Everything posted by Sandeep B.
-
Perfectly Install CXS - ConfigServer eXploit Scanner in CWP- Control Web Panel
In this tutorial we’ll learn how you can install CXS in CWP -Control Web Panel wiht below simple steps. CSX is paid Program and you need license to install and use it : ConfigServer eXploit Scanner (cxs) is a server malware, exploit and antivirus scanner that performs active scanning of files as they are uploaded to the server For dedicated or virtual servers – protects all domains, IP addresses and users on the server Active (realtime), manual, and scheduled scanning can be performed Scans for suspected exploits, viruses, suspicious resources Quarantine or delete suspicious files Provides an easy to use interface within the root or admin control panel. Licensed on a per server basis, no limit on users or accounts. One time purchase price, includes software updates for the life of the product. No monthly fees. Buy the license here : LINK Install CXS in CWP steps : STEP 1 : cd /usr/src yum install sqlite perl-DBI perl-DBD-SQLite perl-Linux-Inotify2 -y rm -f cxs* wget https://download.configserver.com/cxsinstaller.tgz tar -xzf cxsinstaller.tgz chattr -i -R /usr/local/cwpsrv/htdocs/admin/ perl cxsinstaller.pl 1.1.1.1 rm -fv cxsinstaller.* ** replace the 1.1.1.1 with your licensed server IP STEP 2 : Now got wo cwp admin dashboard and navigate : CWP.admin > Configserver Scripts >> ConfigServer Exploit Scanner >> cxs Command Wizard Choose all default settings and save it after run this command to use custom CLAM AV : sed -i '$ a clamdsock=/var/run/clamd.amavisd/clamd.sock' /etc/cxs/cxs.defaults Then Restart CXS service : service cxswatch restart STEP 3 : Make Directory Permission to 755 : in order to scanner to work you need to change the DIRECORY permission to 755, to do this all at once for all users run the below command: chmod 755 /home/*/public_html If you’ve domain/subdomains directory outside of public_html run below command to fix permission : chmod 755 /home/*/* Also you can create custom cron job to run every 15 minutes to fix the permission for new added users or domain/subdomain Add this cron job : */15 * * * * /usr/bin/chmod 755 /home/*/*
-
Find Big File and Directories via command line in Linux
In this tutorial we’ll learn how to find big files in Linux, you can use the find command with the du command to search for the files. Here’s how to do it: Open a terminal/ssh window. Navigate to the directory where you want to search for big files. For example, to search for big files in your server root / directory, type: cd / Type the following command to list all files in the current directory and its subdirectories, sorted by size: du -ah . | sort -rh | head -n 30 This command uses the du command to calculate the size of each file and the sort command to sort the results in reverse order. The head command is used to show only the first 30 results. The output will show the size of each file in a human-readable format (such as “1.5M” or “10G”) and the path to the file. You can modify the command to search for big files in a specific directory or to show more or fewer results. For example, to search for big files in the /home and /var/log directories and show the first 100 results, type: du -ah /home | sort -rh | head -n 100 #or du -ah /var/log | sort -rh | head -n 100 Bonus command: To find big files all over the server disk / : find / -mount -size +1024k -type f -exec ls -alh {} \;|sort -rnb -k 5|more example : [root@server ~]# find / -mount -size +1024k -type f -exec ls -alh {} \;|sort -rnb -k 5|more -rw-r--r-- 1 clamupdate clamupdate 185M May 6 04:23 /var/lib/clamav/daily.cld -rw-r--r-- 1 clamupdate clamupdate 163M Sep 22 2021 /var/lib/clamav/main.cvd -rw------- 1 root mail 137M May 6 16:09 /var/spool/mail/root
-
Installing Nodejs 18 on Centos Stream 8/9 AlmaLinux 8/9 RockyLinux 8/9
Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside of a web browser. It allows developers to build server-side applications using JavaScript, which was traditionally used only on the client-side. One of the key features of Node.js is its non-blocking, event-driven I/O model, which allows applications to handle a large number of concurrent connections with relatively low memory overhead. This makes it well-suited for building real-time applications like chat applications, online games, and collaborative editing tools. Please note from version 18, Centos 7 is not supported due to older version of dependencies. To install Node.js 18 on CentOS using the NodeSource repository, you can follow these steps: Install the required packages: dnf install -y curl gnupg2 Add the NodeSource repository: curl -sL https://rpm.nodesource.com/setup_18.x | sudo bash - Disable nodejs module : dnf module disable nodejs Install Node.js: dnf install -y nodejs Verify that Node.js and npm are installed: node -v npm -v You’ve successfully installed Node.js 18 on your CentOS 8/9 system using the NodeSource repository.
