Categories
|

CPanel
The following steps are involved
Make sure that you are logged in as root user
1. Using vi editor, create a file called logs
[root@visserver~]# vi logs
2. Add the following lines
echo > /usr/local/apache/logs/error_log
echo > /usr/local/apache/logs/access_log
echo > /usr/local/apache/logs/access_log
echo > /usr/local/apache/logs/error_log
echo > /usr/local/cpanel/logs/access_log
echo > /usr/local/cpanel/logs/error_log
echo > /var/log/exim_mainlog
echo > /var/log/exim_rejectlog
echo > /var/log/maillog
echo > /var/log/messages
echo > /var/log/messages.1
echo > /var/log/maillog.1
3. Save the file
4. Change the permissions of the file to 755 using the chmod command
[root@visserver~]# chmod 755 logs
5. Execute the file
[root@visserver~]#./logs
This will empty all logs present on the server.
|

Database
Changing mysql data directory to protect db corruption
MySQL data are located under /var/lib/mysql by default, which could cause a problem to corrupt huge database.Here the steps to change the data directory
1. Stop the mysql daemon - /etc/init.d/mysql stop
open the my.cnf file - vim /etc/mysql/my.cnf
Change the following line datadir=/var/lib/mysql/ to /home/mysql/
Create a /home/mysql directory and give clearance to mysql
mkdir /home/mysql
chown -R mysql /home/mysql
chgrp -R mysql /home/mysql
Copy data and preserve permissions, etc.
cp -Rp /var/lib/mysql/* /home/mysql/
Start the mysql service - /etc/init.d/mysql start
|

How to Backup/Restore a MySQL Database
The mysqldump command creates a text version of the database. Specifically, it creates a list of SQL statements which can be used to restore/recreate the original database.
The syntax is:
$ mysqldump -u [uname] -p[pass] [dbname] > [backupfile.sql]
where
[uname] - is the database username
[pass] - is the password of the database
[dbname] - the database name
[backupfile.sql] - the name of the backup file that is to be created
You can dump a table, a database, or all databases.
Example:
To dump all MySQL databases on the system, use the –all-databases shortcut
$ mysqldump -u root -p –all-databases > [backupfile.sql]
|

PhpMyAdmin SQL Search and Replace
This SQL query method is extremely helpful when you need to replace multiple text strings and do not wish to export the entire database just to make those changes. With the SQL Search and Replace the database changes can be made instantly.
1) Login to phpMyAdmin and select the required database
2) Click the SQL tab.
Enter the following in the run SQL Query text box (replacing tablename, tablefield, findstring and replacestring with the actual information:
UPDATE tablename SET tablefield = replace(tablefield,"findstring","replacestring");
Click go to process the changes and update the SQL database
|

DNS
Flush DNS cache in Linux
Restart the nscd service. It is a daemon that provides a cache for the most common name service requests.
/etc/rc.d/init.d/nscd restart
|

File Processing
Linux find command with examples
To find all files ending with .html:
find / -name \*.html -print
The character causes the shell to ignore the following character, in this case an asterisk.
To find a file that starts with project:
find / -name project\* -print
Multiple wildcards can be used in the same find command.
The following command finds all files with the word maybe in it:
find / -name \*maybe\* -print
The backslash \ character is important. It tells the shell not to treat the wildcard character as a wildcard when interpreting the command line arguments.
To find all empty files on the entire system:
find / -size 0 -print
To find all empty files from the current directory down,
find . -size 0 -print
To find all files with zero length and ask if they should be deleted:
find / -size 0 -ok rm {} \;
The backslash \ is important because it tells the shell to ignore the semicolon symbol which usually separates commands on a single command line.
|

Find files that are older than X years
If you want to find out what files are older than, for example say one year and still residing on your hard drive, go to the root directory and issue the following command
find . -mtime +365
This will search for such files on all the Linux partition and display the results in verbose mode. In this case, 365 stands for the number of days to go back.
|

