Manual Certbot DNS challenge

Useful for servers behind residential internet, where port 80 is blocked, after the deprecation of TLS-SNI-01 challenge. certbot -d mydomain.com –manual –preferred-challenges dns certonly After you run this command, you need to add the domain control validation (DCV) DNS entry.

Using LFTP – ignore SSL certificates

Issue – connecting to a FTPS server with a shared SSL certificate, like cPanel. Here is the solution Create a file named rc in ~/.lftp and add the line: set ssl:verify-certificate no connect to FTPS server using lftp command lftp -u user hostname.example.com How to install lftp: sudo apt install lftp or yum install lftp … Read more

PureFTP cPanel restart error: Couldn’t load the DH parameters file

This is related to cPanel  [CPANEL-23772] Pure-FTPd Couldn’t load the DH parameters file issue. Here is how to fix: openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048 /scripts/restartsrv_pureftpd Here are the default Cyphers for cPanel FTP server: HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3

The cPanel checkallsslcerts Script

/usr/local/cpanel/bin/checkallsslcerts The system runs the /usr/local/cpanel/bin/checkallsslcerts script during the nightly cPanel & WHM update (upcp) process. This script performs the following actions: Installs a cPanel-signed hostname certificate on the server, if one does not exist. Updates the SSL certificate for all cPanel & WHM services. Issues a Comodo signed SSL certificate on any server with … Read more

.htaccess exceptions for AutoSSL and Let’s Encrypt

for Let’s Encrypt RewriteEngine On RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] for cPanel AutoSSL RewriteEngine On RewriteCond %{REQUEST_URI} !\.well-known/pki-validation RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

Fix cPanel account permissions script

How to use PeachFlame script to fix cPanel account permissions: To get the fixperms script, simply wget the file from GitHub and make sure it’s executable: wget https://raw.githubusercontent.com/PeachFlame/cPanel-fixperms/master/fixperms.sh chmod +x fixperms.sh Fixperms – for all of the users If you would like fix the permissions for every user on your cPanel server, simply use the … Read more

Retry time not reached for any host after a long failure period

Exim issue most likely due to a corrupt Exim db. Symptom: Bounced emails with the message: “retry time not reached for any host after a long failure period” Solution: For cPanel: cd /var/spool/exim/db rm -f retry retry.lockfile rm -f wait-remote_smtp wait-remote_smtp.lockfile service exim restart For Linux: /usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null /usr/sbin/exim_tidydb -t … Read more

Clear systemd journal /var/log/journal

Systemd logs that are stored in /var/log/journal can be cleared by using journalctl command. Here are some useful commands To find out the size of the log folder: du -sh /var/log/journal/ Clear systemd journals older than n days: journalctl –vacuum-time=30d Clear systemd journals if they exceed n storage space: journalctl –vacuum-size=1G

Mirror offline HTML website with WGET

This is an example how to convert a website in STATIC HTML: wget –mirror –convert-links –adjust-extension –page-requisites –no-parent http://mywebsite.ca –mirror – Makes (among other things) the download recursive. –convert-links – convert all the links (also to stuff like CSS stylesheets) to relative, so it will be suitable for offline viewing. –adjust-extension – Adds suitable extensions … Read more

Autostart Virtualbox Machine

Edit the config file nano /etc/default/virtualbox Add the lines: VBOXAUTOSTART_DB=/etc/vboxVBOXAUTOSTART_CONFIG=/etc/vbox/autostart.cfg Fix permissions: chgrp vboxusers /etc/vboxchmod 1775 /etc/vbox Start and enable the service: systemctl start vboxautostart-servicesystemctl enable vboxautostart-service

Use RemoteBox on Ubuntu

Download RemoteBox wget http://remotebox.knobgoblin.org.uk/downloads/RemoteBox-2.6.tar.bz2 Ensure the required dependencies are installed as follows: apt-get install libgtk2-perl libsoap-lite-perl freerdp-x11 tigervnc-viewer To launch RemoteBox, unpack the previously downloaded RemoteBox tarball and run the ‘remotebox’ executable. vboxweb-service need to be installed and active on the target server. The following article describe how to install a Headless Server on CentOS … Read more