Monthly Archives: February 2016

How To Install ClamAV cPanel

ClamAV

Simply log into WHM, go to the cPanel section and click “Plugins.” Check the box next to “clamavconnector” and click save at the bottom of the page.

This will install ClamAV.

Update antivirus database:

freshclam

Scan a directory and print out infected files:

clamav -ri /home

Scan a directly and remove infected files and emails:

clamav -ri –remove /home

While there go ahead a look our Maldetect tutorials so you can us both.

install Linux Malware Detect 1.5

How to install Linux Malware Detect

Description
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

The driving force behind LMD is that there is currently limited availability of open source/restriction free tools for Linux systems that focus on malware detection and more important that get it right. Many of the AV products that perform malware detection on Linux have a very poor track record of detecting threats, especially those targeted at shared hosted environments.

Download malware detect

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz 
tar -zxvf maldetect-current.tar.gz 
cd maldetect-1.5/
./install.sh

Once installation completed.

You can try to scan your files.

maldet -a /home/?/public_html

MalDetect

This will scan all your account files… This should preferred with screen.

To scan one particular folder, use this option.

maldet -a /home/yourusername

That’s being said you also need to configure maldetect with your email so go ahead and edit:

vi /usr/local/maldetect/conf.maldet

While there go ahead a look our ClamAV tutorials so you can use clamav scanner engine.

cPanel Tutorial: Domains – Parked Domains

cPanel Tutorial: Domains – Parked Domains

Through the Parked Domains feature you can add parked domains to your account. A parked domain allows you to reach your domain when entering the name of the parked domain into a browser. You can use a parked domain to allow multiple spellings of a domain name to access a single domain.

Add a Parked Domain Detailed Tutorial

Step 1: To access the Parked Domains feature, click on the corresponding icon located on the main screen of your cPanel interface.

Step 2: To add a parked domain, enter the name of the domain in the blank field and click on Add Domain.

Make sure to register the parked domain with a valid domain registrar or else it will not work.

Remove a Parked Domain Detailed Tutorial

The Parked Domains feature allows you to remove parked domains from your account. If a parked domain is no longer necessary, you can remove it without removing the main domain.

Step 1: To access the Parked Domains feature, click on the corresponding icon located on the main screen of your cPanel interface.

Step 2: To remove a parked domain, click on the Remove link next to it.
You can also redirect the parked domain to another URL using the Manage Redirection link.

Automatic cPanel backup (Domain & MySQL) with cron & PHP

Automatic cPanel backup (domain & MySQL) with cron & PHP

The situation is this: You use cPanel on our web hosting server. You use the cPanel backup tool to regularly backup /home directory (includes my web files, mail, etc), and my MySQL databases. You love the fact that you can use it to backup to a remote FTP server, and you do that on a fairly regular basis.

The major drawback is that you have to remember/schedule to perform this backup manually. This becomes especially difficult if you have multiple cPanel accounts. It would be amazing if you could just schedule the cPanel backup to run at regular intervals, perhaps with cron. Well, although there’s no option for that in cPanel, the script below will allow you to do exactly that!

This backup script includes SSL support. This isn’t necessary if you run the script on the server for which you’re generating the backup; but the SSL support is very important if you’re running the script somewhere else to connect to your cPanel hosting account.

PHP Code:
<?php
// PHP script to allow periodic cPanel backups automatically, optionally to a remote FTP server.
// This script contains passwords. KEEP ACCESS TO THIS FILE SECURE! (place it in your home dir, not /www/)
// ********* THE FOLLOWING ITEMS NEED TO BE CONFIGURED *********// Info required for cPanel access
$cpuser = “username”; // Username used to login to CPanel
$cppass = “password”; // Password used to login to CPanel
$domain = “example.com”; // Domain name where CPanel is run
$skin = “paper_lantern”; // Set to cPanel skin you use (script won’t work if it doesn’t match). Most people run the default x theme// Info required for FTP host
$ftpuser = “ftpusername”; // Username for FTP account
$ftppass = “ftppassword”; // Password for FTP account
$ftphost = “ftp.example.com”; // Full hostname or IP address for FTP host
$ftpmode = “ftp”; // FTP mode (“ftp” for active, “passiveftp” for passive)// Notification information
$notifyemail = “you@example.com”; // Email address to send results// Secure or non-secure mode
$secure = 0; // Set to 1 for SSL (requires SSL support), otherwise will use standard HTTP// Set to 1 to have web page result appear in your cron log
$debug = 0;

// *********** NO CONFIGURATION ITEMS BELOW THIS LINE *********

if ($secure) {
$url = “ssl://”.$domain;
$port = 2083;
} else {
$url = $domain;
$port = 2082;
}

