After installing WHM on EC2 I started to setup the individual CPanel accounts with FTP accounts.

When trying to connect via FTP with a new account I got the following error with Filezilla:

‘Failed to Retrieve Directory Listing’

From carrying out some research it turns out that a range of passive ports need to be added to your Security Group. To find the passive port range used by Pure-FTP, shell into the servers and run the following:

vim /etc/pure-ftpd.conf

Search for Passive and you should see (version 60 of WHM):

PassivePortRange 49152 65534

Add this port range (49152 – 65534) to your Security Group and test with FileZilla.

* Make sure ForcePassiveIP is set to the correct external IP

**Try to lock down the passive port range to an IP range where possible

Simple guide to installing CPanel (WHM) on an Amazon EC2 instance.

Add and configure a VPC

1. Networking & Content Delivery > VPC
2. Start VPC Wizard > Select
3. Set CIDR to range of your choosing
4. Give a relevant name
5. Create VPC

Add and configure a Security Group:

1. Networking & Content Delivery > VPC > Security > Security Groups
2. Create Security Group
   1. Give relevant name, group and description
   2. Select previously created VPC
   3. Yes, Create
3. Highlight the newly created Group
   1. Inbound Rules (scroll down) > Edit
   2. Add rules for the following ports:

• 80
• 22
• 2083 – for CPanel
• 2087 – for WHM

*I would suggest setting the Source to ‘My IP’ until testing is complete

For this tutorial I worked with Linux Malware Detect and ClamAV.

Linux Malware Detect runs against a database of known malware exploits from an updated registry maintained by Team Cymru. ClamAV helps accelerate the speed of scanning.

Setup Linux Malware Detect

Download Malware Detect:

wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract:

tar -xvf maldetect-current.tar.gz

Install:

./maldetect-1.4.2/install.sh

Configure Linux Malware Detect. Set toggle to 1, update subject line and enter email address:

vim /usr/local/maldetect/conf.maldet

# [ EMAIL ALERTS ]
##
# The default email alert toggle
# [0 = disabled, 1 = enabled]
email_alert=1

# The subject line for email alerts
email_subj="Malware Detect Subject Line $(hostname)"

# The destination addresses for email alerts
# [ values are comma (,) spaced ]
email_addr="you@domain.com"

Set scan to run daily with cron:

/etc/cron.daily/maldet

This cron job will update the malware registry it initially downloaded including any new malware threats and also scan all home directories on the server. If anything is found you will get an email about it telling you the path to the offending file.

Manual Scanning

Scan specific directory:

maldet -a /home/homedir/public_html/

Scan all directories using a wildcard:

maldet -a /home/?/public_html/

Use ClamAV as Scanner Engine on WHM/cPanel

Link Linux Malware Detect to proper ClamAV location:

ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/bin/clamscan

Now when you scan it should be a good bit faster.

Simple steps to renew VPS cPanel & WHM License:

1. Renew license through http://store.cpanel.net

2. Verify license is active here:

http://verify.cpanel.net/

3. Done!

Following on from our previous post (https://www.linuxtutorial.co.uk/cpanel-mysql-backup-script/) there is another script for the full backup of CPanel web directories.

The original post is taken from http://r00t3r.com/cpanel-full-backup-cron-script-for-automated-backups/ which contains a link to download the PHP files.

The main file to worry about is the config.php which contains a cpanel section:

// CPANEL ACCOUNT TO BACKUP
define( 'CPANEL_SERVER_ADDRESS',		'abc.def.ghj.mnp' );	// IP address or domain name for the server with the cPanel account
define( 'CPANEL_PORT_NUM',				'2083' );	// The port number for the cPanel. If you have problems, try 2082
define( 'CPANEL_ADMIN_USERNAME',		'admin-username' );	// the admin username for your cPanel account
define( 'CPANEL_ADMIN_PASSWORD',		'veryStrongPassword' ); // the admin password for your cPanel account

and the FTP server section:

define( 'FTP_SERVER_ADDRESS',			'npq.rst.uvw.xyz' );     // IP address or URL of the FTP server
define( 'FTP_SERVER_PORT',			'21' );			 // FTP(S) Port. Default is 21.
define( 'FTP_USERNAME',				'ftp-username' );	 // FTP Username
define( 'FTP_PASSWORD',				'ftp-password' );	 // FTP Password
define( 'FTP_PATH_TO_COPY',			'/ftp/path/to/copy/' );	 // FTP Path (where do you want to copy the files?)

Simply enter in your CPanel and FTP server account details to this PHP script.

Once in place setup the cron job to run on a regular basis e.g.

1 1 * * * php -q /home/user/path_to_phpscript/cpanelbackup.php