Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Administrator

Pages: 1 2 [3] 4 5 6
31
CentOS Configuration / How to setup user quotas ?
« on: September 09, 2014, 09:59:48 PM »
Let's say that your /home partition is in / mount point

install quota on your centos
Code: [Select]
yum install quota
Edit: /etc/fstab   
Code: [Select]
vi /etc/fstab 
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for / mount point

Before (in some cases this can be different!):
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647       /       ext3    defaults        1       1After Replace:
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647       /       ext3    usrjquota=quota.user,jqfmt=vfsv0        1       1
Code: [Select]
mount -o remount /
quotacheck -avugm
quotaon -avug


If you have /home in /etc/fstab then you will need to edit line matching /home
replace "defaults" with "usrjquota=quota.user,jqfmt=vfsv0" for /home mount point

Before:
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647       /home       ext3    defaults        1       1After Replace:
Code: [Select]
UUID=ac567666-9385-4ef5-885c-80f61ec64647       /home       ext3    usrjquota=quota.user,jqfmt=vfsv0        1       1
Code: [Select]
mount -o remount /home
quotacheck -avugm
quotaon -avug
Now you need to add this into the CWP Configuration
Code: [Select]
mkdir -p /usr/local/cwp/.conf/
echo "/home" > /usr/local/cwp/.conf/quota_part.conf

How to check if quota works ?
Code: [Select]
repquota -a This will display you user limits

Set a quota for all users by package from cwp
Code: [Select]
/scripts/cwp_api account update_diskquota_all

If you had previously added users then you will need to update the quota for them, you can do that by clicking on each account edit and then saving changes, or you can edit packages and save them for all users.

XFS Quota (only for XFS file system!!!)
Code: [Select]
yum -y install quota quota-devel
edit file: /etc/fstab and add usrquota,grpquota example:
/dev/mapper/centos_root-home /home xfs defaults,usrquota,grpquota 0 0

before example
Code: [Select]
/dev/mapper/centos_root-home /home xfs defaults 0 0aftere example
Code: [Select]
/dev/mapper/centos_root-home /home xfs defaults,usrquota,grpquota 0 0
Activate quota as XFS for /home
in CWP.admin go to Left Menu -> Server Settings --> Disk Quota , and set
Quota Partition: /home
Quota Type: xfs

reboot the server

Next, activate quota for all accounts
in cwp.admin go to Left Menu -> Packages -> List Packages
edit all packages you have and select "Update Quota" to set the quota for all accounts using this package.

How to check if /home is mounted with quota
Code: [Select]
mount |grep homeif you have there listed usrquota,grpquota for /home then all should work fine.
=============
XFS: In some cases, you would also need to modify grub conf if the above fails

Code: [Select]
# mount | grep ' / '
/dev/mapper/cl-root on / type xfs (rw,relatime,attr2,inode64,noquota)

 If you see "noquota" in the xfs mount options for the / partition then you would need to modify file: /etc/default/grub
Find the line with the variable "GRUB_CMDLINE_LINUX" and at end of the line add: "rootflags=uquota,pquota"

Example:
Code: [Select]
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rhgb quiet rootflags=uquota,pquota"
Make backup and create grub config for boot
Code: [Select]
cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig
grub2-mkconfig -o /boot/grub2/grub.cfg
echo xfs > /usr/local/cwp/.conf/quota_type.conf

now reboot the server
Code: [Select]
reboot
after reboot run API to set quota for all users
Code: [Select]
/scripts/cwp_api account update_diskquota_all
Note: If you want emails and user home to be under the same quota then /var/vmail and /home need to be on the same partition.

32
SSL / How to install multiple SSL certificates on shared IP
« on: August 20, 2014, 01:56:28 PM »
How to install multiple SSL certificates on shared IP
Now you can have unlimited number of SSL certificates on one shared IP address (no additional IP's are needed)

autoSSL Valid SSL Certificate (no exception needs to be added in your browser)
1. go to SSL Manager and install this Certificate for user/domain/subdomain you need.

