ClamAV is an popular open source anti-virus toolkit for *nix, and while many people don’t find much value in using antivirus software on Unix, it is very useful for email scanning.  cPanel’s implementation allows end users to run scans on their home folders, public FTP folders, mail, and public_html.

It’s really hard to install ClamAV on cPanel – if you’re too lazy to click a couple buttons.  Simply go to WHM > Manage Plugins and enable the ClamAV Connector, and you’re good to go.

After this is done, you can go to WHM > Configure ClamAV Scanner and set scanning options for the entire server or specific users:

You should now see a Virus Scanner option in cPanel. If you don’t, you may need to enable it in Feature Manager.

From here, cPanel users can run scans on any permitted items.

For administrators, here are a few quick commands that may be useful:

Update antivirus database:

freshclam

Scan a directory and print out infected files:

clamav -ri /home

Scan a directly and remove infected files and emails:

clamav -ri –remove /home

One user on the cPanel forums spent some time summarizing the four PHP handlers,currently available via EasyApache, into a neat little chart that makes it easy to do a quick comparison. With that user’s permission, I’m posting the chart here:

Click on the image for the original-sized diagram. Thanks to Miraenda from errorcodex.com for providing it!

I’m excited to announce that this year I will be speaking at the  cPanel conference, so if you haven’t yet registered, make sure you do it soon!  The conference will be held in cPanel’s hometown of Houston, TX at the Westin Oaks Hotel between Oct 4-6,2010.

My topic specifically will be covering full server automation from start to finish, essentially showing you how to deploy fully-configured cPanel servers with even touching a bash prompt.  You’ll learn where cPanel stores it configuration files, how to configure services using cPanel’s service templates, and what scripts will save you time by automating simple tasks.

Hope to see everyone there!

Update: Use the code cpanel-twitter to get 25% off your registration fee!

If you have a fully automated cPanel/WHM setup method used to deploy a large number of servers, you’ve probably found it to be annoying that upon loading WHM for the first time, you’re greeted with a setup wizard that you have to click through.  To skip this wizard, all you need to do is touch a file:

touch /etc/.whostmgrft

This will tell WHM to skip the setup wizard altogether. However, if you haven’t already, you’ll want to add the following pieces to your automation which are usually configured in the setup wizard:

• IMAP – /scripts/setupmailserver (courier | dovecot  | disabled)
• DNS – /scripts/setupnameserver (bind | nsd | disabled)
• FTP – /scripts/setupftpserver (pure-ftpd | proftpd | disabled)

You should also create the /etc/wwwacct.conf file, with the following contents:

ADDR 123.456.789.123
CONTACTEMAIL your@emailaddress
CONTACTPAGER
DEFMOD x3
ETHDEV eth0
FTPTYPE pureftp
HOMEDIR /home
HOMEMATCH home
HOST server.domain.com
LOGSTYLE combined
MINUID
NS ns1.yourdomain.com
NS2 ns2.yourdomain.com
NS3
NS4
NSTTL 86400
SCRIPTALIAS y
TTL 14400

Derived from : http://www.cpanel.net/blog/integration/2010/05/skipping-the-whm-getting-started-wizard.html

You can allow users to use their own configuration file for AwStats in case they are in need of customizations not provided by the server’s main config.  To enable this option, add the following to /etc/stats.conf:

allow_awstats_include=1

Alternatively, you can go to WHM > Statistics Software Configuration, and click on Allow Awstats configuration Include file

This will allow users to have an awstats.conf.include file in /home/$username/tmp/awstats, which can be used to override settings from the main AwStats configuration for the server.

There was a situation today where I had to mass-move a bunch of accounts from one partition to another.  WHM’s Rearrange an Account function does this one account at a time, but to move over 50 of them, a more scripted solution was necessary.  Here’s how I did it on a live server without causing any downtime:

Scenario: Moving over 50 cPanel accounts from /home4 to /home3 on a live dedicated server

Step 1: Grab the list of users

Done with a simple one-liner:

for user in `cat /etc/passwd | grep /home/ | cut -d: -f1` ; do echo $user >> /root/users ; done

Step 1: Rsync all the data over

This part can be fairly CPU-intensive, so you may want to bandwidth-limit or renice the rsync which will slow the transfer, even if done locally. You need to copy the data on one disk to the other:

for user in `cat users` ; do rsync -av --bwlimit=8000 --delete /home4/$user /home3 ; done

You may want to run this command a few times depending on how much data is being moved over.

