eth0.us - Server admin info for cPanel, plesk, ensim and linux!

The below has been known to fix most cPanel mail issues. They can range from spamd failed messages to exim just flat out not working at all.

/scripts/perlinstaller Digest::SHA1
/scripts/perlinstaller --force Mail::SpamAssassin
/scripts/fixspamassassinfailedupdate
/scripts/updatenow
/scripts/installspam --force
/scripts/exim4 --force

/etc/rc.d/init.d/exim restart
/scripts/restartsrv spamd
/etc/rc.d/init.d/chkservd restart

There are a lot of data centers out there, in fact way too many to easily make a decision. Each datacenter has its own quirks, advantages, and disadvantages. I have had the opportunity to work with many datacenters in the past few years. I am going to list just a few of the ones that we have worked with.


While I am very biased we generally suggest going with an unmanaged provider then getting a help from a third party company, such as mine TotalServerSolutions. This as many advantages, if you ever are dis-satisfied with either the datacenter or management company you can change while still keeping continuity with at least one. If you go with a datacenter that does everything it may be harder.


Highly recommend:
SoftLayer
ThePlanet


Other datacenters that are popular:

This guide is going to be using a text mode install simply because it is the most compatible while still being fairly easy to understand. Note that in doing so the mouse is not going to work! Simply use the tab and arrow keys to move. The install itself is pretty simple but if you have any problems please email me or post them below.

 

No security system is perfect and it is always good to have some forms of intrusion detection just incase somebody does get in you can be notified. Do not immediatly get worried if in an email you get a positive, many of them are false and from upgrades. I would first suggest running "rkhunter -c" from ssh and looking at the errors. If it is a few bad binaries you should check to see what was updated recently. If you have a rootkit detected you should start to worry because it is very uncommon for a false positive on a rootkit or trojan.

A firewall is a very good idea for a server. Though many people think that a firewall is instant protection that will do everything it really is not. A firewall will help prevent some things but it is not going to stop everything. It is just one piece of the security network that is being woven. I recommend advanced protection firewall (APF) by rfxnetworks. APF will block unused outgoing and incoming ports. It can also be configured to use information from some block lists. The below port list will work for cPanel. For the other control panels you will need to add in the administration ports.

HotSaNIC is a very nice tool which combines all sorts of very important system graphs into a simple and easy to understand webpage. It allows the admin to take a quick glance at the graphs to see what may or may not be working with the system. With the new APPS graph it is also possible to watch as more processes are started which can be helpful in tracking down why the server load is increasing. For instance if you see a huge load spike but you see that the number of exim processes has gone up significantly at the same time you can start to investigate.

I built this guide on a cPanel server but it will work fine on an ensim box as well. I don't recall the plesk mailserver off the top of my head but changing that small part will make it work great fine plesk.

A HUGE THANKS TO FOGGY!! Much of this guide has been copied from the original posted here: http://forums.ev1servers.net/showthread.php?p=70160 . I have cleaned it up a little and updated it for the latest version of hotsanic.

It is hard to imagine but the server management and admin company that I partially own, Total Server Solutions (TSS) , has now been around for 2 years. It just proves that when you have your heart set on something and have a great group of people you can suceed.We have started off as 4 friends and now have more then doubled in size with more growth coming soon. If you like the information you see on this website but do not quiet feel up to doing it yourself visit our site and check out what we can offer. We have support around 24/7 for monitoring servers as well as fixing servers that break. We work really hard to make sure that every customer of ours is happy and goes away with a good experience.

So please if you like this free information but want more or just want somebody else to look over your server check us out! Total Server Solutions has experience with everything from a shared webhost to a large scale client demanding 100% uptime and moving nearly 1/2 a gigabit every second of the day. If you need a custom cluster solution use the contact page and we can work with you to figure out a cost effective yet powerful solution. Thanks for visiting eth0.us and I hope you find everything that you need, reading this site may not make you a cPanel expert but it should bring you closer! :)

-John "eth00" Wigle
Owner of TotalServerSolutions

Total Server Solutions website

HELP! My server is under a DDOS attack!

HELP! My server is having load problems!

Ok first of all this guide is not going to be entirely comprehensive on everything you need to do towards optimizing a server and figuring what is causing the server to overload. All of the guides in my HELP! series are not meant to replace a professional only give you a general idea of what you can do. If after reading this do not think that there is nothing you can do, it may be you simply have to hire somebody to take a look at it. It is very hard to write every single thing that might be wrong and sometimes it just takes a lot of experience to see what is wrong. The first thing to do is determine what bottleneck is slowing your system down. There are many things that can be causing the load on a server run out of control but the main things are CPU limitations, memory (RAM), or I/O of your disks. Typically people will look at the "uptime" of their server to give a general idea of if it is a load problem causing issues with a server. In general a load of ~1 for each cpu is reasonable, if you have 2 cpus with hyperthreading linux will see them as 4 which means your load can be around 4 without any major problems. That being said it is very possible that your server handles even double what the uptime load shows without any problems. The load from uptime has a lot of factors that go into it and if you are interested in finding out more I would suggest looking on google. When writing this guide i am assuming that your server is optimized so if I say you are running low on RAM you probably need to optimize it some more or get RAM for it.

How-To: Compile a monolithic 2.6.9 kernel with grsecurity

This guide is superceded by the 2.6.10 + grsec kernel. It is not longer going to be updated.

