Adventures in cPanel and mod_fcgid/Apache mpm_worker

I’ve started using cPanel on my main box, as well as some VPS accounts for a couple of customers. I never really enjoyed using a “Control Panel”, but ever since moving to cPanel I’ve actually enjoyed the experience. Previous to cPanel I was mostly using scripts I’ve coded in perl, which worked well. But there was no way to provide the users with control without writing lots of lines of code. Why re-invent the wheel?

Before cPAnel I use to run Apache2/mod_fcgid/mpm_worker with an entirely custom configuration. cPanel comes with something called EasyApache, which allows you to go step by step through how Apache and PHP will be configured and setup. It will download the required source and then build, all automatically unless something breaks which is rare.

EasyApache supports mpm_worker and mod_fcgid, which builds and works for the most part. The only exception is the fact that are issues with mod_fcgid/2.3.5 that seems to leave left over PHP processes. These processes sit idle while eating up memory, eventually if you have enough of them your machine will run into “OOM\Out Of Memory Errors”. Which is ugly. I have a post up on cPanel’s forum:

http://forums.cpanel.net/f5/lost-abandoned-php-processes-apache-2-2-17-mod_fcgid-2-3-5-suexec-180571.html

There has been a suggestion to upgrade to mod_fcgid/2.3.6 which I’ve done and still seem to have

How to Combat Conficker on a Large Network

The following is information and tools for dealing with a Conficker Outbreak on a Large Enterprise Network with lots of clients.

How to unlock all of your Active Directory Accounts with a script.

Const ADS_SCOPE_SUBTREE = 2
Const ADS_UF_LOCKOUT = &H10

Set objRootDSE = GetObject(“LDAP://rootDSE”)
strDNSDomain = objRootDSE.Get(“defaultNamingContext”)

Set objCommand = CreateObject(“ADODB.Command”)
Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”
objCommand.ActiveConnection = objConnection

StartNode = strDNSDomain
SearchScope = “subtree”

‘Filterstring = “(&(objectCategory=Person)(objectClass=User)” _
‘& “(userAccountControl:1.2.840.113556.1.4.803:=16))” ‘find locked out accounts (bitwise)

Filterstring = “(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))”   ‘not sure which is better

Attributes = “adspath”

LDAPQuery = “<LDAP://” & StartNode & “>;” & FilterString & “;” _
& Attributes & “;” & SearchScope

objCommand.CommandText = LDAPQuery
objCommand.Properties(“Page Size”) = 100
objCommand.Properties(“Timeout”) = 30
objCommand.Properties(“Cache Results”) = False
Set objRecordSet = objCommand.Execute

If NOT objRecordSet.eof Then
objRecordSet.MoveFirst
While Not objRecordset.EOF
Set objuser = GetObject(objRecordSet.Fields(“AdsPath”).Value)
objUser.IsAccountLocked = False
objUser.SetInfo
objRecordSet.MoveNext
Wend
End If

objRecordset.Close
objConnection.Close
Set objRootDSE = Nothing
Set objConnection = Nothing
Set objRecordSet = Nothing

msgbox “All users are now unlocked!”

WScript.Quit(0)