HELP! Barebone WHM Server rebuild / need direction, suggestions , etc.

[doulos61]

According to my VPS data center, my container was disabled for supposed DOS attack that started back in December. I find it odd that they would take 4 months to disable me if that was the case. So here is the current scenario -

The container OS was rebuilt in addition to a backup being placed in an "/old" directory. I was advised that I could reinstall my cpanel. I did so but this resulted in an error "Your operating systems rpm update method (yum) was not able to locate the glibc package." I searched the forums and was able to use the command to confirm that yum was locatable. I tried to login to the WHM, but was unable to connect. After about a half an hour, with a later attempt it came up. I noticed that there were some applets that did not function properly - specifically Apache status, and Easy-Apache Update.

Nonetheless I contacted support and was advised that I should have done a "yum update" prior to the cpanel install. It was my understanding they would clear out the container and have me start again since that is a better path, than to try and fix a broken cpanel. I commented the open support incident, to be responded back to that yum was not operational and they repaired it, and to try again and complete my installation. This did not work out as the problem still persisted. I updated the incident stating that I was still having the issue, and it conflicted with the information I was provided the previous evening.

I have built all 4 of my WHM servers using the beginners nameserver and security guide on the forum. When my new server was turned over to me it already had cpanel(WHM), Apache setup. My background is a Windows server admin, not Linux so I am not totally clueless, well... not totally! I have not had to rebuild a server from this extent, or restore client accounts from a backup folder on my server.

So here is my big questions -

What is the general steps in order that I should take -

1. To properly setup cpanel, apache, etc (being mindful of preliminary steps like doing a "yum update", or additional pitfalls)
2. To go about restoring accounts from a folder located in /old/12345.backup data on my server? (some of the client have content management systems, and shopping carts, so there are databases involved.

I am not looking for a total granular step by step process, as much as a "do A, B, C, etc".
I have been down since Sunday, and my customers patience is getting awful thin. I also have space on some of my other servers if the best recourse is to move the account to return them back to service
I will also entertain recommendations for paid support if it is not as ridiculous as what my provider is wanting to nickel and dime me with. Although what they are wanting to charge isn't nickle and dime!

Please assist
Shoop

 

[k-planethost]

as soon as i install a new server cpanel centos
To begin your installation, use the following commands:

1. cd /home — Opens the directory /home.
2. wget -N http://layer1.cpanel.net/latest — Fetches the latest installation file from the cPanel servers.
3. sh latest — Opens and runs the installation files.
4. /usr/local/cpanel/cpkeyclt — Activates your license after installation.

All Documentation

i dont understand why you reinstall the container if the affected file that perform ddos attack exists on a customer account should come back after and causing issues again.
after you have to rsync the contents of the accounts from the folder to /home if they are on tar.gz format you can restore it after from restore a full backup cpmove option from cpanel/whm

 

[doulos61]

i dont understand why you reinstall the container if the affected file that perform ddos attack exists on a customer account should come back after and causing issues again.
after you have to rsync the contents of the accounts from the folder to /home if they are on tar.gz format you can restore it after from restore a full backup cpmove option from cpanel/whm

Sorry, I may have used the wrong term. It was not as much a container restore as much as a space reprovision, OS reload, and a backup in an "/old/123.backup" folder

In relation to the backup, it is not in a compressed format -
The individual accounts are not tar.gz'd, but I can do that either by either using tar cli, or is this a better route:
1. /scripts/pkgacct USERNAME
2. move the USERNAME.tar.gz over to the /home folder and then
3. /scripts/restorepkg USERNAME

My question is do I need to move the compressed file to the new /home folder root and then run -
# /scripts/restorepkg USERNAME

Which is the better option?

Also do you have a suggestion rsync for rsync command line parameters? Currently I am still waiting for my provider to resolve a YUM issue error for the "glibc" before I proceed.

I appreciate your assistance.
Shoop

 

[garrettp]

You won't be able to use those scripts on your old accounts because they don't exist in the current cPanel environment.

You're going to have problems restoring the accounts if they only provided you with a copy of the /home directory. If that is the case, your best bet is to manually go through and re-create the accounts once you have the WHM working, and then copy the homedir data over from the backup dir. You're still going to have issues with things like addon FTP accounts, as configuration files for those are stored in /etc.

 

[doulos61]

You're going to have problems restoring the accounts if they only provided you with a copy of the /home directory. If that is the case, your best bet is to manually go through and re-create the accounts once you have the WHM working, and then copy the homedir data over from the backup dir. You're still going to have issues with things like addon FTP accounts, as configuration files for those are stored in /etc.

GarrettP - Thanks for the input. The backup they provided was almost the whole file structure, not just the home folder. My intention was to follow these instructions posted on the forum last year. Taking this into consideration, and just hitting the high and important points, what are the particular steps I should follow, or does this document address them all?

