Archive for the ‘Articles -- Webhosting’ Category

« Older Entries

How to remove and uninstall or disable ModSecurity (mod_security)

Sunday, December 9th, 2007

ModSecurity is an open source embeddable web application firewall, or intrusion detection and prevention engine for web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure, by operating as an Apache Web server module mod_security or standalone, and thus increase web application security. However, mis configured or overly strict rule sets, ModSecurity may cause your website to return various errors such as HTTP 403 Forbidden error or access denied error, login problems, or HTTP 412 Precondition Failed error, or HTTP 406 Not Acceptable error and other false positive symptoms.

To make matter worse, the configuration of ModSecurity rules and filters have to be done manually. Although there are free predefined certified rule set which can be used with ModSecurity out of the box, however the rule sets may be not suitable for each and every environment and may interfere with the operation of websites or blogs, and customizing and modifying the rules may be too sophisticated or complicated for some users. And for some websites that hosted on shared hosting service, the mod_security may be enable by default without options. So in this case, the best solution or workaround for mod security related issues is to disable mod_security filtering and rules.

If you’re using Apache web server (which mostly do), mod_security can be disabled by adding a specific in .htaccess file. Locate the .htaccess file in Apache web root directory (public_html or /var/www/ or others), if it does not exist, create a new file named .htaccess, and add in the following code:

SecFilterEngine Off
SecFilterScanPOST Off

The above entries in the .htaccess will disable the ModSecurity (mod_security) module for the domain.

Uninstallation of ModSecurity (mod_security) from Apache module

The easiest way to remove and uninstall mod_security is to comment out or delete the related mod_security entries from httpd.conf Apache configuration file. The lines that should be removed include:

AddModule mod_security.c
LoadModule security_module modules/mod_security.so
Include “/usr/local/apache/conf/modsec.conf” This line may be different depending on what variant of Linux or Unix you used and the installation location

Save the httpd.conf and restart the Apache. ModSecurity will not be loaded and as if uninstalled.

If you’re using WebHost Manager (WHM), uninstallation is even simpler. Just scroll to cPanel section, and click on Addon Modules. Then scroll to module named modsecurity. It should be checked Install and Keep Updated currently. Just click on Uninstall to remove the mod security feature from Apache web server.

Taken from mydigitallife.info

Posted in Articles -- Webhosting, Direct Admin, General, Plesk, WHM/cPanel | No Comments »

***** Important release of cPanel 11 update *****

Friday, June 8th, 2007

Since the release of cPanel 11, we have noticed a number of instances where the cPanel 11 release update failed to complete. The symptoms can vary, including blank pages being drawn from certain features, with the most commonly reported issue being that account creations are exiting prematurely, claiming immediately that the account creation is complete. Additionally, account creation, suspension, unsuspension and removal may fail.

======================================================

This is occurring because /scripts/updatenow was executed (or run from update system software in whm) without a subsequent call to upcp. As a result, /scripts is updated to the latest available modules available with cPanel 11, while the rest of the system
remains configured for the older builds.

You can confirm whether or not this is the case on your system by executing from the command line:

perl -c /scripts/wwwacct

If this command returns errors, then you will need to update. Here is what you can expect to see if a problem exists:

root@localhost [~]# perl -c /scripts/wwwacct
Can’t locate Whostmgr/Accounts/Create.pm in @INC (@INC contains:
/usr/local/cpanel /scripts /usr/lib/perl5/5.8.7/i686-linux
/usr/lib/perl5/5.8.7 /usr/lib/perl5/site_perl/5.8.7/i686-linux
/usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl/5.8.5
/usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3
/usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1
/usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at
/scripts/wwwacct line 10.
BEGIN failed–compilation aborted at /scripts/wwwacct line 10.
root@localhost [~]#

Suggested Fixes:

If you wish to stay with cPanel 10.x, you will need to execute the
following commands from the command line:

/usr/local/cpanel/bin/checkperlmodules
echo “CPANEL=stable” >> /etc/cpupdate.conf
/scripts/upcp –force

If you would like to continue with the cPanel 11 updates (recommended),
you will need to execute the following commands from the command line:

/usr/local/cpanel/bin/checkperlmodules
/scripts/upcp –force

If the problems persists after applying the updates, please contact our support team ASAP with an outline of the symptoms and the login credentials for the system, and we will take care of it with the utmost priority.

