WHM/cPanel
SSH log
/var/log/secure
Apache
/usr/local/apache/logs/access_log
/usr/local/apache/logs/error_log
/usr/local/apache/logs/error_log | grep ModSec
more /usr/local/apache/logs/error_log | grep namadomain
/usr/local/apache/domlogs
/var/cpanel/secdatadir/ip.pag
Exim
/var/log/exim_mainlog
/var/log/exim_rejectlog
/var/log/exim_paniclog
/var/log/maillog
/var/cpanel/email_send_limits/max_deferfail_example.com
cPanel
/usr/local/cpanel/logs/access_log
grep -in "username" /usr/local/cpanel/logs/access_log
/usr/local/cpanel/logs/error_log
/usr/local/cpanel/logs/login_log
FTP
/var/log/messages
HTTPD
/etc/httpd/logs/
APACHE CONFIG
/usr/local/apache/conf
CSF/LFD
/var/log/lfd.log
/etc/csf/csf.pignore | user:usercpanel > buat csf mengignore process user
/etc/skipsmtpcheckhosts
/var/lib/csf/
Access Log
/home/usercpanel/access_logs
httpd.conf
/usr/local/apache/conf
/usr/local/apache/htdocs > akses via hostname
/var/cpanel/templates/apache2/main.default
/var/cpanel/templates/apache2/main.local
php.ini
/usr/lib/php.ini
pre dan post vhost
/usr/local/apache/conf/includes/
/usr/local/apache/conf/php.conf
mail scanner
/usr/mailscanner/etc/rules/spam.whitelist.rules
MySQL log
MySQL error log
/var/lib/mysql/{SERVER_NAME}.err
MySQL slow query log (if enabled in my.cnf)
/var/log/slowqueries
modsec
/usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD
/usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD/mod_security.conf
cPanel logsAccess logs and user actions
/usr/local/cpanel/logs/access_log
Account transfers and misc. logs
/var/cpanel/logs
Auditing log (account creations, deletions, etc)
/var/cpanel/accounting.log
Backup logs
/usr/local/cpanel/logs/cpbackup
Brute force protection (cphulkd) log
/usr/local/cpanel/logs/cphulkd.log
Cpanel dnsadmin dns clustering daemon
/usr/local/cpanel/logs/dnsadmin_log
Cpanel taskqueue processing daemon
/usr/local/cpanel/logs/queueprocd.log
DBmapping
/usr/local/cpanel/logs/setupdbmap_log
EasyApache build logs
/usr/local/cpanel/logs/easy/apache/
Error log
/usr/local/cpanel/logs/error_log
Installation log
/var/log/cpanel
License updates and errors
/usr/local/cpanel/logs/license_log
Locale database modifications
/usr/local/cpanel/logs/build_locale_database_log
Login errors (CPSRVD)
/usr/local/cpanel/logs/login_log
Horde
/var/cpanel/horde/log/
RoundCube
/var/cpanel/roundcube/log/
SquirrelMail
/var/cpanel/squirrelmail/
Panic log
/usr/local/cpanel/logs/panic_log
Per account bandwidth history (Cached)
/var/cpanel/bandwidth.cache/{USERNAME}
Per account bandwidth history (Human Readable)
/var/cpanel/bandwidth/{USERNAME}
Service status logs
/var/log/chkservd.log
Tailwatch driver tailwatchd log
/usr/local/cpanel/logs/tailwatch_log
Update analysis reporting
/usr/local/cpanel/logs/updated_analysis/{TIMESTAMP}.log
Update (UPCP) log
/var/cpanel/updatelogs/updated.{TIMESTAMP}.log
WebDisk (CPDAVD)
/usr/local/cpanel/logs/cpdavd_error_log
Website statistics log
/usr/local/cpanel/logs/stats_log
cPanel access logAccess logs and user actions
/usr/local/cpanel/logs/access_log
cPanel apache logApache restarts done through cPanel and WHM
/usr/local/cpanel/logs/safeapcherestart_log
Domain access logs
/usr/local/apache/domlogs/{DOMAIN}
Processing of log splitting
/usr/local/cpanel/logs/splitlogs_log
suPHP audit log
/usr/local/apache/logs/suphp_log
Web server and CGI application error log
/usr/local/apache/logs/error_log
cPanel email logDelivery and receipt log
/var/log/exim_mainlog
Incoming mail queue
/var/spool/exim/input/
Log of messages rejected based on ACLS or other policies
/var/log/exim_rejectlog
Unexpected/Fatal error log
/var/log/exim_paniclog
IMAP, POP login attempts, transactions, fatal errors and spam scoring
/var/log/maillog
/var/log/messages
Mailman
/usr/local/cpanel/3rdparty/mailmain/logs
==========================
maldet
==========================
maldet -a /home/?/public_html Scan all files in path (default: /home, wildcard: ?)
