Disable Clamd
Jul 13, 2007
we have a dedicated with 1 only customer that use server x mailing
we would disable clamd because is not used in this situation
we have disable, any day ago, from 'service manager' of WHM but now we see this under "today cpu usage":
Top Process %CPU 67.5 /usr/sbin/clamd
Top Process %CPU 44.0 /usr/bin/perl -w /usr/sbin/eximstats
Top Process %CPU 25.9 /usr/sbin/clamd
View 8 Replies
Aug 3, 2008
I'm running WHM 11.15.0 cPanel 11.18.3-R21703 CENTOS Enterprise 4.5 i686 on virtuozzo - WHM X v3.1.0. I'm on a fully managed plan. Clamd has been using over 20% of my VPS's memory lately. I restart Exim and it drops it back to under 10% but it usually builds back up to 20% in an hour or so. My host basically says that this is the nature of the beast and is suggesting disabling clam altogether but I'm not sure if that's a good idea. I have never even received an email that had a virus removed by clam that I'm aware of. I'm pretty sure my clients are all using some sort of AV anyway. So maybe I don't need it?
View 4 Replies
View Related
Jun 8, 2008
my box is down, in WHM is shown, that clamd is failed.
try to restart it
and got
Code:
root@host [~]# clamd restart
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
LibClamAV Error: cli_cvdload(): Can't create temporary directory /tmp/clamav-07c 775ef49c83a4a0a977c8a373c51a9
LibClamAV Error: Can't load /usr/share/clamav/daily.cvd: Unable to create tempor ary directory
ERROR: Unable to create temporary directory
View 10 Replies
View Related
Apr 17, 2008
I have a VPS that started sending me emails last night (in mass) giving me failures saying
clamd failed @ Thu Apr 17 13:11:50 2008. A restart was attempted automagically.
I ran a yum update, and since the server isn't critical I just gave it a restart. Still getting the errors, I checked the boot.log file, where I saw errors like:
Apr 17 12:37:56 host exim: Starting clamd:
Apr 17 12:37:56 host clamd: ERROR: Parse error at line 299: Unknown option ArchiveMaxCompressionRatio.
Apr 17 12:37:56 host clamd: ERROR: Can't open/parse the config file /etc/clamd.conf
Apr 17 12:37:56 host exim: ERROR: Can't open/parse the config file /etc/clamd.conf
Apr 17 12:37:56 host exim: clamd startup failed
The clamd.conf file hasn't been edited since it was installed in August, I'm not sure why it decided to have issues now. So I just commented out the ArchiveMaxCompressionRatio directive in the config file to get it up and running again.
I have no knowledge of ClamAV (clamd), so I'm not sure exactly what it archives or how it compresses it, but I was just wondering if this will a) cause any noticeable issues and/or b) if theres a new directive equivalent to this one I should use instead (man just said "outdated").
View 6 Replies
View Related
Dec 12, 2007
On 11/29/07, I posted the following question, but have received no replies to date:
Quote:
TITLE: Are frequent failure notices common with VPS hosting?
We have a VPS1 account at Liquid Web ($60/month). Below I have copied just the most recent series of failure notices (clamd, cpsrvd, exim, ftpd, mysql, pop, spamd). We tend to receive these by e-mail on a fairly regular basis, accompanied by the usual message "A restart was attempted automagicly."
Since March 2006, when we first switched our web host to LW, there have been well over a hundred of them.
My question is: Are such frequent failures commonplace (i.e.: benign) on a VPS, or should I be concerned about them?
I usually check our web site after receiving each notice, and it is always up by the time I get there. Nevertheless, it would be nice to know if all these occurrences are considered normal. For example, 19 exim failures over a 6.5-hour span on 9/29/07 do seem a bit extreme.
If anyone reading this thread is technically inclined, I'd like to know what process or hardware state is usually responsible for causing such failures.
FYI, I use cPanel in my web browser to administer the site from a Macintosh computer running OS 9.2.2. I have never used SSH, and have also never read any raw logs. If I did, I'm not sure what they would tell me about this, anyway.
