Helpdesk Support

Official Supportmonk Company Blog!

Changing container ID in Openvz servers

June 9, 2017 , 11:51 am

I was migrating one container from machine to another and accidentally i found that there are two similar container ID on the two machines e.g. 101 on both machines. Migration does not allow migrating a container if the same ID on the other machine exists.

I followed the steps below to change CTID from 101 to 102:

root@host# vzctl chkpnt 101 –dumpfile /tmp/Dump.101
root@host# mv /etc/vz/conf/101.conf /etc/vz/conf/102.conf
root@host# mv /vz/private/101 /vz/private/102
root@host# mv /vz/root/101 /vz/root/102
root@host# vzctl restore 102 –dumpfile /tmp/Dump.101


That’s all, now I’ve changed the container ID of VM from 101 to 102.

Paper Lantern showing set but showing x3 style in cPanel

June 9, 2017 , 11:50 am

As you know cPanel has stopped x3 theme and made paper lantern the default style, they have introduced “Retro Style” for Paper Lantern.  The Retro style makes Paper Lantern look like X3 so that if you prefer the old and trusted appearance of X3, you can feel at home even when using Paper Lantern.  It’s not a perfect implementation of X3, but with the silver chrome borders, blue-teal gradients, electro-blue world map page headers, and bubbly application icons, Paper Lantern can have the same familiarity that so many of our customers crave. Some might get confused as why cpanel shows X3 look even with Paper lantern enabled.

You can  switch to Default Style of Paper lantern for those accounts which have Retro Style enabled by following method :

#cd /home/$user/var/cpanel/styled    (replace $user with cPanel username)
In the Styled directory if you list the files you will see a link as blow:

# ls -l 

lrwxrwxrwx 1 $user $user 58 Apr 27  2016 current_style -> /usr/local/cpanel/base/frontend/paper_lantern/styled/retro/

Just unlink current_style and it rolls back to default style of paper lantern.

# unlink current_style
Now re-login to your cPanel account and you will see the default sPaper lantern Style.

ezchimp: WHMCS – Mailchimp integration

February 10, 2017 , 4:30 pm

ezchimp is a WHMCS addon module which integrates with Mailchimp for newsletters and mailing lists for your clients in WHMCS. Clients can subscribe/unsubscribe to your newsletters or mailing lists and interest groups in Mailchimp during signup or via their client area. Auto updates Mailchimp subscription when clients change their email address or add contact / sub-account. Auto-subscribe customers purchasing products in specific product groups to corresponding mailing list and interest group. Supports subscribe/unsubscribe, multiple mailing lists and interest groups, multi-language.

Download ezchimp for only $30 including 1 year free support and updates! And it is open source, licensed under GPLv3.

NOTE: For WHMCS versions less than 7, use version 1.

When clients sign up, they will get the options like this:

Mailing list registration options

Mailing list registration options

Clients will also get the mailing list and interest group options in their client area:

Client area mailing list options

Client area mailing list options

Follow on twitter for updates: ezchimp

Get it here for only $30 including 1 year free support and updates!

Steps to setup:

  1. Download and extract the ezchimp.tar.gz file into your modules/addons/ folder within your WHMCS directory.
  2. Move the ezchimp_webhook.php file to your WHMCS root directory (eg: /home/username/public_html/whmcs). Test and make sure is giving a blank page instead of any errors such as internal server error (500). If it does, check and fix the ownership (should be owned by the domain’s username on a cpanel server for example), permission (try 555) etc so that it works.
  3. Go to WHMCS admin -> Setup -> Addon Modules and “activate” the module listed as “MailChimp newsletter”
  4. Set the WHMCS base URL (eg:, since version 1.6 only, not displayed in screenshot below).
  5. After successful activation enter you MailChimp API key and set access control below in the same page:
    ezchimp addon configuration

    ezchimp addon configuration

  6. Go to “Addons” -> “MailChimp newsletter” and configure the settings as necessary:
    ezchimp settings

    ezchimp settings

  7. Click on “Lists & Groups” in right menu to display all mailing lists and interest groups in your Mailchimp account:
    ezchimp lists config

