If you would like to add additional security to your remote server install, check the Advance Installation Guide (Remote Server)

Needed PHP Functions 

The following functions need to be enabled during the installation and for the cronjob. It does not need to be enabled for systemwide.

Needed Functions

system() posix_getpwuid() fileowner() filegroup() fileperms()

Remote Server Installation Video using One Step Install method

One Step Install

Run the following one step installer, it will install the files onto the remote server for you and install the cronjob.

Installation Commands
cd /tmp; wget -N http://files.baseservers.com/codebox/whmcs-csfunblocker/installer.tar; tar -xvf installer.tar ; chmod +x installer.php; 

To start the installation

php installer.php arg1 arg2

Where

Argument 1 OptionsExplanation
cpanelinstall the files into /var/www/html
cpanel-ea3install the files into /usr/local/apache/htdocs
dainstall the files into /var/www/html


Argument 2 OptionsExplanation
defaultleave the default hash in the settings file alone
randomGenerate a random Hash to replace the default hash in the settings file
Any stringReplace the default hash with the string provided. Avoid using quotes, it will be stripped out.


Example installer command

For ioncube10

cd /tmp; wget -N http://files.baseservers.com/codebox/whmcs-csfunblocker/installer-ioncube10.tar; tar -xvf installer-ioncube10.tar ; chmod +x installer.php; php installer.php cpanel default


For ioncube12

cd /tmp; wget -N http://files.baseservers.com/codebox/whmcs-csfunblocker/installer-ioncube12.tar; tar -xvf installer-ioncube12.tar ; chmod +x installer.php; php installer.php cpanel default

Note 1

When running the one step installer, the installer will use your native php (Usually /usr/local/bin/php) to run the installation commands unless you had specified (Ie; using alt-php). Therefore, if your native PHP have the following functions disabled (system() posix_getpwuid() fileowner() filegroup() fileperms(), then the one step installer will not work properly.

Note 2

To check if the installation is completed properly, check the crontab for root.

If there is a new entry at the bottom of the crontab that runs php CSFUnblockremote.php, then the installer completed successfully. Otherwise, you will need to temporary comment out the disable_function option in the the native PHP's php.ini file (Usually at /usr/local/lib/php.ini).

Once installed, you can -reenable disable_function in the native php.ini file.

To complete the installation, comment out the disable_function in /var/www/php.ini. This php.ini is a copy of the native php.ini the installer had made. You can comment the disable_function line in this php.ini (/var/www/php.ini) and it won't affect your system's security as only the cronjob will be using this php.ini file.

tar: This does not look like a tar archive error when running the installer

Some linux setup (php-fpm) will limit your PHP's access to /tmp. You can run the following command to copy the files to your /var/www/html 

cd /tmp; wget http://files.baseservers.com/codebox/whmcs-csfunblocker/remoteUpload.tar; tar -xvf remoteUpload.tar; mv /tmp/CSFSettings.php /tmp/CSFUnblockremote.php /var/www/html;

For Ioncube 12

cd /tmp; wget http://files.baseservers.com/codebox/whmcs-csfunblocker/remoteUpload-ioncube12.tar; tar -xvf remoteUpload-ioncube12.tar; mv /tmp/CSFSettings.php /tmp/CSFUnblockremote.php /var/www/html;

Once that has been run. Goto /var/www and wait for the cronjob to run, it should auto generate a bunch of new files on the next cronjob.

Note

You can change the /var/www/html to any of your docroot of your choice.

Manual Install

You can find the latest remote module files at this URL

For Ioncube 12

If you want to install it manually, you can upload the files in remoteUpload folder to the remote server's documentroot. Note that the uploaded files must be web accessible using the Web Address listed in the Admin interface.

If the web address is abc.domain.com

Then http://abc.domain.com/CSFUnblockremote.php MUST be accessible publicly

By default cpanel and DirectAdmin will have the document root stored in

/var/www/html/

Once the file is uploaded, you would need to setup a cronjob to run CSFUnblockremote.php

Example,

CronJob Setup

cPanel & DirectAdmin

*/2 * * * * php -c /var/www/php.ini -q /var/www/html/CSFUnblockremote.php cron > /dev/null 2>&1

We are using a local php.ini file so that we don't have to make changes to the system wide php.ini file(/usr/local/lib/php.ini). If your system wide php.ini have the following functions disabled. It is advisable to make a copy of the system wide php.ini and make the cronjob to load the local customized php.ini

Additional Security ($allowIP array)

As of v4.64, we have introduced a whitelist IP array in the CSFSettings.php. By adding your WHMCS server's IP address in the $allowedIP array, it will tell the module to only allow the IP's in the array to have access to the module. 

If left blank, all connections will be accepted if the hash is matching.

Module Removal From Remote Server

If you installed the module using the one step installer then run the following commands to remove the module.

Uninstallation Commands
rm -rf /var/www/html/CSF*;
rm -rf /var/www/csf*;
rm -rf /var/www/*.cluster;
rm -rf /var/www/*.local;

Once the files are removed, you also need to remove the cronjob from root that runs /var/www/html/CSFUnblockremote.php

  • No labels