Error

HTTP error 401 Invalid security token

or

HTTP 404 Error after Login to cPanel

Cause:

Current cPanel theme assigned to the user account may not working or not available in the server. So changing the theme to another will solve the issue.



Solution


Change current theme of cPanel



Front End:

1. Login to WHM as root user.

2. Main >> Account Functions >> Modify an Account

3. Check  'cPanel Theme' given for the specific account which you have problem. change it then save the changes.

4. Try login to your account again.


Back End:

1. Login as root user via ssh.

2. Open edit the file, /var/cpanel/users/<username>
    change the RS value in the file to x3

3. restart cPanel service.

Error on starting railo service.
When starting Railo, it will show Railo service started but when checking the railo status 'No PID Found'
Also there will be errors like the following in the catalina.out log file.

# cat /opt/railo/tomcat/logs/catalina.out

Error occurred during initialization of VM

Could not reserve enough space for object heap

Solution
--------

As we see the error log file, we can assume that the error is related to memory.
As Railo runs on JVM, memory issue related to java.

Java's Memory initiations is done by reading the script file,  setenv.sh.

By default it is as shown below,

# cat /opt/railo/tomcat/bin/setenv.sh

JAVA_OPTS="-Xms64m -Xmx256m -XX:MaxPermSize=64m ";   # memory settings

export JAVA_OPTS;

If there is any problem in starting Railo,change the memory parameters to default.

By effectively changing these parameters, Railo performance can be increased.

In some cases when you try to change user account password through front end, it will show that password changed successfully and when you try to login it will show authentication failure.

How to change cPanel password from command line or terminal ?

cPanel password of a domain can be changed from command line using cPanel script. Given below are the steps to do the same.

1. Login to your server as root via SSH.

2. Execute the following script from the command line.

/scripts/chpass [username] [password]


Replace [username] with the cPanel user name of the domain & [password] with the new password.

3. Synchronizing the new password with FTP password;

In cPanel/WHM servers, whenever a new account is created in WHM, by default a FTP account is created. The cPanel password and FTP password are synchronized. Use the following command to synchronize the new password with FTP password.

/scripts/ftpupdate

When you login to a account in cPanel for viewing awstat results, you may see all the entries in the awstat result showing Zero usage.

Cause:

Awstat update in Browser view is by default disabled in the user account.

Solution:

You can enable Browser view of Awstat by following the steps as described below.

1. Login to user's home directory which you want to enable Browser view.

2. Change directory to /home/<user>/tmp/awstats/

3. Open the file awstats.<domain>.conf

4. Search for the line AllowToUpdateStatsFromBrowser in the awstats.<domain>.conf file

5. By default AllowToUpdateStatsFromBrowser=0
   Change it to AllowToUpdateStatsFromBrowser=1

6. After you have done all the above steps, take awstats option in cPanel. You can see a button 'update' in there. Just click it and see your awstat results.

Error:

This file is too big. Files must be less than 1500 KB in size

Cause:

In WordPress, by default Max upload file size is set to 1500 KB.

Solution:

1. Login to wp-admin

2. Click on My Sites >> Network Admin

3. Settings >> Network Settings

4. You can see an option there to set Max upload file size. Set it as what you wish and save changes. This should resolve your issue.


After the above changes, try uploading once again. If the problem still persists, you have to check the back end wordpress files were changed with these settings or not. Follow the steps given below to verify it.


1. Login to users's wordpress-document root and issue the following command to find the files which containing the entries regarding the Max upload file size.

2. # grep -irl "fileupload_maxk" .

3. Open all the php files listed by the above command and check the file size given in "get_site_option( 'fileupload_maxk', XXXX ) " is changed to newly updated size. If it is still 1500, change it.

Open the files and search the lines which contain 'fileupload_maxk'.
You can see the the number specified for  Max upload file size in that line. File size is specified in KB.

Error:

When you try to send mails from any email client using cPanel, you may see the following error flashed

SMTP Error (451): Failed to set sender "test@example.com"  (Temporary local problem - please try later)

Solution:

Let you are trying to send mail from "test1@yourdomain.com" to "test@example.com"

If "test1@yourdomain.com" is using local mail server, the command given below must display "yourdomain.com" as result.

# cat /etc/localdomains | grep yourdomain.com
 
If the output is null, add an entry for "yourdomain.com" in /etc/localdomains.

Also remove the entry of "yourdomain.com" in /etc/remotedomains if there exists one.

MANY TOOLS IN ONE

http://network-tools.com

PING

http://tools.pingdom.com

You can use the above site used to check whether a domain is loading slowly by checking its ping result.

http://www.just-ping.com

It is an online web-based ping: Free online ping from 50 locations worldwide.

