The two directives are PORTFLOOD and SYNFLOOD.
SYNFLOOD

SYNFLOOD is disabled by default. If you are not receiving any sort of attack, there is no need to enable it. If you are expecting an attack, enable it and set the rules a bit strict, like

SYNFLOOD = “1?

SYNFLOOD_RATE = “30/s”

SYNFLOOD_BURST = “10?

i.e. if 30 connections are received from an IP/sec for 10 times, block it. Make sure don’t keep it too strict if you are not receiving an attack else it will generate false positives and will block legit connections.
PORTFLOOD

PORTFLOOD = 80;tcp;100;5,22;tcp;5;300

ie, If an IP makes 100 connections in 5 sec to port 80 (tcp), then it will be blocked from the server and if 5 connections in 300 sec to 22 port.

Doing the following seems gets rid of it until the next time cpanel is upgraded or until the next time apache is compiled.

Edit /var/cpanel/templates/apache2/main.default

Delete…

————

[% IF file_test('f', '/usr/local/cpanel/bin/leechprotect') -%]
RewriteEngine on
RewriteMap LeechProtect prg:/usr/local/cpanel/bin/leechprotect
RewriteLock /usr/local/apache/logs/rewrite_lock
[% END -%]
--------

Edit /usr/local/apache/conf/httpd.conf 

Delete ...
-----------

RewriteEngine on
RewriteMap LeechProtect prg:/usr/local/cpanel/bin/leechprotect
RewriteLock /usr/local/apache/logs/rewrite_lock
-----------

Kill the leachprotect process.


Run /usr/local/cpanel/bin/apache_conf_distiller --update

service httpd restart

# mdadm /dev/md0 -f /dev/sda1                                  stop the rebuild
mdadm: set /dev/sda1 faulty in /dev/md0
# mdadm /dev/md0 -r /dev/sda1                                  remove the devise to avoid start rebuild again after reboot
mdadm: hot removed /dev/sda1
# mdadm /dev/md0 -a /dev/sda1                                     to start rebuild 
mdadm: hot added /dev/sda1

in WHM -> Exim Configuration -> Advanced Editor

Add the following in the first box:

================================================================

received_header_text = Received: ${if def:sender_rcvhost {from ${if def:authenticated_id {localhost}{$sender_rcvhost}}\n\t}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}}}by $primary_hostname ${if def:received_protocol {with $received_protcol}} ${if def:tls_cipher {($tls_cipher)\n\t}}(Exim $version_number)\n\t${if def:sender_address {(envelope-from <$sender_address>)\n\t}}id $message_exim_id${if def:received_for {\n\tfor $received_for}}

================================================================

If the message is from an authenticated user, it will display “localhost” instead of the senders home ip address, thus resolving the issue.

Thanks.

netstat

ssh to the server and then run the below commnad

#netstat -noa |more

thanks.

/var/lib/mysql]# myisamchk -r table

for example

cd  /var/lib/mysql

#myisamchk -r ./cnselang_db/wpskini_cn_wfHits

find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;

but run the above command will help to set the default permissions, first one for folders, and the second one for files.

by Ayad

When a mailing list is moderated, messages which are sent to the list must be approved by the list administrator or (optional) additional moderators before they are actually sent on to the list’s subscribers. Disabling moderation will allow anyone to send a message to your mailing list and it’s subscribers.

You can choose to moderate messages from people who are subscribed to your mailing list, and/or moderate messages from people who are not subscribed to your mailing list. You may want to choose to moderate non-subscribers, instead of disabling moderation all together.

To disable moderation for your mailing list, do the following:

• GO to your mailing lists list admin page
• Click on “Privacy Options…” and then click “Sender Filters”
• If you do not want your list’s subscribers to be moderated, set “By default, should new list member postings be moderated?” to “no” – there is no need to change the “Action to take when a moderated member posts to the list” option.
• If you do not want non-subscribers who send messages to your list to be moderated, set “Action to take for postings from non-members for which no explicit action is defined.” to “Accept”
• Click the “Submit Your Changes” button at the bottom of the page
• IF you chose to not moderate list subscribers above:
  • Click “Membership management” (in the main navigation area”
  • Under the “Additional Member Tasks” section, the “Set everyone’s moderation bit, including those members not currently visible” option should be set to “Off” – This will cause the current subscribers to your list to have their moderated option unset.
  • Click the “Set” button at the bottom of the page
  • Click the “Submit Your Changes” button at the bottom of the page

reference

https://listserv.du.edu/faq.html

1. Stop mysqld.
2. Backup /var/lib/mysql/ib*
3. Add the following line into /etc/my.cnf

innodb_force_recovery = 4

4. Restart mysqld.
5. Dump all tables:# mysqldump -A > dump.sql
6. Drop all databases which need recovery.
7. Stop mysqld.
8. Remove /var/lib/mysql/ib*
9. Comment out innodb_force_recovery in /etc/my.cnf
10. Restart mysqld. Look at mysql error log. By default it should be /var/lib/mysql/server/hostname.com.err to see how it creates new ib* files.
11. Restore databases from the dump:mysql < dump.sql

You can also run /scripts/mysqlup –force after step 8. as this will recreate the ibdata files. This is also unsupported and caution should be taken to not lose any vital customer data in the databases.

References

http://webscholar.net/2010/11/07/repair-innodb-corruption-on-cpanel-mysql-server/

How to Import Existing SSH Key in WHM

In this article we will show you how to add an existing key to WHm in order to access your account via SSH with root privileges.

First, login to WHM and navigate to Home -> Security Center -> Manage root’s SSH Keys.

Then, follow these steps:

1. Click on the Import Key button
2. Enter a name for this key in the first field
3. Paste the public key in the corresponding field
4. Click the Import button

*There are fields for Password and Private Key which are not required

Now, you need to authorize this key for the root user. To do this, go back to Manage root’s SSH Keys and click on the Manage Authorization button next to the key you’ve just added.

Finally, click on the Authorize button. You can now login to your server as root using this key.