-
How to check if your Server provider is blocking SMTP Port 25
In this tutorial we’ll check if SMTP port 25 is open for email sending out via Telnet on your Linux machine. Today most of the cloud provider disable the SMTP port 25 to prevent spamming issues. Remember Port 25 is needed to send emails out if it is closed you can’t send email out of the server via any ports despite it is open for you. Here are the steps to check the SMTP port: Open the Terminal or ssh on your server. Type the following command to install telnet if it’s not already installed: For centos/EL :- yum install telnet or for ubuntu/debian :- apt install telnet Type the following command and press Enter: telnet server.alphagnu.com 25 use server.alphagnu.com hostname for better results or replace it with remote server ip or hostname If the port is open, you will see a message like this: [root@server]# telnet server.alphagnu.com 25 Trying 5.161.42.110... Connected to server.alphagnu.com. Escape character is '^]'. 220 server.alphagnu.com This means that the SMTP port 25 is open and you can send emails. If the port is closed or you cannot connect to the SMTP server, you will see an error message like this after 3-5 minutes of waiting: [root@cwp ~]# telnet server.alphagnu.com 25 Trying 5.161.42.110... telnet: connect to address 5.161.42.110: Connection timed out Trying 2a01:4ff:f0:a15::1... telnet: connect to address 2a01:4ff:f0:a15::1: Network is unreachable This means that the SMTP port 25 is closed or there is a network restriction and preventing the connection. If the port is closed, you may need to check your firewall settings or contact your network administrator to troubleshoot the problem.
-
Enable Brotli Compression on Nginx, CWP and on Linux OS for official nginx
Brotli for web-server is the new modern compression module that is better than gzip/deflate, Also it is more secure since brotli only runs on HTTPS protocol. Just like gzip, Brotli is a lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It is similar in speed with deflate/gzip but offers more best compression. Gzip vs Brotli: The advantage for Brotli over gzip is that it makes use of a dictionary and thus it only needs to send keys instead of full keywords. Javascript files compressed with Brotli are 14-16% smaller than gzip. HTML files are 21-25% smaller than gzip. CSS files are 17-20% smaller than gzip. Lets Get started with the integration : Step 1 : Ensure Nginx web server is already installed on your server and install brotli ensure nginx is installed via official nginx repo check the guide here to install nginx from official repo: CLICK HERE Installing Brotli on your server: yum install pcre-devel cmake -y cd /usr/local/src git clone https://github.com/google/brotli.git cd brotli git checkout v1.0 ./configure-cmake make && make install Adding path for brotli dependencies files (run this commands one by one): grep "/usr/local/lib/" /etc/ld.so.conf || echo "/usr/local/lib/" >> /etc/ld.so.conf ldconfig Step 2 : Download This Nginx Static Brotli module 64bit : If you’re using mainline version of nginx please move to stable version of nginx in order to use this module Updated on : 17th April, 2023 For Stable Nginx 1.24.0 Brotli Module (tested on CWP| Custom env) cd /usr/lib64/nginx mkdir modules #skip if folder exists cd modules rm -rf ngx_http_brotli* wget --no-cache https://www.alphagnu.com/upload/nginx-brotli-modules.zip unzip nginx-brotli-modules.zip rm -rf nginx-brotli-modules.zip or cd /etc/nginx/modules rm -rf ngx_http_brotli* wget --no-cache https://www.alphagnu.com/upload/nginx-brotli-modules.zip unzip nginx-brotli-modules.zip rm -rf nginx-brotli-modules.zip How to update this module? just follow the upper step and then update nginx (don’t update nginx before) Step 3 : Now add nginx module configuration on “nginx.conf” : nginx.conf can be default found in the dir : /etc/nginx edit /etc/nginx/nginx.conf nano /etc/nginx/nginx.conf then add this lines to top of the config line i.e. on first line : load_module "modules/ngx_http_brotli_filter_module.so"; load_module "modules/ngx_http_brotli_static_module.so"; Now we need to add brotli compression configuration in nginx.conf file under/in http {section and before http closing }: # Compression brotli brotli on; brotli_comp_level 6; brotli_static on; brotli_types text/xml image/svg+xml application/x-font-ttf image/vnd.microsoft.icon application/x-font-opentype application/json font/eot application/vnd.ms-fontobject application/javascript font/otf application/xml application/xhtml+xml text/javascript application/x-javascript text/plain application/x-font-truetype application/xml+rss image/x-icon font/opentype text/css image/x-win-bitmap; Example config placement in nginx.conf : load_module "modules/ngx_http_brotli_filter_module.so"; load_module "modules/ngx_http_brotli_static_module.so"; user nobody; worker_processes auto; #worker_rlimit_nofile 65535; error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; multi_accept on; http { sendfile on; tcp_nopush on; tcp_nodelay on; client_header_timeout 3m; client_body_timeout 3m; client_max_body_size 256m; client_header_buffer_size 4k; client_body_buffer_size 256k; large_client_header_buffers 4 32k; send_timeout 3m; keepalive_timeout 60 60; reset_timedout_connection on; server_names_hash_max_size 1024; server_names_hash_bucket_size 