"The mind of a Mad Tech!"

If you notice that an account is missing from your WHM instance and you’ve already attempted to fix this by running /scripts/rebuildcpusers (you have tried this, correct?), then the issue lies in the /etc/trueuserdomains file. To correct this you will need to manually edit this file (using VI, Nano, Pico) and add the domain and the user account assigned to that domain. For example;

My user is Myuser(it really isn’t) and the domain is Mywebsite.com. I would edit this in the file by added it as such:

Mywebsite.com: Myuser

Once this is done, save the file and restart cpanel. Once you access WHM, the directory will appear again.

Tags: Accounts missing, Cpanel, WHM

If you are running vsftpd in standalone mode (not Xinetd), add the “listen_port” directive in vsftpd.conf,like this:

listen_port=222

If you are running vsftpd from an inetd or xinetd program, this becomes an inetd or xinetd problem. You must change the inetd or xinetd configuration files (perhaps /etc/inetd.conf or /etc/xinetd.d/vsftpd).

Tags: listen port, vsftp

Browsing or indexing is an option that allows the contents of a directory to be displayed in the browser when the directory does not contain an index page.
For example, if you make an http call to a directory such as http://yourdomain.com/images/, it would list all the images in that directory without the need for an html page with links.

We will need to create a blank file called “.htaccess”. You can name it “htaccess.txt” while your editing it, then rename the file to “.htaccess” after the file is on your web server.

Disable Directory Browsing or Indexing

Type or copy and past the following line of text in to your blank file.
Note: I add the work “All” so that every folder in that directory follows the same rule.

Options All -Indexes

Enable Directory Browsing or Indexing

You can reactivate it by adding the following line to your .htaccess file:

Options +Indexes

Once this is added, the directory will fully index again.

Tags: Directory Browsing, Linux

This tutorial is for installing Ruby on Rails (RoR) on Linux (Applies to all OS’s).

This is a three step process that requires us to install the Ruby programming language, followed by Ruby Gems (much like YUM but for Ruby extensions) then finally Rails. Please note that if you’ve installed Rails before, DO NOT install the RubyFCGI Gem as it causes problems on FC4 and Lighttpd.

Installing Ruby

To install Ruby, while still in YUM Extender, click on the Install icon that is located on the left toolbar. Now we can search for uninstalled Ruby packages by typing Ruby into the filter textbox near the top of the Yum Extender window then pressing the Enter key on your keyboard. Now you should see a list of all Ruby related software that can be installed on your FC4 system. The packages that we need and the ones that you place check marks next to are:

* ruby
* ruby-devel
* ruby-libs
* irb
* rdoc

Once you have selected these packages, click the Install button at the bottom of the Yum Extender window, follow the prompts and wait for the packages to download and install, then we will move on to the next step.
Installing Ruby Gems

To install Ruby Gems, we’ll need to go back to a Terminal window and type the following commands (pressing enter at the end of each line):

wget http://rubyforge.org/frs/download.php/5207/rubygems-0.8.11.tgz
tar zxvf rubygems-0.8.11.tgz
cd rubygems-0.8.11
ruby setup.rb

If all goes well, you should see a message that says Successfully build Ruby Gems.

Now lets cleanup the files we downloaded and extracted by typing:

cd ..
rm ruby* -drf
Installing Rails

Once Ruby Gems has installed, installing Rails becomes very easy. From the same terminal window type:

gem install rails –include-dependencies

Wait for the Rails software to download and install, then close the terminal window.

Tags: Ruby on Rails

What is BFD (Brute Force Detection)?

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. BFD is available at: http://www.rfxnetworks.com/bfd.php

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
- You MUST have APF Firewall Installed before installing BFD – it works with APF and requires some APF files to operate.
- Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

3. tar -xvzf bfd-current.tar.gz

4. cd bfd-0.2

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd

7. Enable brute force hack attempt alerts:
Find: ALERT_USR=”0″ CHANGE TO: ALERT_USR=”1″

Find: EMAIL_USR=”root” CHANGE TO: EMAIL_USR=”[email protected]”

Save the changes: Ctrl+X then Y

8. Prevent locking yourself out!
pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs
Eg: 192.168.1.1

Save the changes: Ctrl+X then Y

BFD uses APF’ cli insert feature
and as such will override any allow_hosts.rules entries users have in-place.
So be sure to add your trusted ip addresses to the ignore file to prevent
locking yourself out.

9. Run the program!
/usr/local/sbin/bfd -s

Tags: BFD, Brute force detection