Author: The Geek Decoder

Warning: cPanel is unable to verify that this server is an authoritative nameserver

July 15, 2016 The Geek Decoder No Comments cPanel

When trying to add DKIM and SPF records to my domain and I’m getting the error “Warning: cPanel is unable to verify that this server is an authoritative nameserver for domain.com”

Warning: cPanel is unable to verify that this server is an authoritative nameserver

That message typically indicates the use of external name servers for the domain name associated with the account. So since the domain domain.com is using outside server nameservers you would actually just need to copy the DKIM and SPF records and add them in the DNS zone where DNS is hosted.

Find all files modified within 30 days and then parsed that for base64 decodes (used to encrypt/hide coding)

July 15, 2016 The Geek Decoder No Comments Administration

If your site is hacked, the check for edited files. Find all files modified within 30 days and then parsed that for base64 decodes (used to encrypt/hide coding)

Find the coding itself

# cd /home/domain/public_html
# find . -type f -ctime -30 -iname "*.php" -exec grep "base64_decode" {} \;

Results

# find . -type f -ctime -30 -iname "*.php" -exec grep "base64_decode" {} \;
        $buf .= base64_decode($util->GetRandom($bytes, 0));
                                $data = base64_decode($data);
                        $data = base64_decode( $data );
                        $data = base64_decode($data);
                $value = base64_decode($this->_currentTagContents);
                $challenge = base64_decode(substr($this->last_reply, 4));
                $decoded = base64_decode( $value['encoded_serialized_instance'], true );
                                        $flac->setStringMode(base64_decode($ThisFileInfo_ogg_comments_raw[$i]['value']));
                                        $data = base64_decode($ThisFileInfo_ogg_comments_raw[$i]['value']);
    $decoded_sig = base64_decode($signature);
        $uncompressed =$this->_uncompress(base64_decode(strtr($compressed, '-_', '+/')));
                        return base64_decode($value);
                        return base64_decode($value);
                $this->_accountKey = base64_decode($accountKey);
                $this->_accountKey = base64_decode($value);
                                        base64_decode((string)$xmlMessages[$i]->MessageText)
            return base64_decode($sessionRecord->serializedData);
        $incomingSignature = base64_decode($message->get('Signature'));
            if (base64_decode($token,true)){
                $decoded_token = base64_decode($token,true);
            $raw_data = base64_decode($data);
    return base64_decode($b64);
                $challenge = base64_decode($challenge);
                $challenge = base64_decode(substr($this->last_reply, 4));
    return base64_decode($b64);
eval(base64_decode('TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ1dCBieSB0aGlz'.
                $expected_raw_md5 = base64_decode( $expected_md5 );

As we can see – here is a excerpt from the base64 code. Now, lets find the file. To find the base64 coding, copy a bit of the base64 and run;


# find . -type f -ctime -30 -iname "*.php" -exec grep -l "TWFuIGlzIGR" {} \;
./basecode.php

Where that gibberish in the grep is a small tidbit of the base64 coding
The first one finds the coding itself. The second finds the file containing the coding.

Install xcache

July 12, 2016 The Geek Decoder No Comments Apache, PHP

CentOS 6

# yum install php-xcache xcache-admin

Debian/Ubuntu/Linux Mint


# apt-get install php5-xcache

Configure

RHEL/CentOS/Fedora


# nano /etc/php.d/xcache.ini

Debian/Ubuntu/Linux Mint


# nano /etc/php5/conf.d/xcache.ini

OR

# nano /etc/php5/mods-available/xcache.ini

once you’re done with configuration settings, restart your Apache web server.



# /etc/init.d/httpd restart



# /etc/init.d/apache2 restart

Verify

# php -v

Enabling XCache Admin Panel for PHP

By default the admin panel is protected with http-auth and in disabled state. To set user/password open the Xcache.ini file. But, first you have to create md5 password using following command. (Where typeyourpassword is your password).


# echo -n "typeyourpassword" | md5sum

Sample Output


ae9ac3f19ae3990b2c99701061c5d8c2

Now open Xcache.ini file add the generated md5 password. See the following example, add your own password md5 string.


[xcache.admin]
xcache.admin.enable_auth = On
; Configure this to use admin pages
xcache.admin.user = "mOo"
; xcache.admin.pass = md5($your_password)
xcache.admin.pass = "ae9ac3f19ae3990b2c99701061c5d8c2"

The simplest way to do so is copying the whole directory xcache (admin was in older release) to your web root directory (i.e. /var/www/html or /var/www).