1024; ignore_invalid_headers on; connection_pool_size 256; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; include mime.types; default_type application/octet-stream; # Compression brotli brotli on; brotli_comp_level 6; brotli_static on; brotli_types text/xml image/svg+xml application/x-font-ttf image/vnd.microsoft.icon application/x-font-opentype application/json font/eot application/vnd.ms-fontobject application/javascript font/otf application/xml application/xhtml+xml text/javascript application/x-javascript text/plain application/x-font-truetype application/xml+rss image/x-icon font/opentype text/css image/x-win-bitmap; # Compression gzip gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_min_length 512; gzip_comp_level 6; gzip_buffers 8 64k; gzip_types text/plain text/xml text/css text/js application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg image/svg+xml application/xml+rss text/javascript application/atom+xml application/javascript application/json application/x-font-ttf font/opentype; } You can adjust compression level for brotli to 0-11 “brotli_comp_level” eg. “brotli_comp_level 11” i’ll suggest to use value 6 save the file and restart nginx : Restart nginx Service : Before restarting check the nginx config is correct : nginx -t if it outputs successful proceed with restart service nginx restart or systemctl restart nginx Congratulation you’ve enabled brotli for nginx, here is how you can check it : Step 4 : Go to this site for the checks : https://tools.keycdn.com/brotli-test or via command line : For advanced user you can check content-encoding via http header : HTTP/2.0 200 OK server: nginx date: Wed, 15 May 2019 07:13:07 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.3.5 vary: Accept-Encoding, Cookie cache-control: max-age=3, must-revalidate strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: br X-Firefox-Spdy: h2
-
Install PHP 8.2 from source Latest version in CWP- control web panel
In this tutorial we’ll install most awaited php version in CWP control panel as php switcher. This easy guide will guide you upon how to install PHP 8 easily. PHP 8.2 comes with numerous improvements and new features such as: New readonly Classes Allow true, false, and null as Standalone Types Disjunctive Normal Form (DNF) Types Redact Sensitive Parameters in Back Traces New mysqli_execute_query Function and mysqli::execute_query Method Fetch enum Properties in const Expressions Allow Constants in Traits Deprecate Dynamic Properties (and New #[AllowDynamicProperties] Attribute) Deprecate Partially Supported Callables Deprecate #utf8_encode() and utf8_decode() Functions Deprecate ${} String Interpolation Deprecate mbstring Functions for Base64/QPrint/Uuencode/HTML Entities Remove Support for libmysql from mysqli Locale-Independent Case Conversion Random Extension Improvement PHP 8.2 will not support your current php scripts/cms/themes. Check before shifting to php 8.2., Latest version of WordPress works great with it also check the theme and plugin support by the devs. Step 1 : Building files which are required to compile php 8.2 Centos 7/el7 : yum install oniguruma oniguruma-devel gcc make gcc-c++ cpp kernel-headers.x86_64 libxml2-devel openssl-devel bzip2-devel libjpeg-devel libpng-devel freetype-devel openldap-devel postgresql-devel aspell-devel net-snmp-devel libxslt-devel libc-client-devel libicu-devel gmp-devel curl-devel libmcrypt-devel pcre-devel sqlite-devel db4-devel enchant-devel libXpm-devel mysql-devel readline-devel libedit-devel recode-devel libtidy-devel libtool-ltdl-devel libwebp libwebp-devel expat expat-devel libargon2 libargon2-devel Centos 8/stream/el8 : yum install oniguruma oniguruma-devel gcc make gcc-c++ cpp kernel-headers.x86_64 libxml2-devel openssl-devel bzip2-devel libjpeg-devel libpng-devel freetype-devel openldap-devel postgresql-devel aspell-devel net-snmp-devel libxslt-devel libc-client-devel libicu-devel gmp-devel curl-devel libmcrypt-devel pcre-devel sqlite-devel libdb-devel enchant-devel libXpm-devel mysql-devel readline-devel libedit-devel recode-devel libtidy-devel libtool-ltdl-devel libwebp libwebp-devel expat expat-devel libmemcached libmemcached-devel libargon2 libargon2-devel Now we’ll build libzip and pcre2 : Install EPEL : yum install epel-release Then install some more dependencies and remove the libzip package : Centos 7 : rpm -e --nodeps libzip libzip-devel yum -y install cmake3 cmake zlib-devel --enablerepo=epel Centos 8 : rpm -e --nodeps libzip libzip-devel yum install cmake zlib-devel ln -s /usr/bin/cmake /usr/bin/cmake3 Installing Latest version Libzip from source : cd /usr/local/src rm -rf libzip* wget https://github.com/mysterydata/md-disk/raw/main/libzip-1.10.0.tar.gz tar zxvf libzip* ## for centos 7 : cd libzip* ## for centos 8 : cd libzip*/ mkdir build cd build /usr/bin/cmake3 .. make && make install Installing Latest version pcre2 from source : cd /usr/local/src rm -rf pcre2* wget https://github.com/PCRE2Project/pcre2/releases/download/pcre2-10.42/pcre2-10.42.zip -O pcre2.zip unzip pcre2.zip ## for centos 7 : cd pcre2-* ## for centos 8 : cd pcre2-*/ ./configure make && make install Install Latest libavif for new AVIF GD image support: cd /usr/local/src rm -rf master* libavif-* build-dir wget https://github.com/mysterydata/md-disk/raw/main/libavif-0.11.1.zip unzip libavif-0.11.1 mkdir build-dir cd