Monday, 22 July 2013

LFD


If you installed CSF, (Config Server Firewal), on the server, there is a daemon called Login Failure Daemon (lfd), bundled with CSF, which is a process that runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time.

Normally called "Brute-force attacks" the daemon process responds quickly to such patterns and blocks the IP's.

To check why 'lfd' has failed look at the end of /var/log/lfd.log

You can see errors as follows :

---------------------------------------------------------------------------------------------------------
/var/log/lfd.log:Jul 15 09:28:33 server lfd[11662]: Error: cannot fork: Cannot allocate memory, at line 2402
/var/log/lfd.log:Jul 15 14:10:09 server lfd[9297]: open3: fork failed: Cannot allocate memory at /usr/sbin/lfd line 1981
/var/log/lfd.log:Jul 16 05:43:22 server lfd[18107]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 16 06:51:08 server lfd[1916]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 16 09:24:53 server lfd[7386]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 16 17:01:15 server lfd[17889]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 16 22:55:31 server lfd[5289]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 17 00:12:06 server lfd[8044]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 17 02:19:15 server lfd[17821]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 17 07:15:43 server lfd[21667]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 17 09:10:10 server lfd[7318]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 17 23:41:36 server lfd[24521]: Error: cannot fork: Cannot allocate memory, at line 6066
/var/log/lfd.log:Jul 18 00:00:11 server lfd[5859]: Error: cannot fork: Cannot allocate memory, at line 2018
/var/log/lfd.log:Jul 18 20:31:45 server lfd[11656]: open3: fork failed: Cannot allocate memory at /usr/sbin/lfd line 1981
/var/log/lfd.log:Jul 19 04:16:15 server lfd[31925]: Error: cannot fork: Cannot allocate memory, at line 6066
/var/log/lfd.log:Jul 19 06:00:07 server lfd[12118]: Error: cannot fork: Cannot allocate memory, at line 2018
/var/log/lfd.log:Jul 19 06:06:03 server lfd[20240]: Error: cannot fork: Cannot allocate memory, at line 5380
/var/log/lfd.log:Jul 19 16:50:16 server lfd[21681]: Error: cannot fork: Cannot allocate memory, at line 5380

-------------------------------------------------------------------------------------------

On further checking I have seen that the plugins installed on the server such as cmm, cmc, cmq, cse, csf, cxs, msinstall, msfe was not properly working which lead to these LFD email alerts to clients email address 

Runing the following command fixed the issue.

curl -s configserver.com/free/csupdate | perl 

Posted by at No comments:

CSF error : No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_csf.cgi): subprocess exited with status 2


On checking the Cpanel error log at /usr/local/cpanel/logs/error_log, you can see the errors as :

--------------------------------------------------------------------------------
Can't locate Net/LibIDN.pm in @INC (@INC contains: /usr/local/cpanel /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8 .) at /usr/local/cpanel/Cpanel/Encoder/Punycode.pm line 10.
Compilation failed in require at /usr/local/cpanel/Cpanel/DomainTools.pm line 13.
BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/DomainTools.pm line 13.
Compilation failed in require at /usr/local/cpanel/Cpanel/CheckData.pm line 8.
BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/CheckData.pm line 8.
Compilation failed in require at /usr/local/cpanel/Cpanel/cPanelFunctions.pm line 11.
BEGIN failed--compilation aborted at /usr/local/cpanel/Cpanel/cPanelFunctions.pm line 11.
Compilation failed in require at /usr/local/cpanel/whostmgr/docroot/cgi/addon_csf.cgi line 24.
BEGIN failed--compilation aborted at /usr/local/cpanel/whostmgr/docroot/cgi/addon_csf.cgi line 24.
----------------------------------------------------------------------------------------------

Inorder to fix this issue run the following command :

curl -s configserver.com/free/csupdate | perl

This script will update: cmm, cmc, cmq, cse, csf, cxs, msinstall, msfe
Only those scripts that are already installed will be updated. Those that are updated are done so regardless as to whether they are the same or an older version of those available.


Posted by at No comments:

Move all addon domains as a standalone accounts under a reseller


If there so many addon domains under a Cpanel account and we need to change all of these addon domains as a stand alone account under a reseller account, follow these steps:

Backup
------
1. Take a full backup of the user from Cpanel
2. Extract the backup.


Create as stand alone account
-----------------------------
3. Remove one addon domain
4. Create that domain from WHM --> Create new account


Restore web files
-----------------
5. Copy all web files of that addon domain from the backup to the new document root.
6. Change the ownership all files to newuser.newuser


Restore DB's
-----------
7. Make sure the name of DB for each domain.
8. In backup directory there is a mysql directory. All DB's are under that mysql directory.
9. Login to the new cpanel account of that new account.
10. Create a DB, DB user from Cpanel --> Mysql
11. Give all privileges to that mysql user to the corresponding DB from there.
12. Make sure to edit all mysql configuration files in the document root of that domain.
13. Restore the old DB to new DB.


Restore mails
-------------
14. In the backup, we can see a directory named mail. Copy the directory of the domain from that directory to new accounts mail directory /home/newuser/mail/
15. Change the ownership of that directory under /home/newuser/mail/ to newuser.newuser


Restore mail accounts with same password
----------------------------------------
16. In the backup we can see a directory etc. Copy the directory of the domain from that directory to new accounts /home/newuser/etc/
17. Change the ownership of that directory under /home/newuser/etc/ to newuser.mail
Posted by at No comments:

Thursday, 11 July 2013

Cpanel plugin to list the number of domains which is not working or not resolving from the server


Installation
-----------

# cd /home
# rm -f latest-accountdnscheck
# wget http://www.ndchost.com/cpanel-whm/plugins/accountdnscheck/download.php
# sh latest-accountdnscheck


Now login to your WHM > plugins > Account DNS Check

Or you can do this by executing command :

/var/cpanel/accountdnscheck/scripts/cli_run.sh
Posted by at No comments:

Thursday, 4 July 2013

White List Hostname in CSF


Please follow the steps to white list hostname in CSF for domains using dynamic IPs.


1) Open the file "csf.dyndns" present on your server and add the hostname of your domain.

2) Open the file "csf.conf" present on your server and set DYNDNS = "300" which would would check for IP updates every 5 minutes

3) Open the file "csf.conf" present on your server and set DYNDNS_IGNORE = "1" to always ignore DYNDNS IP addresses in lfd blocking

4) Restart the firewall
Posted by at No comments:

FTP Command to Download all Subdirectories and files in a Directory


Please use the command wget -r ftp://username:password@1.2.3.4/dir/* for downloading all the subdirectories and files under a directory.
Posted by at No comments:

Wordpress Permlink Showing Blank Page


If you encountered any blank page issue on the permlink on wordpress,please do the following,

Just open the configuration file wp-admin/includes/misc.php
And replace the code of got_mod_rewrite with below

----------------------------------------------------------------------------------
function got_mod_rewrite() {
 //$got_rewrite = apache_mod_loaded('mod_rewrite', true); //old line with false negative;
 $got_rewrite = true;//force the response to true as we know mod_rewite is installed;
 return apply_filters('got_rewrite', $got_rewrite);
}                                            
-------------------------------------------------------------------------------------


Posted by at No comments:
Subscribe to: Posts (Atom)