$socket = fsockopen($url,$port);
if (!$socket) { echo “Failed to open socket connection… Bailing out!\n”; exit; }

// Encode authentication string
$authstr = $cpuser.”:”.$cppass;
$pass = base64_encode($authstr);

$params = “dest=$ftpmode&email=$notifyemail&server=$ftphost&user=$ftpuser&pass=$ftppass&submit=Generate Backup”;

// Make POST to cPanel
fputs($socket,”POST /frontend/”.$skin.”/backup/dofullbackup.html?”.$params.” HTTP/1.0\r\n”);
fputs($socket,”Host: $domain\r\n”);
fputs($socket,”Authorization: Basic $pass\r\n”);
fputs($socket,”Connection: Close\r\n”);
fputs($socket,”\r\n”);

// Grab response even if we don’t do anything with it.
while (!feof($socket)) {
$response = fgets($socket,4096);
if ($debug) echo $response;
}

fclose($socket);

?>

To schedule the script to run regularly, save it as fullbackup.php in your top directory (not /public_html, which would be less secure), and enter a new cron job like the following:

Code:
15 2 * * * /usr/local/bin/php /home/youraccount/fullbackup.php

(Runs every night at 2:15 a.m.)

or

Code:
15 2 * * 1 /usr/local/bin/php /home/youraccount/fullbackup.php

(Runs every Sunday night at 2:15 a.m.)

Just contact us if you want to orders a secured backup space into a backup servers.

How to Install RKHunter on Linux (RootKit Hunter) in RHEL, CentOS and Fedora

For those of you who didn’t know, Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. Rkhunter checks to see whether the binary files or system startup files have been modified, and performs various checks on the network interfaces, including checks for listening services and applications. Rkhunter runs on most Linux and UNIX systems. It can be run from the command line, but it can also be scheduled to execute on a daily basis as a cron job.

This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you through the step by step installation rkhunter (rootkit hunter) on centos 6.

Step 1. Download rkhunter.

# cd /tmp
# wget http://ncu.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Step 2. Once you have downloaded the latest version, run the following commands as a root user to install it.

# tar -xvf rkhunter-1.4.0.tar.gz
# cd rkhunter-1.4.0
# ./installer.sh –layout default –install

Step 3. Run the RKH updater to fill the database properties by running the following command.

# /usr/local/bin/rkhunter –update
# /usr/local/bin/rkhunter –propupd

Step 4. Create a file called rkhunter.sh under /etc/cron.daily/, which then scans your file system every day and sends email notifications to your email id. Create following file with the help of your favourite editor.

vi /etc/cron.daily/rkhunter.sh

Step. 5 Add the following lines of code to it and replace “YourServerNameHere” with your “hostname” and “your@email.com” with your administrator email.

#!/bin/sh
(
/usr/local/bin/rkhunter –versioncheck
/usr/local/bin/rkhunter –update
/usr/local/bin/rkhunter –cronjob –report-warnings-only
) | /bin/mail -s ‘rkhunter Daily Run (YourHostnameHere)’ your@email.com

Step 6. Set execute permission on the file:

# chmod 755 /etc/cron.daily/rkhunter.sh

Step 7. You are done RKHunters has been installed, If you wish to run manual scan of the entire file system, run the Rkhunter as a root user.

rkhunter –check

For more information and options run the following command.

# rkhunter –help

Free Domain Name?

One FREE domain no string attached, there no tricks simply write an honest & helpful review & earn a free domain if you get published.

The vouchers are valid on any non-premium domains with these TLDs…

  • COM
  • NET
  • ORG
  • BIZ
  • INFO
  • US

…up to the value of $10.99.

Coupons expire a month after they are issued, so be sure to claim them quick!

Domains is offered by whoishostingthis.com and domain.com for UnderHost customers.

If you prefers your domain registered here, you can transfers the domain to us after 60 days.

 

Already a UnderHost customer? Write an honest & helpful review & earn a free domain from Domain.com if we publish it.

http://www.whoishostingthis.com/hosting-reviews/underhost/#add-review

Who Is Hosting This.com - UnderHost Inc Reviews

 

PHP7 for cPanel is ready

We added PHP7 to our shared servers a couple of week ago, today cPanel integrate it on EasyApache so everyone can benefit from the improvement of PHP7

cPanel support for PHP7 is already available via EasyApache 4: https://blog.cpanel.com/php-7-is-here/
If you’re ready to try out PHP 7, you can simply add ea-php70 to your custom profiles, or run

yum install ea-php70

GeoIP and mod_geoip Installation on cPanel server

GeoIP (Installation Guide from cPInstall)

The GeoIP extension allows you to find the location of an IP address. City, State, Country, Longitude, Latitude, and other information as all, such as ISP and connection type can be obtained with the help of GeoIP.