    ezchimp lists config

  8. Enable those you need to make available for your clients in WHMCS. Give an alias as you wish. If you do not specify an alias, the name of the interest group (or the name of the list if there are no interest groups in it) will be used.
  9. The “Status” link in side menu will display the subscription status of your clients and their sub-contacts to mailing lists and interest groups:
    echimp subscription status

    echimp subscription status

  10. Use the “Tools” link to initially subscribe existing clients after a fresh activation of ezchimp module:
    ezchimp tools

    ezchimp tools

    All text can be modified by editing the file english.php in the ezchimp/lang/ folder. You may also add support for other languages by creating a new file for the language in ezchimp/lang/ folder.

How to upgrade Mysql 5.1 to 5.4 and phpmyadmin on Zpanel?

August 9, 2016 , 6:27 pm

Here is the steps to upgrade Mysql.

   1. Login to your server as root
2. cd /etc/yum.repos.d
3. wget
4. yum –enablerepo=remi update mysql-server
5. mysql_update -u root -p
6. cd /etc/zpanel/panel/etc/apps
7. Rename the existing phpmyadmin folder and create a new folder.
mv phpmyadmin phpmyadmin_old
mkdir phpmyadmin
8. Download the phpmyadmin to your desktop
9. Login to WinSCP and access /etc/zpanel/panel/etc/apps/phpmyadmin then upload all files
10. Copy the file from phpmyadmin_old to phpmyadmin folder and delete the old folder.

Critical glibc buffer overflow vulnerability in getaddrinfo() on Linux

February 17, 2016 , 3:58 pm

It’s time for a new DNS-based remote code execution vulnerability after “Ghost” vulnerability (CVE-2015-0235).  This was discovered by the Google Security Team and Red Hat.

We can divide this “Critical glibc buffer overflow vulnerability” into two.


1. CVE-2015-7547                           2. CVE-2015-5229


It’s noticed that all the versions of glibc since 2.9 are affected by this attack. You can get rid of this vulnerability by updating glibc version.

Vulnerability in detail


A stack-based buffer overflow was found in libresolv in the code which performs dual A/AAAA DNS queries. A remote attacker could create specially crafted DNS responses which could cause libresolv to crash or potentially execute code with the permissions of the user running the library. The buffer overflow occurs in the function send_dg (for UDP queries) and send_vc (for TCP queries) in libresolv. The issue is only exposed when libresolv is called from the nss_dns NSS service module. CVE-2015-7547)

It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes. (CVE-2015-5229)


Affected Products


All versions of the glibc package included with Red Hat Enterprise Linux 6 and 7 were affected by this flaw.

          Red Hat Enterprise Linux 6 & CentOS 6       : RHSA-2016:0175-1

Red Hat Enterprise Linux 7 & CentOS 7       : RHSA-2016:0176-1

Debian Squeeze, Wheezy, Jessy & Stretch    : CVE-2015-7547

Ubuntu 12.04 & 14.04                                       : CVE-2015-7547


How this Vulnerability occur / Possible way of Attack?


DNS requests are the root cause of this problem. ie, If the DNS server responds with a maliciously crafted response, each of this DNS request could trigger the exploit.

               >>> SSH logins           :   On each SSH login,  reverse DNS lookups are performed

>>> Mail servers           : For every incoming connections are checked for reverse DNS, DNS blacklists, SPF records are checked, …

>>> Curl requests on a server  : If an application allows user-input that triggers HTTP(s) fetches, this could trigger the exploit.

How to patch server?


If you are using a Red Hat Enterprise Linux, then you can update glibc via yum using the readily available packages.

If the package is available, run the following:

                     $ yum clean all

$ yum update glibc

After the update, you should reboot the system or restart all the public facing services.

ie, In case you are unable to restart the entire system after applying the update, execute the following command to list all running processes still using the old [in-memory] version of glibc on your system.

                  lsof +c0 -d DEL | awk ‘NR==1 || /libc-/ {print $2,$1,$4,$NF}’ | column -t

From the resulting list, identify the public-facing services and restart them.

For Red Hat Enterprise Linux 7 and CentOS 7 —  You can patch the server by reloading systemd after glibc update.

