Category: WHM/cPanel

Reset SSH, and find SSH port on cPanel/WHM server

If you lock yourself out of SSH access to your cPanel server or if you do not know on which port your SSH server is running there are several ways you can gain back SSH access to your server.

Flush iptables

If your  IP got locked out in iptables you can use one of cPanel autofixer scripts to flush all iptables chains so your IP can reach SSH on your server again.

Script can be called by adding “scripts2/doautofixer?autofix=iptablesflush” to the end of the WHM url in your browser, and should look something like this:

https://server.domain.tld:2087/cpsess1290981925/scripts2/doautofixer?autofix=iptablesflush

flushing iptables

Reset SSH

If you SSH server is not accessible because of a broken configuration or anything else and is not restarting properly through Home »Restart Services »SSH Server (OpenSSH) in WHM you can try starting safesshrestart script which will kill any running instance of sshd and start a new process on port 22, or if that port is taken on first available port after that, like port 23.

Script can be started by adding “scripts2/doautofixer?autofix=safesshrestart” to the end of your WHM url and should look something like this:

https://server.domain.tld:2087/cpsess1290981925/scripts2/doautofixer?autofix=safesshrestart

Pay attention to the output in WHM when script runs, it will say on which port was SSH started.

safesshrestart

Find out your SSH port

If you are not sure on which port is your SSH server running you can find that out on two ways.

You can use the Restart Services part of WHM and restart SSH by going to Home »Restart Services »SSH Server (OpenSSH) in WHM and watching the output in WHM after you restart SSH, it will say on which port is SSH listening.

Other option is to use an API call to show the port.
You can do that by adding “xml-api/cpanel?user=cpanel&cpanel_xmlapi_apiversion=1&cpanel_xmlapi_module=SSH&cpanel_xmlapi_func=getport” to the end of your WHM url which should look something like this:

https://server.domain.tld:2087/cpsess1290981925/xml-api/cpanel?user=cpanel&cpanel_xmlapi_apiversion=1&cpanel_xmlapi_module=SSH&cpanel_xmlapi_func=getport

You can find out more about WHM autofixers on following link:

https://documentation.cpanel.net/display/ALD/WHM+FAQ#WHMFAQ-WhatistheWHMAutofixer?

Full list of all autofixers can be found here:

http://httpupdate.cpanel.net/autofixer/

VMware rename CentOS 7 NIC names

CentOS 7 virtual machines on VMware will by default use predictable network device naming for network interfaces on the machine, causing their names to be in enoXXXXXXXX format.

This will cause issues when adding 10 or more additional IPs in WHM, as network interface name will be longer than the 15 characters.

Maximum length supported for network interface name on cPanel servers is 15 characters.

When starting ipaliases service, only first 9 additional IPs will be added, and for rest of the IPs error “RTNETLINK answers: Numerical result out of range” will be shown, and IPs will not be shown in ip addr, or ifconfig output.

[root@server ~]# /scripts/restartsrv_ipaliases
Waiting for "ipaliases" to stop ...finished.
Waiting for "ipaliases" to start ...finished.
Service Status
Startup Log
 Oct 03 20:29:20 server.example.com ipaliases[233833]: [FAILED]
 Oct 03 20:29:20 server.example.com ipaliases[233833]: Bringing up eno33559296:cp14 RTNETLINK answers: Numerical
result out of range
 Oct 03 20:29:20 server.example.com ipaliases[233833]: [FAILED]
 Oct 03 20:29:20 server.example.com ipaliases[233833]: Routing 204.93.248.69 RTNETLINK answers: Invalid argument
 Oct 03 20:29:20 server.example.com ipaliases[233833]: [FAILED]
 Oct 03 20:29:20 server.example.com ipaliases[233833]: Bringing up eno33559296:cp15 RTNETLINK answers: Numerical
result out of range
 Oct 03 20:29:20 server.example.com ipaliases[233833]: [FAILED]
 Oct 03 20:29:20 server.example.com ipaliases[233833]: Routing 204.93.248.70 RTNETLINK answers: Invalid argument
 Oct 03 20:29:20 server.example.com ipaliases[233833]: [FAILED]
 Oct 03 20:29:20 server.example.com systemd[1]: Started cPanel IP aliases service.
Log Messages
 Oct 3 20:29:20 server ipaliases: [FAILED]
 Oct 3 20:29:20 server ipaliases: Routing x.x.x.x RTNETLINK answers: Invalid argument
 Oct 3 20:29:20 server ipaliases: [FAILED]
 Oct 3 20:29:20 server ipaliases: Bringing up eno33559296:cp15 RTNETLINK answers: Numerical result out of range

To resolve the issues, network devices can be renamed back to old ethX type of naming.

