How to change domain name through plesk

Let me get this straight?

You're looking to change a client's domain name? Just click on their username, click the domain name, go to Domain Administrator, change the field at the top, and click ok. :) I hope that is what you were looking for.

Install Shockvoice with Mono

Get the latest version of Mono from here:

http://www.go-mono.com/mono-downloads/download.html

Download todays latest from:

wget http://ftp.novell.com/pub/mono/sources/libgdiplus/libgdiplus-2.6.tar.bz2

http://ftp.novell.com/pub/mono/sources/mono/mono-2.6.1.tar.bz2

shell> tar xjf libgdiplus-2.6.tar.bz2

shell> cd libgdiplus-2.6

shell> ./configure

shell> make

shell> make install


shell> tar xjf mono-2.6.1.tar.bz2

shell> cd mono-2.6.1

see the README for more compiling informations

shell> ./configure --prefix=/opt/mono

shell> make

shell> make install


Download the latest version from the Shockvoice downloadserver:

http://www.shockvoice.net/page/getsv

Create the directory where you want to install Shockvoice.

shell> mkdir -p /usr/share/shockvoice

Unpack the package into the newly created directory:

shell> tar -C /usr/share/shockvoice -xvzf svserver-0.9.0beta-linux-community.tar.gz

Create the database:

shell> mysqladmin -uroot -p create shockvoice


Now import the tables to the database.

shell> mysql -uroot -p shockvoice < /usr/share/shockvoice/shockvoice.mysql.sql Now we need to create a database user (we will name him svuser) and grant him permissions to use the Shockvoice database. shell> mysql -uroot -p Enter Password:

mysql> GRANT USAGE ON shockvoice.* TO svuser@localhost IDENTIFIED BY '';

mysql> GRANT ALL ON shockvoice.* TO svuser@localhost IDENTIFIED BY "";

mysql> FLUSH PRIVILEGES;


Change to the directory and start the install.sh script.

shell> cd /usr/share/shockvoice && ./install.sh

Installation script will ask you few questions.

You have done

Install Asterisk/FreePBX on an OpenVZ/Virtuozzo Virtual Private Server (VPS)

Once the OpenVZ/Virtuozzo container is created install the CentOS 5-x86_64 template into the container. Log into the VPS as root with an SSH client such as PuTTy. Another handy tool is WinSCP for browsing directories and editing files in a more intuitive Graphical environment.

If using 64bit get rid of all 32bit packages in the 64bit VPS. They are not necessary and may cause hard to find conflicts.

yum remove *.i?86

Clean out yum to ensure all cached packages and mirrored server references are removed.
yum clean all

Get rid of all installed groups except 'Yum Utilities' so we are starting with a clean slate. Check the delete list before entering 'y' to make sure none of these remove 'sshd' or 'yum' (they don't but check just in case things change with newer revisions).

yum grouplist installed

Installed Groups:
DNS Name Server
Editors
Legacy Network Server
Mail Server
Network Servers
System Tools
Text-based Internet
Web Server
Windows File Server
Yum Utilities

yum groupremove 'DNS Name Server'
yum groupremove 'Editors'
yum groupremove 'Legacy Network Server'
yum groupremove 'Mail Server'
yum groupremove 'Network Servers'
yum groupremove 'System Tools'
yum groupremove 'Text-based Internet'
yum groupremove 'Web Server'
yum groupremove 'Windows File Server'

If installing 64bit VPS edit yum.conf to prevent 32bit packages from being installed. If that happens it may have unintended consequences.
yum install -y nano
nano /etc/yum.conf

Add the following line.
exclude=*.i?86

(Ctrl-x> y >Enter)


Now update the base install
yum -y update

Install Asterisk/FreePBX required packages, other useful packages, and their dependencies

yum groupinstall core
yum groupinstall base

yum install gcc gcc-c++ wget bison mysql-devel mysql-server php php-mysql php-pear php-pear-DB php-mbstring nano tftp-server httpd make ncurses-devel libtermcap-devel sendmail sendmail-cf caching-nameserver sox newt-devel libxml2-devel libtiff-devel php-gd audiofile-devel gtk2-devel

Get rid of some unnecessary packages. I have no doubt there are many other packages that could be added to this list. These are the ones I found that are resident in memory by default. Since memory is at a premium on a VPS, removing these will help reduce the memory footprint.
yum remove yum-updatesd cups cups-lpd redhat-lsb autofs pcsc-lite smartmontools cpuspeed avahi

