Single cPanel Account Backup Restore using SSH

You can backup a single cPanel account trough ssh using pkgacct cPanel script located at /scripts folder on your server. This tip is helpful for WebHosting companies that uses cPanel as Hosting control Panel

– Login to your cPanel server as root.

To backup a sigle account use the next commands:
# cd /scripts
# ./pkgacct username
These commands will crate a file named “cpmove-username.tar.gz” on /home directory. And this is the file you need to restore on this server latter or on other server.

How to restore cPanel sigle account on other server

You just need to upload “cpmove-username.tar.gz” to the server you want to restore it or you can do it in the first server if you want. To upload you can use ftp, rsync or scp.

Restoring cpmove-username.tar.gz:

– “cpmove-username.tar.gz” should be on /home directory

Run the next command:
# /scripts/restorepkg username

It will restore homedir, dbs, mail, all the old cPanel account.

Recovering the root password from the boot loader (GRUB)

When GRUB loads up, select the Red Hat Linux entry on the GRUB menu and then press “e” to edit the boot configuration.

Locate a line like this:

kernel /boot/vmlinuz-x.x.xx-x.xxx root=LABEL=/hdc

– type the number ‘1’ at the end.

Doing so boots the computer into run level 1- single user mode you will automatically be logged in as root.

Type ‘passwd’ at the prompt, now you can enter a new password here.

How To Install RvSiteBuilder

Note: you need to get a license from RVSiteBuilder website.

Installing RVSiteBuilder:
# cd /usr/local/cpanel/whostmgr/docroot/cgi/
# rm -f rvsitebuilderinstaller.tar
# wget http://download.rvglobalsoft.com/rvsitebuilderinstaller.tar
# tar -xvf rvsitebuilderinstaller.tar
# chmod 755 addon_rvsitebuilder.cgi

Now open WHM, ->> Add-ons section ->> RVSiteBuilder Installer menu. Click RVSiteBuilder Installer to begin the installation process.

WHM/CPanel Log View

LogView is an exclusive! add-on product for cPanel servers running on Linux.
LogView features:

*
This script provides provides a graphical interface for cpanel severs, extending WHM features which previously needed to be performed using command line instructions. LogView makes it simpler with fewer tasks to view system logs.
*
logview allows you to easily view logs, and view the content of the logs. Since LogView uses a graphical interface it eliminates the need to login using any SSH2 programs or any confusing commands.

LogView Install Instructions

* Login (SSH) to your server as a root user
* wget http://www.logview.org/logview-install
* chmod +x logview-install
* ./logview-install
* Wait for install complete message
* rm -f logview-install

LogView is now installed on your server!

* Login to WHM
* Go to Add-Ons >> LogView – File System Log Viewer
* Start using LogView

LogView UN-Install Instructions

* Login to your server as a root user
* wget http://www.logview.org/logview-uninstall
* chmod +x logview-uninstall
* ./logview-uninstall
* Wait for uninstall complete message
* rm -f logview-uninstall

LogView has been un-installed

Browse windows shares via Nautilus

To browse your Samba or MS Windows shares open Nautilus manager, and type the following in the address bar:
smb://delta/mp3

Where,

* delta: is a server (Samba or Windows) name
* mp3: share name you trying to access

If your system account (login name) is not configured properly, you may be prompted for your Windows or Samba username and password. Once you are authenticated you will be able to browse your shares.

UNP extract

unp is a small perl script which makes extraction of any archive files a bit easier. It support several compressors and archiver programs, chooses the right one(s) automatically and extracts one or more files in one go.

You may also want to install some non-free packages like “unace” (not in Debian)
and “lha” to extract archives of these types.

unp installation in debian

#apt-get install unp

that’s it installation completed now.If you want to use unp follow the below examples

Examples how to use unp

unp *.tar.gz
unp *.tar.bz
unp *.rpm
unp *.deb
unp *.zip
unp *.rar

For more details check man page below

unp man page

NAME
unp – a shell frontend for uncompressing/unpacking tools

SYNOPSIS
unp [-u] file [ files … ] [ — backend args … ] ucat file [ files … ]

unp is a small script with only one goal: Extract as many archives as possible, of any
kind and from any path to the current directory, preserving the subdirectory structure
where needed. Is a Do-What-I-Want utility and helps managing several extraction programs without looking for needed options for the particular tool or worrying about
the installation of the needed program.

Run unp without arguments to see the list of supported archive formats.

The special version ucat acts as wrapper for commands that can output the extracted
data to standard output, like bzip (bzcat), gzip (zcat), tar,zip and others.

USAGE
unp extract one or more files given as arguments on the command line. Additionaly, it may pass some options to the backend tools (like taroptions) when they are appended after `–´.

There is also a special option (-u) which is very usefull for extracting of Debian packages. Using -u, unp extracts the package (i.e. the ar archive) first, then extracts data.tar.gz in the current directory and then control.tar.gz in control//.

NOTES
unp will try to decompress into a FILE.unp if it get trouble with existing files. But don’t count on this feature, always look for free working space before using unp.

In contrary to gunzip which decompresses the file in the target directory of the source file,unp will use current directory for output.

Ubuntu users can follow the same procedure.

Disable SSLv2 on cPanel and Apache Ports

On this post we are going to show how to quickly patch a common PCI Vulnerability Alert that says something like this:
“The remote service appears to encrypt traffic using SSL protocol version 2?.

In Apache common ports 80 and 443, you need to modify the SSLCipherSuite directive in the httpd.conf or ssl.conf file.
An example would be editing the following lines to something like:

1.
SSLProtocol -ALL +SSLv3 +TLSv1
2.
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

After you have done this, if you see you are still getting PCI Compliance vulnerability emails regarding to this issue its probably that cPanel is still allowing SSLv2 on their ports.

To quickly disable SSL version 2 on cPanel ports: 2082, 2083, 2086, 2087, 2095, 2096. You will need to do the following:

edit /var/cpanel/cpanel.config and change nativessl=1 to nativessl=0

This will make cPanel to use sTunnel.

edit /usr/local/cpanel/etc/stunnel/default/stunnel.conf

and add:

1.
options = NO_SSLv2

just below the “Authentication stuff” tab.

After you have done all this you will need to restart cPanel:

1.
/etc/init.d/cpanel restart

Done!

How to quickly check this?

SSH to your server and type the following commands

1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2083
3.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2087
4.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2086

If everything is fine you should receive something like this,

1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
CONNECTED(00000003)
3.
write:errno=104