UNIX TimeStamp Converter

http://www.epochconverter.com

You can use the above site to find the date and time used in Unix. It will help you to check the time in which a cpanel backup is created by checking the unix time given in /backup/cpbackup/ daily | weekly | monthly /cpbackupstatus.cfg file.

DNS

http://www.intodns.com

You can use the above site to check the DNS information of a domain.

PROXY

http://www.internetbypass.com

The given site is a proxy site. There are a lot of proxy site available. You can use proxy sites when your IP is blocked in the server. You can access websites using proxy sites even the firewall rules is enabled to block certain IPs.

WHOIS

http://www.domaintools.com
http://www.whois.net

You can check information about a domain by using the above sites. It fetches the domain information from the domain registrar.

Domain Resolution

http://host-tracker.com
http://www.alertra.com

http://www.whatsmydns.net

You can use the above sites to check whether a domain can resolve from different parts of the world. It will help us to know whether there is any DNS propagation delay or not.

MyIP

http://www.whatismyip.com

This site will show your public IP that you are currently using.

SSL

http://www.sslshopper.com

https://www.networking4all.com/en/support/tools
http://www.digicert.com

These site will help you check the details of SSL certificates used by a domain.

MAIL

http://verify-email.org

This site will help you to check whether a mail box exists or not.

MX-BlackList

http://www.mxtoolbox.com

http://www.blacklistmaster.com
http://www.anti-abuse.org/

These site tools help you to check MX record used for a domain. You can check whether an MX IP is blacklisted or not. A server IP will be blacklisted when spam contents were detected by the authority.

WebSite Up or Down

http://www.upordown.net/
http://www.isup.me/
http://www.isitdownrightnow.com/

The above site will show you the status of your website. Shows whether your site is up or down.

Google bot last visit

http://www.gbotvisit.com/

The above site helps to check the last time google bot visit a particular url.

You can follow these steps to change Exim Mail IP of a server.

1.Login to cPanel as root. Then,

2.Main >> Service Configuration >> Exim Configuration Manager
   Basic Editor  >> Domain and IPs
  change the following options as follows,
 
  Send mail from account’s dedicated IP address               off
  Reference /etc/mailhelo for outgoing SMTP HELO           on
  Reference /etc/mailips for outgoing SMTP connections    on

3.Login to server backend as root. Then,

4.Open /etc/mailhelo and add the following line in it.

  *: <server_hostname>

 Example:  *:  myserver.com

5.Open /etc/mailips and add the following lines in it.

  *: <new_IP>

 Example:  *: 123.123.123.123

Notes:-

1.You can also give separate mail IP for each domain and subdomain 

   Example: /etc/mailips ----> example.com : 123.45.67.89
                   /etc/mailhelo---> example.com : example.com
                                              sub1.example.com : example.com
                                              sub2.example.com : example.com
                                              addonexample.com: example.com

2.To check whether the Mail IP changed or not, just send a mail and view the mail header. You can view the sender mail IP there.

Reference:- You can use the following cpanel doc for reference.
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/EximDifferentIps

You may get an error(as shown below) in the browser when you try to access a website written in coldfusion.

By default, CFRegistry tag is disabled in the server. On CFMX this affects the CFApplication tag if client storage is left to it's default or set to "Registry".

At default, the CFApplicaiton tag has a parameter of clientstorage with a default value of Registry. By disabling the CFRegisty tag, this creates a conflict. To resolve the problem, the CFApplicaiton tag MUST include the clientstorage="Cookie" or clientstorage="Datasource_Name" to ensure that CFMX does not try to access the registry.

Here is an example of a good CFApplication tag.

<cfapplication name="Your_App_Name"

clientmanagement="yes"

sessionmanagement="yes"

setclientcookies="yes"

setdomaincookies="yes"

sessiontimeout="#createTimeSpan(0,8,0,0)#"

applicationtimeout="#createTimeSpan(0,8,0,0)#"

Clientstorage="Cookie"   <----- Add this line in cfapplication tag

loginstorage="session">

Note:- You can follow the links given below for clodfusion related information.
http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=Tags_a-b_5.html

When you try to upgrade cpanel using upcp,you may get the following result as output

# /scripts/upcp --force

/scripts/upcp syntax OK

Running Futex Check/Fix……Done

Undefined subroutine &Cpanel::Update::automatic_updates_enabled called at /scripts/upcp line 273.