Installation Steps

For installing the said PHP extension as an APache module, You need to install the dependencies first.

yum install GeoIP GeoIP-devel GeoIP-data zlib-devel

Create a custom installation directory, from which you are going to install the mod_geoip2 package.

mkdir /usr/local/share/GeoIP

In the directory, download the latest Country and City database files from maxmind.

wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
The files downloaded are GeoIP.dat.gz and GeoLiteCity.dat.gz. These files needed to be expanded or extracted as they are compressed for easy downloading. I used the below mentioned command for the same.
gunzip GeoIP.dat.gz
gunzip GeoLiteCity.dat.gz

For installing mod_geoip2, the dependencies httpd-devel and apr-devel needed to be installed.

The httpd-devel package contains the APXS (Apache Extension Tool) binary and other files that you need to build Dynamic Shared Objects (DSOs) for the Apache HTTP Server. If you are installing the Apache HTTP server and you want to be able to compile or develop additional modules for Apache, you need to install this package.

The apr-devel package provides the support files which can be used to build applications using the APR library. The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines.

For installing the said dependencies, I used the following command :

yum install httpd-devel apr-devel

Since we have installed all the dependencies, lets proceed to the installation of the apache module mod_geoip.

For the same, we need to download the Package first.

wget http://www.filewatcher.com/m/mod_geoip2_1.2.5.tar.gz.11602-0.html

Extract the downloaded package.

tar xvzf mod_geoip2_1.2.5.tar.gz  
cd mod_geoip2_1.2.5

apxs is a tool for building and installing extension modules for the Apache web server. This is achieved by building a dynamic shared object (DSO) from one or more source or object files which then can be loaded into the Apache server under runtime via the LoadModule directive from mod_so.

I’ve used apxs command for building and installing the extension module mod_geoip. You can refer the link for the successful execution of the command.

apxs -i -a -L/usr/lib64 -I/usr/include -lGeoIP -c mod_geoip.c

Now we have to enable mod-geoip in your apache configuration. Otherwise it is not going to work. You’ll need the following lines in your httpd.conf file (/etc/httpd/conf/httpd.conf).

GeoIPEnable On
GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat Standard
GeoIPDBFile /usr/local/share/GeoIP/GeoLiteCity.dat Standard

Restart Apache so your changes will take effect by entering the following command.

/etc/init.d/httpd restart

You can check whether the installation is complete and the module mod_geoip is enabled or not just by creating a php info page.

cPanel Setup, Secure and Plugins Installer

UnderHost released cPinstall in 2011 almost a decade passed and the Script went EOL for public.

We are now announcing the second version of our bash script and hopefully be able to release further update down the road.

cPInstall was a small bash script created at first for UnderHost customer then released to public. Its purpose is to give access to install, optimize, secure any common cPanel plugin within one click. Useful for novice and helpful for advanced users.

cPInstall return should be during march, our bash script is now accessible via an optional plugin in cPanel/WHM for even further configuration!

 

If you wish to get our Build 0.2 from 2011.

 

 

 

How to use Gmail within cPanel at UnderHost or any providers using cPanel

We encourage our clients to us third party email services instead of the Shared Email environment that comes with some of UnderHost web hosting accounts. There are many reasons as to why, but the biggest issue is deliverability.

If you prefer to use the Gmail email service, here is how you will set it up in your cPanel control panel if you have web hosting at UnderHost

1) Login to your cPanel Control Panel and look for the Mail block as shown below. Once found click on the “MX Entry” icon in that block.

 

2) You will now be on the MX Entry page in cPanel. A MX record controls where your email traffic will be delivered too for your specific domain. Now we need to set it up to send your emails to Gmail In the “Email Routing” box, select “Remote Mail Exchanger” and then click on the “Change” button. Once you have clicked the “Change” button you will you should see “Remote Mail Exchanger” in bold text now.

3) Now move down the MX Entry page to the “MX Records” and if you see your own domain name under “Destination” then click the “Delete” link under “Actions”.

 

4) Now move up to “Add New Record” block, and you will need to add the actual Gmail MX Records here. you will need the “Priority” and the “Destination”

Priority Destination
1 ASPMX.L.GOOGLE.COM
5 ALT1.ASPMX.L.GOOGLE.COM
5 ALT2.ASPMX.L.GOOGLE.COM
10 ASPMX2.GOOGLEMAIL.COM
10 ASPMX3.GOOGLEMAIL.COM

Make sure Google haven’t modified their MX records; https://support.google.com/a/answer/174125?hl=en