Problems with LWP and access to https URL’s : 500 read failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

If you’re using perl scripts on your server that use LWP and suddenly find them failing with connections to https resources with the following type error:


500 read failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

then you’ve probably got LWP v5.811 installed which breaks SSL connections! The author fixed the problem he created after about two days with v5.812 but the damage was done on many servers. cPanel have put a hold back on cpan module updates for LWP to v5.810 but if your servers already upgraded LWP then you’ll need to either upgrade it manually from the cpan source to v5.812 or downgrade to v5.810.

Downgrading LWP:

wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.810.tar.gz
tar -xzf libwww-perl-5.810.tar.gz
cd libwww-perl-5.810
perl Makefile.PL
make
(take the default options unless you want to additional binaries installed)
make install

OR

Easier Way is to upgrade using cpan

Upgrading LWP:

# cpan
CPAN: File::HomeDir loaded ok (v0.80)
Exiting subroutine via last at /usr/lib/perl5/5.8.8/CPAN.pm line 1450.
cpan>upgrade LWP
This should fix the error 🙂

error: stat of /var/log/cron failed: No such file or directory

Hi guys… Today I faced a issue with a new VPS installed with EZ template Centos 5.2. I was preparing the VPS with logwatch, apf and other security and got cron error under roots mail.

Cron errors shows log errors :

/etc/cron.daily/logrotate:

error: stat of /var/log/boot.log failed: No such file or directory
error: stat of /var/log/cron failed: No such file or directory

OR

You do not find log files updating

This was due to the syslog daemon not running. Check if the service is running and restart. Your server may have syslogd daemon on rsyslogd depending on your OS.

I had rsyslogd on Centos 5.2

# /etc/init.d/rsyslog status
rsyslogd is stopped
rklogd is stopped

# /etc/init.d/rsyslog start
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]

Check if the service is being started at the starup :

 

# chkconfig –list | grep rsyslog
rsyslog 0:off 1:off 2:off 3:off 4:off 5:off 6:off

Use Command to enable the daemon at startup

# chkconfig rsyslog on

The log files were not being created due to the daemons stopped, after restart all started generating.

Cheers!

🙂

HowTo :: make scripts available to all clients on your server


If you have Perl /cgi or Php scripts and you want to make them available to all clients on your server , add an Alias in



/etc/httpd/conf/httpd.conf

file pointing to a shared directory owned by root:wheel. This is how the cPanel achieves this with their cgi-sys shared scripts in /usr/local/cpanel/cgi-sys/



cPanel : WARNING: RVSiteBuilder recommend PHP maximum execution

RVSiteBuilder warning messages under WHM :

WARNING !!
WARNING: RVSiteBuilder recommend PHP maximum execution time of each script , in 180 seconds or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “max_execution_time=180” or above, and restart cPanel service (/usr/local/cpanel/startup).

WARNING: RVSiteBuilder recommend maximum size of POST data 105M or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “post_max_size=105M” or above, and restart cPanel service (/usr/local/cpanel/startup).

WARNING: RVSiteBuilder recommend maximum allowed size for uploaded files that PHP will accept 100M or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “upload_max_filesize=100M” or above, and restart cPanel service (/usr/local/cpanel/startup).

Solution :

Execute using root logins :

perl /var/cpanel/rvglobalsoft/rvsitebuilder/panelmenus/cpanel/scripts/autofixphpini.pl

Restart cPanel :

/usr/local/cpanel/startup

If again you see the warnings after cPanel restart, manually change the values for PHP under WHM >> Tweak Settings.

PHP
PHP max execution time for cPanel PHP execution in seconds (default 90)
PHP Max Post Size for cPanel PHP in Megabytes (default 55M)
cPanel PHP Register Globals (Off [unchecked] is recommended for security reasons)
PHP Max Upload Size for cPanel PHP in Megabytes (default 50M)
Loader to use for internal cPanel PHP (Use oldsourceguardian for version 1.x and 2.x)
none


ioncube


sourceguardian


oldsourceguardian

This fixes your issue.

rvsitebuilder – 404 Not Found

If you get the next problem on rvsitebuilder running on a cpanel server:

Not Found

The server was not able to find the document
(./3rdparty/rvsitebuilder/index.php/sitebuilder/sitebuilderhome) you
requested.
Please check the url and try again. You might also want to report this
error to your webhost.

