Startup Log:
     Starting proftpd: 2014-11-10 17:08:26,390 server4.atwaretech.com proftpd[24369]: mod_auth_file/1.0: unable to use world-readable AuthUserFile '/etc/proftpd/passwd.vhosts' (perms 0644): Operation not permitted
     2014-11-10 17:08:26,390 server4.atwaretech.com proftpd[24369]: fatal: AuthUserFile: unable to use /etc/proftpd/passwd.vhosts: Operation not permitted on line 7 of '/etc/proftpd.conf'
     [FAILED]

Check permissions

root@server4 [~]# cd /etc/proftpd/
root@server4 [/etc/proftpd]# ls -la
total 32
drwxr-x--x   2 root proftpd  4096 Nov 10 17:08 ./
drwxr-xr-x. 89 root root    12288 Nov 10 17:19 ../
-rw-r-----   1 root proftpd   180 Nov 10 17:08 atware
-rw-r-----   1 root proftpd   180 Nov 10 17:08 lennys
-rw-r--r--   1 root root     1180 Nov 10 17:08 passwd.vhosts
-rw-------   1 root root     1501 Nov 10 17:08 passwd.vhosts.cache

Change to owner read writable

root@server4 # chmod o-rwx /etc/proftpd/passwd.vhosts
root@server4 # service proftpd restart

Info: http://ubuntuforums.org/showthread.php?t=2238794

Adding an SSL cert in WHM throws an error.
It gives me this error at top. “The system failed to find an owner for the domain “domain.com”.”

Resolution

The domain was added in accounts in WHM as www.domain.com. Chabge to domain.com

fixallcartswithsuexec – Fixes permissions on carts when using suexec.
fixallinterchangeperm – Fixes permissions on all users’ Interchange Shopping Carts.
fixbinpath – Makes sure all bin file paths are correct.
fixbuggynamed – Updates bind to solve any problems with bugs.
fixcommonproblems – Attempt to fix the most common problems.
fixetchosts – Fixes problems with /etc/hosts
fixeverything – Fix common problems and quotas.
fixfpwml – Fix for .wml errors with frontpage.
fixheaders – Run if nothing compiles errors with .h files on compile.
fixinterchange – Reinstall interchange Perl modules.
fixinterchangeperm – fix permissions on a user’s interchange cart.
fixipsnm – Same as addnetmask ips, but Perl though.
fixlibnet – Reinstall Bundle::libnet (Perl).
fixlocalhostwithphp – Change /etc/hosts to work better with PHP 4.2.0 + MySQL.
fixmailman – Updates and restarts mailman.
fixmailmanwithsuexec –
fixmuse – Reinstalls muse.
fixmysql – Fixes problems with mySQL.
fixmysqlbsd – Fixes problesm with mySQL on FreeBSD.
fixnamed – Updates bind to handle many DNS zones (more than 512).
fixndc – Repair redhat’s broken named.conf on 7.2.
fixoldlistswithsuexec – Run after enabling suexec on the server to change the URLs that Mailman gives out to ones that don’t give a 500 internal server error.
fixperl – Symlink /usr/local/bin/perl /usr/bin/perl.
fixperlscript – Makes sure a perlscript includes all corresponding modules.
fixpop – Fix a POP account and reset password.
fixproftpdconf – Fixes problems with /usr/local/etc/proftpd.conf
fixproftpddupes – Updates proftpd.
fixquotas – Fix quotas.
fixrndc – Fixes named.conf to prevent rndc staus failed.
fixspamassassinfailedupdate – Reinstalls a failed spamassassin update.
fixsubdomainlogs – Run if subdomain logs don’t show up in cPanel.
fixsuexeccgiscripts – Fix CGI scripts that are broken after suexec installed.
fixvaliases – Fix permisions on valiases.
fixwebalizer – Repair a Webalizer that has stopped updating.

Common cPanel /Scripts

Install Zend Optimizer /scripts/installzendopt
Hostname A Entry Missing! /scripts/fixndc then restart bind and apache
Install Cron on New Server /scripts/installrpm anacron vixie-cron ; /etc/rc.d/init.d/crond start
Bandwidth issues /scripts/cleanbw
/scripts/fixwebalizer (To fix problem in webalizer that stop updating stats)
/scripts/fixcommonproblems
/scripts/fixeverything
Fixing Mail List MailMan /usr/local/cpanel/bin/convertmailman2
Reinstall MailMan /scripts/reinstallmailman
Fix Permissions on accounts: /scripts/fixhome
Edit mySQL conf file: pico /etc/my.cnf
Edit php.ini: pico /usr/local/lib/php.ini
Edit Apache Conf: pico /etc/httpd/conf/httpd.conf
Checking Real Time Top Processes Login to SSH and run: top
Run cpanel backup /scripts/cpbackup
To try and fix domain controller: /scripts/fixndc