Install SSL Certificate (Self Singed - exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Self Singed SSL Certificate


Install Browser Valid SSL Certificate (no exception needs to be added in your browser)
1. Use CWP SSL Generator (in admin are under Security) for generating your SSL key and SelfSinged Certificate.
2. You will get SSL output and now you will need buy SSL Certificate providing output of "BEGIN CERTIFICATE REQUEST" to SSL seller company.
3.Once you have received new SSL Certificate from valid seller you can install it by clicking on "Browse installed SSL Certificates" in CWP SSL Generator
and edit file "/etc/pki/tls/certs/DOMAIN.COM.cert"
4. go to SSL Manager and install this Certificate for user and path which you need it
Great Now you Have installed Valid SSL Certificate

** Don't forget to download your SSL Certificate and KEY from the server to your local computer for backup!!!
** Don't forget to check if your Apache is Listening on the port 443!!!

Use the following site for SSL check
https://www.sslshopper.com/ssl-checker.html

33
DNS Manager / How to use FreeDNS Manager
« on: July 29, 2014, 01:40:23 PM »
How to use FreeDNS Manager?

1. Register on FreeDNS Manager website
http://freedns.centos-webpanel.com


2. Point you domain to the following nameservers (at your domain registrar):
ns1.centos-webpanel.com
ns2.centos-webpanel.com


3. add your domain on FreeDNS (enter following):
- Zone/Domain: your domain name, example: mydomain.com
- Web Server IP: your server IP, example: 121.122.123.124
- Mail Server IP: your server IP, example: 121.122.123.124
- FTP Server IP: your server IP, example: 121.122.123.124

Great now you have set your FreeDNS!

test your domain records by visiting following link and entering your domain name
http://leafdns.com/


34
How to / How to enable root access on Microsoft Azure Cloud
« on: July 09, 2014, 01:01:24 PM »
How to enable root access on Microsoft Azure Cloud.

1. Login via ssh using your sudo user
2. Now login as root user
Code: [Select]
sudo su -
3. check if root access is set (LOCK means that root access is disabled)
Code: [Select]
[root@Linux ~]# grep root /etc/shadow
root:*LOCK*:14600::::::
4. enable root access  (as root user enter command passwd)
Code: [Select]
[root@Linux ~]# passwd
now enter your password and root access is enabled, you can check this by using command "grep root /etc/shadow"





35
How to / How to change cwpsrvd Listen port (CWP)
« on: July 07, 2014, 04:19:16 PM »
If you need to change cwpsrv Listen port you can do that by editing following files:

Here you can edit default cwp admin ports 2030,2031,2086,2087
Code: [Select]
nano /usr/local/cwpsrv/conf/cwpsrv.conf
to get Line number us this command
Code: [Select]
grep -n listen /usr/local/cwpsrv/conf/cwpsrv.conf
don't forget that you need to add your new ports in CSF Firewall and restart cwpsrv using this command.
Code: [Select]
sh /scripts/restart_cwpsrv

For user panel you can edit this file
/usr/local/cwpsrv/conf.d/users.conf

Note that these changes are not recommended as update can overwrite them.



36
How to / how to change memory_limit in php.ini
« on: July 02, 2014, 12:41:27 AM »
how to change memory_limit in php.ini ?

With CWP this is very simple:
go to menu --> PHP Settings --> PHP Simple Editor

here you can edit sa view mostly used settings from php.ini file.

Mostly used settings are:
memory_limit
upload_max_filesize
post_max_size
max_execution_time
display_errors
date.timezone  (change php time zone)

37
How to / how to rebuild all apache virtual hosts
« on: July 02, 2014, 12:13:09 AM »
how to rebuild all apache virtual hosts at once?

1. Edit Apache vHosts Template according to your needs (default is fine) | Path: Apache Settings --> Apache vHosts Template
2. Check your server shared ip and apache port which you want to use. | Path CWP Settings --> Edit Settings
3. go to menu Apache Settings --> Rebuild Apache vHosts , check all details and click on "Rebuild All Apache vHosts" button.

once all is done check output and if apache started without any errors.

that is it!

38
How to / how to check my current MySQL root password
« on: June 29, 2014, 07:55:00 AM »
how to change my current MySQL root password

Go to phpMyAdmin --> Users Tab
- Click on Edit Privileges for root user
- go to Change password section --> Generate a New Password and click on the Go button.