It should fix the problem to you:

Log in as root on your cpanel server and run these commands:

# rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/var/INSTALL_COMPLETE.php
# rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilderversion.txt
# perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi

OR

Simply run

perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi

Open your WHM on a web browser, https://serverip:2087

And go to root WHM -> Plugins -> RVSiteBuilder

cPanel / APF – Passive FTP issue

The following web site will redirect you to a very well written article, which will cover the basics of “Passive vs Active” mode functions.

Active FTP vs. Passive FTP, a Definitive Explanation

After FTP connection has been made, The FTP server will generally choose a random port within a certain range to use and tell the client to connect to, but when the firewall is setup to block this port, the connection can not be made and the client times out. Error example below :

[14:55:16] PASV
[14:55:16] 227 Entering Passive Mode (74,86,43,171,13,209)
[14:55:16] Opening data connection to 74.86.43.171 Port: 3537
[14:55:16] LIST -aL
[14:55:37] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

Opening the ports on APF

The first step was to tell APF to have a range of ports open for passive FTP connections. You can put in any range you want as long as it doesn’t conflict with another service. For this we’re going to use the range of 35000-35500.

Will be using vi in this How-To. Please see the Basic Guide to Vim

cd /etc/apf; vi conf.apf

Find IG_UDP_CPORTS   and add passive ports 35000-35500 to look like :

IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,161,443,465,623,993,995,2082,2083,2086

,2087,2095,2096,3306,3389,6666,35000_35500

Save the file and restart APF with

/etc/init.d/apf restart

Setting up the FTP Server (Pure-FTPD):

Now you need to tell PureFTPd to use those ports for passive connections. Open up the file /etc/pure-ftpd.conf in your editor and look for the following.

# PassivePortRange 30000 50000

Two things to note. One, the setting is commented out and two the range doesn’t match what we opened in APF. So change it to the following.

PassivePortRange 35000 35500

Restart the PureFTP server with

/etc/init.d/pure-ftpd restart

Test the connections and your are done !

How to compile ‘QUOTA’ support for your FreeBSD server.

I need file system quota support for FreeBSD server.

Quick and Dirty How to compile ‘QUOTA’ support for your FreeBSD server.

Please see: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html for more detailed instructions.

To complete the following you will need to have to ssh access to your host server along with full root access.

Login to the remote host via SSH and become root with ‘su -‘ then backup your current kernel and ‘/etc’ directory.

cp -Rp /boot/kernel /boot/kernel.good
cp -Rp /etc /etc.good

Now verify you have the correct source code for your server installed in ‘/usr/src’
cd /usr/src
ee UPDATING

Make sure the first displayed date matches your current ‘uname -a’ output.

Once you have confirmed you have the correct source code installed you can then create your custom kernel configuration file.

cd /usr/src/sys/i386/conf
cp GENERIC MYKERNELCONF
ee MYKERNELCONF

Add the line below to your kernel configuration file and then save the file.

## Example Entry for your Kernel Conf ##

options QUOTA # Provide Quota Support

##

Next you will need to build and install your custom kernel.( This step could take a few mins )

cd /usr/src/
make buildkernel KERNCONF=MYKERNELCONF
make installkernel KERNCONF=MYKERNELCONF

Now before you reboot you need to edit 2 files to enable QOUTA support for you file system.

The first is the ‘/etc/rc.conf’ which will we will edit to enable QUOTA support and to also check them on boot.

grep /etc/defaults/quota >> /etc/rc.conf
ee /etc/rc.conf

You will see the following entries at the bottom of the ‘/etc/rc.conf’ file.

enable_quotas=”NO” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Change both of the entries to “YES” and then save the file.

enable_quotas=”YES” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).

Now you need to modify your ‘/etc/fstab’ file to select which slices should have QUOTAS turned on.

Typical ‘/etc/fstab’ file with NO quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw 2 2
/dev/ad0s1e /usr ufs rw 2 2
/dev/ad0s1d /var ufs rw 2 2

Typical ‘/etc/fstab’ with quota support enabled.

# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw,userquota,groupquota 2 2
/dev/ad0s1e /usr ufs rw,userquota,groupquota 2 2
/dev/ad0s1d /var ufs rw 2 2

Now save the ‘/etc/fstab’ file and reboot the host to load the new kernel and remount your drives with full quota support enabled for your server.

reboot

If for some reason your server does not come back up after 2-10 mins from the reboot please contact your support team and let them know you just compiled a custom kernel and may need to have the server booted with the old backup kernel you made earlier. If the server reboots with no problems you should be all set and ready to go with full quota support for your control panel of choice.

How to bind a range of IP’s in Redhat based linux

How to bind a range of IP’s in Linux
This method is used by Redhat Linux based servers (Centos/RedhatEnterprise/FedoraCore).

Create a file called /etc/sysconfig/network-scripts/ifcfg-eth0-range0
And in the file place these 3 lines but change the IP’s to match YOUR assigned range.

## Start

IPADDR_START=67.18.xxx.xxx
IPADDR_END=67.18.xxx.xxx
CLONENUM_START=0

# Example | IPADDR_START=67.18.333.440
# Example | IPADDR_END=67.18.333.444
# Example | CLONENUM_START=0

## END

The CLONENUM_START should be the number at which the alias interfaces should start. If you add your 5 IP’s to this server and then want to bind a second set of IP’s you create a second file named ‘ifcfg-eth0-range1’ and change the CLONENUM_START to match the last interface alias. IE ‘eth0:5’ = CLONENUM_START=5

After you have created the above file execute the command ‘service network restart’ and your IP’s will be all setup.

*CPANEL NOTE*
Please do not use this method of binding additional IPs if you are using Cpanel. Bind the IPs through the Cpanel interface.

How to bind a range of IP’s in Debian based linux

Problem:

I would like to bind all 5 of my usable IP’s to the ‘eth0’ device


Solution:

Just define a new interface in /etc/network interfaces:

## Start
auto eth0
auto eth0:0
auto eth0:1
auto eth0:2
auto eth0:3

iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:0 inet static
address 192.168.1.3
netmask 255.255.255.248
gateway 192.168.1.1

iface eth0:1 inet static
address 192.168.1.4
netmask 255.255.255.248

iface eth0:2 inet static
address 192.168.1.5
netmask 255.255.255.248

iface eth0:3 inet static
address 192.168.1.6
netmask 255.255.255.248
## End

Then you can reboot or use the commands below to bring the interfaces up without a reboot.

ifup eth0:0
ifup eth0:1
ifup eth0:2
ifup eth0:3
ifup eth0:4

On the next reboot they should automatically bind to the NIC.

How to bind a range of IP’s on BSD based hosts ( FreeBSD, OpenBSD )

First login to your FreeBSD host as a ‘non-root’ user. You should have an account in the ‘wheel’ group that you can do this with. Once you have logged in run the following commands to switch users to ‘root’

su –
Password:
server#

The prompt should have a # in it now meaning you are the ‘root’ user.

Now run these commands.

ee /etc/rc.conf

Using 192.168.1.3 – 192.168.1.6 as an example

ifconfig_fxp0=”inet 192.168.1.2 netmask 255.255.255.248″
ifconfig_fxp0_alias0=”inet 192.168.1.3 netmask 255.255.255.255″
ifconfig_fxp0_alias1=”inet 192.168.1.4 netmask 255.255.255.255″
ifconfig_fxp0_alias2=”inet 192.168.1.5 netmask 255.255.255.255″
ifconfig_fxp0_alias3=”inet 192.168.1.6 netmask 255.255.255.255″

Note that changes to the ‘_aliasNN’ and also the ‘netmask’ changes to ‘255.255.255.255’ from ‘255.255.255.248’. The IP’s will not work unless you use a ‘255.255.255.255’ netmask for the alias IP’s.

Once you have added the enteries to your file you need to press ‘ESC’ and then select the ‘Save File’ option. You can then reboot the server and the IP’s will be bound and ready to use.

You can also use ‘ifconfig’ on the command line to add them without a reboot.

Please see the following man pages for more information.

man ifconfig
man rc.conf
man netstat