build-dir #Run this if you've centos 7/el7: cmake3 ../libavif-0.11.1 #Run this if you've centos 8/stream/el8 or up: cmake ../libavif-0.11.1 make make install Step 2 : Configuring pkg-config path variables run the below command : export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:/usr/local/lib64/pkgconfig After you installed deps and exporting path variable continue to install php 8 with this steps : rm -rf /usr/local/php-82 mkdir -p /usr/local/php-82 cd /usr/local/php-82 wget http://php.net/distributions/php-8.2.12.tar.gz tar zxvf php-8.2.12.tar.gz cd php-8.2.12 ./configure --with-config-file-path=/usr/local/php --enable-cgi --with-config-file-scan-dir=/usr/local/php/php.d --with-zlib=/usr --enable-mbstring --with-zip --enable-bcmath --enable-pcntl --enable-ftp --enable-exif --enable-calendar --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-tidy --with-curl --with-iconv --with-gmp --with-pspell --enable-gd --with-avif --with-jpeg --with-freetype --enable-gd-jis-conv --with-webp --with-zlib-dir=/usr --with-xpm --with-openssl --with-pdo-mysql=mysqlnd --with-gettext=/usr --with-bz2=/usr --with-mysqli --enable-soap --enable-phar --with-xsl --with-kerberos --enable-posix --enable-sockets --with-external-pcre --with-libdir=lib64 --with-mysql-sock=/var/lib/mysql/mysql.sock --enable-intl --with-password-argon2 --enable-litespeed --with-ldap=/usr --with-ldap-sasl=/usr make make install it will take some time depends on your server speed when it is finished you can check the php version via command : php -v eg : PHP 8.2.12 (cli) (built: November 10 2023 20:25:33) (NTS) Copyright (c) The PHP Group Zend Engine v4.2.1, Copyright (c) Zend Technologies if you’ve any question comment below
-
Clean all log files and Free DISK Space in CWP – Control WebPanel
keep visiting 🙂 and share as far as you can, thank you
-
Update/Install Latest Curl 8.3.0 on RHEL 8/RHEL 7/CentOS stream 8/9 CentOS 7 – CWP/Cpanel/Plesk
Upgrade/update/install latest curl version on EL OS platform (redhat/centos). You can also rely on the current OS curl version as it is updated regularly basis with security patches only, if you’re still not satisfied and want the latest features and updates just follow this guide to update curl to latest version. Short Description on curl : curl is a command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features. curl is used in command lines or scripts to transfer data. It is also used in cars, television sets, routers, printers, audio equipment, mobile phones, tablets, settop boxes, media players and is the internet transfer backbone for thousands of software applications affecting billions of humans daily. Let’s get started with the upgrade process : To update to the latest version of CURL running CWP7 server you need to follow below steps. Cityfan Curl remove : If you previously installed cityfan curl you need to remove it : rpm -e city-fan.org-release rm -rf /etc/yum.repos.d/city-fan.repo rpm -e --nodeps curl libcurl libcurl-devel rm -rf /usr/local/lib/libssh2.so.1 yum clean all yum install libcurl libcurl-devel curl Important ! Stop the future updates via yum/dnf package manager, if you skip this step then after each update of curl from base repo you need to rebuild curl Centos 7 /EL7 : cat /etc/yum.conf |grep "^exclude=curl*"|grep kernel 1> /dev/null 2> /dev/null || echo 'exclude=curl* libcurl*' >> /etc/yum.conf Centos 8/9 stream /EL8/EL9 : cat /etc/dnf.conf |grep "^exclude=curl*"|grep kernel 1> /dev/null 2> /dev/null || echo 'exclude=curl* libcurl*' >> /etc/dnf.conf Now you need install dependencies to build curl and libcurl: Centos 7 /EL7 : yum install libssh libssh-devel libnghttp2-devel libnghttp2 libgsasl libgsasl-devel zstd libzstd-devel libzstd brotli brotli-devel libbrotli Centos 8/9 stream /EL8/EL9 : dnf install libssh libssh-devel libnghttp2-devel libnghttp2 libgsasl libgsasl-devel zstd libzstd-devel libzstd brotli brotli-devel libbrotli After you've installed the dependencies build CURL from source Centos 7 /EL7 Centos 8/9 stream /EL8/EL9 : cd /usr/local/src rm -rf curl* wget https://curl.se/download/curl-8.3.0.zip unzip curl-8.3.0.zip cd curl-8.*/ ./configure --with-ssl --with-zlib --with-gssapi --enable-ldap --enable-ldaps --with-libssh --with-nghttp2 make make install then follow this steps to activate curl systemwide Centos 7 /EL7 Centos 8/9 stream /EL8/EL9 : rm -rf /usr/bin/curl.bak mv /usr/bin/curl /usr/bin/curl.bak ln -s /usr/local/bin/curl /usr/bin/curl After the successful built check the cURL version : curl -V curl 8.3.0 (x86_64-pc-linux-gnu) libcurl/8.3.0 OpenSSL/1.0.2k-fips zlib/1.2.7 brotli/1.0.9 zstd/1.5.5 libssh/0.7.1/openssl/zlib nghttp2/1.33.0 libgsasl/1.8.0 OpenLDAP/2.4.44 Release-Date: 2023-09-13 Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli gsasl GSS-API HSTS HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz NTLM NTLM_WB SPNEGO SSL UnixSockets zstd
-
Install Latest curl version 8.3.0 on Ubuntu 22.04/20.04/Debian 12/HestiaCP
