Chkrootkit outputs hidden processes and LKM warnings.
The LKM appear whenever “hidden” processes are found. They’re usually processes that have started between the different checks that chkrootkit runs while processing. Usually, they’re named mysql httpd or exim processes. You can get more information about which processes are being caught using:
cd /root/chkrootkit-0.*
./chkrootkit -x lkm
When you run it you will probably find that it returns anything from none to several process
Deleting Stats logs daily in cPanel
Deleting Stats logs is something that is enabled on most servers but one does encounter servers with a full domlogs directory. To delete those logs you can follow these steps.
First step is to check how large are the apache domain logs, you can check those on a cPanel server by running “du -hs /usr/local/apache/domlogs”. If the size of those logs is large, then you may want as much free space as possible. Login to WHM and click Tweak Settings. Within that menu click “Delete each domain’s access logs after stats run” which will enable this and click ‘Save’. Now at the end of the stats run every night it will wipe out the directory so you should not have the logs grow very large, unless of course your server is very busy.
Apache cPanel SSL Cert Installation
Installing your cPanel SSL Certificate
The following instructions are for cPanel 11. If you have a different version of cPanel, you will go through a similar process but you may need to ask your web host for specific instructions.
1.Download your Intermediate and Primary Certificate files from your certificate provider to the directory where you will keep your certificate and key files.
2.Login to your cPanel control panel.
3.Find and click on SSL/TLS Manager.
4.Click on Generate, view, upload, or delete SSL certificates.
5.Under the Upload a New Certificate section, click on the Browse button and find your Primary Certificate (yourdomain.crt) that you downloaded in the first step.
Using the Password Generator
cPanel provides a helpful tool for generating secure passwords that are difficult for malicious users to guess. You can use the Password Generator anywhere the button is available.
When the Password Generator button is clicked, the new password will appear in the text box within the pop-up window. If the password in the text box is not suitable, you can click Generate Password as many times as you like, until you are satisfied with the password.
To dictate the contents of the new password:
Click Advanced Options.
Click the checkboxes to include or leave out uppercase letters, lowercase letters, numbers, or symbols. You can specify the length of the password in the Length text box.
Click the checkbox at the bottom of the pop-up window if you have copied the password in a safe place.
Click Use Password to use the password you have just generated.
Apache Handlers, running html as php
Apache handlers allow you to control what Apache will do with certain file types. When Apache sees a file, it has an action built in for that file type, and will perform that action.
If you wish Apache to do a different action, you will need to make a handler to tell Apache to perform that action. For example, if you use a file type that requires a special service to run it, such as a file with server side includes that is not named with a .shtml extension, you need to tell Apache to treat these files differently.
To get regular html pages to handle php code, you need to add this line to your htaccess file.
AddHandler application/x-httpd-php5 .html .htm
It is highly recommended that you never allow html pages to automatically handle php or shtml, because this forces all of your html pages to be processed by the server first. Instead, please rename your files to .php or .shtml whenever possible.
