managedserverlinuxus

offers several Add-ons alongwith an Order. These can be purchased and managed from the Order Information view of the Order.

To Purchase an Add-on

1. Login to your Control Panel, Search for the domain name for which you have purchased this Order and go to the
   Order Information view. See details

2. Click the Manage Add-ons link.

3. Select the Add-on you wish to purchase from the Available Add-ons menu and click the Add button.

4. On the next page, you would be displayed the cost of purchasing the Add-on. Click the Buy Now button.

   Note

   You cannot specify the duration of an Add-on. The duration will the same as that of the Order.

5. Continue to pay for the generated Invoice.

To Delete an Add-on ^{(Anchor: delete)}

If required, you may delete an Add-on as explained below.

1. Login to your Control Panel, Search for the domain name for which you have purchased this Order and go to the
   Order Information view. See details

2. Click the Manage Add-ons link.

3. Click the Delete link, next to the Add-on you wish to delete.

4. Confirm the deletion by clicking the Delete Add-on button.

This article explains the following topics, helpful in stopping spamming from a server [cPanel & Exim mail server]:

• To configure Exim mail server in WebHost Manager

• To control outgoing mail from your server

To configure Exim mail server in WebHost Manager

The configuration page for Exim mail server can be found under Service Configuration in WHM. There are many sections under Exim configuration as listed below:

• ACL options: ACL stands for Access Control Options. These settings affect blacklisting, spam control, and other security-related issues. Enable the following options
  :

  • Dictionary attack protection

  • Ratelimit incoming connections with only failed recipients

  • Require HELO before MAIL

  • Require remote (hostname/IP address) HELO

  If you want stricter rules to be followed for restricting outgoing spam mails, you can enable the Reject SPF failures option.

• Access lists: Here, you can explicitly allow access to your SMTP server for certain hosts, even if they trigger your security measures. This is known as
  whitelisting. Explicitly denying access in a similar fashion is known as blacklisting. Each option in this section has an EDIT link which can optionally be used to whitelist or blacklist a host or IP address.

• Domain and IPs: The Domains and IPs settings let you control which domain names and IP addresses the server will use to send mail. Normally, we don’t recommend any
  changes in this section.

• Filters: Use the options under Filters to adjust attachment filtering and SpamAssassin filters. Options to be enabled are:

  • Attachments: Filter messages with dangerous attachments

  • SpamAssassin: Bounce mail when the spam score is greater than 20

  • SpamAssassin™: Global Subject Rewrite

  If you see too much spam getting through your filters, you can lock them down further by adjusting your internal SpamAssassin score. It is important to note that making any of these changes will affect all email accounts on the entire server.

• Mail: Mail section contains more conditions that can be checked before an e-mail message is sent. Options to be enabled are:

  • Log sender rates in the Exim mainlog

  • Bounce email for users over quota

  • Sender Verification

• RBLs [Real-Time Blocklists]: RBLs are Real-Time Blacklists containing IP addresses that have been known to send large quantities of spam. Enable one or both of these
  RBLs if you would prefer to block such emails at Exim. Spamcop and Spamhaus are the two RBLs listed by default in Exim configuration.

• Security: You should leave the only Security option disabled; turning it on allows weak encryption to be used when connecting via SSL or TLS.

• SpamAssasin options: Options to be enabled are:

  • Forced Global ON (Turn on SpamAssassin for all accounts, i.e., with no option to disable)

  • Scan outgoing messages for spam and reject based on SpamAssassin internal spam_score setting

  • Sender Verification

Once the changes are made in Exim configuration, click Save to submit them.

Controlling Outgoing Mail from the Server

The process below explains how to configure outgoing mails on the server

1. Login to WebHost Manager.

2. Click on Tweak Settings.

3. Scroll to the Mail section.

4. Here, update the parameters mentioned below:

   • Number of messages sent per hour: If you wish to limit the number of messages sent per domain per hour, set the desired value in the Max hourly emails per domain
     field. The default value is 60.

   • Prevent nobody from sending mail: Using this option, you can prevent the user nobody from sending out mail to remote addresses.

     Note

     PHP and CGI scripts generally run as nobody, if you are using mod_php or have Suexec disabled.

   • Number of failed or deferred messages a domain may send before protections can be triggered: When a domain sends this number of failed or deferred messages in an hour,
     and the Maximum percentage of failed or deferred messages a domain may send per hour is also reached, the domain will temporarily be blocked from sending mail.

