How to find and fix Fuzz Faster U Fool attacks on a hosted cPanel server attacking ports 2083 and 2086
Fuzz Faster U Fool attacks is a technique whereby attackers scan cPanels servers at incredibly high speed on ports 2083 and 2086 and look for
cpanel
WHM/cPanel – List of all ports and a script to test them
Here is a Bash script to test all inbound cPanel ports: 20 FTP 21 FTP 22 SSH 25 SMTP 26 SMTP 53 DNS 80 HTTP
Roundcube Webmail on server slow (but actually not working and no errors) – just hanging
According to cPanel support, if your Roundcube is slow, you should read this: https://support.cpanel.net/hc/en-us/articles/360049982694-Webmail-Login-stuck-on-Logging-you-in And do this: cat /usr/local/cpanel/logs/php-fpm/error.log Look for: WARNING: [pool user_username] server
During large cPanel to cPanel migration using Transfer Tool, Maildir format is not converted to mdbox format
Synopsis cPanel uses Dovecot as it’s IMAP storage. Dovecot can be configured for either Maildir or mdbox format. During a large (1 TB) transfer from
cPanel Transfer Tool Hangs
The cPanel Transfer Tool is incredibly powerful, but at times and given the wrong servers/bandwidth, it might hang. Use top to look for rsync processes.
How to use strace to trace network requests from an internal process on your network
Here is how you can see what ports/packets a local process is doing: strace -e trace=network -f whmapi1 validate_current_dkims domain=example.com 2>&1 | grep -E “(connect|bind|socket)”
Apache on WHM/cPanel randomly stops working – intermittently – possible PHP-FPM issue
Symtoms Randomly, perhaps once or twice a month, Apache completely stops serving sites. No obvious errors, except web sites aren’t loading anymore. From HTTP monitoring
The quickest way to find brute force attackers on a server using Netstat
Step 1. Identify the bastard: netstat -an | grep ‘:443’ | grep ESTABLISHED | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq
Finding an active PHP attacker / hacker on a cPanel shared server with many subdomains
Background cPanel has this lovely feature where you can use one site and then create many more sites below public_html. This is all fine and
cPanel & WHM update failure in upcp script – The following events were logged: “scripts/update-packages”.
Background If you have many cPanel servers you’ll find from time to time they don’t update. This is unfortunately a more common problem than usual.