Install memcache on cpanel

How to install memcached on cpanel server.

1: Login to WHM > Software > Easyapache 4 > “Currently Installed Packages” > Customize > Apache module > search using memcache > install this if it is not.

2: Login to server via ssh as root user and execute following command.

yum install memcached.x86_64 -y

3: Then WHM > Software > Module Installers > PHP Pecl, search for memcache this will list both memcache and memcached, install both.

4: Restart service apache.

5: Now start memcached by executing command

memcached -d -m 512 -l -p 11211 -u nobody

6: Verify if it is working by executing command :  systemctl start memcached

7: Enable memcached so whenever server will reboot service will get start automatically.

systemctl enable memcached

8: Check memcached status using command.

systemctl status memcached

Output should be like:

* memcached.service – Memcached
Loaded: loaded (/usr/lib/systemd/system/memcached.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2018-11-05 18:38:46 -05; 7s ago
Main PID: 47657 (memcached)
CGroup: /system.slice/memcached.service
`-47657 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024

Nov 05 18:38:46 systemd[1]: Started Memcached.
Nov 05 18:38:46 systemd[1]: Starting Memcached…

Now you shall able to use memcached  in your applications.


Install and configure CSF firewall

How to download and install csf firewall on linux/cPanel server.

cd /usr/src
rm -fv csf.tgz
tar -xzf csf.tgz
cd csf

CSF will get install in /etc/csf directory. Once installation is done you need to edit csf.conf file from this directory.

vi /etc/csf/csf.conf

then find keyword TESTING by default testing mode is enabled . When this is enabled csf will turn off automatically after 5 mins. So you need to disable it by setting TESTING to 0.

change line number 11. (If you are using vi editor then hit command vi /etc/csf/csf.conf > ESC key > hit key / > type ^TESTING This will find line starting with word TESTING)

TESTING = “1”  to TESTING = “0”

Then restart csf using command

csf -r

In case you are using cPanel server you will need open FTP passive port range 30000:50000 in TCP_IN section.

Search keyword ^TCP_IN (Line starting with word TCP_IN)

Add FTP passive port range at end of the following line.

Change from 
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,30000:50000"

Restart csf using command

csf -r

Find spamming script on cpanel

Here we will see how to trace/find spamming script on cPanel server.

cPanel uses exim as mail server. Path to log file of Exim mail server is /var/log/exim_mainlog. Many cPanel users send out bulk email using php script. This really goes hard to find exact script which is sending out emails but using exim_mainlog, it is possible to trace folder from where script is executed.

Running following command will provide complete folder paths from where script is executed. Also it will provide number of times script executed from that particular folder. Once you find folder you will need to go through files present in that folder (No need to check files from subfolders). If you find any unknow file with email sending code just remove it or disable.

Command to find folder path from where scripts are executed to send out emails.

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n