   • Maximum percentage of failed or deferred messages a domain may send per hour: The maximum percentage of a domain’s outgoing mail that can consist of failed or deferred
     messages. Once the domain exceeds this percentage, it is temporarily blocked from sending mail.

   • Track email origin via X-Source email headers: Track the origin of messages sent through the mail server by adding the X-Source headers (Exim 4.34 or higher required).
     It will be useful when a spam mail gets out and with the help of message headers, you can easily find its source.

   • Email delivery retry time: Time interval between mail server queue runs, the default value being 60 minutes. The default is a retry every hour – but you may
     want to extend this so the server is less strained with larger queues.

   • The percentage of email messages (above the account’s hourly maximum) to queue and retry for delivery: When an account exceeds the maximum number of emails it is allowed
     to send per hour, by default, any additional messages are queued for delivery and sent in the next hour. This setting allows you to limit the number of messages that will be queued by the system. For example, if you set this value to 125%, once the account reaches its hourly limit, Exim will queue any additional messages, up to 125% of the maximum hourly emails per domain value. Once the account reaches 125% of the maximum hourly emails per domain value, any additional outgoing messages are discarded.

You may choose optimize the MySQL sserver at a basic level or at an advanced level.

Basic Optimization

MySQL Server can be optimized at a basic level, using the MySQL tuner script.

1. Download the script using the command:

   wget https://github.com/major/MySQLTuner-perl/zipball/master

2. Now, run the commands:

   unzip master


cd major-MySQLTuner*


chmod +x mysqltuner.pl


perl mysqltuner.pl


The script will check the status of MySQL and update you with the variables that you need to tweak to optimize MySQL.

Advanced Optimization

For advanced level of optimization, you must fine tune your MySQL server based on the applications and resource utilization. Below are some important system variables that need to be tweaked for normal use.

• table_cache: Each time MySQL accesses a table, it stores the table in the cache. Data can be retrieved faster from frequently accessed tables if they are stored in cache.

  You can check whether your system needs to have the table_cache value increased by checking the open_tables and opened_tables status variables during peak time. Use the command:

  SHOW STATUS LIKE “open%tables%”;

  open_tables is the number of tables opened in cache, whereas opened_tables is the total number of tables open. Since MySQL supports multi-threading, several queries might be executed on the same table at the same time. So each of these queries will open a table.

  Default value for table_cache is 64. If you have enough RAM available on your server, you can increase the table_cache value. This will reduce total number of tables open by moving those tables to cache.

• query_cache_size: If you have a MySQL query that is being executed repeatedly by your website, MySQL can be set to cache the results of this query.

  You can enable query caching by setting the server variable query_cache_type to 1 and setting the cache size in the variable query_cache_size. If either of the above is set to 0, query caching will not be enabled.

• key_buffer_size: This is the size of buffer used by all the indexes. Ideally, it should be set to at least a quarter of the memory available or more.

  The optimum solution is to keep the ratio as follows:

  • Key_reads : Key_read_requests should be 1 : 100 and Key_writes / Key_write_requests should always be less than 1.

  • If the Key_reads value is high compared to Key_read_requests, you need to increase key_buffer_size.

  You can get the value of these variables using the command:

  SHOW GLOBAL STATUS where Variable_name like “Key_%”;
+————————+———–+

| Variable_name | Value |

+————————+———–+

| Key_blocks_not_flushed | 0 |

| Key_blocks_unused | 48394 |

| Key_blocks_used | 8078 |

| Key_read_requests | 973911676 |

| Key_reads | 54135 |

| Key_write_requests | 824911 |

| Key_writes | 739554 |

+————————+———–+


• sort_buffer_size: This value improves large and complex sorts. Increase this value for faster ORDER BY or GROUP BY operations. The default value is 2MB.

  Sufficient size of sort_buffer_size allows the sort operations to be performed in memory cache rather than in temp files in hard disks.

• thread_cache_size: If your server has large traffic on MySQL server, then the server will create a lot of new threads at a very high rate. This may take up a lot of CPU
  time. When a connection disconnects, the threads are put in the cache and a new thread is taken from this cache.

