-
Notifications
You must be signed in to change notification settings - Fork 1
/
cpanelworksheet-workin.txt
170 lines (129 loc) · 8 KB
/
cpanelworksheet-workin.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
Week 1 WHM/cPanel Activities. Please detail out how you have done each one of these tasks.
1) Setup 3 package types one being a reseller with 3 different feature sets.
a. In the "Packages" submenu on the left of the WebHostManager, select "Add Package".
b. For the "reseller" package, precede the name of package w/reseller username and underscore (user_pkg).
2) Create 1 reseller account and assign it its own nameservers and packages.
a. WHM dashboard -> Account Functions -> Create a New Account
3) Create 5 accounts under the reseller account via the WHM for that reseller with 5 different domain names and various packages.
a. WHM dashboard -> Account Func -> Create New Acct.
b. MultiAcct.Func --> Modify/Upgrade Multiple Accounts
c. Select checkboxes next to accounts and dropdown select "Reseller"
4) Set Exim to run on port 26 along with port 25.
a. Service Conf --> Exim Conf Mngr. --> Adv. Editor --> daemon_smtp_ports
b. Service Conf --> Service Mngr. --> Checkboxes Exim Mail Srv
5) Update your email address in the WHM so you receive emails from WHM/cPanel, root and the nobody user.
6) Switch your server to run CGI for both PHP5 and PHP4 via the WHM. Then switch back to suPHP.
a. Service Conf --> Config PHP and suEXEC
7) Change and configure your server to run Courier for the POP and IMAP daemons. Now come to your senses and switch back to Dovecot.
a. Service Config -->> Mailserver Selection
8) Make sure your all of your server's Apache logs are getting rotated via WHM.
a. ServiceConf --> Apache
9) Configure remote mysql access to your server from our office IP address via WHM. Test the connection and report your results.
a. SQL Services --> Add'al Access Hosts
10) Remove clamAV if it is installed on your server via the WHM. If it is not installed install it.
a. cPanel --> Manage Plugins --> (Un)install clamAV
11) Explain how you would access an accounts' document root in a web browser that's assigned a shared IP address versus a dedicated IP address.
a. mod_userdir Tweak
12) Get a trial LiteSpeed license and install LiteSpeed on your server replacing Apache as your httpd daemon.
a. Plugins --> LiteSpeed WebServer --> License Management
b. '-> Switch between Apache and LiteSpeed
c. xxxxEnable EasyApache Integrationxxxx
d. Build Matching LSPHP
13) Generate a SSL cert for your main server domain name and install the self signed SSL cert on it.
a. SSL/TLS --> Generate an SSL Certifacte and Signing Request
b. SSL/TLS --> Install an SSL Certificate on a Domain
c. IP Address (non-user domains only) required for main (?)
14) Install WordPress on your main domain. Detail out the steps that you had to use to do so within your cPanel.
a. cPanel --> InstallcPAddons Site Software
15) Reset all of your server's SSL certs for all WHM/cPanel services. In which situations would this be necessary?
a. Service Configuration --> Manage Service SSL Certificates
b. Reset Certificate
16) Disable the AppConfig registration notifications emails.
17) Set your server to Automatic (CURRENT tree) cPanel updates and update cpanel.
a. SERVER CONFIGURATION --> UPDATE PREFERENCES
18) Enable only AWstats on your server.
a. SERVER CONF -->> STATISTICS SOFTWARE CONF
b. Generators Configuration
19) Set the max number of emails that your server can send per hour to 100.
a. SERVER CONF -->> TWEAK -->> MAIL
B. MAX HOURLY EMAILS PER DOMAIN unlimited/2000 -->> 100
20) Back up your Exim config both locally and on the server, then reset the exim conf and exim ACLs to defaults.
a. SERVICE CONF --> EXIM CONF MANAGER -->> Backup --> Download
b. SERVICE CONF --> EXIM CONF MANAGER -->> Backup --> Save on Server
21) Park jdoss-likes-to-wear-snuggies.com on top of your main domain via your domain's cPanel. Also park google.com. Report the results.
a. Domains -->> Aliases -->> Add Alias jdoss-likes-snfalf.com
b. ERROR for "google.com" alias for Common Domains
22) Create an FTP account via cPanel and then try to connect via SCP, SFTP, FTP w/TLS and FTP. Do the same tests with your main cPanel username. Report results and reasons for failure.