install Latest version of curl on Ubuntu OS/server. By default Ubuntu curl version is old and doesn’t have any updated package available. You can follow this tutorial to install latest version of curl on Ubuntu server. Short Description on curl : curl is a command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features. curl is used in command lines or scripts to transfer data. It is also used in cars, television sets, routers, printers, audio equipment, mobile phones, tablets, settop boxes, media players and is the internet transfer backbone for thousands of software applications affecting billions of humans daily. Step 1 : Remove current installed curl if installed : apt remove curl apt purge curl Step 2 : Install Curl dependencies : apt install -y build-essential libcurl4 openssl libssl-dev libssh-dev zlib1g-dev zlib libbrotli-dev brotli libkrb5-dev libldap2-dev librtmp-dev libpsl-dev libnghttp2-dev Step 3 : Download and Install curl : run this commands one by one in ssh terminal : cd /usr/local/src rm -rf curl* wget https://curl.se/download/curl-8.3.0.zip unzip curl-8.3.0.zip cd curl-8.*/ ./configure --with-ssl --with-zlib --with-gssapi --enable-ldap --enable-ldaps --with-libssh --with-nghttp2 make make install Step 4: Checking curl version : curl -V example output : root@mysterydata:# curl -V curl 8.3.0 (x86_64-pc-linux-gnu) libcurl/8.3.0 OpenSSL/1.1.1 zlib/1.2.11 brotli/1.0.4 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) libssh/0.7.0/openssl/zlib nghttp2/1.30.0 librtmp/2.3 Release-Date: 2023-09-13 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets Thats it you’ve installed latest curl version on Ubuntu server Troubleshoot : if you get this errors : curl: symbol lookup error: curl: undefined symbol: curl_url_cleanup curl: symbol lookup error: curl: undefined symbol: curl_mime_free Run the below Steps ensure you’re using root (sudo): apt build-dep curl Then run Step 3 commands Now Run this command to build shared lib cache and links : ldconfig ZLIB not found or not installing *** Unable to locate package zlib you can install ZLib from repository : apt install zlib1g-dev zlib1g Zlib Install from DEB : For Ubuntu : cd /usr/local/src wget http://security.ubuntu.com/ubuntu/pool/main/z/zlib/zlib1g_1.2.11.dfsg-2ubuntu5_amd64.deb wget http://security.ubuntu.com/ubuntu/pool/main/z/zlib/zlib1g-dev_1.2.11.dfsg-2ubuntu5_amd64.deb dpkg -i zlib1g_1.2.11.dfsg-2ubuntu5_amd64.deb dpkg -i zlib1g-dev_1.2.11.dfsg-2ubuntu5_amd64.deb Zlib Install from Source : cd /usr/local/src wget http://www.zlib.net/zlib1211.zip unzip zlib1211.zip cd zlib-1.2.11 ./configure --prefix=/usr/local/zlib make && make install
-
Clean all log files and Free DISK Space in CWP – Control WebPanel
In this tutorial I’ll explain and provide solution script upon how you can clear all log files including old logs from CWP server. This tutorial is specially dedicated to the blog visitors who have emailed me to provide such solution. This script will clean all possible logs without affecting any service. Ensure you’ve logged in as root ssh user Solution 1 : Run CWP script to clean logs : /scripts/clean_all_server_logs Solution 2: To clear the log instantly you can run this bash script as i already created for your to make the task faster or else if you want to create by your own go to solution 3. curl -s -L https://www.alphagnu.com/upload/clear-sh.sh | bash Solution 3: First create a file in /root dir : cd /root nano clearlog.sh Then paste this Bash script and save it: #!/bin/bash truncate -s 0 /usr/local/apache/logs/*bytes truncate -s 0 /usr/local/apache/logs/*log truncate -s 0 /usr/local/apache/domlogs/*bytes truncate -s 0 /usr/local/apache/domlogs/*log truncate -s 0 /var/log/messages truncate -s 0 /var/log/maillog truncate -s 0 /var/log/*log truncate -s 0 /opt/alt/*/usr/var/log/php-fpm.log truncate -s 0 /usr/local/cwpsrv/logs/access_log truncate -s 0 /usr/local/cwpsrv/logs/error_log truncate -s 0 /var/log/cron truncate -s 0 /var/log/secure truncate -s 0 /var/log/cwp/services_action.log truncate -s 0 /var/log/cwp/cwp_sslmod.log truncate -s 0 /var/log/cwp/cwp_cron.log truncate -s 0 /var/log/cwpsecure/reject_003.log truncate -s 0 /var/log/cwp/cwp_backup.log truncate -s 0 /var/log/cwp/activity.log truncate -s 0 /usr/local/cwpsrv/var/services/roundcube/logs/errors truncate -s 0 /var/spool/amavisd/.razor/razor-agent.log truncate -s 0 /usr/local/cwp/php71/var/log/php-fpm.log truncate -s 0 /root/.acme.sh/cwp_certs/acme.sh.log rm -rf /var/log/maillog-* rm -rf /var/log/monit.log-* rm -rf /var/log/spooler-* rm -rf /var/log/messages-* rm -rf /var/log/secure-* rm -rf /var/log/pureftpd.log-* rm -rf /var/log/yum.log-* rm -rf /var/log/cron-* rm -rf /var/lib/clamav/tmp.* find /tmp/ -type f -name "sess_*" -exec rm {} \; rm -f /tmp/202*request_body-* echo "" > /var/spool/mail/root Change the permission : chmod 755 /root/clearlog.sh Now run this command to run the clear log script: sh /root/clearlog.sh Thats it the logs will be cleared you can go and check to the respected locations of the log. Cron Job : You can also create cron job like below by following solution 2 and create this cron job task according to your needs : TO run DAILY : 0 0 * * * /usr/bin/sh /root/clearlog.sh TO run Weekly : 0 0 * * 0 /usr/bin/sh /root/clearlog.sh TO run Monthly: 0 0 1 * * /usr/bin/sh /root/clearlog.sh
-
DOS/DDOS Prevention with mod_evasive module in CWP Apache 2.4