  If the value of the Threads_created status variable is large, you may want to increase value for the thread_cache_size system variable. The cache hit rate can be calculated using the commands:

  SHOW GLOBAL STATUS where Variable_name like “Connections”;


SHOW GLOBAL STATUS where Variable_name like “Threads_created”;


• read_rnd_buffer_size: This is used after a sort operation, to read the rows in the sorted order. If your application has a lot of queries with ORDER BY, increasing value
  of this variable can improve the performance. This buffer is also at a per client basis. The default value for read_rnd_buffer_size is 128K. General rule is to allot 1MB of read_rnd_buffer_size for every 1GB memory in server.

• tmp_table_size: Sometimes, a temporary table needs to be created for executing a statement. This variable determines the maximum size for a temporary table in memory.

  Always try to avoid temporary table creation by optimizing your query. But if it is unavoidable, make sure that the table is created in the memory. If the memory is not sufficient, a MyISAM table will be created in the disk. If a large number of tables are created in the disk, you need to increase your tmp_table_size. You can also check the status variables Created_tmp_disk_tables and Created_tmp_tables. Created_tmp_disk_tables is the number of temporary tables created on disk while executing a statement, while Created_tmp_tables is the number of in-memory tables created.

  Use the commands:

  SHOW GLOBAL STATUS where Variable_name like “Created_tmp_disk_tables”;


SHOW GLOBAL STATUS where Variable_name like “Created_tmp_tables”;


The efficiency with which Apache runs with can be greatly improved with a few small tweaks in the Apache configuration file. Below are the major parameters that can be tweaked to improve the performance of the server.

• Timeout: This directive is used to define the amount of time Apache will wait for a GET, POST, PUT request and acknowledges on transmissions before automatically disconnecting, when idle time exceeds this value. This value is set to 120 to improve performance in heavily loaded servers. It is recommended to set this value lower if your clients have low latencies. Some times, setting this directive to a low value may cause problems, depending on your network and server setup. The best option is to experiment with different values to find the one that fits your need.

• KeepAlive: This directive, if set to On, enables persistent connections on the web server. For better performance, it is recommended to set this option to On and allow more than one request per connection. In the original HTTP specification, every HTTP request had to establish a separate connection to the server. This reduced the overhead of frequent connects to the server for multiple HTTP requests.

• MaxKeepAliveRequests: This directive is used to define the number of requests allowed per connection when the KeepAlive option is set to On. Socket connections will be terminated when the number of requests set by the MaxKeepAliveRequests directive is reached. When the value of this option is set to 0, unlimited requests are allowed on the server. For server performance, it is recommended to allow unlimited requests.

• KeepAliveTimeout: This directive is used to define how much time (in seconds) Apache will wait for a subsequent request before closing the connection. Once a request has been received, the timeout value specified by the Timeout directive applies. The value of 10 seconds is a good average for server performance. This value should be kept low as the socket will be idle for extended periods otherwise.

• StartServers: This directive is used to define the number of child server processes that will be created by Apache on start-up. As the number of processes with Apache 2.x is dynamically controlled depending on the load, there is usually little reason to adjust this parameter now. Normally a default value of 5 is set for this parameter.

• MaxClients: This directive is used to define the limit on the number of child processes that will be created to serve requests. By default, up to 512 HTTP requests can be handled concurrently. Any further connection requests are queued. For high load operation, a value of 512 is recommended. For standard use, you can set the value to 256.

• ServerLimit: This directive is used to define the maximum configured value for the MaxClients directive for the lifetime of the Apache process. It is important to note that any attempts to change this directive during a restart will be ignored, but the MaxClients directive can be modified during a restart of the server. For high load operation, a value of 1024 is highly recommended. For standard use, you can set the value to 256.

  Special care must be taken when using this directive. If it is set to a value much higher than necessary, extra, unused shared memory will be allocated. If both ServerLimit and MaxClients directives are set to values higher than the system can handle, Apache may not start or the system may become unstable.

• MinSpareServers: This directive is used to define the minimum number of idle child server processes that should be created. An idle process is one which is not handling a request. If there are fewer idle processes than the MinSpareServers value, the parent process creates new children at a maximum rate of 1 per second.

• MaxSpareServers: This directive is used to define the maximum number of idle child server processes that should be created. If there are more idle processes than the MaxSpareServers value, then the parent process will kill off the excess processes and these extra processes will be terminated.

• MaxRequestsPerChild: This option is used to define the number of requests that an individual child server process will handle. This value can be set to 0 to get the maximum performance and scalability for the server.

