The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

LWP::Simple stopped working

Discussion in 'General Discussion' started by GoWilkes, Jan 15, 2011.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I went through several security updates that were recommended by CSF firewall, and several days later, I discovered that my Perl scripts that imported a header via LWP::Simple are no longer importing anything.

    I tried disabling CSF, with no impact, so I'm sure that it has something to do with a setting that I either turned on, or off, in WHM. Unfortunately, it's been several days, so I'm not sure where to look.

    Any suggestions?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,451
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    At the bottom of the "Check Server Security" page in CSF, there is a button to "Run again and display all comments". Doing so should unhide any comments CSF suggested needing changed.
     
  3. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I've gone through everything that I can remember changing, and undid them one at a time, but I'm still having no luck. I'm pretty sure it's not a PHP issue, though; I changed the file being imported to a plain text file, and it still didn't show anything. No error, just an empty variable.

    The last time that I know for a fact that this worked was Jan 5; that's the last time that I uploaded a Perl script that used LWP::Simple, and I know that I would have tested it immediately.

    On Jan 10, I did rebuild Apache using WHM (there's an earlier thread on here where parked domains weren't showing up), and then manually modified the following:

    <IfModule prefork.c>
    StartServers 15
    MinSpareServers 10
    MaxSpareServers 20
    ServerLimit 600
    MaxClients 600
    MaxRequestsPerChild 1000
    </IfModule>

    I don't think that any of these settings could cause this problem (they're the same that I've always had), but could there be another setting in here that would cause this?
     
  4. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    As a further update, I know that I was using WHM/cPanel 11.26.20 on Jan 4, and now I have 11.28.64. Could a recent update have caused this problem?
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,451
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You should not need to edit the httpd.conf. Just above those options in mine it says this:
    "# These can be set in WHM under 'Apache Global Configuration'"

    Hard to say. If you think there might have been a problem with an update, you might try forcing it to update again. Or you might want to put in a ticket to cPanels support system.

    I'm not sure what settings in CSF would be causing this sort of issue, but surely you'd have been notified by LFD if something came up and was blocked or killed.

    No signs of issues in your logs when you attempt to open or run this script?
     
  6. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
     
  7. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    A force update of cPanel had no impact :-( Now what?
     
  8. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    New update:

    I've just discovered that if I use an absolute path instead of a relative path, then it will work. Meaning, this no longer works (although it did a week ago):

    $header = get("../includes/header.php");

    But this does:

    $header = get("http://www.mydomain.com/includes/header.php");

    This is considerably slower, I believe, so it's not ideal, but it implies that the problem is that Perl has stopped allowing relative connections.
     
  9. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Please provide a full list of the security changes CSF had you perform. The only way to know if one of them caused the issue is to know the list of what you changed.
     
  10. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Every change that I've made came from CSF recommendations, except for on Jan 5 when I rebuilt Apache (parked domains weren't working).

    Unfortunately, I didn't keep a list of all of my changes. I did them all one at a time, made sure that the site was working for a few minutes with no reports of errors, then went on to the next. I'm not using LWP::Simple on the current site, though (I'm rebuilding, and the new rebuild uses it quite a bit), so this error was never noticed.

    Here's a copy-and-paste from the current CSF report, so hopefully this will help. Just a reminder, disabling CSF doesn't have any impact, so if the error came from this then it's more likely to have come from an area where it sent me to WHM to turn something on or off.

