Monday, August 19, 2013

fix capenl account permissions /scripts/chownpublichtmls


to fix accounts permissions do this commnad:\

/scripts/chownpublichtmls

OR create manual script

Generate the script:

cd /var/cpanel/users; ls -1 | awk {'print "chown "$1":nobody /home/"$1"/public_html"'} > ~/fixpubhtmlownerships.sh


Run the generated script:


sh ~/fixpubhtmlownerships.sh











Posted by



at





No comments:
  
































          

        

          

        

Thursday, July 25, 2013


          

        









Search for PHP shell scripts and PHP exploits 










Replace the path below (.) with the absolute path of the directory you 
want to recursively scan.  For example, you could recursively scan from 
the working directory:






grep '((eval.*(base64_decode|gzinflate|\$_))|\$[0O]{4,}|FilesMan|JGF1dGhfc|IIIl|die\(PHP_OS|posix_getpwuid|Array\(base64_decode|document\.write\("\\u00|sh(3(ll|11)))' . -roE --include=*.php*




Path to replace . which will all public-facing web folders on a Cpanel server:





/home/*/public_html/







So it will be:






grep '((eval.*(base64_decode|gzinflate|\$_))|\$[0O]{4,}|FilesMan|JGF1dGhfc|IIIl|die\(PHP_OS|posix_getpwuid|Array\(base64_decode|document\.write\("\\u00|sh(3(ll|11)))' /home/*/public_html/ -roE --include=*.php*









Posted by



at





No comments:
  

















Labels:
,
















          

        

          

        

Wednesday, July 24, 2013


          

        









How to secure the /tmp and /var/tmp partition on a VPS?










On a VPS, there are 2 ways to mount OR secure /tmp and /var/tmp partitions with the noexec,nosuid option.

One way is to mount these partitions from the Node the VPS resides on.

1) Login to the Node server and execute the following command:






vzctl set VEID --bindmount_add /tmp,noexec,nosuid,nodev --save
vzctl set VEID --bindmount_add /var/tmp,noexec,nosuid,nodev --save





The “bindmount_add” option is use to mount the partition inside the VPS. The ‘VEID’ is the VPS ID you are working on.

2) The second option is to mount these partition from within the VPS 
itself. It is useful incase you don’t have access to the Node server. To
 mount /tmp and /var/tmp from within the VPS, execute:






mount -t tmpfs -o noexec,nosuid,nodev tmpfs /tmp
mount -t tmpfs -o noexec,nosuid,nodev tmpfs /var/tmp





To check the mounted ‘tmp’ partitions, execute




















mount | grep tmp













Posted by



at





No comments:
  

















Labels:
,
























How to secure /tmp and /dev/shm partitions on servers?










It is highly recommended to mount /tmp and /dev/shm partitions in 
noexec,nosuid mode in order to prevent files been executed under those 
partitions. To mount /tmp and /dev/shm in noexec,nosuid more, edit the 
/etc/fstab file and






nano /etc/fstab





search for the word






"defaults"





in front of the 2 partitions and replace them with






    rw,noexec,nosuid





The entry should look like the following:






    tmpfs /dev/shm tmpfs rw,noexec,nosuid 0 0





and same for /tmp partition as well.

Save the /etc/fstab file. You now need to remount the partitions for 
the changes to take effect. Execute the following remount commands:






    mount -o remount /tmp
    mount -o remount /dev/shm





You can now check the mounted partitions using the command:








mount | grep tmp













Posted by



at





No comments:
  

















Labels:
























PureFtp + Not able to list more than 2000 files












Problem: Not able to list more than 2000 files in a directory using Ftp.



Solution:



The pure-ftp by default limit maximum number of # files to be displayed
to 2000.



So edit your pureftpd configuration file which is at /etc/pure-ftpd.conf
and change the line



LimitRecursion 2000 



to 



LimitRecursion 5000 



Save the file and restart the service.



service pure-ftpd restart



It will display 5000 files from a directory now.




































Posted by



at





No comments:
  

















Labels:
























Don’t save commands in bash history (only for current session) disable history for current shell session










1-

 root# unset HISTFILE

disable history for current shell session

this will cause any commands that you have executed in the current shell
 session to not be written in your bash_history file upon logout

2-

 root# HISTFILE=/dev/null

disable history for current shell session

3-

root# history -c

Clear current session history (bash)

4-

root# export HISTSIZE=0

Don’t save commands in bash history (only for current session)

5-










root# rm ~/.bash_history && kill -9 $$

Sneaky logout

Best way I know to get rid of .bash_history and don’t allow bash to save the current one on exit

Edit: added ~/ before .bash_history, just in case…








Posted by



at





No comments:
  

















Labels:
























cpanel increase tmp , how to resize tmp












    if your server’s tmp is getting filled up very fast and want to increase it.


I give you list of commands and instructions on how to resizing the tmp partition?


Note: this works only on CPanel server.


1- edit the file: /scripts/securetmp








nano  /scripts/securetmp





2 – find and change the following value:








my $tmpdsksize     = 5120000;    # Must be larger than 250000





5120000 = 512MB

if you want 1GB replace it with: 10240000

2GB : 20480000


3 – now we want to delete the old tmp partition








lsof /tmp





4 – Then umount /tmp and /var/tmp:








umount -l /tmp
umount -l /var/tmp





5 – Then remove the corrupt partition file:








rm -fv /usr/tmpDSK





6- Then create a new one: (only valid for Cpanel servers)








/scripts/securetmp















done.









Posted by



at





No comments:
  

















Labels:
,
















        

      









Subscribe to:
Posts (Atom)