ClamAV is an open source (GPL) antivirus engine designed for detecting trojans, viruses, malware and other malicious threats.

To Install ClamAV for Non-cPanel Servers

1. Install EPEL Repo using the command:

   rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

   This will create an EPEL Repo file /etc/yum.repos.d/epel.repo.

2. Install required ClamAV packages.

   yum install clamav clamd

3. Start the clamd service and set it to auto-start.

   /etc/init.d/clamd on


chkconfig clamd on


/etc/init.d/clamd start


4. Update ClamAV signatures using the command:

   /usr/bin/freshclam

Now, you can configure daily scan as given below:

1. Create a cron file using the command

   vim /etc/cron.daily/manual_clamscan

2. Add the following lines in the file /etc/cron.daily/manual_clamscan:

   #!/bin/bash

SCAN_DIR=”/home”

LOG_FILE=”/var/log/clamav/manual_clamscan.log”

/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE



   Note

   You need to change SCAN_DIR to the directory that you want to scan.

3. Set executable permission for the cron script using the command:

   chmod +x /etc/cron.daily/manual_clamscan

To Install ClamAV for cPanel Servers

1. Login to your WHM panel as the root user.

2. Click the cPanel icon.

3. Select Manage Plugins. This will bring up a list of additional cPanel modules.

4. Select the checkbox next to ClamAV Install and Keep Updated.

5. Submit the settings by clicking Save.

Listed below are some important options for Clamscan:

• -h, –help: Print help information and exit

• -v, –verbose: Be verbose

• -l FILE, –log=FILE: Save scan report to FILE

• -f FILE, –file-list=FILE: Scan files listed line by line in FILE

• -r, –recursive: Scan directories recursively. All the subdirectories in the given directory will be scanned. These options can be used multiple times.

• -i: Print infected files

• –remove[=yes/no(*)]: Remove infected files

• –move=DIRECTORY: Move infected files into DIRECTORY. Directory must be writeable for the user or unprivileged user running clamscan.

• –copy=DIRECTORY: Copy infected files into DIRECTORY. Directory must be writeable for the user or unprivileged user running clamscan.

Linux Malware Detect (LMD) or Maldet is a malware scanner for Linux released under the GNU GPLv2 (free, open source) license, that is designed around the threats faced in hosting environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature, threats found on the TCH network of over 30,000 hosted domains and from malware community resources.

To install Maldet

1. Change the present working directory to /usr/local/src using the command below. You may choose any other directory of your choice, where you want the installation script to be downloaded.

   cd /usr/local/src

2. Run the below command to download the archive file to the present working directory:

   wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

3. Extract the files using the command:

   tar -xzf maldetect-current.tar.gz

4. Go to the Maldet directory using the command:

   cd maldetect-*

5. Run the installation script:

   sh ./install.sh

Sample Output:


Linux Malware Detect v1.3.4

(C) 1999-2010, R-fx Networks


(C) 2010, Ryan MacDonald

inotifywait (C) 2007, Rohan McGovern



This program may be freely redistributed under the terms of the GNU GPL



installation completed to /usr/local/maldetect

config file: /usr/local/maldetect/conf.maldet

exec file: /usr/local/maldetect/maldet

exec link: /usr/local/sbin/maldet

cron.daily: /etc/cron.daily/maldet

maldet(32517): {sigup} performing signature update check…

maldet(32517): {sigup} local signature set is version 2010051510029

maldet(32517): {sigup} latest signature set already installed



To configure LMD

By default, all options are fully commented in the configuration file (/usr/local/maldetect/conf.maldet). You can configure them as per your requirement. Various options are listed below:

• email_alert: Set it to 1 to receive email alerts.

• email_subj: Specify your email subject.

• email_addr: Add your email address to receive malware alerts.

• quar_hits: This is the default quarantine action for malware hits and should be set to 1.

• quar_clean: This is the cleaning action for detected malware injections and should be set to 1.

• quar_susp: This is the default suspend action for users with hits. Set it as per your requirement.

• quar_susp_minuid: Minimum userid that can be suspended.