    Code:
    Firewall Check	Status	Comment
    Check whether csf is enabled	OK	 
    Check csf is running	OK	 
    Check whether csf is in TESTING mode	OK	 
    Check whether lfd is enabled	OK	 
    Check incoming MySQL port	OK	 
    Check csf SMTP_BLOCK option	WARNING	This option will help prevent the most common form of spam abuse on a server that bypasses exim and sends spam directly out through port 25. Enabling this option will prevent any web script from sending out using socket connection, such scripts should use the exim or sendmail binary instead
    Check csf LF_SCRIPT_ALERT option	OK	 
    Check csf LF_SSHD option	OK	 
    Check csf LF_FTPD option	OK	 
    Check csf LF_SMTPAUTH option	OK	 
    Check csf LF_POP3D option	OK	 
    Check csf LF_IMAPD option	OK	 
    Check csf LF_HTACCESS option	OK	 
    Check csf LF_MODSEC option	OK	 
    Check csf LF_CPANEL option	OK	 
    Check csf LF_CPANEL_ALERT option	OK	 
    Check csf LF_DIRWATCH option	OK	 
    Check csf LF_INTEGRITY option	OK	 
    Check csf PT_SKIP_HTTP option	WARNING	This option disables checking of processes running under apache and can limit false-positives but may then miss running exploits
    Check csf PT_ALL_USERS option	OK	 
    Check csf SAFECHAINUPDATE option	OK	 
    Server Check	Status	Comment
    Check /tmp permissions	OK	 
    Check /tmp ownership	OK	 
    Check /tmp is mounted as a filesystem	OK	 
    Check /tmp is mounted noexec,nosuid	OK	 
    Check /etc/cron.daily/logrotate for /tmp noexec workaround	OK	 
    Check /var/tmp permissions	OK	 
    Check /var/tmp ownership	OK	 
    Check /var/tmp is mounted as a filesystem	OK	 
    Check /var/tmp is mounted noexec,nosuid	OK	 
    Check /usr/tmp permissions	OK	 
    Check /usr/tmp ownership	OK	 
    Check /usr/tmp is mounted as a filesystem or is a symlink to /tmp	OK	 
    Check /dev/shm is mounted noexec,nosuid	WARNING	/dev/shm is not mounted with the noexec,nosuid options (currently: none). You should modify the mountpoint in /etc/fstab for /dev/shm with those options and remount
    Check /etc/named.conf for DNS recursion restrictions	WARNING	You have a local DNS server running but do not have any recursion restrictions set in /etc/named.conf. If the named process is using this configuration file, then this is a security and performance risk and you should look at restricting recursive lookups to the local IP addresses only
    Check /etc/named.conf for DNS random query source port	OK	 
    Check server runlevel	OK	 
    Check nobody cron	OK	 
    Check Operating System support	OK	 
    Check perl version	OK	 
    Check MySQL version	OK	 
    Check MySQL LOAD DATA disallows LOCAL	WARNING	You should disable LOAD DATA LOCAL commands in MySQL by adding the following to the [mysqld] section of /etc/my.cnf and restarting MySQL:
    local-infile=0
    See this link
    Check SUPERUSER accounts	OK	 
    Check for cxs	WARNING	You should consider using cxs to scan web script and ftp uploads and user accounts for exploits uploaded to the server
    Check for IPv6	WARNING	IPv6 appears to be enabled [ifconfig: fe80::214:22ff:fe09:a2b8/64 Scope:Link, ::1/128 Scope:Host]. If ip6tables is installed, you should enable the csf IPv6 firewall (IPV6 in csf.conf). To disable IPv6 on RHEL/CentOS you should follow this link, however since IPv6 will be required it is best to firewall the IPv6 ports.
    Check for kernel logger	OK	 
    SSH/Telnet Check	Status	Comment
    Check SSHv1 is disabled	WARNING	You should disable SSHv1 by editing /etc/ssh/sshd_config and setting:
    Protocol 2
    Check SSH on non-standard port	OK	 
    Check SSH PasswordAuthentication	WARNING	For ultimate SSH security, you should consider disabling PasswordAuthentication and only allow access using PubkeyAuthentication
    Check SSH UseDNS	OK	 
    Check telnet port 23 is not in use	OK	 
    Check shell limits	OK	 
    Check Background Process Killer	OK	 
    Mail Check	Status	Comment
    Check root forwarder	OK	 
    Check exim for extended logging (log_selector)	OK	 
    Check exim weak SSL/TLS Ciphers (tls_require_ciphers)	OK	 
    Check for maildir conversion	OK	 
    Check Courier IMAP weak SSL/TLS Ciphers (TLS_CIPHER_LIST)	OK	 
    Check Courier POP3D weak SSL/TLS Ciphers (TLS_CIPHER_LIST)	OK	 
    Apache Check	Status	Comment
    Check apache version	WARNING	You are running a legacy version of apache (v2.0.63) and should consider upgrading to v2.2.* as recommended by the Apache developers
    Check suPHP	WARNING	To reduce the risk of hackers accessing all sites on the server from a compromised PHP web script, you should enable suPHP when you build apache/php. Note that there are sideeffects when enabling suPHP on a server and you should be aware of these before enabling it.
    Don't forget to enable it as the default PHP handler in WHM > PHP 5 Handler
    Check Suexec	OK	 
    Check apache for mod_security	WARNING	You should install the mod_security apache module during the easyapache build process to help prevent exploitation of vulnerable web scripts, together with a set of SecFilters
    Check apache for FrontPage	OK	 
    Check apache for RLimitCPU	OK	 
    Check apache for RLimitMEM	OK	 
    Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)	OK	 
    Check apache for TraceEnable	WARNING	You should set TraceEnable to Off in: WHM > Apache Configuration > Global Configuration > TraceEnable > Off. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
    Check apache for ServerSignature	OK	 
    Check apache for ServerTokens	WARNING	You should set ServerTokens to ProductOnly in: WHM > Apache Configuration > Global Configuration > ServerTokens > ProductOnly. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