I should also say that our site uses nowhere near the capacity provided by our VPS1 account. We are well below the maximum HD space and monthly allowable bandwidth. The site uses only standard HTML, text include files, and GIF/JPG graphics files; no streaming. There is only limited use of a CGI script for routine form submissions, and currently there are no PHP scripts running for BBs, calendars, blogs, chat rooms, or any MySQL databases being used. In short, I would think that the site places little load on the server or its processes.
I would greatly appreciate any feedback.
cpanel @ host.xxxxxx.net 9/9/07, 11:53 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:06 AM mysql on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:06 AM spamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:07 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:07 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM ftpd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM named on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/10/07, 2:08 AM pop on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/27/07, 11:42 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 12:59 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:30 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:39 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 1:58 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:10 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:22 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:31 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:41 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 2:50 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:00 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:40 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:50 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 3:59 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:09 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:19 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:28 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 9/29/07, 7:37 AM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 10/7/07, 11:41 PM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/8/07, 12:42 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/19/07, 12:37 PM exim on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/21/07, 12:43 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/22/07, 12:44 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/23/07, 12:42 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 11:32 AM cpsrvd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 11:44 AM pop on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/25/07, 12:06 PM spamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 11/29/07, 12:41 AM cpsrvd on host.xxxxxx.net failed
This morning, I received a total of 17 failure notices over the span of 2h19m, as follows:
cpanel @ host.xxxxxx.net 12/12/07, 3:26 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:36 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:44 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 3:53 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:02 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:11 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:19 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:28 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:36 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:45 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 4:53 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:02 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:11 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:19 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:28 AM clamd on host.xxxxxx.net failed
cpanel @ host.xxxxxx.net 12/12/07, 5:36 AM clamd on host.xxxxxx.net failed
cpanel@ host.xxxxxx.net 12/12/07, 5:45 AM clamd on host.xxxxxx.net failed
(Note that our real host name has been replaced above with "xxxxxx" to prevent possible spamming.)
I would appreciate any comments from experienced VPS customers or technicians, as to whether these incidences are considered normal with all VPS accounts, or if they might be indicative of a more severe problem with our web host's (Liquid Web) server.
As I mentioned on 11/29/07, "I use cPanel in my web browser to administer the site from a Macintosh computer running OS 9.2.2. I have never used SSH, and have also never read any raw logs. If I did, I'm not sure what they would tell me about this, anyway."
In the course of reading a number of posts in another WHT thread, there seems to be little agreement on the possible causes. Some have suggested that (1.) there may be "no space left on the device"; (2.) we may be "out of Semaphores" (I have no idea what those are!); (3.) we may be "out of RAM"; (4.) "/tmp is full"; or that (5.) "something is wrong with /tmp permission."
When I inquired in 2006 to Liquid Web's technical support about these recurrent failures, I was told that they are normal with this sort of hosting account. We pay them a hosting fee with the expectation of receiving an accurate diagnosis, but it would be very helpful to receive some impartial, third-party input.
View 2 Replies
View Related
Oct 20, 2008
Our security comlience test got failed due to following reason
Synopsis:
The remote service encrypts traffic using a protocol with known weaknesses.
Description:
The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.
Solution:
Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.
We have Cpanel RHEL server. Please advise how to:
'disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See for Apache.'
View 12 Replies
View Related
Jun 10, 2009
I've seen for securing PHP recommends putting parse_ini_file() in the disable_functions line in php.ini but I cannot find an exact reason why. This being disabled is causing an error message to appear on some of my users sites but I'm trying to find a clear cut reason why it is disabled.
