Post cpanel installation: cpanel / whm is not reachable through port 2086

[silis25]

Hi,

System:

CentOS - 5.6 (Final)
Arch - i686
VPS (Parallels Management)

Problem:

Post cpanel installation - cpanel / whm is not reachable through port 2086 (i.e http://80.244.165.23:2086/)

Observations:

1. Under system processes I can see "cpsrvd - waiting for connections"
2. I use the following procedure to install cpanel

Register a free license of cpanel (IP 80.244.165.23)

Update server

# yum install selinux coreutils binutils make dialog gcc gcc-* glib*
# yum install libexi* libjpe* libpng* gifl* freetype curl curl-* xmlrpc
# yum upgrade kernel*
# yum update

Install Cpanel / WHM

# cpan
> install CPAN
> reload CPAN
> quit

# cd
# wget http://layer1.cpanel.net/cpanel-universal-install.sea
# chmod 700 ./cpanel-universal-install.sea
# ./cpanel-universal-install.sea

Connect to WHM and go through port 2086 - On that point I'm failing

http://80.244.165.23:2086/

If it's a firewall issue, how do I enable that port (I use Parallels Management)?
Am I missing a crucial step?

Please help me

 

[Infopro]

Have you followed this guide properly? looking at your notes it seems no.

 

[cPanelTristan]

Why precisely was selinux installed?

yum install selinux

Selinux isn't supposed to be enabled on cPanel machines. You'll need to disable it if it is enabled:

sestatus

If that shows selinux as enabled, then go to /etc/selinux/config and modify the enabled line to have disabled and reboot the machine at that point.

Next, check your firewall on the machine:

/sbin/iptables -n -L

Please post the firewall results here.

 

[silis25]

Why precisely was selinux installed?

yum install selinux

Selinux isn't supposed to be enabled on cPanel machines. You'll need to disable it if it is enabled:

sestatus

If that shows selinux as enabled, then go to /etc/selinux/config and modify the enabled line to have disabled and reboot the machine at that point.

Next, check your firewall on the machine:

/sbin/iptables -n -L

Please post the firewall results here.

Thanks alot for your response:

Sesstatus

files]
/etc/passwd
/etc/shadow
/bin/bash
/bin/login
/bin/sh
/sbin/agetty
/sbin/init
/sbin/mingetty
/usr/sbin/sshd
/lib/libc.so.6
/lib/ld-linux.so.2
/lib/ld.so.1

[process]
/sbin/mingetty
/sbin/agetty
/usr/sbin/sshd

Firewall

root@letthemstare [~]# /sbin/iptables -n -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
acctboth all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
acctboth all -- 0.0.0.0/0 0.0.0.0/0

Chain acctboth (2 references)
target prot opt source destination
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:80
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:80
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:25
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:25
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:110
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:110
icmp -- 80.244.165.23 0.0.0.0/0
icmp -- 0.0.0.0/0 80.244.165.23
tcp -- 80.244.165.23 0.0.0.0/0
tcp -- 0.0.0.0/0 80.244.165.23
udp -- 80.244.165.23 0.0.0.0/0
udp -- 0.0.0.0/0 80.244.165.23
all -- 80.244.165.23 0.0.0.0/0
all -- 0.0.0.0/0 80.244.165.23
all -- 0.0.0.0/0 0.0.0.0/0
root@letthemstare [~]#

 

[cPanelTristan]

Hello,

The command would be "sestatus" rather than "Sesstatus"

Linux is case sensitive and doesn't handle misspellings well, so you'd need to enter the command exactly as indicated. If selinux is enabled, it needs to be disabled and the machine rebooted as I indicated.

The firewall doesn't indicate any reason port 2086 wouldn't be working. If you cannot get it working after disabling selinux and rebooting the machine, then please open a ticket using the link in my signature for us to investigate further.

Also, if you could check the cPanel error log at /usr/local/cpanel/logs/error_log location to see if it's reporting any issues on trying to load cPanel, that would be helpful.

Thanks!

