CyberPanel – RMalis Website Design and Optimization https://rmalis.com Sun, 12 Feb 2023 16:55:36 +0000 en-US hourly 1 https://rmalis.com/wp-content/uploads/2022/05/favicon-32x32-1.png CyberPanel – RMalis Website Design and Optimization https://rmalis.com 32 32 205170339 Cyberpanel Linux – cleaning up when disk is getting full https://rmalis.com/cyberpanel-linux-cleaning-up-when-disk-is-getting-full/ https://rmalis.com/cyberpanel-linux-cleaning-up-when-disk-is-getting-full/#respond Sun, 12 Feb 2023 16:55:36 +0000 https://rmalis.com/?p=946 I’ve had an issue twice before where something filled up the hard drive and caused the server to crash.  Once it was a hacked / compromised wordpress site and once it was excessive session files generated.  I wrote about how I handled it once before in this post.

I used a similar process today to try to free up some space today and I thought I’d document the steps I took to save me time when I have to do this again in the future.

First, I again ran the ncdu linux command which is a great way to see what directories are using up the most space.

/var/log/journal was using over 3gb of space.  In one of the directories there were a bunch of journal files.  I checked online and it looks like it is safe to delete journal files.  There was a nice post about how to remove the journal files and also set the system to keep removing old journal files when they are using too much space.  This allowed me to quickly free up an extra 2.5gb of space.  Until I better understand what the journal files are used for, I’m not going to set-up a regular process to remove old files yet.  I hadn’t needed to do this previously even though I’ve had this server for about a year now.  Perhap when I do it the next time I’ll be more aggressive in having it cull old files on a regular basis.

/var/lib/snapd directory had about 500mg of space used.  I checked and there is a command to remove these snap files too.  It looks like it is only retaining 2 versions of each snap, so I probably already have it set to remove anything more than 3.  I will leave things as is for this directory.

/usr/src there are a bunch of linux header files taking up about 1gb of space.  There is a command to remove old linux header files that are no longer needed.  I used:

sudo apt-mark auto '^linux-headers-[34].*'
sudo apt autoremove

That removed over 2gb of space – many files in addition to the linux headers got removed with that one.

I didn’t see any other obvious directories taking up unnecessary space.  Freeing up 5gb of space is pretty good for my small server.  I could have just upgraded the server to a bigger SSD, but I should be able to keep my websites safely running within the space I have.  The websites themselves generally don’t use that much space.  It is the server management software that sometimes gets a bit unruly.

I’m not super experienced with linux and having to do occasional file maintenance like this is a bit of a hassle.  Overall, it has been very infrequent that I’ve needed to do this though.  For me, It is a relatively small price to pay to have my own, very fast, private server at a very reasonable cost.

 

]]>
https://rmalis.com/cyberpanel-linux-cleaning-up-when-disk-is-getting-full/feed/ 0 946
Cyberpanel Unable to Change php version for Subdomains – solved https://rmalis.com/cyberpanel-unable-to-change-php-version-for-subdomains-solved/ https://rmalis.com/cyberpanel-unable-to-change-php-version-for-subdomains-solved/#respond Thu, 09 Feb 2023 05:35:21 +0000 https://rmalis.com/?p=943 I had a subdomain and tried changing the php version in the cyberpanel control panel without any success.  I found a discussion about the issue here.

The ultimate solution wound up being that I had to change the vhosts file directly for the subdomain.  Any other attempts to change the php version did nothing other than changing the vhosts file.  Once I did that, the version finally changed.

]]>
https://rmalis.com/cyberpanel-unable-to-change-php-version-for-subdomains-solved/feed/ 0 943
Cyberpanel – redirect domain name to another including URLs https://rmalis.com/cyberpanel-redirect-domain-name-to-another-including-urls/ https://rmalis.com/cyberpanel-redirect-domain-name-to-another-including-urls/#respond Tue, 22 Nov 2022 00:41:32 +0000 https://rmalis.com/?p=932 Cyberpanel wouldn’t let me forward emails used on an add-on domain, so I had to create a separate website for the add-on domain, create my emails I needed there, and then redirect the content from the “add-on” domain to the correct domain.