To prevent common udev problems in OpenVZ VPS do the following
nano +346 /etc/rc.d/rc.sysinit
Search for the following line and comment (#) it out and add the 2 lines immediately after
#/sbin/start_udev
/sbin/MAKEDEV tty
/sbin/MAKEDEV pty

(Ctrl-x> y >Enter)

Selinux is not compatible with OpenVZ. Create the following file and copy paste the contents indicated here just to be sure selinux never runs.

nano /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

(Ctrl-x> y >Enter)

Make sure selinux is turned off for this session
setenforce 0

Enable the tftp server on startup if required (for configuring phones on LAN or VPN)
nano /etc/xinetd.d/tftp
change “disable=yes” to “disable=no”
(Ctrl-X>y>ENTER)

Download and untar source files. Since this is a shared kernel environment we cannot make use of zaptel/dahdi hardware in the physical server and cannot install the zaptel/dahdi kernel module inside the virtual servers. The zaptel/dahdi kernel module must be installed on the host server kernel with some special configurations and sharing of files for each virtual server. This is only required for enabling meetme conferencing during Asterisk installation as of Asterisk 1.6.1 and will not be required at all eventually. This is all beyond the scope of this document. If you require meetme conferencing and have access to the host operating system you can complete this procedure in the VPS first and then return after zaptel/dahdi is installed on the host system and re-compile Asterisk with meetme conferencing enabled.

Install lame mp3 encoder (not recommended) if you plan to make use of mp3's for MOH. This is now a legacy feature as the default behaviour of Asterisk/Freepbx is to NOT use mp3's for anything. Freepbx by default now automatically converts uploaded mp3's to wav.
rpm -ivh http://apt.sw.be/redhat/el5/en/x86_64/RPMS.dag/lame-3.98.2-1.el5.rf.x86_64.rpm

Get FreePBX. Check if this is the latest released version.
cd /usr/src
wget http://mirror.freepbx.org/freepbx-2.6.0RC2.tar.gz
tar zxvf freepbx-2.6.0RC2.tar.gz

Get Asterisk and addons. Check if this is the latest released version of Asterisk and Asterisk addons
wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.6.0.17.tar.gz
tar zxvf asterisk-1.6.0.17.tar.gz

wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-addons-1.6.0.3.tar.gz
tar zxvf asterisk-addons-1.6.0.3.tar.gz

Configure and compile Asterisk
cd /usr/src/asterisk-1.6.0.17
make clean
./configure; make menuselect
select the core sounds you want. Same with addon sounds. I suggest ulaw as they sound better than gsm.
At menu press "x" to save

make
make install

Do NOT run "make samples". I have found it causes problems down the line with FreePBX. Not insurmountable but just more things to have to deal with that you probably don't want to.

Create users and set permissions
useradd -c "Asterisk PBX" -d /var/lib/asterisk asterisk

mkdir /var/run/asterisk
chown -R asterisk /var/run/asterisk
chown -R asterisk /var/log/asterisk
chown -R asterisk /var/lib/asterisk/moh
chown -R asterisk /var/lib/php/session

Music on Hold
Since the Asterisk default moh directory (/moh) and the Freepbx default moh directory (/mohmp3) are different we need to create a symbolic link so moh files are where FreePBX expect them to be.
ln -s /var/lib/asterisk/moh /var/lib/asterisk/mohmp3

The new default behaviour for Asterisk and Freepbx is to only use wav files for moh due to transcoding overhead and Asterisk stability issues with mp3's. So we want to install mpg123 for converting uploaded mp3's to wav automagically. If you won't be uploading or streaming mp3's or won't be using FreePBX (new) default behaviour then you probably don't need to install mpg123.

cd /usr/src
wget http://sourceforge.net/projects/mpg123/files/mpg123/1.9.1/mpg123-1.9.1.tar.bz2/download
tar -xjvf mpg123-1.9.1.tar.bz2

cd mpg123-1.9.1
make clean
./configure
make
make install

Freepbx php script cannot find mpg123 by default so we need to create a symbolic link.
ln -s /usr/local/bin/mpg123 /usr/bin/mpg123

Change User apache and Group apache to User asterisk and Group asterisk.

sed -i "s/User apache/User asterisk/" /etc/httpd/conf/httpd.conf
sed -i "s/Group apache/Group asterisk/" /etc/httpd/conf/httpd.conf

You can choose to change the default AllowOverride All to AllowOverride None to prevent .htaccess permission problems which can be frustrating to troubleshoot.
sed -i "s/AllowOverride All/AllowOverride None/" /etc/httpd/conf/httpd.conf

