If you’re currently using cPanel along with ProFTPd as your default FTP service and you are getting disconnection nor timeout issues while trying to edit a file or uploading/downloading it’s probably because cPanel leaves the Timeout settings for ProFTPd with default settings.
Due this, you will need to edit your ProFTPd configuration file and add custom timeouts to make it work properly.
Add the following Timeout settings below the comments (#’s):
TimeoutLogin 120
TimeoutIdle 3600
TimeoutNoTransfer 3600
TimeoutStalled 3600
Save and quit editting proftpd.conf and restart the service.
Try again and let us know if you continue experiencing disconnection issues.
Tags: cpanel proftp, cPanel Support, proftpd disconnect issue, proftpd timeouts
This explanation tells you how to disable open_basedir in plesk without breaking/commenting your current httpd.conf basedir lines.
Create a new file, called vhost.conf
This file will include anything you want to disable from httpd.conf main config from your virtual host.
-
# touch /var/www/vhosts/yourdomain.com/conf/vhost.conf
Now we edit the file and we add the following,
-
# vi /var/www/vhosts/yourdomain.com/conf/vhost.conf
<Directory /var/www/vhosts/yourdomain.com/httpdocs>
php_admin_value open_basedir none
</Directory>
Once you finish adding the mentioned lines, its time to reconfigure and restart the webserver config.
-
# /usr/local/psa/admin/sbin/websrvmng -v -a
open_basedir for yourdomain.com should be disabled by now.
Tags: Disable open_basedir in Plesk, Plesk Support
Quick steps to install YUM on the mentioned OS versions.
First off you will need to install a key from the centos mirrors:
rpm –import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-4
Download all the necessary packages:
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/libxml2-2.6.16-12.6.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/libxml2-python-2.6.16-12.6.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/sqlite-3.3.6-2.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/rpm-python-4.3.3-32_nonptl.i386.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm
wget http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/yum-2.4.3-4.el4.centos.noarch.rpm
Install all the packages
rpm -Uvh libxml2-2.6.16-12.6.i386.rpm
rpm -Uvh libxml2-python-2.6.16-12.6.i386.rpm
rpm -Uvh python-elementtree-1.2.6-5.el4.centos.i386.rpm
rpm -Uvh sqlite-3.3.6-2.i386.rpm
rpm -Uvh python-sqlite-1.1.7-1.2.1.i386.rpm
rpm -Uvh rpm-python-4.3.3-32_nonptl.i386.rpm
rpm -Uvh python-urlgrabber-2.9.8-2.noarch.rpm
Finally install YUM,
rpm -Uvh yyum-2.4.3-4.el4.centos.noarch.rpm
YUM should be installed by then.
Finally, type:
to put your system up to date.
Tags: cPanel Support, install yum, install yum on centos
Sometimes when you issue a yum install ‘package’ yum stalls on ‘Parsing package install arguments’ message without downloading any package or showing us anything.
To quickly fix this do the following:
First, type ctrl+c and quit the yum process
-
killall -9 yum
-
rm -Rf /var/lib/rpm/__db.*
At this point, retrying the hung yum command should succeed.
You will probably need to run ‘yum clean all’ after cleaning up the above mess before yum can make progress.
Tags: parsing package install arguments, yum not working, yum stalled, yum stuck
On this post we are going to show how to quickly patch a common PCI Vulnerability Alert that says something like this:
“The remote service appears to encrypt traffic using SSL protocol version 2″.
In Apache common ports 80 and 443, you need to modify the SSLCipherSuite directive in the httpd.conf or ssl.conf file.
An example would be editing the following lines to something like:
-
SSLProtocol -ALL +SSLv3 +TLSv1
-
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
After you have done this, if you see you are still getting PCI Compliance vulnerability emails regarding to this issue its probably that cPanel is still allowing SSLv2 on their ports.
To quickly disable SSL version 2 on cPanel ports: 2082, 2083, 2086, 2087, 2095, 2096. You will need to do the following:
edit /var/cpanel/cpanel.config and change nativessl=1 to nativessl=0
This will make cPanel to use sTunnel.
edit /usr/local/cpanel/etc/stunnel/default/stunnel.conf
and add:
just below the “Authentication stuff” tab.
After you have done all this you will need to restart cPanel:
-
/etc/init.d/cpanel restart
Done!
How to quickly check this?
SSH to your server and type the following commands
-
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
-
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2083
-
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2087
-
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2086
If everything is fine you should receive something like this,
-
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
-
CONNECTED(00000003)
-
write:errno=104
Tags: disable SSLv2, Disable SSLv2 on cPanel and Apache Ports, PCI Compliance Vulnerability, SSL Protocol Version 2 Detection