Recently there was an issue where the fopen and curl function and shell_exec functions were reverting back to original values. Using the MutiPHP Editor was not working.

the resolution was that the php-fmp handler was being used on a cpanel server. So the php-fpm config file needed to be changed.

The line that needs to be edited is:in /opt/cpanel/ea-php56/root/etc/php-fpm.d/$DOMAIN

Remove the disable_functions which includes shell_exec

php_admin_value[disable_functions] =

Then restart the following services.

systemctl restart httpd.service
/scripts/restartsrv_apache_php_fpm
/scripts/restartsrv_cpanel_php_fpm

UPDATE; Seems the yaml files need to be updated:
https://forums.cpanel.net/threads/stop-cpanel-from-overwriting-php-fpm-settings-file.596527/

This information is for editing the yaml file which should result in permanent changes.

More information here on php-fpm configurations:
https://documentation.cpanel.net/display/64Docs/Configurations+Values+of+PHP-FPM#ConfigurationsValuesofPHP-FPM-Howtoremovedefaultvaluesfromaconfiguration

UPDATE 2:

Also, there was an issue with fopen where the changes in the MultiPHP Editor were being overwritten.

If  PHP handler is LSAPI, you can adjustment to your Apache configuration. Please ensure the setting is enabled for the site(s) in question under MultiPHP Ini Editor. If this still does not work, in whm from   Home »Software »MultiPHP Manager there is a System PHP-FPM Configuration tab and from it you can change the user override ability for allow_url_fopen and other options.

 

When needing to run a command in a different version on php.
Where is the path to php 7 on cpanel?


# /opt/cpanel/ea-php70/root/usr/bin/php -v
PHP 7.0.32 (cli) (built: Sep 14 2018 20:36:03) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies

How to specify command line command “php” version for SSH user on the Plesk server?

/opt/plesk/php/7.2/bin/php -v 

See: https://support.plesk.com/hc/en-us/articles/115003766853-How-to-specify-PHP-version-on-the-Plesk-server-for-command-line-command-php-for-user-
set the path – https://stackoverflow.com/questions/31206864/use-different-php-version-cli-executable-for-one-command

When updating wordpress, this error appears:
Error message: cURL error 28: Connection timed out after 10001 milliseconds

Resolution: Curl the site with the private IP and not the public IP. From inside the private network each server or device is known only by it’s private IP address and is always referenced using that address.

Ref: https://www.the-art-of-web.com/system/iptables-nat/

Also, on cpanel that is behind a firewall, you can check the file for the mappings:/var/cpanel/cpnat

This is for CentOS/RHEL based servers.

Steps in WHM: Log into WHM and go to Basic cPanel & WHM Setup.

Change the Primary IP here with the option that says “The IP address (only one address) that will be used for setting up shared IP virtual hosts”

Log in to SSH, and do the following:

Edit /etc/sysconfig/network-scripts/ifcfg-eth0
Change the IPADDR and GATEWAY lines to match the new IP and Gateway for the new ip

Edit /etc/sysconfig/network
Change the GATEWAY line here if it does not exist in the ifcfg-* file.

Edit /etc/ips
Remove the new primary IP from this file if it is present
Add the old primary IP to this file with the format


 <IP address>:<Net Mask>:<Gateway>

Edit /var/cpanel/mainip
Replace the old primary IP with the new primary IP

Edit /etc/hosts
Replace the old primary IP with the new one if needed. The hostname’s dns will need to be updated too

Restart the network service to make the new IP the primary

# service network restart

Note: You’re probably going to be disconnected at this point, and have to log in to ssh using the new primary ip.

Restart the ipaliases script to bring up the additional IPs

# service ipaliases restart

Run ifconfig and make sure all IPs show up correctly

Update the cpanel license to the new primary IP

Verify you can still log in to WHM and there is no license warning

cPanel presents and error on update:

***** FATAL: Failed to download updatenow.static from server: The system cannot update the /var/cpanel/sysinfo.config file. at /usr/local/cpanel/Cpanel/GenSysInfo.pm line 113.

This issue stems from an issue with the rpm database. Run the following:


rpm --rebuilddb
/scripts/upcp --force

Source: https://forums.cpanel.net/threads/var-cpanel-secdatadir-ip-pag-file-massive.565591/

This can add to server load and slow loading times as it gets scanned every page load.

You also might want to disable mod_unique_id for modsec too. It will prevent that file from growing and being scanned.

Clear the file
yum install ea-modsec-sdbm-util
Should also help keep that file in check if he chooses not to disable it

First we need to make sure that Perl is installed on the server


# sudo yum install perl

After installing perl we need to take one more preliminary step. cPanel is very picky about making sure that server that it is installed on has a Fully Qualified Domain Name. To that effect, we need to provide it with a valid hostname. Skipping this step will inevitably get you the following, very common, error.


2012-11-01 16:00:54  461 (ERROR): Your hostname () is not set properly. Please
2012-11-01 16:00:54  462 (ERROR): change your hostname to a fully qualified domain name,
2012-11-01 16:00:54  463 (ERROR): and re-run this installer.

Luckily this error has a very easy solution. If you have a FQDN, you can type it in with the command:


# hostname your FQDN

Otherwise, if you want to proceed with the cPanel installation but do still lack the hostname, you can input a temporary one. Once cPanel is installed, you will be able to change the hostname to the correct one on one of the first setup pages.


# hostname  host.example.com

Install cPanel

Although the cPanel installation only has several steps, the installation does take a long time. Although using program “screen” is not necessary in order to install cPanel, it can be a very helpful addition to the installation process. It can be especially useful if you know that you may have issues with intermittent internet or that you will need to pause the lengthy install process.

To start off, go ahead and install screen and wget:


# sudo yum install screen wget

Once screen is installed, start a new session running:


# screen

After opening screen, you can proceed to install cPanel with WHM or a DNS only version of cPanel.

Use this this command to install cPanel with WHM:


# wget -N http://httpupdate.cPanel.net/latest

Use this command to install the DNS only version of cPanel:


# wget -N http://httpupdate.cPanel.net/latest-dnsonly

With the requested package downloaded, we can go ahead and start the script running:


# sh latest

Then close out of screen. The script, which may take one to two hours to complete will continue running while in the background—even if you close out the of server.

In order to detach screen type:


Cntrl-a-d

To reattach to your screen you can use the command:


# screen -r

Once cPanel finally installs, you can access the login by going to your ip address:2087 (eg. 12.34.45.678:2087l) or domain (example.com:2087)

Your login will be:


username: your_server_user
password: your_password

From there, you can create your cpanel user and finally login in at ipaddress/cpanel or domain/cpanel

Recently encountered an error. going to Home >> Security Center >> ModSecurity >> Vendors and clicking Install. However I’m getting the following error messages:

Error:The system experienced the following error when it attempted to install the ?OWASP ModSecurity Core Rule Set V3.0? vendor: API failure: The system could not validate the new Apache configuration because httpd exited with a nonzero value. 

Fix:

Backup the /var/cpanel/modsec_cpanel_conf_datastore file.

Manually edit /var/cpanel/modsec_cpanel_conf_datastore file with your favorite editor. Removed all active configs, active vendors, disabled rules, and updates. Just keep disabled rule. Save the file.

Login to WHM >> Home >> Security Center >> Modsecurity Vendors >> Manage Vendors >> OWASP ModSecurity Core Rule Set >> click +install

Modsecurity rules will should be installed without any issue.

Other links:
https://forums.cpanel.net/threads/mod_security-and-easyapache-4.501871/