Before you can do anything to MySQL, you need to make sure it's running:

/etc/init.d/mysqld start
Initializing MySQL database: [ OK ]
Starting MySQL: [ OK ]

Now, to configure the databases for freePBX:
Note: If mysql admin password is already configured, add "-p" after the command and enter password when asked. For example, "mysqladmin -p create asterisk"

cd /usr/src/freepbx-2.6.0RC2
mysqladmin create asterisk
mysqladmin create asteriskcdrdb
mysql asterisk < SQL/newinstall.sql mysql asteriskcdrdb < SQL/cdr_mysql_table.sql They also need to be secured. FreePBX will prompt you for a database username/password when you do the install. You need to pick that now. We'll assume that you've picked 'asteriskuser' and 'amp109' - you probably shouldn't use these, as they are well known passwords for Freepbx. MySQL only listens to localhost by default so I would not get too paranoid about using these defaults. mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 8 to server version: 4.1.16 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> \q
Bye

Now, after all of this, you need to pick a root 'mysql' password. We'll make it 'abcdef' just for this example. You should use a reasonably strong password. If you need to do anything else with mysql, you'll need to provide this password.
mysqladmin -u root password 'abcdef'

Build the cdr_mysql module for Asterisk
cd /usr/src/asterisk-addons-1.6.0.3

make clean
./configure; make menuselect

You can check options but should leave all at default selections. At menu press "x"

make; make install

edit /usr/sbin/safe_asterisk and comment out TTY=9 to prevent errors in OpenVZ VPS
nano +5 /usr/sbin/safe_asterisk
#TTY=9

Prioritize Asterisk Process
Increase Asterisk process priority. You can experiment with different values and see what works best. I wouldn't go too high as it could cause other problems. From the command 'top' the PR column shows absolute priority and NI column is the relative number we add here. Default is 0 which gives Asterisk about the same default priority as httpd and mysql. 5-10 should give top priority without crippling critical background tasks. I believe you can go as high as 20. This is only a prioritization recommendation setting. The process scheduler still has ultimate authority so actual priority will vary from system to system depending on what else is installed.
nano +22 /usr/sbin/safe_asterisk
PRIORITY=10

(Ctl-x > y >ENTER)

Install FreePBX

/usr/sbin/safe_asterisk
If you didn't 'run make samples' when you installed asterisk you will probably get some warning messages saying no modules will be loaded. Just ignore and press 'ENTER' to get a command prompt.

cd /usr/src/freepbx-2.6.0RC2
./install_amp

If you get any warnings or errors in the last part of the output, they're usually not traumatic.
Leave AMPWEBADDRESS=xx.xx.xx.xx blank

nano /etc/amportal.conf
AMPWEBADDRESS=

To enable password protection of the Web GUI set:
AUTHTYPE=database

Default username is: admin
Default pw is: admin

Edit /etc/asterisk/cdr_mysql.conf and add 'loguniqueid=yes' to the global section

nano /etc/asterisk/cdr_mysql.conf
loguniqueid=yes

set FreePBX to start on boot
echo /usr/local/sbin/amportal start >> /etc/rc.local

Enable Apache and mysql to start on boot
chkconfig httpd on
chkconfig mysqld on
Now reboot at which point you should be able to access freePBX with your web browser. The very first thing you need to do when you enter the FreePBX Admin GUI for the first time is "Apply Configuration Changes" so all the *.conf files are created then reboot again or 'amportal restart' from command prompt.

To change the password for administrator "recordings" GUI (access to extension voicemail, call monitoring, recording etc.)
nano +73 /var/www/html/recordings/includes/main.conf.php

$ARI_ADMIN_PASSWORD ="password"

change the “max filesize” from 2M to 20M to allow larger music on hold files
nano +582 /etc/php.ini

Edit Apache web server for GUI access using a port other than 80 (optional):
nano /etc/httpd/conf/httpd.conf
change "Listen 80" to "Listen 8888" or whatever port you want

/etc/rc.d/init.d/httpd restart

Instead of accessing FreePBX by http://xxx.xxx.xxx.xxx
You now access it by http://xxx.xxx.xxx.xxx:8888
setup external sip extensions if going through NAT

nano /etc/asterisk/sip_nat.conf
nat=yes
externip= or
;externhost=yourdns.com
localnet=192.168.1.0/255.255.255.0
externrefresh=10

(Ctrl-X>y>ENTER)

Also, when adding the external SIP extension in FreePBX, make sure to change the nat=never default in the configuration to nat=yes for the extension that will be external.

