Changing the Exim interface IP

In order to change the exim interface IP, do the following :

-SSH to your server and edit the file – /etc/mailips : This file controls the IP address from which each domains are allowed to send the mails. If the file is not present, create it. Open the file for editing using your preferred text editor. You will need to configure this file in the following way:

*: (<- desired IP )

^ the option * denotes the entire list of domains in the server. If you require just one domain to send from a different IP, specify the domain there instead of ‘*’

– Disable the following from WHM

From WHM »Service Configuration »Exim Configuration Manager>> Domain and IPs>> Send mail from account’s dedicated IP address "on"

– Enable this option,

Reference /etc/mailips for outgoing SMTP connections.

And now, restart the exim service.

/root/.cpanel/comet consuming huge disk space ?

On checking the disk usage of your server, you might notice that /root/.cpanel/comet consumes considerable amount of disk space.

This happens when high number of emails are in the mail queue manager which can occur when spamming is carried out in the server.

Manually purging the files would be an effort-consuming task.

Clear the comet directory by giving the following command via SSH:

# /usr/local/cpanel/bin/purge_dead_comet_files

Remove fantastico plugin from WHM !

SSH to the server and issue the following commands to remove fantastico :

# rm -rf /var/netenberg/
# rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/
# rm -rf /usr/local/cpanel/3rdparty/fantastico*
# rm -rf /usr/local/cpanel/base/frontend/*/fantastico
# rm /usr/local/cpanel/base/frontend/x/cells/fantastico.html
# rm /usr/local/cpanel/whostmgr/docroot/cgi/addon_fantastico.cgi

After removing fantastico from the server, does any of the cPanel accounts show the fantastico icon ?

-You can remove it by doing the following :

From the backend, go to /var/cpanel/registered_cpanelplugins
and delete the file “Fantastico_De_Luxe”

Then, from WHM->Packages->Feature Manager, remove the fantastico check box.

Named not starting in Plesk !

When trying to restart named, you get an error stating that some parameter is not given correctly in a zone file.

It would be a reverse PTR zone file with name something like this:

Open the zone file using vim , like :

# vim /var/named/run-root/var/

When you check the file, you can see a mis-configuration in a particular line when compared with other lines. You can easily spot that with your naked eye.

Edit that misconfigured line (check how other lines are written ) and save it and restart named service.

This is a bug which is seen in older versions of Plesk.

Memory drain issues on MySQL 5.6 ?

With the recent upgrade of WHM/cPanel, the users get the ability to upgrade their MySQL server to 5.6.x ( x > 6 ).

However, when this upgrade is done, lot of server owners are seeing memory drainage issues. An idle MySQL server tends to consume around 50% of your RAM, which is a very serious concern.  I had to upgrade a personal server of mine and faced serious issues with memory drainage. A more dig on this issue, highlighted a change brought around in the latest versions of MySQL with the parameter ‘performance_schema‘.

Starting from MySQL 5.6.6, this parameter performance_schema is enabled by default and it consumes the server memory even at an idle state. Performance Schema automatically sizes the values of several of its parameters at server start-up if they are not set explicitly, which causes the memory usage to spike up.

The workaround for this issue is to disable performance_schema. This can be done by adding the following value to the configuration file – my.cnf

performance_schema = 0

Add this line and restart MySQL server. Things should be fine from now 🙂

Note : When you try to upgrade MySQL to 5.6.x, from a VPS with 1GB of RAM provisioned you will need to edit the config file and pass the keyword to disable performance_schema ( Yes, before the upgrade ). If not, there are chances for your upgrade to fail partly, due to MySQL upgrade script installing MySQL server components each and it gets killed due to over-usage of RAM as performance_schema is enabled by default.


The NTP vulnerability !

Just like the DDoS is hitting web-servers and DNS servers, it has started hitting the ntpd servers which are left open.

The Network Time Protocol, or NTP, syncs time between machines on the network, and runs over port 123 UDP. It’s typically
configured once by network administrators and often is not updated.

Recently there is a major jump in attacks via the protocol. Attackers appear to be employing NTP for DDoSing similar to the way DNS is being abused in such attacks. They transmit small spoofed packets requesting a large amount of data sent to the DDoS target’s IP address.

It’s all about abusing the so-called “monlist” command
in an older version of NTP. Monlist returns a list of the last 600 hosts that have connected to the server.

To check if your ntp service is open/vulnerable :

# ntpdc -c monlist IP ( See if it returns the list of hosts,
if it does, it is vulnerable )

To get around this,

# The easiest way to update to NTP version 4.2.7, which removes the monlist command entirely.

# If upgrading is not an option, you can start the NTP daemon with noquery enabled in the NTP conf file. This will disable access to mode 6 and 7 query packets (which includes monlist).

Add the below lines to /etc/ntp.conf :


restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery


If monolist query is disabled,

# ntpdc -n -c monlist IP should return,

xx.xx.xx.xx: timed out, nothing received
***Request timed out

Act now and stop becoming the part of a chain 🙂


Apache error_log for a domain filled with PHP errors ?