For some reason, I was struggling to find the correct code to have in my .htaccess that would work not just for the index page but for all other URLs on the website.  Ultimately, I found a solution that worked:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !newdomain.com$ [NC]
RewriteRule ^(.*)$ https://www.newdomain.com/$1 [L,R=301]

For whatever reason, the other examples I had seen online that claimed to work to redirect a domain name to another domain were not working.  Usually, the index home page did redirect, but not the other URLs.  The above code worked for me in openlitespeed on a Cyberpanel server.

I’m not sure what the problem is with forwarding emails from an add-on domain, but I saw someone else had posted the same issue on the Cyberpanel forums, and there was no solution posted.  I figured it was easier to just avoid using an add-on domain.

]]>
https://rmalis.com/cyberpanel-redirect-domain-name-to-another-including-urls/feed/ 0 932
Cyberpanel Out of Space – php Sessions Directory Full https://rmalis.com/cyberpanel-out-of-space-php-sessions-directory-full/ https://rmalis.com/cyberpanel-out-of-space-php-sessions-directory-full/#respond Wed, 05 Oct 2022 04:37:53 +0000 https://rmalis.com/?p=875 I was trying to log in to my wordpress site and it wouldn’t let me log in.  I went into my CyberPanel dashboard to see what was up and saw that the disk usage was at 100%.  It had been running closer to 80% most of the time, and something filled it up since the last time I checked.  I ultimately discovered that there are files created for php sessions.  Old files are supposed to get cleared out, but they weren’t.  Here’s how I fixed it.

Seeing What Was Using Disk Space in Ubuntu

I logged in using Putty and installed a disk space usage program:

sudo apt install ncdu

And then you just type in ncdu and it starts the program.  As there is no graphical user interface, it does take some navigating but ultimately I found that the directory that was taking up a lot of space was /var/lib/lsphp/session/

And then there folders for each version of php that I am using.  I think most wordpress installations and plugins don’t use sessions, but in order to reduce server load caused by bots spamming my login pages, I installed the limit login plugin.  It turns out that the plugin creates sessions to keep track of the IP addresses trying to log in.  I’m guessing that one of my sites was getting hammered with bots and thus created a ton of sessions, ultimately filling up the drive.  The odd thing was that it looked like files were there from when I first installed the plugin – like 5 months ago.

Cyberpanel – how to clear old session files

As best I can tell, Cyberpanel works by running a garbage collection script called through cron every 30 minutes, and any sessions more than a certain age get deleted.  But for whatever reason, even that cron file was not working properly.  Cyberpanel does not seem to use the typical garbage collection run through the php.ini variables of session.gc_probability and session.gc_divisor – CyberPanel has them both set to 0 by default.  Changing them to the standard defaults of 1 and 100 did not seem to do anything as far as removing old session files.

So, the file that gets called by the cron file in the Cyberpanel setup is:

/usr/local/CyberCP/bin/cleansessions

The file that was there looked like:
#!/bin/bash
for version in $(ls /usr/local/lsws|grep lsphp); do echo ""; echo "PHP $version"; session_time=$(/usr/local/lsws/${version}/bin/php -i |grep -Ei 'session.gc_maxlifetime'| grep -Eo "[[:digit:]]+"|sort -u); find -O3 "/var/lib/lsphp/session/${version}" -ignore_readdir_race -depth -mindepth 1 -name 'sess_*' -type f -cmin "${session_time}" -delete; done

I didn’t try executing the script, but I suspect that for some reason it just wasn’t executing properly.  It is supposed to get the setting from the php.ini file where session.gc_maxlifetime will be set to the number of seconds to keep session files.  It is set to 14400 seconds, which would be 4 hours.  However, the way the cleansessions script is written, it looks for files using -cmin which is in minutes.  Even so, that would be 14400 minutes which would be 10 days.  That wouldn’t explain why my session files were still there from months ago.