    Check apache for FileETag	WARNING	You should set FileETag to None in: WHM > Apache Configuration > Global Configuration > FileETag > None. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
    Check mod_userdir protection	OK	 
    PHP Check	Status	Comment
    Check php version (/usr/local/bin/php)	OK	 
    Check php for enable_dl or disabled dl()	WARNING	You should modify /usr/local/lib/php.ini and set:
    enable_dl = Off
    This prevents users from loading php modules that affect everyone on the server. Note that if use dynamic libraries, such as ioncube, you will have to load them directly in the PHP configuration (usually in /usr/local/lib/php.ini)
    Check php for disable_functions	WARNING	You should modify the PHP configuration and disable commonly abused php functions, e.g.:
    disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen
    Some client web scripts may break with some of these functions disabled, so you may have to remove them from this list
    Check php for ini_set disabled	WARNING	You should consider adding ini_set to the disable_functions in the PHP configuration as this setting allows PHP scripts to override global security and performance settings for PHP scripts. Adding ini_set can break PHP scripts and commenting out any use of ini_set in such scripts is advised
    Check php for register_globals	OK	 
    Check php for Suhosin	WARNING	You should recompile PHP with Suhosin to add greater security to PHP
    Check php open_basedir protection	WARNING	To prevent PHP scripts from straying outside their cPanel account, you should check WHM > Security Center > php open_basedir Tweak
    WHM Settings Check	Status	Comment
    Check cPanel version	OK	 
    Check cPanel login is SSL only	WARNING	You should check WHM > Tweak Settings > Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.
    Check boxtrapper is disabled	OK	 
    Check max emails per hour is set	WARNING	To limit the damage that can be caused by potential spammers on the server you should set a value for WHM > Tweak Settings > The maximum each domain can send out per hour
    Check whether users can reset passwords via email	OK	 
    Check whether native cPanel SSL is enabled	OK	 
    Check compilers	OK	 
    Check Anonymous FTP Logins	OK	 
    Check Anonymous FTP Uploads	WARNING	Used as an attack vector by hackers and should be disabled unless actively used WHM > FTP Server Configuration > Allow Anonymous Uploads > No
    Check pure-ftpd weak SSL/TLS Ciphers (TLSCipherSuite)	OK	 
    Check FTP Logins with Root Password	WARNING	Allowing root login via FTP is a considerable security risk and should be disabled WHM > FTP Server Configuration > Allow Logins with Root Password > No
    Check allow remote domains	OK	 
    Check block common domains	OK	 
    Check allow park domains	OK	 
    Check cPAddons update email to owner	OK	 
    Check cPAddons update email to root	OK	 
    Check package updates	WARNING	You have package updating disabled, this can pose a security risk as OS vendor and cPanel security updates may not be applied in a timely manner WHM > Update Config >cPanel Package Updates > Automatic
    Check security updates	WARNING	You have security updating disabled, this can pose a security risk as OS vendor and cPanel and perl module security updates may not be applied in a timely manner WHM > Update Config >Security Package Updates > Automatic
    Check cPanel tree	OK	 
    Check melange chat server	OK	 
    Check root/reseller login to users cPanel	WARNING	You should disable this option after use. WHM > Tweak Settings > Disable login with root or reseller password into the users' cPanel interface
    Check cPanel php for register_globals	OK	 
    Check cPanel php.ini file for register_globals	OK	 
    Check cPanel passwords in email	OK	 
    Check Cookie IP Validation	OK	 
    Check Referrer Blank Security	WARNING	You should enable WHM > Tweak Settings > Only permit cpanel/whm/webmail to execute functions when the browser provides a referrer
    Check Referrer Security	WARNING	You should enable WHM > Tweak Settings > Only permit cpanel/whm/webmail to execute functions when the browser provided referrer (Domain/IP and Port) exactly matches the destination URL
    Check Security Tokens	WARNING	You should enable WHM > Tweak Settings > Require security tokens for all interfaces
    Check Parent Security	OK	 
    Check Domain Lookup Security	OK	 
    Check SMTP Tweak	OK	 
    Check nameservers	WARNING	At least one of the configured nameservers:
    ns3.mydomain.com
    ns4.mydomain.com
    should be located in a topologically and geographically dispersed location on the Internet - See RFC 2182 (Section 3.1)
    Server Services Check	Status	Comment
    Check server startup for cups	OK	 
    Check server startup for xfs	OK	 
    Check server startup for atd	OK	 
    Check server startup for nfslock	OK	 
    Check server startup for canna	OK	 
    Check server startup for FreeWnn	OK	 
    Check server startup for cups-config-daemon	OK	 
    Check server startup for iiim	OK	 
    Check server startup for mDNSResponder	OK	 
    Check server startup for nifd	OK	 
    Check server startup for rpcidmapd	OK	 
    Check server startup for bluetooth	OK	 
    Check server startup for anacron	WARNING	On most servers anacron is not needed and should be stopped and disabled from starting, as it could pose a security threat. This service is currently enabled in init and can be disabled using:
    service anacron stop
    chkconfig anacron off
    Check server startup for gpm	OK	 
    Check server startup for saslauthd	OK	 
    Check server startup for avahi-daemon	OK	 
    Check server startup for avahi-dnsconfd	OK	 
    Check server startup for hidd	OK	 
    Check server startup for pcscd	OK	 
    Check server startup for sbadm	OK
     