There are situations in which the error_log associated with a domain fills up a good part of the disk space consumed.

Lets find what are they logging ! Is it something like,

[Date America/New_York] PHP Strict Standards: Non-static method JDispatcher::getInstance() should not be called statically in /path-to/file.php

We can see that PHP Strict-Standards errors are being reported here. As each and every strict standard errors is being reported, error_log will consume huge amount of space.

This is a change which has been seen in the newer version of PHP, which now reports E_STRICT errors on default.

To get around this issue, disable error reporting for strict standards, by adding the below line to PHP configuration file.

error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

cPanel error – Not able to change the shell for a user ?

When trying to change the shell access for a user from WHM, do you face the following issue ?

Screenshot from 2014-07-15 11:50:26


– Even when trying to change the setting via back-end, you might face the issue :

# chsh -s /bin/bash x
Changing shell for x
setpwnam: File exists
Shell *NOT* changed.  Try again later.

– The above error indicate that there is a lock on the file  /etc/passwd Deleting /etc/ptmp will fix this issue.

# rm /etc/ptmp


VMware ! What is it actually ?

VMware and its associated virtualization is something which you hear a lot these days, especially if you are dealing with IT in some or the other way.

Well, what exactly is this?  Lets have a look at it.

As you might be aware of, there are 2 types of virtualization.

– The type 1 is the one where the program (lets call it the hypervisor) which provides the virtualization power is seen as directly interacting with the underlying hardware without the help of any OS.

– On the other hand, the type 2 hypervisor is the one which emulates virtualization by being able to create virtual machines with the help of an OS which would communicate with the underlying hardware.

Have a look at this picture and get the concept into your head.

Comparison between Type-1 and Type-2 hypervisor








So, what type of virtualization does VMware offer ? Well the answer is that it provides both, type 1 as well as type 2 virtualization.

The software’s like VMware workstation, VMware player etc comes under the category of type 2 virtualization, where you would require an OS to build other virtual machines.

You can install it for free and give it a try. Check this.

However, this technology is not the one which is widespreadly used in the IT industry these days. When it comes to the name VMware in a production environment, it refers to Type 1 hypervisor.
This is where the terms like vSphere, vCenter, ESXi and so on comes into play.

As I indicated, type1 hypervisor does not require an additional OS to communicate with the underlying hardware. The hypervisor used here is called as ESXi. So you can think of ESXi as something like an OS developed by VMware to enable it for the communication with the
underlying hardware and perform many many functions.

So if you got a server ready for virtualization, you would first install the ESXi on it.

If you have a piece of server ready for testing, give it a try from here.

You have some evaluation period of 60 days from VMware. I first tired it on my laptop – Thinkpad t510 😀 ( Be careful, the installation of ESXi will erase the entire hard-disk, if you do not have a secondary one ).

Once ESXi is installed, your box becomes one without an OS and you will need another machine to connect/configure it.

Coming to all those in a while..

So, once the installation is complete, your server ( ESXi host ) is ready for use. But you wont be able to manage this server without the use of another system. Here is where you are going to familiarize with the word -vSphere Client.

vSphere client allows administrators to connect to these ESXi servers and create/access/manage virtual machines. vSphere client once installed on any client machine, is used to connect to ESXi server and do management tasks. Once you setup your ESXi server, you have the option to assign it an IP address. It would be using this IP, you will connect to it, from a vSphere client.

Login to your EXSi host/vCenter using vSphere client











But wait, you cant do each and everything using a vSphere client alone. Here is where the term vCenter comes into play. vCenter is a server which is installed on a Windows VM (mostly ) running on top of the ESXi host. Using the vSphere client, you can either access the ESXi host directly or access the vCenter server running on top it. The real advantage of using VMware in a production environment is due to its special features like vMotion, HA, DRS etc.

To perform those , you need a vCenter. Yea, you guessed right 😀

You have to buy vCenter license separately !

vCenter server is a must in a large environment where there are many ESXi servers and hundreds of virtual machines. If you just had vSphere client, you would need to manage each ESXi separately, that too without the enterprise features which I mentioned earlier. If you have a vCenter, you can manage all the ESXi hosts in your environemtn, using this powerpacker.

So what is this vSphere all about ? That is the name given to all these components, the ESXi, vSphere client, vCenter !

Let’s look at this :



This is all about VMware in a nut-shell ! 🙂

cPanel – Your RPM database appears unstable !

There is a common issue with cPanel when trying to force an update.

You might get an error message which looks like :

“fatal: Your RPM database appears unstable. It is not possible at the moment to install a simple RPM”

– RPM database gets corrupted over a while,  hence preventing cP from updating.

– Give in the following, to fix this issue :

# mkdir /root/old_rpm_dbs/
# mv /var/lib/rpm/__db* /root/old_rpm_dbs/
# rpm --rebuilddb ( rebuilds the RPM database )
# /scripts/upcp  ( cPanel update )