Category: Server Administration / cPanel / WHM

How to fix CVE-2016-6662 on cPanel / WHM

CVE-2016-6662 – Remote Root Code Execution / Privilege Escalation (0day exploit)

A new 0-day exploit has been announced for MySQL that can result in remote code execution or privilege escalation.

Apparently, this exploit was announced to Oracle, the owners of MySQL more than 40 days ago and a fix has not yet been released.

You can read about it in greater detail from these sources:

This affects the following MySQL and MySQL “clones”: (excerpted from “LegalHackers.com”)

This exploit / bug works because if the malloc-lib configuration variable is set, the wrapper script mysqld_safe (which runs as root) will preload a user designated shared library before starting the server.…

How to restrict zone transfers for PCI compliance in WHM – CVE-1999-0532

Recently we had to assist a client with a server that needed to become PCI compliant. One of the issues was: DNS Zone Transfer Allowed, CVE-1999-0532 and the server was running Centos 6 and WHM / cPanel.

Scanning vendors fail this because “unrestricted zone transfers” violate PCI DSS and are considered automatic failing conditions.

Now, there is not a control for this inside of WHM / cPanel so you will need to edit the named.conf file directly.…

How to find large files on a server via SSH

Continuing our series on handy commands to know os one that helps you find large files on your server via SSH.

SSH command for finding files larger than a certain file size

The command for this is quite easy, for our example we will assume you want to find all files that are larger than 1 GB in size and geta list you can use.

Step one: Go into your SSH session and type:

find / -type f -size +1048576k -exec ls -lh {} \; 2> /dev/null | awk ‘{ print $NF “: ” $5 }’  | sort -nrk 2,2

Done!…

How to white list an IP address in Mod Security

Often you will have a ruleset in Mod_Security that you want to override for a specific IP address or within a certain path in a website or an application.

To do this you need to locate or create your Mod_Security white list file, then add this line:

…where

is the ID of the rule you want to override.…

How to increase PHP timeout values in Apache and NGNIX

There comes a time when you really need to increase the amount of time it takes before your server stops a particular PHP process from continuing. This is called PHP session “timeout”.

Under normal conditions you want to keep these values low so your connections are as efficient as possible. These limits are also in place to prevent poorly written scripts from monopolizing too many resources on your server.

However, there’s plenty of reasons you would want to increase these values – usually temporarily.…

How to exclude a sub directory from .htaccess 301 redirects

So, here’s something that comes up all the time – you have a sub-directory you want to exclude from a global .htaccess redirect. Often this is due to installing another application within the document-relative paths of an existing website or web application.

e.g.

  • You want to install a copy of WordPress within an existing Drupal website.
  • or maybe you have an application framework like Cake PHP and you need to exclude a directory from the error handling that occurs across all 404s.

CS-Cart upgrade settings for your server.

One of the problems that you may have while upgrading CS-Cart is that the upgrade inexplicably fails during the upgrade process. If you are lucky, you will get a error trace umped to a file or the screen. If not, it may just silently fail in the background or freeze up.

This is certainly no fun. There’s a number of different carts that experience this, so it is not limited to just CS-Cart by any means.

Before you attempt any upgrade of your system, it is best to create a development (beta) area for you to test out the upgrade in first.…

How to export all databases in MYSQL via SSH command line dump

The following is a script you can use to dump all of your databases that the user, in this case “backup” has access to. You can save this as a script file and then run it using a CRON job in your control panel.

Note – this command is not doing cleanup of the archives it creates so you will want to rotate the backups or other use it for specific purposes – such as offsite backups where another script performs cleanup.…

How to find large files via SSH on a server.

There are times when you need to figure out what is filling up disk space on a server or other device (block storage, CDN, external storage, etc) and quickly!

Things like:

  • runaway logging
  • backups & backup of backups
  • large archives
  • dev or beta areas for testing and development work
  • clients or customers who suddenly upload a lot of files

The command you want to run in order to output where large files exist is:

find / -type f -size +1048576k -exec ls -lh {} \; 2> /dev/null | awk ‘{ print $NF “: ” $5 }’  | sort -nrk 2,2

The above would look for files greater than 1 gigabyte in size and then output the path to those files so you could further examine them.…