To rename network devices to old names following steps are needed.

  1. Edit /etc/sysconfig/grub
  2. Update GRUB configuration with new kernel parameters
  3. Rename network files
  4. Edit renamed network files
  5. Reboot the server

To rename devices do the following

Edit /etc/sysconfig/grub

Find a line containing “GRUB_CMDLINE_LINUX”, and append “net.ifnames=0 biosdevname=0“ on the line.

File should look something like this.

[root@server ~]# cat /etc/sysconfig/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=myvg/rootvol rhgb quiet net.ifnames=0 biosdevname=0"
GRUB_DISABLE_RECOVERY="true"

Update GRUB configuration with new kernel parameters, with following command:

grub2-mkconfig -o /boot/grub2/grub.cfg

Rename enoXXXXXXXX network files of all interfaces to ethX network file.

For example:

mv /etc/sysconfig/network-scripts/ifcfg-eno16777984 /etc/sysconfig/network-scripts/ifcfg-eth0
mv /etc/sysconfig/network-scripts/ifcfg-eno33557248 /etc/sysconfig/network-scripts/ifcfg-eth1

This will rename file ifcfg-eno16777984, to ifcfg-eth0, renaming interface eno16777984 to eth0, and will rename file ifcfg-eno33557248, to ifcfg-eth1, renaming interface eno33557248, to eth1.

Edit new ethX network files.

Replace value of both NAME and DEVICE field with new ethX names.

File should look something like this.

[root@server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
NAME=eth0
UUID=b02f4abf-f6da-4ad4-b800-4abf4fe1d50d
DEVICE=eth0
ONBOOT=yes
NM_CONTROLLED=yes
IPADDR=x.x.x.x
NETMASK=255.255.255.0
GATEWAY=x.x.x.1

Reboot the server, and you should now see network interfaces using old CentOS 6 style names.

Additional changes for cPanel servers

Change public network interface in Basic cPanel & WHM Setup.

Go to Home »Server Configuration »Basic cPanel & WHM Setup and change public interface from old enoXXXXXXXX to new ethX name.

Change public interface to new name
Change public interface to new name

Restart ipaliases service with /scripts/restartsrv_ipaliases.

How to install pdo_pgsql on cPanel server

When you try to install PHP Pecl module PDO_PGSQL, through WHM by going to Home »Software »Module Installers, you might be presented with the following error:

compilation terminated.
make: *** [pdo_pgsql.lo] Error 1
ERROR: `make' failed
The PDO_PGSQL.so object is not in /usr/local/lib/php/extensions/no-debug-non-zts-20131226
Tidying /usr/local/cpanel/3rdparty/php/56/etc/php.ini...
No changes
Tidying /usr/local/lib/php.ini...
 Skipping duplicate extension: pdo_pgsql.so
Wrote changes

You might also get a similar error when trying to install pdo_pgsql through shell with pecl install pdo_pgsql.

creating libtool
appending configuration tag "CXX" to libtool
configure: creating ./config.status
config.status: creating config.h
running: make
/bin/sh /root/tmp/pear/pear-build-roottXvx5k/PDO_PGSQL-1.0.2/libtool --mode=compile cc -I  -I. -I/root/tmp/pear/PDO_PGSQL -DPHP_ATOM_INC -I/root/tmp/pear/pear-build-roottXvx5k/PDO_PGSQL-1.0.2/include -I/root/tmp/pear/pear-build-roottXvx5k/PDO_PGSQL-1.0.2/main
-I/root/tmp/pear/PDO_PGSQL -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib  -DHAVE_CONFIG_H  -g -O2   -c /root/tmp/pear/PDO_PGSQL/pdo_pgsql.c -o pdo_pgsql.lo
mkdir .libs
 cc -I -I. -I/root/tmp/pear/PDO_PGSQL -DPHP_ATOM_INC -I/root/tmp/pear/pear-build-roottXvx5k/PDO_PGSQL-1.0.2/include -I/root/tmp/pear/pear-build-roottXvx5k/PDO_PGSQL-1.0.2/main -I/root/tmp/pear/PDO_PGSQL -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib -DHAVE_CONFIG_H -g -O2 -c /root/tmp/pear/PDO_PGSQL/pdo_pgsql.c  -fPIC -DPIC -o .libs/pdo_pgsql.o
/root/tmp/pear/PDO_PGSQL/pdo_pgsql.c:22:20: fatal error: config.h: No such file or directory
 #include "config.h"
                    ^
compilation terminated.
make: *** [pdo_pgsql.lo] Error 1
ERROR: `make' failed

