The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Could I puleeeeze get some help from Cpanel staff???

Discussion in 'General Discussion' started by sbrad, Apr 25, 2002.

  1. sbrad

    sbrad Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Posts ignored, bug reports ignored. Could I please have some help? Pretty please???

    1) Users are able to bypass bandwidth usage restrictions by going to
    http://domain.com/~username. How do I fix this?

    2) &ftp.domain.com-ftp_log.offset& logs are ending up in our root directory. Why? What is this?

    3) In WHM, I don't get the status of bind or cppop on one server.
     
  2. bdraco

    bdraco Guest

    [quote:67cc8b6666][i:67cc8b6666]Originally posted by sbrad[/i:67cc8b6666]

    Posts ignored, bug reports ignored. Could I please have some help? Pretty please???

    1) Users are able to bypass bandwidth usage restrictions by going to
    http://domain.com/~username. How do I fix this?

    2) &ftp.domain.com-ftp_log.offset& logs are ending up in our root directory. Why? What is this?

    3) In WHM, I don't get the status of bind or cppop on one server.[/quote:67cc8b6666]

    1) Turn off the UserDir Directive in your httpd.conf

    2&3) You really should ask support@cpanel.net about these as they are probably server specfic.
     
  3. sbrad

    sbrad Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    &1) Turn off the UserDir Directive in your httpd.conf &
    Not an option. I have a couple of users that don't have domains, and just use their account to store their eBay pics. Plus, there's no way I can tell someone to wait until their domain resolves to access their site.

    I'll email you about the other two, although I'm not the only one with the ftp.domain.com-ftp_log.offset problem. There's a thread about this.

    Thanks for the quick reply, though!
     
  4. bdraco

    bdraco Guest

    Not much can be done about the bandwidth bypass short of writing an apache module to check every request. ~dirs are going to be logged to the current domain you access them from. This is really more of a design flaw in apache, however apache really wasn't designed to care about stuff like this, and apache 2.0 does a much better job in this dept (not that its even usable for web hosting yet). Reguardless, I don't feel it is DarkORB's responsiblity to patch up apache.
     
  5. sbrad

    sbrad Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    &Reguardless, I don't feel it is DarkORB's responsiblity to patch up apache.&
    I never said it was. Just taking the time to answer is all I was asking.
     
  6. bdraco

    bdraco Guest

    -----cut here mod_bwprotect.c-----------
    #include &httpd.h&
    #include &http_core.h&
    #include &http_config.h&
    #include &http_log.h&

    #define CPROOT &/var/cpanel/users&

    MODULE_VAR_EXPORT module bwprotect_module;

    static void
    rembeforechar (int remchar, char *s)
    {
    int remcharloc = 0;
    int i, j;


    for (i = 0; i &= strlen (s); i++)
    {
    if ((int) s == remchar)
    {
    remcharloc = i;
    break;
    }
    }

    j = 0;
    for (i = (remcharloc + 1); i &= strlen (s); i++)
    {
    if (s != '\n' && s != '\r' && s != ' ')
    {
    s[j] = (char) s;
    j++;
    }
    }
    s[++j] = '\0';

    return;
    }



    static int
    check_bwripoff (request_rec * r)
    {
    char *filename;
    char *wwwdomain;
    char *name = r-&uri;
    char str[HUGE_STRING_LEN];
    FILE *f;
    const char *w, *dname;
    int validaccessdomain = 0;



    if ((name[0] != '/') || (name[1] != '~'))
    {
    return DECLINED;
    }
    else
    {
    dname = name + 2;
    w = ap_getword (r-&pool, &dname, '/');
    if (dname[-1] == '/')
    {
    --dname;
    }
    if (w[0] == '\0'
    || (w[1] == '.' && (w[2] == '\0' || (w[2] == '.' && w[3] == '\0'))))
    {
    return DECLINED;
    }
    if (r-&server-&server_hostname == NULL)
    {
    return DECLINED;
    }

    filename = ap_pstrcat (r-&pool, CPROOT, &/&, w, NULL);

    if (access (filename, F_OK))
    {
    //apache error /etc/userdomains is missing
    return DECLINED;
    }
    else
    {

