Slate
Blackcurrant
Watermelon
Strawberry
Orange
Banana
Apple
Emerald
Chocolate
Marble
Slate
Blackcurrant
Watermelon
Strawberry
Orange
Banana
Apple
Emerald
Chocolate
Marble
-
Content Count
454 -
Joined
-
Last visited
-
Days Won
76 -
Feedback
N/A
Everything posted by NickTheGreek
-
Πώς ένας Instagram λογαριασμός θα μπορούσε να παραβιαστεί σε λιγότερο από 10 λεπτά Πρόσφατα απονεμήθηκαν 30.000 δολλάρια σε ένα ερευνητή ασφάλειας ο οποίος ανακάλυψε μια σοβαρή ευπάθεια η οποία θα μπορούσε ενδεχομένως να έχει θέσει σε κίνδυνο παραβίασης οποιονδήποτε Instagram λογαριασμό. Καθώς το Facebook και το Instagram προσφέρουν υψηλές αμοιβές σε όσους ανακαλύπτουν ευπάθειες στους λογαριασμούς τους, ένας Ινδός ερευνητής ασφαλείας, ο Laxman Muthiyah, επέλεξε να εξετάσει την πλατφόρμα του Instagram. O Muthiyah διερεύνησε το κατά πόσον μπορεί να υπάρχει μια ευπάθεια στην διαδικασία με την οποία το Instagram χειρίζεται τα αιτήματα επαναφοράς του κωδικού πρόσβασης για τους χρήστες που έχουν τον έχουν ξεχάσει. Ο ερευνητής διαπίστωσε ότι όταν οι χρήστες ζητούν επαναφορά του κωδικού πρόσβασης μέσω του link του Instagram, ο ιστότοπος στέλνει ένα email στον χρήστη. Μετά από δοκιμές, ο Mutiyah δεν μπόρεσε να βρει κανένα κενό ασφαλείας στη διαδικασία και έτσι έστρεψε την προσοχή του στο πώς οι χρήστες των smartphones ανακτούν την πρόσβαση στους Instagram λογαριασμούς τους. Αυτό που βρήκε ήταν ότι το Instagram δίνει την δυνατότητα χρήστες που έχουν κλειδωθεί να ζητήσουν την αποστολή ενός εξαψήφιου μυστικού κωδικού ασφαλείας στο κινητό τους τηλέφωνο ή στο email τους. Εάν εισαχθεί αυτός ο κωδικός πρόσβασης, ο χρήστης θα μπορέσει να ανακτήσει την πρόσβαση στον Instagram λογαριασμό του. Θεωρητικά, εάν ένας χάκερ μπορούσε να αποκτήσει πρόσβαση στον εξαψήφιο κωδικό ασφαλείας, θα μπορούσε να σπάσει τον Instagram λογαριασμό (και να επαναφέρει τον κωδικό πρόσβασης κλειδώνοντας ταυτόχρονα τον νόμιμο κάτοχο). Αυτός ο κωδικός πρόσβασης θα μπορούσε ενδεχομένως να κλαπεί εάν ένας χάκερ κατάφερνε να αποκτήσει πρόσβαση στον email λογαριασμό του θύματος ή αν είχε πάρει τον έλεγχο του κινητού τηλεφώνου του θύματός του μέσω της μεθόδου SIM swap scam. Ωστόσο, ο Mutiyah αναρωτήθηκε αν θα μπορούσε να υπάρξει και άλλος τρόπος να σπάσει κάποιος έναν λογαριασμό στην περίπτωση που καμία από τις επιλογές αυτές δεν είναι διαθέσιμη. Ο Mutiyah συνειδητοποίησε ότι το μόνο που αρκεί να κάνει ο χάκερ είναι να δώσειι τον σωστό εξαψήφιο κωδικό - που είναι ένας οποιοσδήποτε συνδυασμός μεταξύ 000000 και 999999 – πριν εκπνεύσουν τα δέκα λεπτά που ο συγκεκριμένος κωδικός είναι αποδεκτός από το σύστημα. Για τον αριθμό των ψηφίων αυτών απαιτούνται περίπου ένα εκατομμύριο αριθμοί που πρέπει να εισαχθούν μέσα σε δέκα λεπτά, για να είναι εφικτή η αλλαγή του κωδικού ενός Instagram λογαριασμού. Μέσω των likes του Instagram μπορεί να τρέξει ένας κώδικας με τον οποίο να δίνονται ταχύτατα διάφοροι συνδυασμοί του κωδικού μέχρι να βρεθεί ο σωστός. Ως τρόπο άμυνας, η πλατφόρμα έχει την δυνατότητα να ανιχνεύσει την κίνηση αυτή και επιβραδύνει διαρκώς τις επόμενες προσπάθειες μέχρις ότου λήξει το χρονικό διάστημα των δέκα λεπτών. Στις δοκιμές του ο Mutiyah είδε ότι, από τις 1000 προσπάθειες που έστειλε για να μαντέψει τον κωδικό ασφαλείας ενός Instagram λογαριασμού, είχε άμεση απάντηση στις 250 ενώ στις επόμενες 750 η απάντηση καθυστερούσε. Ωστόσο, μετά από μερικές επιπλέον ημέρες δοκιμής, ο ερευνητής κατάφερε να ανακαλύψει ότι ο μηχανισμός καθυστέρησης της απάντησης του Instagram θα μπορούσε να παρακαμφθεί εάν άλλαζε η IP διεύθυνση του υπολογιστή που έστελνε το αίτημα (με άλλα λόγια, να μην χρησιμοποιεί τον ίδιο υπολογιστή για να προτείνει τον κώδικα ανάκτησης) «Η αποστολή ταυτόχρονων αιτημάτων χρησιμοποιώντας διαφορετικές IP διευθύνσεις μου επέτρεψε να στείλω ένα μεγάλο αριθμό αιτήσεων χωρίς χρονικό περιορισμό στην απάντηση. Ο αριθμός των αιτημάτων που μπορούμε να στείλουμε εξαρτάται από τον αριθμό των ταυτόχρονων αιτήσεων και τον αριθμό των IP διευθύνσεων που χρησιμοποιούμε. Δεδομένου ότι ο κωδικός λήγει σε 10 λεπτά, αυτό κάνει την επίθεση ακόμη πιο δύσκολη. Τελικά χρειαστήκαμε γύρω στις 1.000 IPs για να ολοκληρώσουμε την επίθεση.» Ο Mutiyah λέει ότι χρησιμοποίησε 1.000 διαφορετικές μηχανές και IPs για να πετύχει την επίθεση και στις δοκιμές του έστειλε περίπου 200.000 αιτήματα. Δημιούργησε μάλιστα και ένα YouTube βίντεο για να αποδείξει την επίθεση του. Φυσικά, ο αριθμός των 200.000 αιτημάτων απέχει πολύ από το 1 εκατομμύριο που είναι ο αριθμός των συνδυασμών που απαιτείται για να καλυφθούν όλα τα ψηφία του κωδικού. Η έρευνα του Mutiyah καταλήγει στο συμπέρασμα ότι σε μια πραγματική επίθεση θα χρειαστούν περίπου 5.000 IP διευθύνσεις για την επιτυχία της επίθεσης. Αν και αυτό ακούγεται σαν ένας μεγάλος αριθμός, αυτό μπορεί πράγματι να επιτευχθεί εύκολα με χαμηλό σχετικά κόστος (ο Mutiyah λέει το κόστος μπορεί να είναι και γύρω στα 150 δολλάρια αν χρησιμοποιηθεί εάν χρησιμοποιηθεί ένας cloud provider όπως η Google ή η Amazon). Είναι εύκολο να φανταστεί κανείς ότι μια τέτοια τεχνική θα κινήσει το ενδιαφέρον σε πολλούς χάκερ που θα ήθελαν να αποκτήσουν πρόσβαση σε Instagram λογαριασμούς και θα ήταν διατεθειμένοι να πληρώσουν περισσότερα από τα 30.000 δολλάρια που έλαβε ο Muthiyah ως ανταμοιβή. Σας υπενθυμίζουμε ότι είναι απαραίτητο να ασφαλίζετε τους λογαριασμούς σας με ισχυρούς και κωδικούς πρόσβασης και για να ενεργοποιείτε όπου είναι δυνατό ττην μέθοδο της two-factor authentication.
-
IPS Community Suite 4.4.6 Released 08/19/2019 This is a security release and we recommend all clients upgrade as soon as possible. Key Changes Version 4.4.6 is a maintenance update to fix issues reported since 4.4.5. Additional Information Security Fixed an issue where a malicious user may be able to identify the full path to a file uploaded to a custom field. Core Added support for MySQL 8. Improved security headers on error pages. Changed the "Who follows this" page to instruct bots not to index the page for SEO purposes. Moved the Club Members Box to the sidebar when the club information are shown in the sidebar. Fixed an error visiting the full notifications screen when the user has no notifications. Fixed an issue where old messenger links may not redirect correctly. Fixed an issue where new comment notifications can show an incorrect read status. Fixed club sorting preference being lost when navigating to another page of clubs. Fixed an issue where the "Bypass word and link filters" setting was not honored for links. Fixed attachments not being properly claimed when added to a Staff Directory member entry. Fixed an issue where reordering social profiles may not show the reordered list after saving without reloading the page. Fixed a potential error when an invalid sort parameter is passed in to certain pages. Fixed an issue where certain tables of data may show an incorrect number of pages when filtering the table. Fixed the Leaderboard popular content inconsistency when using ElasticSearch. Fixed an issue where Pages blocks wouldn't show in the configuration form when using the block manager. Fixed an issue where creating a club feature could result in a DB exception. Fixed broken ACP tables on Internet Explorer 11. Fixed an issue where Status Posts couldn't be deleted. Fixed an issue where 0B may be displayed in place of the real Redis maximum memory amount on the support overview page. Fixed an issue where using REDIS as session storage would return the wrong members for the online list. Fixed an issue with lazy-loading where images with a custom aspect ratio set did not honor the ratio after loading. REST & OAuth Fixed OAuth Logins being broken because of a missing DB column. Blogs Fixed blog entries from clubs showing on the Blog applications Grid View when the "Show Club Content Areas" setting is set to "Only Within Clubs". Fixed an error that can occur with some configurations when attempting to add or move a blog entry. Pages Fixed an issue where the wrong user may be notified of Pages database records being embedded in other content areas. Fixed an issue where attachments in newly submitted database records would not be used when embedding records in other areas of the software. Fixed an issue with Schema.org structured data tags in Pages when the site has a logo image applied to the theme. Fixed an error searching databases in the AdminCP using the quicksearch input on the database listing page. Fixed an issue in the Pageurl Output Extension which was catching a not existing exception. Gallery Fixed media sound continuing to play after closing the lightbox. Fixed an error that can occur when attempting to view disk space statistics when there are none. Calendar Fixed an issue where all day ranged events reflect the wrong event end date in iCalendar exports. Adjusted ical import process to ignore WKST values of 'MO' (which is the default) to reduce false-positive error reports. Converters Fixed some issues converting MyBB content including profile fields, avatars & attachments. Commerce Added ability for administrator to choose what to do after a dispute is won (previously would automatically re-approve the transaction). Fixed an issue where the tax name in invoice emails could be missing. Fixed potential uncaught exception if trying to view a product in the AdminCP that doesn't exist. Fixed an issue where the description of new payment gateways wasn't saved successfully. Third-Party / Developer / Designer Mode Fixed an issue using the node form helper when not using $titleLangPrefix in the node model, and using apostrophies in a node's title. Fixed an issue where the wrong member's AdminCP notification dismissals were referenced in \IPS\core\AdminNotification::notificationIdsForMember(). Fixed an issue where Nodes that do not implement permissions may still try to check them, resulting in an error in some situations. Changes affecting third-party developers and designers Added an ID to the mobile navigation sign in link elSigninButton_mobile. All columns named member must now be escaped with backticks when querying the database in order to support MySQL 8.
