Shameer's Blog

Move an account to another server?(Applicable for Cpanel server only)

2009-06-21T14:13:00.000-07:00

1: check for the username of the account.

# cat /etc/userdomains | grep domain.com

2: Take the backup of that account:

# /scripts/pkgacct

3: Make this backup file available for download:

# cp cpmove-username.tar.gz /usr/local/apache/htdocs/

4: Download it under /home directory on new server:

# wget http://oldserver’s IPaddress/cpmove-username.tar.gz

5. You can restore it with a using following script.

# /scripts/restorepkg

This will restore your account on new server as it was old server, just make sure the version of php, mysql and format of mailbox on both server.

How can I debug problems with an email account ?

2009-06-21T13:59:00.000-07:00

Ans:

Trace the path of the email when sent from the server and see what path it follows:

#exim –d2 –bt user@domain.com or

1. check for error if any under /var/log/exim_mainlogs files for email account.

2. check the MX record for the domain.

3.check if the email account exists on server.

4.check for the entry of domain /etc/localdomains, /etc/userdomains, /etc/valiases/domain.com and /etc/vfilters/domain.com

5.Make sure that the exim is upto date.

Preventing Spam with antivirus.exim

2009-06-21T13:39:00.000-07:00

Hey,

Check the follwoing URL's , It will give you a good tutoial for preventing spam with anitvirus.exim

http://www.webhostgear.com/338_print.html

http://www.webhostgear.com/index.php?art/id:338

Transfer accounts to a new server without downtime

2009-06-21T13:38:00.000-07:00

The following doc will help you to transfer accounts to a new server

1. Sign up for any web hosting package before cancelling your old web hosting account.

2. Download your entire old web site using a FTP program, or using cPanel backup utility. Then upload your entire web site to your new web hosting account by FTP or using cPanel backup utility again. If you are using FTP, you will need to re-chmod your folders if you are running scripts.

3. After you have moved all your files to your new account, you need to change your domain name's name servers. Make sure everything is working by using a temporary address at your new hopefully great web host before you update your nameservers. Then go to where you registered your domain name or email them directly. Update your name servers to the NEW name servers your new host emailed you when you signed up.

4. After 24-72 hours your domain will be fully propegated and pointing to your new web hosting home.

5. You can now cancel your old web hosting and your web site should be fully up and running on your new account.

Here is an easy way to take Full Back up to your New Host Account, even before your Domain name server is resolved to New Name Server.

Old Host:

1. Go to Control Panel

2. Click on Back up

3. Click on "Generate Full Backup"

4. Choose "Remote FTP Transfer"

5. Remote FTP Server: Type the IP address of your New Host Here

6. Remote FTP Server User: Type the username of New Host Account

7. Remote FTp Password: Type the Password of New Host Account.

8. Click ok

After few Minute... (Depending upon the File Size)

New Host

1. Go to Control Panel

2. Click on File Manager

3. On Home Directory, you will see the back up file, if not wait for some time and check again.

4. Do not click on that backup file or try to extract it. It should be restored by your System Administrator.

5. Submit a support ticket requesting a Cpanel restore. Give all detail. It is good to mention the backup file name and file size.
6. Once you hear from that cPanel backup was sucessfully restored, you can change the Name server, so that without any interruption your will site will be up and running.

Network based Linux Installation via HTTP, FTP, NFS

2009-06-21T13:37:00.000-07:00

Network based Linux Installation

Introduction:
Many versions of Linux allow installing operating system using network connection with the help of kickstart server. This type of installation is however faster than installation using CDs process could be automated.
Here is the procedure to install Linux remotely:
• Connect the client machine to installation server which has already loaded with installation files.
• Boot installation client from bootable CD
• There are there methods of installation to choose from i.e. FTP, HTTP and NFS with network parameters.
• The installation process will start and you can select installation method from the available options.
Configuring Kickstart Installation Server:
Kickstart installation server could be configured on FTP, NFS and Apache Server by using the following procedure.
Kickstart is however easy using a web server because:
• Kickstart server need to be located on remote location, passing it through firewall and rules of firewall for HTTP is somehow easy to configure as compared to FTP and NFS.
• Kickstart can use :// nomenclature to access files and it is more easy and familiar for users with respect to NFS and FTP and this is crucial for automatic kickstart installation.
Preparing for Remote Server:
Here is an example of configuring kickstart server which will be used in Fedora Core installation. All files will be uploaded to /data/network-install directory.
Create Installation Directory:
First of all create installation directories at /data/network-install/RPM and data network-install/ISO where necessary files will be copied.
[root@linux-server tmp]# mkdir -p /data/network-install/RPM
[root@ linux-server tmp]# mkdir -p /data/network-install/ISO
It is now need to copy the network installation driver files in the base directory.
Copying The Files:
All methods HTTP, NFS and FTP kickstart needs base set of Fedora files to be installed on Kickstart server. Here is the procedure to install it.
1) Create a mount point for your CD ROM drive.

[root@linux-server tmp]# mkdir /mnt/cdrom
2) Mount the Linux CD ROM.
[root@linux-server tmp]# mount /dev/cdrom /mnt/cdrom

3) Copy the files from the CD ROM dir to the hard disk

[root@linux-server tmp]# cp /mnt/cdrom/* /data/network-install/RPM
4) Unmount the CD ROM and remove cd using eject command.
[root@linux-server tmp]# umount /dev/cdrom

[root@linux-server tmp]# eject cdrom
5) Repeat steps 2 to 4 with all your CDROMs. Overwrite files if required.
HTTP & FTP Preparation:
To configure for HTTP and FTP copy all data of each installation CD to /data/network-install/RPM directory. It needs 3-5 GB disk space. After completing copying data into this directory will be shown as below.
[root@linux-server tmp]# ls -1 /data/network-install/RPM
eula.txt
RedHat
redhat.css
GPL
images
index.html
isolinux
README-Accessibility
RELEASE-NOTES-en_US.html
repodata
RPM-GPG-KEY
RPM-GPG-KEY-beta
RPM-GPG-KEY-fedora
RPM-GPG-KEY-fedora-extras
RPM-GPG-KEY-fedora-legacy
RPM-GPG-KEY-fedora-rawhide
RPM-GPG-KEY-fedora-test
RPM-GPG-KEY-rawhide
stylesheet-images
[root@linux-servertmp]#
Preparing for NFS:
First of all create ISO images of installation CD’s and store them in /data/network-install/ISO directory. It will also needs disk space from 3-5 GB. You can download ISO files from official Linux core website like Fedora or Redhat and you also take these files from installation CDs but you have to make sure that these are with same name as on the official website.
Here are the steps which you should follow by replacing filename where it is necessary.
[root@linux-server tmp]# cd /data/network-install/ISO

[root@linux-server ISO]# dd if=/dev/cdrom of=filename.iso bs=32k
…
…
[root@linux-server ISO]# eject cdrom
Note: This is an example to make ISO files using mkisofs command. You can select to install the mkisofs RPM on newer Fedora versions also and this command needs a mounted CDROM drive, so don’t overlook the mount command.
[root@linux-server ISO]# mount /mnt/cdrom

[root@linux-server ISO]# mkisofs -J -r -T -o filename.iso /mnt/cdrom

[root@linuxserver ISO]# eject cdrom

Setting up Dreamweaver's FTP connection

2009-06-21T13:35:00.000-07:00

Hey,

Please check the below URL , It will give you a detail description for setting up Dreamweaver's FTP connection

http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14787&sliceId=2

mod dosevasive - install and configure

2009-06-21T13:30:00.000-07:00

This module is very useful in combating certain DOS (denial of serivce) attacks, and is easy to implement. The following steps will help you to install mod dosevasive.

1. Download the newest version of the module from:

http://www.nuclearelephant.com/projects/dosevasive/

2. Extract the module.

Ie. (replace the 1.9 with the version you downloaded)
tar -xzvf mod_dosevasive.1.9.tar.gz

3. Change directories so you are inside the mod_dosevasive directory.
cd mod_dosevasive

4. If you are running Apache v1.3, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive.c

Ie.
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive.c

If you are running Apache v2.0, you run: [path to apache]/bin/apxs -i -a -c mod_dosevasive20.c

Ie.
/usr/local/apache/bin/apxs -i -a -c mod_dosevasive20.c

5. Restart apache.

Ie.
/etc/init.d/httpd restart

Configuration:

This section is intend for people that want to tweak some of the default settings to their own. You are not required to do this.

First you have to add the following section to your httpd.conf
(Ie. /etc/httpd/conf/httpd.conf):
For Apache v1.3:

DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

For Apache v2.0:

DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10

The above are the default options that are setup (even if you do not have this section in your httpd.conf).

Options in httpd.conf

2009-06-21T13:27:00.000-07:00

ServerType standalone :

The option ServerType specifies how Apache should run on the system. You can run it from the super-server inetd, or as standalone daemon. It's highly recommended to run Apache in standalone type for better performance and speed.

ServerRoot "/etc/httpd" :

The option ServerRoot specifies the directory in which the configuration files of the Apache server lives. It allows Apache to know where it can find its configuration files when it starts.

PidFile /var/run/httpd.pid :

The option PidFile specifies the location where the server will record the process id of the daemon when it starts. This option is only required when you configure Apache in standalone mode.

ResourceConfig /dev/null :

The option ResourceConfig specifies the location of the old srm.conf file that Apache read after it finished reading the httpd.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.

AccessConfig /dev/null :

The option AccessConfig specifies the location of the old access.conf file that Apache read after it finished reading the srm.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.

Timeout 300 :

The option Timeout specifies the amount of time Apache will wait for a GET, POST, PUT request and ACKs on transmissions. You can safely leave this option on its default values.

KeepAlive On :

The option KeepAlive, if set to On, specifies enabling persistent connections on this web server. For better performance, it's recommended to set this option to On, and allow more than one request per connection.

MaxKeepAliveRequests 0 :

The option MaxKeepAliveRequests specifies the number of requests allowed per connection when the KeepAlive option above is set to On. When the value of this option is set to 0 then unlimited requests are allowed on the server. For server performance, it's recommended to allow unlimited requests.

KeepAliveTimeout 15 :

The option KeepAliveTimeout specifies how much time, in seconds, Apache will wait for a subsequent request before closing the connection. The value of 15 seconds is a good average for server performance.

MinSpareServers 16 :

The option MinSpareServers specifies the minimum number of idle child server processes for Apache, which is not handling a request. This is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.

MaxSpareServers 64 :

The option MaxSpareServers specifies the maximum number of idle child server processes for Apache, which is not handling a request. This is also an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 64 is recommended by various benchmarks on the Internet.

StartServers 16 :

The option StartServers specifies the number of child server processes that will be created by Apache on start-up. This is, again, an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.

MaxClients 512 :

The option MaxClients specifies the number of simultaneous requests that can be supported by Apache. This too is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 512 is recommended by various benchmarks on the Internet.

MaxRequestsPerChild 100000 :

The option MaxRequestsPerChild specifies the number of requests that an individual child server process will handle. This too is an important tuning parameter regarding the performance of the Apache web server.

User www :

The option User specifies the UID that Apache server will run as. It's important to create a new user that has minimal access to the system, and functions just for the purpose of running the web server daemon.

Group www :

The option Group specifies the GID the Apache server will run as. It's important to create a new group that has minimal access to the system and functions just for the purpose of running the web server daemon.

DirectoryIndex index.htm index.html index.php index.php3 default.html index.cgi :

The option DirectoryIndex specifies the files to use by Apache as a pre-written HTML directory index. In other words, if Apache can't find the default index page to display, it'll try the next entry in this parameter, if available. To improve performance of your web server it's recommended to list the most used default index pages of your web site first.

HostnameLookups Off :

The option HostnameLookups, if set to Off, specifies the disabling of DNS lookups. It's recommended to set this option to Off in order to save the network traffic time, and to improve the performance of your Apache web server.

How do I import a database using phpMyAdmin?

2009-06-21T13:26:00.000-07:00

To import your MySQL database, you can use phpMyAdmin which is available in your control panel. The steps to import your database are below.

1. Click on the icon labeled MySQL Databases in your control panel.

2. At the bottom of the screen in MySQL Databases you will see an option for PhpMyAdmin, click on it

3. Once in PhpMyAdmin you will see on the left side a drop down of your databases, select the database you would like to import to.

4. This will create some tabs at the top of the screen, click on SQL.

5. After clicking on SQL you will see a Text Box area and a file upload option.

6. Click browse on the file upload option and find your .sql file

7. After you have selected the file click GO and it will import your database. It may take a while to complete importing especially if your database is large.

Try it :)

How do I import a database using Telnet/SSH?

2009-06-21T13:25:00.000-07:00

If you have SSH access, you can use the following command to import your database.

mysql -u username -p password database_name < /path/to/your/mysql_data.sql

Enable private PHP Error Logging via .htaccess\disable PHP Error Logging for visitor

2009-06-21T13:24:00.000-07:00

To hide PHP errors from visitors insert the following code in .htaccess

# supress php errors
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off

Once disable the error logs for visitors enable the private PHP error logging by using following code in .htaccess

# enable PHP error logging
php_flag log_errors on
php_value error_log /home/path/public_html/domain/PHP_errors.log

The PHP_errors.log file needs to be permission 755 or 777.

Disable mod_security2 rule for one domain

2009-06-21T13:23:00.001-07:00

Error:

Not Acceptable

An appropriate representation of the requested resource /admin/index.php could not be found on this server.

Fix:

Just create a directory:

mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain.com

Then create a file:

/usr/local/apache/conf/userdata/std/2/username/domain.com/mod_security.conf

In that file add:

SecRuleEngine Off

Save it.

Then run:

/scripts/ensure_vhost_includes --user=username

Fantastico - Got 404 error

2009-06-21T13:21:00.002-07:00

In most server enviroments, usually one of the four syntaxes works..

ForceType application/x-httpd-php
#SetHandler application/x-httpd-php
#SetHandler application/x-httpd-php5
#ForceType x-httpd-php

MailWatch Error in WHM

2009-06-21T13:21:00.001-07:00

Error:

Error executing query:
Table ‘maillog’ is marked as crashed and last (automatic?) repair failed

Fix:

You may need to drop the mailscanner database and recreate it.

Steps:

mysql -e “drop database mailscanner”
perl /usr/local/cpanel/whostmgr/docroot/3rdparty/mailwatch/install/mwadd.pl

Global whitelist

2009-06-21T13:20:00.001-07:00

You can globally whitelist an email account or a domain for all the users on the server by simply adding the entries for those email account or domain in the file /etc/mail/spamassassin/local.cf.

Syntax:

whitelist_from user@domian.com

whitelist_from *@domain.com

Disable SMTP for a domain in cPanel

2009-06-21T13:18:00.000-07:00

There is no option to disable only SMTP. However, you can able to disable the SMTP and pop in account settings.

WHM >> Main >> Account Functions >> Modify an Account

Set “Max Email Accounts” to 0

Max Email Accounts: 0

Note: After this settings the domain won’t be able to send and receive the mails.

Information about a domain newly added to cPanel

2009-06-21T13:16:00.000-07:00

Whenever new domains added through cpanel, the information about this domain will be located in the following files.

/etc/localdomains
/etc/userdomains
/etc/trueuserdomains
/etc/vfilters
etc/valiases etc.

The configurations files will be store in /var/cpanel/users/usersname.
Also a new directory is created in /home with username which contains subdirectories such as etc, mail, public_ftp, public_html.

Important openVZ commands

2009-06-20T11:08:00.001-07:00

Following are some important commands which are normally used while working on a Hardware Node.

1) vzlist -a : Shows list of all the VPS’s hosted on the Node.
2) vzctl start VPS_ID: To start the VPS.
3) vzctl stop VPS_ID : To stop (Shut Down) the VPS.
4) vzctl status VPS_ID : To view the status of the particular VPS.
5) vzctl stop VPS_ID –fast : to stop the VPS quickly and forcefully
6) vzctl enter VPS_ID : To enter in a particular VPS

Configuration Commands

1) vzctl set VPS_ID –hostname vps.domain.com –save: To set the Hostname of a VPS.

2) vzctl set VPS_ID –ipadd 1.2.3.4 –save : To add a new IP to the hosting VPS

3) vzctl set VPS_ID –ipdel 1.2.3.4 –save : To delete the IP from VPS.

4) vzctl set VPS_ID –userpasswd root:new_password –save : to reset root password of a VPS.

5) vzctl set VPS_ID –nameserver 1.2.3.4 –save : To add the nameserver IP’s to the VPS

6) vzctl exec VPS_ID command : To run any command on a VPS from Node.

6) vzyum VPS_ID install package_name : To install any package/Software on a VPS from Node.

Note: VPS_ID refers to the ID of the Particular VPS.

