Live Help


Skype Chat
Yahoo Chat

Client portal

  • October 25, 2016 by Benny K
  • We started to see down monitoring for all our indonesia servers from 3AM local time and have alerted our upstream for this. Upon further investigation by ISP, there was a fiber cut near IDC Duren 3 and the upstream has been working to resolve the issue
  • October 24, 2016 by Benny K
  • The Festivals of Lights is here... And everything seems to sparkle and shine. SOSYS.NET wishes those who celebrate a very Happy, Prosperous and Safe Diwali!
To cancel your account, please write an email to to indicate that you wish not to be renewed further.

If you wish to have your account to be backup and sent to some place, please let us know.
To view your past invoices and your packages, you may go to your client area at
1. Login using your email address and password.
2. Navigate to Billing -> Invoices
If you are on shared/reseller hosting and is within 30 days since your first purchased, you can request for refund (100% refund minus the domain fee at SGD $15) to if you are not satisfied with our service.

Domain name is yours to keep and it's not refundable due to ICANN rules and regulation.

If you are a returning customer, refund is not allowed.

Refunds for web development or web maintenance or VPS/Dedicated service is not allowed.

When you get the error Table piwik_log_visit is marked as crashed and last (automatic?) repair failed. it means that the Mysql tables got partially corrupt and must be repaired. This problem may occur for various reasons (such as missing space on the disk) but it should occur very rarely.

It is possible to solve this problem by connecting to your Mysql server and executing the following queries:

<code>REPAIR TABLE piwik_log_visit;

(replace piwik_log_visit with the name of your crashed table as it appears in the error message)

This may not work, in which case use the following solution:

<code>cd /var/lib/mysql/your_piwik_database
myisamchk -r -v -f ./piwik_log_visit

Your tables should now be repaired and Piwik up and running!

If the above failed, you can use -o option, which is the safemode

*taken from

To confirm your payment, please drop us an email at
If you do not receive any reply within 24 hours, please do not hesitate to contact us by phone/live chat.

You may be familiar with ClamAV and Maldet (aka Linux Malware Detect). They're widely known as two excellent choices for identifying malware. What you may not realize, however, is that they can be used together. The benefit of doing this is a faster, more effective malware scan meaning you're more likely to identify potential threats. 

This tutorial is based around cPanel systems, and will require changes on other platforms.

Installing ClamAV via WHM1) Login to WHM (Web Host Manager) as the root user
2) Navigate to: Home » cPanel » Manage Plugins
3) Tick the Install and keep updated box
4) Click on SaveInstalling ClamAV via SSH
This command tells the system that we want ClamAV to be listed as installed by the local RPM system:

/scripts/update_local_rpm_versions --edit target_settings.clamav installed

This command is the one responsible for installing the ClamAV RPM on your server:

/scripts/check_cpanel_rpms --fix --targets=clamav

Installing Maldet
1) Login to SSH as the root user
2) Execute the below commands:

cd /usr/local/src/
tar -xzf maldetect-current.tar.gz
cd maldetect-*
sh ./

Updating the applications

Let's ensure both applications are up-to-date now:

maldet -d
maldet -u

Linking the two together. If you were to run a Linux Malware Detect scan now, it would run with no problem, however, it would not include ClamAV's definitions, therefore slowing down the scan completion time and threat detection ratio. To solve this, we must create two symbolic links, as follows:

ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/local/bin/clamscan
ln -s /usr/local/cpanel/3rdparty/bin/freshclam /usr/local/bin/freshclam

Running a malware scan

Now, when you run a Maldet scan, you'll have the best of both worlds (think of it as ClamAV and Linux Malware Detect teaming up). Say you wanted to run a malware scan of /home, you could do so with:

maldet -a /home/?

The above command will scan all files and directories within the /home directory, which is where the content for cPanel accounts is stored. 

Below is a sample output of what you should see:

root@server [~]# maldet -a /home/?
Linux Malware Detect v1.4.2
  (C) 2002-2013, R-fx Networks <>
  (C) 2013, Ryan MacDonald <>
inotifywait (C) 2007, Rohan McGovern <>
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(5196): {scan} signatures loaded: 10727 (8823 MD5 / 1904 HEX)
maldet(5196): {scan} building file list for /home/*, this might take awhile...
maldet(5196): {scan} file list completed, found 14974 files...
maldet(5196): {scan} found ClamAV clamscan binary, using as scanner engine...
maldet(5196): {scan} scan of /home/* (14974 files) in progress...

maldet(5196): {scan} scan completed on /home/*: files 14974, malware hits 0, cleaned hits 0
maldet(5196): {scan} scan report saved, to view run: maldet --report 031515-1147.5196
root@server [~]#