-
83 useful Linux commands Enterprise administrators and managers who use this guide of essential Linux commands, utilities and tools will find ways to manage files, get process status updates and more. Linux administrators cannot live by the GUI alone. That's why we've compiled useful Linux commands into this convenient guide. By learning how to use a few simple tools, command-line cowards can become scripting commandos and get the most out of Linux by executing kernel and shell commands. alias The alias command is a way to run a command or a series of Unix commands using a shorter name than those that are usually associated with such commands. apt-get The apt-get tool automatically updates a Debian machine and installs Debian packages/programs. AWK, Gawk AWK is a programming language tool used to manipulate text. The AWK utility resembles the shell programming language in many areas, but AWK's syntax is very much its own. Gawk is the GNU Project's version of the AWK programming language. bzip2 A portable, fast, open source program that compresses and decompresses files at a high rate, but that does not archive them. cat A Unix/Linux command that can read, modify or concatenate text files. The cat command also displays file contents. cd The cd command changes the current directory in Linux and can conveniently toggle between directories. The Linux cd command is similar to the CD and CHDIR commands in MS-DOS. chmod The chmod command changes the permissions of one or more files. Only the file owner or a privileged user can change the access mode. chown The chown prompt changes file or group ownership. It gives admins the option to change ownership of all the objects within a directory tree, as well as the ability to view information on the objects processed. cmp The cmp utility compares two files of any type and writes the results to the standard output. By default, cmp is silent if the files are the same. If they differ, cmp reports the byte and line number where the first difference occurred. comm Admins use comm to compare lines common to file1 and file2. The output is in three columns, from left to right: lines unique to file1, lines unique to file2 and lines common in both files. cp The cp command copies files and directories. Copies can be made simultaneously to another directory even if the copy is under a different name. cpio The cpio command copies files into or out of a cpio or tar archive. A tar archive is a file that contains other files, plus information about them, such as their file name, owner, timestamps and access permissions. The archive can be another file on the disk, a magnetic tape or a pipe. This Linux command also has three operating modes: copy-out, copy-in and copy-pass. It is also a more efficient alternative to tar. CRON CRON is a Linux system process that executes a program at a preset time. To use a CRON script, admins must prepare a text file that describes the program and when they want CRON to execute it. Then, the crontab program loads the text file and executes the program at the specified time. cURL Admins use cURL to transfer a URL. It is useful for determining if an application can reach another service and how healthy the service is. declare The declare command states variables, gives them attributes or modifies the properties of variables. df This command displays the amount of disk space available on the file system containing each file name argument. With no file name, the df command shows the available space on all the currently mounted file systems. echo Use echo to repeat a string variable to standard output. enable The enable command stops or starts printers and classes. env The env command runs a program in a modified environment or displays the current environment and its variables. eval The eval command analyzes several arguments, concatenates them into a single command and reports on that argument's status. exec This function replaces the parent process with any subsequently typed command. The exec command treats its arguments as the specification of one or more subprocesses to execute. exit The exit command terminates a script and returns a value to the parent script. expect The expect command talks to other interactive programs via a script and waits for a response, often from any string that matches a given pattern. export The export command converts a file into a different format than its current format. Once a file is exported, it can be accessed by any application that uses the new format. find The find command searches the directory tree to locate particular groups of files that meet specified conditions, including -name, -type, -exec, -size, -mtime and -user. for, while The for and while commands execute or loop items repeatedly as long as certain conditions are met. free With the free command, admins can see the total amount of free and used physical memory and swap space in the system, as well as the buffers and cache used by the kernel. gawk See AWK entry. grep The grep command searches files for a given character string or pattern and can replace the string with another. This is one method of searching for files within Linux. gzip This is the GNU Project's open source program for file compression that compresses webpages on the server end for decompression in the browser. This is popular for streaming media compression and can simultaneously concatenate and compress several streams. history The history function shows all the commands used since the start of the current session. ifconfig The ifconfig command configures kernel-resident network interfaces at boot time. It is usually only needed when debugging or during system tuning. ifup With ifup, admins can configure a network interface and enable a network connection. ifdown The ifdown command shuts down a network interface and disables a network connection. iptables The iptables command allows or blocks traffic on a Linux host and can prevent certain applications from receiving or transmitting a request. kill With kill signals, admins can send a specific signal to a process. It is most often used to safely shut down processes or applications. less The less command lets an admin scroll through configuration and error log files, displaying text files one screen at a time with backward or forward navigation available. locate The locate command reads one or more databases and writes file names to match certain output patterns. lft The lft command determines connection routes and provides information to debug connections or find a box/system location. It also displays route packets and file types. ln The ln command creates a new name for a file using hard linking, which allows multiple users to share one file. ls The ls command lists files and directories within the current working directory, which allows admins to see when configuration files were last edited. lsof Admins use lsof to list all the open files. They can add -u to find the number of open files by username. lsmod The lsmod command displays a module's status within the kernel, which helps troubleshoot server function issues. man The man command allows admins to format and display the user manual that's built into Linux distributions, which documents commands and other system aspects. more Similar to less, more pages through text one screen at a time but has limitations on file navigation. mount This command mounts file systems on servers. It also lists the current file systems and their mount locations, which is useful to locate a defunct drive or install a new one. mkdir Linux mkdir generates a new directory with a name path. neat This is a Gnome GUI tool that allows admins to specify the information needed to set up a network card. netconfig/netcfg Admins can use netconfig to configure a network, enable network products and display a series of screens that ask for configuration information. netstat This command provides information and statistics about protocols in use and current TCP/IP network connections. It is a helpful forensic tool for figuring out which processes and programs are active on a computer and are involved in network communications. nslookup A user can enter a host name and find the corresponding IP address with nslookup. It can also help find the host name. od The od command dumps binary files in octal -- or hex/binary -- format to standard output. passwd Admins use passwd to update a user's current password. ping The ping command verifies that a particular IP address exists and can accept requests. It can test connectivity and determine response time, as well as ensure an operating user's host computer is working. ps Admins use ps to report the statuses of current processes in a system. pwd The print working directory (pwd) command displays the name of the current working directory. rcp Short for remote copy program, this prompt lets users copy files to or from a remote computer or between remote systems. read The read command interprets lines of text from standard input and assigns values of each field in the input line to shell variables for further processing. rsync This command syncs data from one disk or file to another across a network connection. It is similar to rcp but has more options. screen The GNU screen utility is a terminal multiplexor, where a user can use a single terminal window to run multiple terminal applications or windows. sdiff Admins use sdiff to compare two files and produce a side-by-side listing indicating lines that are dissimilar. The command then merges the files and outputs the results to the outfile. sed The sed utility is a stream editor that filters text in a pipeline, distinguishing it from other editors. It takes text input, performs operations on it and outputs the modified text. This command is typically used to extract part of a file using pattern matching or to substitute multiple occurrences of a string within a file. service This command is the quickest way to start or stop a service, such as networking. shutdown The shutdown command turns off the computer and can be combined with variables such as -h for halt after shutdown or -r for reboot after shutdown. slocate Like locate, slocate -- or secure locate -- provides a way to index and quickly search for files, but it can also securely store file permissions and ownership to hide information from unauthorized users. Snort Snort is an open source network intrusion detection system and packet sniffer that monitors network traffic. It looks at each packet to detect dangerous payloads or suspicious anomalies. Snort is based on libpcap. sort This command sorts lines of text alphabetically or numerically according to the fields. Users can input multiple sort keys. sudo The sudo command lets a system admin give certain users the ability to run some -- or all -- commands at the root level and logs all the commands and arguments. SSH Secure Socket Shell (SSH) is a command interface for secure remote computer access and is used by network admins to remotely control servers. tar The tar command lets users create archives from a number of specified files or to extract files from a specific archive. tail The tail command displays the last few lines of the file. This is particularly helpful for troubleshooting code because admins don't often need all the possible logs to determine code errors. TOP Technical Office Protocol (TOP) is a set of protocols for networks that performs distributed information processing and displays the tasks on the system that take up the most memory. TOP can sort tasks by CPU usage, memory usage and runtime. touch Admins can create a blank file within Linux with the touch command. tr This command translates or deletes characters from a text stream. It writes to a standard output, but it does not accept file names as arguments -- it only accepts input from standard input. traceroute The traceroute function determines and records a route through the internet between two computers and is useful for troubleshooting network/router issues. If the domain does not work or is not available, admins can use traceroute to track the IP. uname This function displays the current OS name and can print system information. uniq With uniq, admins can compare adjacent lines in a file and remove or identify any duplicate lines. vi The vi environment is a text editor that allows a user to control the system with just the keyboard instead of both mouse selections and keystrokes. vmstat The vmstat command snapshots everything in a system and reports information on such items as processes, memory, paging and CPU activity. This is a good method for admins to use to determine where issues/slowdowns may occur in a system. wget This is a network utility that retrieves web files that support HTTP, HTTPS and FTP protocols. The wget command works noninteractively in the background when a user is logged off. It can create local versions of remote websites and recreate original site directories. while See for entry. whoami The whoami command prints or writes the user login associated with the current user ID to the standard output. xargs Admins use xargs to read, build and execute arguments from standard input. Each input is separated by blanks. https://searchdatacenter.techtarget.com/tutorial/77-Linux-commands-and-utilities-youll-actually-use
-