Anyway, the code that I found that fixes it to remove any files over 4 hours was:
#!/bin/bash
for version in $(ls /usr/local/lsws|grep lsphp); do echo ""; echo "PHP $version"; session_time=$(($(/usr/local/lsws/${version}/bin/php -i |grep -Ei 'session.gc_maxlifetime'| grep -Eo "[[:digit:]]+"|sort -u) / 60)); find -O3 "/var/lib/lsphp/session/${version}" -ignore_readdir_race -depth -mindepth 1 -name 'sess_*' -type f -cmin +"${session_time}" -delete; done

Which basically takes the original code, but then divides the time by 60, so you are back to 4 hours instead of 10 days.  However, when I first uploaded the above script and try to run it manually by going to the directory and just typing

./cleansessions

which executes the script.  But I got an error message:
-bash: ./cleansessions: /bin/bash^M: bad interpreter: No such file or directory

It turns out this is an error you get if you try to write the file on a windows based machine and then upload it to a linux based machine.  I found a nice solution here to strip out the hidden characters that cause the problems with executing the script.

Run following command in terminal

sed -i -e 's/\r$//' cleansessions

Then try

./cleansessions

It should work.

And it worked!  And now the cron is working correctly with clearing out any php session files over 4 hours old.

]]>
https://rmalis.com/cyberpanel-out-of-space-php-sessions-directory-full/feed/ 0 875
Error: invalid literal for int() with base 10: ‘-‘ [calculateBandwidth] https://rmalis.com/calculatebandwidth/ https://rmalis.com/calculatebandwidth/#respond Wed, 21 Sep 2022 04:01:28 +0000 https://rmalis.com/?p=865 invalid literal for int() with base 10: ‘-‘ [calculateBandwidth]

 

This message keeps showing up in my error log, but a few variations.  Basically, right after the 10: and before the [calculateBandwidth] there is a character or string in single quotes.  The script is expecting that data to be a number, not a character.  For some reason, the script keeps trying to analyze data that isn’t in integer format.  So, I’ve been able to track down the following

My list of cron jobs is stored in

/var/spool/cron/crontabs/root

That file lists the various scripts to be executed as well as how often (the numbers in front designate how frequently a cron job is executed.

The job that I think is in play here is:

0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1

 

The 0 * * * * means that the cron job is called at minute 0, so every hour, the script will execute.

the /dev/null 2>&1 I think means that it will redirect “standard error” to “standard output” (which I don’t fully understand) but basically it means that no errors will get sent to the display.

So now I need to learn python to understand what the script is doing.

Here is the script. I can understand it a little, but not yet enough to figure out the problem.  What I think is happening is the script will cycle through each created website and records bandwidth usage in a file.  For whatever reason, it is pulling some characters instead of numbers for something.  I’ll take a closer look at it when I have extra time.  Right now, this doesn’t seem to be any sort of critical error, so I’m putting it on the back burner.

If you have gotten a similar error and have found a fix before I update this post, please let me know how you did it in the comments.

 

 

]]>
https://rmalis.com/calculatebandwidth/feed/ 0 865
550-5.7.1 Our system has detected that this message does not meet IPv6 sending guidelines regarding PTR records and authentication https://rmalis.com/550-5-7-1-our-system-has-detected-that-this-message-does-not-meet-ipv6-sending-guidelines-regarding-ptr-records-and-authentication/ https://rmalis.com/550-5-7-1-our-system-has-detected-that-this-message-does-not-meet-ipv6-sending-guidelines-regarding-ptr-records-and-authentication/#comments Wed, 31 Aug 2022 01:30:42 +0000 https://rmalis.com/?p=846 I think I finally got this issue fixed.

Warning:

550-5.7.1 Our system has detected that this message does not meet IPv6 sending guidelines regarding PTR records and authentication. Please review 550-5.7.1

I first mentioned the problem with the IPv6 warning in this thread.  And then I mentioned it again here.  And I had thought it was just gmail being overly strict and had about given up and switched to Hotmail after this thread.  And hopefully this will be the last in the series.  The IPv6 issue was a bit complicated to fix with Cyberpanel.  Here are the steps:

  1.  IPv6 is not natively supported in Cyberpanel.  To add IPv6 support I followed these directions.
    1. I added webadmin console for cyberpanel following this guide
    2. I went into webadmin console and created 2 new IP address entries as described in the guide – one for general and one for SSL
    3. I copied most of the settings from the IPv4 listeners set-up natively by cyberpanel
    4. I added each of the domains I want to use for sending email and/or have an IPv6 address for the website – make sure you add the domains for both the regular AND the SSL listener you created.  At first I forget to add the domains for the SSL IPv6 listener and I got an unsafe website warning and then a 404 page not found message from the server
  2. Go to Cloudflare DNS settings and I added the following additional entries:

AAAA           mydomain.com               myIPv6address
AAAA           mail                                 myIPv6address    (set to DNS only – NO PROXY)

I wanted the mail IPv6 to be visible for mail servers to be able to verify the actual IPv6 and then it can run a reverse DNS on that IPv6 and verify that it points to the mail.mydomain.com (I can set the reverse DNS from the vultr website where I have my VPS).

