Softacalous license from GUI interface is just click of mouse work
However if you are doing it from cli
You need to run below cron to refresh the softacalous license
root@vps [~]# /usr/local/cpanel/3rdparty/bin/php /usr/local/cpanel/whostmgr/docroot/cgi/softaculous/cron.php
root@vps [~]#
While working on some issue on clients server I could
see large number of DNS request in /var/log/messages which were flooding DNS server
Jul 27 12:48:55 oklahoma named[14354]: client 74.125.72.2#33485: view external: query (cache) ‘192.245.129.104.in-addr.arpa/PTR/IN’ denied
Jul 27 12:48:55 oklahoma named[14354]: client 173.194.103.8#53106: view external: query (cache) ‘31.249.129.104.in-addr.arpa/PTR/IN’ denied
Jul 27 12:48:55 oklahoma named[14354]: client 74.125.72.147#39348: view external: query (cache) ‘27.249.129.104.in-addr.arpa/PTR/IN’ denied
Jul 27 12:48:55 oklahoma named[14354]: client 173.194.103.7#40721: view external: query (cache) ‘34.249.129.104.in-addr.arpa/PTR/IN’ denied
Jul 27 12:48:55 oklahoma named[14354]: client 173.194.90.9#63592: view external: query (cache) ‘192.245.129.104.in-addr.arpa/PTR/IN’ denied
The solution for such issues is by adding few parameter in /etc/named.conf which is bind configuration file
Add the following under options:
recursion no;
additional-from-auth no;
additional-from-cache no;
and restart named
and now I see no such request coming to DNS which has fixed DNS flood issue
On up-to-date RHEL5 or CentOS5 (currently that means 5.10 aka 5U10)
Add the following line to /etc/sysctl.conf:
|
1
|
net.ipv6.conf.all.disable_ipv6 = 1
|
On a live system you can disable it with:
|
1
|
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
|
While working on WHMCS I was not able to generate tickets
I found out issue was due to mysql being in strict mode
I tried disabling mysql strict mode by adding entries in /etc/my.cnf
sql_mode=””
However it didnt work out.
I have found that there is a /usr/my.cnf file that is enabling strict mode on server.
This file contained the following:
====
sql_mode=NO_ENGINE_
====
I removed the STRICT_TRANS_TABLES option and saved the file. All that is left is to restart the MySQL server. You can do this at your convenience with the following command:
====
/scripts/restartsrv_mysql
====
Once it is restarted, strict mode should be disabled.
While creating of backup of mysql I was getting below error
mysqldump: Error: ‘Out of resources when opening file ‘/tmp/#sql_466b_2.MAI’ (Errcode: 24 “Too many open files”)’
The error is due to Mysql exceeding the limit of open files on mysql
So I just went ahead and saw the open file limit
MariaDB [(none)]> SHOW VARIABLES LIKE ‘open%’
->
-> ;
+——————+——-+
| Variable_name | Value |
+——————+——-+
| open_files_limit | 1024 |
+——————+——-+
1 row in set (0.00 sec)
I went ahead and added a parameter in /etc/my.cnf and restarted mysql to fix this issue
open_files_limit = 5000
While working on one of clients server I was getting below error while updating cpanel license in server
root@hoskb [~]# /usr/local/cpanel/cpkeyclt
Updating cPanel license…Done. Update Failed!
Error message:
Transition to SSL failed: SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
also while debugging did try yum update
however I got an error as well
root@host113 [~]# yum update
Loaded plugins: fastestmirror, rhnplugin
Traceback (most recent call last):
File “/usr/bin/yum”, line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File “/usr/share/yum-cli/yummain.py”, line 309, in user_main
errcode = main(args)
File “/usr/share/yum-cli/yummain.py”, line 157, in main
base.getOptionsConfig(args)
File “/usr/share/yum-cli/cli.py”, line 187, in getOptionsConfig
self.conf
File “/usr/lib/python2.4/site-packages/yum/__init__.py”, line 665, in <lambda>
conf = property(fget=lambda self: self._getConfig(),
File “/usr/lib/python2.4/site-packages/yum/__init__.py”, line 254, in _getConfig
self.plugins.run(‘init’)
File “/usr/lib/python2.4/site-packages/yum/plugins.py”, line 179, in run
func(conduitcls(self, self.base, conf, **kwargs))
File “/usr/share/yum-plugins/rhnplugin.py”, line 124, in init_hook
login_info = up2dateAuth.getLoginInfo()
File “/usr/share/rhn/up2date_client/up2dateAuth.py”, line 222, in getLoginInfo
login()
File “/usr/share/rhn/up2date_client/up2dateAuth.py”, line 190, in login
li = server.up2date.login(systemId)
File “/usr/share/rhn/up2date_client/rhnserver.py”, line 64, in __call__
raise up2dateErrors.SSLCertificateVerifyFailedError()
up2date_client.up2dateErrors.SSLCertificateVerifyFailedError: The SSL certificate failed verification.
e/rhn/up2date_client/rhnserver.py”, line 64, in __call__
raise up2dateErrors.SSLCertificateVerifyFailedError()
up2date_client.up2dateErrors.SSLCertificateVerifyFailedError: The SSL certificate failed verification.
The solution was to recreate certificate bundle file
I moved the old ca.bundle to /backup
cp /etc/pki/tls/certs/ca-bundle.crt /root/backup/
To fix the issue, just download a new certificate bundle. I used the one from haxx.se.
Source : http://eric.lubow.org/2011/security/fixing-centos-root-certificate-authority-issues/
While working on one of clients server I came across one of the errors in Apache error logs
root@hosting [/usr/local/apache/logs]# tail -n 10 error_log
[Thu Jul 07 23:28:49.791175 2016] [core:warn] [pid 1845] (113)No route to host: AH00056: connect to listener on [::]:443
The error was due to basically iptables blocking
I went ahead and flushed iptables to get this issue resolved using below command
# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X#
/etc/init.d/iptables save
# /etc/init.d/iptables restart
I can see there are no more such errors now in error logs 🙂
While working on one of clients website after migration from PHP 5.3 to PHP 5.6
I would see the error on “[01-Jul-2016 02:18:54 America/Chicago] PHP Strict Standards: Declaration of Countries::getAttribute() should be compatible with CActiveRecord”
On googling around I could see the issue was fixed by making changing few settings in php.ini
Add & ~E_STRICT to the end of the active error reporting line. For example, if your current setting is:
You would change it to read:
and restart httpd
This will fix the issue.
While working on one server with cpanel I was facing this error
where I was getting “An installation already exists softacalous” while installing an application via softacalous
Where as in Softacalous I could not see any application installed.
While debugging I found the error was occuring from in file
/home/username/ .softaculous/ installations.php
I went ahead and truncated it and fixed this issue
Proper way of disabling IPv6 subsytem in RedHat Linux 6 / CentOS 6 (dont unload modules or so)
in /etc/sysctl.conf : net.ipv6.conf.all.disable_ipv6 = 1
in /etc/sysconfig/network : NETWORKING_IPV6=no
in /etc/sysconfig/network-scripts/ifcfg-eth0 : IPV6INIT=”no”
disable iptables6 – chkconfig –level 345 ip6tables off
reboot
done
Without reboot it can be done using below command to disable IPV6
root@host121 [~]# echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
root@host121 [~]# echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
However on reboot will need to run same command again as it will revert back to original settings.