IPS Community Suite 4.4.5 Released 07/29/2019 Key Changes Version 4.4.5 is a maintenance update to fix issues reported since 4.4.4. Additional Information Core Added an Admin CP dashboard widget to show total members. Added back the ability to search personal messages by recipient and sender name, and removed the 365 day limit on results. Added an option for feeds of content that support future publishing (such as Pages records and Blog entries) to control whether published, unpublished or any results are shown. Added new options for content widget feeds to return hidden content (in addition to the existing pending approval option), as well as both hidden content and content pending approval. Added support for more explicit browser autofill on form fields. Added moderator log support for opening/closing polls. Upgraded CKEditor to 4.12.1. Improved the page speed for guests by not loading the editor or notification sound javascript libraries until they are needed. Improved the error message when attempting to access the REST API in the Admin CP in the event the local server is inadvertently IP banned. Improved performance when sending Digests. Improved license key checking when the license server may not be available. Improved reporting of Redis memory usage in support area. Improved the error message when attempting to access the REST API in the Admin CP in the event the local server is inadvertently IP banned. Improved performance when using the database for common data storage. Improved the accuracy of the progress bar on the 'Deleting moved original files' background process. Improved efficiency when generating sitemap files if certain content is configured not to be included. Improved the user interface configuring Sitemaps to clarify content that will be include and excluded from the Sitemap. Improved admincp upgrading when using SFTP. Implemented logging to the moderator log, when a moderator removes all followers from a followable item. Changed notification read/unread status to behave as it did prior to 4.4.4. Clarified the "Domains to instruct search engines to follow" setting description and improved the setting to strip http:// and https:// protocols from supplied values. Fixed account failed logins not correctly locking future login attempts in some cases. Fixed an issue where node deletions (such as forums and categories) were not always properly logged to the administrator logs. Fixed an issue where blacklisted URLs used for embeds may not trigger post moderation when configured to do so. Fixed an issue where the club tab on the members profile can result in a DB error when a page <1 was used. Fixed an issue where the Automatically Prune Followers setting ignored reviews. Fixed an issue where it may not be possible to permanently delete deleted content manually. Fixed status updates not importing properly when an account is linked to multiple social logins. Fixed some server error messages not showing. Fixed certain notification and digest emails not sending properly via cron. Fixed custom field custom formatting options being applied to fields in the AdminCP unexpectedly. Fixed Custom Sorting on the Deleted Content page not working. Improved upgrade process for Community in the Cloud. Improved the error message when attempting to access the REST API in the Admin CP in the event the local server is inadvertently IP banned. Fixed potential browser errors and warnings caused by notification sounds. Fixed pagination not loading correctly when searching within messenger. Fixed an issue where comment counts are decremented incorrectly when a Post Before Registering comment is cancelled. Fixed an issue where the mobile keyboard would not be hidden after submitting the search form. Fixed issues that can occur (such as the editor not loading) when browser local storage is unavailable. Fixed an issue where auto-scheduled promotions may not correctly queue for upcoming slots. Fixed maps generated by Mapbox potentially displaying larger than intended when lazy loading is enabled. Fixed an issue where profile completion could cause a fatal error when using custom forum themes. Fixed an issue where single status update links had the wrong canonical URL. Fixed a possible error when mentioning someone or using a custom emoticon in a post. Fixed an issue where installing plugins with a title containing more then 32 characters would fail. Fixed an issue where Elastic Search may not update records correctly. Fixed an issue where user profiles may be slow to load. Fixed an issue where a template error could be generated by attempting to search members when the user does not have permission to view members. Fixed some styling (spacing) issues with the right-hand column shown on the Clubs homepage. Fixed an issue pasting certain code into editor code boxes. Fixed some old URL patterns (from IP.Board 3.x) no longer redirecting to the new URL format as of 4.4.x. Fixed an issue where the publish_to_groups permission was still required to promote to Facebook pages. Fixed an issue where canceling an invoice with already canceled billing agreements would try to cancel the billing agreement again. Fixed a niche issue that can occur when using lazyload, image proxy and external file storage. Fixed an issue where one could fake member null votes on polls. Fixed an issue where profile photo permissions may not apply correctly when a user belongs to more than one group. Fixed a styling issue with profile completion on mobile. Fixed a broken link in the report center. Fixed an issue where invalid user groups can cause an error to show to users. Fixed an issue where the poll form wouldn't add an empty first question. Fixed an issue where sort buttons can overlap pagination. Fixed an issue where personal conversations may show a 'promote' button to members with permission to promote content. Fixed incorrect REST API documentation when editing items. Fixed an issue where the 'support' link in the AdminCP would be viewable if the restricted administrator did not have access. Fixed an issue where the spoiler header within a post can get doubled up when selecting text within the post in certain cases. Fixed an issue where merging members incorrectly merged reputation. Fixed an issue where the image aspect ratio setting was not set correctly when editing images. Fixed an issue where search options may show for items that are not searchable. Fixed AdminCP member quick-searches not searching within member names when the site can handle inline searches. Adjusted instances of "recognise" in language strings to "recognize". Fixed an error when full registration is enabled with no available profile fields. Fixed an issue where the node controller wasn't showing the child nodes as possible target category while moving the content. Fixed an issue where it was possible to be stuck in a position where a poll could not be re-opened. Calendar Removed the ability to create ranged recurring events that overlap (e.g. where the next occurence start time is before the first occurrence has finished). Removed the timezone from event notification emails for all day events. Fixed an issue where events that repeat for a set period will end one period before they should. Fixed an issue where users are able to create events where the end time occurs before the start time. Fixed an issue where ranged recurring events may show an incorrect date range for the event on the calendar "Day" view. Fixed an issue where embedding a Calendar Event may fail in some circumstances. Fixed an issue where ranged recurring events may not show as occurring on an end date when they span across months. Fixed an issue where the calendar name would be exposed to members which don't have permissions to view the calendar via the members online location on the profile. Pages Added the ability to specify whether the record canonical tag points to the current page, or the root page (page 1). Added the ability to show just your own records via the Database Filters widget. Added the ability to filter by Member field types via the Database Filters widget. Added record tags to the database record listing template for newly created Listing template sets. Improved the display of databases in the ACP menu. Fixed an issue where excluding Pages pages from the sitemap may cause the sitemap task to get stuck and stop building new sitemap files. Fixed an issue where a template group could be renamed to an existing template group, causing a conflict which results in an error. Fixed an error attempting to submit records to a database where a Member type field that must be unique is configured. Fixed an issue where the category title is missing from the page's HTML title tag. Fixed an issue where deleting a database record with a linked topic may cause an error. Commerce Added support for Strong Customer Authentication (SCA) in Stripe. Fixed referral commission not being given for renewals. Fixed an error that can occur when renewal invoices are generated if no billing address existed on the original invoice. Fixed invoice notification emails showing a payment failed warning if one payment method failed even if another one succeeded. Fixed social login buttons not working when checking out as a guest. Fixed staff replies to support emails. Fixed an issue where stock replies may have new lines stripped. Fixed pending withdrawl AdminCP notification link to point to the pending withdrawl filter. Fixed an issue where you may not be able to delete subcategories in the store. Fixed a potential error when upgrading from a version older than 4.4.2. Fixed an issue where switching to a "default" support stream (ex. Open, Assigned, or Tracked Requests) can result in a MySQL error. Fixed an issue where deleting a customer note would not close the dialog. Fixed member group being moved when upgrading or modifying an expired purchase. Fixed an issue where purchase custom field labels may show as a random string or in the wrong language in the Transaction Approved email. Edited the purchase email notification setting to clarify an email is sent for every item. Converters Clarified the error message shown when invalid database details are supplied. Fixed an issue where a conflict may prevent some data being converted if (for example) converting attachments for blog and forums in the same conversion. Fixed an issue relating to converting mentions from other platforms. Fixed an issue where converting from vBulletin 5 can cause duplicate topics. Fixed an issue where items selected to skip were converted anyway. Fixed an issue where it wasn't possible to convert only core. Fixed a performance regression re-introduced in 4.4. Fixed an issue preventing UBBThreads conversions working. Stopped converting the "manually set time zone" preference for vBulletin conversions, as the timezone preference itself is not converted and the ability to adjust this preference is not available in our current interface. Forums Improved the performance of the Unarchive task. Fixed an issue upgrading from older versions of Invision Community where topics or posts queued for deletion were present. Fixed an issue where posts from ignored members were visible if the author was in a highlighted group. Fixed an issue where archive settings could be saved with no more than or less than selection. Fixed an issue where hiding a topic without an existing first post would stop the queue to hide all the members content. Gallery Fixed Follow and Promote buttons not showing for images on mobile devices. Fixed an issue where inline renaming an image from the lightbox would either fail or rename the album. Fixed instances where a member with a secondary group that doesn't allow albums to be created, but with a primary group that does but limits how many that can be created, will allow the member to create unlimited albums. Downloads Implemented logging to the moderator log, when a moderator toggles the purchasable status of a file. Removed the button to copy the Log Downloads category setting which does not apply. Blog Improved the blog header display for blogs within clubs. Fixed an issue where the club leader could not set a cover photo for a club blug. Fixed an issue where draft entries may be included in digests. REST & OAuth Added a “Use a different account” button on OAuth login screen Third-Party / Developer / Designer Mode Cleaned up some legacy code checking for specific PHP versions. Fixed some typos in the REST API documentation. Fixed malformed HTML in the admin `tabs` HTML template which caused problems when hooks were created for this template. The Application and Plugin directory are limited to 80 characters. Set the alreadyReported flag in \IPS\Content after reporting content to ensure correct value is returned on future calls to report methods. Fixed some minor issues with the lightbox comments support (currently unused by core Invision Community code). Fixed an issue where email template parameters may not be captured properly to generate the email subject, resulting in an error. Fixed a potential error that may be encountered while working with Calendar dates from command line (i.e. tasks being executed via cron). Fixed an error that can occur with email statistics when different applications use the same email subject language string. Fixed a few functions that needed to be called from the root namespace. Changes affecting third-party developers and designers Added `\IPS\Node\Model::deleteLogPermissions()` method to allow applications to specify permissions for managing deletion logs. js.php javascript loader no longer creates an external dispatcher instance. `\IPS\Content::logDelete()` and `\IPS\core\DeletionLog::setContentAndMember()` now accept FALSE for the member parameter, which will store the deletion log as if no specific member deleted the content. Added a new `digestWhere()` method to content items, this allows you to specify an additional where clause when processing digests. * Items in red require extensive testing.
-
Install ImageMagick on cPanel with EasyApache 4 This post will help you to install ImageMagick on cPanel with EasyApache 4. ImageMagick is mainly used to create, edit and convert bitmap images. It supports a variety of image formats. Please click here to get the supported image formats. The ImageMagick can be installed using a simple cPanel script (/scripts/installimagemagick) in the older version of cPanel, but in newer versions of cPanel with EasyApache 4 uses another method to install it. Please check it below: yum install ImageMagick-devel ImageMagick-c++-devel ImageMagick-perl Once the installation is over, run the following command to verify if it is working /usr/bin/convert --version Install ImageMagick PHP extension on cPanel with EasyApache 4 /opt/cpanel/ea-php56/root/usr/bin/pecl install imagick Add ImageMagick extension into the PHP 5.6 configuration file to load the module. vim /opt/cpanel/ea-php56/root/etc/php.ini Add the following into it: extension=imagick.so Restart the web server service httpd restart Then verify the installation /opt/cpanel/ea-php56/root/usr/bin/php -m | grep imagick Note: If you would like to enable ImageMagick PHP module on PHP 7.0, you just need to update the correct binary paths on the above installation. ie., /opt/cpanel/ea-php56/root/usr/bin/pecl to /opt/cpanel/ea-php70/root/usr/bin/pecl /opt/cpanel/ea-php56/root/etc/php.ini to /opt/cpanel/ea-php70/root/etc/php.ini /opt/cpanel/ea-php56/root/usr/bin/php to /opt/cpanel/ea-php70/root/usr/bin/php If you would like to enable the ImageMagick PHP module on the other PHP versions available on EasyApache 4, please do the same by changing the correct binary path. That’s it! https://grepitout.com/install-imagemagick-cpanel-easyapache4/
-
