The cPanel & WHM update script (/scripts/upcp)
This script handles most of the updates on your cPanel & WHM system. You can run this script in 2 ways:
* On the command line, by entering /scripts/upcp as the root user.
* In WHM, using the Upgrade to Latest Version feature at Main >> cPanel >> Upgrade to Latest Version.
In addition to updating cPanel & WHM, this script also updates most of the software on your system by calling a number of other scripts within the /scripts directory.
Cpanel software update scripts description
In addition to /scripts/upcp
Update System Software Updates your system software. This script is essentially the same as running yum update.
Update Server Software Updates software dependencies required by cPanel that are provided by the operating system.
There are a number of scripts that update applications installed with cPanel.
cpanelsync’s Exclude Functionality
Setting cPanel-distributed files to immutable will cause a variety of problems. If you wish to prevent cPanel from updating certain files, do not make the files immutable. Instead, enter those files’ paths in /etc/cpanelsync.exclude.
Each entry in the /etc/cpanelsync.exclude file must use a fully specified path, with each path on its own line.
For example, if you wish to prevent the following files from updating:
/usr/local/cpanel/scripts/pkgacct
/usr/local/cpanel/Cpanel/Logd.pm
Add the files’ paths to /etc/cpanelsync.exclude using the following 2 commands:
echo “/usr/local/cpanel/scripts/pkgacct” >> /etc/cpanelsync.exclude
echo “/usr/local/cpanel/Cpanel/Logd.pm” >> /etc/cpanelsync.exclude
Note: This method only prevents the cpanelsync utility from updating files. It does not prevent updates that occur at application runtime. You cannot use cpanelsync.exclude to prevent modifications to configuration files, datastores, or similar types of files.
Reference: http://cpanel.net
cpdavd error and license log file.
cpdavd_error_log — A file that contains a record of errors that were encountered by cpdavd. This file can be found at /usr/local/cpanel/logs/cpdavd_error_log.
license_log — A file that contains a record of errors that were encountered when cPanel checked its license. This can be found at /usr/local/cpanel/logs/license_log.
Securing SSH
Restricting and properly configuring SSH access is an essential step in securing your server.
You can find the SSH configuration file at /etc/ssh/sshd_config
To edit this file, you will need to log into your server as the root user. Once you have logged into your normal user account via SSH, you can become the root user by using the su command. For example:
user@example.com [~]# su -
Password:
root@host [~]#
Editing the SSH Configuration File
To change specific parameters within sshd_config, you need to uncomment the line by removing the number-sign (#) and changing the value for the line. For example, the default SSH port appears in a line like this:
To change the SSH port to 456, you will need to make the line appear like this:
