How to open a port on Centos 6 that has WHM/cPanel installed

May 28, 2014 at 6:14 pm

Firstly, forget ipTables. There’s an easier way. Install “APF”:

  1. Login as Root
  2. Go to your home folder: cd ~
  3. Make a temporary download folder: mkdir downloads
  4. Go into that folder: cd downloads
  5. Download APF: wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
  6. Go into the extract folder: cd apf-9.7-2/
  7. Run the install file: ./install.sh

You should see something similar to this:

[root@root]# ./install.sh
Installing APF 9.7-2: Completed.

Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf

Other Details:
Listening TCP ports: 21,22,25,53,80,110,111,143,443,465,587,631,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306,43593
Listening UDP ports: 53,111,631,745,764,58037
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.

APF is now installed, and you can head on over to /etc/apf/conf.apf:

  1. vi /etc/apf/conf.apf
  2. Navigate to the line that reads: # Common inbound (ingress) TCP ports
  3. Below that line, you want to add something like this: IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306,10000,35000_35999″
  4. Save the file and quit VIM
  5. Stop APF: service apf stop
  6. Start APF again: service apf start

You should be good to go! But, if you want to make sure APF starts on startup, do this:

  1. chkconfig –add apf
  2. chkconfig –level 345 apf on
  3. Restart Centos to make sure it works after the restart: shutdown -r now

Now you should be ready to rock!

How I Got Back Into my Centos Server After Messing up my IPTables and SSH Port

May 24, 2014 at 5:12 am

lockWhat I did seems to be a fairly common mistake, but I still feel pretty stupid. I changed my SSH port from the standard 22 to 1000. This would’ve been fine, if I didn’t forget to run this afterwards:

iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 1000 -j ACCEPT

The net effect was that when I tried to log back in, the port was not open. Luckily, there are two ways that you can get out in a scenario like this.

The first method didn’t work for me, because I couldn’t FTP into the server as root. If I could, I would have put a file in /etc/cron.d with these contents:

* * * * * root /sbin/service iptables stop

Unfortunately, I couldn’t use this method. Luckily I had cpanel and whm installed, and this offers a second way to get out of a locked server if the problem is iptable / port related. You can simply:

  1. Go to your WHM url (usually, www.yoursite.com/whm)
  2. Log in
  3. Modify the url by appending: /scripts2/doautofixer?autofix=iptablesflush (i.e. something like this: www.yoursite.com/scripts2/doautofixer?autofix=iptablesflush)

You should see a message saying the iptables were flushed:

autofixer

 

Git Cheatsheet

May 21, 2014 at 12:20 pm

gitHere are some of the git commands I use daily (but still tend to forget from time to time):

push a new branch + create it on server: git push -u origin yourBranch
add a tag to a branch git tag <your tag>
push those tags git push –tags