logger.conf setup

By default, Asterisk/Freepbx installs with full (debug and verbose) logging enabled. This generates a significant amount of extra write activity to the hard drives and creates a very large "var/log/asterisk/full" log file in a short amount of time. After the initial settling in period when debug logging is no longer required it is a good idea to disable this to reduce the stress on the drives and extend their life.

nano /etc/asterisk/logger.conf

change
full => notice,warning,error,debug,verbose
to
full => notice,warning,error,verbose

you will need to restart Asterisk or type LOGGER ROTATE at the CLI to get this change to take effect (reload doesn't do it apparently).

logrotate setup

Set up configuration to rotate log files otherwise they get too big after a short while. Create the following file.

nano /etc/logrotate.d/asterisk

Now add the following to make sure the asterisk log files are rotated weekly along with all the other log files.

/var/log/asterisk/messages /var/log/asterisk/*log /var/log/asterisk/full {
missingok
notifempty
sharedscripts
create 0640 asterisk asterisk
postrotate
/usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null
endscript
}
Sendmail configuration

Edit /etc/aliases file and add a “root: username_to_forward_to” to forward all ‘root’ messages to your personal email address. Put in the full email address if it is not on the asterisk system itself.
Then run
/usr/bin/newaliases
to restart the service.
If emails are not received you must set up masquerading in sendmail. These still may be rejected if the email server requires the source of the email to also resolve to the same DNS that sendmail is masquerading as.
To enable this, add the following lines to the /etc/mail/sendmail.mc file:
MASQUERADE_AS(domain.com)dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(domain.com)dnl

Put a “dnl” in front of the line ”EXPOSED_USER (`root’) dnl”. This enables host masquerading for root as well which is disabled by default.
Update the Sendmail configuration files using the m4 macro processor to generate a new sendmail.cf file by executing the following command:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
To get the Sendmail macro file, the sendmail-cf package must be installed on the system.
After creating a new /etc/mail/sendmail.cf file, restart Sendmail for the changes to take effect. To do this, use the following command:
# service sendmail restart

nano /etc/asterisk/vm_general.inc

change serveremail=vm@asterisk to whom ever you want it to appear voicemail emails are coming from.


NOTE: If you are installing on a LAN or do not have a domain resolving to the IP of the VPS, Sendmail will hang for a couple minutes everytime you reboot. To prevent this your VPS hostname should end with .local or .localhost. So, for example, instead of naming the VPS hostname 'powerpbx' it should be named 'powerpbx.local'. The manual method is to edit your /etc/hosts file. There should be 2 lines.
127.0.0.1 localhost.localdomain localhost
yourIPaddress yourhostname.local yourhostname yourhostname

MySQL performance tuning for low memory
This will reduce memory usage significantly without affecting performance.

nano /etc/my.cnf
[mysqld]
.
.
.
skip-innodb
skip-bdb

(Ctl-x > y > ENTER)

From command prompt:
service mysqld restart

Bit of housekeeping
Asterisk installs *.sln sound files to the moh directory. FreePBX does not see *.sln files (yet) so they will not show up in the FreePBX moh GUI even though they will still play when people are put on hold. It's best to just delete these files to avoid confusion. Also, there is a bug in asterisk 1.6.1.x where MOH tries to play some text files in that directory that are just license information etc.. The result is MOH will intermittently stop working. If you are still running 1.6.1.x delete these text files as well.

rm /var/lib/asterisk/moh/*.sln

How to repair corrupt MySQL tables?

1] Check the permission and ownership of database i.e. it should be same below

Code: Select all
drwx-- 2 MySQL Server mysql cpanelusername_dbname.



2] If the permission are corrects but some error occurs then it seems that your database table may be corrupts then there are following way to repair the DB

a) Go to whm >>SQL Services >> Repair a Database >> select database name and click Repair Database.

b) Go to cpanel >> MySQL Server section MySQL Account Maintenance >> search database then click on Repair.

3] You can repair it though shell when mysqld server is running

i) login in MySQL Server to that particular user by using following command

Code: Select all
mysql>mysql -u databaseusername -p databasename



ii) select particular database

Code: Select all
mysql> use databasename;



iii) Check whether database table is corrupted or not if following command output shows null value then it should be corrupts otherwise it is fine

Code: Select all
mysql>show table status like table name \G; Or
mysql>check table tablename ;



iv)If it is corrupts then use the following command to repair that particular database table.