Quotas /scripts/initquotas – takes a while to run
/scripts/resetquotas
/scripts/fixquotas – takes a while to run

/scripts/adddns Add a Dns Entry
/scripts/addfpmail Install Frontpage Mail Exts
/scripts/addservlets Add JavaServlets to an account (jsp plugin required)
/scripts/adduser Add a User
/scripts/admin Run WHM Lite
/scripts/apachelimits Add Rlimits (cpu and mem limits) to apache.
/scripts/dnstransfer Resync with a master DNS Server
/scripts/editquota Edit A Users Quota
/scripts/finddev Search For Trojans in /dev
/scripts/findtrojans Locate Trojan Horses
Suggest Usage
/scripts/findtrojans > /var/log/trojans
/scripts/fixtrojans /var/log/trojans
/scripts/fixcartwithsuexec Make Interchange work with suexec
/scripts/fixinterchange Fix Most Problems with Interchange
/scripts/fixtrojans Run on a trojans horse file created by findtrojans to remove them
/scripts/fixwebalizer Run this if a users stats stop working
/scripts/fixvaliases Fix a broken valias file
/scripts/hdparamify Turn on DMA and 32bit IDE hard drive access (once per boot)
/scripts/initquotas Re-scan quotas. Usually fixes Disk space display problems
/scripts/initsuexec Turn on SUEXEC (probably a bad idea)
/scripts/installzendopt Fetch + Install Zend Optimizer
/scripts/ipusage Display Ipusage Report
/scripts/killacct Terminate an Account
/scripts/killbadrpms Delete Security Problem Infested RPMS
/scripts/mailperm Fix Various Mail Permission Problems
/scripts/mailtroubleshoot Attempt to Troubleshoot a Mail Problem
/scripts/mysqlpasswd Change a Mysql Password
/scripts/quicksecure Kill Potential Security Problem Services
/scripts/rebuildippool Rebuild Ip Address Pool
/scripts/remdefssl Delete Nasty SSL entry in apache default httpd.conf
/scripts/restartsrv Restart a Service (valid services: httpd,proftpd,exim,sshd,cppop,bind,mysql)
/scripts/rpmup Syncup Security Updates from RedHat/Mandrake
/scripts/runlogsnow Force a webalizer/analog update.
/scripts/secureit Remove non-important suid binaries
/scripts/setupfp4 Install Frontpage 4+ on an account.
/scripts/simpleps Return a Simple process list. Useful for finding where cgi scripts are running from.
/scripts/suspendacct Suspend an account
/scripts/sysup Syncup Cpanel RPM Updates
/scripts/unblockip Unblock an IP
/scripts/unsuspendacct UnSuspend an account
/scripts/upcp Update Cpanel
/scripts/updatenow Update /scripts
/scripts/wwwacct Create a New Account

/scripts/runweblogs account username for awstats to run manually

Sometimes such behavior of apache/httpd (taking more and more memory until it dies or crashes the server) can be caused by corrupted MySQL database. Try to do the following:
1) Kill the mysql server
/etc/rc.d/init.d/mysql stop

2) Repair all SQL databases:
myisamchk -r /var/lib/mysql/*/*.MYI

3) Start mysql again:
/etc/rc.d/init.d/mysql start

Check the logs:

# nano /var/log messages
PAM-hulk[13813]: Brute force detection active: 580 LOGIN DENIED

Check

cphulkd.log at /usr/local/cpanel/logs


# nano /usr/local/cpanel/logs/login_log
72.177.xxx.xx - root [11/04/2014:05:48:13 -0000] "POST /login/?login_only=1 HTTP/1.1" DEFERRED LOGIN whostmgrd: brute force attempt (user root) has locked out IP 72.177.xxx.xx

First check permission of /usr/local/cpanel/3rdparty/bin/awstats.pl, it should be 755.

Then to update awstats and webalizer run the script :


# /scripts/runweblogs user_nameIf that didn't work try fixwebalizer script :


# /scripts/fixwebalizer

If that doesn’t update stats, then check domlogs of the domain and see if it is up to date. You can use the following script to run statistics :


# /scripts/runstatsonce

If none of the above fixes the issue and the awstats page for the domain is still showing the old date for last update, run the following command :


# /usr/bin/perl /usr/local/cpanel/3rdparty/bin/awstats.pl -config=/home/user_name/tmp/awstats/awstats.domain.com.conf -LogFile=/usr/local/apache/domlogs/domain.com -update

Error

Error: Plugin load for plugin ‘geoipfree’ failed with return code: Error: Can’t locate Geo/IPfree.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 . /usr/local/cpanel/3rdparty/bin/lib /usr/local/cpanel/3rdparty/bin/plugins /usr/local/cpanel/3rdparty/bin/plugins) at (eval 2) line 1.