Now you need to set this new password in the configuration files.

You can use this command from shell:
Code: [Select]
nano /root/.my.cnf
and edit also this file
Code: [Select]
nano /usr/local/cwpsrv/htdocs/admin/include/db_conn.php


To check the password you the instructions bellow.

You can use this command from shell:
Code: [Select]
grep password /root/.my.cnf
or this one
Code: [Select]
grep db_pass /usr/local/cwpsrv/htdocs/admin/include/db_conn.php

39
How to / how to secure CentOS server using CWP features
« on: June 29, 2014, 07:43:20 AM »
how to secure CentOS server using CWP features

1. Enable CSF Firewall (in CWP.root in security menu you have CSF Firewall)
2. Change SSH port
3. Enable ModSecurity with OWASP security rules
4. Use only random generated passwords


How to enable CSF Firewall
In your CWP menu go to Security --> CSF Firewall and click on firewall enable



How to change SSH port
In your CWP menu go to Services Config --> SSH Configuration
now replace #22 with eg. 8404 and restart ssh server on index page of the CWP

You will need to add this port also in CSF Firewall
1. go to Security --> CSF Firewall --> Firewall Configuration
2. replace TCP_IN and TCP_OUT port 22 with your port
3. restart CSF Firewall

cut from configuration
Code: [Select]
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2030,2031"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,2030,2031"


How to Install ModSecurity with OWASP security rules
In your CWP menu go to Security --> Mod Security and click on Install Mod Security



Use only random generated passwords
One of the most important things is to ALWAYS use random generated passwords with length 8+ characters.
CWP also has built in random password generator which will generate random password for each new account on creation.

One of best tools for that is here:
https://www.random.org/passwords/

Random passwords needs to be used for all public services like:
 - CMS applications like Wordpress admin user
 - FTP Passwords
 - Email Account Passwords
 - Account passwords
... and any other available on the internet

40
How to / how to create new user account on CentOS Web Panel
« on: June 29, 2014, 07:22:12 AM »
how to create new user account on CentOS Web Panel [CWP]

1. Login to your CWP.root (Admin Area)
2. Click on User Accounts
3. Click on New Account (Create a New Account)
4. Fill new account  form (Domain,Username, Password, Package, Email address, Backup)

Account Creation Will do the following
- Create New Account with shell disabled
- Add Configuration for a domain in apache config file (suPHP,suExec, Domain path)
- Create public_html folder (used for uploading public scripts)
- install default template (index.html file)
- restart/reload apache  configuration
- Create and reload DNS zone for a domain

Now you can upload your files using ftp login details of the account.


suPHP requires following permissions
Folders: 755
Files: 644



41
Information / CentOS Server Log Files Location
« on: June 13, 2014, 03:56:31 PM »
CWP Login Logs
/var/log/cwp_login.log

Apache server Logs location:
/usr/local/apache/logs/

suPHP Log
/var/log/suphp.log

PHP Rebuild Log (PHP Switcher)
/var/log/php-rebuild.log

Postfix
/var/log/maillog

Dovecot
/var/log/dovecot-debug.log
/var/log/dovecot-info.log
/var/log/dovecot.log


How to View Logs?
You can use File Manger in CWP as one of the options
Code: [Select]
cat /full/path/to/file.name
Code: [Select]
less /full/path/to/file.name
Code: [Select]
nano /full/path/to/file.name
Code: [Select]
vi /full/path/to/file.name
Code: [Select]
vim /full/path/to/file.name
To live monitor logs you can user this command
Code: [Select]
tail -f /full/path/to/file.name


42
PHP / suPHP - 500 Internal Server Error
« on: June 13, 2014, 03:26:53 PM »
This error  is usually related to a permissions/ownership issue.
suPHP requires that the files are owned by the user name. Permissions on php files should also be set to 644 (-rw-r-r-), folder permission must be 755.

