Error Installing Modules Such As “json” “phpize\” failed

One of the customers recently faced difficulties with installing json in WHM under Software > Module Installer > PHP Pecl, where he encountered an error:

ERROR: `phpize\’ failed

The json.so object is not in /usr/local/lib/php/extensions/no-debug-non-zts-20060

Or

ERROR: `/root/tmp/pear/cache/json-1.2.1/configure’ failed

Hence with a view to helping everyone who may encounter such as issue, we are posting this post to our knowledgebase.

SOLUTION

The error is mainly due to /tmp mounted as nonexec, hence inorder to troubleshoot it, you must follow the below procedure:

Step 1: Login to SSH

Step 2: Make tmp and var/tmp exec

mount -v -o remount,exec /tmp
mount -v -o remount,exec /var/tmp

Step 3: Install JSON using the command:

pecl install json

Step 4: Revert the changes you did in Step 2 by firing the commands:

mount -v -o remount,noexec /tmp
mount -v -o remount,noexec /var/tmp

Posted in Tutorials / Howtos? | Tagged , | Leave a comment

Information on Shellshock Unix Bug

Shellshock is a bug in the Bash system that is used to exert commands on Unix-based operating systems and relates to the processing of environmental variables. It is believed that the bug has existed for around 25 years, but has only just been discovered by Linux expert Stéphane Chazelas and poses a threat to any system that uses the Bash command line interface; this means that any servers running a Linux distribution could be vulnerable and require patching, as well as any Linux distributions used on the desktop, including Mac OSX as this is a Unix-based OS. The threat lies in the ability for hackers to create specially crafted environmental variables, with potential for the scope of the attack to be extended to include commands, which if achieved would allow hackers to run or install applications on a victim’s machine. Apache also stands to be vulnerable as CGI scripts are executed using shell commands and so it wouldn’t take much for a hacker to call a CGI script using some malicious code. A lot of this is just hypothetical for now since no attacks have been officially recorded thus far.

How does this compare to Heartbleed?

These two bugs focus on different targets. Heartbleed was a bug that lay at the heart of the OpenSSL, an application that is used to encrypt and secure a majority of Internet traffic. With Heartbleed, the security of Internet communications using the application was put at risk as it made it possible for hackers to decrypt what were thought to be secure connections, therefore giving them access to sensitive information. Shellshock on the other hand could prove to be more toxic as it targets Unix-based servers and their command-line interface (CLI) through which the systems are controlled. With much of the Internet running on Apache and with the chances of these Apache web servers running on a Linux base being high, Shellshock has the potential to be more damaging and widespread than Heartbleed.

How can I check if my Linux server or desktop machine is vulnerable?

By running the following Bash command, you will be able to identify if your Linux server is vulnerable:

env VAR='() { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”

In the event that you see the following output, your system is vulnerable:

Bash is vulnerable!
Bash Test

You should then take the necessary steps to protect your server by applying the latest Bash patch. Our 24×7 support team is available to assist you with the process at all times.

What impact will Shellshock have on my Linux server?

Shellshock could leave your Linux server (cloud or dedicated) open to remote attack. It is important to ensure that your server is patched as quickly as possible in order to protect your information and so that a hacker doesn’t have the chance to attack. Particular attention should be paid to servers that are running Apache, specifically with the mod_cgi and mod_cgid modules included; particular installations of OpenSSH and some DHCP clients are also vulnerable. A patch has already been released and in order to take advantage of this, you should use the package manager that is included with your Linux distribution; this should be available for major distributions such as Ubuntu, CentOS, Redhat and Fedora. If you are unsure of how to do this then simply contact our 24×7 support team who will be able to patch your server for you.

Posted in Web Hosting Security | Leave a comment

How to check drive temperature? – Linux Command

Monitoring the drive temperature is a crucial aspect of server management, to ensure that the hardware delivers efficient performance. If the drives temperature exceeds the safe threshold limit, it may result in the drive to crash. Hence keeping a check on the temperature once a week (atleast) and monitoring its fluctuations can help bypass disasters.
To check the drive temperature, you must fire the following command as a root user:

smartctl -A /dev/hda

NOTE: In above command we have used hda due to the fact that the test server is configured with the “IDE controllers”, if your server is configured with the “SCSI controllers” device, replace the /dev/hda with the /dev/sda and Run the command.
Also make sure that you are using the individual partition label, for example.

smartctl -A /dev/hda1

OR

smartctl -A /dev/sda1

Posted in Tutorials / Howtos? | Tagged , | Leave a comment

How to Update Contact Information or Whois Details for Domains for WHUK?