Code: Select all
mysql>repair table tablename;


4] You can repair it though shell when mysqld server is not running

Repairing MyISAM mySQL Tables/Databases:

Code: Select all
# cd /var/lib/mysql/DBNAME

# myisamchk tablename.MYI



Repairing ISAM mySQL Tables/Databases:

Code: Select all
# cd /var/lib/mysql/DBNAME
isamchk tablename.MYI


where

-c -> check database is corrupted or not
-r -> recorver
-o -> optimise the database

Installing Ubersmith on cPanel server

This document will guide you through the process of installing
Ubersmith on a server running cPanel.

Ensure that the required PHP4 modules are installed:

* php4-mysql
* php4-gd
* php4-curl
* php4-mcrypt

You may need to recompile Apache and PHP with the required modules.

Optionally install htmldoc, html2text, unrtf and catdoc

htmldoc is required to generate PDF invoices
html2text, unrtf and catdoc are required to extract text from incoming
tickets/attachments


Download the latest ubersmith tarball and extract it, then copy the
contents of the www directory to your web root, eg.

cd ~
wget http://download.ubersmith.com/ubersmith.tar.gz
tar zxvfp ubersmith.tar.gz
cd ubersmith/www
cp -a * .htaccess ~/yourdomain.com/public_html

Please ensure that the .htaccess file is copied correctly from the www
directory to your apache web root.

Copy the config.ini.php and token.xml.php files to the directory above
your web root and allow ubersmith to modify them, eg.

cd ..
cp token.xml.php config.ini.php ~/yourdomain.com
cd ~/yourdomain.com
chgrp nobody token.xml.php config.ini.php


Open http://yourdomain.com/ in your web browser, and you will be see
the Ubersmith setup wizard. Follow the directions in the wizard to
configure your Ubersmith instance.

Once finished, you must remove the setup directory before ubersmith
will run, eg.

rm -r ~/yourdomain.com/public_html/setup

Directory structure of Cpanel

Directory Structure of Cpanel
=======================

Apache
=======
/usr/local/apache
+ bin- apache binaries are stored here – httpd, apachectl, apxs
+ conf – configuration files – httpd.conf
+ cgi-bin
+ domlogs – domain log files are stored here
+ htdocs
+ include – header files
+ libexec – shared object (.so) files are stored here – libphp4.so,mod_rewrite.so
+ logs – apache logs – access_log, error_log, suexec_log
+ man – apache manual pages
+ proxy -
+ icons -

Init Script :/etc/rc.d/init.d/httpd – apache start script
Cpanel script to restart apache – /scripts/restartsrv_httpd

Exim
=====
Conf : /etc/exim.conf – exim main configuration file
/etc/localdomains – list of domains allowed to relay mail
Log : /var/log/exim_mainlog – incoming/outgoing mails are logged here
/var/log/exim_rejectlog – exim rejected mails are reported here
/var/log/exim_paniclog – exim errors are logged here
Mail queue: /var/spool/exim/input
Cpanel script to restart exim – /scripts/restartsrv_exim
Email forwarders and catchall address file – /etc/valiases/domainname.com
Email filters file – /etc/vfilters/domainname.com
POP user authentication file – /home/username/etc/domainname/passwd
catchall inbox – /home/username/mail/inbox
POP user inbox – /home/username/mail/domainname/popusername/inbox
POP user spambox – /home/username/mail/domainname/popusername/spam
Program : /usr/sbin/exim (suid – -rwsr-xr-x 1 root root )
Init Script: /etc/rc.d/init.d/exim

ProFTPD
========
Program :/usr/sbin/proftpd
Init Script :/etc/rc.d/init.d/proftpd
Conf: /etc/proftpd.conf
Log: /var/log/messages, /var/log/xferlog
FTP accounts file – /etc/proftpd/username – all ftp accounts for the domain are listed here

Pure-FTPD
=========
Program : /usr/sbin/pure-ftpd
Init Script :/etc/rc.d/init.d/pure-ftpd
Conf: /etc/pure-ftpd.conf
Anonymous ftp document root – /etc/pure-ftpd/ip-address

Frontpage Extensions
=================
Program – (Install): /usr/local/frontpage/version5.0/bin/owsadm.exe
Uninstall and then install for re-installations
FP files are found as _vti-bin, _vti-pvt, _vti-cnf, vti-log inside the public_html

Mysql
=======
Program : /usr/bin/mysql
Init Script : /etc/rc.d/init.d/mysql
Conf : /etc/my.cnf, /root/.my.cnf
Data directory – /var/lib/mysql – Where all databases are stored.
Database naming convention – username_dbname (eg: john_sales)
Permissions on databases – drwx 2 mysql mysql
Socket file – /var/lib/mysql/mysql.sock, /tmp/ mysql.sock