How to change ownership on the files and folders

Quote
option no.1. (this will fix all permissions for the user account)
go to CWP menu --> User Accounts -- > Fix Permissions and select user

option no.2.
For one file eg. /home/test/public_html/index.php
Code: [Select]
chown USERNAME:USERNAME /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
Code: [Select]
chown -R USERNAME:USERNAME /home/test/public_html/*


How to change permissions on the files and folders

For one file eg. /home/test/public_html/index.php
Code: [Select]
chmod 644 /home/test/public_html/index.php
For all files in /home/test/public_html folder (RECOMMENDED)
Code: [Select]
cd /home/test/public_html
find . -type f -exec chmod 644 {} \;

If not of the above helps than you can check .htaccess file
you can check, disable, rename .htaccess file as rules inside this file can cause this issue.

You can also tail/monitor error log using command
Code: [Select]
tail -f /usr/local/apache/logs/error_log

43
Addons / Linux Shoutcast Manager - How to install shoutcast server
« on: June 12, 2014, 11:15:59 PM »
In CWP you can install shoutcast server in few clicks, in CWP menu go to Plugins and than ShoutCast Manager.

- Install Shoutcast server
  **This will create linux user named "shoutcast" which will be used to run shoutcast servers in screen.

- Remove Shoutcast server
  **This option will delete all servers and "shoutcast" linux user.

- Installing additional server servers
  **This will create additional folder locations and shoutcast server files.

- Template folder is used to copy data when creating new server and you can modify it. [DO NOT DELETE THIS FOLDER]


Please remember that shoutcast servers use 2 ports always
eg.
if you create server with port 8000 it will also work on port 8001 (accepts connections).


Creating servers example
Server1 on port 8000
Server2 on port 8002
Server3 on port 8004

If you have enabled CSF Firewall you will need to open shoutcast port and port +1.


Server not starting known issues
Code: [Select]
yum -y install screen glibc.i686 glibc.i386


44
Information / CWP Version updates
« on: June 06, 2014, 09:36:56 PM »
If you have versions from 0.1 to 0.7 than you can not upload to newer as there are too many differences from version 0.8 like:

- config file locations
- apache location
- php location
- CWP server different type and location
...


Versions 0.8 +  have automatic updates to the latest one available.

45
SSL / SSL Certificate Country Codes
« on: June 05, 2014, 07:26:21 PM »
SSL Certificate Country Codes

Find your Country Code from the list provided below
Country Codes are required when creating a Certificate Signing Request. The SSL Certificate Country Codes that you need to enter when creating your CSR are as follows:

    US United States of America
    CA Canada
    AX Åland Islands
    AD Andorra
    AE United Arab Emirates
    AF Afghanistan
    AG Antigua and Barbuda
    AI Anguilla
    AL Albania
    AM Armenia
    AN Netherlands Antilles
    AO Angola
    AQ Antarctica
    AR Argentina
    AS American Samoa
    AT Austria
    AU Australia
    AW Aruba
    AZ Azerbaijan
    BA Bosnia and Herzegovina
    BB Barbados
    BD Bangladesh
    BE Belgium
    BF Burkina Faso
    BG Bulgaria
    BH Bahrain
    BI Burundi
    BJ Benin
    BM Bermuda
    BN Brunei Darussalam
    BO Bolivia
    BR Brazil
    BS Bahamas
    BT Bhutan
    BV Bouvet Island
    BW Botswana
    BZ Belize
    CA Canada
    CC Cocos (Keeling) Islands
    CF Central African Republic
    CH Switzerland
    CI Cote D'Ivoire (Ivory Coast)
    CK Cook Islands
    CL Chile
    CM Cameroon
    CN China
    CO Colombia
    CR Costa Rica
    CS Czechoslovakia (former)
    CV Cape Verde
    CX Christmas Island
    CY Cyprus
    CZ Czech Republic
    DE Germany
    DJ Djibouti
    DK Denmark
    DM Dominica
    DO Dominican Republic
    DZ Algeria
    EC Ecuador
    EE Estonia
    EG Egypt
    EH Western Sahara
    ER Eritrea
    ES Spain
    ET Ethiopia
    FI Finland
    FJ Fiji
    FK Falkland Islands (Malvinas)
    FM Micronesia
    FO Faroe Islands
    FR France
    FX France, Metropolitan
    GA Gabon
    GB Great Britain (UK)
    GD Grenada
    GE Georgia
    GF French Guiana
    GG Guernsey
    GH Ghana
    GI Gibraltar
    GL Greenland