FTP
VSFTP - restrict users to their home directory
- If you are looking to restrict FTP users to their home directory
- Open vsftpd configuration file - /etc/vsftpd/vsftpd.conf
# vi /etc/vsftpd/vsftpd.con
- Make sure following line exists. Uncomment it by removing the semicolon
;chroot_local_user=YES
- Save and close the file. Restart vsftpd service.
/etc/init.d/vsftpd restart
|

Installation
Installing Webmin on Linux
The following steps are involved in installing webmin.
1. Change the directory to src under /usr/local
[root@visserver~]#cd /usr/local/src
2. Download the webmin RPM using the wget utility
[root@visserver~]#wget http://sourceforge.net/projects/webadmin/files/webmin/1.500/webmin-1.500-1.noarch.rpm/download
install the RPM
[root@visserver~]#rpm -Uvh webmin-1.500-1.noarch.rpm
Using the web browser login into webmin using the server's as root and with the password
The webmin URL will be as follows http://server.domain.com:10000
|

Mail
Mailbox size limit in Postfix
Inorder to display the default mailbox size limit in Postfix, follow the below commands
- # postconf mailbox_size_limit
- Output:
mailbox_size_limit = 51200000
51200000 bytes is default mailbox size limit.
- # postconf message_size_limit gives you the max message size limit
- Output:
message_size_limit = 10240000
To set a new mailbox size limit
- Open the postfix configuration file /etc/postfix/main.cf
- Issue
# vi /etc/postfix/main.cf
- Add/modify/set values as follows:
mailbox_size_limit = 30000000
message_size_limit = 10240000
- Save and restart postfix
# /etc/init.d/postfix restart
|

Horde webmail stops working in plesk 9
After a Plesk upgrade, some services under Plesk doesn’t function properly. It could be a Horde Webmail that is displaying a default Plesk page, instead of the webmail-client. In order to resolve this it is required to re-configure all services on the server. It can be done as follows
- 1) Disable horde webmail in plesk under email settings
2) Enable the horde webmail
3) Run the following command via shell - /usr/local/psa/admin/bin/websrvmng -av
- 4) Restart psa & mysql services
Running the command is harmless because your services installed should always be configured with the latest Plesk Database Information
|

Rebuilding Qmail corrupted Queue
It is applicable for qmail + Plesk
Attention! - All current messages will be removed from the queue in this case and cannot be restored.
1. Stop Qmail and xinetd.
/etc/init.d/qmail stop
/etc/init.d/xinetd stop
2. Move current queue to another location
mv /var/qmail/queue /var/qmail/queue_old
Reinstall ‘psa-qmail‘ RPM to recreate qmail queue structure with the command like:
rpm -Uvh --force psa-qmail (Redhat, Fedora, Cent oS)
dpkg -i psa-qmail (for Debian or ubuntu)
Start Qmail and xinetd:
/etc/init.d/qmail start
/etc/init.d/xinetd start
Qmail Queue Check
/var/qmail/bin/qmail-qstat
All Qmail Configuration Check up:
/var/qmail/bin/qmail-showctl
Use the qmail-qread utility to read the messages headers: /var/qmail/bin/qmail-qread
|

Monitoring
To monitor external websites using Nagios monitoring system
- Step1
www.yourdomain.tld is the external host to be monitored.
Open ‘command.cfg’ configuration file of Nagios using any of the text editors. Here we use ‘vi’ editor
]# vi /usr/local/nagios/etc/objects/commands.cfg
define command {
command_name check_dns_yourdomain.tld # Give the domain name as command name
command_line $USER1$/check_dns -H <www.yourdomain.tld> -a IP <address of the domain>
}
- Step2
Open the file localhost.cfg under the directory /usr/local/nagios/etc/obects/ and add the following lines under
“Service Definition Section”.
]# vi /usr/local/nagios/etc/objects/localhost.cfg
Service Definition:
define service {
use local-service
host_name www.yourdomain.tld # Specify the external domain name that is to be monitored
service_description http # A short description about the domain www.yourdomain.tld
check_command check_dns_www.yourdomain.tld # Specify the command ‘check_dns_yourdomain.tld ‘defined
in the command.cfg file described in Step1
}
- Step3
Verify the Nagios configuration
]# /usr/local/nagios/bin/nagios –v /usr/local/nagios/etc/nagios.cfg
- Step4
Restart the Nagios service
]# /etc/init.d/Nagios restart
|