NOTE : You can download the installer at: http://layer2.cpanel.net

Cpanel will also release a new 10.9 STABLE build on 06/08/2007 that will handle downgrades from cPanel 11.x more gracefully.

Thanks :)

Posted in Articles -- Webhosting, General, WHM/cPanel | No Comments »

MySQL Quota Check Tool

Saturday, May 26th, 2007

I came across wonderfull mysql quota check tool — Here is how it works -

The MySQL Quota-Tool helps you to set a size limit on MySQL databases.

It works by checking the size of each database and revoking the INSERT- and REATE-priveleges for the databases, which exceed the given size limit.

When the size of the database falls below the given limit, the INSERT- and CREATE-priveleges are granted again.

This (of course) doesn’t work for users who have global priveleges, because the quota is database and not user based, but in most environments privileges are given in the “db”-table which is modified by the MySQL Quota Tool.

#!/usr/bin/php -q

/*
* MySQL quota script
* written by Sebastian Marsching
*
*/

/*
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/

/*
* Create table for quota data with the following statement:
*
* CREATE TABLE `Quota` (`Db` CHAR(64) NOT NULL,
* `Limit` BIGINT NOT NULL,
* `Exceeded` ENUM('Y','N') DEFAULT 'N' NOT NULL,
* PRIMARY KEY (`Db`), UNIQUE (`Db`));
*
* The field 'db' stores the information for which database
* you want to limit the size.
* The field 'limit' is the size limit in bytes.
* The field 'exceeded' is only used internally and must be
* initialized with 'N'.
*/

/*
* Settings
*/

$mysql_host = 'localhost';
$mysql_user = 'root'; // Do NOT change, root-access is required
$mysql_pass = '';
$mysql_db = 'quotadb'; // Not the DB to check, but the db with the quota table
$mysql_table = 'quota';

/*
* Do NOT change anything below
*/

$debug = 0;

// Connect to MySQL Server

if (!mysql_connect($mysql_host, $mysql_user, $mysql_pass))
{
echo "Connection to MySQL-server failed!";
exit;
}

// Select database

if (!mysql_select_db($mysql_db))
{
echo "Selection of database $mysql_db failed!";
exit;
}

// Check quota for each entry in quota table

$sql = "SELECT * FROM $mysql_table;";
$result = mysql_query($sql);

while ($row = mysql_fetch_array($result))
{
$quota_db = $row['db'];
$quota_limit = $row['limit'];
$quota_exceeded = ($row['exceeded']=='Y') ? 1 : 0;

if ($debug)
echo "Checking quota for '$quota_db'...\n";

$qsql = "SHOW TABLE STATUS FROM $quota_db;";
$qresult = mysql_query($qsql);

if ($debug)
echo "SQL-query is \"$qsql\"\n";

$quota_size = 0;

while ($qrow = mysql_fetch_array($qresult))
{
if ($debug)
{ echo "Result of query:\n"; var_dump($qrow); }
$quota_size += $qrow['Data_length'] + $qrow['Index_length'];
}

if ($debug)
echo "Size is $quota_size bytes, limit is $quota_limit bytes\n";

if ($debug && $quota_exceeded)
echo "Quota is marked as exceeded.\n";
if ($debug && !$quota_exceeded)
echo "Quota is not marked as exceeded.\n";

