Backend log: PHP Warning: File upload error – unable to create a temporary file in Unknown on line 0

It is a common php error appears when PHP handler unable to detect the server temporary folder automatically. A solution to the problem is to define the upload_tmp_dir of the php explicitly. You can do that by editing the php.ini file. Here is an example on how to do it:

To find the running php.ini file, use phpinfo:

root@chicago1 [~]# php -r ‘phpinfo();’|grep php.ini
Configuration File (php.ini) Path => /opt/cpanel/ea-php56/root/etc
Loaded Configuration File => /opt/cpanel/ea-php56/root/etc/php.ini

As the command suggests, your php.ini file is located under the following:

/opt/cpanel/ea-php56/root/etc/php.ini

Now, edit the file using your favorite editor:
nano /opt/cpanel/ea-php56/root/etc/php.ini
Find the location of upload_tmp_dir, which is usually commented out like the following:

;upload_tmp_dir =

Uncomment it by removing the semicolon from front and define the temporary directory location:

upload_tmp_dir = /tmp

Restart your apache.

There is another way you can do it. To do this, go to WHM >> MultiPHP INI Editor >> Editor Mode >> Find upload_tmp_dir and edit it accordingly.

This would create a user.ini file to be included with the original php.ini file.

If none of the above solution works for you, you are probably seeing the error from modsecurity, try following the following steps to see if that overcomes the error:

ModSecurity: Multipart parsing error: Multipart: Failed to create file: /root/tmp/20170526-122120-WSfJYO2KhTvEz5johZF8UQAAAEw-file-9mmG15

ModSecurity: Multipart parsing error: Multipart: Failed to create file: /root/tmp/20170526-122120-WSfJYO2KhTvEz5johZF8UQAAAEw-file-9mmG15

If you are using ‘inspectFile’ of modsecurity, you may face an error in cpanel server like following

ModSecurity: Multipart parsing error: Multipart: Failed to create file: /root/tmp/20170526-122120-WSfJYO2KhTvEz5johZF8UQAAAEw-file-9mmG15

This error appears because mod_security fails to detect the tmp folder automatically. To fix the problem, all you need to add the following line in your modsec_user.conf file for cpanel servers:

SecTmpDir /tmp

This file is available under

/etc/apache2/conf.d/modsec

Alternatively, you may add the line from Cpanel >> Modsecurity Tools >> Add Rules.

Why does Your New Site Take Ages to Load?

I was trying to track down a couple of website slow down reports lately. There is an interesting change of slow down behaviour these days in web application. From a conventional standpoint, people firmly believes that their static contents are not going to affect the performance of their websites other than images being heavy.
 
In reality, they are ignoring the fact that they are using jQuery plugins of many kinds from multiple developers. Hence cumulative number & sizes of JS files are pretty large these days comparing with all the plugins were coming from a single developer. Once the number of static file increases and goes beyond 100 per page, a cookie domain can hit some serious performance penalty. Geolocation for these small files and accessing them from single source can also increase the time geometrically. There is undoubtedly a large market of CDN due to the nature of development in web application.
 
I have seen, people these days are more aware about handling large data wisely than before. If you are using a Cloud from any provider, you are possibly using an E5 core or multiple (Mellowhost uses only E5 nodes right at this moment), that usually comes with access to a 16/24/32MB cache. Your static handling going to be more important in performance on these type of resources than your database, as threading is more of a concern than a single process handling in these virtualised resources.

How to change WHM reseller password!

After all these years, it never came to my mind that when somebody purchases a reseller, they usually do not change their WHM password for a long period. They keep it ‘as it is’ generated by WHMCS on purchasing the reseller package. The most interesting fact is that they don’t change it, because they fail to find an option to change it in WHM.

WHM doesn’t come with a distinct option saying ‘Change WHM Password’ unfortunately. That makes a percentage of reseller believe that they can not change their WHM password. In recent times, while investigating a couple of reseller hacks, I could determine, one of the primary reason of password leakage is, not changing the WHM password for longer period of time and keeping it ‘saved’ in browser. At a certain point of time, when the browser gets exposed to the hacker, user loose control over their WHM account.

Now the question comes, how to change a WHM password! Your WHM username is basically a cpanel username. It only granted to be able to own multiple cpanel accounts and that is the only difference, that’s all. To change the WHM password, simply login to your cpanel with the WHM details and use the ‘Change Password’ option. So if your WHM url is http://something.com/whm with username: something and password: anything, then you basically login with the same details in http://something.com/cpanel instead of whm. Once logged in, just visit the Change Password to change your WHM/Reseller password.

It is highly recommended for all the users to change the password once they receive their reseller welcome email. You should try changing the reseller password often to prevent any anonymous leakage from unknown attacks. It is also advised not to save the WHM password in your browser. Please keep in mind, your password can leak access to the cpanel accounts under you and cause great threat for their websites & domain reputation. They possibly have no reason to be so.

How to install fusecompress in CentOS 6

What is fusecompress?

FuseCompress provides a mountable Linux filesystem which transparently compresses its content. Files stored in this filesystem are compressed on the fly and FUSE allows to create a transparent interface between compressed files and user applications. FuseCompress supports different compression methods: LZO, gzip, bzip2, and LZMA.

How to install fusecompress in CentOS 6?

