How to install node.js in a shared cpanel hosting account

What is node.js?

Node.js is event-driven, asynchronous I/O server-side JavaScript environment based on V8 engine.

Pre-Requirements

You don’t need full root access to install node.js in a cpanel hosting account. Although, you require to have access to the following from your hosting provider:

1. Compiler Access
2. SSH Access
3. An open port
4. Automatic Process Killing Exclusion

You need to first contact your provider to ensure you can access ‘1’ & ‘2’. In case 3 and 4, mention the port you want to use for your node.js app. Provider will exclude the port and your cpanel username in the firewall.

Installation: Step 1

First, find out if you have python 2.6 or above and bzip2-devel installed in the server. You can do using the following commands:

# which python
/usr/bin/python
# python -V
Python 2.6.6
# rpm -qa|grep bzip2-devel
bzip2-devel-1.0.5-7.el6_0.x86_64

Most of the latest cPanel server will have Python 2.6.6 or 2.6.7. So, as long as your provider isn’t running some old version of cPanel. If you have Python 2.6, you don’t need to recompile python. Python in cPanel server executable by the users. You might not see bzip2-devel installed. In case, it is not, your provider would need to install it using yum.

# yum install bzip2-devel

Step 2

Once the above ‘Step 1’ things are available, you can download the latest node.js binary and compile it. While writing this tutorial, node.js is running 0.10.24. You can download the latest node.js source from here:

http://nodejs.org/download/

# wget http://nodejs.org/dist/v0.10.24/node-v0.10.24.tar.gz
# tar -xvzf node-v*
# cd node*
# ./configure --prefix=$HOME
# make
# make install

Out of all the commands above, you need to note the ‘prefix’. It should use $HOME if you are running from the user’s shell. A root user can use the path to the home directory of the cpanel user like /home/cpanelusername in place of $HOME to install node.js in a cpanel user’s account.

Step 3

If you have installed node.js from the root account, change the permission for /home/cpanelusername/bin, /home/cpanelusername/include, /home/cpanelusername/lib to the cpanelusername.

# cd /home/cpanelusername
# chown -Rf cpanelusername:cpanelusername node* bin include lib

Now you can run a node.js node. A simple script to open a port can be the following:

# nano sock.js

Insert the following:

var net = require(‘net’);
var server = net.createServer(function (socket) {
socket.write(‘Open Serverrn’);
socket.pipe(socket); });
server.listen(674, ‘203.20.20.20);
console.log(‘Server running at http://203.20.20.20:674/’);

Now you can run the node as following:

# node sock.js

 

A new WordPress Firewall Plugin

I had written a blog post regarding “How to protect your wordpress blog from web injection” before. I had mentioned a firewall plugin called “WordPress Firewall” which used to be very helpful at the time I had written the blog. But it seems the updated version of WordPress Firewall 1 & 2 both were not updated for pretty long time. It is now better to switch to something else. Upon my research of the current plugin market, I find the following WordPress Firewall plugin very useful “All in one WordPress Security & Firewall“.

So, take sometime to go on a maintenance for your wordpress blog and install the latest option to secure your blog.

‘ca-certificates’ update error

Since the last “ca-certificates” release for RHEL/CentOS 6 or Fedorar 14 with version stating 2013, there is a roaming error of not being able to update “ca-certificate” version starting from 2010 to the latest 2013. The error is somewhat looks the following through yum:

Running Transaction
Updating : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
Error unpacking rpm package ca-certificates-2013.1.94-65.0.el6.noarch
warning: /etc/pki/java/cacerts created as /etc/pki/java/cacerts.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.crt created as /etc/pki/tls/certs/ca-bundle.crt.rpmnew
warning: /etc/pki/tls/certs/ca-bundle.trust.crt created as /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew
error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename
Verifying : ca-certificates-2013.1.94-65.0.el6.noarch 1/2
ca-certificates-2010.63-3.el6_1.5.noarch was supposed to be removed but is not!
Verifying : ca-certificates-2010.63-3.el6_1.5.noarch 2/2

Failed:
ca-certificates.noarch 0:2010.63-3.el6_1.5 ca-certificates.noarch 0:2013.1.94-65.0.el6

The following part of the error to be noted:

error: unpacking of archive failed on file /etc/ssl/certs: cpio: rename

It looks like the new “ca-certificate” is using a new structure. In old versions, “certs” is a folder which contains old certificates. While updating with the new one, it is trying to create a symlink with the /etc/pki/tls/certs/ by removing the old directory, which it fails with yum.