Curl error while compling PHP

2009-06-20T11:07:00.000-07:00

Error:

configure: error: Please reinstall the libcurl distribution -
easy.h should be in /include/curl/

Fix:

./configure
–with-curl=/opt/curlssl/

/usr/local/php5/bin/php5 -v

cp -p /usr/local/php5/bin/php-cgi5 /usr/local/cpanel/cgi-sys/php5

cp -p /usr/local/php5/bin/ /usr/local/cpanel/cgi-sys/php5

chown root.wheel /usr/local/cpanel/cgi-sys/php5
ll /usr/local/cpanel/cgi-sys/php5
chown root.wheel /usr/local/cpanel/cgi-sys/php5

/etc/init.d/httpd restart

Configure error: utf8 mime2text() has new signature in errror log

2009-06-20T11:06:00.000-07:00

This error is occurred due to “libc-client-devel” was missing on the server. Install the following RPM .

Fix:

yum install libc-client-devel

Xml error while installing php from source

2009-06-20T11:05:00.000-07:00

php installation error:
configure: error: xml2-config not found. Please check your libxml2 installation

You may get this error even though if your system is having libxml2. So, it could be due to a additional libxml2 module. These can de done by installing libxml2-devel.

yum install libxml2-devel

That’s it. Now you may able to continue the further installation.

Advantages of PHPsuexec

2009-06-20T11:04:00.000-07:00

Why we preferred switching to phpsuexec ?

Because it improves the security and operation of the servers. Earlier without phpsuexec an account could run malicious PHP scripts to send spam or cause performance issues on the server it can take a while to track down which account is causing the problem and resolve it. With PHPSUEXEC enabled we can find the offending account in minutes and resolve the problem caused by the offending script. PHPsuexec will also solve some of the file and directory ownership and permission problems that some of you have had with various PHP applications (mainly the CMS applications like Joomla and Drupal but other applications have the same issues

PHPsuexec Details to Keep in Mind:

File/Directory Permissions and Ownership:

When PHP runs as an Apache Module it executes with the user ID and group ID of the web server which is usually “nobody”. In this mode, files or directories that you require your php scripts to write to need to have 777 permissions (read/write/execute at user/group/world level). This is not secure because besides allowing the Apache and the PHP application to write to the file it also allows anyone else to read or write to the file if they figure out were to look and want to do so.

With PHP running in PHPsuexec mode your php scripts now execute with your user ID and group ID. Files or directories that you require your php scripts to write to no longer need to have 777 permissions.. In fact, having your scripts or the directories they reside in set to permissions of 777 will cause an “Internal Server Error 500″ error when an attempt is made to execute your scripts. In PHPsuexec mode your scripts and directories can have a maximum of 755 permissions (read/write/execute by you, read/execute by everyone else).

Files and directories will also need to be owned by your user ID and group ID. You probably don’t need to worry about this because all files you upload or create will be owned by your user ID and group ID automatically.

.htaccess File and PHP directives:

When PHP is run as an Apache Module mode you were able to manipulate the PHP settings from within an .htaccess file placed in a PHP script’s directory.

For example you could turn off the PHP setting “magic_quotes_gpc” with this line in .htaccess:

php_value magic_quotes_gpc off

With PHP running in PHPsuexec mode manipulating the PHP settings is still possible however it can not be done with the .htaccess file. Using an .htaccess file with php_value entries in it will cause an “Internal Server Error 500″ error when attempting to access the scripts. This is because PHP is no longer running as an Apache module and Apache will not handle those directives any longer.

All PHP configuration settings should be removed from your .htaccess files to avoid the “Internal Server Error 500″ error. Creating a php.ini file to manipulate the PHP settings will solve this issue

Conditions in PHPSUEXEC servers

2009-06-20T11:03:00.002-07:00

There are four main conditions in phpsuexec servers:

a] Ownership must be of the user and not nobody.

b] Permissions for all the php files must be 644

c] htaccess should not contain any php config values.

d] Permissions for all web directories must be 755.

Monitor Hard drive temperature via command line

2009-06-20T11:03:00.001-07:00

The hard drive temperature can be monitored via command line. For that you need to install the command binary hddtemp.

In redhat servers you can install using yum.

============

yum install hddtemp

============

In other server like CENTOS, FEDORA and FreeBSD you need to install it from source file with the steps given below.

=====================

>> Download the DB file

cd /etc

wget http://download.savannah.nongnu.org/releases/hddtemp/hddtemp.db

>> Download the source

cd /usr/local

wget http://download.savannah.nongnu.org/releases/hddtemp/hddtemp-0.3-beta7.tar.gz

tar -zxvf hddtemp-0.3-beta7.tar.gz

cd hddtemp-0.3-beta7

make

make install

=====================

That’s all. You have done It

Typical Output of hddtemp command.

=====================

[root@testserver ~]# hddtemp -uC /dev/hda
/dev/hda: SAMSUNG SP0411N: 32°C

[root@system101 ~]# hddtemp /dev/hda
/dev/hda: SAMSUNG SP0411N: 27°C

=====================

Increse Maximun connection limit per IP in IMAP

2009-06-20T11:02:00.000-07:00

IMAP conf file(cPanel): /usr/lib/courier-imap/imapd

Variable : MAXPERIP 40

You may need to do this if all users are under same ISP.

A-Z Index of the Linux BASH command line

2009-06-20T11:01:00.002-07:00

alias Create an alias
apropos Search Help manual pages (man -k)
awk Find and Replace text, database sort/validate/index
break Exit from a loop
builtin Run a shell builtin
bzip2 Compress or decompress named file(s)

cal Display a calendar
case Conditionally perform a command
cat Display the contents of a file
cd Change Directory
cfdisk Partition table manipulator for Linux
chgrp Change group ownership
chmod Change access permissions
chown Change file owner and group
chroot Run a command with a different root directory
cksum Print CRC checksum and byte counts
clear Clear terminal screen
cmp Compare two files
comm Compare two sorted files line by line
command Run a command - ignoring shell functions
continue Resume the next iteration of a loop
cp Copy one or more files to another location
cron Daemon to execute scheduled commands
crontab Schedule a command to run at a later time
csplit Split a file into context-determined pieces
cut Divide a file into several parts

date Display or change the date & time
dc Desk Calculator
dd Data Dump - Convert and copy a file
ddrescue Data recovery tool
declare Declare variables and give them attributes
df Display free disk space
diff Display the differences between two files
diff3 Show differences among three files
dig DNS lookup
dir Briefly list directory contents
dircolors Colour setup for `ls’
dirname Convert a full pathname to just a path
dirs Display list of remembered directories
du Estimate file space usage

echo Display message on screen
egrep Search file(s) for lines that match an extended expression
eject Eject removable media
enable Enable and disable builtin shell commands
env Environment variables
ethtool Ethernet card settings
eval Evaluate several commands/arguments
exec Execute a command
exit Exit the shell
expand Convert tabs to spaces
export Set an environment variable
expr Evaluate expressions

false Do nothing, unsuccessfully
fdformat Low-level format a floppy disk
fdisk Partition table manipulator for Linux
fgrep Search file(s) for lines that match a fixed string
file Determine file type
find Search for files that meet a desired criteria
fmt Reformat paragraph text
fold Wrap text to fit a specified width.
for Expand words, and execute commands
format Format disks or tapes
free Display memory usage
fsck File system consistency check and repair
ftp File Transfer Protocol
function Define Function Macros

gawk Find and Replace text within file(s)
getopts Parse positional parameters
grep Search file(s) for lines that match a given pattern
groups Print group names a user is in
gzip Compress or decompress named file(s)

hash Remember the full pathname of a name argument
head Output the first part of file(s)
history Command History
hostname Print or set system name

id Print user and group id’s
if Conditionally perform a command
ifconfig Configure a network interface
import Capture an X server screen and save the image to file
install Copy files and set attributes

join Join lines on a common field

kill Stop a process from running

less Display output one screen at a time
let Perform arithmetic on shell variables
ln Make links between files
local Create variables
locate Find files
logname Print current login name
logout Exit a login shell
look Display lines beginning with a given string
lpc Line printer control program
lpr Off line print
lprint Print a file
lprintd Abort a print job
lprintq List the print queue
lprm Remove jobs from the print queue
ls List information about file(s)
lsof List open files

make Recompile a group of programs
man Help manual
mkdir Create new folder(s)
mkfifo Make FIFOs (named pipes)
mkisofs Create an hybrid ISO9660/JOLIET/HFS filesystem
mknod Make block or character special files
more Display output one screen at a time
mount Mount a file system
mtools Manipulate MS-DOS files
mv Move or rename files or directories

netstat Networking information
nice Set the priority of a command or job
nl Number lines and write files
nohup Run a command immune to hangups
nslookup Query Internet name servers interactively

passwd Modify a user password
paste Merge lines of files
pathchk Check file name portability
ping Test a network connection
popd Restore the previous value of the current directory
pr Prepare files for printing
printcap Printer capability database
printenv Print environment variables
printf Format and print data
ps Process status
pushd Save and then change the current directory
pwd Print Working Directory

quota Display disk usage and limits
quotacheck Scan a file system for disk usage
quotactl Set disk quotas

ram ram disk device
rcp Copy files between two machines.
read read a line from standard input
readonly Mark variables/functions as readonly
remsync Synchronize remote files via email
return Exit a shell function
rm Remove files
rmdir Remove folder(s)
rsync Remote file copy (Synchronize file trees)

screen Terminal window manager
scp Secure copy (remote file copy)
sdiff Merge two files interactively
sed Stream Editor
select Accept keyboard input
seq Print numeric sequences
set Manipulate shell variables and functions
sftp Secure File Transfer Program
shift Shift positional parameters
shopt Shell Options
shutdown Shutdown or restart linux
sleep Delay for a specified time
sort Sort text files
source Run commands from a file `.’
split Split a file into fixed-size pieces
ssh Secure Shell client (remote login program)
strace Trace system calls and signals
su Substitute user identity
sum Print a checksum for a file
symlink Make a new name for a file
sync Synchronize data on disk with memory

tail Output the last part of files
tar Tape ARchiver
tee Redirect output to multiple files
test Evaluate a conditional expression
time Measure Program running time
times User and system times
touch Change file timestamps
top List processes running on the system
traceroute Trace Route to Host
trap Run a command when a signal is set(bourne)
tr Translate, squeeze, and/or delete characters
true Do nothing, successfully
tsort Topological sort
tty Print filename of terminal on stdin
type Describe a command

ulimit Limit user resources
umask Users file creation mask
umount Unmount a device
unalias Remove an alias
uname Print system information
unexpand Convert spaces to tabs
uniq Uniquify files
units Convert units from one scale to another
unset Remove variable or function names
unshar Unpack shell archive scripts
until Execute commands (until error)
useradd Create new user account
usermod Modify user account
users List users currently logged in
uuencode Encode a binary file
uudecode Decode a file created by uuencode

v Verbosely list directory contents (`ls -l -b’)
vdir Verbosely list directory contents (`ls -l -b’)
vi Text Editor

watch Execute/display a program periodically
wc Print byte, word, and line counts
whereis Report all known instances of a command
which Locate a program file in the user’s path.
while Execute commands
who Print all usernames currently logged in
whoami Print the current user id and name (`id -un’)
Wget Retrieve web pages or files via HTTP, HTTPS or FTP

xargs Execute utility, passing constructed argument list(s)
yes Print a string until interrupted

YUM - Commands

2009-06-20T11:01:00.001-07:00

yum install package_name Download and install a rpm package

yum localinstall package_name.rpm That will install an RPM, and try to resolve all the dependencies for you using your repositories.

yum update Update all rpm packages installed on the system

yum update package_name Upgrade a rpm package

yum remove package_name Remove a rpm package

yum list List all packages installed on the system

yum search package_name Find a package on rpm repository

yum clean packages Clean up rpm cache erasing downloaded packages

yum clean headers Remove all files headers that the system uses toresolve dependency

yum update -y

yum clean all

Converting from Ext3 to Ext2

2009-06-20T10:59:00.000-07:00

There may come a time when you want to convert EXT3 to Ext2. For directories other than the root directory or /usr, it’s pretty easy. The following uses the example of /dev/hda10 mounted to directory /test:

* umount /dev/hda10

* tune2fs -O ^has_journal /dev/hda10

* e2fsck /dev/hda10

* Edit /etc/fstab to change /dev/hda10 to mount type ext2

* mount /dev/hda10

The tune2fs command removes the journal inode, and the e2fsck command completes that removal.

Converting from Ext2 to Ext 3

2009-06-20T10:57:00.000-07:00

The conversion procedure is simple enough. Imagine /dev/hda10 mounted as /test – the procedure would be as follows:

* Log in as root

* Make sure /etc/fstab has /dev/hda10 mounted to /test as ext2, read write

* umount /dev/hda10

If you can’t unmount it, then remount it read only (mount -o

remount,ro /dev/hda10)

* tune2fs -j /dev/hda10

* Edit /etc/fstab, and for /dev/hda10, change ext2 to ext3

* mount /dev/hda10

* /sbin/shutdown -h now

* mount | grep /dev/hda10

If it’s not shown as ext3, reboot, if still not, troubleshoot

Otherwise, you’re done.

Kernel commands

2009-06-20T10:56:00.000-07:00

depmod - Create a module dependency list.

insmod - Install a module.

modinfo - Display information about a module.

kerneld - Run kernel program in user space.

ksyms - Display kernel symbols.

lsmod - List installed modules.

modprobe - Load or list loadable modules.

rmmod - Remove specified module.

sysctl - Configure kernel parameters at runtime.

uname - Display system information.

Increse Maximun connection limit per IP in FTP(Pure-ftpd)

2009-06-20T10:55:00.000-07:00

This can be done by increasing MaxClientsPerIP to higher value in Pure-ftpd configuration file “/etc/pure-ftpd.conf”.

MaxClientsPerIP 20

The normal limit is 20. It is not recommended to set more than 50.

Disable PING and ICMP requests

2009-06-20T10:53:00.000-07:00

Permanent:

The below kernel parameters are used to disable the ICMP/PING requests. You can add this in /etc/sysctl.conf file.

net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1

Apply the changes by using the sysctl -p command:

sysctl -p

Temporary :

Add the following line to your init script for the network (the name depends on the distribution you use):

echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all

This disables ping responses.

To re-enable, use the following command:

echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all

How to disable mod_security for a single domain

2009-06-03T23:07:00.002-07:00

Add the following entries in .htaccess file for the domain. It will disable the mod_sec rules for that domain on the server.

SecFilterEngine Off
SecFilterScanPOST Off

Exim commands

2009-06-03T23:07:00.001-07:00

Queue information
*******************
To print a count of the messages in the queue
root@localhost# exim -bpc

Print a listing of the messages in the queue (time queued, size, message-id, sender, recipient)
root@localhost# exim -bp

Print a summary of messages in the queue (count, volume, oldest, newest, domain, and totals):
root@localhost# exim -bp | exiqsumm

Generate and display Exim stats from a logfile:
root@localhost# eximstats /var/log/exim_mainlog

Same as above, with less verbose output:
root@localhost# eximstats -ne -nr -nt /var/log/exim_mainlog

Same as above, for one particular day:
root@localhost# fgrep YYYY-MM-DD /var/log/exim_mainlog | eximstats

Print what Exim is doing right now:
root@localhost# exiwhat

********************
Searching the queue
********************

Search the queue for messages from a specific sender:
root@localhost# exiqgrep -f [luser]@domain

Search the queue for messages for a specific recipient/domain:
root@localhost# exiqgrep -r [luser]@domain

To Print just the message-id of the entire queue:
root@localhost# exiqgrep -i

*******************
Managing the queue
********************

Start a queue run:
root@localhost# exim -q -v

Start a queue run for just local deliveries:
root@localhost# exim -ql -v

Remove a message from the queue:
root@localhost# exim -Mrm:

Freeze a message:
root@localhost# exim -Mf

Deliver a specific message:
root@localhost# exim -M

Force a message to fail and bounce:
root@localhost# exim -Mg

Remove all frozen messages:
root@localhost# exiqgrep -z -i | xargs exim -Mrm

Freeze all queued mail from a given sender:
root@localhost# exiqgrep -i -f luser@example.tld | xargs exim -Mf

View a message’s headers:
root@localhost# exim -Mvh

View a message’s body:
root@localhost# exim -Mvb

View a message’s logs:
root@localhost# exim -Mvl

Lost Joomla admin password - how to reset ?

2009-06-03T23:06:00.000-07:00

On cPanel dedicated server, I have come around where people have lost their Joomla admin password and don’t know what to do. Don’t get panicked, be patient – I will show how you can reset your lost admin password for your Joomla website.

First within you cPanel control panel;

goto PHPMyAdmin and select the Joomla database that you have, once selected check for the table named jos_users click on it

Browse the table;

On the right side you will see your admin login name (I assume it is admin, some may have different as they have set when Joomla was installed) in front of the username under the column named “password” you will see some encrypted value make sure the “usertype” column contains “super administrator”. Now, click on the pencil (to edit) and in front of password put the value “21232f297a57a5a743894a0e4a801fc3” without the quotes, which means that your password is “admin” and click on “Go”.