I checked that things were working for both IPv4 and IPv6 using this tool

I definitely am a noobie when it comes to DNS settings, so I am not 100% sure that the way I configured things is the best method.  But it seems to be working for now.

I almost had the correct solution earlier when I added AAAA records and IPv6 addresses into my DNS settings.  Unfortunately, Cyberpanel does not natively support IPv6.  I only found this out when I was trying to access the website while out of my house.  My home wifi will use IPv4 by default apparently.  My cell service will use IPv6 when available.  I was getting frustrated trying to troubleshoot why my website seemed down when I was out of the house, but I was able to reach it just fine through a VPN.  At first I thought that it was a new Jetpack security plugin that was blocking my phone IP address, as an explanation why the site could be accessed fine from a VPN but not without.  After looking up the error messages as to why my site was unreachable without the VPN, one suggestion was to check and make sure my DNS records are correct.  I removed the AAAA records I had created earlier, and then I was able to access my website again.  It was only a fluke that my cell phone used IPv6 and I noticed this issue.  Otherwise I may never have known that anyone would get a site unreachable error if their network was trying to use IPv6.

Next I had to figure out why IPv6 settings which looked accurate were not working.  I came across some messages on the cyberpanel forums saying that IPv6 is not natively supported, but you can add it by following the steps I listed above.  Unfortunately, any additional sites I add, I will need to manually add to the IPv6 listeners.

So the next question is, do I need to do that for my other websites which do not use email?  I’ll have to put some more thought into it and see.

This issue came up again when I created a new forum on my server, and the registration emails were not going through to gmail – getting the IPv6 warning message in the title of this message. Hopefully everything works as it is supposed to now.  And I did learn a little about IPv6 and DNS settings and Cyberpanel in the process.

]]>
https://rmalis.com/550-5-7-1-our-system-has-detected-that-this-message-does-not-meet-ipv6-sending-guidelines-regarding-ptr-records-and-authentication/feed/ 3 846
Cyberpanel email log – IP address does not have a PTR record setup 550-5.7.25 https://rmalis.com/ip-address-does-not-have-a-ptr-record/ https://rmalis.com/ip-address-does-not-have-a-ptr-record/#respond Sun, 21 Aug 2022 21:56:13 +0000 https://rmalis.com/?p=832 TLDR:  gmail has very strict anti-spam and forwarding emails makes it even tougher to pass their spam filters.  The best you can do is run your emails through a test site like mail-tester.com and lookup how to solve each of the issues presented.  I found forwarding emails to outlook instead of gmail worked fine.  If you find a better solution, let me know in the comments.

The post:

I’m working on migrating an old phpBB forum to another format and running into email problems again.  I noticed the software was not sending out any emails.  I’m not sure how long this has been an issue.  I went into rainloop within cyberpanel to view the email address directly.  I tried to send a message from rainloop and I got a message that it “can’t connect to the server”.

I tried a few things and I’m not sure what ultimately fixed the problem.  I first made sure I had issued a full SSL certificate to the mail server (mail.domain.com) but I’m not even sure that the emails are going through that domain.  I also restarted openlightspeed and went to the manage postfix page and just clicked save, as I wasn’t making any changes.  Perhaps that restarted postfix as things worked after that.  Not being able to trust that the email is consistent remains a concern for me with using cyberpanel.  I never had these issues with cpanel, but I don’t want to abandon cyberpanel just yet if this is something I can figure out.