    #10 GoWilkes, Jan 16, 2011
    Last edited: Jan 16, 2011
  11. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    It's likely one of these PHP settings you've changed:

    I would suggest removing the open_basedir tweak if you had enabled it and also trying to remove the disable_functions added in case it might be one of those.
     
  12. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I'll try changing these tonight, when the server traffic is low. Since this error is happening in Perl, though, and not PHP, do you still think that these could be the culprit?
     
  13. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Isn't the script utilizing PHP based on the above comment you'd made:

    If it is using PHP scripts in the path, then PHP settings can impact those paths.

    Also, if you could explain precisely what error you ever received (no set error was ever noted) and how you tracked it down to be related to LWP::Simple in the first place.
     
  14. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Sorry, I should have been more clear. Yesterday, I posted an update that if I try importing a plain text file, I have the same issue, so it's not isolated to PHP.

    I've not had any error messages at all, which is what makes this so frustrating! A week ago, the Perl scripts would load fine, but then when I checked yesterday morning, they weren't. All I have is an empty variable.

    Here's the test script I'm running:

    #!/usr/bin/perl
    use warnings;
    use strict;
    use CGI::Carp qw(fatalsToBrowser);

    use LWP::Simple;

    my ($get_header, $get_footer);

    $data = "/home/myaccount/data/classified-cats.txt";
    $get_data = get($data);

    print "Content-type: text/html\n\n";

    if (-e $data) { print "Found<br><br>\n\n"; }
    if (-R $data) { print "Readable<br><br>\n\n"; }

    print "$get_data";
    exit;


    This returns "Found" and "Readable", but doesn't return the contents of $data.
     
Loading...

Share This Page