Others
Installing Internet Explorer in any Linux Flavor
1. Install the following tools a)wine and b)cabextract as root user.
yum -y install wine
2. Download and install IEs 4 Linux as a normal user. (Don’t run this as root user)
wget http://www.tatanka.com.br/ies4linux/downloads/ies4linux-latest.tar.gz
4. Run the installer binary as
./ies4linux
Note: Disable Adobe Flash. It reports a bug while installing IE.
|

How to Fix the Fatal error during WordPress Upgrade
When attempting to upgrade WordPress automatically (from the dashboard) WordPress installations containing a lot of posts and or using many plugins, there might encounter a Fatal error as follows:
Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 2354671 bytes) in ../public_html/wordpress/wp-includes/http.php on line 1331
This is a memory limitation problem, which can be fixed by doing the following
1) Login to the server via shell prompt and open the file wp-config.php using a text editor and add the following line under the rest of the define lines in the MySQL Settings section.
define('WP_MEMORY_LIMIT', '64M');
2) Save the file and login to the wordpress site(via web browser) and proceed to upgrade.
|

Turn off WordPress trackbacks and pingbacks
In Wordpress, sometimes the spam can get through in the form of trackbacks or pingbacks, enabling an abusive user to spam links as comments. This feature can be easily turned off and or totally eliminated entirely from WordPress
1) Login to phpMyAdmin panel
2) Select WordPress database and select the SQL tab.
Within the Run SQL Query box add the following code and click go:
Update wp_posts set ping_status="closed"
If an error is encountered, checkwp_postsprefix from the database list and change the code to match accordingly.
Note: If WordPress trackbacks is not required, the filewp-trackback.php can be deleted from the root directory.
|

Restore GRUB after installing Windows
After reinstalling Windows with an existing Linux installation already present on the hard drive, the MBR gets an overwrite. GRUB can be restored to the previous settings by booting a Linux Live CD and carrying out the steps below:.
1. Insert the Live CD and reboot the computer
2. After reaching the desktop, open up a Terminal and do a su - to access the root account. In Ubuntu you’ll have to previously give a password to the root account with sudo passwd root
3. Type grub in the root prompt
4. The Grub prompt has appeared and you should type find /boot/grub/stage1 in it then hit Enter. You’ll get an output similar to (hd0) or (hd0,2)
5. Type root(hd0,x) if this is the output you got earlier then hit Enter
6. Type setup and hit Enter
7. Type quit and hit Enter
8. Reboot the system and remove the Live CD from the tray.
|

How to check and repair a Linux file system
fsck is used to check and optionally repair one or more Linux file systems.
filesys can be a device name (e.g. /dev/hdc1, /dev/sdb2), a mount point (e.g. /, /usr, /home), or an ext2 label
Normally, the fsck program will try to run filesystems on different physical disk drives in parallel to reduce total amount time to check all of the filesystems.
If no filesystems are specified on the command line, and the -A option is not specified, fsck will default to checking filesystems in /etc/fstab serial.
The exit code returned by fsck is the sum of the following conditions:
0 - No errors
1 - File system errors corrected
2 - System should be rebooted
4 - File system errors left uncorrected.
8 - Operational error
16 - Usage or syntax error
32 - Fsck canceled by user request
128 - Shared library error
The exit code returned when multiple file systems are checked is the bit-wise OR of the exit codes for each file system that is checked.
|

