11 Ways to Free Up Disk Space on a cPanel Server

I’m sure that most of you have been to the point where one or more of your servers start to fill up as you get more customers. The server’s performing just fine, but there’s one problem…you’re out of disk space! Here are a few simple tricks to freeing up disk space on your cPanel server to help maximize your server’s potential.

1) Delete user cPanel and Fantastsico backups

If you have the backup feature in cPanel enabled, chances are your users are storing the backups on the server instead of downloading and removing them. On larger servers, this can account for a lot of disk space usage. You may want to consider warning your users ahead of time that backups will automatically be removed from the server after a certain period of time or on certain dates.  You can mass-delete all user cPanel backups on the server with this command:

for user in `/bin/ls -A /var/cpanel/users` ; do rm -fv /home/$user/backup-*$user.tar.gz ; done

To remove Fantastico backups:

rm -rfv /home/*/fantastico_backups

2) Move your backups offsite

Similarly to above, if you’re using the cPanel Backup System and are storing your backups locally on the server, you could be using twice as much space as you need to. Consider mounting a backup server to your hosting server and storing the backups there (there is an option to mount external media in WHM > Configure Backups) or using an alternate method of backing up your server that doesn’t involve storing the backups locally. While local backups may be convenient at times, they tend to be useless when a server failure occurs.

3) Delete cPanel File Manager temp files

When users upload files in File Manager within cPanel, File Manager creates a temp file that may or may not get removed upon upload. You can remove these files using this command:

rm -fv /home/*/tmp/Cpanel_*

4) Move or archive logs

Most of the server’s logs are stored in /var/log, which can get rather large on more populated servers. You can change the length of time and frequency of the log rotation in /etc/logrotate.conf, and enable compression to save additional space (at the expense of CPU when the logs are being gzipped). If you want older logs, consider creating a cron job to periodically transfer them to a backup or log server so they aren’t taking up space on your hosting server.

5) Remove cPanel update archives

Cpanel and EasyApache updates tend to leave behind files that you probably don’t need. The following can be deleted or moved to a backup server to free up a little bit of space:

/usr/local/apache.backup*

/home/cpeasyapache (actual name may vary depending on cpanel version)

6) Clean up Yum files

Yum updates leave package cache files on the server. You can clean up all unneeded yum files by running:

yum clean all

7) Remove pure-ftp partials

When your users upload files to the server via FTP when your server runs pureFTP as an FTP daemon, the FTP server creates temporary files starting with .pureftpd-upload* that get renamed the the actual filename when the upload completes. If the upload doesn’t complete, these files are left on the server. You can find and delete these by running:

locate .pureftpd-upload | xargs rm -fv

*If you don’t run an updatedb regularly, you might want to do so before running this command

8) Decrease the reserved disk space

By default, Linux reserves 5% of the disk space from each partition for the root user, so root can still log in even if the disk is full. You may have noticed when running a df that you may be using 900GB out of a 1TB drive, but only have 50GB available…that’s because the other 50GB is reserved.

For larger drives, you really don’t need the whole 5%. I would recommend setting this value down to 2500 blocks so you can utilize more of the disk space. You can do this with tune2fs:

tune2fs -r 2500 /dev/sda1

You’ll want to probably man the tune2fs command before you use it for other options on setting the reserved space for your partitions.

9) Remove unneeded accounts

If you have a larger churn rate you probably have some user accounts laying around on your server that you don’t need. Check out WHM > List Suspended Accounts (or ls /var/cpanel/suspended) and look for suspended accounts that you may be able to remove from the server to free up space. You can terminate accounts in WHM > Terminate an Account or using the command /scripts/killacct <user> <y/n> (y/n indicating whether to save the DNS records)

10) Check for contrabands

As a hosting provider you should have a Terms of Service that specifically tells your customers what they can (or rather cannot) store on your server. Most hosts have specific rules about the hosting of non-website-related backups and copyrighted material, but don’t pro actively scan their servers for it.  It wouldn’t hurt to run a few locate commands to find common files associated with copyright violations, like .mp3, .avi, .exe, etc, and have your customers remove them from the server. I once cleared over 300Gb of space on a server just by having customers remove contraband files from the server. On top of that, you’re also preserving the integrity of your business from a legal standpoint.

11) Consider a larger server

Some of your customers may have a legitimate need for large amount of disk space, and therefore you may be unable to keep the disk space usage on your server at a reasonable level. A lot of hosting providers have alternate servers that are more “low key” but have huge disk storage volumes to accommodate customers that have larger sites. You might want to consider investing in a server that will be less populated and only the users that occupy a large amount of space.

Read More

cPanel Log file locations All

cPanel log file locations and Basic troubleshooting, most activity that happens on a server to log files, so that you can go back and review log entries for problems, instead of having to be on the server at the time of them happening.

Kernel Boot & Hardware error logs

Path : /var/log/dmesg

Use the command ” dmesg ” in the root shell to display all the kernel ring buffer (last 64 K) stored in the memory. Just use ” dmesg > boot.messages ” to store the logs in the separate file, and if you want to clear the dmesg just type ” dmesg -c “.

System Informations

Path : /var/log/messages

Use “ tail -f /var/log/message ” to list what is going on with your system and with your dns. This logs helps the admin to find our any form of tcp/udp and other form of attacks.

Bad Login / Logout logs

Path : /var/log/btmp

Stores all the bad login and logout attempts either failure or success. Just use the lastb command to list all the log in a clear format with date/time etc to trace and block the attack source. This kind of attacks on ssh are normally done using a script with Brute force password crackers.

Login / Logout logs

Path : /var/log/wtmp

Similar to the bad login/logout this log store the good/authorized system login and logout which can be listed using ” last “  command.

Last Logins Logs

Path : /var/log/lastlog

Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user. Use the ” lastlog ” command to retrieve the data from the logs.

Authentication logs

Path : /var/log/secure

Logs all daemons which requires PAM Authentication.

Common Cpanel logs

cPanel/WHM Initial Installation Errors

Path : /var/log/cpanel*install*

Logs use to record the missing dependency or any error which its encouter during the cpanel installation process including the hardware driver failures/mis-matches.

Cpanel License Error Logs

Path : /usr/local/cpanel/logs/license_log

License and its updated information’s are stored here, if you are encountering with any license issue just execute the command /usr/local/cpanel/cpkeyclt to update the license from the cpanel.

Cpanel/WHM Accounting Logs

Path : /var/cpanel/accounting.log

Contains a list of accounting functions performed through WHM, including account removal and creation. So the administrator can make of this logs to check who deleted the account and from which ip etc.

Cpanel/WHM Service Status Logs

Path : /var/log/chkservd.log

Separate logs for the cpanel’s chkservd daemon which logs the service failure and notifications.

Cpanel Stats Daemon Logs

Path : /usr/local/cpanel/logs/stats_log

The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.

Cpanel login and access logs

Path : /usr/local/cpanel/logs/access_log

All the login attempts and logins will be logged in this logs which helps the administrator to check who logged in to the panel on which time/ip address etc.

Cpanel Bandwidth Logs

Path : /var/cpanel/bandwidth

Files contain a list of the bandwidth history for each account. Each named after their respective user.

Tailwatchd Daemon logs

Path : /usr/local/cpanel/logs/tailwatchd_log

Logs for daemon configured under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.

Cpanel Ftp logs

Ftp General login and Failure

Path : /var/log/messages

FTP Data Transactions log

Path : /var/log/xferlog

Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users.

FTP account Raw logs.

Path : /usr/local/apache/domlogs/ftp.domainname-ftp_log

Store all the ftp login/transfers ftp commands, client connection status etc.

Pure-ftp log

Path : /var/log/pureftpd.log

It will be disabled by default and only works if you enable it in the /etc/pure-ftpd.conf .