# cp -a /usr/share/xcache/ /var/www/html/

OR


# cp -a /usr/share/xcache/htdocs /var/www/xcache

OR


cp -a /usr/share/xcache/admin/ /var/www/ (older release)

Now call it from your browser, a http-auth login prompt window will pop-up. Enter your user/pass in, and it’s done.

http://localhost/xcache OR http://localhost/admin (older release)

How to enable Xcache in cPanel

July 12, 2016 The Geek Decoder No Comments Apache, cPanel

How to enable Xcache in cPanel to speed up website?
Xcache can be enabled in cPanel by using Easy Apache.

Log into your cPanel server. After you login, search for “EasyApache” in left column and click on the link. Select “Previously Saved Config” and click on “start customizing”. For both Apache and PHP, click on “next step” button. Look for “xcache for php” and check the box. Click on “save and build”. Allow the build process to finish.

To enable xcache, you will need to make changes to php.ini before it can be used by your scripts. 

# nano  /usr/local/lib/php.ini

Here is recommended settings for xcache in cPanel —

xcache.admin.pass=””
xcache.admin.user=”mOo”
xcache.cacher=”On”
xcache.coredump_directory=””
xcache.count=”1″
xcache.coveragedump_directory=”/tmp/pcov/”
xcache.coverager=”Off”
xcache.gc_interval=”300″
xcache.mmap_path=”/dev/zero”
xcache.optimizer=”On”
xcache.readonly_protection=”Off”
xcache.size=”50M”
xcache.slots=”8K”
xcache.test=”Off”
xcache.ttl=”3600″
xcache.var_count=”2″
xcache.var_gc_interval=”300″
xcache.var_maxttl=”7200″
xcache.var_size=”16M”
xcache.var_slots=”8K”
xcache.var_ttl=”3600″

Make necessary changes and save. Aftererwards you will need to restart Apache in WHM for changes to take affect

# service http restart

Downgrade PHP 7 to PHP 5.6 on Ubuntu 16.04 Xenial

July 1, 2016 The Geek Decoder No Comments PHP, Ubuntu

How to install PHP 5.6 on Ubuntu 16.04 Xenial and replace php 7. Let’s assume you have a fresh Ubuntu 16.04 server.

Install add-apt-repository:


# sudo apt-get install python-software-properties

Add repository for PHP 5.6:


# sudo add-apt-repository -y ppa:ondrej/php

Update package lists:


sudo apt-get update

Install php5-fpm:


# sudo apt-get install php5.6-fpm

Check the result:


# php -v
PHP 7.0.4-7ubuntu2.1 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies

Run the following:

# sudo mv /usr/bin/php /usr/bin/php7
# sudo mv /usr/bin/php5.6 /usr/bin/php

Check again


# php -v
PHP 5.6.23-2+deb.sury.org~xenial+1 (cli) 
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

Restart Apache

# service apache2 restart

How to Add a User and Grant Root Privileges with visudo on CentOS 6.7

June 10, 2016 The Geek Decoder No Comments Administration, CentOS 6

Change to root

$ su -
Password: 


adduser mynewuser

Now set the password for the new user:


passwd mynewuser

Step 2: Grant Root Privileges to the User
For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor


visudo

Find the following code:


## Allow root to run any commands anywhere
root ALL=(ALL) ALL

In this case, we’re granting root privileges to the user mynewuser . Add the following below that code:


mynewuser ALL=(ALL) ALL

IP Lookup with CLI Linux

June 9, 2016 The Geek Decoder No Comments Administration

nstall geoiplookup on Debian, Ubuntu or Linux Mint:


$ sudo apt-get install geoip-bin

To install geoiplookup on Fedora:


$ sudo yum install geoip

To install geoiplookup on CentOS, first enable EPEL repository

$ sudo yum install epel-release

then use yum command:


$ sudo yum install geoip

The default installation of geoiplookup comes with GeoIP.dat database file which is located in /usr/share/GeoIP. With this database, you can look up the country information only.


$ geoiplookup 23.66.166.151
GeoIP Country Edition: US, United States

You can download additional GeoIP databases from MaxMind, which give you more detailed information about IP addresses beyond country info. You can also download more up-to-date GeoIP.dat from the site. This is recommended because GeoIP.dat may have already been outdated by the time you install it from Linux repositories. The GeoIP databases available on MaxMind website are updated every month.

