How to harden and optimise whm/cpanel


Cpanel website provides some good tips to harden your server

After login to whm, go to configserver security & firewall and add your IP to the “allow ip” list.

https://documentation.cpanel.net/display/CKB/How+to+Prevent+Email+Abuse

WHM > Server Configuration > Tweak Settings, Mail -> Set Initial default/catch-all forwarder destination to false

https://documentation.cpanel.net/display/CKB/Tips+to+Make+Your+Server+More+Secure

go to security center -> security advisor and follows the advise from there.
-> Allow modsecurity and rebuilt apache.
-> Update password strength to something greater than 70
-> disable ssh password authentication
-> run security advisor and update as necessary

go to service configuration -> service manager and disables unused services like mailman.

if php is showing ini_set error, go to home -> service configuration -> php configuration editor and remove ini_set under safe_mode. might as well allow proc_open for composer. restart apache

If cannot access files after updating or transferring cpanel accts, try changing permission for all files. suphp means owner and group user must be acct user and all dir must be 755 and file 644.

find /home/user/public_html -type d -exec chmod 755 {} \;
find /home/user/public_html -type f -exec chmod 644 {} \;

To optimise php, use apc cache with fcgi

http://virtualhosts.dk/centos-6-with-cpanel-and-whm-using-litespeed-webserver-and-php-apc/step-6-install-php-apc-alternative-php-cache

or better still go for hhvm (but cpanel doesnt yet support this)

https://codeable.io/community/speed-up-wp-admin-redis-hhvm/

Deploying to wordpress from git

If you are using git and are writing plugins for wordpress, its a hassle to switch between the 2 SCM. Why not commit once and deploy to 2 places? that is what many people are trying to do. this script does exactly that: https://github.com/benbalter/Github-to-WordPress-Plugin-Directory-Deployment-Script Create a plugin first. I suggest using all lowercase, eg blarblar-blarblar-blarblar. … Continue reading

cpanel php exec – memory or cannot fork error

If you are using php, and try to run command line scripts containing php command, you will get a loop that fails with a warning “cannot fork” or memory error. This is because you are most likely using suphp in cpanel. While suphp is popular, it fails misery when trying to execute php command line. … Continue reading

bitbucket post hook sample json

Like github, bitbucket sends a useful json post data to a url specified by you if you add a post hook in a the bitbucket repo. The post json can be useful if you want to determine the file changes of the branch that has the change. example json is

cpanel changing document root of primary domain

there might be times when you want to restructure the default public_html directory structure. The document root might reside somewhere deep in for security reasons. go to /var/cpanel/userdata/USERNAME/DOMAIN.COM edit the documentroot line then /scripts/rebuildhttpdconf service httpd restart

Allow different order status in woocommerce

sometimes it is necessary to add new order type, for example some of the items i sell requires installer confirmation. Thanks woocommerce, the hooks are easy to use. In your functions file:

export custom mysql query to csv

Sometimes it is useful to export custom query and then import it as a csv into another table mysql -uroot -p your_db -e “select_query¬†INTO OUTFILE ‘/tmp/query.csv’ FIELDS TERMINATED BY ‘,’ ENCLOSED BY ‘\”‘ LINES TERMINATED BY ‘\n’”

Check for corrupted JPEGS

install jpeginfo to scan through dir and test for corrupted jpeg find . -name “*jpg” -exec jpeginfo -c {} \; | grep -E “WARNING|ERROR”

Laravel output sql

In eloquent, its as simple as   ->getQuery()->toSql()   for example¬†User::find(1)->getQuery()->toSql()

Sublimetext 2 favourite plugins

These are the sublimetext V2 plugins that I can’t live without. package control (seriously, who can survive without this plugin) markdown preview sublimecodeintel sublimelinter docblockr