Having your domains contact information updated is vital. Frequent emails are sent to customers who have their domains registered with us, and we expect you to update the registrant, administrator, technical, and billing contact information for your domain(s). Some would also refer to this as the Whois information, it’s the same.

Well, if you don’t know how to update these details, here’s a guide.

Step 1: Log in to your web hosting dashboard.

ClientArea Dashboard How to Update Contact Information or Whois Details for Domains for WHUK?

Step 2: Go to Manage Domains under the Services tab
Step 3: Click View details for the domain you wish to change/update the details.

ClientArea Services ManageDomains How to Update Contact Information or Whois Details for Domains for WHUK?

Step 4: Scroll down to the bottom of the page and click Contact Information for edit

ClientArea ManageDomains editContactInfo How to Update Contact Information or Whois Details for Domains for WHUK?

Step 5: Evaluate the details for the fields and update where necessary.

ClientArea ManageDomains ContactInfoUpdate How to Update Contact Information or Whois Details for Domains for WHUK?

Step 6: Save the updated details.

ClientArea ManageDomains save How to Update Contact Information or Whois Details for Domains for WHUK?

If you still need any assistance with updating the information for your domain, please feel free to contact our billing department by email (billing@webhosting.uk.com) or 24×7 live chat support, we’ll be glad to assist.

Posted in Domain And DNS | Tagged , , | Leave a comment

Bash Code Injection Vulnerability (CVE-2014-7169) – Fix and Solution

Be advised, it’s a temporary fix released by Red Hat Security Response Team. The team is working on a full fix for which they are expected to release the patch soon.

The Bash vulnerability is supposed to be of higher criticality than Heartbleed. It’s found in all versions of the bash package shipped by Red Hat, it’s unclear since when it’s been there. With the CVE-2014-7169 vulnerability, users may have the capability of arbitrary code execution. Certain services & applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.

Priority: Severe

The National Vulnerability Database has given a score of 10 i.e. highly severe, meaning it’s critical and the access complexity is Low. Hence, the vulnerability can be easily exploited by hackers if identified.

How to check if you have a vulnerable Bash version over your system ?

Run the below command to check :

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the output is like:

env x echo vulnerable bash c echo this is a test Bash Code Injection Vulnerability (CVE 2014 7169)   Fix and Solution

it clearly means you have a vulnerable Bash version running on your system.

In that case, apply the following patch to fix it.

Upgrade Bash using the yum command in ssh:

yum upgrade bash

JPEG yum upgrade bash complete Bash Code Injection Vulnerability (CVE 2014 7169)   Fix and Solution

Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

Once the bash update is complete, reboot your system for the new bash package to take effect.

External References:

  • http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

    https://bugzilla.redhat.com/show_bug.cgi?id=1141597

    https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

    https://access.redhat.com/articles/1200223

    https://access.redhat.com/security/cve/CVE-2014-6271

Posted in Tutorials / Howtos? | Tagged , | Leave a comment

Plesk 12 Demos – Parallels Web Hosting Control Panel

Plesk 12 Plesk 12 Demos   Parallels Web Hosting Control Panel

Parallels Plesk 12 offers an ideal hosting control panel for resellers, web admins and hosts offering web hosting solutions. Plesk needs no special explanation as people from the industry of server administration are well aware of its capabilities. With the recent release of Plesk 12, Parallels have further enhanced its features – which now allows users to convert resellers to customers and vice-versa on-the-fly. This version has a special inclusion of WordPress Toolkit for easing the task of management and security of WordPress sites.

Here are some resources to help you explore different areas of Plesk 12:

Login: admin
Password: panel

Login: admin
Password: panel

  • Plesk 12 Web Pro Edition – Power User Mode (Server + Site Management)

Login: admin
Password: panel

For Linux and Windows

  • Plesk 12 Web Host Edition – Service Provider Management

Login: admin
Password: panel

For Linux and Windows

Parallels has also provided a documentation which can be found here:

Information & image source : http://www.parallels.com

Posted in Tutorials / Howtos? | Tagged , , | Leave a comment

Failed to connect to database: User admin already has more than ‘max_user_connections’ active connections

This is one of the common backup errors produced when the maximum number of  connections to the database is surpassed – after which this message is thrown “Failed to connect to database: User admin already has more than ‘max_user_connections’ active connections

In such a situation, unless any of the previously active connection is closed, no more connections can be established with the database. This may happen at occasions when there are too many requests made to the database OR a certain script consistently request for too many connections at any given point of time.

How to troubleshoot the backup error : Failed to connect to database?

Step 1 : RDP into the windows server.

