domain test123.com hosting account to linux780 reseller ownership therefore check the following logs

root@linux7802 [~]# cat /var/cpanel/accounting.log | grep test123.com

Wed Jan 11 08:22:51 2012:CHANGEOWNER:root:root:test123.com:admin111:root:linux780

Now we have terminated the hosting account for the domain test123.com by using the root user and its also recorded in the accounting.log

root@linux7802 [~]# cat /var/cpanel/accounting.log | grep test123.com
Wed Jan 11 08:25:14 2012:REMOVE:root:root:test123.com:admin111

So we can similarly check the logs for all the domains when they have created/modified or removed from the server and its always to better to maintain the accounting.log for future reference.

Removing Particular IP address from Cphulk bruteforce database

When your IP got blocked in cphulk database you can not remove it from WHM as cPanel has not offer this feature yet. You will have to flush cphulk database for this but this will remove other IPs too that is not recommended as far as security is concerned.

In order to remove particular IP from cphulk bruteforce database you will have to access database and has to remove that IP.

You can do this by two methods

1)Access database through shell
2)Access database through phpmyadmin

I will explain you first method as second one is relatively easy.

Access server with root user. Type in mysql as you will login to mysql shell. Now to connect database cphulkd type in

mysql> use cphulkd;

You will now connect to database cphulkd. Now type in sql query
just to confirm if your IP is really blocked there.

mysql> SELECT * FROM `brutes` WHERE IP=’x.x.x.x’;

If you are able to see your IP in brutes then simply remove it by

mysql> DELETE FROM `brutes` WHERE IP=’x.x.x.x’;

Once it done quit the mysql by typing

mysql> quit

In this way your IP will be removed from brute force and you will enjoy cPanel browsing.