To solve the error, run the following:

$ mv /etc/ssl/certs /etc/ssl/certs.back
$ ln -s /etc/pki/tls/certs /etc/ssl/certs
$ yum update ca-certificate*

This should solve the error.

How to Solve Force File System Quota Check on Every Boot RHEL/CentOS

I had been seeing an uprising issue of forced file system quota check on every boot after migrating to RHEL 6 or CentOS 6. I hadn’t seen the same issue before. I had been tackling it by changing the quotacheck file on each boot to something different. Quotacheck file is located:

$ ls /sbin/quotacheck

I couldn’t get enough information on something was changed in RHEL 6 which triggered this event. I went to trace out the root reason of this starting from Linux Boot Init script.

Continue reading “How to Solve Force File System Quota Check on Every Boot RHEL/CentOS”

What is the difference between Mangle Table & NAT Table?

You must know IPTables to understand routing properly. Once the concept & perspective of IPTables is cleared to somebody, it would become very easy to understand Linux routing and write Iptables rules to create & configure your own desired network. I will write a series of posts trying to explain and clear the confusion over Iptables basic perspective.

Continue reading “What is the difference between Mangle Table & NAT Table?”

Postrouting and IP Masquerading in Linux

IPTables is responsible to handle packet filtering in Linux system. IPTables contains several predefined and/or user-defined tables. Each table contains chains and chain contain packet rules. IPTables uses NAT table to forward packets to another node.

Continue reading “Postrouting and IP Masquerading in Linux”

Best Method to Reboot Linux

There are multiple ways to restart a remote linux system. A IPMI restart, a Power Strip or a Command Restart.

What is the best method to restart a Linux system?

The best method to restart a linux system is to graceful command restart. This will always make sure your all the services are closed before a restart. It will unmount the system and process a shutdown. If a system is not cleanly unmounted, this can cause data loss or some serious injuries to the drive. An uncleanly unmounted system can also take extra time to reboot due to file system integrity check and file system quota check. A cleanly unmounted system would skip the both check and restarts fast. It is hence recommended not to use a forceful Linux restart which doesn’t unmount the system cleanly.

Continue reading “Best Method to Reboot Linux”

Toggle Linux Bootscreen Splash Screen to Verbose Details

How to toggle Linux Bootscreen Splash Bar / Progress Bar to Verbose details?

It is possible that you need to toggle your linux boot screen to display what exactly running in background instead of a splash screen. From CentOS/RHEL 6, they use Plymouth to load a default silent boot screen that is graphically beautiful but doesn’t provide any verbose output. Sometimes the boot screen freezes and without a detailed output you may not be able to identity the root reason of the cause. If you are on the bootscreen where a splashbar is running, press the following keys together:

ALT + d

That would toggle the splash screen to detailed output.

Continue reading “Toggle Linux Bootscreen Splash Screen to Verbose Details”

There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them

While updating CentOS/RHEL system using Yum, the following error appears:

There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them

How do I fix this in CentOS/RHEL 5.x/6.x system?

You have some broken or aborted yum transactions in the system. It was possibly due to yum was forcefully interrupted in the middle of a transaction. To fix this, run the following:

$ yum-complete-transaction

The command can return the following:

$ yum-complete-transaction
bash: yum-complete-transaction: command not found

It means you do not have yum-utils package installed in your system. Run the following to install yum-utils

$ yum install yum-utils

This will install necessary for yum-complete-transaction.

How to update roundcube/phpmyadmin settings in directadmin?

Sometimes you may need to change the configuration settings of Roundcube, PHPMyAdmin or SquirrelMail from default values. The values are primarily set by directadmin custombuild.

How to change settings of Roundcube/PHPMyAdmin in Directadmin?

Directadmin stores these 3rdparty data in the following folder:

/var/www/html/

If you want to change the roundcube settings for example, browse the file main.inc.php

nano /var/www/html/roundcube/main.inc.php

Database settings for roundcube available under:

/var/www.html/roundcube/db.inc.php

The same would be true for “config.php” file for SquirrelMail and “config.inc.php” file for PHPMyAdmin.

If you would like to set your own settings next time you run the custombuild make sure to copy a version of these files under the following locations:

/usr/local/directadmin/custombuild/custom/phpmyadmin/config.inc.php
/usr/local/directadmin/custombuild/custom/squirrelmail/config.php
/usr/local/directadmin/custombuild/custom/roundcube/main.inc.php
/usr/local/directadmin/custombuild/custom/roundcube/db.inc.php

This will include the custom settings for you while the software updates by custombuild.