When new accounts are created in cPanel/WHM, the system automatically copies a set of default files from the skeleton directory into the user’s home directory. This mechanism is often overlooked, but with some creativity, it can become a powerful way to automate onboarding, enforce standards, and pre-deploy useful files. Where Is the Skeleton Directory? […]
Custom Skeleton Directory Tricks for cPanel Read Post »
The cPanel control panel’s extensibility through custom plugins is one of its most powerful features for web hosting providers and system administrators. Whether you need to integrate third-party services, automate specific tasks, or provide custom functionality to your users, building cPanel plugins using the official API framework gives you the flexibility to extend cPanel’s capabilities
Building Custom cPanel Plugins Using the cPanel API Framework Read Post »
If you’re on a cPanel server, you’ve probably noticed a sizable folder called ‘virtfs’ sitting in /home, which would appear at first to be using a ton of space. Your first inclination might be to delete it, but don’t! Most likely, the files in that folder are actually just hard links or bind mounts and
Safely Removing virtfs on a cPanel Server Read Post »
Note: This is an update from our 2011 post. If you’ve taken a peek at your PCI scan results lately, you may have noticed that your scan provider is now requiring OpenSSH 6.6 or higher due to CVE-2014-2532 – a version that is not currently available in the CentOS 5 or 6 repositories. A Yum update isn’t going
Upgrading OpenSSH on CentOS and AlmaLinux Read Post »
UPDATE 6/18: Shortly after this was posted and one of the major hosting companies I’m affiliated with removed BetterLinux from their servers due to stability problems, BetterLinux announced that they are shutting down, effective July 1st. Customers ask us all the time whether they should use CloudLinux or BetterLinux on their servers, and what differences exist
CloudLinux or BetterLinux? Read Post »
The latest security buzz this month is about the SSLv3 POODLE vulnerability, and how SSL version 3.0 is now officially designated as insecure, joining its predecessors versions 1.0 (unreleased) and 2.0. This effectively concludes the life cycle of the SSL protocol in favor of TLS. This post will give you a brief overview of what POODLE
de-POODLE-ing: How to Disable Support for SSLv3 on a cPanel Server Read Post »
Web hosts often shy away from the idea of allowing SSH access to their clients on shared servers, typically due to security concerns bred by the hosting industry. Some of the largest providers, however, are now offering SSH to make their services more functional for advanced users, so now we are often asked whether allowing SSH as a feature is a
SSH Security for Shared Hosting Read Post »
Over the past few days, we have received an overwhelming number of questions about the OpenSSL Heartbleed bug and how cPanel system administrators should be handling this. First of all, if you haven’t read Codenomicon’s write-up on the bug, which thoroughly explains what it is, you should look visit heartbleed.com. Because their website already covers
OpenSSL Heartbleed Bug and What You Need to Know Read Post »
There comes a time in every sysadmin’s life where filesystem errors just…happen. Luckily, these are somewhat easy to fix, assuming you don’t have a greater problem involving physical hardware damage. First, you need to know the name of the disk device having the problem. Do a quick df to see what device the affected partition
How to FSCK a Linux Filesystem Read Post »