maldet -l
show log
maldet --report
scanID
show report
maldet --restore scanID
restore file from scan ID
maldet --restore /usr/local/maldetect/quarantine/config.php.23754
restore file from certain scan process
/usr/local/maldetect/ignore_paths
> whitelist path
rwscan kakak p :
/usr/local/rwscan/rwscan.sh scan user
==========================
clamAV
==========================
update the virus definitions with: sudo freshclam
scan for viruses: clamscan OPTIONS File/Folder
Examples:
check all files on the computer, displaying the name of each file: clamscan -r /
check all files on the computer, but only display infected files and ring a bell when found: clamscan -r --bell -i /
check files in the all users home directories: clamscan -r /home
check files in the USER home directory and move infected files to another folder: clamscan -r --move=/home/USER/VIRUS /home/USER
check files in the USER home directory and remove infected files (WARNING: Files are gone.): clamscan -r --remove /home/USER
see more options: clamscan --help
==========================
exim
==========================
for servers in `cat /root/exim/server.txt`; do sh /root/exim/hapusrootemail.sh $servers; done
pssh -h /root/exim/server.txt sh /root/exim/hapusrootemail.sh
exim -M id #Try to send the message with id id
exim -qf #Tell exim to process the entire queue again
exim -qff #same as qf, but it will flush the frozen messages
exim -Mvl id #view the message log for message id
exim -Mvh id #view message id's headers
exim -Mvb id #view message id's body
exim -Mrm id #remove message id from the queue
exim -Mg id #fail and send a bounce to the sender
exim -bp | exiqsumm #Print summary of the messages in the queue
exiwhat #show what exim is doing right now
exim -bpc #show number of messages in the queue
exim -bp #print list of messages in the queue
exiqgrep -i
# show message id
exigrep /home/adeh6829 /var/log/exim_mainlog | exiqgrep -i | xargs exim -Mrm
exim -bp | grep agus.ningsih@persadanusantara.co.id | exiqgrep -i | xargs exim -Mrm
exim -bp | grep "@inuki.co.id" | awk {'print $4'} | sort | uniq -c | sort -nk 1
exim -bp | awk {'print $4'} | sort | uniq -c | sort -nk 1
Reset maildirsize cpanel:
all user email: find /home/*/.cpanel-datastore/ -name "diskusage_*" | xargs rm -f
user email at certain domain: find /home/*/mail/ -name maildirsize | xargs rm -f
Test how exim will route a given address: exim -bt user@remotehost.com
Run a pretend SMTP transaction: exim -bh IP_address_email_sender
search the queue for messages from a specific sender: exiqgrep -f [luser]@domain
search the queue for messages for a specific recipient/domain: exiqgrep -r [luser]@domain
Print just the message-id of the entire queue: exiqgrep -i
Deliver a message, whether it's frozen or not, whether the retry time has been reached or not: exim -M <message-id>
<= : messages sent from
=> : messages sent to
cek ukuran antrian email: exim -bp | grep M
==========================
DNS
==========================
host namachildns rootserver | check child nameserver
whois -h whois.id nameserver nsxx | check child nameserver
SSH command
CSF
csf -f > stop
csf -s > start
csf -x > disable
csf -e > enable
http://www.scriptinstallation.in/cpanel_scripts.html
============
PLESK
============
LOG
/var/www/vhosts/system/
/var/named/chroot/var/namadomain
sh /usr/local/rwwpscripts/syncdns.sh namadomain
==========================
Email/postfix
==========================
Set IP address for the mail service for the domain:
# plesk bin site -u example.com -mail-service-ip <new_ip>
contoh:
plesk bin site -u kopideli.com -mail-service-ip 103.247.11.221
SPAM CHECK
[root@wpiix7 log]# grep gatot@mitransat.com maillog | awk {'print $33'} > /var/www/vhosts/wpiix7.rumahweb.com/httpdocs/spam.txt
==========================
Backup
==========================
/usr/local/psa/bin/pleskbackup clients-name usernamePlesk --output-file=/backup/clients/migrated/usernamePlesk.tar --backup-password=wpiixbackup
==========================
RA
==========================
- Kopi data backup xxx.tar ke /var/lib/psa/dumps/restore2 . Kalau tidak ada folder restore2 di dalam /var/lib/psa/dumps/, buat.
- Ekstrak file xxx.tar. Gunakan perintah tar -xvf xxx.tar
- Restore dengan cara ketik perintah: /usr/local/psa/bin/pleskrestore --restore backup_info_xxx.xml -level clients -backup-password wpiixbackup
- Tunggu hingga selesai.
==========================
litespeed dan apache switch
==========================
/usr/local/lsws/admin/misc/cp_switch_ws.sh apache; rm -rf /tmp/lscache/*; /usr/local/lsws/admin/misc/cp_switch_ws.sh lsws
ERROR ALT-PHP54-FPM
# systemctl status alt-php54-fpm.service -l
Dec 15 14:23:28 wpiix3.rumahweb.com php-fpm[210359]: [15-Dec-2016 14:23:28] ERROR: [pool fanind.com] the prefix '/var/www/vhosts/system/fanind.com' does not exist or is not a directory
# mv /opt/alt/php54/etc/php-fpm.d/fanind.com.conf /backup/php-fpm-alt54/
# systemctl start alt-php54-fpm.service -l
DELETE CACHE
# rm -rf /tmp/lscache/*
# service httpd restart
==========================
UPDATE STATISTIC
==========================
/usr/local/psa/admin/sbin/statistics --calculate-one --domain-name=namadomain
http://www.tecmint.com/web-control-panels-to-manage-linux-servers/
http://www.webhostingbuzz.com/blog/2011/03/23/manage-cpanel-mail-forwarders-via-ssh/
http://old.webasyst.net/support/help/general-modrewrite-test.html
http://wiki.r1soft.com/display/CDP3/Allowing+Remote+Connections+to+MySQL+Instance
https://support.google.com/mail/contact/msgdelivery
http://nl.globalsign.com/en/support/ssl+certificates/
http://linux-bloggers.blogspot.com/2012/10/cpanel-in-command-line.html
http://www.cpanelblog.in/server-load-tweaks-apachemysqlsmtp-pop3eximimap
http://www.helloari.com/blog/2011/03/the-best-permissions-setup-for-wordpress-and-plesk/