Run level checking
To check run level run “who -r” on shell. This command will show the current run level set on the server. [root@visserver ~]# who -r
The following result will be displayed
run-level 3 2009-02-05 18:20 last=S
|

PHP
How to secure PHP
Open th PHP configuration file php.ini under the directory '/etc' and change accordingly as described below
- Enable safe_mode
safe_mode = On
safe_mode_gid = Off
- Ability to access only those files, which are placed in the specified directories (and subdirectories).
open_basedir = directory[:.]
safe_mode_exec_dir = directory[:.]
- Turn off information about PHP
expose_php = Off
- Disable registry of global parameters
register_globals = Off
- Avoid PHP displaying errors and warnings
display_errors = Off
- To log all errors and warnings
log_errors = On
error_log = filename
(name of the file, which will be used to store information about warnings & errors)
|

Process Management
Limit the CPU usage of a certain application in Linux
If you want to find out what files are older than, for example say one year and still residing on your hard drive, go to the root directory and issue the following command
cpulimit -e firefox -l 40
This won’t let Firefox to go beyond a 40% CPU usage limit.
To restrict using a process ID, use
cpulimit -p 3500 -l 50
|

Kill processes faster with PKILL
pkill command look up or signal processes based on name and other attributes.
It works faster than kill or killall
pkill mozilla
It will search for any instance of mozilla among the currently running processes and kill them all.
|
|
|

A way to find out information about system hardware in Linux
Dmidecode utlity can be used to retrive much of the hardware information. It reports information about the system's hardware as described in the system BIOS according to the SMBIOS/DMI standard.This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag as well as a lot of other useful details.Dmidecode does not scan the hardware, it only reports what the BIOS told it to.
dmidecode | more
|

Easy BASH command history
While in a Terminal session, press Ctrl+R and start typing a part of a previous command. The prompt will autocomplete the command from the bash history and you won’t need to type it all over again.
|

Security
How to disable Direct Root Access
To enhance security, it is recommended to disable direct root access:
Follow the below steps to achieve this
- SSH into linux server as normal user and gain root access by su.
- Open the SSH configuration file using vi editor
vi /etc/ssh/sshd_config
- Search for the line Protocol 2, 1.
- Uncomment it and change it to look like Protocol 2.
- Next, search for the line PermitRootLogin yes.
- Uncomment it and make it look like PermitRootLogin no.
- Save the file 'Esc' :wq and then hit enter key.
- Restart SSH service
/etc/rc.d/init.d/sshd restart.
|

Disable ICMP echo (ping) responses in Linux
Many malicious attacks begin with a ping scan. Disabling ICMP echo requests prevents a server’s discovery with a ping.
As superuser, add the following lines to /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1
Then run the following command to cause the change to take effect immediately:
sysctl –p
|

Hardening SSH
Open the ssh configuration file sshd_config.
vim /etc/ssh/sshd_config
Uncomment the following lines
#Protocol 2, 1
Change it as Protocol 2
Note:Use the SSH security Protcol 2 it is more secure when compared to protocol 1. SSH Protocol one are facing many automated root kits attacks.
Also append these lines to the bottom
LoginGraceTime 100
IgnoreRhosts yes
X11Forwarding no
Save file and restart the SSH service.
/etc/rc.d/init.d/sshd restart
|
|
|

How to stop hotlinking one's own website(s) from outside domains
This can be done by using .htaccess. In order to stop the hotlinking from outsider domain by using following rule in .htaccess
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(.+.)?domain.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+.)?domain1.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+.)?domain2.com/ [NC]
RewriteRule .*.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]
It is also possible to display a 403 Forbidden Error page instead of an image (nohotlink.jpe)
Replace last line on above code with the following code
RewriteRule .*.(jpe?g|gif|bmp|png)$ – [F]
|
| |
|