Control Panels

All posts in the Control Panels category

Disable Directory Browsing in Linux Apache Server

Published May 14, 2011 by Siva

Disable directory browsing using .htaccess:-
Open your .htacces file

Look for Options Indexes
If Options Indexes exists modify it to Options -Indexes or else add Options -Indexes as a new line
The directory browsing feature should be disable by now

Disable directory browsing using httpd.conf:-

Open your httpd.conf, normally it’s located at /usr/local/apache/conf or /etc/httpd.conf
Go to your own Virtual Host settings and look for “Options Indexes”
Change the Indexes to -Indexes if Option Indexes exists or else add the Options -Indexes line
Restart your apache web server.

The directory browsing feature should be disable by now

Disable directory browsing in CPanel Share Hosting enviroment:-

Login to your CPanel
Click on Index Manager
Directory will be list down. Click on the directory name which you want to disable the directory browsing
Select No Index and click Save

The directory browsing feature should be disable by now
Once you disable directory browsing, visitor will not able to browse your directory by accessing the directory directly (if there is no index.html file).
This will protect your files from exposing to the public.

Advertisements

Cpanal – Mail not receiving error R=central_filter T=**bypassed**

Published September 4, 2010 by Siva

Recently I got very interesting issue and it took very long time to figure our. The problem was I was able to send/receive email to other accounts but not able to send/receive to my own account means test@test.com to test@test.com. Here is what I was getting in error logs (Cpanel server).

gin:test@test.com S=789 id=63311.122.252.239.20.1239477600.squirrel@test.com
2009-04-11 14:20:00 1LsikC-00037z-NP => /dev/null
R=central_filter T=**bypassed**

Then here is what I found in cpanel forums:

central_filter refers to the email filters you’ve set up in cPanel – stored in /etc/vfilters/. Looks like you’ve got a filter set up to drop certain emails.

Then I renamed my domain name files in /etc/vfilters/ and I got this fixed, hope this will help you

Install php5 and php4 in cPanel server

Published February 1, 2010 by Siva

Install Apache(apache2.2.2)

1. Download apache2.2.2(httpd-2.2.2.tar.gz) store in /usr/local/src
2. Type the following to un-tar the file into a directory called apache_[version]: tar -xvf apache_[version].tar
3.  cd into /usr/local/apache_[version] (or wherever you un-tared it)
4. Type the following to prepare for building, replacing [path] with your own path, such as /usr/local/usr/local/apache_new
5. ./configure –prefix=[path] –enable-module=so
6. make
7. make install
8. Check if you have mod_so enabled:
* cd to the Apache bin directory (/usr/local/apache_new/bin/ or wherever you installed Apache originally)
* Type ./httpd -l
9. Open httpd.conf(/usr/local/apache_new/conf/) and find a line starting with ServerAdmin.
ServerAdmin admin@example.com
10. Find a line starting with ServerName:
ServerName server1.example.com:80
11. Save the file.
12. cd up a directory (type cd ..)
13. Start Apache using the following command:
# ./bin/apachectl start
14. Call the IP(192.168.1.5) or domain name(server1.example.com)from browser You will get a page “IT WORKS”

Install Mysql 4.1

Add a login user and group for mysqld to run:
# groupadd mysql
# useradd -g mysql mysql
# tar zxvf mysqlversion.tar.gz
# cd mysqlversion
# ./configure–prefix=/usr/local/mysql
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
# cd /usr/local/mysql

If you haven’t installed  mysql before, you must create the mysql grant tables:
#bin/mysql_install_db –user=mysql
(If you run the command as root, you should use the –user option. The value of the option should be the name of the login account that you have created in the first step to use for runnning the server)

#cd /usr/local/mysql
#chown -R root .
#chown -R mysql var
#chgrp -R mysql .

Install PHP(PHP4.4.2)

Unpack a source archive
# tar -zxvf php-4.3.3.tar.gz

Configure PHP as Apache module with MySQL support
#./configure –with-apxs2=/usr/local/apache/bin/apxs –with-mysql=/usr/local/mysql

Compile the sources
# make

Install the compiled Apache module
# make install

Copy php.ini-dist to /usr/local/lib/php.ini
# cp ./php.ini-dist /usr/local/lib/php.ini

Integrate PHP with Apache

Open httpd.conf(/usr/local/apache_new/conf) open in your text editor

AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Save the file, go up a directory (cd ..), and stop and restart Apache by typing:

./bin/apachectl stop Followed by ./bin/apachectl start

Find the document root from httpd.conf(/usr/local/apache_new/conf) file
DocumentRoot “/usr/local/apache_new/htdocs”

Configuring Websites

Edit /usr/local/apache2/conf/httpd.conf and make sure it has the
correct document root settings :: /var/www/
(change the defautlt documetroot in config file (#DocumentRoot “/usr/local/apachenew/htdocs”) to /var/www/ and also change the the ‘directory’ directive(#<Directory “/usr/local/apachenew/htdocs”) to /var/www/(search for the DocumentRoot and change))

Un-comment the following options …
-> Include conf/extra/httpd-vhosts.conf
-> Include conf/extra/httpd-default.conf

Then edit the v-hosts file(conf/extra/httpd-vhosts.conf) and setup a couple of dummy sites just to make sure everything is working as it should(Comment out all the default VirtualHost entries inside this file)

NameVirtualHost ServerIP:80

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test1/
ServerName test1.com
</VirtualHost>

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test2/
ServerName test2.com
</VirtualHost>

Create the two directories in /var/www/ and place a index.html file in  each, with some domain specific text in, so we can differentiate between the two when testing.

Launch Apache
# /usr/local/apache2/bin/apachectl start

Check the two sites

To finding the hacked website (Gumblar/Martuz)..

Published June 1, 2009 by Siva

To finding the website is hacked by someone or badware scripts running on the server. You can find here…

http://unmaskparasites.com/

This site should be healthy report…. If the report shows badware running..

You need to clean the site on the server & restore the old backup..

Then send review to google web tools &b google will unblock from google blacklist.

Email me for further doubts..

Thanks…