Restore cPanel Backup to DirectAdmin Server

Posted by: Chris  :  Category: DirectAdmin, Linux Tips

Some random notes on cP to DA restore

  • cPanel user account must be owned by root when you create the backup on the cPanel server.
  • When using the “Personal” version of DA, the admin user must be changed to match the user of the cPanel account you are trying to restore, as this version only allows a single account.
  • On the DA server, change the default “admin” username to the USERNAME of the backup.

cd /usr/local/directadmin/scripts
./ admin USERNAME 

Edit /usr/local/directadmin/data/users/USERNAME/user.conf

Change creator, name and username to the backups USERNAME

Restore the cPanel backup per –

This will fail (and its OK)!

What this did was take your cPanel backup and create a DA backup file with the cPanel information.

Now, rename the DA created backup to user.USERNAME.USERNAME.tar.gz

Restore this newly named backup using the same process.

SolusVM Master on CentOS 7

Posted by: Chris  :  Category: Linux Tips

When moving a master from one server to another I came across a few issues with the new (v4) installer for SolusVM and CentOS 7. The server was loaded with the minimal install of CentOS, and there is no specific information on SolusVM’s site for dependencies. The first time I ran the install script, it never stated that there was a problem, but the back end web server was not accepting connections. Long story short, before you run the SolusVM installer for CentOS 7, run the following command to ensure that the software needed is in place:

yum -y install rrdtool-php.x86_64 nmap.x86_64 vim-enhanced mlocate rsyslog.x86_64 php

For reference, here is the command from the SolusVM website for the CentOS 7 install script:


How to mass clean base64_decode infected php files (Including WordPress)

Posted by: Chris  :  Category: Linux Tips

Hello once again,

I had recently been asked to take a look at a server that was being reported as having a virus passed to unsuspecting visitors. I did the usual scan (using clamscan) and came up with a couple of files that had PHP shells. I removed those files, and started digging deeper. What I found was that two of the accounts on the server had all of their .php files infected with a base64_decode right on the first line. What this does is it encrypts code so that a user cannot see it. The web server knows how to decrypt it, so when the page is served to a user, they get a little more than they bargained for! The following information will only replace the first line of these infected files.

Read more…

Logwatch installation – cPanel with CentOS 6 (64bit)

Posted by: Chris  :  Category: Linux Tips

By default, Logwatch is not installed on a CentOS 6 (x64) server (not sure about 32bit versions..?). This is something that I have missed from using the previous versions of CentOS. As a server admin, I like to be able to review this file to see if anything funny or strange has happened over the past day. When trying to install this from yum, I was getting an error:

Error: Package: logwatch-7.3.6-49.el6.noarch
Requires: perl(Date::Manip)

Installing perl(Date::Manip) through the cPanel perl modules interface did not cure the issue. The perl version required by Logwatch is newer than the default cPanel version.

Here is how I corrected the issue and was able to get Logwatch working properly….
Read more…

Scanning for unwanted files/code

Posted by: Chris  :  Category: Linux Tips

Here is a little code that I use to scan servers that I admin on for unwanted files. These include php shell’s and encoded files. You can add your own expressions as well. The expressions that I have listed are what I have found to most likely be in infected files.
Read more…

FastCGI & Custom php.ini file per user

Posted by: Chris  :  Category: Linux Tips

I was recently asked to look at allowing custom php.ini files on a system where they were using FastCGI (fcgid) with SuExec to load php pages. This was a cPanel server using PHP5x, and after some research, I was able able to come up with a solution.
Read more…

Downgrading eAccelerator – cPanel

Posted by: Chris  :  Category: Linux Tips

The latest cPanel release comes with the option to have php version 5.3.1, and also uses the latest release candidate for eAccelerator, 0.9.6-rc1. These options are available to you through the EasyApache interface. There seems however, to be some bugs which cause unexpected high loads on busy servers, which some believe, are caused by a fault in the eAccelerator release candidate. Here are the steps you need to take in order to downgrade to eAccelerator Release- Read more…

How to install mod_limitipconn on cPanel

Posted by: Chris  :  Category: Linux Tips

We are going to install mod_limitipconn in order to limit the number of connections per IP on our server.  This can be a very useful tool, as it could help in lowering the load on your server due to someone connecting too many times from the same IP.

Read more…

How to install mod_evasive on a DirectAdmin server

Posted by: Chris  :  Category: Linux Tips

Well, I figured I would post this for any DirectAdmin ( DA ) users out there that would like to use the power of mod_evasive.  The install is fairly close to a cPanel install, with a couple of little twists.  This is geared towards a server running Apache2, if you are running Apache1, let me know if this worked for you!

Now, we are going to install mod_evasive to help protect our DirectAdmin server from low end ddos attacks. The installation is really quite simple. Read more…

How to install mod_evasive on a cPanel server

Posted by: Chris  :  Category: Linux Tips

We are going to install mod_evasive to help protect our cPanel server from low end ddos attacks.  The installation is really quite simple. Read more…