cPanel has shaken the web hosting community with its recent price rise announcement. They have changed its pricing model from a per server pricing to a per account model. So if you’re a cPanel partner and were paying $11 per cPanel license for each server and running 1,000 websites, you’ll now have to pay $122. That’s approximately 1000% price rise! According to cPanel’s new pricing, here’s the breakup for 1000 websites : $32 for 100 accounts $0.1 each for 900 accounts The “Not So Acceptable” New Pricing The pricing is different depending upon the number of accounts. The price for the end user is comparatively higher than the cPanel partners. General Pricing For 5 accounts – $20/month For 30 accounts – $30/month For 100 accounts – $45/month + $0.20 for each additional account You can find more information about the latest pricing here. cPanel Partner Pricing For 5 accounts – $12.50/month For 30 accounts – $17.50/month For 100 accounts – $32/month + $0.10 for each additional account cPanel Pricing: New vs Old People are criticizing cPanel for rolling out the new pricing model. Let’s see the old and new pricing of cPanel: cPanel Pricing Earlier Before it was simply VPS and dedicated pricing. Latest cPanel Pricing The new pricing will not make a huge difference to people under 5 Accounts. However, as the accounts increase, cPanel will cost more than the server itself. Major Impact on Web Hosting Community Over the years, people have relied on cPanel for managing their sites. cPanel’s popularity is because of its integration with Softaculous, LiteSpeed, PHP Selector, JetBackup, CageFS, CloudLinux, Imunify360, and much more. This has helped cPanel become faster, reliable, secure, and feature-rich. This price increase seems to be a nonstrategic roll out and cPanel has faced major backlash from the web-hosting community! Users on Twitter reacted with a lot of aggression and mostly negatively with most of them threatening to switch to alternative control panels. 1. End-Users While servers with a single account can go for cPanel solo, and servers with under 5 accounts still get the same price, the overall price for end-user is comparatively higher for servers having more than 5 accounts. 2. Shared Hosting Providers or Resellers The worst affected of the whole lot. Mostly, a shared hosting company will run around 1000 websites on a single VM with the $11/mo cPanel VM license. After the new changes come into effect, their cPanel license costs will rise to $122/mo! That’s a whopping 1000% increase and almost equivalent to their infrastructure or server costs 😉 3. Unmanaged Server Providers Generally, unmanaged server providers don’t have the access to the server and therefore, didn’t know how many accounts are on running on a server which was fine because the license was per server. The new pricing model has added an extra layer of efforts for the providers. Now, they need to have a log of how many accounts are being created on a single server, or else they may end up footing the bill of thousands of dollars! Who is Going to Get The Hardest Hit? Shared/Reseller Hosting Providers License holders in price-sensitive countries like Latin America, India, and other South East Asian countries. Should You Remain With cPanel? Pros cPanel has innovated over years with a user-friendly UI and a number of integrations Less time to spend on customer support No need to migrate data and involve in the risk of data loss You will avoid downtime caused while migrating data. Cons With no annual billing, you will face the hassle of monthly invoices, lack of funds, etc. Substantially increased costs may either make business unviable for a few or the end clients will end up paying extra for these additional costs. Coping Up with the cPanel Price Rise If you’re choosing to stay with cPanel, the only solution is to re-evaluate your pricing structure. Only people with 100+ accounts will be hard it. You can transfer the extra 10/20 cents charges to customers. However, be sure to properly communicate the price changes to customers. cPanel Alternatives With this unexpected change, people have already started finding alternatives. Some of them are: DirectAdmin InterWorx Virtualmin/Webmin VestaCP What’s Next? cPanel, WHMCS, SolusVM, and Plesk are under the same umbrella – The Oakley Investment. Here’s the timeline: Oakley acquired Plesk in May 2017 and there was an insane increase in prices between July 2017 to October 2017 WHMCS prices hiked in Aug 2017 Oakley Acquired cPanel in August 2018 and the price hiked in June 2019 SolusVM, are you next? We hope not. https://magehost.com/blog/cpanel-price-rise-impact-solutions/
-
IPS Community Suite 4.4.4 Released 06/06/2019 Key Changes Version 4.4.4 is a maintenance update to fix issues reported since 4.4.3. Additional Information Core Added support for [Emoji 11](https://emojipedia.org/emoji-11.0/) emojis Added logging for errors communicating with Spam Defense. Added an admin log when existing member notification preferences are updated. Added a pre-installed Giphy key that can be used for all Invision Community installations. Improved usability and display of date-based member filters. Improved account validation process to prevent accounts being inadvertently validated by scrapers and bots, and to improve the user experience when following a validation link that is no longer valid. Improved the opcache comments check on the REST API Reference page. Improved sending bulk emails via SendGrid. Improved post before register permissions when allowing guests to create content, but not members. Improved performance when viewing all IP addresses used by a member. Clarified the registration completed email when no local password has been set. Fixed an issue where members may not be marked as complete, and thus will not show within the community, in some circumstances. Fixed the Posts Per Day group setting not applying consistently to all content. Fixed an issue where click tracking may not be applied to all links in emails sent. Fixed emails for AdminCP notifications "A new member has completed registration" and "A member is flagged as a spammer" not sending. Fixed an issue that could occur if deleting a node (i.e. forum) if there was already a move task from another node in progress. Fixed the email statistics charts in the AdminCP showing incorrect data when viewing weekly charts. Fixed an issue where the inbox list may be stuck showing a spinner when canceling a search in the personal messenger. Fixed an issue where folder counts may show NaN after deleting a folder in the personal messenger. Fixed an issue that may occur when deleting/moving login handler related images. Fixed searching by tags not honoring the "Convert all tags to lowercase" setting. Fixed 'post before register' content submissions not incrementing the user's post count if pre-moderation is not required. Fixed an issue related to 'post before register' where 'next unread' item links may show when there isn't any new content. Fixed the callback URL used for Wordpress sign in. Fixed the digest task looping on a follow attached to a deleted member. Fixed the `PruneMembers` background task from endlessly looping in certain circumstances. Fixed disabling password changes in the AdminCP settings not removing the link to change your password on the Account Settings overview page. Fixed issue where lazy-loaded images in warn reasons would prevent warn reason from automatically updating when new reason was selected due to incorrect editor 'dirty' status. Fixed a niche issue where promoting an item may show an auto scheduled time from the past. Fixed an issue where the button to change a members profile photo would still show on their profile when they do not have permission to upload profile photos. Fixed an issue where public clubs would show the member count in several locations. Fixed an edge-case issue with redirecting old non-rewrite FURLs after enabling rewrites. Fixed issue checking signature image dimensions when using 'insert existing attachment' when using Amazon S3. Fixed an issue where the frontend upgrade notice wouldn't disappear once dismissed. Fixed an issue where cover photos might disappear shortly after displaying. Fixed an issue with lazy load placeholders when added to existing content. Fixed a layout issue with the mobile pagination buttons. Fixed an unnecessary redirect when viewing a club. Fixed a potential timeout running the cleanup task. Fixed Elasticsearch being able to be set up with version 7 (which is not yet supported). Trying to do that will now show an error message. Fixed an issue where moved links may show in the topic widget. Fixed an issue where a member registering with an auto-detected language would revert back to the default language after registration. Fixed an issue where the latest activity tooltip would state "online now" when the member was offline. Fixed broken login form. Fixed status pagination loading a full page instead of comments only. Fixed non-latin characters in the URL showing incorrectly when moving between pages. Fixed an issue where the approval queue may show content in the wrong order. Fixed an issue where the guest signup block title and text was reversed in vertical view. Fixed an issue where custom friendly URLs would not use the newer `/page/2/` pagination format. Fixed an issue where club pagination in user profiles was showing the wrong number of pages. Fixed an issue where a Redis failure caused an uncaught exception. Fixed an issue where the Clubs REST API would throw an error if commerce isn't installed. Fixed an issue where online user lists may be empty following a Redis crash. Fixed an issue where incomplete member registrations were not cleared correctly. Fixed an issue where Post Before Register Followups were sent out immediately rather than delayed. Fixed an exception that prevents storage handler changes from being saved properly. Fixed an issue where the 'Failed Emails' AdminCP notification may not be removed properly. Fixed an issue where the "Anonymous login" checkbox was incorrectly checked. Fixed an issue where PBR content would be left in the database for uninstalled applications. Fixed a rare issue where a template disk cache could corrupt and affect templates loading. Fixed an issue where members created via the ACP weren't marked as completed. Fixed an issue with Flickr video embeds showing as photos. Fixed an issue with notifications not showing as unread. Fixed an issue where the exact profile field search option had no affect. Fixed an issue where the default country was not correctly set in address form inputs. Fixed an issue where the guest teaser would not show on the comment form in some circumstances. Disabled Grammarly from checking editor fields to prevent Grammarly from breaking HTML and causing broken posts. Disabled preloading of notification sound to speed up initial page load. Disabled concurrent comment merging in status replies. Removed post content from Post Before Register reminder emails to prevent spam. Removed ability to sort club menu tabs if only one tab is present. Forums Fixed a niche issue where the 'Delete Legacy Posts/Topics' background task may not work when ran via CRON. Fixed an error when moving topics in fluid view. Fixed a database error that could occur when archiving old posts. Commerce Fixed tax class being lost with renewal terms when editing a purchase. Fixed tax class being lost when renewal invoices were generated for location-specific tax rates. Fixed an issue where tickets from non-registered users may link to an empty ticket listing. Fixed an issue where AdminCP notifications for pending withdrawals link to the wrong page. Fixed Stripe webhooks unnecessarily reporting an error. Fixed category filters not displaying on mobile. Fixed an issue where creating a support request with a guest member and email address via REST API wouldn't store the email address. Fixed an issue which would result in an empty product list on the registration form. Fixed an issue searching last names in admin live search. Fixed an issue where manually creating an invoice and adding renewals doesn’t prevent an auto-renewal invoice being added later. Fixed an issue where the member subscriptions block was not editable. Pages Fixed times displaying as timestamps for some Pages blocks. Fixed records not sorting correctly by 'highest rated'. Fixed the `updaterecords` task not running correctly if a database exists that is not assigned to a page. Fixed an issue where 'follows' may not get removed when a category or database is deleted. Fixed an issue where the create menu could get out of sync when the page name or the default page were changed. Fixed an issue where adding records via the create menu may not show categories for default pages. Fixed an issue that can occur when moving a record in a database that is not assigned to a page. Fixed an issue where Our Picks can throw an error if a database is unassigned from a page. Fixed an issue where, in certain circumstances, notifications could be sent for records that weren't viewable. Removed record image dimensions from JSON-LD markup for database records to improve performance in some cases. Downloads Fixed an SQL error that could occur when upgrading from older versions. Fixed an issue where the purchase count for Files associated to purchases was shown in the widgets and downloads index page blocks. Fixed an issue in the 'Download Reviews' widget, where links to reviews on page >1 were broken. Gallery Fixed an issue where past reputation for image comments and reviews no longer displayed. Fixed browser scrollbar disappearing while editing Gallery image details in some cases. Fixed image carousel widgets not displaying correctly in certain circumstances. Fixed an issue where uploading on small screens caused the status to overflow outside of its box. Fixed an issue where images may show as unread incorrectly in streams. Calendar Fixed an issue where recurring events may show on the wrong day in Calendar. Fixed an issue where all day events specified an incorrect start and end time in search engine markup. Converters Fixed an issue where reaction images may get converted into the wrong container. Fixed an inaccurate progress bar on a background task that runs after completing a conversion. Changes affecting third-party developers and designers Added a `$statementReverse` parameter to use `NOT IN` in the where clause when `\IPS\Db::select()` is passed to `\IPS\Db::delete()`. Added a further check when trying to choose which storage configuration should be used for new storage extensions. Added a new Language String Option `removeLazyLoad` which will remove the lazy load links while parsing the language string. Fixed an incorrect class reference when passing `\IPS\Db::select()` to the `$where` parameter of `\IPS\Db::delete()`. Fixed a search error that could occur with 3rd party applications. Fixed an issue with the rest API where output was json encoded before language replacements. Changed the default parameter in the `IPS\Content\Review::url` method.' Removed unused code in the \IPS\core\modules\admin\promotion\advertisements::getHtml method. Removed UI for immediately sending Bulk Mail, all Bulk Mail will now be sent via background queue.