Thanks
Shoop

 

[garrettp]

That is a good place to start. In your case however an rsync of the data would be sufficient to restore since you're going cPanel->cPanel. We have an article on the matter if you'd like to give it a try:

How To Restore a cPanel Server [Wiki]

 

[doulos61]

GarrettP,

Thanks for the details, that is just what I needed. Some followup questions tho'. I take it that since the source data resides in the same physical drive there is no need to "mount" the source folder since it is not a device? What directory do I need to be in when I run the cmds (source/target/root)? Where all my main data is in a structure like this source path example off the root
- /old/xxxxx.backup/fs/root

In the earlier referenced document, in the block in the beginning -

Let's begin by syncing over important /etc/ configuration files:

1 cd /olddrive/etc/ && rsync -avHz user* trueuser* domainips secondarymx domainalias valiases \
2 vfilters exim* backupmxhosts proftpd* pure-ftpd* logrotate.conf passwd* group* *domain* *named* wwwacct.conf \
3 cpbackup.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl hosts spammer* \
4 skipsmtpcheckhosts relay* localdomains remotedomains my.cnf /etc

Is this one long cmd?

Is this process from a standpoint that you want to do a full manual restore, all nuts and bolts? Should I be overly concerned that my new cpanel may have issues with the import and thererby breaking it?

Thanks for the education
Shoop

 

[garrettp]

Shoop,

At the risk of being offensive, let me say it sounds like you may be in over your head. The article I linked to assumes an intermediate-level of familiarity with the shell, and you can cause problems if you don't do things properly.

With that said, yes those lines are a single command, they are split onto multiple lines via the backslash operator which will cause the individual lines to be run as a single command when pasted into the shell. I noticed you're copying the line numbers; use the copy-to-clipboard button in the syntaxhighlighter window to grab only the command text.

As mentioned in the article, these steps are intended to be ran on a server that has recently been deployed with a fresh install of cPanel.

You will need to change the "/olddrive" directory reference to the root of your old filesystem, which from your description sounds like "/old/12345.backup/"

 

[doulos61]

Shoop,

At the risk of being offensive, let me say it sounds like you may be in over your head. As mentioned in the article, these steps are intended to be ran on a server that has recently been deployed with a fresh install of cPanel.

GarrettP,

No offense taken. A wise person remains teachable, and understands they don't know everything. I am not totally green, but a little unfamiliar with some of the more compounded command lines. Also, this was the case. It was a reimaged server that had the backup placed on it.
That being said I did follow the steps you provided, and generally they all responded properly. I still have a few issues but it appears that it is related to the cms db's for some of the content managed sites, and possibly the root SQL db. All the sites that are not either xcart or cms driven are running. There area also some issues with the email accounts that apply to each client.

I have like 6 sites that are up primarily since they are not dependant on any db, and consist of a general HTML design. The current status on the rest of my sites are dealing now with are either "IE cannot display web page", "Error 500 Internal Server Error", or "HTTP 404 Not Found". I am going to try and tackle this first before I worry about the email. Better that the site is up than just email. Any suggestions?

I have someone else more familiar with the sql end that will look into db issue. Just for the record... I do appreciate your input and candor.
Shoop

 

[garrettp]

I'm guessing they may be permissions issues, since by default cPanel deploys with SuPHP now and you may not have been running it before. Check /usr/local/apache/logs/error_log for more clues on these sites, especially the ones with 500 errors.

 

[doulos61]

I'm guessing they may be permissions issues, since by default cPanel deploys with SuPHP now and you may not have been running it before. Check /usr/local/apache/logs/error_log for more clues on these sites, especially the ones with 500 errors.

GarrettP,

This was definately a learning process, and I feel that I have you to thank for the resolutions. The past few day's have been a doozy. Here is what all I ran into and fixed -

Yum update failed - data center fixed it
EasyApache not functioning in WHM - data center said they fixed it, but I think it was one of your suggestions with the load procedure that fixed it (scripted update within ssh)
MySQL failure - data center tweaked it
WebSite 500 errors - it was a permission issue. Since the accounts no longer existed, the user.group was set to "unknown" for all /home folders ( corrected this by assigning ownership via "chown")
Exim/IMAP failed and was down - fixed by changing mailserver from Dovecot to Courier)
Error with a clients subscription login - fixed by reloading IonCube

I still have some sites down with the 500 error. I believe that it is related to these sites being Joomla CMS based, and my DB admin not getting back with me so I believe that there are still some outstanding DB issues.

Can you give me an example of what to look for in relation to the 500 error?

I can't thank you enough for pointing me in the right direction to begin with. I know that all this come in handy in the future.
Shoop

 

[garrettp]

Same again as before, check the error_log as you'll get more info about why the 500 error is being thrown. My guess is still a permissions issue for those remaining sites.

 

[doulos61]

Same again as before, check the error_log as you'll get more info about why the 500 error is being thrown. My guess is still a permissions issue for those remaining sites.

I understood the error_log... but what in the error_log was the question. That is the example. Would it be something like - tail the error_log, and then go to the clients site, lets say "123.com" and then see what pops up at the end of the log?

Thnx
Shoop

 

[garrettp]

I'm guessing they may be permissions issues, since by default cPanel deploys with SuPHP now and you may not have been running it before. Check /usr/local/apache/logs/error_log for more clues on these sites, especially the ones with 500 errors.

don't mention it

 

[cPanelTristan]

I understood the error_log... but what in the error_log was the question. That is the example. Would it be something like - tail the error_log, and then go to the clients site, lets say "123.com" and then see what pops up at the end of the log?

Thnx
Shoop

You can run this command and then load the site in a browser:

tail -fn0 /usr/local/apache/logs/error_log

The entries will then show up for anything that outputs at that point.