    f = fopen (filename, &r&);
    rewind (f);
    while (fgets (str, sizeof (str), f) != NULL)
    {
    char *ss = str;
    int strl = (int) strlen (str);

    if (strncmp (str, &DNS&, 3) == 0)
    {


    rembeforechar ('=', str);
    wwwdomain = ap_pstrcat (r-&pool, &www.&, str, NULL);

    if (strcmp (wwwdomain, r-&server-&server_hostname) == 0 ||
    strcmp (str, r-&server-&server_hostname) == 0)
    {

    validaccessdomain = 1;
    break;
    }
    }
    }

    if (!validaccessdomain)
    {

    ap_basic_http_header (r);
    ap_rvputs (r,
    &\n&
    DOCTYPE_HTML_2_0
    &&HTML&&HEAD&\n&TITLE&511 Access Not Allowed from this Domain&/TITLE&\n&
    &&/HEAD&&BODY&\n&
    &&H1&Access Not Allowed from this Domain&/H1&\n&, NULL);
    ap_rputs (&You are attempting to access a user dir from a domain\n&
    &that is not owned by the user. Please correct the domain\n&
    &that you are attempting to use to access this url.\n&, r);
    ap_rputs (ap_psignature (&&HR&\n&, r), r);
    ap_rputs (&&/BODY&&/HTML&\n&, r);
    ap_kill_timeout (r);
    ap_finalize_request_protocol (r);
    ap_rflush (r);
    return DONE;

    }
    //check userdomains and redirect to the proper host if we aren't at it
    }



    }
    return DECLINED;
    }



    static void
    bwprotect_version (server_rec * s, pool * p)
    {
    ap_add_version_component (&mod_bwprotect/0.1&);
    }

    module MODULE_VAR_EXPORT bwprotect_module = {
    STANDARD_MODULE_STUFF,
    bwprotect_version, /* initializer */
    NULL, /* create per-dir config */
    NULL, /* merge per-dir config */
    NULL, /* server config */
    NULL, /* merge server config */
    NULL, /* command table */
    NULL, /* handlers */
    NULL, /* filename translation */
    NULL, /* check_user_id */
    NULL, /* check auth */
    NULL, /* check access */
    NULL, /* type_checker */
    check_bwripoff, /* fixups */
    NULL, /* logger */
    NULL, /* header parser */
    NULL, /* child_init */
    NULL, /* child_exit */
    NULL /* post read-request */
    };

    -----------cut here-----


    To install:

    /usr/local/apache/bin/apxs -c mod_bwprotect.c
    /usr/local/apache/bin/apxs -i -a mod_bwprotect.so

    Note: this is still beta software, however it seems to be working great.

    http://support.cpanel.net/~bdraco/
     
  7. sbrad

    sbrad Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Nick.
    Thanks very much. You are a genious.
    I'll beta it for you and let you know how it works.
     
  8. Elliot

    Elliot Well-Known Member

    Joined:
    Jan 22, 2002
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    XXX@XXX [/home/XXX]# /usr/local/apache/bin/apxs -c mod_bwprotect.c
    gcc -DLINUX=22 -I/usr/include/db1 -DMOD_SSL=208107 -DUSE_HSREGEX -DEAPI -fpic -DSHARED_MODULE -I/usr/local/apache/include -c mod_bwprotect.c
    mod_bwprotect.c: In function `rembeforechar':
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:31: warning: cast from pointer to integer of different size
    gcc -shared -o mod_bwprotect.so mod_bwprotect.o


    I got those errors, but I still installed the module

    http://www.nexose.net/~zodiaqin

    thanks draco
     
  9. bdraco

    bdraco Guest

    Actually it looks like openbb eat part of it .