View 12 Replies
View Related
Oct 25, 2009
is it possible to disable log rotate? I can't seem to find the cron under my weeklys or dailys nor monthlys unless it's named "mad-db" but is there a way to make it say yearly? or just disable it all together? I say this because the script I use has a function already to clear the logs and when log rotate runs it kills all processes going by the script
View 8 Replies
View Related
May 24, 2009
I have disabled auditd
Code:
root@server48 [~]# chkconfig --list |grep audit
root@server48 [~]# rpm -qa|grep audit
audit-libs-1.7.7-6.el5_3.3
audit-libs-1.7.7-6.el5_3.3
audit-libs-python-1.7.7-6.el5_3.3
root@server48 [~]# lsmod |grep audit
root@server48 [~]#
root@server48 [~]# ps aux|grep audit
root 532 0.0 0.0 0 0 ? S< May17 0:00 [kauditd]
root 20690 0.0 0.0 61180 740 pts/0 R+ 06:12 0:00 grep audit
root@server48 [~]#
I still get audit on /var/log/messages
Quote:
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.625:179651): user pid=19715 uid=0 auid=0 msg='PAM: accounting acct="root" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:01 server48 kernel: type=1101 audit(1243163401.716:179652): user pid=19716 uid=0 auid=0 msg='PAM: accounting acct="youtubet" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
May 24 06:10:02 server48 kernel: type=1101 audit(1243163402.087:179656): user pid=19719 uid=0 auid=0 msg='PAM: accounting acct="vidzboxc" : exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron res=success)'
How do i disable auditd completely?
View 1 Replies
View Related
Jul 18, 2009
any one can apply php scripts under cpanel like:
domain.com:2082/scripts.php
I have run phpinfo for looking for cpanel php.ini I have
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
I renamed /usr/local/cpanel/3rdparty/etc to /usr/local/cpanel/3rdparty/etc.OLD
then restart the server I am still get cpanel php work and phpinfo give :
Configuration File (php.ini) Path /usr/local/cpanel/3rdparty/etc
how to disable cpanel php to prevent some one exploit php to hacking my server?
View 5 Replies
View Related
Apr 13, 2008
I've a VPS to run my only one website. As I don't use ftp, I'd like to know how to disable it.
I tried WHM -> Service Configuration -> Service Manager, then uncheck ftpd, but it's still there
View 6 Replies
View Related
Jul 29, 2008
I want to disable WHM/Cpanel.because client purchase dedicate server from us and he want to access from command line and no WHM/Cpanel so how can i do it and it will be effect on any service because i have installed all the service like dns, exim and http from WHM.
View 3 Replies
View Related
Dec 5, 2008
I installed APF/BFD a log time ago on my centos server and have had no problems up until now.
Approx 3 days ago, the server was uncontactable by SSH/HTTP/FTP. So I ran a traceroute and the host confirmed the box was up with no problems.
He disabled IPTables and I was allowed in. Anyway, overnight, the same thing has happenned again.
I will have to SSH in from another IP however, my main question is how do I disable IPTables ? Or better still, how do I uninstall APF!
View 4 Replies
View Related
Feb 20, 2008
I got the problem with email running on my server.
That mean, I using my domain email service with other server. Now I hosted a website for this domain on one other server.
Note that the IP for domain and email domains are different (Using managed domain service)
But I got the problem now when email sending from the server (using php email function ) with the website running that will confusing, not sending anymore.
Don't know that you understand my case. But I want to stop email service for this domain on my server, all email just send and receive through other email server.
How can I setup or configure it through SSH?
View 3 Replies
View Related
Apr 9, 2007
I have placed .htaccess to block some ip, when the person ip matches, my server will gives this message "client denied by server configuration", got lots of them everday in my error log, how can I disable this message? I need other error log message but not this message, is there any way I can disable it?
using centos and plesk.
View 2 Replies
View Related
Apr 6, 2008
I have Apache 2.2 using cPanel 11 how do I disable apache I was sure it was using this cmd, /etc/httpd/conf/httpd.conf off When I try that I get permission denied and im logged in with root! I also tried this /etc/httpd/conf/httpd.conf chmod 777 permission denied again. Anyways, I need to disable Apache so LiteSpeed will work and I can dump Apache the unforgiven pos that will dos it recieves a request to visit a webpage. (That is over doing it, Apache is really good just if it gets hit it's down easy.)
View 9 Replies
View Related
Dec 3, 2008
It possible to disable the disable function for all user expect one account for running few application i need shell_exec, passthru, exec these so for other account it possible to disable it?
View 2 Replies
View Related