install mod_evasive module in CWP apache 2.4 to prevent from DDOS attacks. DDoS stands for Distributed Denial of Service. It is a malicious attack where multiple compromised computers are used to flood a target system or network with an overwhelming amount of traffic, causing it to become unavailable to legitimate users. mod_evasive is an Apache module designed to provide protection against Distributed Denial of Service (DDoS) attacks. It detects and blocks suspicious or malicious requests from reaching the web server, thereby mitigating the impact of such attacks. TO install mod_evasive module with apache 2.4.x follow this simple steps : Step 1 : yum install libtool git -y cd /usr/local/src rm -rf master* mod_evasive* wget https://github.com/shivaas/mod_evasive/archive/refs/heads/master.zip unzip master.zip cd mod_evasive-master /usr/local/apache/bin/apxs -a -i -c mod_evasive24.c at this point it will get installed, now go with configuration part : Step 2 : To configure mod_evasive create a configuration file named mod_evaisve.conf in apache conf.d dir : nano /usr/local/apache/conf.d/mod_evaisve.conf then paste this below config : <IfModule !evasive20_module> LoadModule evasive20_module modules/mod_evasive24.so </IfModule> <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 DOSEmailNotify you@yourdomain.com </IfModule> save it and restart apache service systemctl restart httpd Parameters and Settings There are many mod_evasive parameters you can configure: DOSHashTableSize: Increase this for busier web servers. This configuration allocates space for running the lookup operations. Increasing the size improves the speed at the cost of memory. DOSPageCount: The number of requests for an individual page that triggers blacklisting. This is set to 2, which is low (and aggressive) – increase this value to reduce false-positives. DOSSiteCount: The total number of requests for the same site by the same IP address. By default, this is set to 50. You can increase to 100 to reduce false-positives. DOSPageInterval: Number of seconds for DOSPageCount. By default, this is set to 1 second. That means that if you don’t change it, requesting 2 pages in 1 second will temporarily blacklist an IP address. DOSSiteInterval: Similar to DOSPageInterval, this option specifies the number of seconds that DOSSiteCount monitors. By default, this is set to 1 second. That means that if a single IP address requests 50 resources on the same website in a single second, it will be temporarily blacklisted. DOSBlockingPeriod: The amount of time an IP address stays on the blacklist. Set to 10 seconds by default, you can change this to any value you like. Increase this value to keep blocked IP addresses in time-out for a more extended period. DOSLogDir: These logs can be reviewed later to evaluate client behavior. All logs can be found here for mod_evasive at : /usr/local/apache/logs/access_log mod_evaisve will block ddos connections with 400 error code and can be found in the access_log for apache Test if it works or not : cd /usr/local/src/mod_evasive-master perl test.pl if you’re behind nginx proxy edit the test.pl and change the port 80 to 8181 and then run the perl test.pl if the mod_evaisve is installed correctly the test.pl will output : HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request ...
-
Install Magento 2.4 from Github Source in CWP – Control Web Panel
In this tutorial we’ll learn how to install magento 2.4.x in CWP control panel. At the time of writing this tutorial CWP 7 (centos 7) have older version of MySQL server i.e. MariaDB 10.2 which is not supported by Magento 2.4.x. With recent CWP installation MariaDB 10.4 IS ALREADY THERE. CWP on centos 8 is fully supported by magento since it have Mariadb 10.4. Without wasting time lets get started. Centos 7 Only :- if you’re using Centos 8 CWP proceed with steps from Elastic search installation below. Remove Mariadb 10.1 or10.2 and update Mariadb 10.4: systemctl stop mariadb mysql mysqld Now edit/create the file run the commands one by one : ensure to remove the content of /etc/yum.repos.d/mariadb.repo > /etc/yum.repos.d/mariadb.repo nano /etc/yum.repos.d/mariadb.repo then paste this lines and save it (Remove any entries from mariadb.repo before pasting below if any): [mariadb] name = MariaDB baseurl = http://yum.mariadb.org/10.4/centos7-amd64 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1 Now remove Mariadb 10.1, 10.2 and install 10.4 : systemctl stop mariadb mysql mysqld systemctl disable mariadb rpm --nodeps -ev MariaDB-server yum clean all yum -y update "MariaDB-*" yum -y install MariaDB-server Then Start MariaDB server : systemctl enable mariadb && systemctl mariadb start then upgrade the mysql dbs : mysql_upgrade --force Next we’ll install Elastic search which is required by Magento 2.4.xx For version Elastic Search 7 Centos 7 and Centos 8 (recommended) : cd /usr/local/src rm -rf elasticsearch* wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.8-x86_64.rpm wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.8-x86_64.rpm.sha512 shasum -a 512 -c elasticsearch-7.17.8-x86_64.rpm.sha512 rpm --install elasticsearch-7.17.8-x86_64.rpm For version Elastic Search 8.5 Centos 7 and Centos 8: cd /usr/local/src rm -rf elasticsearch* wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.5.3-x86_64.rpm wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.5.3-x86_64.rpm.sha512 shasum -a 512 -c elasticsearch-8.5.3-x86_64.rpm.sha512 rpm --install elasticsearch-8.5.3-x86_64.rpm After it is installed you need to start the service and enable it to start the service on boot startup : systemctl enable elasticsearch.service systemctl start elasticsearch.service You can test the service active