Recovering MySQL Databases on a Crashed cPanel Server Without Backups
May 3, 2025
How a PostgreSQL Vulnerability Led to a Crypto Mining Malware Infection: An Incident Analysis
May 5, 2025
When a cPanel server experiences file permission issues-after a migration, manual file operations, or a misbehaving script-websites may become inaccessible, emails may fail, or security might be at risk. This script automates the process of fixing file ownership and permissions for one or more cPanel users, ensuring everything is back to a secure and functional state.
Use Case
You may need to run this script when:
- Website files show
403 Forbiddenerrors - Email delivery fails due to
etc/permissions - Files were copied or restored without
--preserveflags - CageFS directories have incorrect modes
How to run the script
for i in `ls -A /var/cpanel/users` ; do ./fixperms $i ; doneThe Script (save as ./fixperms and chmod +x fixperms)
#!/bin/bash
# Script to fix permissions and ownerships for one or more cPanel users
if [ "$#" -lt "1" ]; then
echo "Must specify at least one user"
exit 1
fi
USERS=$@
for user in $USERS; do
HOMEDIR=$(getent passwd "$user" | cut -d: -f6)
if [ ! -f /var/cpanel/users/"$user" ]; then
echo "User file missing for $user, skipping"
continue
elif [ -z "$HOMEDIR" ]; then
echo "Could not determine home directory for $user, skipping"
continue
fi
echo "Fixing ownership and permissions for $user"
# Ownership
chown -R "$user:$user" "$HOMEDIR" >/dev/null 2>&1
chmod 711 "$HOMEDIR" >/dev/null 2>&1
chown "$user:nobody" "$HOMEDIR/public_html" "$HOMEDIR/.htpasswds" 2>/dev/null
chown "$user:mail" "$HOMEDIR/etc" "$HOMEDIR/etc/"*/shadow "$HOMEDIR/etc/"*/passwd 2>/dev/null
# File permissions (parallel)
find "$HOMEDIR" -type f -print0 2>/dev/null | xargs -0 -P4 chmod 644 2>/dev/null
find "$HOMEDIR" -type d ! -name cgi-bin -print0 2>/dev/null | xargs -0 -P4 chmod 755 2>/dev/null
find "$HOMEDIR" -type d -name cgi-bin -print0 2>/dev/null | xargs -0 -P4 chmod 755 2>/dev/null
chmod 750 "$HOMEDIR/public_html" 2>/dev/null
# CageFS fixes
if [ -d "$HOMEDIR/.cagefs" ]; then
chmod 775 "$HOMEDIR/.cagefs" 2>/dev/null
chmod 700 "$HOMEDIR/.cagefs/tmp" "$HOMEDIR/.cagefs/var" 2>/dev/null
chmod 777 "$HOMEDIR/.cagefs/cache" "$HOMEDIR/.cagefs/run" 2>/dev/null
fi
doneThis is a improved script from: https://www.casbay.com/guide/kb/script-to-fix-cpanel-account-permissions-2
