TetraHost Bangladesh

The Official Company Blog

Monthly Archives: August 2024

26 Aug

Fixing File and Directory Permissions for cPanel Users with a Bash Script

Managing file and directory permissions on a cPanel server is crucial for both security and functionality. Incorrect permissions can expose sensitive data or cause website errors. This guide shows you how to use a Bash script to quickly fix permissions for cPanel users.

Why Are Permissions Important?

In Linux systems, permissions determine who can read, write, or execute files and directories. The most common permission settings are:

  • Directories: 755 – Owner has full control; others can read and execute.
  • Files: 644 – Owner can read and write; others can only read.

These settings protect your files while allowing websites to function correctly.

Bash Script to Fix Permissions

Here’s a simple Bash script to adjust permissions for a specific cPanel user:

#!/bin/bash
# Script to fix permissions for a cPanel user

if [ "$#" -lt "1" ]; then
  echo "Must specify user"
  exit
fi

USER=$@

for user in $USER; do
  HOMEDIR=$(egrep "^${user}:" /etc/passwd | cut -d: -f6)

  if [ ! -f /var/cpanel/users/$user ]; then
    echo "$user user file missing, likely an invalid user"
  elif [ "$HOMEDIR" == "" ]; then
    echo "Couldn't determine home directory for $user"
  else
    echo "Setting ownership and permissions for user $user"
    chown -R $user:$user $HOMEDIR
    chmod 711 $HOMEDIR
    chown $user:nobody $HOMEDIR/public_html $HOMEDIR/.htpasswds
    chown $user:mail $HOMEDIR/etc $HOMEDIR/etc/*/shadow $HOMEDIR/etc/*/passwd

    find $HOMEDIR -type f -exec chmod 644 {} \; -print
    find $HOMEDIR -type d -exec chmod 755 {} \; -print
    find $HOMEDIR -type d -name cgi-bin -exec chmod 755 {} \; -print
    find $HOMEDIR -type f \( -name "*.pl" -o -name "*.perl" \) -exec chmod 755 {} \; -print
  fi
done

chmod 750 $HOMEDIR/public_html

if [ -d "$HOMEDIR/.cagefs" ]; then
  chmod 775 $HOMEDIR/.cagefs
  chmod 700 $HOMEDIR/.cagefs/tmp
  chmod 700 $HOMEDIR/.cagefs/var
  chmod 777 $HOMEDIR/.cagefs/cache
  chmod 777 $HOMEDIR/.cagefs/run
fi

How to Use the Script

  1. Save the Script: Save the code to a file named fixperms.sh.
  2. Make It Executable: Run chmod +x fixperms.sh to make the script executable.
  3. Run the Script: Execute the script by running bash fixperms.sh <username>, replacing <username> with the cPanel username.

Conclusion

This script provides a quick way to standardize file and directory permissions for cPanel users, enhancing security and functionality. Always test scripts in a safe environment before applying them to production servers.

By following these steps, you can ensure that your cPanel environment is secure and operating smoothly.

13 Aug

How to Install PPTP VPN on Linux

Setting up a PPTP VPN server on a Linux machine is a straightforward process. This guide will walk you through the steps required to get your VPN server up and running.

Step 1: Install PPTPD

PPTP depends on the PPP and PPTPD packages. To install them, run the following commands:

yum install pptpd

Or, download and install the PPTPD package using:

wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm
rpm -Uhv pptpd-1.4.0-1.el6.x86_64.rpm

Step 2: Configure PPTPD

After installation, you’ll need to configure the PPTPD server. Start by editing the IP settings in the /etc/pptpd.conf file:

nano /etc/pptpd.conf

Add or modify the following lines:

localip 192.168.0.1    # Server's primary IP
remoteip 192.168.0.100-200

Next, update the DNS settings in the /etc/ppp/options.pptpd file:

nano /etc/ppp/options.pptpd

Add the following lines:

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Step 3: Create a VPN User

To allow access to the VPN server, you’ll need to create a user account. Add the user credentials in the /etc/ppp/chap-secrets file:

nano /etc/ppp/chap-secrets

Insert the following line:

username pptpd password *

Replace username and password with your desired credentials.

Step 4: Enable IP/Network Forwarding

IP forwarding is essential for routing packets between VPN clients and the internet. Enable IP forwarding by editing the /etc/sysctl.conf file:

nano /etc/sysctl.conf

Uncomment or add the following line:

net.ipv4.ip_forward = 1

To apply the changes, run:

sysctl -p

Step 5: Configure IPTables for NAT

NAT (Network Address Translation) allows VPN clients to access the internet through the server’s public IP. First, identify your network interface (e.g., eth0, ens33) by using the ifconfig command.

Assuming your network interface is eth0, add the following IPTables rules:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT

Save these rules to ensure they persist after a reboot.

Step 6: Start and Enable the PPTPD Service

Finally, start the PPTPD service and enable it to run at boot:

systemctl start pptpd
systemctl enable pptpd

Your PPTP VPN server is now set up and ready to use. You can connect to it using any PPTP VPN client with the user credentials created earlier.