Tuesday, February 28, 2012

Domain migration from cpanel to cpanel


Please find the steps to transfer the accounts from cpanel to cpanel.

To transfer account you should have root access on both servers. Because to transfer account you need every thing to backup for transfer including Cpanel User / Pass (Same), Website, Database, Emails, Users, Stats etc.
The thing i like about CPanel is it will transfer accounts 100%, you will not miss any single think related to your accounts. This method implies on VPS’s and Dedicated Server where you can access WHM (Web Host Manager) or root shell.

Lets consider we have two servers A and B. Server A is the old server with two accounts and Server B is new server to which we will transfer accounts.

Server A = 192.168.0.1

Server B = 172.20.0.1
1 Transfer using WHM

Login to Server B WHM using following url


where 2086 is the port on which WHM is running.

In the middle page select Transfer and then on Transfer page select Copy multiple accounts/packages from another server.

It will open new page to put info of the Server through which you are going to transfer i.e Server A.

Remote server type is (WHM version will be auto detected on multi account
copies): leave as it is
Remote server address (ip address or FQDN): put server hostname or IP Remote SSH port: 22 is the default, if you have changed ssh port on old server use that one here.
Do not compress transfers (cPanel 10.8.3+ required on both ends): leave at it is Turn off SSL (cPanel 11.23.6+ required on both ends): leave at it is Allow override*: leave at it is Login as : Choose USER if you have sudo or direct root login are not allowed. Else select ROOT (recommended) Select authentication method: Choose Password here, if you are using Public Key then you have to upload Key using Security -> Manage SSH Keys to use here.
Root Password: put root password here

After putting all information above click on Fetch Account List. In few second you will see list of accounts from Server A to transfer. Select the account using check boxes to copy, if need to copy all select Select All to check all accounts. When done with select click on Copy. (Beware once you click on Copy dont close browser or click on Back button).

You will see account transfer log on your browser and when finished it will show nice summary about transfer.




Monday, February 27, 2012

Installing Sun JDK 1.6.0 in CentOS 5.5

Installing Sun Java JDK in CentOS is not as easy as I expected
If you want to use Java Sun JDK instead of OpenJDK on CentOS, u have to install it manually.
1. Download the Java Sun JDK (.rpm.bin) at Sun Homepage
2. Login the CentOS as root and modify the privilege of the .bin to 755

3. The installed java can be found at /usr/java

4. Add this new java to the alternatives configuration
  • alternatives –install /usr/bin/java java /usr/java/jdk1.6.0_18/bin/java 2

5. Update the java alternatives and verify the java version

OR
In Short:
STEP 1: Download the Sun Java JDK from the Java SE Downloads page.
STEP 2: Using your root account, or the sudo command, run the jdk-6u11-linux-i586-rpm.bin (chmod it if necessary). This will install Java packages.
STEP 3:
For selecting the java command, we can use the alternatives program. Use:

/usr/sbin/alternatives --install /usr/bin/java java /usr/java/latest/bin/java 2

Now run

/usr/sbin/alternatives --config java

and select option 2.
Running java -version now should show Sun JVM info.

Non-Root Accounts Have UID Set To0

#6.5: Make Sure No Non-Root Accounts Have UID Set To0
Only root account have UID 0 with full permissions to access the system. Type the following command to display all accounts with UID set to 0:
# awk -F: ‘($3 == “0″) {print}’ /etc/passwd
You should only see one line as follows:
root:x:0:0:root:/root:/bin/bash
If you see other lines, delete them or make sure other accounts are authorized by you to use UID 0.

Install Mod_Security

ModSecurity is a free open source web application firewall which can help you to guard against LFI (local file inclusion attacks) and SQL injection vulnerabilities.
CPanel Installation:
Just go to Cpanel WHM > Plugins > Enable Mod_Security > Save
Source Installation:
That should install mod security in your cpanel. Under apache it should show under installed modules if you run test.php with phpinfo() in it. Try adding some mod security rules. Installing mod_security could be sometimes complicated. Dont use apxs for compiling mod_security as it causes number of problems.
Note: Mod_security needs libxml2 and http-devel libraries before it can be installed. It also requires mod_unique_id enabled in apache modules. To install mod_unique_id, you have to place
LoadModule unique_id_module modules/mod_unique_id.so
in your httpd.conf file.
yum install libxml2 libxml2-devel httpd-devel
Download the latest version of mod_security for apache2 from http://www.modsecurity.org
wget http://www.modsecurity.org/download/modsecurity-apache_2.1.7.tar.gz
tar zxf modsecurity-apache_2.5.4.tar.gz
cd modsecurity-apache_2.5.4
cd apache2
Then
If you cannot find ./configure then you will need to edit Makefile and make change to top_dir = /usr/lib/httpd (for centos)
make
make install
Next, copy the rule files depending on which you want (you can also select minimal rules file which comes with source). Make a directory named modsecurity under /etc/httpd/conf and copy all the modsecurity rules there. Finally include those files in the httpd.conf file
# /etc/httpd/conf/httpd.conf
LoadModule unique_id_module modules/mod_unique_id.so
LoadFile /usr/lib/libxml2.so
LoadModule security2_module modules/mod_security2.so
Include conf/modsecurity/*.conf
Then
/etc/init.d/httpd restart
Log Files
Watch for log files to detect any errors or intrusion activity
/var/log/httpd/modsec_audit
/var/log/httpd/error_log


Refer:http://www.mysql-apache-php.com/basic-linux-security.htm