    GM Gambia
    GN Guinea
    GP Guadeloupe
    GQ Equatorial Guinea
    GR Greece
    GS S. Georgia and S. Sandwich Isls.
    GT Guatemala
    GU Guam
    GW Guinea-Bissau
    GY Guyana
    HK Hong Kong
    HM Heard and McDonald Islands
    HN Honduras
    HR Croatia (Hrvatska)
    HT Haiti
    HU Hungary
    ID Indonesia
    IE Ireland
    IL Israel
    IM Isle of Man
    IN India
    IO British Indian Ocean Territory
    IS Iceland
    IT Italy
    JE Jersey
    JM Jamaica
    JO Jordan
    JP Japan
    KE Kenya
    KG Kyrgyzstan
    KH Cambodia
    KI Kiribati
    KM Comoros
    KN Saint Kitts and Nevis
    KR Korea (South)
    KW Kuwait
    KY Cayman Islands
    KZ Kazakhstan
    LA Laos
    LC Saint Lucia
    LI Liechtenstein
    LK Sri Lanka
    LS Lesotho
    LT Lithuania
    LU Luxembourg
    LV Latvia
    LY Libya
    MA Morocco
    MC Monaco
    MD Moldova
    ME Montenegro
    MG Madagascar
    MH Marshall Islands
    MK Macedonia
    ML Mali
    MM Myanmar
    MN Mongolia
    MO Macau
    MP Northern Mariana Islands
    MQ Martinique
    MR Mauritania
    MS Montserrat
    MT Malta
    MU Mauritius
    MV Maldives
    MW Malawi
    MX Mexico
    MY Malaysia
    MZ Mozambique
    NA Namibia
    NC New Caledonia
    NE Niger
    NF Norfolk Island
    NG Nigeria
    NI Nicaragua
    NL Netherlands
    NO Norway
    NP Nepal
    NR Nauru
    NT Neutral Zone
    NU Niue

    NZ New Zealand (Aotearoa)
    OM Oman
    PA Panama
    PE Peru
    PF French Polynesia
    PG Papua New Guinea
    PH Philippines
    PK Pakistan
    PL Poland
    PM St. Pierre and Miquelon
    PN Pitcairn
    PR Puerto Rico
    PS Palestinian Territory
    PT Portugal
    PW Palau
    PY Paraguay
    QA Qatar
    RE Reunion
    RO Romania
    RS Serbia
    RU Russian Federation
    RW Rwanda
    SA Saudi Arabia
    SB Solomon Islands
    SC Seychelles
    SE Sweden
    SG Singapore
    SH St. Helena
    SI Slovenia
    SJ Svalbard and Jan Mayen Islands
    SK Slovak Republic
    SL Sierra Leone
    SM San Marino
    SN Senegal
    SR Suriname
    ST Sao Tome and Principe
    SU USSR (former)
    SV El Salvador
    SZ Swaziland
    TC Turks and Caicos Islands
    TD Chad
    TF French Southern Territories
    TG Togo
    TH Thailand
    TJ Tajikistan
    TK Tokelau
    TM Turkmenistan
    TN Tunisia
    TO Tonga
    TP East Timor
    TR Turkey
    TT Trinidad and Tobago
    TV Tuvalu
    TW Taiwan
    TZ Tanzania
    UA Ukraine
    UG Uganda
    UM US Minor Outlying Islands
    US United States
    UY Uruguay
    UZ Uzbekistan
    VA Vatican City State (Holy See)
    VC Saint Vincent and the Grenadines
    VE Venezuela
    VG Virgin Islands (British)
    VI Virgin Islands (U.S.)
    VN Viet Nam
    VU Vanuatu
    WF Wallis and Futuna Islands
    WS Samoa
    YE Yemen
    YT Mayotte
    ZA South Africa
    ZM Zambia
    COM US Commercial
    EDU US Educational
    GOV US Government
    INT International
    MIL US Military
    NET Network
    ORG Non-Profit Organization
    ARPA Old style Arpanet


Pages: 1 2 [3] 4 5 6