cPanel – change email password without cPanel access – edit shadow file

I had issue with cPanel on which license was expired. So web interface wasn’t accessible. One client had situation and need to change email password urgently. Because cpanel wasn’t accessible, he was unable to do so. There is a trick. You can change mail password without accessing cpanel directly. You can modify shadow file and paste new password hash. cPanel stores email passwords in shadow file. Here is how you can do it.

First, you need to generate new password hash in SHA512 format. You can do it with python:

[root@machine ~]# python3 -c 'import crypt; print(crypt.crypt("mynewpassword", crypt.mksalt(crypt.METHOD_SHA512)))'
$6$Xy/Xjk9kArTdnMeh$tZemrVaYPG8kqW0DFxpxGXzurUWYx/3qoYA5xw1KYokYaVS/34jMWrFbrjf95xjOlOrskVAZeXSnKLAPn56pi.

Then you need to locate shadow file for your user and edit it:

root@cpanel [~]# cd /home/test/etc/testdomain.com
root@cpanel [/home/test/etc/testdomain.com]#
root@cpanel [/home/test/etc/testdomain.com]# vi shadow

Here is original hash for our user. You should change it with hash generated in first step. Change part which is marked with bold:

test:$6$o/dl07XTG2tht5ir$GZQ8DCOQQ1FG9U/G87aq0kOiEru8ndwWK8RbrDy6vbl9DCKSDEsejjIxwfvO329a4dONuypsQx9HuUj6MVuqx.:18269::::::

so it looks like this:

test:$6$Xy/Xjk9kArTdnMeh$tZemrVaYPG8kqW0DFxpxGXzurUWYx/3qoYA5xw1KYokYaVS/34jMWrFbrjf95xjOlOrskVAZeXSnKLAPn56pi.:18269::::::

That’s it, you should be able to login in webmail with new password, generated with python – frist step.

cPanel/CloudLinux – Composer not working with cPanel user

I had a problem when publishing project via composer as cPanel user. When trying to execute composer via cpanel user with ssh access, composer returned nothing. This was on CloudLinux with alt-php (PHP Selector) and cPanel.

In documentation is stated that for composer to work, we need PHP library’s Phar, Iconv, Mbstring. This can be done easily with PHP Selector in your user interface. Documentation also says that we need to have enabled allow_url_fopen which is also specified as possible security issue so it shouldnt be enabled globally. And lastly, if you use suhosin, which you should, you have to whitelist Phar. You should do all of this so that is only affecting php.ini for specific user and not globally. Also, you’ll want to increase memory_limit as composer needs it. In my case, I temporary increase it to 1G. First, enable all necessary php library’s through PHP Selector in you cpanel control panel. Then follow steps bellow.

Login in users CageFS like this:

root@server [~]# cagefsctl -e

Then go to your alt-php configuration directory:

root@cpanel [~]# cd /etc/cl.php.d/alt-php<desired version>/

Inside of this directory you should see file alt_php.ini, open it and add this to end of the file:

;>=== Start of PHP Selector Custom Options ===
memory_limit=1G
suhosin.executor.include.whitelist=phar
;<=== End of PHP Selector Custom Options =====

Save this settings and exit user CageFS. You don’t need to restart apache. Then SSH with your cpanel user and try to run composer.

Composer should now work with your cPanel user:

thisisme@server [/]# composer --version
Composer version 1.6.2 2018-01-05

 

Scan your cPanel/Directadmin for excessive files

When dealing with cPanel/Directadmin that contains a lot of users, you need some control of what those users are uploading. Web hosting accounts should be used just for that, hosting websites, and not as data storage – in most cases. Sometimes you even offer packets with unlimited disk capacity but you don’t want that users are storing movies and all kind of other unnecessary files that don’t belong on web hosting account. From web hosting perspective, in most cases, any single file that exceeds 100M is usually not part of website and is just laying there, wasting your precious disk space. In cases like this, account is used as backup service. You’ll be able to find all kind of files. Movies, music, applications, archives …

So you may want to have some reports on regular basis that gives you list of all files that exceed some maximum allowed file size limit – defined by you. Personaly, I scan on interval of 7 days for all files that exceed size of 300M. I created a simple script that will do just that. It will check your /home directory for all files that exceed size that you defined. At the end, report will be sent to your email. You can also scan other directory beside /home if you wish.

Continue Reading

© 2024 geegkytuts.net
Hosted by SIEL


About author