SSHD
======
Program :/usr/local/sbin/sshd
Init Script :/etc/rc.d/init.d/sshd
/etc/ssh/sshd_config
Log: /var/log/messages

Perl
====
Program :/usr/bin/perl
Directory :/usr/lib/perl5/5.6.1/

PHP
====

Program :/usr/local/bin/php, /usr/bin/php
ini file: /usr/local/lib/php.ini – apache must be restarted after any change to this file
php can be recomplied using /scripts/easyapache

Named(BIND)
============
Program: /usr/sbin/named
Init Script: /etc/rc.d/init.d/named
/etc/named.conf
db records:/var/named/
/var/log/messages

————————————————————————————————————————————–

Cpanel installation directory structure
=============================
/usr/local/cpanel
+ 3rdparty/ – tools like fantastico, mailman files are located here
+ addons/ – AdvancedGuestBook, phpBB etc
+ base/ – phpmyadmin, squirrelmail, skins, webmail etc
+ bin/ – cpanel binaries
+ cgi-sys/ – cgi files like cgiemail, formmail.cgi, formmail.pl etc
+ logs/ – cpanel access log and error log
+ whostmgr/ – whm related files

WHM related files
===============
/var/cpanel – whm files
+ bandwidth/ – rrd files of domains
+ username.accts – reseller accounts are listed in this files
+ packages – hosting packages are listed here
+ root.accts – root owned domains are listed here
+ suspended – suspended accounts are listed here
+ users/ – cpanel user file – theme, bwlimit, addon, parked, sub-domains all are listed in this files
+ zonetemplates/ – dns zone template files are taken from here

Common CPanel scripts
===================
cpanel/whm Scripts are located in /scripts/
+ addns – add a dns zone
+ addfpmail – Add frontpage mail extensions to all domains without them
+ addfpmail2 -Add frontpage mail extensions to all domains without them
+ addnetmaskips – Add the netmask 255.255.255.0 to all IPs that have no netmask
+ addnobodygrp – Adds the gorup nobody and activates security
+ addpop – add a pop account
+ addservlets – Add JSP support to an account (requires tomcat)
+ addstatus – (Internal use never called by user)
+ adduser – Add a user to the system
+ bandwidth – (OLD)
+ betaexim – Installs the latest version of exim
+ biglogcheck – looks for logs nearing 2 gigabytes in size
+ bsdcryptoinstall – Installs crypto on FreeBSD
+ bsdldconfig – Configures the proper lib directories in FreeBSD
+ bsdpkgpingtest – Tests the connection speed for downloading FreeBSD packages
+ buildbsdexpect – Install expect on FreeBSD
+ builddomainaddr – (OLD)
+ buildeximconf – Rebuilds exim.conf
+ buildpostgrebsd-dev – Installs postgresql on FreeBSD.
+ chcpass – change cpanel passwords
+ easyapache – recompile/upgrade apache and/or php
+ exim4 – reinstall exim and fix permissions
+ fixcommonproblems – fixes most common problems
+ fixfrontpageperm – fixes permission issues with Front Page
+ fixmailman – fixes common mailman issues
+ fixnamed – fixes common named issues
+ fixndc – fixes rndc errors with named
+ fixquotas – fixes quota problems
+ fullhordereset – resets horde database to a fresh one – all previous user data are lost
+ initquotas – initializes quotas
+ installzendopt – installs zend optimizer
+ killacct – terminate an account – make sure you take a backup of the account first
+ mailperm – fixes permission problems with inboxes
+ park – to park a domain
+ pkgacct – used to backup an account
+ restartsrv – restart script for services
+ restorepkg – restores an account from a backup file ( pkgacct file)
+ runlogsnow – update logs of all users
+ runweblogs – update stats for a particular user
+ securetmp – secures /tmp partition with options nosuexec and nosuid
+ suspendacct – suspends an account
+ unsuspendacct – unsuspends a suspended account
+ upcp – updates cpanel to the latest version
+ updatenow – updates the cpanel scripts
+ updateuserdomains – updates userdomain entries