-
IPS Community Suite 4.4.3 Released 04/25/2019 Key Changes Version 4.4.3 is a small maintenance update to fix issues reported since 4.4.2. Additional Information Security Fixed an XSS concern deleting members in the AdminCP. Fixed an XSS concern managing Downloads versions from the changelog view. Fixed a minor XXE possibility in blog RSS imports. Core Upgraded CKEditor to 4.11.4. Updated LinkedIn login handler to use the LinkedIn v2 API. Improved performance when merging two comments with duplicated member reactions for large sites. Improved performance when working with edit history logs. Improved security of how passwords are handled in the code to decrease the likelihood of a password being included in an error log. Improved the display of the upgrader confirmation page. Improved performance of the latest activity stream shown on user profiles. Improved anonymous log in tracking to resolve an issue with "Since my last visit" activity streams Improved the UX configuring moderator permissions for clubs, including the ability to disable club-level moderators. Improved database error reporting in certain error situations. Improved performance of a 4.1.8 upgrader step. Changed AdminCP notifications for "A new member has completed registration" and "A member is flagged as a spammer" to show all applicable members grouped into a single notification, rather than a separate notification for each member. This change gives a significant performance improvement for sites which have lots of new registrations. Fixed multiple formatting concerns with custom profile fields. Fixed an issue where restoring soft-deleted content would throw an exception under specific circumstances ( e.g. when there was no record in the soft deletion log ). Fixed an issue where the member group restriction to require one piece of approved content before users can bypass content moderation was not correctly applied to posts made before registering. Fixed an issue where deleting a member's content and then deleting the member may result in the content not being removed. Fixed SVG images breaking when served through the built in image proxy. Fixed an issue with profile completion if you choose not to upload a profile photo. Fixed third party processor information not showing when users are forced to reaccept an updated privacy policy. Fixed the "Remove followers from uncommented content" setting not working. Fixed an issue where clicking to delete a member twice might result in all status updates being removed from the search index. Fixed an issue where copying content from one area with an attached image and pasting into another area may result in a broken image. Fixed an issue where allowing a user to moderate comments, but not items, would result in an error when using the multi-moderation menu. Fixed inability to edit profile fields by members if the field was not displayed on the profile. Fixed invalid HTML in the quick search form. Fixed an issue where a comment or post made before registering which requires moderator approval after the registration is completed may not update the container flag to indicate that comments within the container require approval. Fixed an error where the member view in the AdminCP may become broken if the member history for the user includes an old subscription group change and Commerce is not installed. Fixed an issue where broken letter photos may be displayed in emails. Fixed an issue with clean up tasks where they may try to delete a member that doesn't exist. Fixed an error that can occur if you double click the "unfollow" button quickly. Fixed autosaved content in the editor not clearing out when it was deleted within the editor. Fixed an issue where MFA while the login would send 3 'new device' emails to the member instead of only one. Fixed an issue where attachment links inserted into content may have a hard coded URL. Fixed an upgrade issue where custom file storage configurations in 3.x may not be preserved correctly when upgrading to 4.x. Fixed an uncaught exception when visiting a specifically malformed follow link. Fixed attachment bbcode tags not converting correctly when upgrading from version 2.0 or older. Fixed the About Me default custom field not showing on new installs. Fixed email statistic charts so they report more accurately. Fixed issues with performing advanced member searches in the AdminCP when multi-select custom profile fields are present. Fixed a minor inconsistency with group name formatting. Fixed an issue rebuilding certain meta data in Elasticsearch. Fixed an issue where items and comments queued for deletion or submitted by a guest prior to registration are returned via the REST API. Fixed an error when searching a specific search string. Fixed a possible error that can occur during login when using the post before register feature. Fixed the Notification Settings form in the Admin CP so that it can save properly. Fixed an issue where Login Handlers were shown out of order. Fixed an issue where the canonical link HTML tag may include unnecessary query string parameters (i.e. filters). Fixed an issue where AdminCP settings search results were not always highlighted when clicked on. Fixed an issue where the pagination for comment and review areas wouldn't link directly to the comments area when Javascript is disabled. Fixed an issue where content item and comment widgets would show content from not specified categories. Fixed an issue where editor auto saved content may not be removed. Fixed an issue where some content may not show a report link. Removed the hide signatures toggles from guests when they are able to see signatures. Prevented search engine spiders from following the cookie notice dismissal link. Removed poll votes from showing in the All Activity stream. Removed ability to copy theme settings. Removed the unread indicator in several widgets because it can't be used there because of the widget cache. Removed the ability to toggle cover photos in clubs list when no image was uploaded. Fixed an issue where the support tool could incorrectly report undiagnosed problems. Fixed missing images when lazy loading is enabled in several areas. Fixed an HTML validation issue with mini-pagination next to multi-page content item titles. Fixed an uncaught exception which is thrown by the Admin Notification System. Fixed member validation display issue in ACP notifications page while mobile. Fixed attachments being added to an editor which has attachments disabled. Fixed an issue where a display name sync error may be displayed on the AdminCP member profile. Fixed two language strings where countries have changed their names: Macedonia is now North Macedonia and Swaziland is now Eswatini. Fixed some broken messenger related links. Core - Clubs Fixed "Clubs" tab showing when splitting content even if clubs are disabled. Fixed display issue with club tabs on mobile devices Removed ability to reorder club tabs on mobile devices Forums Fixed a duplicated error code in the topics REST API endpoints. Fixed images used in forum rules not displaying when image lazy loading is enabled. Fixed a potential upgrade error when reformatting forum rules during the 4.0.0 upgrade routine. Commerce Added an additional subtotal language phrase to the cart summary for localization flexibility. Improved legacy parser to potentially allow conversions of tables in content. Changed renewal terms to not allow $0 renewals. Fixed an error occurring submitting new tickets when read/write database separation is enabled. Fixed an issue where up/downgrading a purchase could result in an error or the expiry date changing incorrectly. Fixed an issue where a cancelled subscription may still generate a renewal invoice (and subsequently charge the user). Fixed tax class being lost with renewal terms in some cases. Fixed an issue where images may not show in printable invoices if lazyload is enabled. Fixed support stream date-based filters producing incorrect results. Fixed stock action text not defaulting in the form when creating a new ticket from the AdminCP if you do not use a signature. Fixed an issue where the password field on the store checkout form might disappear if using Chrome's password autofill feature. Fixed an issue where invoices may not have a billing address set when one is available. Fixed an issue where a template error may be thrown for non-recurring subscriptions. Fixed a missing language string if you had servers configured prior to upgrading to 4.4. Fixed adding a custom package to an invoice. Fixed an exception being logged when rebuilding the search index if any custom packages have been created. Fixed the PayPal Billing Agreements radio element not showing selected if BAs are enabled. Fixed an issue where files uploaded to a custom field may not be downloadable. Removed a stray HTML end tag. Restored Braintree gateway option. Included a disclaimer about qualification process. Pages Fixed an issue where cloning a custom field would result in a database error. Fixed an issue on the media page where the "File Overview" Tab was not set as activated and also not clickable when one or more files from the file list were selected. Added last modified date to database category and record sitemaps. Gallery Changed the reputation type flag for album comments and reviews to resolve bugs where the reputation may be mistakingly treated as if it belongs to an image comment or review. Fixed an issue submitting images to an album if the category requires moderator approval. Fixed an error that can occur when downloading the original image in Gallery if the original image is missing on disk by forcing the largest available size to download instead. Fixed image lazy loading not working correctly in category rules, descriptions and custom error messages. Fixed the submission dialog box potentially showing an incorrect dialog title. Fixed an issue where uploaded videos could not be played in the lightbox. Fixed editor showing twice for each image during submission. Downloads Added a group setting that will allow users to bypass download restrictions when downloading a file that's been purchased. Added the ability to shut off version numbers per-category. Improved the header styling on the homepage. Improved performance, especially of the index page. Reduced top spacing (margin) of the sidebar when viewing the index page. Fixed an issue where custom fields may show out of order. Blog Fixed an issue where the previous and next link under the blog entry could link to hidden or soft deleted entries. Fixed some minor UI issues with the "Blogs" widget. Calendar Added an option to prevent edits and RSVPs for events that have passed. REST & OAuth Fixed the search REST API endpoint. Converters Improved vBulletin archive redirects. Improved vBulletin blog conversions to retain the date the blog or blog entry was followed. Fixed an issue where converted members won't be marked as completed. Fixed an issue when trying to convert from a platform with converters for apps that are not installed. Fixed an issue where PM replies may be duplicated when converting from vBulletin. Fixed an issue with converting comments from Vanilla. Upgrader Fixed an edge case issue where some legacy customers may be unable to use the AdminCP upgrader. Changes affecting third-party developers and designers Backwards-incompatible changes that may affect third party applications / plugins: Methods that handle passwords in login handlers (authenticateUsernamePassword(), authenticatePasswordForMember(), changePassword()) now receive an object which can be cast to a string, rather than a normal string, for the password. This reduces the likelihood of a password being included in an error log. The onPassChange MemberSync callback now receives an object which can be cast to a string, rather than a normal string, for the password. This reduces the likelihood of a password being included in an error log. Enhancements / fixes for developers: Added a new constant \IPS\DEV_LOG_HEADERS which allows you to log all headers being sent during responses. Better abstracted code that dynamically builds class paths for areas that are no longer using iterators. Improved some extension skeleton files to not cause a ParseError once the extension is created. Fixed color fields not initializing for new rows added in a manageable matrix. Fixes that only affect developer mode or third party apps/plugins: Fixed some functions not being called from the root namespace and throwing warnings when in developer mode. Fixed an undefined index loading form to add a new hosting server in Commerce. Code-level fixes that may have been causing bugs in third party apps/plugins: Added code comments to all of the default constant values in init.php explaining what they all do. Ensured all default wizard instances are cast as a string before being sent to the output handler. Fixed an issue when pluralization and sprintf functionality is used together and the placeholder is used in the pluralized string. Fixed an issue with post before register where it was assumed content items would have a container. Fixed an exception when post before registering is checked against a content item that supports reviews but not comments. Fixed some ambiguous column concerns with the \IPS\Content\Item::_comments() method. Fixed an issue editing titles via Ajax when the item class does not use containers. Fixed an issue where the release date may not show correctly for third party plugins or themes. Fixed some functions not being called from the root namespace and throwing an IN_DEV warning. Fixed the widget configuration form being called twice which may result in some form elements duplicating. Improved some extension skeleton files to not cause a ParseError once the extension is created.