That’s all , you have reset the password.

Now, you can check by logging in to your Joomla site. It should be working now.

Note: Works for both Joomla 1.0 and Joomla 1.5 versions.

Installing SPF

2009-06-03T23:03:00.001-07:00

For a single domain

Run the following script.

/usr/local/cpanel/bin/spf_installer useraneme

/etc/init.d/exim restart

cd /var/named

rndc reload domain.com

:)

Server wide installation

Run the script on the server.

for i in `ls /var/cpanel/users` ;do /usr/local/cpanel/bin/spf_installer $i ;done

Restart the exim and named service.

Error from park wrapper: domain.com is already configured

2009-06-03T23:02:00.000-07:00

On a cPanel server if you get the error: Error from park wrapper: domain.com is already configured while adding an add-on domain under cPanel. Make sure to remove the domain.com entries from:

/var/named/domain.com.db

/etc/httpd/conf/httpd.conf

/var/cpanel/users/username

/etc/userdomains

/etc/localdomains

Renaming or commenting will not help; you will have to remove the entries completely. Try now.

This worked for me.

Rvskin giving error on cPanel server

2009-06-03T23:01:00.002-07:00

For some reason when upcp completed on cPanel server rvskin started giving errors like below:

===============
main::cpanel_parse('GLOB(0x9c3af58)') called at cpanel.pl line 2912
main::doinclude('rvbranding/indexheader.html', 2) called at cpanel.pl line 1673
main::exectag('') called at cpanel.pl line 4797
main::dotag(undef) called at cpanel.pl line 4664

===============

To get this fixed do the following:

root# mkdir /root/rvadmin

root# cd /root/rvadmin

root# rm -f rvauto.tar.bz2

root# wget http://download.rvglobalsoft.com/download.php/

download/rvskin-auto/saveto/rvauto.tar.bz2

root# tar -xvjf rvauto.tar.bz2

root# perl /root/rvadmin/auto_rvskin.pl

Try it :)

Manage www with .htaccess

2009-06-03T23:01:00.001-07:00

For your domain if you require www you can achieve this by adding the following code in your .htaccess file:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.domain\.com$ [NC]
RewriteRule ^(.*)$ /$1 [R=301,L]

Now, what if you don’t require www, add this code in your .htaccess:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^domain\.com$ [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]

Try it.

Server Securing - Setup

2009-06-03T22:52:00.000-07:00

Securing Your Server

Below given are some of the steps that can be used to secure your server.

Disable identification output for Apache

To disable the version output for proftp, SSH into server and login as root.

At command prompt type: pico /etc/httpd/conf/httpd.conf

Scroll (way) down and change the following line to

ServerSignature Off

Restart Apache

At command prompt type: /etc/rc.d/init.d/httpd restart

These are applications that will help to secure your server.

Install and run chkrootkit

To install chrootkit, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

At command prompt type: tar xvzf chkrootkit.tar.gz

At command prompt type: cd chkrootkit-0.44

At command prompt type: make sense

To run chkrootkit

At command prompt type: /root/chkrootkit-0.44/chkrootkit

Make sure you run it on a regular basis, perhaps including it in a cron job.

Install APF Firewall

To install APF, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

At command prompt type: tar -xvzf apf-current.tar.gz

At command prompt type: rm -f apf-current.tar.gz

At command prompt type: cd apf-0.9.4-6

At command prompt type: sh ./install.sh

After APF has been installed, you need to edit the configuration file.

At command prompt type: cd /etc/apf

At command prompt type: pico -w conf.apf

Scroll down and find

USE_DS=”0″

change it to

USE_DS=”1″

Now scroll down and configure the Ports. The following ports are required for CPanel:

Code:

Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”21,22,25,53,80,110,143,465,953,993,995,2082,2083,2084,2086,2087,2095,2096,3306,6666,7786,3000_3500″

Note: If you changed the port for SSH, be sure to include that port and remove port 22.

—–
21 FTP (TCP)
22 SSH (TCP)
25 SMTP (TCP)
53 DNS - Domain Name Server (TCP)
80 HTTP (TCP)
110 POP3 (TCP)
143 IMAP (TCP)
443 HTTPS (TCP)
465 sSMTP (TCP)
953 ??BIND??
993 IMAP4 protocol over TLS/SSL (TCP)
995 POP3 protocol over TLS/SSL (was spop3) (TCP)
2082 CPANEL (http://sitename.com:2082) (TCP)
2083 CPANEL SSL (https://sitename.com:2083) (TCP)
2084 entropychat server (disable from CPANEL service manager if not used) (TCP)
2086 WHM (http://sitename.com:2086) (TCP)
2087 WHM SSL (https://sitename.com:2087) (TCP)
2095 WebMail (http://sitename.com:2095) (TCP)
2096 WebMail SSL (https://sitename.com:2096)
3306 mySQL remote access (TCP)
6666 Melange chat Server (disable from CPANEL service manager if not used) (TCP)
7786 Interchange (TCP)
3000_3500
—–
5100 for ASP,
8080 and 8443 for JSP if you use them.
—–

Code:

Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53,6277

—–
53 DNS - Domain Name Server
6277 SpamAssassin / DCC (email scanning)
—–

Code:

Common ICMP (inbound) types
IG_ICMP_TYPES=”3,5,11,0,30,8″

—–
0 Echo Reply
3 Destination Unreachable
5 Destination Unreachable
8 Echo
11 Time Exceeded
30 Traceroute
—–

Code:

Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,25,37,53,80,110,113,#123,443,43,873,953,2089,2703,3306″

—–
21 FTP
25 SMTP
37 Required for CPANEL Licensing
53 DNS - Domain Name Server
80 HTTP
110 POP3 (if you have scripts that need to retrieve email via POP, e.g. HelpDesk)
113 Authentication Protocol (AUTH)
123 NTP (Network Time)
443 HTTPS
43 WHOIS
873 rsync (CPanel updates)
953 BIND ??
2089 Required for CPANEL Licensing
2703 Razor (email scanning)
3306 mySQL remote access
—–

Code:

Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53,873,953,6277″

—–
20 ftp-data
21 FTP
53 DNS - Domain Name Server
873 rsync
953 BIND ??
6277 SpamAssassin / DCC (email scanning)
—–

Code:

Common ICMP (outbound) types
EG_ICMP_TYPES=”all”

Save the changes then exit.

To start APF

At command prompt type: /usr/local/sbin/apf -s

APF commands are:

-s start
-r restart
-f flush - stop
-l list
-st status
-a HOST allow HOST
-d HOST deny HOST

Log out of SSH and then login again.

After you are sure everything is working fine, change the DEV option

At command prompt type: cd /etc/apf

At command prompt type: pico -w conf.apf

Scroll down and find

DEVM=”1″

change it to

DEVM=”0″

Save changes, exit and then restart firewall,

At command prompt type: /usr/local/sbin/apf -r

Install BFD (Brute Force Detection)

To install BFD, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

At command prompt type: tar -xvzf bfd-current.tar.gz

At command prompt type: cd bfd-0.4

At command prompt type: ./install.sh

After BFD has been installed, you need to edit the configuration file.

At command prompt type: pico /usr/local/bfd/conf.bfd

Under Enable brute force hack attempt alerts:

Find

ALERT_USR=”0″

and change it to

ALERT_USR=”1″

Find

EMAIL_USR=”root”

and change it to

EMAIL_USR=”your@email.com”

Save the changes then exit.

To start BFD

At command prompt type: /usr/local/sbin/bfd -s

Modify LogWatch

Logwatch is a customizable log analysis system. It parses through your system’s logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is already installed on most CPanel servers.

To modify LogWatch, SSH into server and login as root.

At command prompt type: pico -w /etc/log.d/conf/logwatch.conf

Scroll down to

MailTo = root

and change to

Mailto = your@email.com

Note: Set the e-mail address to an offsite account incase you get hacked.

Now scroll down to

Detail = Low

Change that to Medium, or High…

Detail = 5 or Detail = 10

Note: High will give you more detailed logs with all actions.

Save and exit.
These are measures that can be taken to secure your server, with SSH access.

Udate OS, Apache and CPanel to the latest stable versions.

This can be done from WHM/CPanel.

Restrict SSH Access

To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different port than port 22.

SSH into server and login as root.

Note: You can download Putty by Clicking Here. It’s a clean running application that will not require installation on Windows-boxes.

At command prompt type: pico /etc/ssh/sshd_config

Scroll down to the section of the file that looks like this:

Code:

#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::

Uncomment and change

#Port 22

to look like

Port 5678 (choose your own 4 to 5 digit port number (49151 is the highest port number)

Uncomment and change

#Protocol 2, 1

to look like

Protocol 2

Uncomment and change

#ListenAddress 0.0.0.0

to look like

ListenAddress 123.123.123.15 (use one of your own IP Addresses that has been assigned to your server)

Note 1: If you would like to disable direct Root Login, scroll down until you find

#PermitRootLogin yes

and uncomment it and make it look like

PermitRootLogin no

Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.

Note 2: You can also create a custome nameserver specifically for your new SSH IP address. Just create one called something like ssh.xyz.com or whatever. Be sure to add an A address to your zone file for the new nameserver.

Now restart SSH

At command prompt type: [b]/etc/rc.d/init.d/sshd restart[b]

Exit out of SSH, and then re-login to SSH using the new IP or nameserver, and the new port.

Note: If you should have any problems, just Telnet into your server, fix the problem, then SSH in again. Telnet is a very unsecure protocol, so change your root password after you use it.

Disable Telnet

To disable telnet, SSH into server and login as root.

At command prompt type: pico -w /etc/xinetd.d/telnet

change disable = no to disable = yes

Save and Exit

At command prompt type: /etc/init.d/xinetd restart

Server e-mail everytime someone logs in as root

To have the server e-mail you everytime someone logs in as root, SSH into server and login as root.

At command prompt type: pico .bash_profile

Scroll down to the end of the file and add the following line:

echo ‘ALERT - Root Shell Access on:’ `date` `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” your@email.com

Save and exit.

Set an SSH Legal Message

To an SSH legal message, SSH into server and login as root.

At command prompt type: pico /etc/motd

Enter your message, save and exit.

Note: I use the following message…

Code:

ALERT! You are entering a secured area! Your IP and login information
have been recorded. System administration has been notified.

This system is restricted to authorized access only. All activities on
this system are recorded and logged. Unauthorized access will be fully
investigated and reported to the appropriate law enforcement agencies.

Now everytime someone logs in as root, they will see this message… go ahead a try it.

Disable Shell Accounts

To disable any shell accounts hosted on your server SSH into server and login as root.

At command prompt type: locate shell.php

Also check for:

locate irc
locate eggdrop
locate bnc
locate BNC
locate ptlink
locate BitchX
locate guardservices
locate psyBNC
locate .rhosts

These are items inside of WHM/Cpanel that should be changed to secure your server.

Goto Server Setup =>> Tweak Settings

Check the following items…

Under Domains

Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail

Attempt to prevent pop3 connection floods
Default catch-all/default address behavior for new accounts - blackhole

Under System

Use jailshell as the default shell for all new accounts and modified accounts

Goto Server Setup =>> Tweak Security

Enable php open_basedir Protection

Enable mod_userdir Protection

Disabled Compilers for unprivileged users.

Goto Server Setup =>> Manage Wheel Group Users

Remove all users except for root and your main account from the wheel group.

Goto Server Setup =>> Shell Fork Bomb Protection

Enable Shell Fork Bomb/Memory Protection

When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.

Goto Service Configuration =>> FTP Configuration

Disable Anonymous FTP

Goto Account Functions =>> Manage Shell Access

Disable Shell Access for all users (except yourself)

Goto Mysql =>> MySQL Root Password

Change root password for MySQL

Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:

/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod
Reply With Quote Multi-Quote This Message
000000000
View Public Profile
Send a private message to 000000000
Visit 000000000’s homepage!
Find all posts by 000000000
Add 000000000 to Your Buddy List
#2 Add to 000000000’s Reputation Report Post
Old 10-02-2004, 08:56 PM
000000000 000000000 is offline
Registered User

Note: There will be several listings that will be OS/CPanel related. Examples are

/home/cpapachebuild/buildapache/php-4.3.1/ext/ircg
/usr/local/cpanel/etc/sym/eggdrop.sym
/usr/local/cpanel/etc/sym/bnc.sym
/usr/local/cpanel/etc/sym/psyBNC.sym
/usr/local/cpanel/etc/sym/ptlink.sym
/usr/lib/libncurses.so
/usr/lib/libncurses.a

Nagios error - DNS

2009-06-03T01:47:00.001-07:00

error output parsing /usr/sbin/nslookup

(1)For testing from nagios server

[nagios@monitor libexec]$ ./check_nrpe -H hostname -c check_load

(2) add the nagiosip; in /etc/named.conf

allow-recursion { localhost;nagios ip;};

(3) change the entry in services.cfg file as

check_named or check_DNS check_dig

recurssion = yes

or

comment recursion

or

add nagios ip to allow recursion

(4)add the port 5666 in apf or csf

Nagios error - Exim mail queue

2009-06-03T01:46:00.001-07:00

In nagios server

cd /usr/local/nagios/libexec

wget http://www.mycutelife.net/sanju/newtickethelp/nagiosfullsteps/check_eximmailqueue

chmod +x check_eximmailqueue

In remote server

cd /usr/local/nagios/libexec

wget http://www.mycutelife.net/sanju/newtickethelp/nagiosfullsteps/check_eximmailqueue

chmod +x check_eximmailqueue

echo “command[check_eximmailqueue]=/usr/local/nagios/libexec/check_eximmailqueue -w 500 -c 1000″ >> /etc/nrpe.conf

visudo

add the following line

nagios ALL= NOPASSWD:/usr/sbin/exim -bpc

/etc/init.d/xinetd restart

Check in nagios server

./check_nrpe -H -c check_eximmailqueue

if error…. then,

in remote server

cd /usr/local/nagios/libexec

visudo

comment #Defaults requiretty

cd /usr/bin

chmod u+s sudo

Nagios error - Mysql

2009-06-03T01:14:00.001-07:00

mysql

create database nagios;
grant all privileges on nagios.* to nagios@63.247.77.234 identified by ‘123dsa’;

mysql setup in client server

mysql> grant all privileges on nagios.* to nagios@63.247.77.234 identified by ‘123dsa’;
Query OK, 0 rows affected (0.00 sec)

nagios is showing the error
Client does not support authentication protocol requested by server: consider upgrading MySQL client

mysql> SET PASSWORD FOR nagios@63.247.77.234 = OLD_PASSWORD(’123dsa’);
Query OK, 0 rows affected (0.00 sec)

mysql> UPDATE mysql.user SET Password = OLD_PASSWORD(’123dsa’) WHERE Host = ‘63.247.77.234′ AND User = ‘nagios’;
Query OK, 0 rows affected (0.00 sec)

