Log into the cPanel server via ssh
root@cpanelserver
run the following command to force update the cPanel license.
/usr/local/cpanel/cpkeyclt
Log into the cPanel server via ssh
root@cpanelserver
run the following command to force update the cPanel license.
/usr/local/cpanel/cpkeyclt
There are multiple ways to view log files, here are some common ways.
tail the log, shows the 10 most recent log entries.
tail /var/log/messages
tail the log and keep monitoring it for new entries.
tail -f /var/log/messages
Find specific info in log file
cat /var/log/messages | grep texttosearch
cPanel Log Paths
Main log
/var/log/messages
Access logs
/usr/local/cpanel/logs/access_log
Access logs for a specific domain
/home/user/access-logs/domainname.com
Account Transfers/miscellaneous logs
/var/cpanel/logs
Auditing Log (Account creation and deletions)
/var/cpanel/accounting.log
Backup Logs
/usr/local/cpanel/logs/cpbackup
CPHULKD Log
/usr/local/cpanel/logs/cphulkd.log
DNSAdmin, DNS Clustering
/usr/local/cpanel/logs/dnsadmin_log
Task Queue Processing Daemon
/usr/local/cpanel/logs/queueprocd.log
DBMapping
/usr/local/cpanel/logs/setupdbmap_log
Easy Apache Build logs
/usr/local/cpanel/logs/easy/apache/
Error logs
/usr/local/cpanel/logs/error_log /var/log/cpanel
License log
/usr/local/cpanel/logs/license_log
local database modifications
/usr/local/cpanel/logs/build_locale_database_log
Login errors CPSRVD
/usr/local/cpanel/logs/login_log
Bandwidth History
/var/cpanel/bandwidth/{USERNAME}
Service Status Logs
/var/log/chkservd.log
Tailwatch log
/usr/local/cpanel/logs/tailwatch_log
Update Analysis Reporting
/usr/local/cpanel/logs/updated_analysis/{TIMESTAMP}.log
Update log UPCP
/var/cpanel/updatelogs/updated.{TIMESTAMP}.log
cPanel Email Logs
Horde log
/var/cpanel/horde/log/
RoundCube
/var/cpanel/roundcube/log/
Squirrel Mail
/var/cpanel/squirrelmail/
Panic log
/usr/local/cpanel/logs/panic_log
Delivery and receipt log
/var/log/exim_mainlog
Incoming mail queue
/var/spool/exim/input/
Log of messages rejected based on ACLS or other policies
/var/log/exim_rejectlog
Unexpected/Fatal error log
/var/log/exim_paniclog
IMAP, POP login attempts, transactions, fatal errors and spam scoring
/var/log/maillog
Mailman
/usr/local/cpanel/3rdparty/mailmain/logs
MySQL
MySQL error log
/var/lib/mysql/{SERVER_NAME}.err
MySQL slow query log (if enabled in my.cnf)
/var/log/slowqueries
cPHulk uses a MySQL database to keep track of different IP’s to block, white list, black list, etc.
When there have been X amount of failed login attempts from an IP, cPHulk adds an entry for the IP in the brutes table.
To “unblock” the IP we need to delete the entry.
open up the cPHulk MySQL database.
root@localhost [~]# mysql cphulkd
If your interested you can view all tables that cPHulk uses.
show tables;
Take a look at all the IP’s in the brutes table.
SELECT IP FROM brutes;
example:
mysql> SELECT IP FROM brutes; +---------------+ | IP | +---------------+ | 30.134.41.221 | <-- IP we want to unblock | 31.134.40.251 | +---------------+ 2 rows in set (0.00 sec) mysql>
To unblock the IP we just need to delete the row that has the IP address we want.
mysql> DELETE FROM brutes WHERE IP="30.134.41.221";
It should return the following.
mysql> DELETE FROM brutes WHERE IP="30.134.41.221"; Query OK, 1 row affected (0.00 sec) mysql>
Exit MySQL.
mysql> exit Bye root@localhost [~]#