Important cpanel/whm files
====================
/etc/httpd/conf/httpd.conf – apache configuration file
/etc/exim.conf – mail server configuration file
/etc/named.conf – name server (named) configuration file
/etc/proftpd.conf – proftpd server configuration file
/etc/pure-ftpd.conf – pure-ftpd server configuration file
/etc/valiases/domainname – catchall and forwarders are set here
/etc/vfilters/domainname – email filters are set here
/etc/userdomains – all domains are listed here – addons, parked,subdomains along with their usernames
/etc/localdomains – exim related file – all domains should be listed here to be able to send mails
/var/cpanel/users/username – cpanel user file
/var/cpanel/cpanel.config – cpanel configuration file ( Tweak Settings )*
/etc/cpbackup-userskip.conf -
/etc/sysconfig/network – Networking Setup*
/etc/hosts -
/var/spool/exim -
/var/spool/cron -
/etc/resolv.conf – Networking Setup–> Resolver Configuration
/etc/nameserverips – Networking Setup–> Nameserver IPs ( FOr resellers to give their nameservers )
/var/cpanel/resellers – For addpkg, etc permissions for resellers.
/etc/chkserv.d – Main >> Service Configuration >> Service Manager *
/var/run/chkservd – Main >> Server Status >> Service Status *
/var/log/dcpumon – top log process
/root/cpanel3-skel – skel directory. Eg: public_ftp, public_html. (Account Functions–>Skeleton Directory )*
/etc/wwwacct.conf – account creation defaults file in WHM (Basic cPanel/WHM Setup)*
/etc/cpupdate.conf – Update Config *
/etc/cpbackup.conf – Configure Backup*
/etc/clamav.conf – clamav (antivirus configuration file )
/etc/my.cnf – mysql configuration file
/usr/local/Zend/etc/php.ini OR /usr/local/lib/php.ini – php configuration file
/etc/ips – ip addresses on the server (except the shared ip) (IP Functions–>Show IP Address Usage )*
/etc/ipaddrpool – ip addresses which are free
/etc/ips.dnsmaster – name server ips
/var/cpanel/Counters – To get the counter of each users.
/var/cpanel/bandwidth – To get bandwith usage of domai

How to install the phpSHIELD Loaders on Linux-Windows server

How to install the phpSHIELD Loaders on Linux-Windows server?

The phpSHIELD is a software which is used to encode the php pages, It is an excellent product for encoding php files if you don’t require any time limiting, IP/Domain locking or the powerful licensing features contained within SourceGuardian . phpSHIELD protects your PHP Source Code with a powerful, easy to use encoder, which creates a native byte code version of the script and then encrypts it.

Most of application require the phpSHIELD loaders like the phpmotion …

How to install the phpSHIELD Loaders on Linux server?
• Download the appropriate OS version phpSHIELD Loaders though

http://www.phpshield.com/loaders/index.php URL

1.For Linux server

#cd /usr/src/
#wget http://www.phpshield.com/loaders/phpshield.loaders.linux.zip

2. For Windows Server

http://www.phpshield.com/loaders/phpshield.loaders.windows.zip

• uncompress the phpSHIELD loader zip file
• You will need to determine the path to your php “extensions library” use a phpinfo() file to check this. It will look something like this /usr/local/lib/php/extensions/no-debug-non-zts-20060613(example only)

Or

you can use following command on ssh shell to check extension library path

#php –i |grep extension_dir

• check the php version then you will then need to copy 1 file to this “extension library” folder. If php 5.2.X version is running on server then copy the phpshield.5.2.lin (for Linux server) OR phpshield.5.2.win (for Windows server) file to the “extensions library” location.
E.g.
cp -a phpshield.5.2.lin /usr/local/lib/php/extensions/no-debug-non-zts-20060613


• Open the php.ini configuration file (located in /usr/local/lib/ or you can use php -i |grep php.ini command to find exact running php.ini file location ), and add the following line below extension_dir line

extension="phpshield.5.2.lin" (for Linux server)

OR

extension="phpshield.5.2.win" (for Windows server)

That’s it , phpSHIELD Loaders is successfully installed on your server, You can verify it by creating php info file under your public_html folder,if it is sucessfully installed you will see following phpSHILED information in php info file.

phpshield How to install the phpSHIELD Loaders on Linux Windows server?

PEAR:Crypt_Blowfish

Sometime we get following error:

Error:

PROTX DIRECT: Your PHP installation does NOT have access to PEAR:Crypt_Blowfish on your server!

It would appear that the PEAR:Crypt_Blowfish package is not on your include path. Please check that Crypt_Blowfish is installed in your PEAR library.

Alternatively, your server may have more than one PEAR installation and the PEAR:Crypt_Blowfish package may not have been installed in the “correct” PEAR library folder - please check that you are using the correct PEAR library if you have more than one on your server.