To install additional GeoIP databases from MaxMind, do the following. You may want to set up a monthly cronjob to automate this process.


$ wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
$ wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
$ wget http://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz
$ gunzip GeoIP.dat.gz
$ gunzip GeoIPASNum.dat.gz
$ gunzip GeoLiteCity.dat.gz
$ sudo cp GeoIP.dat GeoIPASNum.dat GeoLiteCity.dat /usr/share/GeoIP/

Now if you re-run geoiplookup, you will see the additional AS number information of an IP address. This basically tells you which administrative domain the IP address belongs to.


$ geoiplookup 128.112.119.209
GeoIP Country Edition: US, United States
GeoIP ASNum Edition: AS88 Princeton University

When run without any parameter, geoiplookup tool automatically uses GeoIP.dat and GeoIPASNum.dat only, but not use GeoLiteCity.dat. The latter can give you city-level information.

To obtain city-level geolocation information, explicitly tell geoiplookup to use GeoLiteCity.dat database.


$ geoiplookup -f /usr/share/GeoIP/GeoLiteCity.dat 23.66.166.151
GeoIP City Edition, Rev 1: US, MA, Cambridge, 02142, 42.362598, -71.084297, 506, 617

The output includes state, city, zipcode, latitude and longitude. The accuracy of the inferred location varies across different countries and networks. For example, the geolocation result tends to be more accurate for broadband IP addresses, but not as accurate for mobile networks.

You can try ipinfo.io online service. Unlike other services, ipinfo.io provides JSON-based geolocation API, so you can easily look up geolocation from the command line, using tools like curl.


$ curl ipinfo.io/23.66.166.151

Set up vhost in CentOS

June 1, 2016 The Geek Decoder No Comments Apache

Make a vhosts file in /etc/httpd/conf.d


# nano dominname.conf

Add the following

# file: /etc/http/conf.d/dominname.conf
# vhost: geekdecoder.com *.dominname.com
#NameVirtualHost *:80

<VirtualHost *:80>

  # Admin email, Server Name (domain name) and any aliases
    ServerName dominname.com
    ServerAlias www.dominname.com
    ServerAdmin webmaster@dominname.com

  # Index file and Document Root (where the public files are located)
    DirectoryIndex index.html index.php
    DocumentRoot /home/dominname/public_html

  # Custom log file locations
    LogLevel warn
    ErrorLog /home/dominname/logs/error.log
    CustomLog /home/dominname/logs/access.log combined

  # Error Documents
    ErrorDocument 404 /errors/404.html
    ErrorDocument 403 /errors/403.html

  <Directory />
    AllowOverride All
    Options None
  </Directory>

 <Directory "/home/dominname/public_html">
    Order allow,deny
    Allow from all
    Options SymLinksIfOwnerMatch
    Options -Indexes
    Options -Includes
  </Directory>

  ScriptAlias /cgi-bin/ /home/dominname/public_html/cgi-bin/
  <Location /cgi-bin>
  Options +ExecCGI
  </Location>

</VirtualHost>
<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/dominname.crt
        SSLCertificateKeyFile /etc/pki/tls/private/dominname.key
        <Directory /home/dominname/public_html/>
        AllowOverride All
        </Directory>
        DocumentRoot /home/dominname/public_html
        ServerName dominname.com
</VirtualHost>

Adding Secondary IP Addresses CentOS 6.x

May 31, 2016 The Geek Decoder No Comments CentOS 6

To add a secondary IP to CentOSnavigate to your /etc/sysconfig/network-scripts


# cd /etc/sysconfig/network-scripts

[/bash]

# ls -la
-rw-r--r--. 1 root root   203 Dec 30 14:18 ifcfg-eth0
-rw-r--r--. 1 root root   230 Dec 30 14:59 ifcfg-eth1

The system has a public and primary IP.

# nano ifcfg-eth0

[/bash]


DEVICE=eth0
HWADDR=00:0C:29:E7:7D:05
TYPE=Ethernet
UUID=b9cbc9ab-d4a5-4ca8-9e3c-176c62102adc
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=216.55.000.000
GATEWAY=216.55.169.1
NETMASK=255.255.255.0

To add a public IP, create new files with ifcfg-eth0:1, ifcfg-eth0:2, etc