Addressing CVE-2024-6387 Vulnerability in OpenSSH

In today’s digital world, security is paramount. Recently, a critical vulnerability, CVE-2024-6387, was found in OpenSSH. This post offers a straightforward script to help you identify and fix this issue, ensuring your system remains secure. CVE-2024-6387 is a serious flaw in OpenSSH that can allow remote attackers to execute code on your system. Addressing this vulnerability promptly is crucial to …

WordPress Mass Update Script

I recently came across an excellent bash to mass update WordPress installs, which was written by Liz Quilty. This script works well, but unfortunately it did require manually setting paths if you are not using /var/www for your installs. Due to the large and varying number of servers I needed this for, I decided to make some changes so the …

Update Timthumb for All cPanel Users

A simple script to check all cPanel user accounts for timthumb.php(WordPress) and update them to the latest version if needed. Also checks for timthumb being used as thumb.php. Uses check to insure thumb.php is not affected for scripts like joomla, which does not use timthumb.

cPanel – Fix Ownership of /home/user

I recently had an issue with incorrect ownership of all files under /home/user/ due to mismatched UIDs after a cPanel server restore. The following script took care of this in no time. echo -e “Checking ownership of /home/user \n” for i in `ls /var/cpanel/users/` do if [ “$i” != “root” ]; then chown -R $i:$i /home/$i chown $i:nobody /home/$i/public_html /home/$i/.htpasswds …

cPanel Webmail Direct Login Script

A simple and configurable script for direct login to the cPanel webmail applications(Horde, SquirrelMail, RoundCube). <?php // Modified version of the standard cPanel login page to allow direct login to a specific webmail application. // Must set $host , $login_path , and $mail_app, defaults to cPanel proxy subdomains and SquirrelMail $host = ‘example.com’; // Uncomment one of the following to …

cPanel Email Filter for IP Range

I recently needed to block a large amount of incoming email via IP range in cPanel for a single account versus blocking the IP range on the entire server. This was accomplished using cPanel’s Account Level Filtering for Mail. Here is the filter setting using 192.168.0.0/24 as an example. Rules: Any Header matches regex 192\.168\.\d{1,3}\.\d{1,3} Action: Discard Message