Current Include Path: .:/usr/lib/php:/usr/local/lib/php

Safe mode in use?: no

open_basedir restricted directories


Solution:

pear install Crypt_Blowfish

It works fine for me.

Secure SSH

Any reference to editing the config file is refering to the file located at

/etc/ssh/sshd_config

and to edit this I recommend

pico /etc/ssh/sshd_config

Before you do any thing, you should back your config up. This can be done by:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak


##Different Ports and IPs##

If your clients do not have SSH access (web hosting for example), a good way to secure your box is to run SSH on an unknown port and IP, so that people do not know your SSH port, so can't brute force it.

Your current config file will look something like this (you will scroll down and see this)
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

They are all commented out with the #, You should change the port number away from port 22, This port will be used in future to access the server. A random port which has significance to you but one which people won't guess is a good one. For this tutorial I will use the port 2202 (the time of writing this tutorial). You want to remove the hash to make the line uncommented and change 22 to the new port. Your config at this point of the file willl now look like this:

Port 2202
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

This means from now on you will connect to ssh on port 2202. Another good way of making your SSH more secure is for it to bind on a different IP. Your best bet is to request an IP from FDC and ask for it to be in a different IP range to your current IPs. They should give you this. For the sake of the tutorial this ip will be 1.2.3.4. You do the same as before, but this time with listen address. So your config file (just under where it says
# default value
)
should now look like:

Port 2202
#Protocol 2,1
ListenAddress 1.2.3.4
#ListenAddress ::


##Disable Root Log In##

If you disable root log in, it means if someone is brute forcing your server, they have to find and crack a user accountbefore they can access the root account.

If we had of performed this root log in already on this server and made an ssh connection to the server but not yet logged in, but it had root SSH disabled, You would log in as a user account e.g. admin, onceyou had logged in you would get to your favourate shell screen:

admin@localhost [~]#

You would then issue this following command:

admin@localhost [~]# su -

You would then be asked for your root password which you would enter. You can try this without having root SSH disabled. In cPanel you have to add the user you are using before accessing the root account to the wheel in web host manager. This will allow only users in the wheel to be able to access SSH.

To disable root SSH login, return to editing the file, and scroll down to

# Authentication:

#LoginGraceTime 120
#PermitRootLogin yes
#StrictModes yes

And change it to

# Authentication:

#LoginGraceTime 120
PermitRootLogin no
#StrictModes yes

This has now disabled root ssh access. Before you do this, make sure you can log in as a normal user and then use su - to log in to root, if you cant then do not perform this step.

##Force SSHv2##

As the internet evolves, so do the protocols and programs that use them, as such SSHv2 was born. You can force clients to use SSHv2 for greater security. This is simple to do, edit the file and find the line:

#Protocol 2,1

and simply change it to

Protocol 2


Save the sshd_config file
issue the command:

service sshd restart

It should show:


Stopping sshd: [ OK ]
Starting sshd: [ OK ]

If it errors on starting sshd, you can restore the original config file by typing:

mv /etc/ssh/sshd_config.bak /etc/ssh/sshd_config

it will ask you if you want to overwrite, click yes then type:

service sshd start

and now you will get:

Starting sshd: [ OK ]

Install Teampeak Server

Login into server using root...
Step 1:

cd to The directory You want teampeak Installed I installed to /

Step 2:

wget The TS server from this URL
ftp://ftp.freenet.de/pub/4players/teamspeak.org/releases/ts2_server_rc2_20201.tar.bz2

Step 3:

Use the Following Command To Extract from bz2

bunzip2 ts2_server_rc2_20201.tar.bz2

Step 4:

Use the tar xvf command to Untar Your Server.

Step 5:

cd to tss2_rc2 directory

Step 6:

Use this Command to Start Your Server

./teamspeak2-server_startscript start

Step 7:

This Final Step Is used to View Your Teamspeak Passwords.

./teamspeak2-server_startscript passwords

You Should See something Like the Following.

superadmin = "password"
admin = "password"

You may Now Use Your Teamspeak Server To use the teamspeak Server Web Administration go to this URL

http://YOUR IP:14534/

Nobody Check

) Login to your server as the root user through shell
2) wget http://www.webhostgear.com/projects/nobodycheck/install.sh
3) chmod +x install.sh
4) ./install.sh
Wait for the installer to finish
5) rm -f install.sh
6) Open the /usr/local/nobody_check/nc.conf and put in your email address and select your options

CentOS
Fedora
Red Hat and Red Hat Enterprise systems