When you are doing some mysqlcheck autorepair option, sometimes you would see a crash table like this:



Error    : Table './warungko_iklobcom/wp_commentmeta' is marked as crashed and last (automatic?) repair failed

Error    : Table 'wp_commentmeta' is marked as crashed and last (automatic?) repair failed

error    : Corrupt


error    : Can't create new tempfile: './warungko_iklobcom/wp_commentmeta.TMD'

status   : Operation failed


To fix this issue, simply go to the folder that contains this table (for example: /var/lib/mysql/warungko_iklobcom ) and then type: 

myisamchk -r -f wp_commentmeta.MYI

It will produce output like:

- recovering (with sort) MyISAM-table 'wp_commentmeta.MYI'

Data records: 6

- Fixing index 1

- Fixing index 2

- Fixing index 3

If you are using Filezilla to connect to our server, you may experience frequent disconnect and may also result in lockout. This is because the firewall setting in our server that track the number of connections made by FTP session. If you use a default Filezilla setup, it will be using passive connection. This type of connection will result opening multiple connection via passive port to the server, and the firewall will block this type of connections to prevent any DDOS or SYN FLOOD.

To tackle this issue, we always recommend the customers to do the following:

  1. Zip your files in your computer, then upload it via File Manager, and use the extract feature in the File Manager. You may do the same if you would like to download multiple files in our server. There is compress feature in the file manager as well
  2. Change your Filezilla connection to Active (go to Edit -> Settings -> look for Connection (FTP) and choose "Active" for transfer mode. Untick "Allow fallback to other transfer mode on failure".
  3. Otherwise, you can connect via FileZilla and use SFTP instead (add "sftp://" for the URL and use port 2200)

If you still have issue, please feel free to email for unblocking your  IP address in our firewall.

if you are locked out, you can either restart your internet modem in hoping to get new ip address.

But, you can use to execute the following script via WHM


To do so type the following line into your browser’s address bar:

Still if you not able to login to the server. You may use the following way to get the cPHulk database flushed. 

cPHulk stores all of its information in a database called cphulkd. There are two tables of interest: logins and brutes 
The logins table stores login authentication failures. The brutes table stores other authentication failures indicative of a brute force attack

You can check it as I did, login to the server as root using SSH and got to mysql prompt

root@loudwater [~]# mysql

mysql> connect cphulkd

To get your self unblocked first check the blacklisted IPs

mysql> select IP, LOGINTIME from logins order by LOGINTIME;

mysql> select IP, BRUTETIME from brutes order by BRUTETIME;

mysql> delete from brutes;

mysql> delete from logins;

If you wish to disable cPHulk use following command

/usr/local/cpanel/bin/cphulk_pam_ctl –disable

To enable cPHulk use

/usr/local/cpanel/bin/cphulk_pam_ctl –enable

DSO (mod_php)

DSO is also known as mod_php. DSO stands for: Dynamic Shared Object. This is an older configuration but is generally considered the fastest handler. It runs PHP as an Apache module. This means that PHP scripts will run as the Apache user, which is the user: ‘nobody’.

DSO has two drawbacks. First, all files created by a PHP script will have the ownership of ‘nobody’. They will not be readable from the web. Websites that need to upload files through PHP will run into file permission issues. This is common with WordPress users that upload files through the WordPress interface or utilize the auto-update feature. These will fail with DSO.

The second drawback is a security issue. Created files will have the ‘nobody’ ownership. If a hacker finds an exploit in your PHP script, they could implement a file that has the same privileges as important system files that are also owned by ‘nobody’. This will give them the ability to modify files outside of that user’s account. This is really bad for anyone who does reselling or simply is hosting other person’s sites. You would not one user to be able to affect another user. However, if there is only one account on the server (or if all the accounts are yours), then DSO may be right for you. The speeds benefits of DSO are unquestionable.

An easy way to prevent the hack issue is to always keep your site’s software up to date. Check with your PHP script’s developer to keep up on the new releases. If you are the only one being hosted on the server, this is easy to do as it’s part of your webmaster duties already. However, if you’re reselling, it would be unreasonable to expect all your user’s to keep their software up to date. They simply may not be as diligent as you.

DSO’s low CPU usage typically amounts in higher speeds and load times over most other handlers. It is also the default setting on most servers.


CGI stands for: Common Gateway Interface. The CGI handler will run PHP as a CGI module as opposed to an Apache module. CGI still runs PHP processes as the Apache ‘nobody’ user. However, if you have suEXEC enabled, it will allow you to see the user that made the request.