Follow the following to install fusecompress in CentOS 6

Install pre-tools

# yum groupinstall 'Development Tools'
# yum install boost boost-devel boost141-iostreams
# yum install fuse fuse-devel zlib-devel bzip2-devel lzo-devel
Download and Install fusecompress using git
# git clone git://github.com/tex/fusecompress.git
# cd fusecompress
# ./configure --with-z --with-bz2 --with-lzo2 --without-lzma --with-boost-serialization=boost_serialization --with-boost-iostreams=boost_iostreams --with-boost-program-options=boost_program_options --with-boost-file --with-boost-filesystem=boost_filesystem
# make
# make install

How to Download a Backup of Gmail?

What is Gmail?

Gmail is a free (gratis), advertising-supported email service provided by Google. Users may access Gmail as secure webmail,[6] as well as via POP3 or IMAP4 protocols.

How to Download/Take Backup of Full Gmail Account?

Google has started a service called “Takeout”. It allows you to backup any Google Products you are using. Google allows you to take a MBOX copy of your Gmail archive. You would need to generate it from “https://www.google.com/settings/takeout/”.

Once the generation is done, you can download the backup and load it in any MBOX environment.

How to install node.js in a shared cpanel hosting account

What is node.js?

Node.js is event-driven, asynchronous I/O server-side JavaScript environment based on V8 engine.

Pre-Requirements

You don’t need full root access to install node.js in a cpanel hosting account. Although, you require to have access to the following from your hosting provider:

1. Compiler Access
2. SSH Access
3. An open port
4. Automatic Process Killing Exclusion

You need to first contact your provider to ensure you can access ‘1’ & ‘2’. In case 3 and 4, mention the port you want to use for your node.js app. Provider will exclude the port and your cpanel username in the firewall.

Installation: Step 1

First, find out if you have python 2.6 or above and bzip2-devel installed in the server. You can do using the following commands:

# which python
/usr/bin/python
# python -V
Python 2.6.6
# rpm -qa|grep bzip2-devel
bzip2-devel-1.0.5-7.el6_0.x86_64

Most of the latest cPanel server will have Python 2.6.6 or 2.6.7. So, as long as your provider isn’t running some old version of cPanel. If you have Python 2.6, you don’t need to recompile python. Python in cPanel server executable by the users. You might not see bzip2-devel installed. In case, it is not, your provider would need to install it using yum.

# yum install bzip2-devel

Step 2

Once the above ‘Step 1’ things are available, you can download the latest node.js binary and compile it. While writing this tutorial, node.js is running 0.10.24. You can download the latest node.js source from here:

http://nodejs.org/download/

# wget http://nodejs.org/dist/v0.10.24/node-v0.10.24.tar.gz
# tar -xvzf node-v*
# cd node*
# ./configure --prefix=$HOME
# make
# make install

Out of all the commands above, you need to note the ‘prefix’. It should use $HOME if you are running from the user’s shell. A root user can use the path to the home directory of the cpanel user like /home/cpanelusername in place of $HOME to install node.js in a cpanel user’s account.

Step 3

If you have installed node.js from the root account, change the permission for /home/cpanelusername/bin, /home/cpanelusername/include, /home/cpanelusername/lib to the cpanelusername.

# cd /home/cpanelusername
# chown -Rf cpanelusername:cpanelusername node* bin include lib

Now you can run a node.js node. A simple script to open a port can be the following:

# nano sock.js

Insert the following:

var net = require(‘net’);
var server = net.createServer(function (socket) {
socket.write(‘Open Serverrn’);
socket.pipe(socket); });
server.listen(674, ‘203.20.20.20);
console.log(‘Server running at http://203.20.20.20:674/’);

Now you can run the node as following:

# node sock.js

 

A new WordPress Firewall Plugin

I had written a blog post regarding “How to protect your wordpress blog from web injection” before. I had mentioned a firewall plugin called “WordPress Firewall” which used to be very helpful at the time I had written the blog. But it seems the updated version of WordPress Firewall 1 & 2 both were not updated for pretty long time. It is now better to switch to something else. Upon my research of the current plugin market, I find the following WordPress Firewall plugin very useful “All in one WordPress Security & Firewall“.

So, take sometime to go on a maintenance for your wordpress blog and install the latest option to secure your blog.

‘ca-certificates’ update error

Since the last “ca-certificates” release for RHEL/CentOS 6 or Fedorar 14 with version stating 2013, there is a roaming error of not being able to update “ca-certificate” version starting from 2010 to the latest 2013. The error is somewhat looks the following through yum:

Running Transaction
Updating : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
Error unpacking rpm package ca-certificates-2013.1.94-65.0.el6.noarch
warning: /etc/pki/java/cacerts created as /etc/pki/java/cacerts.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.crt created as /etc/pki/tls/certs/ca-bundle.crt.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.trust.crt created as /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew
error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename
Verifying : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
ca-certificates-2010.63-3.el6_1.5.noarch was supposed to be removed but is not!
Verifying : ca-certificates-2010.63-3.el6_1.5.noarch 2/2

Failed:
ca-certificates.noarch 0:2010.63-3.el6_1.5 ca-certificates.noarch 0:2013.1.94-65.0.el6

The following part of the error to be noted:

error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename

It looks like the new “ca-certificate” is using a new structure. In old versions, “certs” is a folder which contains old certificates. While updating with the new one, it is trying to create a symlink with the /etc/pki/tls/certs/ by removing the old directory, which it fails with yum.

To solve the error, run the following:

$ mv /etc/ssl/certs /etc/ssl/certs.back
$ ln -s /etc/pki/tls/certs /etc/ssl/certs
$ yum update ca-certificate*

This should solve the error.