If we dont know the password of mysql

/etc/init.d/mysqld stop
/usr/bin/mysqld_safe –skip-grant-tables –skip-networking
open a new console
mysql
mysql> UPDATE mysql.user SET Password=PASSWORD(’d3fault’) WHERE User=’root’;
mysql> FLUSH PRIVILEGES;

vi .my.cnf

[client]
user=root
pass=d3fault

chmod 600 .my.cnf

/etc/init.d/mysqld restart

or

vi /etc/my.cnf
skip-grant-tables
/etc/init.d/mysqld restart
mysql
mysql> UPDATE mysql.user SET Password=PASSWORD(’d3fault’) WHERE User=’root’;
mysql> FLUSH PRIVILEGES;

vi /etc/my.cnf
#skip-grant-tables
/etc/init.d/mysqld restart

vi .my.cnf

[client]
user=root
pass=d3fault

chmod 600 .my.cnf

/etc/init.d/mysqld restart

Nagios Password

2009-06-03T01:13:00.000-07:00

password given in

/usr/local/nagios/etc/htpasswd.users

url is

http://hostname/cgi-bin/monitor/status.cgi

Given entries in contactgroups.cfg and contacts.cfg files (refer doreo client info)

in contacts.cfg we can setup mail notifications

htpasswd -m /usr/local/nagios/etc/htpasswd.users username

and give password

Nagios - nrpe

2009-06-02T23:41:00.000-07:00

# vi /etc/xinetd.d/nrpe

# default: on

# description: NRPE

service nrpe

{

flags = REUSE

socket_type = stream

wait = no

user = nagios

server = /usr/sbin/nrpe

server_args = -c /etc/nrpe.conf –inetd

log_on_failure += USERID

disable = no

only_from = nagios ip

}

Nagios proc

2009-06-02T22:21:00.000-07:00

Configure number of processes in Nagios :

on the server to be monitored,

vi /etc/nrpe.conf

modify the line this way :

command[check_total_procs]=sudo /usr/local/nagios/libexec/check_procs -w 250 -c 300

then run visudo and add the following line below root ALL=(ALL) ALL

nagios ALL= NOPASSWD:/usr/local/nagios/libexec/check_procs

then , /etc/rc.d/init.d/xinetd restart

add to the services.cfg on the nagios server ,

define service{

host_name server.host.name

service_description TOTAL_PROCS

is_volatile 0

check_period 24×7

max_check_attempts 3

normal_check_interval 5

retry_check_interval 1

contact_groups group-admins

notification_interval 120

notification_period 24×7

notification_options w,u,c,r

check_command check_nrpe!check_total_procs

}

/etc/rc.d/init.d/nagios restart

Also check the permission of /usr/bin/sudo . This must be as follows

—s–x–x 1 root root 82120 Feb 16 2006 /usr/bin/sudo
proc

Nagios ssl

2009-06-01T19:51:00.003-07:00

adding service ssl to nagios

/usr/local/nagios/etc

file checkcommands.cfg

# ‘check_ssl’ command definition

define command{

command_name check_ssl

command_line /usr/local/nagios/libexec/check_tcp -H $HOSTADDRESS$ -p 443

}

then add the entries in services.cfg escalations.cfg

services.cfg

# Service definition

define service{

use generic-service ; Name of service template to use

host_name sun.inservers1.com

service_description SSL

is_volatile 0

check_period 24×7

max_check_attempts 3

normal_check_interval 3

retry_check_interval 1

contact_groups neutralweb-admins

notification_interval 120

notification_period 24×7

notification_options w,u,c,r

check_command check_ssl

}

Nagios swap space

2009-06-01T19:51:00.001-07:00

Goto Nagios server

cd /usr/local/nagios/libexec

wget http://www.mycutelife.net/sanju/newtickethelp/nagiosfullsteps/check_swp

chmod +x check_swp

You need to do this for each server in nagios server

vi /usr/local/nagios/etc/services.cfg

add

define service{

host_name barracuda.dnsvelocity.com

service_description SWAP_USAGE

is_volatile 0

check_period 24×7

max_check_attempts 3

normal_check_interval 5

retry_check_interval 1

contact_groups voxtreme-admins

notification_interval 120

notification_period 24×7

notification_options w,u,c,r

check_command check_nrpe!check_swp

}

/etc/init.d/nagios restart

Goto remote server

cd /usr/local/nagios/libexec

wget http://www.mycutelife.net/sanju/newtickethelp/nagiosfullsteps/check_swp

chmod +x check_swp

echo “command[check_swp]=/usr/local/nagios/libexec/check_swp -w 80 -c 70″ >> /etc/nrpe.conf

/etc/init.d/xinetd restart

touch /home/nagios/swapcalc

chown nagios:nagios /home/nagios/swapcalc

touch /home/nagios/swappercent

chown nagios:nagios /home/nagios/swappercent

chmod +x /usr/bin/free

Check in nagios server

./check_nrpe -H -c check_swp

Custom Scripts

2009-06-01T19:50:00.001-07:00

To kill Dead process

for i in `ps ax | grep D | awk {’print $1′}`;do kill -9 $(cat /proc/${i}/status | grep PPid | awk {’print $2′});done

To kill Zombie process

for i in `ps ax | grep Z | awk {’print $1′}`;do kill -9 $(cat /proc/${i}/status | grep PPid | awk {’print $2′});done

To find ddos attack

netstat -an |grep 80

netstat -plan|grep :80|awk {’print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

netstat -plan|grep :25|awk {’print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

watch -n 5 ‘w; ls -alS /usr/local/apache/domlogs/ ‘

Top memory consuming processes

ps aux | head -1;ps aux –no-headers| sort -rn +3 | head

Number of exim connections

To find cppop attack

To find number of httpd connections

netstat -plan|grep :80|awk {’print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

netstat -pan | sort +4 | grep TIME_WAIT | awk ‘{print $5}’ | sed -e s/’:.*’//g | sort | uniq -c | sort -k 1 -nr | head -n 20

Script to change permission of files 777 to 644

find /home/*/public_html/ -type d -perm 777 -exec chmod 755 {} \;>/dev/null 2>&1

Horde Issue 31 08 2008 Cant find file: horde_sessionhandler.MYI

2009-06-01T19:49:00.000-07:00

If you get this error, you ve most likely done a file-based MySQL backup restore, and the InnoDB files are hosed. The horde_sessionhandler table isnt a MyISAM table at all - its actually an InnoDB table. The easiest way to fix the issue is to stop MySQL and trash the .frm:

# /etc/init.d/mysqld stop

# rm /var/lib/mysql/horde/horde_sessionhandler.frm

Now start MySQL and re-create the table:

# /etc/init.d/mysqld start

# mysql -u admin -p`cat /etc/psa/.psa.shadow`
Here is the SQL statements to run:

CREATE TABLE horde_sessionhandler (session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL, session_data LONGBLOB, PRIMARY KEY (session_id)) ENGINE = InnoDB;
GRANT SELECT, INSERT, UPDATE, DELETE ON horde_sessionhandler TO horde@localhost;

Downgrade from MySQL 5

2009-06-01T19:42:00.001-07:00

If you want a quick and dirty way and you don't have any databases, then you could do the following if you're using an rpm based linux:

rpm -qa | grep -i mysql-

Then use rpm -e on each match for MySQL v5.

Then remove /var/lib/mysql:

rm -Rfv /var/lib/mysql

Then edit /var/cpanel/cpanel.config and set:

mysql-version=4.1

Make sure that the skip file isn't there:

rm -fv /etc/mysqlupdisable

Then install MySQL:

/scripts/mysqlup --force

Then update the perl module:

/scripts/perlinstaller --force Bundle::DBD::mysql

Then recompile apache/php.

Of course, if you do have MySQL d/b's then you'll have to consult further on whether they can be downgraded and miss out the removal of the mysql dir.

Once done:

/scripts/upcp --force

Kernel Compilation

2009-06-01T19:41:00.001-07:00

Kernel compilation

Go to the /usr/src directory

Unpack the source code with tar -xvzf linux-2.x.x.tag.gz.

Move to the /usr/src/linux sub-directory.

make mrproper

make menuconfig

make all

– make vmlinux
– make modules
– make bzimage

make modules_install

make install

cp /usr/src/linux/arch/i386/boot/zImage /zImage

Making an initrd Image

An initrd image is needed for loading your SCSI module at boot time or if you are compiling the kernel with ext3 support as a module. If you do not need an initrd image, do not make one and do not edit lilo.conf or grub.conf to include this image.

Use the /sbin/mkinitrd shell script to build an initrd image for your machine. To use this command, the loopback block device must be available.

To build the new initrd image, run /sbin/mkinitrd with parameters such as this:

/sbin/mkinitrd /boot/initrd-2.4.18-0.12-jul2001.img 2.4.18-0.12-jul2001

In the above example, /boot/initrd-2.4.18-0.12-jul2001.img is the file name of the new initrd image. 2.4.18-0.12-jul2001 is the kernel whose modules (from /lib/modules) should be used in the initrd image. This is not necessarily the same as the version number of the currently running kernel.

Cleaning targets:

clean - Remove most generated files but keep the config and enough build support to build external modules

mrproper - Remove all generated files + config + various backup files

distclean - mrproper + remove editor backup and patch files

Configuration targets:

config - Update current config utilising a line-oriented program

menuconfig - Update current config utilising a menu based program

xconfig - Update current config utilising a QT based front-end

gconfig - Update current config utilising a GTK based front-end

oldconfig - Update current config utilising a provided .config as base

silentoldconfig - Same as oldconfig, but quietly

randconfig - New config with random answer to all options

defconfig - New config with default answer to all options

allmodconfig - New config selecting modules when possible

allyesconfig - New config where all options are accepted with yes

allnoconfig - New config where all options are answered with no

Other generic targets:

all - Build all targets marked with [*]

vmlinux - Build the bare kernel

modules - Build all modules

modules_install - Install all modules to INSTALL_MOD_PATH (default: /)

dir/ - Build all files in dir and below

dir/file.[ois] - Build specified target only

dir/file.ko - Build module including final link

rpm - Build a kernel as an RPM package

tags/TAGS - Generate tags file for editors

cscope - Generate cscope index

kernelrelease - Output the release version string

kernelversion - Output the version stored in Makefile

headers_install - Install sanitised kernel headers to INSTALL_HDR_PATH(default: /usr/src/linux-.6.24.3/usr)

Static analysers

checkstack - Generate a list of stack hogs

namespacecheck - Name space analysis on compiled kernel

export_report - List the usages of all exported symbols

headers_check - Sanity check on exported headers

Kernel packaging:

rpm-pkg - Build the kernel as an RPM package

binrpm-pkg - Build an rpm package containing the compiled kernel and modules

deb-pkg - Build the kernel as an deb package

tar-pkg - Build the kernel as an uncompressed tarball

targz-pkg - Build the kernel as a gzip compressed tarball

tarbz2-pkg - Build the kernel as a bzip2 compressed tarball

Documentation targets:

Linux kernel internal documentation in different formats:

htmldocs - HTML

installmandocs - install man pages generated by mandocs

mandocs - man pages

pdfdocs - PDF

psdocs - Postscript

xmldocs - XML DocBook

Architecture specific targets (i386):

bzImage - Compressed kernel image (arch/x86/boot/bzImage)

install - Install kernel using

(your) ~/bin/installkernel or

(distribution) /sbin/installkernel or

install to $(INSTALL_PATH) and run lilo

bzdisk - Create a boot floppy in /dev/fd0

fdimage - Create a boot floppy image

isoimage - Create a boot CD-ROM image

make V=0|1 [targets] 0 => quiet build (default), 1 => verbose build

make V=2 [targets] 2 => give reason for rebuild of target

make O=dir [targets] Locate all output files in “dir”, including .config

make C=1 [targets] Check all c source with $CHECK (sparse by default)

make C=2 [targets] Force check of all c source with $CHECK

Execute “make” or “make all” to build all targets marked with [*]

For further info see the ./README file

Install Nagios

2009-06-01T19:40:00.000-07:00

How to install nagios

In the nagios server

1)Download the tarball of nagios (Here I use nagios-1.0b5 version)

#wget http://heanet.dl.sourceforge.net/sourceforge/nagios/nagios-1.0b5.tar.gz

2)Extract the tarball

# tar zxvf nagios-1.0b5.tar.gz

3) Create a folder named nagios under /usr/local
# mkdir /usr/local/nagios

4)Create a user and group named nagios. In many of the linux flavours, a corresponding group will be created for evry user.

#useradd nagios
#groupadd nagios

5) Enter the extracted folder. # cd nagios-1.0b5

6) Type the following script on a single line without line breaks: # ./configure –prefix=/usr/local/nagios –with-cgiurl=/nagios/cgi-bin –with-htmurl=/nagios/ –with-nagios-user=nagios –with-nagios-grp=nagios

7)# make all

8)# make install

9)#make install-init

10)#make install-commandmode

11) If you take a look into the /usr/local/nagios directory right now, you will see that there are four directories.
bin sbin share var

12) # make install-config

Congrats, the nagios installation is completed!!! But to function properly, we need to install nagios plugin also. Come on, lets run to the next stage…

Install the nagios Plugin

1)Download the plugin. I used nagios-plugins-1.3.0 without any much problems. You can download it usng wget http://www.sreeforyou.com/tools/nagios/nagios-plugins-1.3.1.tar.gz

2)#tar zxvf nagios-plugins-1.3.0.tar.gz

3)Type the following script on a single line without line breaks: # ./configure –prefix=/usr/local/nagios –with-nagios-user=nagios –with-nagios-grp=nagios

4)#make all

5)#make install

6)#cd /usr/local/nagios/libexec/

7) To test the working, run the command ./check_ssh www.example.com
SSH ok - protocol version 1.99- - server version

8)#cd /usr/local/nagios/etc

9)# mkdir sample

10)# cp *.cfg-sample sample/

11)Rename each file manually, or use the following command to take care of them all at once.

for i in *cfg-sample; do mv $i `echo $i | sed -e s/cfg-sample/cfg/`; done;

12)../bin/nagios -v nagios.cfg

Run this command will show a lot of errors with the nagios configuration. Lets have to clear all the errors one-by-one.

13)#rm -f hosts.cfg services.cfg contacts.cfg contactgroups.cfg hostgroups.cfg dependencies.cfg escalations.cfg

14)#touch dependencies.cfg escalations.cfg contacts.cfg services.cfg

The nagios installation in completed. Now we have to configure the files related to nagios. This is a very easy step once you go through the steps.

You get more details about Nagios from the below URL

http://www.packtpub.com/guide-for-learning-nagios-3/book

How to Restore off a mounted slave disk on Redhat + Cpanel (crash/hack/bad kernel)

2009-06-01T19:37:00.000-07:00

Warning : This is not to be done by the unexperienced admins .

Sometimes when the server get hacked or boot from a bad kernel you need to have the datacenter mount your old drive, and install a new one with a fresh installation. This topic will guide you how to restore a complete server to a new one form the old drive which is mounted as secondary drive to the server.

I. Mount the backup Drive

First check to see if there are any drives mounted.

If it is not mounted, please mount manually the old drive to any location, say /mnt/old

For that please do the following:

fdisk -l

check for additional drives, in this tutorial we will use /dev/hdc3.

mount /dev/hdb3 /mnt/old

now that the drive is mounted you can browse files like:

ls /mnt/old/home

II. Rsync the files

Do these commands one by one,

rsync -vrplogDtH /mnt/old/usr/local/apache/conf /usr/local/apache

rsync -vrplogDtH /mnt/old/var/named /var

rsync -vrplogDtH /mnt/old/home/* /home

rsync -vrplogDtH /mnt/old/usr/local/cpanel /usr/local

rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib

rsync -vrplogDtH /mnt/old/var/cpanel /var

rsync -vrplogDtH /mnt/old/usr/share/ssl /usr/share

rsync -vrplogDtH /mnt/old/var/ssl /var

rsync -vrplogDtH /mnt/old/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty

rsync -vrplogDtH /mnt/old/var/log/bandwidth /var/log

rsync -vrplogDtH /mnt/old/usr/local/frontpage /usr/local

rsync -vrplogDtH /mnt/old/var/spool/cron /var/spool

Next Step - Get some important files from etc:

cd /mnt/old/etc

rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* proftpd* pure-ftpd* passwd* group* *domain* *named* wwwacct.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl /etc

Now would be a good time to change your password for root:

passwd

III. Updating software and restarting services

/scripts/upcp

/scripts/updatenow

/scripts/sysup

/scripts/fixeverything

/scripts/exim4

/scripts/easyapache

/scripts/securetmp

This is needed to update cpanel information. Please note, sshd might fail and not start after running fixeverything. You have to login to whm, and go to the rpm installer and “FORCE” install opensshd-server, opensshd, opensshd-client and then restart sshd from whm.

IV. Restarting services

/scripts/restartsrv httpd

/scripts/restartsrv cpanel

/scripts/restartsrv mysql

/scripts/restartsrv named

/scripts/restartsrv exim

Thats all. This will work 100% in redhat and fedora OS. It will work fine on FreeBSD except slight changes in 2 lines:

rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib

should be:

rsync -vrplogDtH /mnt/old/var/db/mysql /var/db

and also after running “cd /mnt/old/etc” :

rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* proftpd* pure-ftpd* passwd* group* *domain* *named* wwwacct.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl /etc

should be:

rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* cpupdate.conf quota.conf master.passwd* *rndc* ips* ipaddrpool* ssl /etc

Other than that rest will work fine and should restore all accounts and settings.

Rvskin Install

2009-06-01T19:32:00.001-07:00

mkdir /root/rvadmin

cd /root/rvadmin

wget http://download.rvglobalsoft.com/download.php/download/rvskin-auto/saveto/rvauto.tar.bz2

bunzip2 -d rvauto.tar.bz2

tar -xvf rvauto.tar

perl /root/rvadmin/auto_rvskin.pl

---

perl /root/rvadmin/uninstall.pl - uninstall

cPanel and WHM Installation for Linux & FreeBSD

2009-06-01T19:26:00.000-07:00

Cpanel:

1. Make a /home/cpins directory.

mkdir /home/cpins; cd /home/cpins;

2. Get the installation script from layer1.cpanel.net.

wget http://layer1.cpanel.net/latest

3. Finally, run the shell script.

sh latest

FreeBSD:

1. Make a /home/cpins directory.

mkdir /home/cpins; cd /home/cpins;

2. Get the installation script from layer1.cpanel.net.

fetch http://layer1.cpanel.net/latest

3. Finally, run the shell script.

sh latest

Installing DomainKeys on a cPanel server for server wide

2009-06-01T19:18:00.001-07:00

Run the following small script on the server.

for i in `ls /var/cpanel/users` ;do /usr/local/cpanel/bin/domain_keys_installer $i ;done

This will install the domainkeys as serverwide.