Step 2 : Edit the file C:\Program Files\Parallels\Plesk\MySQL\Data\my.ini

Step 3 : Check the settings max_user_connections and increase the value or better remove the max_user_connections parameter and mysql default settings will be applied. This is how the file looks like :

my.ini  Failed to connect to database: User admin already has more than ‘max user connections’ active connections

Posted in Tutorials / Howtos? | Tagged , | Leave a comment

Addon domain not present while adding forwarder OR creating new email account – cPanel

If an addon domain is not displayed while creating an email account OR while adding a new forwarder whereas all the other files related to the domain can be found over the server then :

Step 1 : Check the user file at

/var/cpanel/users/oy

where oy is the username of the account

Step 2 : Add the entry of domain if not present

Hope this resolves the issue for you !

Well, if it doesn’t, please feel free to contact our technical support department via. email or live chat and we’d be glad to assist.

NOTE : Please keep your server details ready inorder to help save time of both of us.

Posted in Tutorials / Howtos? | Tagged , | Leave a comment

How to add SMTP ports in cPanel, inaddition to the default ports?

At-times users may run into a situation where some local ISP’s may deny services to be run over port 25 (which is the default port for SMTP) for certain reasons – usually due to security purposes. In that case server administrators configure and enable the alternative SMTP port on a server, which the end user can use as an alternative SMTP port in email account setups on their local PCs.

Following are the steps to add alternative SMTP ports via. WHM/cPanel

Step 1 : Login to WHM

WHM login screen How to add SMTP ports in cPanel, inaddition to the default ports?

Step 2 : Click on Service Configuration >> Service Manager

WHM service configuration screen grab How to add SMTP ports in cPanel, inaddition to the default ports?

Step 3 : Select exim on another port option

WHM exim configuration manager screen grab How to add SMTP ports in cPanel, inaddition to the default ports?

Step 4 : You can open additional port along with the default port 25.

WHM exim on alternate port How to add SMTP ports in cPanel, inaddition to the default ports?

If you need any help with this, please feel free to contact our support department, we’d be glad to assist.

Posted in Tutorials / Howtos? | Tagged , , | Leave a comment

.UK Domain Names – Reservation Procedures

On the 10 June 2014, the shorter, smarter and snappier .uk domain name launched, which brought with it the biggest major change to the UK namespace in many years. Now, for the first time, you can get the domain name you’ve always wanted on the top-level “.uk” extension directly.

In order to protect owners of .co.uk, .org.uk or .me.uk domains that were registered before the new shorter .uk extension went live, some .uk domains that are available for registration but have a matching .co.uk, .org.uk or .me.uk already registered may be subject to reservation rules by Nominet, the UK’s domains registry.

Any .uk domain that is protected by reservation can only be registered by the owner of the equivalent .co.uk, .org.uk or .me.uk that is entitled to register the .uk domain first.

Definitions

  • “cut off date” refers to 23:59 GMT on 28 October 2013
  • “launch date” refers to 08:00 BST on 10 June 2014
  • “reservation period” refers to 5 years from 10 June 2014 until 10 June 2019

Please see the list below:

For .uk domains

  • If you registered a .uk domain name before the cut off date and is still active, you have the first right to register the matching .uk domain name and is therefore exclusively reserved for you.
  • If you registered a .uk domain name after the cut off date but before the launch date and is still active, and there was no matching .org.uk or .me.uk registered before the cut off date, you have the first right to register the matching .uk domain name and is therefore exclusively reserved for you.

For .org.uk domains

  • If you have registered a .org.uk domain name before the cut off date and is still active, and there was no matching .co.uk registered before the cut off date, you have the first right to the matching .uk domain name and is therefore exclusively reserved for you.

For .me.uk domains

  • If you have registered a .me.uk domain name before the cut off date and is still active, and there was no matching .org.uk or co.uk registered before the cut off date, you have the first right to the matching .uk domain name and is therefore exclusively reserved for you.

The first right of registration lasts for 5 years from the 10 June 2014 – the “reservation period”.

How can I check whether a .uk domain name is already “reserved”?

You can use Nominet’s free tool to check.

Is this reservation service free of charge?

Yes. When you claim any reserved .uk domain name, you simply pay our standard fee for the registration.

I do not want to register my reserved .uk domain name.

If you do not wish to register the .uk domain name that has been reserved for you, there is nothing you need to do. It will remain reserved for the remainder of the reservation period if you change your mind later on.

What do I need to do if I want to let someone else register my reserved domain?

You will need to register the domain name yourself and then transfer it over to its new owner.

Can I release a .uk domain name from reservation if I do not want it?

Unfortunately, this is not possible. It will remain reserved until the end of the reservation period.

If you have any questions not answered here, please feel free to call our knowledgeable sales team on 0800 862 0890 or speak with us via our 24×7 live chat service.

Posted in Domain And DNS | Tagged , , , , , , | 1 Comment