-
Example configurations The following examples explain how to add rules with CSF, APF, and the iptables application. Important: We do not recommend that you use these examples for your personal configurations. Instead, make certain that your firewall rules match the way in which you use cPanel & WHM's services. CentOS 7, CloudLinux™ 7, and Red Hat® Enterprise Linux (RHEL) 7 servers have additional requirements. For more information, read the CentOS 7, CloudLinux 7, and RHEL 7 firewall management section below. CSF ConfigServer provides the free WHM plugin CSF, which allows you to modify your iptables rules within WHM. To install CSF, run the following commands as the root user: 1 2 3 4 5 cd /usr/src rm -fv csf.tgz wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf && ./install.sh To configure CSF, use WHM's ConfigServer & Firewall interface (Home >> Plugins >> ConfigServer & Firewall). Note: For more information about how to install and use CSF, visit the CSF website. APF APF acts as a front-end interface for the iptables application, and allows you to open or close ports without the use of the iptables syntax. The following example includes two rules that you can add to the /etc/apf/conf.apf file in order to allow HTTP and HTTPS access to your system: 1 2 3 # Common ingress (inbound) TCP ports IG_TCP_CPORTS="80,443″# Common egress (outbound) TCP ports EG_TCP_CPORTS="80″ Note: For more information about APF, visit the APF site. iptables The iptables application offers more customization options for your packet filtering rules. This application requires that you understand the TCP/IP stack. The following example includes iptables rules for HTTP traffic on port 80: Note: This example assumes that a DMZ exists on eth0 for the 192.168.1.1 port, and the 66.66.66.66 broadcast IP address. 1 2 $IPTABLES -A FORWARD -p TCP -i 66.66.66.66 -o eth0 -d 192.168.1.1 -dport 80 -j allowed $IPTABLES -A FORWARD -p ICMP -i 66.66.66.66 -o eth0 -d 192.168.1.1 -j icmp_packets Note: For more information about the use of iptables, visit the iptables site, or run the man iptables command from the command line. CentOS 7, CloudLinux 7, and RHEL 7 firewall management Servers that run the CentOS 7, CloudLinux 7, and RHEL 7 operating systems require that you use the firewalld daemon. Important: We recommend that you only use the firewall utilities on CentOS 7, CloudLinux 7, and RHEL 7 servers. Note: For more information about the firewall utilities and the firewalld daemon, read Red Hat's Using Firewalls documentation. The cpanel service Important: The /usr/local/cpanel/scripts/configure_firewall_for_cpanel script clears all existing entries from the iptablesapplication. If you use custom rules for your firewall, export those rules before you run the script and then re-add them afterward. cPanel & WHM version 11.50 and later also includes the cpanel service, which manages all of the rules in the /etc/firewalld/services/cpanel.xml file. This allows TCP access for the server's ports. To replace your existing iptables rules with the rules in the /etc/firewalld/services/cpanel.xml file, perform the following steps: Run the yum install firewalld command to ensure that your system has firewalld installed. Run the systemctl start firewalld.service command to start the firewalld service. Run the systemctl enable firewalld command to start the firewalld service when the server starts. Run the iptables-save > backupfile command to save your existing firewall rules. Run the /usr/local/cpanel/scripts/configure_firewall_for_cpanel script. Run the iptables-restore < backupfile command to incorporate your old firewall rules into the new firewall rules file. https://documentation.cpanel.net/display/CKB/How+to+Configure+Your+Firewall+for+cPanel+Services
-
IPS Community Suite 4.4.2 Released 03/28/2019 Key Changes Version 4.4.2 is a small maintenance update to fix issues reported since 4.4.1. Additional Information Core Adjusted the AdminCP live search to look for search strings within the name and email address (instead of only at the beginning) for sites with less than 1,000,000 members. Improved error reporting for unexpected exceptions in some cases when manually running tasks. Upgraded CKEditor to 4.11.3. Added some AdminCP live search keywords for the Icons & Logos page. Adjusted search results processing to automatically clear out invalid results when detected. Adjusted comment and item widgets to restrict by the last year to prevent slow performance. Fixed an issue where the leaderboard may not correctly rebuild. Fixed an issue where searched terms may not be highlighted on the search results page when using Elasticsearch. Fixed being unable to reach the last page of search results with Elasticsearch. Fixed an issue where users could encounter an error by logging in with a new social account after already associating with a social account. Fixed mobile PWA manifest file not being accessible to guests when guests are required to login to use the site. Fixed an issue where javascript would not load due to a bug in the 3rd party Howler library. Fixed an issue where the prune members background task may stall if it encounters a staff account. Fixed an issue where email link tracking may not apply to all bulk mails sent. Fixed an edge case issue where it was possible for the lazy load rebuild to affect embedded videos. Fixed an upgrade issue that can occur if you have more than one of the same email address specified for upgrade notifications. Fixed an issue where imported members accounts were not marked as completed. Fixed an issue where changing the warning type on the warning form would not toggle the 'remove points never' checkbox to the correct value Fixed an issue where profile fields display HTML code when applying custom formatting. Fixed an issue where the upgrader could link to an incorrect theme when reporting theme conflicts. Fixed an issue with the upgrade now link on the front-end notification banner. Fixed an issue where the display name filter wouldn't store the "either" option. Fixed images with uppercase extensions not launching the lightbox correctly. Fixed an issue where page styling is lost temporarily when clicking "Check Again" on the support tool in the AdminCP. Fixed an issue with comment widgets where editing them may not show the correctly selected date range. Core REST API Fixed an error adding a member to a club through the REST API. Forums Excluded archived topics from email digests. Fixed an issue where post counts for forums may be incorrect if archiving is used. Fixed an issue where merging two topics may show the topic at the wrong position in the forum listing. Prevented a possible infinite redirect problem when merging two topics simultaneously with each other. Applied group name formatting to member names in topics when viewed on a phone. Removed redirect forums from fluid view. Gallery Fixed an error upgrading Gallery when there are orphaned albums. Blog Fixed guests being able to post comments without permission to do so. Fixed blog entry ratings not displaying. Fixed a minor display issue with blog ratings and tags when viewing blog entries. Commerce Improved the display and functionality of non-recurring subscription packages. Improved security of public endpoints that receive webhooks and other notifications from gateways. Fixed an issue where guests who cannot view the site cannot register if a subscription is required to be purchased during registration. Fixed not being able to check out through Braintree purchasing a subscription while using a credit card. Fixed upgrading of expired purchases resulting in account credit being issued. Fixed an issue where creating a subscription without renewal options would result in a error. Fixed an issue where deleting a subscription wouldn't delete the cover image. Fixed an issue where the recount background task would fail. Pages Fixed an issue where the record revision list would show the same diff for each revision Fixed an HTML validation error with record comments. Downloads Fixed being unable to submit multiple files at once. Converter Fixed an issue where Javascript/HTML may be stripped from code boxes in vB5. Fixed an issue where some data may not be converted when converting from SMF, Vanilla, ExpressionEngine. Fixed an issue where some converters may not be available for use (bbPress, Coppermine). Fixed an issue with SMF conversions where forums may not allow new posts following the conversion. Pages Fixed guests being able to submit articles without permission to do so. Changes affecting third-party developers and designers Fixed an ErrorException occurring when a user receives their first PM during the instantNotifications AJAX polling. Adjusted the `Content\Item::_comments()` queries to not cause a MySQL Error when 3rd party code hooks into Comment::joins to add additional joins. Fixed an issue where `\IPS\Lang::replace` would change non-string values into an empty string
-
https://go.cpanel.net/auditd https://forums.cpanel.net/resources/auditd-the-linux-auditing-system.533/
-
While auditing email accounts in my cPanel I noticed that the space usage on some accounts, especially the default email account is not updated. I checked the mailbox of my default email account via Webmail and noticed nothing there. Then, how it’s showing some MB of space usage in cPanel? I decided to check the back end for any hidden files/folders which causing this issue. I checked the cur, new, tmp, .Trash and .Send folders in its mail directory (/home/username/mail/) and cleared those directories, restarted the cPanel. And nothing changed on cPanel. The size usage for the default email account still showing the same disk space usage. This might be due to the cPanel configuration problem or due to any mess up happened while running the default cPanel scripts to check and update the disk space usage of all the cPanel accounts. We can update it manually. I found the following solution for this disk usage problem on default email account. Please do the following steps to fix it. Method I (This will fix this problem) Step 1 : SSH to server as root user. # ssh root@host Step 2 : Execute the following script: # /scripts/generate_maildirsize --confirm --allaccounts --verbose cpaneluser Replace “cpaneluser” with the cPanel user name. For example: # /scripts/generate_maildirsize --confirm --allaccounts --verbose crybit2012 Here crybit2012 is the user name for that cPanel account. That’s it! Just login into the cPanel once again and check the disk usage now. Method II (If the above method did not work) If the above method did not help, you can use the following steps: Step 1 : SSH to server as root user. Step 2 : Locate the following files email_accounts.yaml and email_accounts.cache and clear/delete. Now check the disk space usage of the email accounts in cPanel and verify that the disk space usage is showing correctly. Please check it and let me know if you have any questions. https://www.crybit.com/email-accounts-disk-space-usage/
-
The most important part of maintaining a secure CMS installation involves keeping your software and your plugins up to date. It is of vital importance to keep WordPress core, plugins and themes updated. Once an update is released, it needs to be applied as soon as possible to close any security holes. Functional problems with updates must be considered. It is possible that an update will break some of the functionality so a backup is recommended before updating the core. The OWASP Foundation Here's a handful of handy resources you can take advantage of: Wordpress: OWASP Wordpress Security Implementation Guide [OWASP] Wordpress: Hardening Wordpress [Official Wordpress Codex] General: How to Secure your CMS [MalwareBytes] General: A Security Overview of Content Management Systems [Detectify] Joomla!: Security Checklist [Official Joomla! Documentation] Drupal: Securing Drupal 8 [Official Drupal Documentation]
-
mysql_full_unicode_support#File_format this test must pass Your database uses Antelope as the file format. Full UTF-8 support in MySQL and MariaDB requires the Barracuda file format. Please switch to the Barracuda file format. See the documentation MySQL full unicode support for details. Check mysql_full_unicode_support#Large_prefix this test must pass For full support of UTF-8 both MySQL and MariaDB require you to change your MySQL setting 'innodb_large_prefix' to 'ON'. See the documentation for further details. [/code[ in that case there are various approaches to a solution I'm using Mysql 5.6.17 with WAMP Server I solved the problem by editing the my.ini file Find the category [mysqld] there add the following instructions [mysqld] innodb_file_format = Barracuda innodb_large_prefix = 1 innodb_file_per_table = ON https://stackoverflow.com/questions/35847015/mysql-change-innodb-large-prefix
-
IPS Community Suite 4.4.1 Released 03/05/2019 This is a security release and we recommend all clients upgrade as soon as possible. Key Changes Version 4.4.1 is a small maintenance update to fix issues reported since 4.4.0. This release also contains a critical security update for Commerce. Additional Information Core Improved auto-upgrader for Community In The Cloud clients when an unexpected failure is detected. Added AdminCP search keywords to aid in finding certain new features in 4.4.x. Made several adjustments to HTTP/2 push/preloading to improve overall performance of most requests and resolve minor bugs. Changed database connector so that a database connection is only established once it is actually needed. Improved performance of 4.4.0 upgrades for sites with lots of members. Improved performance of content item and comment sidebar blocks restricted to specific containers. Improved Post Before Registering to allow the user to remove their submission and email address. Changed the error message for a failed login the same regardless of the reason for extra security. Fixed an issue where guest "post before register" submissions may show up in widgets before the guest registers. Fixed an SQL error during the 4.4.0 upgrade in some environments. Fixed several areas in the suite where images were not "lazy-loaded" as expected. Fixed link styling in announcement banners making the text difficult to read in some browsers. Fixed an issue where private conversations may incorrectly get flagged for automatic moderation. Fixed miscellaneous HTML markup errors. Fixed an issue where users could encounter an error by logging in with a new social account after already associating with a social account. Fixed some issues with the "Emails failing to send" AdminCP notification. Fixed frontend upgrade notice linking to the frontend instead of ACP. Fixed Application icon getting lost when the datastore is flushed. Fixed 'Error is logged' AdminCP Notification displaying incorrectly. Fixed an issue where the newsletter signup block was showing an error to guests. Fixed incorrect colors showing in the visual theme editor when creating a new easy mode theme. Fixed an issue visiting certain URLs when a community is installed into specifically named subdirectories. Fixed the email statistics setting not showing the correctly saved value. Fixed an issue with button spacing on mobile. Fixed an issue where streams may go missing if a guest member object is deleted. Fixed a styling issue on certain forms such as the AdminCP notification preferences form when using locales with a comma as the decimal separator. Fixed an issue where pagination may not work when 'rewrite FURLs' is not enabled. Fixed posts not retaining code syntax highlighting with some code languages. Fixed an issue where private conversations can be very slow to search. Fixed an issue with the Emoji shortcode popup when lazy load and Twitter Emoji are used. Fixed an issue with the setting for "Users can see records posted by other users" not being honored. Fixed some issues related to setting a custom start url in the web manifest. Fixed an issue where the prune members background task may stall if it encounters a staff account. Fixed an edge case issue where it was possible for the lazy load rebuild to affect embedded videos. Core - REST Fixed disabled applications showing in the REST API area of the AdminCP. Fixed the Invision to Invision OAuth 2 login handler attempting to sync letter photos. Forums Improved performance of the post feed widget. Commerce Removed Braintree option for new payment gateways. Removed the package moderation ability for moderators on the frontend. Removed a recommendation to switch to Braintree during upgrade. Restored ability to set up PayPal Billing Agreements. Fixed upgrading of expired purchases resulting in account credit being issued. Fixed inconsistent styling being applied to the Latest Products sidebar block. Made the grid vs list view theme setting translatable. Fixed an error viewing hosting accounts. Fixed PayPal checkouts through Braintree failing when tax is applied to the purchase. Fixed a missing language string when managing hosting accounts. Fixed an issue with configuring Braintree, if you have had any issues please open and re-save the Braintree settings. Fixed an issue where paid support request custom fields would show for none paid support departments. Fixed an issue where viewing a product may not work under certain circumstances. Fixed a duplicated HTML element ID (which prevents the page from passing as "valid HTML"). Fixed an issue where the Facebook Pixel for purchase events was missing currency and value. Pages Fixed an issue where reciprocal "back links" may be incorrectly deleted from records. Fixed an issue where importing a database would fail. Fixed a potential upgrade issue if orphaned data was present. Gallery Fixed an issue where notifications for new images can send indefinitely. Fixed an error attempting to move all albums from a category to another category in the AdminCP. Downloads Fixed an issue where notifications for new files can send indefinitely. Fixed issues with Downloads files linked to Commerce packages that are deleted. Blog Fixed a styling issue with the blog header on mobile. Clarified that guests will bypass the post before register feature when guests have the "Can comment on blog entries" Group Setting is enabled. Converter Fixed issues converting tags for database records in some cases. Changes affecting third-party developers and designers Made Commerce Gateways extensible by removing hardcoded namespace paths to Gateway classes. Changed the FileStorage skeleton file so that a new instance does not cause a PHP error by default. The Widget skeleton file was updated to follow the new 4.4.0 logic for widget display options. Fixed an issue cloning custom fields if non-standard column names are used. Trying to set an invalid value for a setting will result in an InvalidArgumentException. Automatic moderation will now only be applied to content types that implement \IPS\Content\Hideable as this is required for automatic moderation to function correctly. Fixed an ErrorException occurring during content promotion when Facebook is set up but no Facebook Pages have been linked for promoting. Fixed an ErrorException that can occur if you attempt to upgrade/downgrade a package without renewal options in Commerce while IN_DEV. The frontend template controlStrip now supports specifying the target attribute for links. Fixed an ErrorException occurring when a user receives their first PM during the instantNotifications AJAX polling.