You can install pdo_pgsql by downloading and compiling it manually using following set of commands:

wget http://pecl.php.net/get/PDO_PGSQL-1.0.2.tgz
tar -xzf PDO_PGSQL-1.0.2.tgz
cd PDO_PGSQL-1.0.2/
phpize
./configure
make && make install
echo "extension=pdo_pgsql.so" >> /usr/local/lib/php.ini
Reference:

https://forums.cpanel.net/threads/unable-to-install-pdo_pgsql.554271/

How to clear disk space on cPanel server

By default drives will come with 5% of all filesystems allocated as reserved disk space allocated for privileged users, and not shown as available space.

Since drives in use today tend to be large, reserved block percentage can be lowered to 1%, or specified to specific number of block.

To set the reserved space to 2500 blocks “tune2fs -r 2500” can be used.

tune2fs -r 2500 /dev/sda5

To set reserved space to 1% of disk size “tune2fs -m 1” can be used.

tune2fs -m 1 /dev/sda5

Files that can be cleared by main partitions/folders, to reduce disk usage on cPanel servers:

Reduce /home usage

Several files and folders can be truncated or removed on /home.

When EasyApache is run, it will leave file behind, that were used for Apache/PHP build, that can be removed if space is needed.

EasyApache files can be removed with following command.

rm -rfv /home/cpeasyapache

cPanel FileManager can leave temporary files, that were created during user uploads.
These can be removed with following command:

rm -fv /home/*/tmp/Cpanel_*

If you were moving any accounts to the server with WHM Transfer Tool, temporary account migration files can be left on drive.

These can be removed with following command:

rm -rvf /home*/cpanelpkgrestore.TMP*

Disk space can be recovered by deleting Softaculous and Fantastico backups from user folders, if they are used.

rm -fv /home*/*/.softaculous/backups/*
rm -rfv /home/*/fantastico_backups

If you were making cpmove file manually, they will by default be created inside /home.
You can clean any leftover cpmove files with following command:

rm -rvf /home/cpmove-*

Often large portions of disk space can be used up by large error_log files inside account home folders.

You can empty all error_log files to 0 bytes usage with following command:

find /home/ -name error_log -type f -print -exec truncate --size 0 "{}" \;

If users have large number of account backups in their home folders, those can use up a lot of space.

Accounts backups can be removed from user folders with following command:

for user in `/bin/ls -A /var/cpanel/users` ; do rm -fv /home/$user/backup-*$user.tar.gz ; done
Summary of all used commands, for clearing /home
#Emtpy all error logs
find /home/ -name error_log -type f -print -exec truncate --size 0 "{}" \;
#Remove EasyApache files
rm -rfv /home/cpeasyapache
#Remove Softaculous backups
rm -fv /home*/*/.softaculous/backups/*
#Remove account backups
for user in `/bin/ls -A /var/cpanel/users` ; do rm -fv /home/$user/backup-*$user.tar.gz ; done
#Remove Fantastico backups
rm -rfv /home/*/fantastico_backups
#Remove temporary cPanel files
rm -fv /home/*/tmp/Cpanel_*
#Remove any cpmove files
rm -rvf /home/cpmove-*
#Remove temporary account migration files
rm -rvf /home*/cpanelpkgrestore.TMP*
Reduce /var usage

Disk space in /var can be cleared by deleting archived logs, which will usually end with .gz, or contain year inside their name, like such as “maillog-20161113”.