Pro-ftp log

Path : /var/log/pro-ftpd.log

It will be disabled by default and only works if you enable it in the /etc/pro-ftpd.conf

Cpanel Mysql logs

MySQL General Information and Errors

Path : /var/lib/mysql/$(hostname).err

This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log.

Cpanel Apache logs

Apache Access Logs:

Path : /usr/local/apache/logs/access_log

Complete web server access log records all requests processed by the server.

General Error and Auditing Logs

Path : /usr/local/apache/logs/error_log

All exceptions caught by httpd along with standard error output from CGI applications are logged here, including apache crash etc.

Apache SuExec Logs

Path : /usr/local/apache/logs/suexec_log

Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations.

Domain Access & error logs

Path : /usr/local/apache/domlogs/domain.com

General access and error log file for each domain configured with cPanel.

Cpanel Exim logs

Mail Receive and Delivery

Path : /var/log/exim_mainlog or /var/log/exim/mainlog(FreeBSD)

Receives an entry every time a message is received or delivered.

ACLs/Policies based RejectLog

Path : /var/log/exim_rejectlog

An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail

Panic/Fatal Errors :

Path : /var/log/exim_paniclog

Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated

IMAP/POP logs

Path : /var/log/maillog & /var/log/messages

The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.

Read More

Xử lý lỗi trang trắng khi truy cập do sai version PHP

1. Tình huống gặp phải:
- Tiến hành cài đặt website trong môi trường thử nghiệm chạy rất tốt, tuy nhiên đưa lên môi trườngHosting thì Website không chạy, hiển thị trang trắng không có nội dung hoặc không hiển thị lỗi.
- Sau khi nâng cấp hoặc thay đổi mã nguồn thì Website hiển thị nội dung trống (trắng) thay vì trả về nội dung Website như bình thường

2. Xác định nguyên nhân:
- Lỗi trang trắng xảy ra do nhiều nguyên nhân, đa phần nguyên nhân là do mã nguồn của Website (lỗi themes, plugins, modules), lỗi phiên bản mã nguồn (ví dụ Joomla 1.5 không chạy được PHP 5.4). 
- Một trong những nguyên nhân phổ biến của hiện tượng truy cập Website bị trang trắng là do phiên bảnPHP trên Hosting không phù hợp để chạy mã nguồn.
- Để phán đoán chính xác việc Website bị trang trắng có phải do sai phiên bản PHP hay không cần thực hiện việc kiểm tra các thông báo log mà hệ thống trả về. 

3. Cấu hình hiển thị thông báo lỗi:
    3.1 Cấu hình Hosting
- Hosting tại Vinahost có thể dễ dàng điều chỉnh để hiển thị thông báo lỗi bằng cách thay đổi 2 giá trị sau trong phần: Quản lý tài khoản > Cấu hình PHP

Display_errors = On
Error_Reporting = E_ALL


- Đối với các thay đổi cấu hình PHP trong file php.ini hoặc .htaccess không có tác dụng tại HostingVinahost

    3.2 Cấu hình trong mã nguồn website
- Đối với từng bộ mã nguồn có thể điều chỉnh cấu hình trong mã nguồn để hiển thị Error log ra ngoài website dễ dàng cho việc phán đoán lỗi. Một số mã nguồn thông dụng nhất hiện nay có thể cấu hình để ghi lại và hiển thị lỗi như sau:

Joomla  
- Đăng nhập trang quản trị: Site >> Global Configuration >> Server >> Error Reporting: Chọn Maximum
- Hoặc có thể điều chỉnh trong file configuration.php của mã nguồn, cấu hình biến $error_reporting sử dụng các giá trị sau:

