Posts

Showing posts from July, 2014

How to add Custom Directives in PHP Version Selector in CloudLinux

Image
[Requires LVE Manager 0.6+]
PHP Selector allows customer to edit php.ini settings. Admin has a full control over which settings can be modified. To allow settings to be modifiable, it has to be whitelisted in: /etc/cl.selector/php.conf 
Here are some of the examples of allowed directives:
Directive = safe_mode
Default   = Off
Type      = bool
Remark    = <5.4.0
Comment   = Enables PHP safe mode. This mode puts a number of restrictions on scripts (say, access to file system) mainly for security reasons.
Directive = safe_mode_include_dir
Type      = value
Remark    = <5.4.0
Comment   = If PHP is in the safe mode and a script tries to access some files, files from this directory will bypass security (UID/GID) checks. Th
e directory must also be in include_path. For example: /dir/inc
Directive php.ini setting Default Default value Type bool, value (any text), list Range list of values for list Type Comment explanation of the setting to display in UI
Admin can modify the settings using piniset

How to Mount S3 Bucket on CentOS/RHEL and Ubuntu using S3FS

S3FS is FUSE (File System in User Space) based solution to mount an Amazon S3 buckets, We can use system commands with this drive just like as another Hard Disk in system. On s3fs mounted files systems we can simply use cp, mv and ls the basic Unix commands similar to run on locally attached disks. If you like to access S3 buckets without mounting on system, use s3cmd command line utility to manage s3 buckets. s3cmd is also provides faster speed for data upload and download rather than s3fs. To work with s3cmd use next articles to install s3cmd in Linux systems and Windows systems. This article will help you to install S3FS and Fuse by compiling from source, and also help you to mountS3 bucket on your CentOS/RHEL and Ubuntu systems. Step 1: Remove Existing Packages First check if you have any existing s3fs or fuse package installed on your system. If installed it already remove it to avoid any file conflicts. CentOS/RHEL Users: # yum remove fuse fuse-s3fs Ubuntu Users: $ sudo apt-g…

Solution: lfd on host: Suspicious process running under user

The message provided are going from CSF , I am sure the time could be adjusted in config however we are not familiar in CSF to help here.
Alternatively you may reduce maximum time how long single request could be processed with FcgiBusyTimeout directive: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html#fcgidbusytimeout but you need to check how to make it properly with cpanel. However we recommend to not reduce that time as depending from resource usage some requests could take longer.

Just Disable PT_LIMIT to get Rid of These Messages.


Subject: lfd on host: Suspicious process running under user plastics

Time: Wed Jul 2 05:41:50 2014 +0000
PID: 53298 (Parent PID:45090)
Account: plastics
Uptime: 103 seconds


Executable:

/usr/selector/php


Command Line (often faked in exploits):

/usr/bin/php


Network connections by the process (if any):

udp: 162.144.92.141:56153 -> 74.220.195.27:53


Files open by the process (if any):

/usr/local/apache/logs/error_log
/usr/local/apache/logs/error_log


Memory maps by th…