if (($quota_size > $quota_limit) && !$quota_exceeded)
{
if ($debug)
echo “Locking database…\n”;
// Save in quota table
$usql = “UPDATE $mysql_table SET exceeded=’Y’ WHERE db=’$quota_db’;”;
mysql_query($usql);
if ($debug)
echo “Querying: $usql\n”;
// Dismiss CREATE and INSERT privilege for database
mysql_select_db(’mysql’);
$usql = “UPDATE db SET Insert_priv=’N', Create_priv=’N’ WHERE Db=’$quota_db’;”;
mysql_query($usql);
if ($debug)
echo “Querying: $usql\n”;
mysql_select_db($mysql_db);
}

if (($quota_size <= $quota_limit) && $quota_exceeded)
{
if ($debug)
echo "Unlocking database...\n";
// Save in quota table
$usql = "UPDATE $mysql_table SET exceeded='N' WHERE db='$quota_db';";
mysql_query($usql);
if ($debug)
echo "Querying: $usql\n";
// Grant CREATE and INSERT privilege for database
mysql_select_db('mysql');
$usql = "UPDATE db SET Insert_priv='Y', Create_priv='Y' WHERE Db='$quota_db';";
mysql_query($usql);
if ($debug)
echo "Querying: $usql\n";
mysql_select_db($mysql_db);
}
}

?>

—-

More details can be found at – http://projects.marsching.org/mysql_quota/

I am going to install this tool and see how it works for me :)

Thanks,
Preeti S.
ThinkSupport.net

Posted in Articles -- Webhosting, Direct Admin, Ensim, Linux, PHP / Mysql, Plesk, WHM/cPanel | No Comments »

Fantastico De Luxe 2.10.2 r45 (LATEST and STABLE releases) has fixed Mysql Bug

Friday, May 25th, 2007

If you were having issues connecting to mysql through fantastico (though you have mysql server up and running )

Fantastico has released patch for mysql bug - http://netenberg.com/forum/viewtopic.php?t=5786
Fantastico De Luxe 2.10.2 r45 (LATEST and STABLE releases)

Changes/Fixes:
- Fixed: MySQL Bug (http://netenberg.com/forum/viewtopic.php?t=5786)

Cheers :)
Sachin J.
http://thinksupport.net

Posted in Articles -- Webhosting, Fantastico / Installatron, General, Linux, WHM/cPanel | No Comments »

Dictionary Attack

Wednesday, May 9th, 2007

To fight with Dictionary Attack ConfigServer Services has developed a good solution.

They have developed a dictionary attack ACL for the Exim mail server — with this not only the ongoing Dictionary attack is stoped but it also prevents further attempts by blocking spammer ip address. (The ACL has two main functions - the detection and the block.)

If you find emails like — anything@domainname.com [where anything == john , mark , chris almost any dictionary word..] that means you server is under dictionary attack.

You can find here the instructions for downloading and installing Dictionary Attack ACL

ThinkSupport has used this ACL on many exim servers and have found it as effective solution to stop Dictionary Attack.

Posted in Articles -- Webhosting, Direct Admin, WHM/cPanel | No Comments »

Horde Mail login error .. simple fix.

Saturday, May 5th, 2007

I came across a WHT post that said the user was having Login issues for Horde Mail –

Error :

Quote:
Login failed because your username or password was entered incorrectly.

Notice: Unknown(): Login failed. (errflg=1) in Unknown on line 0

Notice: Unknown(): Login failed. (errflg=1) in Unknown on line 0

Notice: Unknown(): Login failed. (errflg=1) in Unknown on line 0

Notice: Unknown(): Too many login failures (errflg=2) in Unknown on line 0
And SquirrelMail gives:

Quote:
Unknown user or password incorrect.

Though the user name and password were correct..

The problem was fixed by restarting IMAP service :)

Please add comments to this post if you find it difficult to fix same issue by restarting imap service.