Archived logs can be cleared with following commands:

rm -fv /var/log/*.gz
rm -fv /var/log/*201*

Disk space in /var can get also get used up by core dump files inside /var/spool/abrt/ directory, which get created in cases of kernel panic.

These file can be cleared up with following command:

rm rfv /var/spool/abrt/*

Check the size of exim stats database, which can sometimes take several gigabytes in size, depending on settings:

du -sh /var/lib/mysql/eximstats/

In case eximstats database is large, consider emptying the database, and changing retention settings.

How to clear or disable eximstats on cPanel

Reduce /usr usage

Disk space in /usr can be cleared by removing cPanel and Apache archived logs, or old installation files of Apache, and if installed, maldet.

Every time you rebuild Apache with EasyApache, old installation files will be moved to “apache.backup*” directory.

Remove old Apache files with following command:

rm -rfv /usr/local/apache.backup*

Similar thing happens with maldet, if it is installed, on updates, old installation will be moved to “maldet.bk*” folder.

Remove old maldet files with following command:

rm -rfv /usr/local/maldet.bk*

Clear disk space by removing archived cPanel logs:

rm -fv /usr/local/cpanel/logs/archive/*.gz

Remove archived Apache logs:

rm -fv /usr/local/apache/logs/*.gz
rm -fv /usr/local/apache/logs/archive/*.gz

Although not often, sometimes maldet logs can use up a lot of space.
Remove maldet logs:

rm -fv /usr/local/maldetect/logs/*
Summary of all used commands, for clearing /usr
#Remove old Apache files
rm -rfv /usr/local/apache.backup*
#Remove old maldet files
rm -rfv /usr/local/maldet.bk*
#Remove maldet logs
rm -fv /usr/local/maldetect/logs/*
#Remove archived cPanel logs
rm -fv /usr/local/cpanel/logs/archive/*.gz
#Remove archived Apache logs
rm -fv /usr/local/apache/logs/*.gz
rm -fv /usr/local/apache/logs/archive/*.gz
References:

How to Free Up Disk Space on a cPanel Server

11 Ways to Free Up Disk Space on a cPanel Server

How to clear or disable eximstats on cPanel

What is eximstats

Eximstats, on WHM/cPanel servers, is used to maintain statistics and information about email messages processed by Exim mail service.

If the data in it is not cleared often enough it can grow, and cause issues with disk space, or MySQL resource usage, as the size of the database can cause higher memory and disk consumption.

Disabling eximstats

If you do not have any need for Exim statistics, which are used for Mail Delivery Reports on  Home »Email »Mail Delivery Reports, gathering exim statistics can be disabled from WHM or command line.

In WHM it can be disabled by going to Home »Service Configuration »Service Manager, and unchecking the service, and then clicking on the Save button on the bottom.

This will stop the database from being populated with new data.

Eximstats in Service Manager
Service Manager

From command line, you can disable the database from being populated by running a following command:
/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::Eximstats

Lowering Eximstats retention time

Database is periodically cleaned, and by default Exim stats are retained in database for 10 days, which can be changed in WHM by going to Home »Server Configuration »Tweak Settings and changing the “The interval, in days, to retain Exim stats in the database” setting on the “Stats and Logs” tab.

Setting can also be changed by altering the “exim_retention_days” value in “/var/cpanel/cpanel.config” file.

Empty eximstats database

Database can be cleared either by deleting from its four tables, defers, failures, sends and smtp, or by dropping the database completely, and creating a fresh one with empty tables from “/usr/local/cpanel/etc/eximstats_db.sql” file.

To delete all of the data from the tables following command can be used:

mysql -e "use eximstats;delete from defers;delete from failures;delete from sends;delete from smtp;delete from smtp;"

To drop the database and recreate it again, following commands can be used:

mysqladmin drop eximstats
mysqladmin create eximstats
mysql eximstats < /usr/local/cpanel/etc/eximstats_db.sql
References:

https://forums.cpanel.net/threads/problem-in-eximstats.363382/

https://confluence2.cpanel.net/display/ALD/Service+Manager#ServiceManager-tailwatchd(TailWatchDrivers)

https://documentation.cpanel.net/display/ALD/Tweak+Settings+-+Stats+and+Logs#TweakSettings-StatsandLogs-Theinterval,indays,toretainEximstatsinthedatabase