              $ systemctl daemon-reexec

Open SSH client bug CVE-2016-0777 – Security Update Issued

January 15, 2016 , 5:25 pm

A critical flaw has been identified in the OpenSSH CLIENT that could lead to serious security implications.

How to fix?
Add the option ‘UseRoaming no’ to your /etc/ssh/ssh_config file or start your ssh client with -oUseRoaming=no included on the ssh command line.

                           ie, echo ‘UseRoaming no’ >> /etc/ssh/ssh_config
sudo sh -c ‘echo UseRoaming \”no\” >> /etc/ssh/ssh_config’

It’s being reported that it effects only on Centos 7 servers and they can update OpenSSH using yum.

           #yum update openssh

Flash megaraid firmware

November 18, 2015 , 10:47 pm

In this article, I would like to discuss how to  flash megaraid firmware in this article. Here we need to upgrade megaraid-sas-9271-4i.

You can download the firmware from their website at

Download the exact firmware depends on your product version and unzip it. You can find the .rom files and readme files for that version.

[root@server ~]# wget

[root@server ~]# unzip


Using the followig command, you can flash firmware on your machine.

[root@server ~]# MegaCli -adpfwflash -f mr2208fw.rom -a0

To verify the firware version, you can run the command given below.
[root@server ~]# MegaCli64 -AdpAllinfo -aAll

OpenVPN using PPTPD on OPenVZ

October 20, 2015 , 1:15 pm

Add PPP Kernel Support To OpenVZ Containers

On MainNode

1. Enabling PPP Kernel Modules On The Host

 modprobe tun
modprobe ppp-compress-18
modprobe ppp_mppe
modprobe ppp_deflate
modprobe ppp_async
modprobe pppoatm
modprobe ppp_generic

2. Get the CTID for the openVZ Container  and execute the following steps

  vzctl stop 101
vzctl set 101 –features ppp:on –save
vzctl start 101
vzctl set 101 –devices c:108:0:rw –save
vzctl exec 101 mknod /dev/ppp c 108 0
vzctl exec 101 chmod 600 /dev/ppp

Install VPN using PPTPD

1. Install PPTPD

  yum install pppcd
apt-get install pptpd
cd /usr/local/src
rpm -Uhv pptpd-1.3.4-2.rhel5.x86_64.rpm

2. Edit IP setttings in /etc/pptpd.conf

     vi /etc/pptpd.conf

3. Add user account in/etc/ppp/chap-secrets  

    vi /etc/ppp/chap-secrets
user1 pptpd p@ss1 *
user2 pptpd p@ss2 *

4. Optional settings in /etc/ppp/options.pptpd

vi /etc/ppp/options.pptpd

5. Enable network forwarding in /etc/sysctl.conf

 vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p

6. Configure firewall

iptables -A INPUT –i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT –i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD –i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD –i eth0 -o ppp+ -j ACCEPT

service iptables save
service iptables restart

If you are using CSF firewall, then Config CSF Firewall

How to configure CSF firewall?

    1. Create File

vi /etc/csf/

iptables -A INPUT –i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT –i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD –i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD –i eth0 -o ppp+ -j ACCEPT


 2. chmod 777 /etc/csf/

3. Create File

vi /etc/csf/

service pptpd stop

service pptpd start

4. chmod 777 /etc/csf/


7. Restart CSF

8. Start VPN

service pptpd restart
chkconfig pptpd on

FTP upload scanner for cPanel servers

September 7, 2015 , 10:18 pm


Popular CMSs like wordpress,Joomla are always notorious for being hacked. Since so many sites use them, they are constantly being searched for vulnerabilities and malware codes appended to the account.Older versions of scripts will sometimes have security vulnerabilities so those scripts has to be updated. But in most cases we won’t be able to do the update on the installed plugins as it effect the layout of the site and might require some coding knowledge. So its always a good idea to set up proper auditing on these accounts.

Getting and installing a malware scanner in place on your web/FTP server is something that needs to be done as a priority, pretty much as soon as the server is set up as the proverb says  ‘Prevention is better than cure’. If you are on shared hosting then this will probably not be possible as you don’t control what you can install on a global basis but your host provider should provide some type of malware scanner solution.