You can update Maldet, using the command:

maldet -u or maldet -d

To Scan using Maldet

• To scan the files of a particular user, use the command:

  maldet -a /home/username/

• To scan all users under /home/public_html, use the command:

  maldet –scan-all /home?/?/public_html

• To attempt a clean on all malware results from a previous scan that did not have the feature enabled, use the command:

  maldet –clean SCANID

Description

Use this method to get details of the pricing for the Managed Server Linux plans for your Customers.

Response

Returns a map with the prices of the Managed Server Linux plans along with the prices of the other products.

The response structure for the Managed Server Linux product will be:

"productkey":
{
"addons":
{
"addon1-name":price,
"addon2-name":price
},
"plans":
{
"planid":
{
"action":
{
"tenure-in-months":price
},
}
}
}

Example:

"managedserverlinuxus":
{
"addons":
{
"storage_1":0.0,
"cpanel":0.0,
"whmcs":0.0,
"ipaddress":0.0,
"storage_5":0.0,
"storage_4":0.0,
"storage_3":0.0,
"storage_2":0.0
},
"plans":
{
"300011":
{
"renew":
{
"1":0.0
},
"add":
{
"1":0.0
}
},
"300012":
{
"renew":
{
"1":0.0
},
"add":
{
"1":0.0
}
}
"300013":
{
"renew":
{
"1":0.0
},
"add":
{
"1":0.0
}
}
"300014":
{
"renew":
{
"1":0.0
},
"add":
{
"1":0.0
}
}
}
}

Description

Gets a list and details of the Managed Server Linux Orders matching the search criteria.

Parameters

HTTP Method

GET

Example Test URL Request


https://test.httpapi.com/api/managedserver/linux/us/search.json?auth-userid=0&api-key=key&no-of-records=1&page-no=1


Response

Returns a hash map containing the below details of the Managed Server Linux Orders which match the search criteria:

• Domain Name (entity.description)

• Order Id (orders.orderid)

• Customer Id (entity.customerid)

• Order Creation Timestamp (orders.creationtime)

• Order Expiry Timestamp (orders.endtime)

• Current Order Status (entity.currentstatus) - value will be InActive, Active, Suspended or Deleted

• Product Name (entitytype.entitytypename)

• Product Key (entitytype.entitytypekey)

• Type of Operating System (hosting_group_info.os_type)

• Data Center location for the Managed Server (hosting_group_info.location)

In case of any errors, a status key with value as ERROR alongwith an error message will be returned.

Description

Gets the associated Managed Server Linux Order ID for the specified domain name.

Parameters

HTTP Method

GET

Example Test URL Request


https://test.httpapi.com/api/managedserver/linux/us/orderid.json?auth-userid=0&api-key=key&domain-name=domainname.asia


Response

Returns the associated Managed Server Linux Order ID (Integer) of the domain name.

Description

Use this method to get details of your plans.

Response

Returns details of the plans of the Managed Server Linux product, along with the plan details of other Products of the Reseller.

Example:

The response structure for the Managed Server Linux product will be:

"managedserverlinuxus":
{
"plan-id":
{
"supported_os":
[
{
"os_display_name":"OS Display Name",
"os_name":"OS Name",
"addons":
[
{
"addon_name":"storage_1",
"type":"SATA",
"is_paid":(true or false),
"space":51200,
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"storage_2",
"type":"SATA",
"is_paid":(true or false),
"space":102400,
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"storage_3",
"type":"SATA",
"is_paid":(true or false),
"space":204800,
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"storage_4",
"type":"SATA",
"is_paid":(true or false),
"space":307200,
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"storage_5",
"type":"SATA",
"is_paid":(true or false),
"space":512000,
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"ipaddress",
"is_paid":(true or false),
"free_quantity":2,
"conflicting_addon_names":[]
},
{
"addon_name":"cpanel",
"is_paid":(false),
"free_quantity":0,
"conflicting_addon_names":[]
},
{
"addon_name":"whmcs",
"is_paid":(true or false),
"free_quantity":0,
"conflicting_addon_names":[]
}
],
"is_default"(true or false)
}
],
"plan_name":"Plan Name",
"plan_status":"Active",*
"bandwidth":value,
"ram":
{
"ram_memory":value,
"ram_type":"RAM Type"
},
"storage":
{
"storage_raid_level":value,
"storage_space":value,
"storage_type":"SATA"
},
"cpu":
{
"cpu_speed":"value",
"cpu_hyper_threaded":(true or false),
"cpu_processor_type":"Processor Type",
"cpu_cores":value
}
}
}