-1: Tắt thông báo lỗi
30709: Hiển thị tất cả các lỗi ngoại trừ warnings và notices (cấu hình tương đương E_ALL & ~(E_NOTICE|E_WARNING) )
30711: Hiển thị tất cả các lỗi bao gồm warnings, không bao gồm notices (cấu hình tương đương  E_ALL & ~E_NOTICE )
30719: Hiển thị tất cả các lỗi bao gồm warnings và notices, không bao gồm E_STRIC (cấu hình tương đương  E_ALL &~ E_STRIC)
32767: Hiển thị tất cả các lỗi, warning, notices và các lỗi "strict standards" (ví dụ:  “Strict Standards: Non-static method … on line XX”) (cấu hình tương đương E_ALL )

- Với mục đích kiểm tra lỗi liên quan đến phiên bản PHP, phần cấu hình này nên sử dụng giá trị 32767  để hiển thị tất cả các lỗi bao gồm gợi ý của PHP về việc các hàm mà mã nguồn đang sử dụng có tương thích / phù hợp với phiên bản PHP mà hệ thống đang sử dụng hay không.

Ví dụ:
public $error_reporting = '32767:';
public $log_path = '/home/xxx/public_html/joomla/logs'; #Đường dẫn lưu file log

- Tùy thuộc vào phiên bản PHP máy chủ đang sử dụng mà cấu hình hiển thị tất cả các lỗi E_ALL khác nhau như sau:

32767 nếu là PHP 5.4.x trở lên
30719 nếu là PHP 5.3.x
6143 nếu là PHP 5.2.x
2047 nếu là các phiên bản PHP thấp hơn

 

Wordpress
- Thay đổi một số giá trị trong file wp-config.php như sau:

/**  Bật WP_DEBUG mode */
define('WP_DEBUG', true);

/**  Bật chức năng lưu file log ở đường dẫn sau /wp-content/debug.log  */
define('WP_DEBUG_LOG', true);

/**  Hiển thị  các lỗi và warnings  */
define('WP_DEBUG_DISPLAY', true);
@ini_set('display_errors',1);

 

Magento
- Cấu hình trong phần quản lý: Admin >> Configuration >> Developer >> Log Settings >> Enabled = Yes
- Phân quyền 777 cho folder var/log để lưu log tại 2 file sau:

var/log/system.log
var/log/exception.log

4. Kiểm tra thông báo lỗi
- Khi sử dụng ngồn ngữ PHP để lập trình website (hoặc mã nguồn có sẵn) thì thường mã nguồn đó chỉ chạy tốt trên một môi trường PHP nhất định (phổ biến nhất là PHP 5.2, PHP 5.3), khi chạy trên môi trường Hosting có phiên bản PHP không phù hợp thì các hàm PHP trong mã nguồn website sẽ không còn được hỗ trợ và hiển thị một số lỗi dạng như sau:

Your server is running PHP version 5.1.6 but WordPress 3.8.2 requires at least 5.2.4.
Undefined variable: xxx in \home\userhosting\public_html\path-to-file\abc.php on line 12
Fatal error: Call to undefined method xxx
Deprecated: Assigning the return value of new by reference is deprecated in xxx on line 136


- Tại bước cấu hình 3.1 Cấu hình Hosting nếu bật tùy chọn log_errors = On thì hệ thống sẽ tự sinh file thông báo lỗi error_log tại đường dẫn sau: /home/username/public_html/error_log.

- Có thể kiểm tra file này để xem chi tiêt thông báo lỗi.
- Ngoài ra tùy thuộc vào cấu hình của từng mã nguồn để kiểm tra file thông báo lỗi khác nếu có.
 
5. Xử lý lỗi
- Để xử lý lỗi sai phiên bản PHP có thể dùng cách thay đổi mã nguồn (sử dụng hàm khác) hoặc thay đổi PHP version trên Hosting, đối với Hosting tại Vinahost có thể thao tác một cách dễ dàng như sau:


- Kiểm tra lại thao tác đổi phiên bản PHP đã thành công hay chưa bằng cách tạo một file info.php trong thư mục gốc của website (thư mục /home/username/public_html) có nội dung như sau:

Sau đó truy cập trực tiếp bằng trình duyệt thông qua đường dẫn http://your-websites.com/info.php

Tham khảo: 

- http://codex.wordpress.org/Debugging_in_WordPress
- https://wiki.magento.com
- http://docs.joomla.org/J3.x:Global_configuration

- http://php.net/manual/en/errorfunc.constants.php 

Read More

Mod Security Cpanel bị lỗi: The following exception has occurred: API failure: Access denied for user 'modsec'@

Cpanel bản mới 11.50 bị lỗi trên khi mình vào ModSecurity Tools. Fix như thế nào ?

