cPanel 11.44 introduces a new feature fresh from their feature request system that now allows server administrators to deploy the configuration of one server to multiple servers in what the they call a “configuration cluster”. It will start by offering this capability to just the cPanel update preferences, but will eventually be expanded to work with […]
cPanel Configuration Clusters and Security Considerations Read Post »
Over the past few days, we have received an overwhelming number of questions about the OpenSSL Heartbleed bug and how cPanel system administrators should be handling this. First of all, if you haven’t read Codenomicon’s write-up on the bug, which thoroughly explains what it is, you should look visit heartbleed.com. Because their website already covers
OpenSSL Heartbleed Bug and What You Need to Know Read Post »
Us administrators eventually come to the realization that when you have a wildcard SSL certificate for 40 subdomains, you can’t practically have separate IPs and cPanel accounts for all of them. If you have a wildcard SSL certificate for all your su cheap kamagra bdomains, you can easily install the certificate on a single IP
Wildcard SSL Installation Script Read Post »
The cPanel security team found an issue in Exim that can potentially allow a user on the system to potentially run commands as the root user. Luckily, cPanel has already released a patch which is available for immediate download via their Exim upgrade script. If your system is set to update cPanel automatically, you may
Exim Privilege Escalation in 4.69-23 Read Post »
I love waking up in on a nice Saturday morning to find out that one of my servers was rooted. A two-year-old kernel issue in Redhat distributions has surfaced in the form of a nasty exploit byAc1db1tch3z. Basically, a 32-bit binary is compiled and loaded to the server, and when run by any users (even
Nasty Kernel Exploit in the Wild Read Post »
ClamAV is an popular open source anti-virus toolkit for *nix, and while many people don’t find much value in using antivirus software on Unix, it is very useful for email scanning. cPanel’s implementation allows end users to run scans on their home folders, public FTP folders, mail, and public_html. It’s really hard to install ClamAV
Installing ClamAV on a cPanel Server Read Post »
I wrote this nice one-liner for a user in the cPanel forums asking how to change all their current default addresses to :fail: – http://thecpaneladmin.com/files/changedefaultaddr.sh.txt Before you do anything like this, you should back up /etc/valiases. Keep in mind also that you can change the default address for new accounts in WHM > Tweak Settings.
Mass Change Default (Catch All) Addresses Read Post »
This article will not go into detailed technicalities on identifying, troubleshooting, tracing, and fixing hacks. These topics are far too broad to cover in a single article, and is outside the scope of this article’s intent. This guide is to help you, the system admin, come up with a plan to handle situations involving breached
Dealing With Hacked Sites Read Post »
A lot of hosts that deploy a large number of servers are automating updates instead of running them manually. While cPanel updates can be automated as well, it’s become a common question of how to automate Apache and PHP updates across a large number of servers without having to manually run EasyApache on each server,
Automating Apache and PHP Updates Read Post »