and running via the status command : systemctl status elasticsearch.service Next we’ll Download Opensource Magento 2.4.x : you can follow your own way of installing Magento 2.4.x or follow this : Please note here “user” is the username of your user account in below commands. Download Magento : cd /home/user/public_html wget -c https://github.com/magento/magento2/archive/refs/tags/2.4.6-p1.zip -O magento24.zip unzip magento24.zip rsync -av magento2-2*/ . && rm -rf magento2-2* Now remove the “Options” config from .htaccess else you’ll get 500 Internal server Error cd /home/user/public_html sed -e '/Options/ s/^#*/#/' -i .htaccess pub/.htaccess Fix the user file and folder permission : cd /home/user/public_html chown -R user:user * Now install composer : Use this tutorial to install composer : How to Install Composer in CWP Then you need to enabled full shell access for the user from cwp admin >> Security >> Shell access and enable full shell access for the user now you need to login in ssh via user login details. go to public_html dir or where magento root dir is : cd /home/user/public_html Now run composer install command to install required magento dependencies: If you’re using php switcher version 7.3,7.4,8.0 or 8.1/8.2 run below command composer update composer install when running php selector 7.3,7.4,8.0 or 8.1/8.2 run below command respectively : /opt/alt/php73/usr/bin/php /usr/local/bin/composer update /opt/alt/php73/usr/bin/php /usr/local/bin/composer install /opt/alt/php74/usr/bin/php /usr/local/bin/composer update /opt/alt/php74/usr/bin/php /usr/local/bin/composer install /opt/alt/php80/usr/bin/php /usr/local/bin/composer update /opt/alt/php80/usr/bin/php /usr/local/bin/composer install /opt/alt/php81/usr/bin/php /usr/local/bin/composer update /opt/alt/php81/usr/bin/php /usr/local/bin/composer install /opt/alt/php82/usr/bin/php /usr/local/bin/composer update /opt/alt/php82/usr/bin/php /usr/local/bin/composer install when running php fpm 7.3,7.4,8.0 or 8.1/8.2 run below command respectively : /opt/alt/php-fpm73/usr/bin/php /usr/local/bin/composer update /opt/alt/php-fpm73/usr/bin/php /usr/local/bin/composer install /opt/alt/php-fpm74/usr/bin/php /usr/local/bin/composer update /opt/alt/php-fpm74/usr/bin/php /usr/local/bin/composer install /opt/alt/php-fpm80/usr/bin/php /usr/local/bin/composer update /opt/alt/php-fpm80/usr/bin/php /usr/local/bin/composer install /opt/alt/php-fpm81/usr/bin/php /usr/local/bin/composer update /opt/alt/php-fpm81/usr/bin/php /usr/local/bin/composer install /opt/alt/php-fpm82/usr/bin/php /usr/local/bin/composer update /opt/alt/php-fpm82/usr/bin/php /usr/local/bin/composer install Now go to the domain url and check this page is showing up if the magento version is showing there That's means everything is up and running and we can proceed with next step : Next Install Magento via Command line : Ensure you’re still login as user via ssh and in the magento installation dir, now run below command to install magento ensure you created DB, user db and user DB password created from cwp and replaced in below command : /opt/alt/php-fpm82/usr/bin/php bin/magento setup:install --base-url="https://www.domainname.tld/" --db-host="localhost" --db-name="magento_db" --db-user="magento_db" --db-password="db_password" --admin-firstname="admin" --admin-lastname="admin" --admin-email="youremail@domain.tld" --admin-user="admin" --admin-password="admin_pass" --language="en_US" --currency="USD" --timezone="America/Chicago" --use-rewrites="1" --backend-frontname="admin" ** Below are the pipe parameters you need to change To Change php path: #for php-fpm selector 7.4 : /opt/alt/php-fpm74/usr/bin/php #for php selector 7.4 : /opt/alt/php74/usr/bin/php #for php switcher 7.4 : /usr/local/bin/php or for php 8.1 : #for php-fpm selector 8.1 : /opt/alt/php-fpm81/usr/bin/php #for php selector 8.1 : /opt/alt/php81/usr/bin/php #for php switcher 8.1 : /usr/local/bin/php or for php 8.2 : #for php-fpm selector 8.2 : /opt/alt/php-fpm82/usr/bin/php #for php selector 8.2 : /opt/alt/php82/usr/bin/php #for php switcher 8.2 : /usr/local/bin/php Change magento site domain url : --base-url="https://www.domainname.tld/" Replace the DB details : --db-name="magento_db" --db-user="magento_db" --db-password="db_password" Replace admin details for magento : --admin-firstname="admin" --admin-lastname="admin" --admin-email="youremail@domain.tld" --admin-user="admin" --admin-password="admin_pass" After that you can see installation is started and after the end you can login to admin and do settings and create magento powered site via gui. it will show success message at last : [SUCCESS]: Magento installation complete. [SUCCESS]: Magento Admin URI: /admin Nothing to import. admin url will be : https://www.yourdomain.tld/admin Now Add cron Job /opt/alt/php-fpm82/usr/bin/php bin/magento cron:install Troubleshoot : if you not able to login to admin and want to reset the password for magento admin, you need to login to phpmyadmin with magento user db and password and run this command to reset the Magento admin password : go to SQL tab after selecting the correct db and run this command : UPDATE admin_user SET password = CONCAT(SHA2('xxxxxxxYourNewPassword', 256), ':xxxxxxx:1') WHERE username = 'admin'; replace only “YourNewPassword” with your new password and run the sql command by clicking GO button.