    I've posted a clean on here:

    web.cpanel.net/mod_bwprotect.c
     
  10. bdraco

    bdraco Guest

    [quote:230fbd23a5][i:230fbd23a5]Originally posted by Elliot[/i:230fbd23a5]

    XXX@XXX [/home/XXX]# /usr/local/apache/bin/apxs -c mod_bwprotect.c
    gcc -DLINUX=22 -I/usr/include/db1 -DMOD_SSL=208107 -DUSE_HSREGEX -DEAPI -fpic -DSHARED_MODULE -I/usr/local/apache/include -c mod_bwprotect.c
    mod_bwprotect.c: In function `rembeforechar':
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:29: warning: comparison between pointer and integer
    mod_bwprotect.c:31: warning: cast from pointer to integer of different size
    gcc -shared -o mod_bwprotect.so mod_bwprotect.o


    I got those errors, but I still installed the module

    http://www.nexose.net/~zodiaqin

    thanks draco [/quote:230fbd23a5]


    See if you have problems with the one I posted above. If so please post them as the line numbers will be correct if you downloaded it directly
     
  11. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    If I use the script to restrict ~user access:

    Will this restriction affect all the virtual hosts including the server's hostname?

    Will it work with IP numbers too? So that people can't access http://IPaddress/~user.

    If I install this how can I get a new client to use his web space at http://serverIP/~newuser before his domain is resolved?

    Will I get stuck with the restriction forever or can it be reversed?
     
  12. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    If anyone is using Nick's script for the ~user access problem, could you give me some feedback on my previous post above this one?

    Thanks.
     
  13. sbrad

    sbrad Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    I told him I was going to try it, but I don't think it will do what I need it to. I need to be able to allow certain users to access http://domain.com/~username and only block certain ones. From what I can tell, this will turn it off for everyone. This I can do in httpd.conf.

    Someone, please correct me if I'm wrong.
     
  14. bdraco

    bdraco Guest

    [quote:399852d8dd][i:399852d8dd]Originally posted by sbrad[/i:399852d8dd]

    I told him I was going to try it, but I don't think it will do what I need it to. I need to be able to allow certain users to access http://domain.com/~username and only block certain ones. From what I can tell, this will turn it off for everyone. This I can do in httpd.conf.

    Someone, please correct me if I'm wrong.[/quote:399852d8dd]

    It will only let ~user access a domain if they actually have ownership of the domain (according to cpanel).

    IE

    cow.com is owned by user cow and has ip 192.168.5.5

    cow.com/~cow will work
    192.168.5.5/~cow will work
    anotehrdomainonserver/~cow will not work
     
  15. bdraco

    bdraco Guest

    [quote:cdd24a2ebe][i:cdd24a2ebe]Originally posted by moronhead[/i:cdd24a2ebe]

    If I use the script to restrict ~user access:

    Will this restriction affect all the virtual hosts including the server's hostname?

    Will it work with IP numbers too? So that people can't access http://IPaddress/~user.

    If I install this how can I get a new client to use his web space at http://serverIP/~newuser before his domain is resolved?

    Will I get stuck with the restriction forever or can it be reversed?


    [/quote:cdd24a2ebe]

    Just comment out the load and add module line from httpd.conf and restart apache :)
     
  16. bdraco

    bdraco Guest

    [quote:4842ecfa2d][i:4842ecfa2d]Originally posted by moronhead[/i:4842ecfa2d]

    If I use the script to restrict ~user access:

    Will this restriction affect all the virtual hosts including the server's hostname?

    Will it work with IP numbers too? So that people can't access http://IPaddress/~user.

    If I install this how can I get a new client to use his web space at http://serverIP/~newuser before his domain is resolved?

    Will I get stuck with the restriction forever or can it be reversed?


    [/quote:4842ecfa2d]

    Just comment out the load and add module line from httpd.conf and restart apache :)
     
  17. sina

    sina Active Member

    Joined:
    Mar 7, 2002
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    than how are the users suppose to use the Shared SSL on the server as they did before ? /~username ??
     
  18. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    [quote:349ff20211][i:349ff20211]Originally posted by moronhead[/i:349ff20211]
    If I install this how can I get a new client to use his web space at http://serverIP/~newuser before his domain is resolved?

    Will I get stuck with the restriction forever or can it be reversed?
    [/quote:349ff20211]

    Perhaps a subdomain of the owner's domain could be created which had the new user's public_html directory as DocumentRoot, or pointed to it.
     
  19. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    When mod_bwprotect.c willl be integrated on WHM ?

    Never ?
    Soon ?
    Not very soon ?

    Thank you
     
  20. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    up :p
     
Loading...

Share This Page