So, you installed Munin in WHM > Manage Plugins, but when it installs, you go to Munin Service Monitor in WHM, and you get a 404?
This fix was provided by Lsupport
mv /usr/local/cpanel/3rdparty/bin/rrdtool /usr/local/cpanel/3rdparty/bin/rrdtool.bak /scripts/rrdtoolinstall --force
Run the two lines above in SSH as root, then go into WHM and uninstall and reinstall Munin in Plugin Manager, and it should start working.
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
If you need to change your server clock to another timezone, you can do so by modifying the /etc/localtime file:
mv /etc/localtime /etc/localtime.bak ln -s /usr/share/zoneinfo/Asia/Calcutta /etc/localtime date
root@host [~]# date
Thu Mar 4 09:54:56 IST 2010
From Avaya Labs, a product I install on all servers and Linux based workstations, LibSafe
The exploitation of buffer overflow and format string vulnerabilities in process stacks constitutes a significant portion of security attacks in recent years. We present a new method to detect and handle such attacks. In contrast to previous work, our method does not require any modification to the operating system and works with existing binary programs. Our method does not require access to the source code of defective programs, nor does it require recompilation or off-line processing of binaries. Furthermore, it can be implemented on a system-wide basis transparently. Our solution is based on a middleware software layer that intercepts all function calls made to library functions that are known to be vulnerable. A substitute version of the corresponding function implements the original functionality, but in a manner that ensures that any buffer overflows are contained within the current stack frame, thus, preventing attackers from ’smashing’ (overwriting) the return address and hijacking the control flow of a running program.
We have implemented our solution on Linux as a dynamically loadable library called libsafe. Libsafe has demonstrated its ability to detect and prevent several known attacks, but its real benefit, we believe, is its ability to prevent yet unknown attacks. Experiments indicate that the performance overhead of libsafe is negligible.
1 2 3 4 5 6 7 | echo "Installing LibSafe" cd /usr/local/src/ wget http://pubs.research.avayalabs.com/src/libsafe-2.0-16.tgz tar -xzvf libsafe-2.0-16.tgz cd libsafe-2.0-16/ make yes y | make install |
Found this plugin, thought I would give it a try, line numbers with a “Hello World” program in Assembly.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | .text .global main main: mov $4, %eax /* write system call */ mov $1, %ebx /* stdout */ mov $msg, %ecx mov $msgend-msg, %edx int $0x80 mov $1, %eax /* _exit system call */ mov $0, %ebx /* EXIT_SUCCESS */ int $0x80 .data msg: .ascii "Hello, world\n" msgend: |
Here’s a neat little diagnostic tool I have been working on, to help me resolve common issues with Mail, DNS, etc..
Let me know what you guys think of it.
NFS – Network Filesystem
Requirements:
portmap service (rpc.portmap,rpc.mountd,rpc.nfsd,rpc.statd,rpc.lockd,rpc.quotad)
nfs-utils package
Example Config:
# cat /etc/exports
/home 192.168.1.2(ro,sync,no_root_squash)
/var/lib/mysql 192.168.1.3(ro,sync,no_root_squash)
Verify NFS is running:
rpcinfo quota
Re-initialize NFSD:
exportfs -ra || kill -HUP `pidof nfsd`
Hey guys,
I’ve made it so that registration is easier, you can connect with your Facebook profile, and I have the Facebook theme installed. Let me know what you guys think!
So, I got bored one weekend and decided to recompile PHP using EasyApache, but I thought to myself, well if I am compiling a c program, why not compile it with custom GCC flags? So, here’s what I did:
This requires that you have ROOT SSH access to your cPanel server
echo "-O3" > /var/cpanel/easy/apache/rawenv/CFLAGS screen -S ea3 /scripts/easyapache --skip-cpanel-version-check --build
This will automatically rebuild the last saved EasyApache build with the new CFLAGS. If you have not built PHP with EA3, you can use:
screen -S ea3 /scripts/easyapache
This will take you through the EasyApache wizard, and once you start the build it will then use the custom flags.
Thanks to cPanel for providing this neat feature! 
This is assuming you have CSF installed already and setup properly. Assuming that, you will want to go into the configuration via WHM (WHM > Plugins > ConfigServer Security & Firewall > Firewall Configuration) or in SSH via vi /etc/csf/csf.conf
What you are looking for is CC_ALLOW_FILTER
First, you will want to get a list of ISO Country Codes to allow.
For example, if you only wanted United States, Canada, Great Britian, Australia, and Mexico to be whitelisted, you would specify:
US,CA,GB,AU,MX
What this will do is download a list of IP ranges belonging to those countries, then add them to a whitelist, and deny everything else, that is, deny all other countries’ IP ranges. So, India will not be able to connect to your server, Russia will not be able to connect, etc..
Once you have change this in your configuration, don’t forget to restart your firewall to apply the new configuration.