I tested out one of my email forwarders and found the email was not being forwarded.  I checked the email logs which had the following messages:

relay=gmail-smtp-in.l.google.com[142.251.111.26]:25, delay=0.71, delays=0.19/0.01/0.25/0.26, dsn=5.7.25, status=bounced (host gmail-smtp-in.l.google.com[142.251.111.26] said: 550-5.7.25 [144.xxx.xx.xx] The IP address sending this message does not have a
550-5.7.25 PTR record setup, or the corresponding forward DNS entry does not
550-5.7.25 point to the sending IP. As a policy, Gmail does not accept messages
550-5.7.25 from IPs with missing PTR records. Please visit
550-5.7.25 https://support.google.com/mail/answer/81126#ip-practices for more
550 5.7.25 information. o22-20020ac84296000000b00342b7e428c9si4280163qtl.117 – gsmtp (in reply to end of DATA command))

postfix/smtp[155745]: 0C4552FA2DB: to=<>, relay=gmail-smtp-in.l.google.com[172.253.63.27]:25, delay=0.48, delays=0/0/0.24/0.23, dsn=5.7.25, status=bounced (host gmail-smtp-in.l.google.com[172.253.63.27] said: 550-5.7.25 [144.xxx.xx.xx] The IP address sending this message does not have a
550-5.7.25 PTR record setup, or the corresponding forward DNS entry does not
550-5.7.25 point to the sending IP. As a policy, Gmail does not accept messages
550-5.7.25 from IPs with missing PTR records. Please visit
550-5.7.25 https://support.google.com/mail/answer/81126#ip-practices for more
550 5.7.25 information. hu10-20020a056214234a00b00496c983a460si2413821qvb.561 – gsmtp (in reply to end of DATA command))

I thought I had this issue worked out in this thread I posted on PTR records, but apparently I’ll have to review the information again to see if I can get things working.  I had added the PTR record to my DNS settings, but clearly that wasn’t enough.

The one piece I hadn’t fully fixed was the reverse DNS setting.  There is a place where you can set the reverse DNS domain in the vultr settings – you select settings from the choices along the top and then under IPv4 you can change the default Reverse DNS settings.  Here’s a screen shot:

I then went to Cloudflare and under DNS for the reverse DNS domain I’m using, I added a PTR record.  There is a type of DNS setting, like A record and MX record, but called PTR.  I used that and set the name and domain name to the reverse DNS domain name itself. But now I’m getting this error message in my logs:

postfix/smtp[161202]: B93982FA2DE: to=&lt;&gt;, relay=gmail-smtp-in.l.google.com[142.251.111.26]:25, delay=0.62, delays=0/0/0.28/0.34, dsn=5.7.26, status=bounced (host gmail-smtp-in.l.google.com[142.251.111.26] said:
550-5.7.26 This message does not pass authentication checks (SPF and DKIM both
550-5.7.26 do not pass). SPF check for [] does not pass with ip: [144.xxx.xx.xx
550-5.7.26 ].To best protect our users from spam, the message has been blocked.
550-5.7.26 Please visit 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for more
550 5.7.26 information. bj18-20020a05620a191200b006bae240ea17si4190202qkb.293 – gsmtp (in reply to end of DATA command))

Okay – taking a step back and trying from the start.  I sent an email directly from my main email address on the server and it sometimes goes through and sometimes doesn’t.

I’ve done some additional checks to make sure the DKIM setting is accurate, as well as the dmarc and any other configurations I could find.  I’ve checked my email score on testing websites and it seems good when sending directly from my cyberpanel addresses in rainloop is scoring well.  It now seems only forwarded emails to gmail that are getting rejected with the above message. I’m seeing some people reporting that gmail is particularly sensitive about some of these settings, so I’m going to have to look into it a bit deeper – to see how much is a cyberpanel issues, how much is an issue with the settings I’ve used, and how much is a gmail issue.  Frustrating, but maybe not entirely cyberpanel’s fault.

<update> – after lots of testing a variety of settings, the best I could do was fix any issues raised at mail-tester.com and even then gmail was rejecting many forwarded emails – but not consistent.  I suspect gmail use a variety of spam detection methods and forwarded emails are going to fail certain checks as the origin sending email does not match the information of the forwarding server.  I tried similar tests with a different server set-up with cpanel and gmail was rejecting those messages as well. The only way I could get all of my emails without logging in to view them in rainloop was to forward them to an outlook.com account.  I’ve been with gmail since it started and I’m shocked that I’m having this problem and finding a microsoft product superior.  When I have time, maybe I’ll do another post about gmail going overboard to the point that users (like me) will start using other email options, at least for forwarded emails.

]]>
https://rmalis.com/ip-address-does-not-have-a-ptr-record/feed/ 0 832