de-POODLE-ing: How to Disable Support for SSLv3 on a cPanel Server

  The latest security buzz this month is about the SSLv3 POODLE vulnerability, and how SSL version 3.0 is now officially designated as insecure, joining its predecessors versions 1.0 (unreleased) and 2.0.  This effectively concludes the life cycle of the SSL protocol in favor of TLS.  This post will give you a brief overview of what…

Read more

SSH Security for Shared Hosting

  Web hosts often shy away from the idea of allowing SSH access to their clients on shared servers, typically due to security concerns bred by the hosting industry.  Some of the largest providers, however, are now offering SSH to make their services more functional for advanced users, so now we are often asked whether allowing SSH as a feature is…

Read more

Configure Email Client Shows Wrong SSL Hostname

  CPanel allows you to install a shared SSL certificate for email services so your users can connect securely to POP, IMAP, and SMTP.  The only real drawback here is that you can only natively use one certificate, which means your users should be connecting to the correct hostname under which the SSL certification is installed…

Read more

How to Convert InnoDB to innodb_file_per_table and Shrink ibdata1

  Years ago, MySQL started allowing InnoDB to possess separate tablespace per table instead of a massive unified ibdata1 file.  Tablespace is basically a logical storage area that contains table information – references, if you will.  Every table, regardless of the storage engine, has one, and without it the table will be unrecognizable to MySQL.  MyISAM…

Read more

Correcting Perl Scalar::List::Util Errors on CentOS 5

  We started getting some reports from users on CentOS 5 trying to run EasyApache and being unable to due to the following error: Undefined subroutine &Scalar::Util::readonly called at /usr/lib/perl5/site_perl/5.8.8/IO/Uncompress/Base.pm line 1104. We found that this is due to an outdated Scalar::Util module that was unable to be loaded properly by system Perl.  To fix this,…

Read more

cPanel Configuration Clusters and Security Considerations

  cPanel 11.44 introduces a new feature fresh from their feature request system that now allows server administrators to deploy the configuration of one server to multiple servers in what the they call a “configuration cluster”.  It will start by offering this capability to just the cPanel update preferences, but will eventually be expanded to work…

Read more

OpenSSL Heartbleed Bug and What You Need to Know

  Over the past few days, we have received an overwhelming number of questions about the OpenSSL Heartbleed bug and how cPanel system administrators should be handling this. First of all, if you haven’t read Codenomicon’s write-up on the bug, which thoroughly explains what it is, you should look visit heartbleed.com. Because their website already…

Read more

Fix for “Missing owner for domain X, force lookup to root”

  On recent cPanel versions, rebuilding the Apache conf returns the following non-fatal error: root@savannah [~]# /scripts/rebuildhttpdconf info [rebuildhttpdconf] Missing owner for domain savannah.tcaserversolutions.com, force lookup to root Built /usr/local/apache/conf/httpd.conf OK   The error does not adversely effect the way the httpd.conf file is built, but the presence of the unnecessary info message can be…

Read more

Implementing Mandrill with Exim on cPanel

  Mandrill is a transactional email service run by MailChimp, comparable to SendGrid.  It comes stock with a powerful API for fast implementation into applications for sending email reliably over SMTP, but it can also be used as a smart host for all of your server’s outgoing email. The below instructions cover how to do…

Read more

Log in