Spamassassin is not working in cPanel Server

2009-06-01T19:17:00.002-07:00

Steps:

1. Edit /etc/mail/spamassassin/local.cf >> Uncomment lock_method flock
2. rm -rf /var/lib/spamassassin
3. rm -rf /usr/share/spamassassin
4. /scripts/perlinstaller –force Mail::SpamAssassin
5. /etc/init.d/exim restart

How to install domain keys for a single domain

2009-06-01T19:17:00.001-07:00

You can install domain keys on a cpanel server easily for a single domain. Run the following command shown below:

/usr/local/cpanel/bin/domain_keys_installer username

Ports

2009-06-01T19:16:00.000-07:00

FTP - 21

SSH - 22

TELNET - 23

SMTP - 25

DNS - 53

HTTP - 80

POP3 - 110

IMAP - 143

SECURE IMAP - 995

SECURE POP3 - 993

HTTPS - 443

MSSQL - 1433

MySQL - 3306

CPANEL - 2082

SECURE CPANEL - 2083

WHM - 2086

SECURE WHM - 2087

WEBMAIL - 2095

SECURE WEBMAIL - 2096

How to update horde and squirrel mail

2009-06-01T19:10:00.000-07:00

Run the following command in the server it will update the latest version.

/usr/local/cpanel/bin/update-horde –force

/usr/local/cpanel/bin/update-squirrelmail –force

cPanel Chkservd

2009-04-25T04:44:00.003-07:00

Cpanel chkservd:

Chkservd is a service running on Cpanel servers. Chkservd service monitors other service, if any of the service that is monitored by chkservd is found down, chkservd will restart the service and notify server admin

You can start, stop chkservd with following commands:

service chkservd start
service chkservd stop
/etc/rc.d/init.d/chkservd start
/etc/rc.d/init.d/chkservd stop

Root partition is 100% full

2009-04-25T04:44:00.001-07:00

Normally in Cpanel servers “/” partition is filled 100% even though nothing in it.

This problem is mainly due to hidden files in “/” partition. It won’t be show for normal du -sch command. Some time a server reboot may fix this issue. If not, you would need to find the hidden files.

Here is a command which is used to list the all hidden files.

du -sk .[A-z]* *|sort -n

Just see how it will list all files.

Solving outlook express errors

2009-04-25T04:42:00.004-07:00

Sometimes we get some errors while using outlook express but we can't understand what they mean and what could be the solution for that.

Here’s the usual errors codes with their solutions:

0×800CCC00 - Authentication did not load.
Solution :
*) Try closing and restarting Outlook express
*) If still getting same error, wait 20-30 minutes for a server reset of your account then try again.
*) It could be a corruption of the user account in Outlook Express. Try setting up a second identity and see if it works.

0×800CCC01 - INVALID CERTIFICATE CONTENT
0×800CCC02 INVALID CERTIFICATE DATE
Solution :
*) Get your certificate re-issued by your authority server.

0×800CCC03 - USER ALREADY CONNECTED
Solution :
*) Close all connections on all machines, wait 20-30 minutes and try again.
*) If you are not logged in on another machine or poplocked then someone may be using/downloading from your account or something is wrong with your account.
*) Sometimes due to improper disconnection your account gets Poplocked so to get out of it either wait 20-30 minutes for it to time out or get somebody to shell into the mail server and stop the mail task that is running on the account.

0×800CCC05 NOT CONNECTED TO SERVER
0×800CCC0D CANT FIND HOST - Cannot locate server
Solution :
*) You may have typed wrong mail server in your account settings or the server may be down.
*) Reboot the computer and try again.
*) Data may not be moving across the network properly. Check DNS numbers, remove and then reinstall TCP/IP in Control Panel > Network.

0×800CCC0A MESSAGE DOWNLOAD INCOMPLETE
0×800CCC19 TIMEOUT
Solution :
*) This error may be due to corruption of pop3uidl file. Close the Internet connection and all programs. Search for the file ‘pop3uidl and delete it. Reconnect and it should work.

0×800CCC0F CONNECTION DROPPED
Solution :
*) may be modem or network cable was disconnected. If this happens frequently then try updating the modem drivers or adding an Init string.

0×800CCC10 INVALID ADDRESS - Address not known on server
Solution :
*) Check the spelling in the TO: field of the e-mail. Delete the old message from the Outbox and then try it again.

0×800CCC12 SOCKET READ ERROR - Unable to send Winsock request
Solution :
*) Remove the TCP/IP protocol and reinstall it. In windows, go into Network from the Control Panel. NOTE: You may need your Windows CD for this task!

0×800CCC16 INVALID ACCOUNT - User account not recognized
Solution :
*) Check the spelling of the account name and re-enter the password taking care to spell it correctly.

0×800CCC18 SICILY LOGON FAILED - Logon attempt failed
Solution :
*) Check account information, making sure account is not case sensitive, close Outlook Express, restart the computer and try reconnecting.
*) Create a different identity and see if it will logon on from this identity with the same information.
*) Make sure the account is still active with the ISP.

0×800CCC1A SECURE CONNECT FAILED - Unable to connect using SSL
Solution :
*) Your ISP may not require an SSL connection. Turn off SSL in the e-mail account properties and try again.

Remotely Access MySQL Database

2009-04-25T04:42:00.003-07:00

The following article explains how to access your MySQL database remotely.

1)Go to Cpanel >> MySQL Databases >> Access Hosts: >> Add IP of the machine from which you want to access databse.

2)Click on Add host.In order to access your MySQL database, please follow these steps:

1. Log into your machine from which you want to access database remotely.

2. Open the MySQL client program on the server in the /usr/bin directory.

cd /usr/bin

Give the command
# mysql

3.Type in the following syntax to access your database:

$ mysql -h {hostname} -u username -p {databasename}
Password: {your password}

mysql >

* hostname: the name of the MySQL server that you are assigned to, for example, domainname/servername
* databasename: The name of your MySQL database
* password: The password you use to access your MySQL database

How to set the mysql database backup cronjob ?

2009-04-25T04:42:00.001-07:00

CRON

Cron is a linux utility that schedules a command (or commands) to be executed periodically at certain times. They can perform user-defined tasks such as backing up databases, scheduling mailing lists, clearing old records, etc etc.

To set up a CRON Job, you need to know two things.

1. The command that is to be executed (often a user written script or a UNIX command)
2. How often the command is to be executed (what days, months, dates, hours etc etc)

There are following different format to get the backup of mysql database using cron job

1) Simple cron job syntax to take database backup
* * * * * /usr/bin/mysqldump -u databaseusername databasename -ppassword > /path of database store.sql

2) Compress the database backup in gz format
* * * * * /usr/bin/mysqldump -u databaseusername databasename -ppassword|gzip > /path of database store.gz

3) Compress the database backup in bz2 format
* * * * * /usr/bin/mysqldump -u datbaseusername databasename -pdatbasepassword|bzip2 -c > /path of database store.bz2

Horde session handler error

2009-04-25T04:41:00.003-07:00

If you are getting horde session handler error, then please check if horde db is present on server or not. You can check it with

#mysqlshow |grep horde
It should give you output like,

[~]#mysqlshow |grep horde
| horde |

If the output is blank, then you need to create a db called horde.
You can do it with commnd.
#mysqladmin create horde

Then run a script :
#/scripts/fullhordereset

If horde db is already exist on server then go to mysql and on mysql prompt run commands.

mysql>use horde;
mysql>repair table horde_sessionhandler;
mysql>\q

Then on shell prompt run commands
#touch /var/cpanel/usecpphp
#/scripts/fullhordereset

It will fix the most of issue with horde.

Default Mysql my.cnf configuration file

2009-04-25T04:41:00.001-07:00

If you are not aware of my.cnf files configuration and want to use mysql server to optimize your database usage then replace this configuration file.

[mysqld]
socket = /var/lib/mysql/mysql.sock
safe-show-database
old-password=1
max_connections=500
interactive_timeout=100
wait_timeout=30
connect_timeout=30
thread_cache_size=8
key_buffer=32M
join_buffer=8M
max_allowed_packet=32M
table_cache=1024
sort_buffer=32M
record_buffer=8M
thread_cache_size=128
max_user_connections=30

thread_concurrency=4
myisam_sort_buffer_size=64M
query_cache_limit=2M
query_cache_size=32M
query_cache_type=1

old-passwords = 1

[safe_mysqld]
err-log=/var/log/mysqld.log
open_files_limit=8192

[mysqldump]
quick
max_allowed_packet=32M

[mysql]
no-auto-rehash
# Remove the next comment character if you are not familiar with SQL
#safe-updates

[isamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_bufer=16M

[myisamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M

[mysqlhotcopy]
interactive-timeout

OpenVZ

2009-04-25T04:40:00.002-07:00

OpenVZ uses Operating System Virtualization technology through which you can partition a single physical server into multiple small computational partitions and thus a physical server can have multiple secure isolated operating systems. Each such partition looks and feels like a real server. OpenVZ is based on Linux OS.

OpenVZ requires both the host and guest to be on Linux. OpenVZ allows to have multiple Virtual Environment (up to as many as several hundreds) on a single Hardware Node such physical server are know as Virtual Private Servers(VPS) or Virtual Environments(VE).

Each VE performs and executes exactly like a stand-alone server; VEs can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files.

Following are some important commands which are normally used while working on a Hardware Node.

# vzlist -a : Shows list of all the VPS's hosted on the Node.
# vzctl start VPS_ID: To start the VPS.
# vzctl stop VPS_ID : To stop (Shut Down) the VPS
# vzctl status VPS_ID : To view the status of the VPS
# vzctl stop VPS_ID : to stop the VPS quickly and forcefully
# vzctl enter VPS_ID : To enter in a particular VPS

The OpenVZ project is an open source community project supported by SWsoft

Domain Redirecting using mod_rewrite

2009-04-25T04:40:00.001-07:00

For some reason you need to redirect your domain you can do so by using following code and need to update .htaccess file.
To redirect domain to www. domain you need to put the following mod_rewrite rule in .htaccess file inside public_html.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain\.com
RewriteRule ^(.*)$ http://www.domain. com/$1 [R=permanent,L]

To use this rule mod_rewrite module is needed on server.

Note - Replace domain.com with your actual domain name.

Cron Jobs (Automated Processes)

2009-04-25T04:39:00.001-07:00

Cron is a unix, solaris utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon.

Cron job is an automated process that operates at predefined time intervals. For example, reindexing your Web site using Excite at 3:00am every morning.

Cron daemon is a long-running process that executes commands at specific dates and times. You can use this to schedule activities, either as one-time events or as recurring tasks.

For commands that need to be executed repeatedly (e.g., hourly, daily, or weekly), you can use the crontab command. The crontab command creates a crontab file containing commands and instructions for the cron daemon to execute. You can use the crontab command with the following options:crontab -a filename Install filename as your crontab file. On many systems, this command is executed simply as crontab filename (i.e., without the -a option).

crontab -e Edit your crontab file, or create one if it doesn’t already exist.
crontab -l Display your crontab file.
crontab -r Remove your crontab file.
crontab -v Display the last time you edited your crontab file. (This option is available on only a few systems.)
crontab -u user Used in conjunction with other options, this option allows you to modify or view the crontab file of user. When available, only administrators can use this option.

Each entry in a crontab file consists of six fields, specifying in the following order:

minute(s) hour(s) day(s) month(s) weekday(s) command(s)

The fields are separated by spaces or tabs. The first five are integer patterns and the sixth is the command to execute. The following table briefly describes each of the fields:Field Value Description

minute 0-59 The exact minute that the command sequence executes
hour 0-23 The hour of the day that the command sequence executes
day 1-31 The day of the month that the command sequence executes
month 1-12 The month of the year that the command sequence executes
weekday 0-6 The day of the week that the command sequence executes (Sunday = 0, Monday = 1, Tuesday = 2, and so forth)
command Special The complete sequence of commands to execute. The command string must conform to Bourne shell syntax. Commands, executables (such as scripts), or combinations are acceptable.

Each of the patterns from the first five fields may be either * (an asterisk), meaning all legal values, or a list of elements separated by commas. An element is either a number or an inclusive range, indicated by two numbers separated by a minus sign (e.g., 10-12). You can specify days with two fields: day of the month and day of the week. If you specify both of them as a list of elements, cron will observe both of them;

for example:

0 0 1,15 * 1 /mydir/myprogram

The cron daemon would run the program myprogram in the mydir directory on the first and fifteenth of each month, as well as on every Monday. To specify days by only one field, the other field should be set to * , for example:

0 0 * * 1 /mydir/myprogram

In the above example, the program would run only on Mondays.

If a cron job specified in your crontab entry produces any error messages when it runs, you will get a mail message reporting the errors.

Disable Email

By default cron jobs sends a email to the user account executing the cronjob. If this is not needed put the following command At the end of the cron job line .
>/dev/null 2>&1

Crontab Restrictions

You can execute crontab if your name appears in the file
/usr/lib/cron/cron.allow. If that file does not exist, you can use
crontab if your name does not appear in the file
/usr/lib/cron/cron.deny.

If only cron.deny exists and is empty, all users can use crontab. If neither file exists, only the root user can use crontab. The allow/deny files consist of one user name per line.

How to hide the PHP version to remote requests

2009-04-25T04:38:00.003-07:00

In order to prevent PHP from exposing the fact that it is installed on the server, by adding to the web server header we need to locate in php.ini the variable expose_php and turn it off.

By default expose_php is set to ‘On’

In your php.ini locate the line containing expose_php On and set it to Off ;

expose_php = Off

After making this change PHP will no longer add it signature to the web server header. Doing this, will not make your server more secure but,it will just prevent remote hosts to easily see that you have PHP installed on the system and what version you are running.

Linux Boot Sequence

2009-04-25T04:38:00.001-07:00

The process of booting a Linux system consists of a number of stages as follows

1) BIOS

2) Master Boot Record (MBR)

3) LILO or GRUB

4) Kernel

5) init

6) Run Levels

The process of booting a Linux system consists of a number of stages

1)BIOS: Basic Input/Output System is the lowest level interface between the computer and peripherals which load boot sector from one of following devices

Floppy
CDROM
Hard drive

The boot order can be changed from within the BIOS. BIOS setup can be entered by pressing a del ,F1 , F2, or F10 key during bootup.

2)MBR:
The first sector of the hard disk is reserved master boot record (MBR).

When we the Operating booting from a hard disk, the PC system BIOS loads and executes the boot loader code in the MBR. Here MBR needs to know which partitions on the disk have boot loader code specific to their operating systems in their boot sectors and then attempts to boot one of them.

Fedora Linux is supplied with the GRUB boot loader which is fairly sophisticated and therefore cannot entirely fit in the 512 bytes of the MBR.
The GRUB MBR boot loader merely searches for a special boot partition and loads a second stage boot loader.

This then reads the data in the /boot/grub/grub.conf configuration file, which lists all the available operating systems and their booting parameters. When this is complete, the second stage boot loader then displays the familiar Fedora branded splash screen that lists all the configured operating system kernels for your choice.

3)Boot loader (GRUB or LILO)

Lilo and Grub are installed or at the MBR (Master Boot Record), or at the first sector of the active partition.

Boot loader will ask for the OS label which will identify which kernel to run and where it is located (hard drive and partition specified). The installation process requires to creation/identification of partitions and where to install the OS. GRUB/LILO are also configured during this process. The boot loader then loads the Linux operating system.

LILO: (Linux Loader)
In case of a multi-boot config, LiLo permits the user two choose an operating system from the menu. The LiLo settings are stored at /etc/lilo.conf
-LILO does not understand filesystems
- code and kernel image to be loaded is stored as raw disk offsets
-uses the BIOS routines to load

Grub (GNU Grub Unified Boot Loader)
- Understands file systems
- config lives in /boot/grub/menu.lst or /boot/boot/menu.lst

4)Kernel
-The kernel verifies hardware configuration and initialise devices.
(optionally loads initrd, )
-The kernel tries to mount the file system and the system filesmounts root filesystem specified by lilo or loadin with root= parameter

The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3. If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount. This verification isn’t indicated if the files were mounted in read-write mode.

-kernel prints: VFS: Mounted root (ext2 filesystem) readonly.
* runs /sbin/init which is process number 1 (PID=1)
- init prints: INIT: version 2.76 booting
- can be changed with boot= parameter to lilo, eg boot=/bin/sh can be useful to rescue a system which is having trouble booting.

After these steps, the kernel will start init, which will become process number 1, and will start the rest of the system.

5) init process
The init process is the last step in the boot procedure and parent of all the other processes. This process is the first running process on any Linux/UNIX system, and is started directly by the kernel. It is what loads the rest of the system, and always has a PID of 1.