This can be fixed using below :

# wget -O /root/updatenow.static http://httpupdate.cpanel.net/cpanelsync/RELEASE/scripts/updatenow.static && perl /root/updatenow.static --manual

After that Upgrade the cPanel :

# /scripts/upcp --force


Note:- You may get the following error when you try to run /scripts/restartsrv_tailwatchd

Service Check Method: [check command] Can't locate Cpanel/Proc.pm in @INC (@INC contains: /usr/local/cpanel /usr/local/cpanel /scripts /usr/local/lib/perl5/5.8.8/i686-linux /usr/local/lib/perl5/5.8.8 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux /usr/local/lib/perl5/site_perl/5.8.8 /usr/local/lib/perl5/site_perl .) at /scripts/RestartSrv.pm line 15.

BEGIN failed--compilation aborted at /scripts/RestartSrv.pm line 15.

Compilation failed in require at /scripts/restartsrv_tailwatchd line 9.

BEGIN failed--compilation aborted at /scripts/restartsrv_tailwatchd line 9.

To solve the error, Just update cpanel
# /scripts/upcp --force

Error:

If Phpmy admin shows this error msg "Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly".

Solution:

logon to the server and check the module of php:
# php -m

If any error shows there, like "local disk space is full"

Check the disk space:
# df -sh // if the disk full the error causes might be disk full
// it shows a partition /tmp, it always shows 0 size

Again the error is not fixed, check in the /tmp: check which able to touch a file if not delete all session files

# rm -f sessi*
# rm -f horde*

Note: do at your own risk.....

It is very easy to Install cPanel & WHM in a VPS. Just follow the steps given below.

1. Login to VPS as root user.
2. Run the following commands to install cPanel & WHM
    # cd /home
        Changed directory to /home for installation.
    # wget -N http://httpupdate.cpanel.net/latest
        To download latest cpanel installation script.
    # sh latest
        This script will download and install latest cPanel.

3. Now you can access cPanel by entering  <IP>:2086 in the browser.



***Installation of cPanel will take long time. So always run the script in screen.


Note:- For more details, you can follow the link given below.
http://docs.cpanel.net/twiki/bin/view/11_30/InstallationGuide/InstallingCpanel

If you don't have any password generating tools/commands like pwgen and makepasswd, you can follow the steps given below to create a command to generate passwords. These step enables a new command genpasswd for you.

   $ cd
 ~$ vi .bashrc

Append the following code in the .bashrc file

#-----------------------------------------------------------------------------------------------------

genpasswd() {
        local l=$1
        local n=$2
        [ "$l" == "" ] && l=16
        [ "$n" == "" ] && n=1

        while [ $n -gt 0 ]
        do
                tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
                n=$[$n-1]
        done
}

#------------------------------------------------------------------------------------------------------
save and quit from the file

~$ source .bashrc
   To executes the content of .bashrc, ie, to reload .bashrc.

Now the genpasswd command is available in your terminal.

General format of genpasswd command is as follows

$ genpasswd <number_of_character>  <no_of_passwords>

Examples:-

1.If you want to generate a random password with 12 character,
    $ genpasswd 12
2.By default,
   $ genpasswd
    Generate a random password with 16 character.
3.If you want to generate 5 passwords with 11 character each,
   $ genpasswd 11 5



Note:- You can use one of the following code instead of tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs in genpasswd() function.

1. date | md5sum | head -c ${l} | xargs
2. openssl rand -base64 128 | head -c ${l} | xargs
3. strings /dev/urandom | tr -dc .~?_A-Z-a-z-0-9 | head -c ${l} | xargs

Most of the HardWare related information can be extracted from /proc file system.

# cat /proc/meminfo
    To display memory information of the system.

• See also # free 
• See also # slabtop

# cat /proc/cpuinfo
   To display cpu information of the system.

• See also # top

# cat /proc/cmdline
    This file shows the parameters passed to the kernel at the time it is started.

# cat /proc/crypto

    Lists all installed cryptographic ciphers used by the Linux kernel.

# cat /proc/devices
    Displays the various character and block devices currently configure.

# cat /proc/loadavg

   0.07  0.05  0.05  1/243  5431

    Provides the load average in regard to both the CPU and IO over time. The first three columns measure CPU and IO utilization of the last one, five, and 15 minute periods. The fourth column shows the number of currently running processes and the total number of processes. The last column displays the last process ID used. Load average refers to the number of processes waiting for a CPU share.

• See also # uptime
• See also # top

# cat /proc/swaps
   This file measures swap space and its utilization.

• See also # swapon -s
• See also # swapoff

# cat /proc/uptime
    This file contains information detailing how long the system has been on since its last restart.

• See also # uptime

# cat /proc/version
   This file specifies the version of the Linux kernel, the version of gcc used to compile the kernel, and the time of kernel compilation. It also contains the kernel compiler's user name (in parentheses).