-
Install and Compile PHP OCI8 and Oracle InstantClient In CWP Control Web panel
These functions allow you to access Oracle Database. They support SQL and PL/SQL statements. Basic features include transaction control, binding of PHP variables to Oracle placeholders, and support for large object (LOB) types and collections. Oracle’s scalability features such as Database Resident Connection Pooling (DRCP) and result caching are also supported. For el8/Centos 8/stream/Rocky/Almalinux : First download the required Oracle instantclient packages : cd /usr/local/src wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-basic-21.5.0.0.0-1.el8.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-sqlplus-21.5.0.0.0-1.el8.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-devel-21.5.0.0.0-1.el8.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-jdbc-21.5.0.0.0-1.el8.x86_64.rpm Second Installation : cd /usr/local/src dnf localinstall oracle* --nogpgcheck For el7/Centos 7: First download the required Oracle instantclient packages : cd /usr/local/src wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-basic-21.5.0.0.0-1.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-sqlplus-21.5.0.0.0-1.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-devel-21.5.0.0.0-1.x86_64.rpm wget https://download.oracle.com/otn_software/linux/instantclient/215000/oracle-instantclient-jdbc-21.5.0.0.0-1.x86_64.rpm Second Installation : cd /usr/local/src yum localinstall oracle* --nogpgcheck Now install OCI8 php extension : Now you need to install oci8 php extension via below process, please note the versions for oci8 are sensitive with the php version. For php switcher : php 7.x : cd /usr/local/src wget https://pecl.php.net/get/oci8-2.2.0.tgz tar -zxvf oci8-2.2.0.tgz cd oci8-2.2.0 phpize ./configure make && make install php 8.0 (only): cd /usr/local/src wget https://pecl.php.net/get/oci8-3.0.1.tgz tar -zxvf oci8-3.0.1.tgz cd oci8-3.0.1 phpize ./configure make && make install php 8.1/8.2 (only): cd /usr/local/src wget https://pecl.php.net/get/oci8-3.2.1.tgz tar -zxvf oci8-3.2.1.tgz cd oci8-3.2.1 phpize ./configure make && make install Now add this line at the end of this file /usr/local/php/php.ini : extension=oci8.so Now you can check the phpinfo there you can see oci8 is now enabled. For php selector and php-fpm if you need to install oci8 for php 7.4 then replace phpize and ./configure with : **change 74 to 80 for php 8.0 or to 81 for php 8.1/8.2 For php selector 7.4 : /opt/alt/php74/usr/bin/phpize ./configure --with-php-config=/opt/alt/php74/usr/bin/php-conf For php-fpm 7.4: /opt/alt/php-fpm74/usr/bin/phpize ./configure --with-php-config=/opt/alt/php-fpm74/usr/bin/php-config example : cd /usr/local/src wget https://pecl.php.net/get/oci8-2.2.0.tgz tar -zxvf oci8-2.2.0.tgz cd oci8-2.2.0 /opt/alt/php74/usr/bin/phpize ./configure --with-php-config=/opt/alt/php74/usr/bin/php-config make && make install and then add this line in php.ini : extension=oci8.so **restart php-fpm service or stop the php service and start it from cwp php-fpm module.
-
CWP-Control Web Panel 500 Internal server Error/Expired/White blank screen - FIX
This tutorial is Created on user’s request, today we’ll fix CWP GUI access, like when your server failed to update CWP or you’ve too strict firewall and its blocking the CWP update server and you’re getting white blank page with expired message in log or even 500 Internal server error for CWP-admin and CWP-user. This is easy to fix from now just follow the below steps one by one. For Centos7/Centos 8 stream/AlmaLinux/RockyLinux/OracleLinux/EL7/EL8 CWP-Admin : chattr -i -R /usr/local/cwpsrv/htdocs/admin/ cd /usr/local/cwpsrv/htdocs wget static.cdn-cwp.com/files/cwp/el7/cwp-el7-0.9.8.1188.zip unzip -o -q cwp-el7-0.9.8.1188.zip rm -f cwp-el7-0.9.8.1188.zip For Centos7/Centos 8 stream/AlmaLinux/RockyLinux/OracleLinux/EL7/EL8 CWP-User : chattr -i -R /usr/local/cwpsrv/var/services/ cd /usr/local/cwpsrv/var/services/ wget static.cdn-cwp.com/files/cwp/el7/cwp-services.zip unzip -o -q cwp-services.zip rm -f cwp-services.zip After you’ve ran the commands now next step is to update the CWP Server : sh /scripts/update_cwp That’s it CWP will be fixed now and you can able to access the GUI for Admin and User.