Init is responsible for starting system processes as defined in the /etc/inittab file.

The init process is never shut down. It is a user process and not a kernel system process although it does run as root.

Run Levels

0 halt
1 single user
2 Not used (user-definable)

3 Full multi-user mode (no GUI interface)

4 Not used (user-definable)
5 X11 Full multiuser mode (with GUI interface)
6 Reboot

Based on the selected runlevel, the init process then executes startup scripts located in subdirectories of the /etc/rc.d directory. Scripts used for runlevels 0 to 6 are located in subdirectories /etc/rc.d/rc0.d through /etc/rc.d/rc6.d, respectively.

Default is defined in /etc/inittab, eg:
o id:3:initdefault:
The current runlevel can be changed by running /sbin/telinit # where # is the new runlevel, eg typing telinit 6 will reboot.

CSF (configserver) firewall

2009-04-25T04:36:00.000-07:00

How to install and configure the CSF (configserver) firewall.

CSF can be used on a wide range of Linux systems, including those running cPanel.

Following are the steps to install and configure the CSF on Linux Server.

Installation is quite straightforward:

rm -fv csf.tgz

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

To configure CSF modify the config files in /etc/csf/ - or if you are running WHM you can modify the CSF settings in WHM itself.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS servers have this disabled and you should check /etc/init.d/syslog and make sure that any klogd lines are not commented out. If you change the file, remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

How to get and restore database backup on linux server

2009-04-25T04:33:00.002-07:00

For taking backup of your database on Linux Server you have to make sure that your database is good enough. with shell access you can take the database backup in .sql format with following command

#mysqldump user_databasename > database.sql

As you are having database backup and want to restore it then use following command

#mysql user_databasename < database.sql

Installing ImageMagik

2009-04-25T04:33:00.001-07:00

ImageMagick is a software used to create, edit, and compose bitmap images. Using ImageMagick we can read, convert and write images in a variety of formats including DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript, SVG, and TIFF. ImageMagick is used to translate, flip, mirror, rotate, scale, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.

ImageMagick is typically utilized from the command line or you can use the features from programs written in your favorite programming language. Choose from these interfaces: G2F (Ada), MagickCore (C), MagickWand (C)

How to install ImageMagick On Linux Server

wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz

tar -zxvf ImageMagick*.tar.gz
cd ImageMagick*

./configure

make

make install

You can verify the installation with command :

which convert

Installing eAccelerator

2009-04-25T04:32:00.001-07:00

Eaccelerator is a free open-source PHP accelerator/encoder/caching utility that is based off of the old mmcache (which is no longer being maintained).

What Eaccelerator does is: it caches your PHP scripts so that the database is no longer being queried everytime someone needs a script. eAccelerator stores compiled PHP scripts in shared memory and executes code directly from it. This is particularly useful for large forums, but pretty much anyone can benefit from it. Since these scripts are cached, you’ll notice a decrease in memory use and server load.

Installation steps :

Installing Eaccelerator

1. First, you’ll want to SSH into your server as the root user. you should be in the default directory now. If you’re not, type in cd ~

2. Now we’ll make the eaccelerator directory:

mkdir /ea/

cd /ea/

2. Now we’ll grab the files, and untar them:
Notice that it’s a tar.bz2 file, so we need to decompress it twice.

wget
http://heanet.dl.sourceforge.net/sourceforge/eaccelerator/eaccelerator-0.9.4-rc1.tar.bz2

bzip2 -d eaccelerator-0.9.4-rc1.tar.bz2

tar xvf eaccelerator-0.9.4-rc1.tar

3. Now that we’ve done that, let’s install Eaccelerator:
Note: in the following “export” command, you need to point that to where PHP is installed. For most, it’s usually either “usr/” or “usr/local”, but it may be something else.

cd eaccelerator-0.9.4-rc1/

export PHP_PREFIX=”/usr”

$PHP_PREFIX/bin/phpize

./configure –enable-eaccelerator=shared
–with-php-config=$PHP_PREFIX/bin/php-config

make

make install

4. It’s basically installed, now we need to edit the php.ini files to
include Eaccelerator. This is usually found in the /etc/ folder, but if
you can’t find it, run a “locate php.ini” (without quotes) to find it.
[i]I’m editting my file with nano, which pretty much anyone with a modern server should have. You can use pico or vi, it’s your choice:

cd ~

nano /etc/php.ini

Now find ;Windows Extensions (press ctrl + W). Remove the mmcache lines (if you had it installed before) above this and…

—————————————————————————-
For a PHP extension install (most will probably want this)
—————————————————————————-

extension=”eaccelerator.so”
eaccelerator.shm_size=”16″
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1″
eaccelerator.optimizer=”1″
eaccelerator.check_mtime=”1″
eaccelerator.debug=”0″
eaccelerator.filter=”"
eaccelerator.shm_max=”0″
eaccelerator.shm_ttl=”0″
eaccelerator.shm_prune_period=”0″
eaccelerator.shm_only=”0″
eaccelerator.compress=”1″
eaccelerator.compress_level=”9″

—————————————————————————-
For a Zend extension install (only if you have Zend installed, or
if you’re going to install it
—————————————————————————-

zend_extension=”/usr/lib/php4/eaccelerator.so”
eaccelerator.shm_size=”16″
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1″
eaccelerator.optimizer=”1″
eaccelerator.check_mtime=”1″
eaccelerator.debug=”0″
eaccelerator.filter=”"
eaccelerator.shm_max=”0″
eaccelerator.shm_ttl=”0″
eaccelerator.shm_prune_period=”0″
eaccelerator.shm_only=”0″
eaccelerator.compress=”1″
eaccelerator.compress_level=”9″

5. Now we need to make the cache directory, where the cache files will be stored.

cd ~

mkdir /tmp/eaccelerator/

chmod 0777 /tmp/eaccelerator/

6. Yay, it’s installed! Let’s restart Apache now so that Eaccelerator will start working:

service httpd restart

cp /ea/eaccelerator-0.9.4-rc1/eaccelerator.php /usr/local/apache/htdocs/
—————————–
7. You *should* notice some sort of speed boost or that the server
load/memory use has decreased. But let’s just make sure that it’s
installed properly.

Open up your favorite FTP client and upload the eaccelerator.php and eaccelerator_password.php files to any directory on your website. I uploaded mine to my forum directory, but you can pretty much place them anywhere in the public_html directory.

Once that’s done, you can go to

http://www.your-domain.com/path_to_s…ccelerator.php (of course,
replacing that with the path to the script) to see if it’s installed. If
it’s installed properly, you’ll see a screen like this:

Otherwise, you’ll see a screen saying that it’s not installed. You have to go back through the instructions, retry it and see if that works. Check to make sure that you specified the right directories and files in the instructions above!

Now, we’ll probably want to add a password to prevent some mean user from clearing the cached scripts or causing other bad stuff to happen. Navigate to the eaccelerator_password file and set an administrator name and password.

This doesn’t set the password, but it gives you a line of code to place in your php.ini file (just below the eaccelerator part). Once you do this, you need to log in to view the eaccelerator page.

After you’re done, you can delete or rename this file, but it’s not required.

Email Error: Unrouteable address

2009-04-25T04:31:00.002-07:00

While sending emails from your email address and you get the error Unrouteable address with RCPT reject. That means the problem at receivers end.

Check the following things.

1. Check the domains entry is available in userdoamins.

2. Check the domains entry is is available in localdomain

3. Check the domain must having catchall address set if not then set
vi /etc/valiases/domain.com

*: username

4. Also make sure that the mail folder having ownership user:mail

5. Restart exim services once.

6. Now your problem will get resolved.

Prevent Hot Linking to images

2009-04-25T04:31:00.001-07:00

To stop other sites directly linking to your images and media files and stealing your bandwidth You need to add following code in your .htaccess file

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com(/)?.*$ [NC]
RewriteRule .*.(gif|jpg|jpeg|bmp|wmv)$ http://www.domain.com/image.jpg [R,NC]

Note: replace your website with domain.com

Installing SSL Certificate

2009-04-25T04:30:00.002-07:00

For installing the SSL certificate you need to have a dedicated IP Address, and make sure that your domain is registred domain name and resolving perfectly

Step 1: You need to generate CSR (certificate signing request ) from your webhost manager. which required following information.

———————————–
- Host to make cert for:
- Country(2 letter Abbreviation):
- State:
- City:
- Company Name:
- Company Division:
- Email:
- Password:
———————————–
Also please create webmaster@yourdomain.com (replace yourdomain.com with the domain that you want the SSL certificate to be setup for) and provide us with its password so we can complete the installation process.

After CSR generation you will get the CSR and RSA key

step 2: With the help of RSA key you need to purchase SSL certificate from any of SSL provider such as COMODO ,instant SSL

step 3: Once you got the SSL cerificate then you need to provide that certificate to hosting provider so the hosting provider will install SSL cerificate from WHM >> SSL/TLS >> Install a SSL Certificate and Setup the Domain option.

How to get Apache,php and mysql versions on linux server

2009-04-25T04:30:00.001-07:00

To get the apache version on Linux Server we have to use following command.

# /usr/local/apache/bin/httpd -v

To get the php version on Linux Server we have to use following command.

#php -v

you can get the php modules install on server with command #php -m
To get the mysql version on linux server we have to use following command.

#mysql -v

How to avoid spams using cpanel

2009-04-25T04:29:00.003-07:00

Spam emails is nothing but flooding Internet with many copies of the same email messages or legitimate emails . We can also called it as junk emails . It is very frustrating when we receive spam emails in our inbox. Many spammers use various tricks to send spam emails to unknown email addresses like anybody@domain.com , main@domain.com etc . If you are have a web hosting account with cpanel as your control panel then you can easily avoid spam emails using “Default Address” option.

By default all your unrouted emails are received in your main users inbox.

So you can avoid it by adding the following line in your cpanel >> mail >> default address option

• :fail: no such address here

You can also avoid spam emails using email filtering.

Cpanel >> Email Filtering >> add filter

Here you need to use your own filtering techniques like filter spam emails with specific subject, email address, contents, message ID etc.

Semget: No space left on device -- Semaphore

2009-04-25T04:29:00.001-07:00

[Fri Oct 10 00:11:01 2008] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten — Unclean shutdown of previous Apache run?
semget: No space left on device

This error occurred because there is no more space left in Semaphore Arrays for Apache.

You can check semaphore arrays on your server using the following command .

# ipcs -s

If you see too many of them, run the script as given below

#for i in `ipcs -s | awk ‘{print $2}’`; do ipcrm -s $i;done

Now restart Apache services

# service httpd startssl

Now Fixed….

View webalizer stats without login to cpanel

2009-04-25T04:28:00.000-07:00

Is it possible to view webalizer stats without login to cpanel?

Yes. Do the following steps.

cd /home/username/www
ln -s ../tmp/webalizer stats
chown username.username stats
cd ../tmp
chmod 755 ./
chmod 755 ./webalizer

will allow domain.com/stats/ for viewing stats without logging in to cpanel

Addon domain, Subdomain and Park domain

2009-04-25T04:27:00.003-07:00

What is Subdomain

In the Domain Name System (DNS) hierarchy, a subdomain is a domain that is part of a larger domain name. Subdomains are separated by dots “.” and we can access them as sudomain.maindomain.com or domain.com/subdomain and are read from left to right.

Popular real-life examples of subdomains include news.google.com, mail.yahoo.com, in which news, mail and en are subdomains, respectively.

Eg. blog.domain.com

What is Parked domain

Domain pointers allow you to point or park additional domain names to your existing hosting account. This will allow users to also reach your website when entering the parked or pointed domain into their browsers.

For example: if you park domain102.com at your hosting account for domain101.com, users visiting domain2.com will see the contents of domain1.com web page.

In simple way you can access one website with two different names.

What is Addon domain

Addon domains allow you to host more than one unique website (such that have different content) on your hosting account.

Example: domain101.com is the domain name you have signed up for. Then you decide to host another unique website, reached at domain102.com on the same account. That is when you need an addon domain.

iPhone X-APOP authentication support and secure connection failed

2009-04-25T04:27:00.001-07:00

When we add a new POP email account to iPhone, we got an error which said:

Secure Connection Failed - the certificate for user@domain.com may be invalid

Then, it asked if he wanted to Cancel or Continue.

Whenever we clicked Continue, the verifying POP account information just continued processing. It was like the iPhone freezed or hanged.

please perform the following steps to add a new POP email account

1. Click Settings
2. Click General
3. Click Auto-Lock
4. Click Never (don’t let it go to sleep)
5. Go back to Settings
6. Click Mail
7. Click Add Account
8. Click Other > POP and fill in the required information
9. Click Save and wait (Verifying POP account information)
10. Click Continue when Secure Connection Failed is prompted
11. Click Continue/Yes if you get either of these message:
* SSL connection failed, would you like to try without it?
* Secure Connection Failed…user@domain.com…invalid
12. It should complete and you’ll see your account added but to complete…
13. Click the new email account
14. Scroll down and Click Advanced
15. Turn off: Use SSL (both incoming and outgoing)
16. Make sure Authentication is Password
17. Set Server Port for Outgoing Settings
18. And you’re done!

Your outgoing port may be different from what I have mentioned so check with your Technical Support or Website Hosting administrator.

In addition to iPhone email encounters, also got this message when we checking email :

Cannot Get Mail
The POP Server “mail.domain.com” does not support X-APOP authentication. Please check your account settings and try again.

If you get this message, you’ll need to set the Authentication to Password. Please check your settings, it was set to MDA-5albeit only having MD5 Challenge-Response and HTTP MD5 Digest in the Authentication Settings. Anyway, the Authentication settings is found in the Advanced area of your email accounts. This may only happen to your default email account if you’re on POP.

So if you experience the iPhone mail X-APOP authentication support or secure connection failed, I hope this helps you too.

p.s: After you’re done, you can set your Auto-Lock back to your own preference.

Fantastico Installation

2009-04-25T04:26:00.001-07:00

SSH to your server(s) and enter following commands:

cd /usr/local/cpanel/whostmgr/docroot/cgi

wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz

tar -xzpf fantastico_whm_admin.tgz

rm -rf fantastico_whm_admin.tgz

NOTE: if you have problems contacting this server, please try this alternate location:

wget -N http://netenberg.com/files/free/fantastico_whm_admin.tgz

Now go to WHM, login as root and follow the link

WHM -> Add-Ons (Plugins on v11.x or higher) -> Fantastico De Luxe WHM Admin (scroll down the left menu).

Upon loading, Fantastico De Luxe WHM Admin will auto-update your existing installation (if existing). All admin files (masterfiles, tarballs, settings etc) will be moved to or created at /var/netenberg.

—

After the installation is complete, click on “Settings” and go through the settings. While some settings are not important, some other (marked below with an *) are essential for a proper functioning of Fantastico installations.

Language: Select the language for the admin backend AND default language for users without a language selected.

Email notifications: Enter an email address in order to receive notifications when users perform installations using Fantastico.

Master files settings (*): If you are not an advanced user who modifies the master files, leave this to “Remove”. Change this only if you know what you are doing

PHPsuexec (*): VERY ESSENTIAL!!! Changing this value will not install or de-install phpsuexec for you. It will only tell Fantastico that you have phpsuexec installed or not installed on your server. Change to “installed” if you perform installations which produce an “Internal Server Error”. Notice: Changes will not apply to existing installations! You have to re-install in order to have working installations.

Path to netPBM: Enter the full path to the netPBM binaries in order to enable Gallery installations. As long as this field has no value, your users will not be able to install Gallery.

Select Fantastico licensing and files server: If the Fantastico pages take long to load switch to the server that works best for you. Fantastico will auto-switch if connections time out.

Update preference: Select latest version (sometimes experimental) or stable version (best working).

Remote MySQL server

Open the file

/usr/local/cpanel/3rdparty/fantastico/includes/mysqlconfig.php

and follow the instructions.

HowTo: install cPanel on a Linux O/S server

2009-04-25T04:24:00.000-07:00

Installing cPanel on a linux box is as simple as:

cd /home

wget layer1.cpanel.net/latest

sh latest

After you install cPanel you may want to visit http://www.webhostgear.com and search for the cPanel newbee user guide

Have Fun!