• See also # uname -a
• See also # arch

# cat /proc/mounts
   This file provides a list of all mounts in use by the system.

• See also # mount   

 # ps -aux
     To list all the processes in the system.

Note:- To list the processes in sorted order.
From inside top you can try the following:

• Press SHIFT+f
• Press the Letter corresponding to %MEM
• Press ENTER

The above trick will order the processes with descending order memory usage.

SHIFT+m ------->Ordering with memory usage

SHIFT+u-------->select particular user processes.

etc... 

Qmail - qmqtool

                      Qmail is the mail client that comes with the Plesk control panel. Qmail has its strengths and weaknesses, one drawback is there’s no easy built in way to view the messages in the mail queue. qmqtool is a qmail queue manipulation program geared towards the viewing and safe modification of the contents in a qmail queue. This tool is very useful for working on mail queues and debugging problems.

# cd /usr/local/src/
    To setInstallation directory.

# wget http://jeremy.kister.net/code/qmqtool/files/qmqtool-1.14.tgz
    To download source file of qmqtool.

# tar -zxvf qmqtool-1.14.tgz 
    To extracted the tar file to compile.

# cd qmqtool-1.14 

# ./configure --perl=/usr/bin/perl --qmaildir=/var/qmail 

# make && make install
    To configure and install qmqtool.

# /usr/local/script/qmqtool --help
   To list all the available options with qmqtool.

Plesk control panel uses qmail as a mail server. Following are some of the qmail commands for Plesk server.

# /var/qmail/bin/qmail-qstat
   To check the mail queue in plesk from command line.

# /var/qmail/bin/qmail-qread
   To examine the queue with qmail-qread.

From the qmail-qread command you get the message’s id, a number followed by '#' symbol. Let one of the id is '1234' . Now you can find the file holding the email in /var/qmail/queue with “find “command.

# find /var/qmail/queue -iname 1234

   The find result will be like the following..,

   /var/qmail/queue/remote/22/1234

   /var/qmail/queue/mess/22/1234

   /var/qmail/queue/info/22/1234

From the mail header you get the IP address, the following command will display the mail header of  1234.

# cat /var/qmail/queue/mess/22/1234

You can analyse the To, From and Subject to determine whether an email is spam or not. The site given below contains the normal spamming content in e-mails. But spamming contents are changed day by day. Mostly they are sales or adds related.
http://spamspamgoaway.com/spam-subjects.php


Issue the following command and analyse the result to find the spam.

# egrep -ir "(Subject|To|From)" /var/qmail/queue/mess/

You can find a large number of particular pattern in the command result which caused spam. Let the content be like this "Start earning 15 minutes from now". You can delete all the spam mails containing the above content by issuing the fillowing command
# /usr/local/script/qmqtool -d -f "Start earning 15 minutes from now"

After that verify the spamming mails were removed or not by checking the result of,
# egrep -ir "(Subject|To|From)" /var/qmail/queue/mess/

Note:- If qmqtool is not in your server, you should install it. The following link will help you to install qmqtool.

http://linuxadmintips4u.blogspot.in/2012/08/qmail-install-and-compile-qmqtool.html

cPHulk Brute Force Protection

          cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service. While browsing the whm many time local machine ip blocked in the cphulkd database and we are not able to browse the WHM, to unlock the WHM access refer to the following steps to whitelist the ip from the cphulkd blacklist database.


BackEnd or Terminal

Login in the shell as a root user and run the commands.

# mysql

   >USE cphulkd
   >SHOW tables;
   >BACKUP TABLE  brutes TO  ‘/root/cphulk.log’;
   >SELECT * FROM brutes WHERE  IP=’[IP Address]‘;
   >DELETE  FROM  brutes WHERE  IP=’IP Address’;
   >quit;

 Replace “IP Address” as per your local machine ip address to resolve the issue.

============================================================
To delete all the brute force entries of blocked IPs,

mysql> delete from brutes;
mysql> delete from logins;

============================================================

FrontEnd

Login to WHM, then
Main >> Security Center >> cPHulk Brute Force Protection

Select tab

• White/Black List Management

You can Whitelist or Blacklist an IP there.
There is an option to enable/disable  cPHulk protection.