Cpan

cpan install Geo:IPfree

Other info

Log files at /usr/local/apache/domlogs/domain.com
Config for awstats /home/fl/tmp/awstats/awstats.domain.com.conf
Location of all log files – /home/domain/tmp

If the logs are archived – look here – /home/fl/logs

# cd /home/fl/logs
ls -la
domain.com-Nov-2014.gz
domain.com-Oct-2014.gz

Un archive

# tar -xvzf domain.com-Nov-2014.gz
# ls
domain.com-Nov-2014.log

Unarchive the file and run the command to rebuild it

# /usr/bin/perl /usr/local/cpanel/3rdparty/bin/awstats.pl -config=/home/user_name/tmp/awstats/awstats.domain.com.conf -LogFile=/home/user_name/logs/domain.com-Nov-2014.log -update

Location of cpanel access logs

Apache Logs

General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.

Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.

Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.
MySQL Logs

MySQL General Information and Errors:
Location : /var/lib/mysql/$(hostname).err
Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log

For cPanel/WHM, to enable PDO in the system you can use EasyApache:

1. Login to WHM
2. Click Apache Update
3. Click Start Customizing Based on Profile
4. Select an Apache version
5. Click Next Step
6. Select PHP 5
7. Click Next Step
8. Select a version of PHP 5
9. Click Next Step
10. Click Exhaustive Options List button
11. Scroll down to the check box labeled PDO
12. Click Save and Build

Source: https://documentation.cpanel.net/display/1142Docs/Host+Access+Control

You can use the Host Access Control feature to allow or deny clients’ access, based on the IP address, to the following services:
Daemon Name

Service Name
cpaneld cPanel
whostmgrd WHM
webmaild Webmail
cpdavd WebDisk
Allow access for an IP address

To allow an IP address to access a service, perform the following steps:

Enter the service name in the daemon text box. As you type, a list of suggestions will appear.
Enter the IP address or hostname in Access List text box.
You may enter wildcards in this text box.
You cannot enter a range of IP addresses with CIDR notation.
To specify a network range, add /255.255.255.0 to the IP address.
For example, 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use.
Enter allow in the Action text box.
Describe the rule in the Comment text box.
Click Save Host Access List.
Click Reload to delete any changes.

Note:
Icon

You can also enter ALL EXCEPT IP address in the Access List text box. When you enter allow as your action, all of the addresses except for the one that you entered in the Access List will be allowed.

For more information on this option, see the Notes and Additional Documentation sections below.
Deny access from an IP address

To deny access to a service from an IP address, perform the following steps:

Enter the service name in the daemon text box. As you type, a list of suggestions will appear.
Enter the IP address or hostname in Access List text box.
You may enter wildcards in this text box.
You cannot enter a range of IP addresses with CIDR notation.
To specify a network range, add /255.255.255.0 to the IP address.
For example 192.168.0.0/255.255.255.0, where 255.255.255.0 is the desired network mask you want to use.
Enter deny in the Action text box.
Describe the rule in the Comment text box.
Click Save Host Access List.
Click Reload to delete any changes.

Note:
Icon

You can also enter ALL EXCEPT IP address in the Access List text box. When you enter deny as your action, all of the addresses except for the one that you entered in the Access List will be denied.

For more information on this option, see the Notes and Additional Documentation sections below.

Warning:
Icon

If you accidentally lock yourself out of WHM when you use Host Access Control, edit the /etc/hosts.allow file through the command line to unlock yourself.
Allow or deny IP addresses manually

For greater host access control flexibility, you can create rules in the command line. To do this, perform the following steps:

Log in to your server as root.
Open the /etc/hosts.allow file with your preferred text editor.
Follow this format: service : IP address : action.
For example: cpaneld : 192.168.0.0 : allow

Note:
Icon

When you configure your firewall directly, you can use CIDR notation.

On a CentOS or Red Hat Enterprise LInux® system, you can use the iptables utility to manage your firewall.

You can block a specific IP address on CentOS with iptables.
For example, to block 192.168.56.210, run the iptables -A INPUT -s 192.168.56.210 -j DROP command.
You can block a specific port for an IP address
For example, to block port 23 on 192.168.56.210, run the iptables -A INPUT -s 192.168.56.210 -p tcp –destination-port 23 -j DROP command.

Note:
Icon

WHM does not use a hosts.deny file. Deny statements should be added to the /etc/hosts.allow file.
Additional notes

You must enter your allow rules before your deny rules. For example, if you choose to allow access for two IP addresses, but you want to deny access from all other addresses, you can do either of the following:

Create two separate rules:
Create one rule that allows 192.168.0.0/255.255.255.0
Create a second rule that denies access to ALL IP addresses.
Create one rule:
Enter all except 192.168.0.0/255.255.255.0 in the Access List text box.
Enter deny in the Action text box.

Additional documentation

cPanel & WHM Application Catalog — This catalog lists utilities that can help you manage access control to your server.
IP Deny Manager — Use this feature to allow or deny access to an individual site.
ProFTPD Configuration for Host Access Control – This document provides the steps to configure FTP daemons to use Host Access Control