Directory Structure of Cpanel

2009-04-25T04:23:00.000-07:00

Apache

/usr/local/apache
+ bin- apache binaries are stored here - httpd, apachectl, apxs
+ conf - configuration files - httpd.conf
+ cgi-bin
+ domlogs - domain log files are stored here
+ htdocs
+ include - header files
+ libexec - shared object (.so) files are stored here - libphp4.so,mod_rewrite.so
+ logs - apache logs - access_log, error_log, suexec_log
+ man - apache manual pages
+ proxy -
+ icons -

Init Script :/etc/rc.d/init.d/httpd - apache start script
Cpanel script to restart apache - /scripts/restartsrv_httpd

Exim

Conf : /etc/exim.conf - exim main configuration file
/etc/localdomains - list of domains allowed to relay mail
Log : /var/log/exim_mainlog - incoming/outgoing mails are logged here
/var/log/exim_rejectlog - exim rejected mails are reported here
/var/log/exim_paniclog - exim errors are logged here
Mail queue: /var/spool/exim/input
Cpanel script to restart exim - /scripts/restartsrv_exim
Email forwarders and catchall address file - /etc/valiases/domainname.com
Email filters file - /etc/vfilters/domainname.com
POP user authentication file - /home/username/etc/domainname/passwd
catchall inbox - /home/username/mail/inbox
POP user inbox - /home/username/mail/domainname/popusername/inbox
POP user spambox - /home/username/mail/domainname/popusername/spam
Program : /usr/sbin/exim (suid - -rwsr-xr-x 1 root root )
Init Script: /etc/rc.d/init.d/exim

ProFTPD

Program :/usr/sbin/proftpd
Init Script :/etc/rc.d/init.d/proftpd
Conf: /etc/proftpd.conf
Log: /var/log/messages, /var/log/xferlog
FTP accounts file - /etc/proftpd/username - all ftp accounts for the domain are listed here

Pure-FTPD

Program : /usr/sbin/pure-ftpd
Init Script :/etc/rc.d/init.d/pure-ftpd
Conf: /etc/pure-ftpd.conf
Anonymous ftp document root - /etc/pure-ftpd/ip-address

Frontpage Extensions

Program - (Install): /usr/local/frontpage/version5.0/bin/owsadm.exe
Uninstall and then install for re-installations
FP files are found as _vti-bin, _vti-pvt, _vti-cnf, vti-log inside the public_html

Mysql

Program : /usr/bin/mysql
Init Script : /etc/rc.d/init.d/mysql
Conf : /etc/my.cnf, /root/.my.cnf
Data directory - /var/lib/mysql - Where all databases are stored.
Database naming convention - username_dbname (eg: john_sales)
Permissions on databases - drwx 2 mysql mysql
Socket file - /var/lib/mysql/mysql.sock, /tmp/ mysql.sock

SSHD

Program :/usr/local/sbin/sshd
Init Script :/etc/rc.d/init.d/sshd
/etc/ssh/sshd_config
Log: /var/log/messages

Perl

Program :/usr/bin/perl
Directory :/usr/lib/perl5/5.6.1/

PHP

Program :/usr/local/bin/php, /usr/bin/php
ini file: /usr/local/lib/php.ini - apache must be restarted after any change to this file
php can be recomplied using /scripts/easyapache

Named(BIND)

Program: /usr/sbin/named
Init Script: /etc/rc.d/init.d/named
/etc/named.conf
db records:/var/named/
/var/log/messages

cPanel

/usr/local/cpanel
+ 3rdparty/ - tools like fantastico, mailman files are located here
+ addons/ - AdvancedGuestBook, phpBB etc
+ base/ - phpmyadmin, squirrelmail, skins, webmail etc
+ bin/ - cpanel binaries
+ cgi-sys/ - cgi files like cgiemail, formmail.cgi, formmail.pl etc
+ logs/ - cpanel access log and error log
+ whostmgr/ - whm related files
WHM

/var/cpanel - whm files
+ bandwidth/ - rrd files of domains
+ username.accts - reseller accounts are listed in this files
+ packages - hosting packages are listed here
+ root.accts - root owned domains are listed here
+ suspended - suspended accounts are listed here
+ users/ - cpanel user file - theme, bwlimit, addon, parked, sub-domains all are listed in this files
+ zonetemplates/ - dns zone template files are taken from here

Important cPanel/WHM files

/etc/httpd/conf/httpd.conf - apache configuration file
/etc/exim.conf - mail server configuration file
/etc/named.conf - name server (named) configuration file
/etc/proftpd.conf - proftpd server configuration file
/etc/pure-ftpd.conf - pure-ftpd server configuration file
/etc/valiases/domainname - catchall and forwarders are set here
/etc/vfilters/domainname - email filters are set here
/etc/userdomains - all domains are listed here - addons, parked,subdomains along with their usernames
/etc/localdomains - exim related file - all domains should be listed here to be able to send mails
/var/cpanel/users/username - cpanel user file
/var/cpanel/cpanel.config - cpanel configuration file ( Tweak Settings )*
/etc/cpbackup-userskip.conf -
/etc/sysconfig/network - Networking Setup*
/etc/hosts -
/var/spool/exim -
/var/spool/cron -
/etc/resolv.conf - Networking Setup–> Resolver Configuration
/etc/nameserverips - Networking Setup–> Nameserver IPs ( FOr resellers togive their nameservers )
/var/cpanel/resellers - For addpkg, etc permissions for resellers.
/etc/chkserv.d - Main >> Service Configuration >> Service Manager *
/var/run/chkservd - Main >> Server Status >> Service Status *
/var/log/dcpumon - top log process
/root/cpanel3-skel - skel directory. Eg: public_ftp, public_html. (AccountFunctions–>Skeleton Directory )*
/etc/wwwacct.conf - account creation defaults file in WHM (Basic cPanel/WHMSetup)*
/etc/cpupdate.conf - Update Config *
/etc/cpbackup.conf - Configure Backup*
/etc/clamav.conf - clamav (antivirus configuration file )
/etc/my.cnf - mysql configuration file
/usr/local/Zend/etc/php.ini OR /usr/local/lib/php.ini - php configuration file
/etc/ips - ip addresses on the server (except the shared ip) (IP Functions–>Show IP Address Usage )*
/etc/ipaddrpool - ip addresses which are free
/etc/ips.dnsmaster - name server ips
/var/cpanel/Counters - To get the counter of each users.
/var/cpanel/bandwidth - To get bandwith usage of domains

20 ways to Secure your Apache Configuration

2009-04-25T04:19:00.000-07:00

Here are 20 things you can do to make your apache configuration more secure.

Disclaimer: The thing about security is that there are no guarantees or absolutes. These suggestions should make your server a bit tighter, but don't think your server is necessarily secure after following these suggestions.

Additionally some of these suggestions may decrease performance, or cause problems due to your environment. It is up to you to determine if any of the changes I suggest are not compatible with your requirements. In other words proceed at your own risk.

First, make sure you've installed latest security patches

There is no sense in putting locks on the windows, if your door is wide open. As such, if you're not patched up there isn't really much point in continuing any longer on this list. Go ahead and bookmark this page so you can come back later, and patch your server.

Hide the Apache Version number, and other sensitive information.

By default many Apache installations tell the world what version of Apache you're running, what operating system/version you're running, and even what Apache Modules are installed on the server. Attackers can use this information to their advantage when performing an attack. It also sends the message that you have left most defaults alone.

There are two directives that you need to add, or edit in your httpd.conf file:
ServerSignature Off
ServerTokens Prod

The ServerSignature appears on the bottom of pages generated by apache such as 404 pages, directory listings, etc.

The ServerTokens directive is used to determine what Apache will put in the Server HTTP response header. By setting it to Prod it sets the HTTP response header as follows:
Server: Apache

If you're super paranoid you could change this to something other than "Apache" by editing the source code, or by using mod_security (see below).

Make sure apache is running under its own user account and group

Several apache installations have it run as the user nobody. So suppose both Apache, and your mail server were running as nobody an attack through Apache may allow the mail server to also be compromised, and vise versa.
User apache
Group apache

Ensure that files outside the web root are not served

We don't want apache to be able to access any files out side of its web root. So assuming all your web sites are placed under one directory (we will call this /web), you would set it up as follows:

Order Deny,Allow
Deny from all
Options None
AllowOverride None

Order Allow,Deny
Allow from all

"Note that because we set Options None and AllowOverride None this will turn off all options and overrides for the server. You now have to add them explicitly for each directory that requires an Option or Override."

Turn off directory browsing

You can do this with an Options directive inside a Directory tag. Set Options to either None or -Indexes
Options -Indexes

Turn off server side includes

This is also done with the Options directive inside a Directory tag. Set Options to either None or -Includes
Options -Includes

Turn off CGI execution

If you're not using CGI turn it off with the Options directive inside a Directory tag. Set Options to either None or -ExecCGI
Options -ExecCGI

Don't allow apache to follow symbolic links

This can again can be done using the Options directive inside a Directory tag. Set Options to either None or -FollowSymLinks
Options -FollowSymLinks

Turning off multiple Options

If you want to turn off all Options simply use:
Options None

If you only want to turn off some separate each option with a space in your Options directive:
Options -ExecCGI -FollowSymLinks -Indexes

Turn off support for .htaccess files

This is done in a Directory tag but with the AllowOverride directive. Set it to None.
AllowOverride None

If you require Overrides ensure that they cannot be downloaded, and/or change the name to something other than .htaccess. For example we could change it to .httpdoverride, and block all files that start with .ht from being downloaded as follows:
AccessFileName .httpdoverride

Order allow,deny
Deny from all
Satisfy All

Run mod_security

mod_security is a super handy Apache module written by Ivan Ristic, the author of Apache Security from O'Reilly press.

You can do the following with mod_security:
Simple filtering
Regular Expression based filtering
URL Encoding Validation
Unicode Encoding Validation
Auditing
Null byte attack prevention
Upload memory limits
Server identity masking
Built in Chroot support
And more

Disable any unnecessary modules

Apache typically comes with several modules installed. Go through the apache module documentation and learn what each module you have enabled actually does. Many times you will find that you don't need to have the said module enabled.

Look for lines in your httpd.conf that contain LoadModule. To disable the module you can typically just add a # at the beginning of the line. To search for modules run:
grep LoadModule httpd.conf

Here are some modules that are typically enabled but often not needed: mod_imap, mod_include, mod_info, mod_userdir, mod_status, mod_cgi, mod_autoindex.

Make sure only root has read access to apache's config and binaries

This can be done assuming your apache installation is located at /usr/local/apache as follows:
chown -R root:root /usr/local/apache
chmod -R o-rwx /usr/local/apache

Lower the Timeout value

By default the Timeout directive is set to 300 seconds. You can decrease help mitigate the potential effects of a denial of service attack.
Timeout 45

Limiting large requests

Apache has several directives that allow you to limit the size of a request, this can also be useful for mitigating the effects of a denial of service attack.

A good place to start is the LimitRequestBody directive. This directive is set to unlimited by default. If you are allowing file uploads of no larger than 1MB, you could set this setting to something like:
LimitRequestBody 1048576

If you're not allowing file uploads you can set it even smaller.

Some other directives to look at are LimitRequestFields, LimitRequestFieldSize and LimitRequestLine. These directives are set to a reasonable defaults for most servers, but you may want to tweak them to best fit your needs. See the documentation for more info.

Limiting the size of an XML Body

If you're running mod_dav (typically used with subversion) then you may want to limit the max size of an XML request body. The LimitXMLRequestBody directive is only available on Apache 2, and its default value is 1 million bytes (approx 1mb). Many tutorials will have you set this value to 0 which means files of any size may be uploaded, which may be necessary if you're using WebDAV to upload large files, but if you're simply using it for source control, you can probably get away with setting an upper bound, such as 10mb:
LimitXMLRequestBody 10485760

Limiting Concurrency

Apache has several configuration settings that can be used to adjust handling of concurrent requests. The MaxClients is the maximum number of child processes that will be created to serve requests. This may be set too high if your server doesn't have enough memory to handle a large number of concurrent requests.

Other directives such as MaxSpareServers, MaxRequestsPerChild, and on Apache2 ThreadsPerChild, ServerLimit, and MaxSpareThreads are important to adjust to match your operating system, and hardware.

Restricting Access by IP

If you have a resource that should only by accessed by a certain network, or IP address you can enforce this in your apache configuration. For instance if you want to restrict access to your intranet to allow only the 176.16 network:

Order Deny,Allow
Deny from all
Allow from 176.16.0.0/16

Or by IP:
Order Deny,Allow
Deny from all
Allow from 127.0.0.1

Adjusting KeepAlive settings

According to the Apache documentation using HTTP Keep Alive's can improve client performance by as much as 50%, so be careful before changing these settings, you will be trading performance for a slight denial of service mitigation.

KeepAlive's are turned on by default and you should leave them on, but you may consider changing the MaxKeepAliveRequests which defaults to 100, and the KeepAliveTimeout which defaults to 15. Analyze your log files to determine the appropriate values.

Run Apache in a Chroot environment

chroot allows you to run a program in its own isolated jail. This prevents a break in on one service from being able to effect anything else on the server.

It can be fairly tricky to set this up using chroot due to library dependencies. I mentioned above that the mod_security module has built in chroot support. It makes the process as simple as adding a mod_security directive to your configuration:
SecChrootDir /chroot/apache

How to enable both 'register globals' and ' magic_quotes_gpc' using your .htaccess or php.ini

2009-01-28T21:43:00.000-08:00

A lot of hosts these days have php’s Register_Globals set to off by default. This is a server wide setting. You can change this for your individual sites by adding a line to the .htaccess file or php.ini file in your root home folder:

In htaccess

php_value register_globals on

php_value magic_quotes_gpc off

In php.ini

register_globals = On

magic_quotes_gpc = Off

Apache startup Fail

2009-01-27T23:41:00.001-08:00

You may sometimes encounter the following problem while starting apache server

====

[root@epsilon root]# /etc/init.d/httpd start
Starting httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
[FAILED]
====

To fix this run the following commands

#fuser -k -n tcp 80

That's all

MySQL Commands

2009-01-27T22:33:00.000-08:00

Create a database on the sql server.

mysql> create database [databasename];

List all databases on the sql server.

mysql> show databases;

Switch to a database.

mysql> use [db name];

To see all the tables in the db.

mysql> show tables;

To see database's field formats.

mysql> describe [table name];

To delete a db.

mysql> drop database [database name];

To delete a table.

mysql> drop table [table name];

Show all data in a table.

mysql> SELECT * FROM [table name];

Returns the columns and column information pertaining to the designated table.

mysql> show columns from [table name];

Show certain selected rows with the value "whatever".

mysql> SELECT * FROM [table name] WHERE [field name] = "whatever";

Show all records containing the name "Bob" AND the phone number '3444444'.

mysql> SELECT * FROM [table name] WHERE name = "Bob" AND phone_number = '3444444';

Show all records not containing the name "Bob" AND the phone number '3444444' order by the phone_number field.

mysql> SELECT * FROM [table name] WHERE name != "Bob" AND phone_number = '3444444' order by phone_number;

Show all records starting with the letters 'bob' AND the phone number '3444444'.

mysql> SELECT * FROM [table name] WHERE name like "Bob%" AND phone_number = '3444444';

Show all records starting with the letters 'bob' AND the phone number '3444444' limit to records 1 through 5.

mysql> SELECT * FROM [table name] WHERE name like "Bob%" AND phone_number = '3444444' limit 1,5;

Use a regular expression to find records. Use "REGEXP BINARY" to force case-sensitivity. This finds any record beginning with a.

mysql> SELECT * FROM [table name] WHERE rec RLIKE "^a";

Show unique records.

mysql> SELECT DISTINCT [column name] FROM [table name];

Show selected records sorted in an ascending (asc) or descending (desc).

mysql> SELECT [col1],[col2] FROM [table name] ORDER BY [col2] DESC;

Return number of rows.

mysql> SELECT COUNT(*) FROM [table name];

Sum column.

mysql> SELECT SUM(*) FROM [table name];

Join tables on common columns.

mysql> select lookup.illustrationid, lookup.personid,person.birthday from lookup left join person on lookup.personid=person.personid=statement to join birthday in person table with primary illustration id;

Creating a new user. Login as root. Switch to the MySQL db. Make the user. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO user (Host,User,Password) VALUES('%','username',PASSWORD('password'));
mysql> flush privileges;

Change a users password from unix shell.

# [mysql dir]/bin/mysqladmin -u username -h hostname.blah.org -p password 'new-password'

Change a users password from MySQL prompt. Login as root. Set the password. Update privs.

# mysql -u root -p
mysql> SET PASSWORD FOR 'user'@'hostname' = PASSWORD('passwordhere');
mysql> flush privileges;

Recover a MySQL root password. Stop the MySQL server process. Start again with no grant tables. Login to MySQL as root. Setnew password. Exit MySQL and restart MySQL server.

# /etc/init.d/mysql stop
# mysqld_safe --skip-grant-tables &
# mysql -u root
mysql> use mysql;
mysql> update user set password=PASSWORD("newrootpassword") where User='root';
mysql> flush privileges;
mysql> quit
# /etc/init.d/mysql stop
# /etc/init.d/mysql start

Set a root password if there is on root password.

# mysqladmin -u root password newpassword

Update a root password.

