Where is the PureFTPd configuration file? WHM
Thursday, August 26th, 2010/etc/sysconfig/pure-ftpd
thank you.
/etc/sysconfig/pure-ftpd
thank you.
Run the following scripts:
Issue the following commands in a terminal session:
Issue the following commands in a terminal session:
Issue the following command in a terminal session:
Most of the services can be restarted from WHM; however, you may need to restart them from the shell. You must be logged in as root to do this. All standard Linux services, such as HTTP, FTP, exim, cPanel/WHM, Interchange, MySQL, etc, have init scripts in /etc/rc.d/init.d/
root@host [~]# ls /etc/rc.d/init.d/
./ atd* exim* httpd.tmpeditlib kdcrotate* named* nscd* rawdevices* snmpd* yppasswdd*
../ autofs* filelimits* identd* keytable* netfs* portmap* rstatd* sshd* ypserv*
anacron* bandmin* functions* ipaliases* killall* network* portsentry* rusersd* syslog* ypxfrd*
antirelayd* chkservd* gpm* ipchains* kudzu* nfs* proftpd* rwalld* xfs*
apmd* cpanel3* halt* iptables* lpd* nfslock* radvd* rwhod* xinetd*
arpwatch* crond* httpd@ isdn* mysql* nofsck* random* single* ypbind*
This is typical of what you will find in this directory. The main ones you should be concerned with are:
Using these scripts is very easy. Let’s say that named/BIND is down and we need to restart it. As root, type:
You should see it start up, with a green [OK] message on the left side of the shell/terminal window.
If you see a red [FAILED] message, check the message log.
You should be able to see the error. If you cannot fix it yourself, contact tech support. Some of these services have more options than just “start” and “stop,” and other ways to do them.
Let’s say you have a lot of domains using your DNS server and you don’t want to stop and restart named just because you edited one domain. Type:
If you make a minor change to the /usr/local/apache/conf/httpd.conf
, but don’t want to restart it, type:
If you want to learn more about the commands a script offers, you can simply run the script without passing any arguments to it.
root@saturn [~]# /etc/rc.d/init.d/cpanel3 <br />Usage: /etc/rc.d/init.d/cpanel3 {start|stop|status|restart}
This lets us know we can start, stop, check the running status of the service(s), or restart it. If you can’t get a service to start, and don’t know how to fix it, contact tech support for assistance.
References
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/AllFAQ/WHMsFAQ
There are a few possible solutions.
Usually, /var is what fills up first. This is because /var holds all the system logs.
To see what directory or log is taking up all the room, start at the base. Issue the following commands from a terminal session:
This will show how much space is used and available in each directory, as well as the file sizes of each file in the current directory. Examine the command’s output. Once you see what directory is taking up all the space, cd to it and type the same command again. Follow this searching pattern until you find the files taking up the space.
Once found, you can either delete the files or, if you’d like to save some of the most recent entries to it, you can type this:
This will copy the last 5000 lines from the file to a temporary file. Now you probably want to restart whatever service it is that created the file, to release its file lock.
The /usr directory also fills up sometimes, because of Apache. The first thing you should look at is usually the Apache logs.
You will likely find that the logs/error_log
or logs/access_log
files are very large. At this point, you are free to delete them or use the tail trick above.
references
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/AllFAQ/WHMsFAQ
If you want to block access to your server for whatever reason, you will need to log into the shell as root. Your server should either have ipchains or iptables to help accomplish this. In this example, the attacking IP is 192.168.56.210
.
Issue the appropriate command in a terminal session:
If you just want to block access to one port from an IP :
The above would drop all packets from 192.168.56.210/32
to port 23 (Telnet) on the server.
There are many in-depth tutorials available on the Internet. Consult your favorite search engine for more information.
refereces
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/AllFAQ/WHMsFAQ
Seems there problem with ownership of the files.
How to fix.
Go to /home
Let assume cPanel username sagar
execute following commands in /home
chown sagar.sagar sagar -R
chown sagar.mail sagar/etc -R
chown sagar.nobody sagar/public_html
rm -rf sagar/.cpanel
This is should fix the issue.
By the name alone, we know what this means: denial of services like httpd, exim, ftp, etc. Mostly we deal with DOS attacks on Apache services, which causes sites to slow down or not load at all.
A DOS attack means high connections from certain an IP address or IPs. We can easily find the high-connection IP using the ‘netstat’ command and block those IP’s using firewalls.
The command for listing IPs and number of connections is:
netstat -plan |grep :80|awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n
The command for finding the total connections is:
netstat -plan |grep :80 |wc -l
If you do find any IP address having excessive connections (more than 50), then you have to block it either by using iptables, APF, or CSF.
Using iptables, you can block an IP by issuing the command:
iptables -A INPUT -s --dport 80 -p tcp -j DROP
/etc/rc.d/init.d/iptables save
Using APF, this command is used:
apf -d IP
Using CSF:
csf -d IP
DDOS is distributed denial of service, which is an advanced DOS attack. The number of connections from an indvidual IP might be low, but the connections will be from many IPs or range of IPs.
Most of times attack will be concentrated to one domain. In such cases kill the dns of domain to reduce the attack.
Preventive measures for DDOS attacks include:
As we all know, “prevention is better than cure,” so always take necessary preventive measures and keep auditing and monitoring your servers.