The CGI method is intended as a fallback handler for when DSO is not available. According to cPanel’s own documentation, this method is neither fast nor secure, regardless of whether or not suEXEC is enabled.


suPHP stands for Single user PHP. suPHP also runs PHP as a CGI module instead of an Apache module. It differs from CGI in that PHP scripts that are called from the web will run under the user that owns them, as opposed to ‘nobody’. suPHP is typically the default handler and is recommended by cPanel for serving PHP because you will be able to see which user owns the account that is running the PHP script.

suPHP is beneficial in that if you are using a file upload tool on your site (such as an automatic updater or theme/plug-in installer for WordPress), the files will already have the right ownership & permissions. Uploading and other WordPress functions will not work without suPHP or FastCGI.

suPHP also offers a security advantage that any php script that is not owned by the particular user (such as another account or root) will not be executable. Also, files that have permissions set to world writeable will likewise be non-executable. This means that if one account is compromised, the malicious scripts will not be able to infect other accounts.

The drawback is that suPHP generally runs a much higher CPU load. In addition, you CANNOT use an Opcode Cache (such as Xcache or APC) with suPHP. It is strongly recommend that you install a caching plug-in to supplement this ned. If you find that your server is still continually struggling with CPU usage, you will want to consider switching to DSO or FastCGI.

*If you DO switch to either suPHP or FastCGI, you will need to update the file permissions and ownership. See my other article for automatic fixperms on cPanel servers:


FastCGI (aka: mod_fcgid or FCGI) is a high performance variation of CGI. It has the security/ownership benefits of suPHP in that PHP scripts will run as the actual cPanel user as opposed to ‘nobody’. The difference with FastCGI is that it can drastically save on CPU performance and give speeds close to that of DSO. It can also be used with an opcode cacher like eAccelerator or APC, which can help further speed the loading of pages.

The drawback is FastCGI has a high memory usage. This is because rather than creating the PHP process each time it is called, like suPHP, it keeps a persistent session open in the background. This is what lets it work with an opcode caching software.

If you like the security/ownership benefits of suPHP and you can afford a major increase in memory usage (meaning you already have a low average memory usage), you may wish to consider using FastCGI.

Comparison Graph

Low CPU usage
Low Memory consumption
Runs PHP as site owner instead of Apache✔ 
only w/ suEXEC
Good security

Special Note for WordPress Users

If you are using WordPress to run your site, please consider the following:

  • Functions that require uploading files to the server (such as Auto-updates or Plug-in/Theme installation) will NOT work unless PHP is loaded as a CGI module. This means they will ONLY work with suPHP or FastCGI. This will ensure they are uploaded with the correct ownership & permissions.
  • CMS platforms such as WordPress will notoriously run a high CPU load. You will want to install a caching plug-in such as WP Super Cache, especially if you are running suPHP. If you find that your server is still continually struggling with CPU usage, you may want to consider switching to DSO or FastCGI.

*taken from

The following is a list of settings that you need to add to /etc/httpd/conf/php.conf upon switching to FastCGI:

MaxRequestsPerProcess 1000
FcgidMaxProcesses 200
FcgidProcessLifeTime 7200
MaxProcessCount 500
FcgidIOTimeout 400
FcgidIdleTimeout 600
FcgidIdleScanInterval 90
FcgidBusyTimeout 300
FcgidBusyScanInterval 80
ErrorScanInterval 3
ZombieScanInterval 3
DefaultMinClassProcessCount 0
DefaultMaxClassProcessCount 3
MaxRequestLen 20468982

You’re more likely to adjust the settings in bold above. DefaultMinClassProcessCount 0 instructs FastCGI to keep zero PHP processes running for user when traffic is idle (cPanel account user) . On the other hand, DefaultMaxClassProcessCount 3 tells FastCGI to never allow more than 3 PHP processes running at a time. This settings prevents one users from crashing the server were they to receive a lot of traffic.

We don't imply max email send out per hour per domain at the moment.
But, if your account is deem as SPAM or sending out email in view of SPAMMING, we will not tolerate and limit your account to only 500 email per hour per domain.
Yes, if you decide to upgrade your account in the middle of your contract, you will get a pro-rated price.
For example, if you are at 1GB package and in the 6th month of your package, you decided to upgrade to 2GB package, then you will pay only pro-rate amount for extra fee of disk space.
We accept credit card payment (Visa/Mastercard/Amex/Discover/JCB) through Paypal gateway for ease of payment.
There is no extra fee/charges when paying via credit card.

For local bank payment, you can choose the following:
1. Indonesia: Bank Mandiri & Bank BCA
2. Singapore: Citibank & Maybank
3. Malaysia: Maybank
When you place an order, the order will be placed using default currency, which is Singapore Dollar. Once order placed, please email to to request to change the currency. At the moment, we only accept Indonesia Rupiah and Malaysia Ringgit

cPanel Partner NOC