 

[silis25]

selinux is disabled.
I rebooted the machine.
I asked for assistance from support but it was concluded that it's probebly a firewall issue and no solution was provided.
I'm truley interested in buying cpanel but I can't get it to work.
I've added below my current confiuration:

root@letthemstare [~]# /sbin/iptables -n -L
Chain INPUT (policy DROP)
target prot opt source destination
VZ_INPUT all -- 0.0.0.0/0 0.0.0.0/0
acctboth all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2086
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2087

Chain FORWARD (policy DROP)
target prot opt source destination
VZ_FORWARD all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy DROP)
target prot opt source destination
VZ_OUTPUT all -- 0.0.0.0/0 0.0.0.0/0
acctboth all -- 0.0.0.0/0 0.0.0.0/0

Chain VZ_FORWARD (1 references)
target prot opt source destination

Chain VZ_INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:32768:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:32768:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8880
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
ACCEPT tcp -- 127.0.0.1 127.0.0.1
ACCEPT udp -- 127.0.0.1 127.0.0.1

Chain VZ_OUTPUT (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8880
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8443
ACCEPT tcp -- 127.0.0.1 127.0.0.1
ACCEPT udp -- 127.0.0.1 127.0.0.1

Chain acctboth (2 references)
target prot opt source destination
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:80
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:80
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:25
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:25
tcp -- 80.244.165.23 0.0.0.0/0 tcp dpt:110
tcp -- 0.0.0.0/0 80.244.165.23 tcp spt:110
icmp -- 80.244.165.23 0.0.0.0/0
icmp -- 0.0.0.0/0 80.244.165.23
tcp -- 80.244.165.23 0.0.0.0/0
tcp -- 0.0.0.0/0 80.244.165.23
udp -- 80.244.165.23 0.0.0.0/0
udp -- 0.0.0.0/0 80.244.165.23
all -- 80.244.165.23 0.0.0.0/0
all -- 0.0.0.0/0 80.244.165.23
all -- 0.0.0.0/0 0.0.0.0/0

root@letthemstare [~]# sestatus
SELinux status: disabled

root@letthemstare [~]# telnet 80.244.165.23 2086
Trying 80.244.165.23...
Connected to 80.244.165.23.
Escape character is '^]'.
GET
Connection closed by foreign host.

root@letthemstare [~]# lsof -i :2086
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cpsrvd-ss 1536 root 7u IPv4 231550891 TCP *:gnunet (LISTEN)

root@letthemstare [~]# lsof -i :2087
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
cpsrvd-ss 1536 root 8u IPv4 231550892 TCP *:eli (LISTEN)

root@letthemstare [~]# ps -ef|grep cp
root 1382 1370 0 Jul08 ? 00:00:00 /usr/bin/perl /usr/local/cpanel/bin/leechprotect
root 1536 1 0 Jul08 ? 00:00:00 cpsrvd - waiting for connections
root 1539 1 0 Jul08 ? 00:00:00 cpdavd - accepting connections on 2077 and 2078
root 1587 1 0 Jul08 ? 00:00:00 cpanellogd - sleeping for logs
root 8058 7617 0 11:48 pts/0 00:00:00 grep cp

root@letthemstare [~]# telnet 80.244.165.23 2087
Trying 80.244.165.23...
Connected to 80.244.165.23.
Escape character is '^]'.
GET
Connection closed by foreign host.
root@letthemstare [~]#

error_log:

[2011-07-08 17:06:40 +0300] warn [cpsrvd] No working dig found! at /usr/local/cpanel/Cpanel/DnsRoots.pm line 513
Cpanel::DnsRoots::_getdigutil() called at /usr/local/cpanel/Cpanel/DnsRoots.pm line 407
Cpanel::DnsRoots::_dig('cachetime', 30, 'nsips', ARRAY(0x8287448), 'query', 'auth.cpanel.net') called at /usr/local/cpanel/Cpanel/DnsRoots.pm line 147
Cpanel::DnsRoots::_find_nameservers('auth.cpanel.net', 30, HASH(0x9d84278)) called at /usr/local/cpanel/Cpanel/DnsRoots.pm line 55
Cpanel::DnsRoots::fetchnameservers('auth.cpanel.net') called at /usr/local/cpanel/Cpanel/DnsRoots.pm line 343
Cpanel::DnsRoots::_resolveIpAddress('auth.cpanel.net') called at /usr/local/cpanel/Cpanel/CpKeyClt.pm line 328
eval {...} called at /usr/local/cpanel/Cpanel/CpKeyClt.pm line 322
Cpanel::CpKeyClt::cpkeyclt() called at perl/Cpanel/cpsrvd.so line 28
Building global cache for cpanel...Done
-- RESTART MARKER (PID 1462 at 1310134077)--
Building global cache for cpanel...Done
[2011-07-09 02:16:51 +0300] warn [quotacheck] contact info could not be loaded for: root at /usr/local/cpanel/scripts/quotacheck line 127

 

[cPanelMichael]

Hello

Upon checking the support ticket you opened, it appears there is a firewall or router configuration outside of your server that is blocking access to the required ports. Could you contact your data center or hosting provider and have them ensure they are not restricting access to the ports required for cPanel? You can find a full list of all ports that should be open at:

Ports Required For cPanel

Thank you.