/etc/chkserv.d/ftpd overwritten?

kpmedia

Well-Known Member
Feb 13, 2011
90
1
58
USA, Europe
cPanel Access Level
Root Administrator
I use a different FTP port. Default 21 is unsafe.

/etc/chkserv.d/ftpd reverts on cPanel update.

A cPanel staff wrote this back in 2010: "You can create a script with the filename /scripts/postupcp to copy your custom version of the file back to /etc/chkserv.d/ftpd after each cPanel update."

I can't do that. I don't know how. What are the exact steps to do this?

It's a common request on these boards, and has never been answered.
 

kpmedia

Well-Known Member
Feb 13, 2011
90
1
58
USA, Europe
cPanel Access Level
Root Administrator
It wasn't answered.

This was a half answer: "You can create a script with the filename /scripts/postupcp to copy your custom version of the file back to /etc/chkserv.d/ftpd after each cPanel update."

I can't find that thread anymore, but that was the last reply.

I'm guessing postupcp changes things back that cPanel overwrites. So I'd think that "service[ftpd]=21,QUIT," (start of file) could be replaced with "service[ftpd]=123456,QUIT," instead. Simple replacement, but requiring not-simple syntax, commands, and use of the postupcp file. So how it that done?

Why not 21? Because 21 is brute forced to hell and back. Lots of of nasty stuff uses it as well. Changing the port removes that problem 99%+. Only generic shared hosts and novices admins use 21.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,256
463
Hello,

No native support exists for Chkservd to monitor Pure-FTPd on an alternate port. I suggest opening a feature request for this via:

Submit A Feature Request

Also, using the /scripts/postupcp file is no longer advised. Instead, please ensure you use standardized hooks:

Guide to Standardized Hooks
Guide to Standardized Hooks - System Functions - upcp

You can register a hook using the following command after creating your custom script:

Code:
/usr/local/cpanel/bin/manage_hooks add script /path/to/postupcpscript.sh --manual --category System --event upcp --stage post
Then, simply ensure /path/to/postupcpscript.sh uses 0755 permissions and contains the code necessary to to update the /etc/chkserv.d/ftpd file. EX:

Code:
#!/bin/bash
replace "21" "1234" -- /etc/chkserv.d/ftpd
Thank you.