Mình cũng không biết bị gì nhưng fix thì như sau:

modsec sử dụng database modsec luôn. Thông tin kết nối nằm ở /var/cpanel/modsec_db_pass

Nhập password vào file đó và nhập password cho user modsec trên database modsec với password đó. -> refresh lại là hoạt động bình thường, có lẻ mới thay đổi gì đó trong bản cập nhật này.

grant all privileges on modsec.* to 'modsec'@'localhost' identified by 'password'

Read More

[Howto Fix] Table './eximstats/sends' is marked as crashed and should be repaired

I've tryed to dump my whole databases with mysqldump


mysqldump --all-databases > all_databases.sql

got the error 'Table './eximstats/sends' is marked as crashed and should be repaired when using LOCK TABLES'

'eximstats' is my databasename und 'sends' my tablename.

I've tryed to repair the table with


mysqlcheck -u root --check auto-repair --optimize all-databases

but it no not worked

I've also tryed to repair ith with


mysql> repair table eximstats.sends;
+-----------------+--------+----------+-----------------------------------------------------------------------+
| Table | Op | Msg_type | Msg_text |
+-----------------+--------+----------+-----------------------------------------------------------------------+
| eximstats.sends | repair | Error | Table './eximstats/sends' is marked as crashed and should be repaired |
| eximstats.sends | repair | Error | Table 'sends' is marked as crashed and should be repaired |
| eximstats.sends | repair | status | Table is already up to date |
+-----------------+--------+----------+-----------------------------------------------------------------------+

and it do not worked again...

I've stoped mysql daemon

service mysqld stop

I've tryed to repair MYI files with myisamchk with the parameter '-r'.


root@server[/home/user]# myisamchk /var/lib/mysql/eximstats/sends.MYI
Checking MyISAM file: /var/lib/mysql/eximstats/sends.MYI
Data records: 904 Deleted blocks: 114296
myisamchk: warning: Table is marked as crashed
myisamchk: warning: 19 clients are using or haven't closed the table properly
- check file-size
- check record delete-chain
myisamchk: error: record delete-link-chain corrupted
- check key delete-chain
- check index reference
- check data record references index: 1
myisamchk: error: Found key at page 3105792 that points to record outside datafile
MyISAM-table '/var/lib/mysql/eximstats/sends.MYI' is corrupted
Fix it using switch "-r" or "-o"

root@server[/home/user]# myisamchk /var/lib/mysql/eximstats/sends.MYI -r
- recovering (with sort) MyISAM-table '/var/lib/mysql/eximstats/sends.MYI'
Data records: 904
- Fixing index 1
- Fixing index 2
- Fixing index 3

And it worked suddenly :)

Bookmark/Search this post with

Reference : http://stackoverflow.com/questions/8843776/mysql-table-is-marked-as-crashed-and-last-automatic-repair-failed

Read More

How to Manage your Hard Drive Space

Overview

This document explains several methods to help you manage your server's hard drive space.

Important:

We strongly recommend that you keep at least 10% of your server's available disk space free.

Examine disk space usage

To determine how much available space exists on your server's file systems, run the following command:

df -h

Note:

The df command returns a table that displays basic information about each mounted file system.

• The -h argument returns the results in a human-readable format.