This guide was designed for the ev1 configurated poweredge servers. I have tested it on the the 2.0 and 2.4 Ghz Xeons, and 2.0 Ghz celeron. It should also work fine with the P4 2.0 Ghz + but I have personally not tested one yet. I do not have any plans to test this kernel on any older systems though as long as they network card support is built in it will probably work. I started this as a project to increase the performance and security of my servers. The 2.6.x kernel has many improvements that have dramatically dropped the load on the servers I have tested this on so far. In addition to that the kernel does not support loadable modules, the definiation of monolithic, which removes one method of possible vulnerabilities as well as more efficient. Though there are no studies directly linking grsecurity to increased security it only adds additional security to your system with very few negative drawbacks. I think that is worth the extra time to configure in grsecurity in the chance that it may possibly block a possible cracker.

How-To: Compile a 2.6.9 Kernel

This guide is to be used completely at your own risk! It was designed with an ev1 dual xeon hardware configuration in mind but will also work on some of the P4 modals. I am not going to try and support every possible hardware combination. I started this because I wanted a kernel for my own use but decided to share my work. Upgrading a kernel from rpm is easy and doing it as i have below is pretty easy as I have already done much of the hard configuration work. I was able to use the following guide on multiple servers with no problem and I know that it works. The key that makes this much easier is that you are using the .config file I have already created which contains all of the variables and configuration options. If you would like to view the .config file and offer any input please feel free! I have a little experience with compiling kernels but I am sure there are a few more things here and there I can remove.

How-To: Compile a monolithic 2.6.10 kernel with grsecurity and secfix patch

Note 2.6.10 is an old version of the kernel however, this guide will work with the latest 2.6.11.7 and grsecurity if you get those instead of the files described. If you go that route the patch described below for a specific vulnerability is not requied.


This guide was designed for the ev1 configurated poweredge servers. I have tested it on the the 2.0 and 2.4 Ghz Xeons, and 2.0 and 3.0 Ghz celeron. It should also work fine with the P4 2.0 Ghz + but I have personally not tested one yet. I do not have any plans to test this kernel on any older systems though as long as they network card support is built in it will probably work. If you post here with specific problems on boot I can try to add the needed modules to my config. I started this as a project to increase the performance and security of my servers. The 2.6.x kernel has many improvements that have dramatically dropped the load on the servers I have tested this on so far. In addition to that the kernel does not support loadable modules, the definiation of monolithic, which removes one method of possible vulnerabilities as well as more efficient. Though there are no studies directly linking grsecurity to increased security it only adds additional security to your system with very few negative drawbacks. I think that is worth the extra time to configure in grsecurity in the chance that it may possibly block a possible cracker.

This kernel is patched against the following vulerability: http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt. This is the root level exploit that was release January 7th. It is *HIGHLY* suggested that you upgrade ASAP. This particular exploit along with a worm much like the phpBB worm could be disasterous yeilding full root access.

Updated Feb 6th for instructions on updating grub
Updated Feb 2nd for rpm problems with RH9

Grsecurity is a set of patches and options that works to help increase the security of a server at the kernel level. Here is a very basic guide of how to download it and patch your kernel. This guide is meant to be used alongside of my generic 2.6.10 kernel guide if you are not familiar with the process of compiling a kernel. This guide can also be adapted to the latest 2.6.11.7 and version of grsecurity just fine.

How-To: Compile and configure a 2.6.10 kernel



Note 2.6.10 is an old version of the kernel however, this guide will work with the latest 2.6.11.7 and grsecurity if you get those instead of the files described. If you go that route the patch described below for a specific vulnerability is not required.

My previous guides use a very specific config file that only works for a few different servers. This guide is meant to be a lot more generic and should work on more servers. I have taken the default config from a redhat 2.4 kernel and kept all the driver configuration. I have removed the extra support such as USB and sound that are not needed on a server. I also explain how to remove some of the drivers that are not necessary such as scsi/ide support depending on what type of drives you have. If you do not want to deal with the menuconfig you can simply compile it and not configure it. I hope that this guide will help alleviate some of the problem with segfaulting that some of the configurations have. If you would like to compile in grsecurity please follow my 2.6.10 grsecurity guide.

This guide has taken me a long time to create. If you have used it for your donate please consider donating :) With that being said good luck with compiling your new kernel.

How-To secure cPanel

*********************WARNING********************



This guide is no longer going to be updated as it is too large and complex to maintain. Instead all of the other guides on the right will continue to be updated. I am going to leave it up just because some people still look at it for a general idea of what to do with a new server. I would suggest that you not actually follow these directions as the versions may be old.


First and foremost I want to say that this is not going to make your server 100% cracker proof, there is always a possibility that somebody will find a way in. I have listed a lot of things you can do to protect your server and that will help you secure it. While securing your server you have to find a median between what is secure and what restricts your clients or websites. You can easily make your server 100% secure from remote attacks by unplugging the ethernet cable, but chances are you will not get much good with it. This is not a complete guide and I will update it when I find time or it needs it. Overall it is a very good start and it is probably more then most servers have.

If you have any problems with the guide please post them and I will try and help/update the guide. I have not included everything you can do but it is a very good start. If you need somebody to secure server please feel free to private message or email me.