-
Good news! Version 4.4.0 of Invision Community is now available. This includes a security patch and we recommend you upgrade as soon as possible. Major New Features / Enhancements Post Before Registering Animated GIFs AdminCP Notification Center New Email Features: Email Statistics Email Advertisements Unfollow Without Logging In SEO Improvements: Improved pagination with page number now in path (rather than query string) and unique page titles for paginated pages. Improved use of canonical tags. Improved handling of empty containers and profiles to reduce soft 404s. Improved JSON-LD markup, adding @id tags and fixing URLs for comments. Removed page output hidden by JavaScript. Performance Improvements: Added Lazy Loading for images, which will speed up page rendering. Added HTTP/2 support with prefetch/preload. Added support for Brotli compression. Improved default profile photos to use inline SVGs rather than generated images, which will speed up page rendering. Improved browser caching of pages served by the guest page cache, which will reduce the number of requests reaching the server. Improved handing of session data for guests to reduce database reads for guests. Optimized images to reduce file size for faster page rendering. Other minor performance improvements to reduce database queries and fix unnecessary code execution. Commerce Store Filters allow customers to filter products by price, review, stock, or custom admin-defined filters. Core Added setting to display user group formatting in more areas (see 6 New Micro Features). Added less intrusive browser notification prompt in Notifications menu (see 6 New Micro Features). Added ability to show sidebar blocks to only certain types of devices (see 6 New Micro Features). Added ability for club owners to reorder the navigation tabs (see 6 New Micro Features). Added ability for announcements to be linked to an URL or be a title only (see 6 New Micro Features), improved consistency in how announcements are shown in different areas. Improved UI for entering time intervals in AdminCP settings (see 6 New Micro Features). Added a new Icons & Logos section in the AdminCP which allows providing logos for use when sharing links from the community, adding the community as a home screen app on a mobile device (along with additional settings for a PWA manifest to control certain aspects the community’s behaviour when used in this way), and in Safari’s favourites menus and pinned tabs on macOS. Added a new UI for attachments, showing a box with some information about the file, rather than a plain line (see Turbo charging loading speeds). Commerce Braintree Gateway including support for PayPal (with recurring payments), Venmo, and cards. Deprecates some PayPal features. Added ability to target bulk mails to members who have spent certain amounts. Added sidebar widgets for best sellers, latest products, product reviews and a featured product. New Server Requirements: PHP 7.1.0 or higher required (7.3.x now supported). MySQL 5.5.3 or higher requires (5.6.2 recommended). Removed Features Removed EmojiOne-style emojis due to licensing issues. Removed Gravatar support due to privacy concerns and performance issues. Removed password hashes when downloading a member list from the AdminCP. This is for security, to reduce the ease of obtaining sensitive data if the AdminCP is ever compromised. Removed the name of the content (e.g. topic) from the “Next Unread” link which could consume significant server resources on large communities. Also included: 4.3.6 This is a maintenance release to fix reported issues.
-
https://forums.cpanel.net/resources/troubleshooting-high-server-loads-on-linux-servers.379/ Tutorial Troubleshooting high server loads on Linux servers Technical support analysts often receive tickets about high server loads. The cause of high server loads is very rarely attributed to defects in the cPanel software or the applications it installs. High server loads are something that should be initially investigated by the server owner, their system administrator, or server provider. What causes high server loads? Excessive usage of any of the following items can typically cause this issue: CPU memory (including swap) disk I/O How can I check these items? That depends whether you want to review their current resource usage, or historical resource usage. This tutorial will cover both. A brief lesson on "sar" Historical resource usage can be viewed using the "sar" utility, which should exist by default on all cPanel servers from the sysstat package. The stats are collected when sysstat runs from cron (/etc/cron.d/sysstat). If crond is not running, sysstat will not be able to collect historical statistics. To view resource usage histories from sar, you must provide the path to the file that corresponds with the date of the stats. For example, if you wanted to view the load averages for your server from the 23rd of the month, you would run this command: Code: [user@host ~]$ sar -q -f /var/log/sa/sa23 The command above uses '-q' to obtain the load average information, and '-f' to specify which sar file to obtain the information from. Note that sar may not have historical data going back more than a week or so. You do not need to specify the date when viewing the statistics for the current day. As such, this command would show the load average for today: Code: [user@host ~]$ sar -q You are strongly encouraged to read the documentation for sar: Code: [user@host ~]$ man sar It provides statistics for many things that can be helpful to know about. Current CPU usage Run "top", and on the line that says "Cpu(s)", check the "%id" section which shows the percentage of which your CPUs are idle. The higher the number the better. A 99% idle CPU is not doing much of anything, and a 1% idle CPU is heavily tasked. Code: [user@host ~]$ top c Tip: hit "P" to sort by processes that are currently consuming the most CPU. Historical CPU usage Check the "%idle" column: Code: [user@host ~]$ sar -p Current memory usage Code: [user@host ~]$ free -m Tip: run "top c" and hit "M" to see which processes are consuming the most memory. Historical memory usage This depends on the version of sar, which used to use '-r' to show %memused and %swpused (swap memory used), but later changed to '-S' to show %swpused. Check "%memused" and "%swpused": Code: [user@host ~]$ sar -r OR: Code: [user@host ~]$ sar -r Code: [user@host ~]$ sar -S A note about memory usage: it is normal to see much of the server's memory being used. Why? Because the OS loves to cache things in memory. Why? Because accessing data from memory is extremely fast and far more efficient than using the server's disk(s). As such, %memused isn't generally going to be much of an issue (unless perhaps you don't have a swap partition, but that's an issue in and of itself). You should focus on %swpused, which is what gets used when your server's physical memory is full. The lower the number, the better. A %swpused percentage of 0% would mean that your server currently has sufficient physical memory to perform its tasks. How much %swpused is too much? That depends on your opinion of "too much". Generally speaking, a consistent low percentage of swap usage may not be an issue on your server. If you observe the %swpused increasing over time (e.g., from 1%, to 7%, to 32%), something on your server is consuming too much memory, and it would be wise to determine what that is (rather than just installing more memory). If your server ends up using all of its physical memory and swap memory, it may become unresponsive, requiring a reboot. Current disk I/O usage Note: this does not work on OpenVZ/Virtuozzo containers. This will print the disk usage statistics 10 times, every 1 seconds. Check the %util column: Code: [user@host ~]$ iostat -x 1 10 Historial disk I/O usage Code: [user@host ~]$ sar -d Good system administration involves knowing when your server's load is higher than acceptable. The main reason for this (other than preventing your server from becoming unresponsive and requiring a reboot) is to see what's taking place on the server while the load is high. Fast actions will enable you to troubleshoot the issue while it is occurring. If your server's load was high from 2AM - 4AM while you were sleeping, you would have missed what took place. While sar can be helpful to show you what specific resources were high during that time, it won't tell you the cause of the high usage. There can be many causes, including DoS attacks, spam attacks, poorly designed php scripts which consume large amounts of memory, web spiders that crawl sites too aggressively, hardware issues, massive amounts of disk writes to a user's MySQL database, and much, much more. The good news is that you can have much of this information collected and sent to you automatically while the load is high, which you can review later as needed. How? From your process list: Code: [user@host ~]$ ps auxwwwf I have created a shell script for this, which is based off of a perl script that I used to run on servers that I managed. It was very useful to me in conjunction with other server monitoring (such as via Nagios). It checks 6 different things (more on this below), and emails you the current process list if any of them exceed your specific threshold. This script is not developed, maintained, or supported by cPanel, Inc. Please do not open tickets about this script. If you experience any issues using it and require assistance, you can post a reply here, or consult an experienced system administrator. cPanel cannot provide support for this script. The resources that are checked are as follows: 1 minute load average kilobytes of swap used kilobytes of memory usage packets per second inbound packets per second outbound number of processes How to use the script To run the script automatically, set up a cron job that executes it as often as you'd like. I found every 5 minutes to be a good fit. The script does not need to be run as root, so do not run it as root. If one of the resources has exceeded its user defined threshold, the script will send you an email that contains the current process list (ps auxwwwf). The subject line of the email will look something like this: Code: server.example.com [L: 35] [P: 237] [Swap Use: 1% ] [pps in: 54 pps out: 289] Each of those items is explained as follows: L - the 1 minute load average P - the number of processes in the process list Swap Usage - the percentage of swap memory being used pps in - packets per second inbound pps out - packets per second outbound Before you use the script IMPORTANT: You will need to adjust the values to your liking. There are no perfect default values. Why? Because different server environments are, well, different. For example, it may be preferred to set the 1 minute load average threshold higher for a server with 16 CPU cores than a server with just 1. NOTE: You will need to add your email address to the "EMAIL" variable. For example: Code: EMAIL="you@example.com" You would also likely want to adjust the following 5 items: MAX_LOAD MAX_SWAP_USED MAX_MEM_USED MAX_PPS_OUT MAX_PPS_IN Code: #!