The output will resemble the following example:

1 2 3 4 5 6

root@host [/var/log]# df -h Filesystem            Size  Used Avail Use% Mounted on /dev/mapper/LogVol00  288G  189G   85G  70% / /dev/sda1              99M   47M   48M  50% /boot tmpfs                 252M     0  252M   0% /dev/shm /usr/tmpDSK           485M   11M  449M   3% /tmp

This output displays that the system's main storage device (/dev/mapper/LogVol00) which is mounted in the root (/) directory uses 70% of its available disk space, and contains 85 gigabytes (GB) of free space.

Examine disk space usage by file and directory

To determine which files and directories consume most of your hard drive space, run the following command:

du -sh /

Notes:

• This command displays the estimated disk space of each file and directory that your root directory (/) contains, in human-readable format.
  • The -s argument returns a summary of your present working directory's contents, but does not return each file and directory's disk usage information individually.
  • The -h argument returns the command's results in human-readable format.
  • The slash (/) argument returns the contents of the root (/) directory.
• We recommend that you only run this command in off-peak hours to prevent additional load on your server.

The output will resemble the following example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

root@host [~]# du -sh / 372K   ~ 107M   etc 113 G home 253M   lib 20K   LICENSE 2.6M   locale 16K   lost+found 64K   mbox_backup 8.0K   media 8.0K   mnt 418M   opt 0   proc 12M   pub 4.0K   pub-htaccess.txt 648K   templates 14K   tmp 64K   tools 5.4G   /var

The numbers in the left column represent the sizes of the files and directories that the working directory contains, in human-readable format.

In the example above, the /home directory uses the most disk space, with 113 gigabytes (GB). However, that directory likely contains your cPanel accounts. Since you will most likely not remove your users' data, examine the /var directory for disk usage data. To do this, run the following command:

du -sh /var/*

Note:

In the example above, the asterisk (*) wildcard argument that lists the summarized, human-readable disk usage information for every file and directory in the /var directory.

The output will resemble the following example:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33

12K /var/account 4.0K    /var/aptitude 28K /var/aquota.user 938M    /var/cache 559M    /var/cpanel 4.0K    /var/cvs 24K /var/db 32K /var/empty 8.0K    /var/games 173M    /var/lib 8.0K    /var/local 36K /var/lock 3.7G    /var/log 0   /var/mail 10M /var/named 8.0K    /var/nis 8.0K    /var/opt 44K /var/portsentry 8.0K    /var/preserve 144K    /var/profiles 16K /var/proftpd 16K /var/proftpd.delay 4.0K    /var/proftpd.pid 4.0K    /var/proftpd.scoreboard 8.0K    /var/quota.user 8.0K    /var/racoon 1.2M    /var/run 16M /var/spool 4.0K    /var/state 14K /var/tmp 4.0K    /var/vzquota 44K /var/www 20K /var/yp

The output displays that the /var/logs/ directory uses the most disk space.

Repeat this process to locate more files to remove.

Remove unnecessary files

To clear some disk space, run the rm utility to remove some files from the file system, for example:

Warning:

Exercise caution when you run the rm utility. You cannot recover files or directories that you delete.

rm -f filename

In the example above, filename represents the path to the file or directory to remove. The -f argument forces the file's removal, and the system does notprompt you to confirm that you wish to remove the file. This argument saves time if you use an asterisk (*) as a wildcard to remove multiple files.

For example, to remove an old audit log file, change to the /var/log/audit directory and perform the following steps:

1. Locate the audit.log file that occupies the most disk space. To do this, run the following command:

   du -sh *

   
   The output will resemble the following example:

   1 2 3 4

   1.8M   audit.log 2.1M   audit.log.1 3.1M   audit.log.2 5.1M   audit.log.3

2. Run the following command to remove the audit.log file that occupies the most disk space:

   rm -f audit.log.3

   This command will not return output.
3. Confirm that the audit.log.3 file no longer exists. To do this, run the following command:

   du -h *

   The output will resemble the following example:

   1 2 3

   1.8M   audit.log 5.1M   audit.log.1 5.1M   audit.log.2

Repeat this process until you clear enough disk space.

How to Clean Log Files Before You Enable Log Rotation 

Read More