Archive for the ‘cPanel/WHM’ Category

I have seen recent cPanel upgrade throwing errors are below :

root@server [~]# /scripts/upcp
/scripts/upcp syntax OK
Running Futex Check/Fix……Done
Undefined subroutine &Cpanel::Update::automatic_updates_enabled called at /scripts/upcp line 273.

This can be fixed using below :

wget -O /root/updatenow.static http://httpupdate.cpanel.net/cpanelsync/RELEASE/scripts/updatenow.static && perl /root/updatenow.static --manual

Upgrade the cPanel :

/scripts/upcp --force

Summary

A memory corruption vulnerability exists in Exim versions 4.69 and older (CVE-2010-4344). Exim is the mail transfer agent used by cPanel & WHM.

Security Rating

This update has been rated as Important by the cPanel Security team.

Description

A memory corruption vulnerability has been discovered in Exim. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. cPanel previously released RPMs that mitigated the severity of the vulnerability on December 9, 2010 (CVE-2010-4345). This notification is for the release of new RPMs which remove the remote memory corruption vulnerability in its entirety. The vulnerability relies upon “rejected_header” being enabled (default setting) in the log_selector configuration.

Solution

To resolve and work around the issue on Linux systems, cPanel has issued new Exim RPMs. Server Owners are strongly urged to upgrade to the following Exim RPM versions:

Systems configured to use Maildir: Exim 4.69-26

Systems configured to use mbox (deprecated): Exim 4.63-5

Exim RPMs will be distributed through cPanel’s package management system. All cPanel & WHM servers receiving updates automatically will receive the updated Exim RPM during normal update and maintenance operations (upcp). To begin an Exim update on cPanel systems immediately, run the following command as root:

/scripts/eximup

FreeBSD systems should be running Exim 4.72 by default, which is not affected by this issue.

FAQ

This notification covers CVE-2010-4344.

The notification release earlier on December 10, 2010 with the summary “A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM.” covers CVE-2010-4345. At the time of the earlier announcement, the CVE had not been assigned.

Please note SFTP is only availaible to cpanel users and not to virtual ftp users for secure connection you can use FTP over SSL/TLS

Please enable TLS Encryption Support from WHM

Main >> Service Configuration >> FTP Server Configuration

TLS Encryption Support >> optional

On the FTP client use server type as

Host: domain or Ip

Port : 21

Server Type : FTPES -FTP over explicit TLS/SSL

For more information on this refer

http://forums.cpanel.net/f5/sftp-instructions-inside-cpanel-121025.html

http://docs.cpanel.net/twiki/bin/view/11_24/WHMDocs/FtpConfig

http://docs.cpanel.net/twiki/bin/view/AllDocumentation/CpanelDocs/FTPAccounts#Configure_an_FTP_Client

Hello,

If Iptables had get corrupted and you receive lot of cpanel alerts of cpsrvd restart  and you are also not able to connect to whm from the server

telnet localhost 2086

then you need to reinstall iptables.

================

To check the latest iptables is installed on cpanel servers

+++++++++++++

# /scripts/ensurerpm iptables

+++++++++++++

On other OS

++++++++++++++++

# yum update iptables

# up2date -u iptables

++++++++++++++++

================

Exim logs /var/log/exim_mainlog shows Berkeley DB error.

Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery
Berkeley DB error: PANIC: fatal region error detected; run recovery

Exim stores certain databases using BerkeleyDB (e.g. aliases file). These are due to corrupted Berkeley DB.

In cPanel server you can remove / move the DB and restart exim to fix.

mv /var/spool/exim/db /var/spool/exim/db.bak

/scripts/restartsrv_exim

Now confirm the errors are gone.

tail -f /var/log/exim_mainlog

You can install ffmpeg through a script. http://sourceforge.net/projects/ffmpeginstall/

Servertechs#cd /usr/local/src

Servertechs#wget http://sourceforge.net/projects/ffmpeginstall/files/ffmpeginstall.3.x/ffmpeginstall.3.2.1/ffmpeginstall.3.2.1.tar.gz/download
Servertechs#tar -xvzf ffmpeginstall.3.2.1.tar.gz
Servertechs#cd ffmpeginstall.3.2.1
Servertechs#./install.sh

Hello,

It has been noticed that bandwidth suddenly shows double for sub-domains or on addon domain in cPanel. There seems to a bug in cPanel latest update with 11.25 release 43472 or fewer version.  cPanel has fixed it in the new realease which is release 43473. Just update cPanel with following command.

/scripts/upcp –force

There is also patch available if update does not fix it.

/scripts/autorepair repair_bwsummary

Whenever you compose email and click send, it just never sends the message. A circle keeps rotating at the top saying Sending.

Solution is:

Login to server with root user and made following changes.

vi /usr/local/cpanel/base/3rdparty/roundcube/config/main.inc.php

and serach for following line

$rcmail_config[‘smtp_user’] = ‘%u';
Replace it with
$rcmail_config[‘smtp_user’] = ”;

After installing web calender from fantastico, you will get the following error.

Error

Cache error: Could not write file /tmp/d16090f5de830d7675276b6523ce3f59.dat.

Solution is:

Edit settings.php file which you will find under includes folder.

Search for
db_cachedir: /tmp
and replace it with following
db_cachedir: /home/user/public_html/tmp

Save the file then create tmp folder under public_html and assign 777 permission.

That is all

cheers.

After installing PHPList from fantastico, You will get Internal server Error while trying to get in to PhpList Admin.

You will get that error when you have SUEXEC server and it does not allow php parameters in .htaccess file. Normally during phplist installation, it does create .htaccess file with following line in it.

php_flag magic_quotes_gpc on

Just comment the above line and you will not receive internal server error.