If you are on a VPS or Dedicated Server plan than you certainly are in a postion to set up your own solutions.

Here we are discussing the steps to set up the custom FTP scan script, as we already have several method to monitor the web uploads like modsecurity,cxs etc.

This is a custom script which integrating the maldet with the (Linux Malware Detect) FTP service and providing a real time monitoring on the FTP uploads.So every file upload will be scanned before they get added to the user account.

Please note that this script need to have maldet and proftp configured on your server.

Here is the installtion script for the FTP upload scan


chown -R root.nobody /usr/local/maldetect
find /usr/local/maldetect -type f -exec chmod 775 {} ‘;’
find /usr/local/maldetect -type d -exec chmod 775 {} ‘;’

if [ -f /etc/proftpd.conf ]; then
echo “Pureftpd not running on `hostname`” | mail -s “WARNING proftpd running on `hostname`” $staff_email
echo “Proftpd running on server”
echo “Pureftpd running on server”

cp /etc/pure-ftpd.conf /etc/pure-ftpd.conf.`date +%F`
sed -i ‘/CallUploadScript/ d’ /etc/pure-ftpd.conf
echo “CallUploadScript yes” >> /etc/pure-ftpd.conf

cp /etc/rc.d/init.d/pure-ftpd /etc/rc.d/init.d/pure-ftpd.`date +%F`
wget -O /etc/rc.d/init.d/pure-ftpd
wget -O /etc/pure-ftpd/

chmod 755 /etc/pure-ftpd/
chmod 755  /etc/rc.d/init.d/pure-ftpd

/etc/rc.d/init.d/pure-ftpd restart

result=`ps ax |  grep  “”  | grep -v grep | grep -o pure-uploadscript | uniq`
if [[ “$result”  = “pure-uploadscript” && -f /etc/pure-ftpd/ ]]; then
echo “SUCCESS `hostname` Pureftpd configured with maldet scan” | mail -s “SUCCESS `hostname` Pureftpd configured with maldet scan” $staff_email

echo “CRITICAL: Failed to configure FTP scan `hostname`” | mail -s “CRITICAL: Failed to configure FTP scan on `hostname`” $staff_email

You need to specify the staff mail to get the installation mail and it will restart the FTP service with the new scan feature.

There is no need to initiate the upload check as it is already appended to the pureftp statup script.

Whenever there is a malware file uploaded to the account through FTP, you will  get a notification on the staff mail and the file will be quarantined.

That’s it!!


July 17, 2015 , 11:23 am

    Htscanner is an apache module which helps to specify php parametes via .htaccess for suphp handlers.

Requirements for installing htscanner
PHP version 5.2.0 or greater.

How to install Htscanner?
1. wget
2. tar -zxf htscanner-1.0.0.tgz
3. cd htscanner-1.0.0
4. phpize
5. ./configure –enable-htscanner –with-php-config=/usr/bin/php-config
6. make
7. make install
8. Collect the extension_di from the “make install” output.
9. In php.ini add

                       extension_dir = “/usr/lib/php/extensions/no-debug-non-zts-20060613//”
                       extension = “”
                       config_file = “.htaccess”


10. Add the following line in a .htaccess and see  it is working in a phpinfo page.                       
php_value register_globals Off

11. Go to the unzipped package location
12. Make sure apache has mod_so
/usr/local/apache/bin/httpd -l | grep mod_so.c
13. Then Compile the module.
                             /usr/local/apache/bin/apxs -c -a -i mod_htscanner2.c
14. Restart apache
                           /usr/local/apache/bin/apachectl restart
15. Test the apache conf
                             /usr/local/apache/bin/apachectl configtest
16. Update the apache parameters
                           /usr/local/cpanel/bin/apache_conf_distiller –update

17. Search the in httpd.conf

                       grep /usr/local/apache/conf/httpd.conf
18. Output
LoadModule htscanner_module   modules/
Envelope Icon

Get Updates Your Email!

Subscribe to Supportmonk and receive blog posts to your email!

Subscribe Via Email

SupportMonk on Facebook

Outsourced Customer Support