Note:- To disable cPHulk through backend. ie, via terminal

# /usr/local/cpanel/bin/cphulk_pam_ctl --disable

If the shell access is disabled then refer to the following syntax to disable the cphuld.

https://server-ip-address:2087/scripts2/doautofixer?autofix=disable_cphulkd

Crontab Failure Emails


The emails vary in subject line but include:

/bin/sh: 1 : ambiguous redirect - Cron <root@host> /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1

/bin/sh: 1 : ambiguous redirect - Cron <root@host> /usr/local/cpanel/whostmgr/bin/dnsqueue > /dev/null 2>&1

/bin/sh: 1 : ambiguous redirect - Cron <root@host> /usr/local/cpanel/scripts/cpremotetaskadmin > /dev/null 2>&1


Cause:

root's crontab at /var/spool/cron/root was modified outside Linux at some point and corrupted for the line endings.

Problem Test:

Run the following conmmand.

# file /var/spool/cron/root

The output should be like this if there is no error with the file: /var/spool/cron/root: ASCII text

If you are getting an output like the folowing, the file is modified with some unsupported terminators.

/var/spool/cron/root: ASCII text, with CRLF, LF line terminators

Solution:

# strings /var/spool/cron/root > /var/spool/cron/root.tmp
# mv /var/spool/cron/root.tmp /var/spool/cron/root

Here, strings command convert the characters in the file into unix readable format. So all the unsupported characters will be supported by unix.

Run the following command to test the problem is soved,
# file /var/spool/cron/root

/var/spool/cron/root: ASCII text

If you are getting the above output, the problem of getting cron failure emails solved.

Note:- The problem can occur with any crontab files. So, if you have any problem with any other crontab files, you can solve then by the above method.
You can also use
# dos2unix -b /var/spool/cron/root
instead of strings command

# w
  Shows who all are currently logged in and where they are logged in from. It also shows the load average of the server.

# who
  It also shows who is logged in.

# netstat
  Shows all current network connections.

# netstat -an
  Shows all connections to the server, the source and destination ips and ports.

# netstat -ntul
  Shows all the listening sockets.

# route -n
  Shows routing table for all ips bound to the server.

# top
  Shows live system processes in a formatted table, memory information, uptime and other useful info.

# top -u root
  Show processes running by user root only.

# nslookup  <domain_name>
  Query your default domain name server (DNS) for an Internet name (or IP number).

# traceroute <IP or domain_name>
  Displays each host that a packet travels through as it tries to reach its destination. This command is only run by root user.

# tracepath <IP or domain_name>
  To trace the route of a packet to the <IP or domain_name>. This command can run by any user. When compare to traceroute, tracepath has only limited options.

# ifconfig -a
  Display info of all the network interfaces on the server.

# ifconfig eth0 down
  This will take eth0 (assuming the device exists) down, it won’t be able to receive or send anything until you put the device back “up” again.

# ifconfig eth0 up
  This would take eth0 up and available to receive or send packets.

# ping <IP or domain_name>
  ping sends an ICMP ECHO_REQUEST packet to the specified host. It provides a very quick way to see if a machine is up and connected to the network.

# hostname
  Show the system's host name

# findsmb
  Used to list info about machines that respond to SMB name queries. findsmb with noargument would find all machines possible. You can also specify a particular subnet to localize search.

# host <domain_name>
  Performs a simple lookup of an internet address using DNS.

# dig <domain_name>
  The “domain information groper” is a DNS look up tool. This looks up information about <domain_name> in the DNS.

# dig -x <IP>
  Looks up the address and returns the associated domain name.

# dig -t MX <domain_name>
  TO show MX records of <domain_name>

# dig -t ANY <domain_name>
  To view all the record types (A, MX, NS, etc.).

# dig @<dnsserver_name>  <domain_name>
  By default dig uses the DNS servers defined in your /etc/resolv.conf file. We can use a different DNS server to perform the query, specify it in the command line.

# whois <domain_name>
  Used to look up the contact information from the “whois” databases. Also reports IP address and name server of domain as well as creation and expiration dates.

# ftp <IP>  [port]
  File transfer protocol. Transfers files to another host (insecure).

# telnet <hostname>
  Allows to remotely login to a computer. telnet does not encrypt the information it sends. Everything is sent in plain text, even passwords.

# telnet <hostname> [port]
  To connect to a host on a certain port. We can easily check wheter a specifc port on a server is listening or not, using telnet command.

# ssh <user_name>@<IP or domain_name> -p [port]
  Allows to remotely connect to <IP or domain_name> via [port]. Unlike telnet, all the information in this session are encrypted.

# scp -r <user_name>@<IP or domain_name>:<source_file_path> <local_file_path>
  With the scp (secure copy) command you can easily copy from and to a remote computer or between remote computers.