Thanks,
Sachin J
ThinkSupport Solutions

Posted in Articles -- Webhosting, WHM/cPanel | 1 Comment »

cPanel announces the release of cPanel 11

Thursday, May 3rd, 2007

On May 2nd 07, cPanel announced the release of cPanel 11 (its still beta version) — They claim some new key features –

  • Security Center with comprehensive security tools
  • Substantial Back-end code upgrades
  • Apache 2.0.x and 2.2.x support
  • Increased interface speed
  • Web disks
  • Site Owner Interface Upgrade
  • Site Owner “Getting Started Wizard”
  • Upgraded branding and better language support
  • Easy Perl, PHP and Ruby module installers

    • Here is screenshoot –
    cPanel 11

    Details of cPanel 11 can be found at http://www.cpanel.net/cpanel11

    Thank You,
    Sachin J
    ThinkSupport Solutions

    Posted in Articles -- Webhosting, General, WHM/cPanel | No Comments »

    cPanel Training Seminar 2007

    Tuesday, May 1st, 2007

    For those who don’t know — cPanel will be hosting their second annual Training Seminar on May 30 - June 1, 2007.

    Here you can find more details on schedule — http://trainingseminar.cpanel.net/

    Hope cPanel will record Training Sessions for those who could not make it –
    I am one of them ;)

    Cheers..
    Sachin

    Posted in Articles -- Webhosting, WHM/cPanel | No Comments »

    CentOS 5 released :)

    Saturday, April 28th, 2007

    Cent OS 5 is released now — check out details here

    http://lists.centos.org/pipermail/centos-announce/2007-April/013660.html

    Here is some help upgrading to CentOS 5 —
    http://wiki.centos.org/Migration/5

    Cheers …

    Posted in Articles -- Webhosting, Linux | No Comments »

    Installing and Configure Squid Proxy Server

    Friday, April 27th, 2007

    Here are the simple steps to install squid –

    Login as root and execute,

    cd /usr/local/src
    wget http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE14.tar.gz
    tar -zxvf squid-2.5.STABLE14.tar.gz
    cd squid-2.5.STABLE14
    ./configure –prefix=/usr/local/squid –disable-ident-lookups
    make all
    make install

    Add the user squid, create the cache directory and then set permissions.

    useradd -d /usr/local/squid/cache/ -r -s /dev/null squid >/dev/null 2>&1
    mkdir /usr/local/squid/cache
    chown -R squid:squid /usr/local/squid/cache
    chown -R squid:squid /usr/local/squid
    chmod -R 755 /usr/local/squid/cache

    Now generate the cache files

    sudo -u squid /usr/local/squid/sbin/squid -z

    Now lets change the cache effective user and group to squid.

    perl -pi -e ’s/# cache_effective_user nobody/cache_effective_user squid\ncache_effective_group squid/g’ /usr/local/squid/etc/squid.conf

    /usr/local/squid/sbin/squid

    You are done installing …

    Configuration

    Open the squid configuration,

    pico /usr/local/squid/etc/squid.conf

    specific your http_port, by default this is 3128, we will use 8080.

    Find

    # http_port 3128

    and replace it with

    http_port 8080

    Now lets configure who can access your proxy, remember to only allow access to YOUR ip.

    Find

    http_access deny CONNECT !SSL_ports

    Add below

    acl myip 127.0.0.1
    acl all src 0.0.0.0/0.0.0.0
    acl connectmethod method CONNECT
    http_access deny connectmethod
    http_access deny all
    http_access allow myip

    Remember to replace 127.0.0.1 with the ip you want to allow access.

    Find

    # By default, all headers are allowed (no anonymizing is
    # performed).
    #
    #Default:
    # none

    Add below

    header_access From deny all
    header_access Referer deny all
    header_access Server deny all
    header_access User-Agent deny all
    header_access WWW-Authenticate deny all
    header_access Link deny all
    header_access via deny all

    Find

    # forwarded_for on

    Replace with

    forwarded_for off

    Save and exit squid.conf, then restart squid.

    kill -9 $(ps aux | grep squid | awk ‘{print $2}’)
    /usr/local/squid/sbin/squid

    You have now configured an anoymous proxy with squid.

    Thanks to HOstgeekz :)

    Posted in Articles -- Webhosting, Direct Admin, Ensim, HSphere, Internet, Linux, Plesk, WHM/cPanel | No Comments »

    « Older Entries