/bin/sh export PATH=/bin:/usr/bin ########################################################################## # # # Copyright Jeff Petersen, 2009 - 2013 # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see <http://www.gnu.org/licenses/>. # # # ########################################################################## ############################################################################### # START USER CONFIGURABLE VARIABLES ############################################################################### EMAIL="you@example.com" # 1 minute load avg MAX_LOAD=3 # kB MAX_SWAP_USED=1000 # kB MAX_MEM_USED=500000 # packets per second inbound MAX_PPS_IN=2000 # packets per second outbound MAX_PPS_OUT=2000 # max processes in the process list MAX_PROCS=400 ############################################################################### # END USER CONFIGURABLE VARIABLES ############################################################################### IFACE=`grep ETHDEV /etc/wwwacct.conf | awk '{print $2}'` if [[ "$IFACE" =~ "venet" ]] ; then IFACE=venet0 fi IFACE=${IFACE}: ############################################################################### # 1 min load avg ############################################################################### ONE_MIN_LOADAVG=`cut -d . -f 1 /proc/loadavg` echo "1 minute load avg: $ONE_MIN_LOADAVG" ############################################################################### # swap used ############################################################################### SWAP_TOTAL=`grep ^SwapTotal: /proc/meminfo | awk '{print $2}'` SWAP_FREE=`grep ^SwapFree: /proc/meminfo | awk '{print $2}'` let "SWAP_USED = (SWAP_TOTAL - SWAP_FREE)" echo "Swap used: $SWAP_USED kB" ############################################################################### # mem used ############################################################################### MEM_TOTAL=`grep ^MemTotal: /proc/meminfo | awk '{print $2}'` MEM_FREE=`grep ^MemFree: /proc/meminfo | awk '{print $2}'` let "MEM_USED = (MEM_TOTAL - MEM_FREE)" echo "Mem used: $MEM_USED kB" ############################################################################### # packets received ############################################################################### PACKETS_RX_1=`grep $IFACE /proc/net/dev | awk '{print $2}'` sleep 2; PACKETS_RX_2=`grep $IFACE /proc/net/dev | awk '{print $2}'` let "PACKETS_RX = (PACKETS_RX_2 - PACKETS_RX_1) / 2" echo "packets received (2 secs): $PACKETS_RX" ############################################################################### # packets sent ############################################################################### PACKETS_TX_1=`grep $IFACE /proc/net/dev | awk '{print $10}'` sleep 2; PACKETS_TX_2=`grep $IFACE /proc/net/dev | awk '{print $10}'` let "PACKETS_TX = (PACKETS_TX_2 - PACKETS_TX_1) / 2" echo "packets sent (2 secs): $PACKETS_TX" let "SWAP_USED = SWAP_TOTAL - SWAP_FREE" if [ ! "$SWAP_USED" == 0 ] ; then PERCENTAGE_SWAP_USED=`echo $SWAP_USED / $SWAP_TOTAL | bc -l` TOTAL_PERCENTAGE=`echo ${PERCENTAGE_SWAP_USED:1:2}%` else TOTAL_PERCENTAGE='0%' fi ############################################################################### # number of processes ############################################################################### MAX_PROCS_CHECK=`ps ax | wc -l` send_alert() { SUBJECTLINE="`hostname` [L: $ONE_MIN_LOADAVG] [P: $MAX_PROCS_CHECK] [Swap Use: $TOTAL_PERCENTAGE ] [pps in: $PACKETS_RX pps out: $PACKETS_TX]" ps auxwwwf | mail -s "$SUBJECTLINE" $EMAIL exit } if [ $ONE_MIN_LOADAVG -gt $MAX_LOAD ] ; then send_alert elif [ $SWAP_USED -gt $MAX_SWAP_USED ] ; then send_alert elif [ $MEM_USED -gt $MAX_MEM_USED ] ; then send_alert elif [ $PACKETS_RX -gt $MAX_PPS_IN ] ; then send_alert elif [ $PACKETS_TX -gt $MAX_PPS_OUT ] ; then send_alert elif [ $MAX_PROCS_CHECK -gt $MAX_PROCS ] ; then send_alert fi Note that the process list output contains several useful columns that pertain to CPU and memory usage for each process: %CPU %MEM VSZ RSS TIME (shows how long a process has existed) There are various actions you can take to find the cause of your high server loads. Here is a partial list that will always be incomplete: Check the MySQL process list using "mysqladmin processlist" (or just "mysqladmin pr" for short) Check the MySQL process list using mytop tail your logs! Listening to what your server says is very important. Is your server being brute forced? Run dmesg and check for possible hardware issues Use netstat to view the connections to your server Here are some logs to check: syslogs: /var/log/messages, /var/log/secure SMTP logs: /var/log/exim_mainlog, /var/log/exim_rejectlog, /var/log/exim_paniclog POP3/IMAP logs: /var/log/maillog Apache logs: /usr/local/apache/logs/access_log, /usr/local/apache/logs/error_log, /usr/local/apache/logs/suexec_log, /usr/local/apache/logs/suphp_log Website logs: /usr/local/apache/domlogs/ (use this to find sites with traffic in the last 60 seconds: find -maxdepth 1 -type f -mmin -1 | egrep -v 'offset|_log$') cron logs: /var/log/cron Please feel free to post questions, comments, and anything else about troubleshooting server loads by clicking on the Discussion tab. This resource will inevitably be missing some other useful troubleshooting items, and your comments are encouraged. I hope you find this useful. Thanks! https://forums.cpanel.net/resources/troubleshooting-high-server-loads-on-linux-servers.379/
-
https://go.cpanel.net/memoryusage At cPanel, we sometimes get inquiries about how and where memory is being used. To help with this we wanted to provide some more general information. Overview: Sometimes you may notice your server reports very little "Free Memory," however, this may not mean that your server is actually low on memory. To see your server's memory, first, log into the WHM interface with your root user information, then go to Home >> Server Status >> Server Information and then scroll down to "Current Memory Usage" and you will see something like this for the server's output: Code: # free -m total used free shared buff/cache available Mem: 1838 906 126 105 804 651 Swap: 0 0 0 In some cases, this can cause confusion or falsely indicate the system is low on memory. In the case of Linux, the section that you will want to look at in the server is the available column because Linux will allocate your free memory and use it for disk caching. This will cause different values to be reported between the used memory column and the available column. Looking at each column, we can see that the server has a total of 1838 MiB of memory, the server is currently using906 MiB and then 126 MiB free. For the actual free memory, we will look at the available memory which is 651 MiB. What is disk caching? Disk caching is managed through the Linux kernel, which stores common requests and processes in memory so that the server's IO wait is lower. This helps applications run smoother, and if more memory is needed for other processes, the kernel will release the memory from the disk cache. If the memory is needed for other processes, the system will release the memory from the disk caching so that it may be used normally. FAQ: Q: Can Disk Caching be disabled? A: No, since this is a kernel level operation there isn't a way to disable disk caching. Q: What is the difference between MB and MiB? MB stands for megabyte and is 10 to the power of 6 bytes. MiB stands for mebibyte and is 2 to the power of 20 bytes. 1 MB = 1,000,000 bytes 1 MiB = 1,048,576 bytes MB=220 and MiB=106 Additional Resources: 1. Tutorial - Troubleshooting high server loads on Linux servers https://forums.cpanel.net/resources/understanding-memory-usage-on-linux-operating-systems.541/
-
In this post I am explaining the command usages for finding or sorting emails in Exim mail queue for particular sender or receiver. We can sort it out in different ways, by using exim basic command and also by using the command “exiqgrep”. To sort mail queue for a sender or receiver, you must have the idea about the field in Exim command output. Then you can simply sort it out with the help of “awk” and other Linux basic commands. The default Exim command output field with details are explained below: The “exim -bp” command output: 4d 2.3K 1X0Baa-0006iR-Ml <> fax@145.144-238-87.ripe.rewwwwwfs.net 70h 999 1X0RmS-0002Ue-Fe <info@hxxxxxer.com> email@example.com In the above list, there are two mails in the mail queue. The queue field details are explained below: 1st field : Message’s age. (Eg: 4d : Four day) 2nd field : Size. (2.3k) 3rd field : Message ID (1X0Baa-0006iR-Ml) 4th field : sender. (info@hxxxxxer.com) 5th field/second line : recipient address. (email@example.com) It’s really simple to find/sort email details for a particular user (Sender or Receiver) from the Exim mail queue. We have already discussed about the Exim mail server in different way. Here I am explaining different option to sort emails for a User. How to check spamming on server which has Exim MTA? Electronic spamming is the use of electronic messaging systems to send unsolicited messages (spam), especially advertising, as well as sending messages repeatedly on the same site. It happens in many ways on a mail server. Spamming is one of the common and frequent problem in web hosting industry. Spamming can cause your server’s IPs blocked at different RBLs, if any accounts in your server sends multiple spam emails. Method I : Basic method with “exim” command. We can sort the emails by using the exim command, see the examples below: I : List all emails from a particular sender: # exim -bp|grep "username" Where “username” is the sender name. Example: root@server [~]# exim -bp|grep olne5 43h 3.6K 1WFLFH-0006uA-Gk <olne5@nothing.com> 43h 3.6K 1WFLOL-0000LX-97 <olne5@nothing.com> 43h 1.9K 1WFLQG-0000hv-5M <olne5@nothing.com> 43h 3.6K 1WFM7W-0001T5-7B <olne5@nothing.com> 42h 6.0K 1WFMEn-0002yJ-A8 <olne5@nothing.com> 42h 3.7K 1WFMGq-0003Sf-4T <olne5@nothing.com> 42h 3.5K 1WFMyn-0002yN-Tt <olne5@nothing.com> ------ ------ Use “wc -l” to count total emails Example: root@server [~]# exim -bp|grep olne5|wc -l 191 How to remove ? Yes, that’s actually our discussion. You can remove all emails from that user using “awk” and “xargs “ options. Syntax: # exim -bp|grep "username"| awk {'print $3'}| xargs exim -Mrm Example: root@server [~]# exim -bp|grep olne5| awk {'print $3'}| xargs exim -Mrm Sorry, I can’t illustrate the example here, because those emails are important for that user . II : List all emails to a particular address: # exim -bp|grep "username" Where “username” is the recipient address. Note that, the recipient details is listed in the second line of “exim -bp” command’s output. Example: root@server [~]# exim -bp|grep ommdsdsd 44h 3.6K 1WFLFH-0006uA-Gk <olne5@nothing.com> ommdsdsdws@yahoo.com 44h 3.6K 1WFLOL-0000LX-97 <olne5@nothing.com> ommdsdsdws@yahoo.com 44h 1.9K 1WFLQG-0000hv-5M <olne5@nothing.com> ommdsdsdws@yahoo.com 43h 3.6K 1WFM7W-0001T5-7B <ommane5@cphost8.veeblehosting.com> ommdsdsdws@yahoo.com ------ ------ You can use the “awk” & “xargs” commands to remove it from the queue. Method II : By using the command “exiqgrep” The command “exiqgrep” has some useful switches to manage emails which are in the Exim mail queue. Before deleting mails with exiqgrep you must have a little knowledge in “exiqgrep”. The smart switches of “EXIQGREP” command: 1, -f : to search the exim mail queue for emails from a particular user. Syntax: # exiqgrep -f user@domain 2, -r : to search the exim mail queue for emails to a particular address. Syntax: # exiqgrep -r user@domain 3, -i : Prints the message ID You can use it in different manner, some examples are; Print the message-id of the entire queue: # exiqgrep -i You can use it with -f and -r switches to get message ID of a particular sender or receiver. # exiqgrep -i [-r | -f] ... 4, -o : Prints messages older than a particular time. Example: # exiqgrep -o 86400 Where time is specified in Seconds. 5, -y : Prints messages younger than a particular time. 6, -s : Prints messages with a particular size in bytes. Example: # exiqgrep -s "^3..$" “^3$” –> 3bytes “^3.$” –> 3-30bytes “^3..$” –> 3-300bytes “^3…$” –> 3-3000bytes And so on.. 7, -z : list all frozen mails. 8, -x : List all unfrozen mails. 9, -c : Counts the matches with all of the above searches. Example: root@server [~]# exiqgrep -c -s "^3...$" 114 matches out of 584 messages Alright, Hope you got an idea about the usages of “exiqgrep”, Now it is very simple to manage emails for a particular user with the help of “exiqgrep”. How to remove all emails from a particular user using exiqgrep? Do follow this command: # exiqgrep -i -f $user | xargs exim -Mrm How to remove all emails to a particular user using exiqgrep? Do follow this command: # exiqgrep -i -r $user | xargs exim -Mrm That’s it Please let me know your suggestions. https://www.crybit.com/remove-users-emails-form-mail-queue/
-
Hello Zachary Walker,
Welcome to designhost.gr.
Feel free to browse our community accessing all sorts of information and getting to know our members.
Do not hesitate to ask anything in our forums.
designhost.gr
-
Convert dmesg timestamp to custom date format
NickTheGreek posted a topic in Διαχείριση Linux server
dmesg_with_human_timestamps () { FORMAT="%a %b %d %H:%M:%S %Y" now=$(date +%s) cputime_line=$(grep -m1 "\.clock" /proc/sched_debug) if [[ $cputime_line =~ [^0-9]*([0-9]*).* ]]; then cputime=$((BASH_REMATCH[1] / 1000)) fi dmesg | while IFS= read -r line; do if [[ $line =~ ^\[\ *([0-9]+)\.[0-9]+\]\ (.*) ]]; then stamp=$((now-cputime+BASH_REMATCH[1])) echo "[$(date +"${FORMAT}" --date=@${stamp})] ${BASH_REMATCH[2]}" else echo "$line" fi done } alias dmesgt=dmesg_with_human_timestamps https://stackoverflow.com/questions/13890789/convert-dmesg-timestamp-to-custom-date-format -
Hello dimitrisp,
Welcome to designhost.gr.
Feel free to browse our community accessing all sorts of information and getting to know our members.
Do not hesitate to ask anything in our forums.
designhost.gr