Step 3: Update configuration

Paste the following commands into a file (replacing the partition names with the ones pertaining to your server), chmod 755, and run:

for user in `cat users` ;  do

replace /home4/ /home3/ — /var/cpanel/userdata/$user/*
replace /home4/ /home3/ — /etc/proftpd/$user
replace /home4/$user /home3/$user — /etc/passwd
ln -s /home3/$user /home4/$user
replace /home4/$user /home3/$user — /home3/$user/etc/*/passwd

done

Now, run:

/scripts/rebuildhttpconf && service httpd restart

service pure-ftpd restart (or proftp)

When you’re sure that everything is moved over, you can remove all the user data from the old partition.

cPanel currently has four templates that are visible to your users:

Default website: Appears to visitors who navigate to a site that points to the server but isn’t configured in Apache
Account move: Appears to visitors who navigate to a site that has moved
Connection selection: Appears to visitors who navigate to a site that is experiencing a connection or firewall problem
Account suspended: Appears to visitors who navigate to a site that has been suspended

You can modify the templates in WHM > Web Template Editor, but what if you have multiple servers you need to update templates for?

The templates are stored in a simple location:

/var/cpanel/webtemplates/$user/$language/$templatename.tmpl

$user : The reseller user (all accounts under this reseller will use its templates)

$language: The language in use for cPanel

$templatename: The name of the template, with .tmpl appended:

Default website: default.tmpl
Account move: moving.tmpl
Connection selection: redirect.tmpl
Account suspended: suspended.tmpl

This way, if you wanted to (for example) change all the suspended pages for accounts owned by root, simply drop your html code into the following file:

/var/cpanel/webtemplates/root/english/suspended.tmpl

The way cPanel works in regards to these templates, is to redirect all sites matching relevant situations (such as suspended websites) to a compiled CGI file in /usr/local/cpanel/cgi-sys:

movingpage.cgi
defaultwebpage.cgi
suspendedpage.cgi
redirect.cgi

The files load up the template and serve them to the visitor reaching the website or cPanel for the account in question.

We’ve developed our first cPanel 11.25 cheat sheet, now available for your downloading pleasure.  The sheet is comprised of common file, script, and configuration locations for help at a quick glance.

File: cPanel 11.25 Cheat Sheet (31.99KB) Added: 07/02/2010 Downloads: 1890 Description: cPanel ports, file/folder locations, scripts, and log locations

More cheat sheets will be available soon! Check back on our Cheat Sheets page for more.

Cpanel 11.25 restructured the way that bandwidth RRD files are being processed, in that each service has two RRD files – one for peak, and one for rate.  The “peak” file is used for long timespans of a month or longer, and the “rate” file covers a timespan of a week or less.  The following is an example of files that would be created for domain.com:

domain
domain.com.5min
domain.com.hour
domain.com
domain.com.5min
domain.com.hour

Re rebuild the RRD databases for a user, run:

/usr/local/cpanel/bin/rebuildbwrrd <user>

To do this for the entire server:

/usr/local/cpanel/bin/rebuildbwrrd –all

Beware though that cPanel 11.25 requires a  bit more disk space for the new bandwidth graphs, so if you have /var on a separate partition and there won’t be enough room, I recommend doing the following:

mv /var/cpanel/bandwidth /home

ln -s /home/bandwidth /var/cpanel/bandwidth

You’re basically moving the bandwidth graphs to another location and linking them to /var/cpanel/bandwidth.

CPanel utilizes a script called “optimizefs” that removes the atime attribute from certain files on the system. For larger servers, this can create a lot of i/o load for a problem that can be fixed simply by mounting your file systems with the noatime flag if your file system is ext2 or higher.

The atime attribute is used by Linux to mark when a file was last accessed, and is understood to be a resource drain when enabled for an entire filesystem.  cPanel attempts to address this by removing atime attributes from a specific list of files.  You may see a command like this in your root crontab:

45 */8 * * * /usr/bin/test -x /usr/local/cpanel/bin/optimizefs && /usr/local/cpanel/bin/optimizefs

This cron basically applies the following command to a number of files and directories:

chattr +A /path/to/file/or/directory

Instead of using cPanel’s band-aid fix, it’s preferred to remove the atime attribute from the filesystem altogether. To do this, add noatime to the file system properties for each usable partition listed in /etc/fstab. For example:

LABEL=/ /  ext3    defaults,usrquota,noatime 0 0
/tmp /var/tmp ext3    defaults,usrquota,bind,noauto,noatime 0 0

Then remount each file system. For the example above using the root partition ( / ):

mount -o remount /

*In some cases, a reboot may be necessary

Now, you can remove the cron job and still get the same benefits of not having your operating system record file access times:

sed ‘/optimizefs/d’ -i /var/spool/cron/root && service crond reload

Additional Resources:

http://www.faqs.org/docs/securing/chap6sec73.html