23) Disable POP3 on your server.
a. SERVICE CONFIG --> SERVICE MANAGER
24) Setup 3 addon domains, wiredtreetest1.com, wiredtreetest2.com, wiredtreetest3.com and out side of your main domain's document root.
a. Account Functions -->> Modify Accounts -->> Select user(s) -->> AddOn from 0 to positive int.
b. Login as user NOT root/reseller!
c. Addon Domains
d. Propegate "New Domain Name", <TAB> populates "Subdomain" and "Document Root" fields
25) Give the SSL and non SSL ports for cPanel, WHM and Webmail.
a. cPanel: non-SSL --> 2082
SSL -->> 2083
b. WHM: non-SSL -->> 2086
SSL -->> 2087
c. WebMail non-SSL -->> 2095
SSL -->> 2096
26) Give a list of all open ports on your server and match up the cPanel based services to each port.
a. nmap -->>
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
26/tcp open rsftp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
443/tcp open https
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysql
27) Create a full cPanel backup of your main site.
a. BACKUP -->> ENABLE Backup Status
b. HOME -->> FILES -->> BACKUP
28) Use the autofixer script to reset your ssh config via the web browser.
A. https://96.30.1.154:2087/scripts2/doautofixer?autofix=safesshrestart
a. https://96.30.1.154:2087/cpsess162319089/scripts2/autofixer
b. Presented with Input Form
c. Enter "sshrestart" Press -->> Go
d. Make sure to INCLUDE SESSION COOKEY in address field followed by "scripts2/autofixer"
29) Determine where WHM >> DNS Functions » Nameserver IPs gets its information.
a. fgrep -i dns /var/cpanel/users/* | cut -d"/" -f5
-- One-liner that Lists Domains and Accounts
b. /usr/local/cpanel/etc/zonefiles/
-- BIND zone config files
c. WHM: SERVICE Config -->> Nameserver Selection
d. https://documentation.cpanel.net/pages/viewpage.action?pageId=9897257#HowtoSetUpNameserversinacPanel&WHMEnvironment-common
30) Install the spamdconf plugin.
a. E-Mail -->> spamd Startup Config
31) Ensure that when someone emails a non-existant email account, the email fails to deliver.
a. E-Mail -->> Default Address -->> "Discard unrouted email"
32) Ensure that 'nobody' is not allowed to send email (we all know that nobody is a filthy spammer)
a. SERVER CONFIGURATION --> TWEAK SETTINGS --> MAIL
b. Prevent "nobody" from sending mail --> ON
33) Make sure that disk quota information is always accurate up to the minute. Look for cache in Tweak Settings.
a. Server Config -->> Initial Quota Setup
b. Server Config -->> Tweak Settings -->> Cache disk quota information ->OFF
34) Disable the display of Indexes in Apache
a. Advanced -->> Indexes -->> /(current folder) -->> NoIndex
35) Set the start, min spare, and max spare servers to 4, 4, and 8
36) Double the PHP config values for max_input_time, max_execution_time
a. Service Config -->> PHP Config Editor
-- Initial (unmodified) values:
max_input_time: 180
max_execution_time: 120
-- Modified values:
max_input_time: 360
max_execution_time: 240
37) Ensure that only the spamhaus and spamcop RBLs are enabled within Exim
a. Service Config -->> Exim Conf Manager -->> RBLs
38) Logout of WHM. Try to login using the wrong password enough times to trip cPHulk
39) Try to make the firewall block you. Besides failed logins, what else could trip the firewall?
40) Explain how a client could remove a block on an IP via WHM