# mysqladmin -u root -p oldpassword newpassword

Allow the user "bob" to connect to the server from localhost using the password "passwd". Login as root. Switch to the MySQL db. Give privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> grant usage on *.* to bob@localhost identified by 'passwd';
mysql> flush privileges;

Give user privilages for a db. Login as root. Switch to the MySQL db. Grant privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO user (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES ('%','databasename','username','Y','Y','Y','Y','Y','N');
mysql> flush privileges;

or

mysql> grant all privileges on databasename.* to username@localhost;
mysql> flush privileges;

To update info already in a table.

mysql> UPDATE [table name] SET Select_priv = 'Y',Insert_priv = 'Y',Update_priv = 'Y' where [field name] = 'user';

Delete a row(s) from a table.

mysql> DELETE from [table name] where [field name] = 'whatever';

Update database permissions/privilages.

mysql> flush privileges;

Delete a column.

mysql> alter table [table name] drop column [column name];

Add a new column to db.

mysql> alter table [table name] add column [new column name] varchar (20);

Change column name.

mysql> alter table [table name] change [old column name] [new column name] varchar (50);

Make a unique column so you get no dupes.

mysql> alter table [table name] add unique ([column name]);

Make a column bigger.

mysql> alter table [table name] modify [column name] VARCHAR(3);

Delete unique from table.

mysql> alter table [table name] drop index [colmn name];

Load a CSV file into a table.

mysql> LOAD DATA INFILE '/tmp/filename.csv' replace INTO TABLE [table name] FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n' (field1,field2,field3);

Dump all databases for backup. Backup file is sql commands to recreate all db's.

# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql

Dump one database for backup.

# [mysql dir]/bin/mysqldump -u username -ppassword --databases databasename >/tmp/databasename.sql

Dump a table from a database.

# [mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql

Restore database (or database table) from backup.

# [mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql

Create Table Example 1.

mysql> CREATE TABLE [table name] (firstname VARCHAR(20), middleinitial VARCHAR(3), lastname VARCHAR(35),suffix VARCHAR(3),officeid VARCHAR(10),userid VARCHAR(15),username VARCHAR(8),email VARCHAR(35),phone VARCHAR(25), groups VARCHAR(15),datestampDATE,timestamp time,pgpemail VARCHAR(255));

Create Table Example 2.

mysql> create table [table name] (personid int(50) not null auto_increment primary key,firstname varchar(35),middlename varchar(50),lastnamevarchar(50) default 'bato');

Basic cPanel Scripts

2009-01-19T18:09:00.000-08:00

cPanel and WHM has a large number of predefined scripts available in the /scripts folder. The available scripts are as follows:

/scripts/adddns -- Add a Dns Entry

/scripts/addfpmail -- Install Frontpage Mail Exts

/scripts/addservlets -- Add JavaServlets to an account (JSP plugin required)
/scripts/adduser -- Add a User
/scripts/admin -- Run WHM Lite
/scripts/apachelimits -- Add Rlimits (CPU and MEM limits) to apache.
/scripts/autorepair -- For repairing spam database, horde patch etc.
/scripts/cpbackup -- Backing up accounts
/scripts/courierup -- Reinstall courier
/scripts/dnstransfer -- Resync with a master DNS Server
/scripts/editquota -- Edit A User's Quota
/scripts/eximup -- Reinstall exim
/scripts/finddev -- Search For Trojans in /dev
/scripts/findtrojans -- Locate Trojan Horses

/scripts/findtrojans > /var/log/trojans
/scripts/fixtrojans /var/log/trojans

/scripts/fixcartwithsuexec -- Make Interchange work with suexec
/scripts/fixquotas -- Fix account's quota
/scripts/fixhome -- Fix Permissions on accounts
/scripts/fixinterchange -- Fix Most Problems with Interchange
/scripts/fixndc -- To try and fix domain controller
/scripts/fixtrojans -- Run on a trojans horse file created by findtrojans to remove them
/scripts/fixwebalizer -- Run this if a user's stats stop working
/scripts/fixvaliases -- Fix a broken valias file
scripts/fullhordereset -- Reset the horde database
/scripts/generate_maildirsize-- Fix mailbox size
/scripts/hdparamify -- Turn on DMA and 32bit IDE hard drive access (once per boot)
/scripts/initquotas -- Re-scan quotas. Usually fixes Disk space display problems
/scripts/initsuexec -- Turn on SUEXEC (probably a bad idea)
/scripts/installzendopt -- Fetch + Install Zend Optimizer
/scripts/ipusage -- Display IP usage Report
/scripts/killacct -- Terminate an Account
/scripts/killbadrpms -- Delete \"Security Problem Infested RPMS\"
/scripts/killdns -- Delete a dns zone
/scripts/mailperm -- Fix Various Mail Permission Problems
/scripts/mailtroubleshoot -- Attempt to Troubleshoot a Mail Problem
/scripts/makecpphp -- Compile cpanel php
/scripts/mysqlpasswd -- Change a Mysql Password
/scripts/mysqlup -- Reinstall mysql
/scripts/newftpuser -- Create a new ftp user
/scripts/quicksecure -- Kill Potential Security Problem Services
/scripts/perlinstaller -- Install a perl module
/scripts/pkgacct -- To take backup of an account
/scripts/rebuildippool -- Rebuild Ip Address Pool
/scripts/reinstallmailman -- Reinstall MailMan
/scripts/realperlinstaller -- Install a perl module
/scripts/remdefssl -- Delete Nasty SSL entry in apache default httpd.conf
/scripts/restartsrv -- Restart a Service (valid services: httpd,proftpd,exim,sshd,cppop,bind,mysql)
/scripts/restorepkg -- Restore an account
/scripts/rpmup -- Syncup Security Updates from RedHat/Mandrake
/scripts/runweblogs -- Force an awstats update.
/scripts/runlogsnow -- Force a webalizer/analog update.
/scripts/secureit -- Remove non-important suid binaries
/scripts/setupfp4 -- Install Frontpage 4+ on an account.
/scripts/setupfp5 -- Install Frontpage 5+ on an account.
/scripts/simpleps -- Return a Simple process list. Useful for finding where cgi scripts are running from.
/scripts/suspendacct -- Suspend an account
/scripts/sysup -- Syncup Cpanel RPM Updates
/scripts/ulimitnamed -- RH 6 only. Install a version of bind to handle many many zones.
/scripts/unblockip -- Unblock an IP
/scripts/unsuspendacct -- UnSuspend an account
/scripts/upcp -- Update Cpanel
/scripts/updatenow -- Update /scripts
/scripts/updateuserdomains -- Update /etc/userdomains file
/scripts/wwwacct -- Create a New Account

Apache Useful Commands

2009-01-19T00:56:00.000-08:00

httpd -v

Outputs the build date and version of the Apache server.

httpd -l

Lists compiled in Apache modules

httpd status

Only works if mod_status is enabled and shows a page of active connections

service httpd restart

Restarted Apache web server

/etc/init.d/httpd startssl

Start apache with SSL enabled (if not in the conf)

cPanel Logs - A detailed view

2009-01-19T00:44:00.000-08:00

Applications can log the system activity in two ways, one being according to their autonomous logic & the other through the system’s log daemon, well know as syslog..

The syslog daemon’s configuration file /etc/syslog.conf contains all the necessary paths/locations as to where the logs are stored.

Usually the directory /var/log/ is used for the system logs but other applications use the applications specified directories to store their log files…
Many distributions provide tools to manage and analyze the system logs.

Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file.
It may also have additional package-defined configurations in the /etc/logrotate.d/ directory..
In order to understand what’s happening on the system a brief analysis of /etc/syslog.conf is mandatory for checking the main logs positions.

Here are some basic log files, their locations & a brief description which can be found in Linux distros [mostly in cPanel ]:

General:

Quote:
cPanel/WHM Initial Installation Errors:
Location : /var/log/cpanel*install*
Description : These log files contain cPanel installation logs & should be referenced first for any issues resulting from new cPanel installations..

Quote:
Cpanel/WHM Service Status Logs:
Location : /var/log/chkservd.log
Description :The service monitoring demon (chkservd) logs all service checks here. Failed service are represented with a [-] and active services are represented by [+].

Quote:
Cpanel/WHM Accounting Logs:
Location : /var/cpanel/accounting.log
Description : Contains a list of accounting functions performed through WHM, including account removal and creation..

cPanel/WHM Specific Requests and Errors:

Quote:
cPanel error logs:
Location : /usr/local/cpanel/logs/error_log
Description : cPanel logs any error it incurs here. This should be checked when you encounter errors or strange behavior in cPanel/WHM…

Quote:
cPanel License Error Logs:
Location : /usr/local/cpanel/logs/license_log
Description : All license update attempts are logged here. If you run into any errors related to license when logging in, check here.

Quote:
Stats Daemon Logs:
Location : /usr/local/cpanel/logs/stats_log
Description : The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.

Quote:
Client Information, Requested URL Logs:
Location : /usr/local/cpanel/logs/access_log
Description : General information related to access cPanel requests is logged here.

Quote:
cPanel/WHM Update Logs:
Location : /var/cpanel/updatelogs/update-[TIMESTAMP].log
Description : Contains all output from each cPanel update [upcp]. It’s named with the timestamp at which the upcp process was initiated..

Quote:
Bandwidth Logs:
Location : /var/cpanel/bandwidth
Description : Files contain a list of the bandwidth history for each account. Each named after their respective user.

Quote:
Tailwatchd [New]:
Location : /usr/local/cpanel/logs/tailwatchd_log
Description : Logs for daemon configuired under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.

Apache Logs:

Quote:
General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.

Quote:
Apache SuExec Logs:
Location : /usr/local/apache/logs/suexec_log
Description : Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations…

Quote:
Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.

Quote:
Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.

Exim :

Quote:
Message Reception and Delivery:
Location : /var/log/exim_mainlog or /var/log/exim/mainlog
Description : Receives an entry every time a message is received or delivered.

Quote:
Exim ACLs/Policies based RejectLog :
Location : /var/log/exim_rejectlog
Description : An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail

Quote:
Unexpected or Fatal Errors:
Location : /var/log/exim_paniclog
Description : Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated..

Quote:
IMAP/POP/SpamAssassin General Logging and Errors:
Location : /var/log/maillog & /var/log/messages
Description : The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.

FTP:

Quote:
FTP Logins and General Errors:
Location : /var/log/messages
Description : General information and login attempts are logged here..

Quote:
FTP Transactions logging:
Location : /var/log/xferlog or /var/log/messages
Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users…

MySQL:

Quote:
MySQL General Information and Errors :
Location : /var/lib/mysql/$(hostname).err
Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log

Security:

Quote:
Authentication attempts:
Location : /var/log/secure
Description : Logs all daemons which requires PAM Authentication.

Quote:
Tracking all Bad Logins and Logouts:
Location : /var/log/btmp
Description : Log of all attempted bad logins to the system. Accessed via the lastb command..

Quote:
Tracking all Logins and Logouts:
Location : /var/log/wtmp
Description : The wtmp file records all logins and logouts.

Quote:
Last Logins:
Location : /var/log/lastlog
Description : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user.

Quote:
WebDav or WebDisk Log :
Location : /usr/local/cpanel/logs/cpdavd_error_log
Description : The cpdavd daemon is “WebDav” (better known as “WebDisk") which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content…

Quote:
Cphulkd Logs:
Location : /usr/local/cpanel/logs/cphulkd_errors.log
Description : cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service….
It blacklists IPs that it thinks are trying to run a brute force attack.

Quote:
Failure Logging:
Location : /var/log/faillog
Description : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure.

Quote:
Startup/Boot, Kernel & Hardware error messages :
Location : /var/log/dmesg
Description : dmesg is a “window” into the kernels ring-buffer. It’s a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..

How to configure OutLook email client?

2009-01-18T08:56:00.000-08:00

Steps to configure OutLook Email client:

1. Click “Tools” -> “Email Accounts” on the menu bar.

2. Select “Add a new e-mail account” and click “Next”.

3. Select “POP3″ and click “Next”.

4. Enter your name and email address under “User Information”.

5. Under “Logon Information”, enter the username and password you use to login to the mail server. MAKE SURE to put the domain at the end of the username — e.g. “user@domain.com” and not just “user”.

6. Check “Remember password” if desired.

7. Under “Server Information”, enter the mailserver in both the POP3 and SMTP fields.

8. Click “More Settings…”.

9. Open the tab “Outgoing Server”. Check the box that says “My outgoing server (SMTP) requires authentication”, and make sure that “Use same settings as my incoming mail server” is selected beneath that.

10. Click “OK”, then “Next”, and then “Finish”.

How to reset MySQL root password?

2009-01-18T08:32:00.000-08:00

If you forgot root password for your MySQL server, you can follow the steps below to reset it.

1. Login to the server as root and stop MySQL service.

# /etc/init.d/mysqld stop

2. Start mysqld_safe service.

# mysqld_safe –skip-grant-tables &

3. Login to MySQL server now. It won’t ask you for a password.

# mysql -u root

4. Set up a new MySQL root user password:

mysql> use mysql;

mysql> update user set password=PASSWORD(”NEW-ROOT-PASSWORD”) where User=’root‘;

mysql> flush privileges;

mysql> quit

5. Restart your MySQL service.

# /etc/init.d/mysqld restart

6. Try to login using new password. It should work fine.

# mysql -u root -p

That’s it !!!

Installation of mod_security

2009-01-18T05:05:00.000-08:00

Here are the step for mod_security installation.

1. Login to the server with root password.

2. Downlaod of the latest version of mod_security

wget http://www.modsecurity.org/download/…y-1.7.4.tar.gz

3 Untar the file.

tar zxvf mod_security-1.7.4.tar.gz

4. Now, cd mod_security-1.7.4/

5. Now check for apache version is installed on the server

APACHE 1.3.x users
cd apache1/
APACHE 2.x users
cd apache2/

6. Compliling the module

/usr/local/apache/bin/apxs -cia mod_security.c

7. Edit the apache config file now, just take the backup of the file if needed for precaution.

vi /usr/local/apache/conf/httpd.conf

Now, check the followin;

# Turn the filtering engine On or Off
SecFilterEngine On

# Change Server: string
SecServerSignature ” ”

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 1 255

# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. “On” will log everything,
# “DynamicOrRelevant” will log dynamic requests or violations,
# and “RelevantOnly” will only log policy violations
SecAuditEngine RelevantOnly

# The name of the audit log file
SecAuditLog /var/log/httpd/audit_log

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# Action to take by default
SecFilterDefaultAction “deny,log,status:500?

# Require HTTP_USER_AGENT and HTTP_HOST in all requests
SecFilterSelective “HTTP_USER_AGENT|HTTP_HOST” “^$”

# Prevent path traversal (..) attacks
SecFilter “../”

# Weaker XSS protection but allows common HTML tags
SecFilter “”

# Very crude filters to prevent SQL injection attacks
SecFilter “delete[[:space:]]+from”
SecFilter “insert[[:space:]]+into”
SecFilter “select.+from”

# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID “!^[0-9a-z]*$”
SecFilterSelective COOKIE_PHPSESSID “!^[0-9a-z]*$”

8. Last but not the least — Restart Apache.

The installations process finished.

How to Install Mod_perl on cpanel server

2009-01-18T04:55:00.000-08:00

* First-To install Mod_perl, Login to your existing account or create new account. You may select either the rvskin admin account or fantastico admin account. In case if you’ve install it in the rvadmin account, then you can proceed as below.

* SSH into the server, and go to:

cd /home/rvadmin/ directory

* Get the mod_perl-1.29.tar.gz

wget http://perl.apache.org/dist/mod_perl-1.0-current.tar.gz

* Unpack the file:

tar xzf mod_perl-1.29.tar.gz

* Move to the mod_perl directoy:

cd mod_perl-1.29

* Configure

perl Makefile.PL USE_APXS=1 WITH_APXS=/usr/local/apache/bin/apxs EVERYTHING=1

* Run Make

make

* Run Install

make install

* Activate Mod Perl

/usr/local/apache/bin/apxs -a -n perl -i libperl.so

#########
Create the script as shown below, and add it to the root directory of the mod_perl account holder (for this case rvadmin), and modify the permissions (chmod +x add-mod-perl.sh), so to add mod_perl back into apache, you just require to run the script, and then confirm that apache restarted with mod perl in it, you can then check in WHM/News to see if mod_perl is listed .
#########

Now you will need to run if you re-compile Apache. The mod_perl binary is at
/home/rvadmin/mod_perl-1.29/apaci/libperl.so, to make it more simple just put the following lines in a file:

— cut here —

#!/bin/sh
libperl=/home/rvadmin/mod_perl-1.29/apaci/libperl.so
apxs=/usr/local/apache/bin/apxs
$apxs -a -n perl -i $libperl
/etc/init.d/httpd stop
/etc/init.d/httpd start

— cut here —

Name the file add-mod-perl.sh and execute “chmod +x add-mod-perl.sh”. after compiling apache run the script (”./add-mod-perl.sh”) and it should work.