Sunday, October 9, 2011

APF Installation (Firewall)

1) Login to your box as root
2) Download the APF Source (current version 0.9.3.3)

CODE
# wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz


3) Extract the tar.gz

CODE
# tar -zxf apf-current.tar.gz


4) Enter the APF directory

CODE
# cd apf-0.9.3_3


5) Run install code

CODE
./install.sh


6) Modify the APF config File

CODE
#vi /etc/apf/conf.apf


Hit i to enter insert mod
7) Add in the ports you want to open for inbound (INGRES). The following is for a cPanel box

CODE

# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=" 20,21,22,25,26,53,80,110,143,443,465,993,995,2082,
2083,2086,2087,2095,2096,3306,6666"

# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="21,53,465,873"

# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
IG_ICMP_TYPES="3,5,11,0,30,8"



Please note that the above variables are already there, I placed what should be in there

8) Tell APF to monitor out going (EGRESS) also

CODE

Change the line:
EGF="0"
to
EGF="1"




9) Tell APF what ports to monitor

CODE

# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,22,25,26,37,43,53,80,110,113,443,465,873,2089,3306"

# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53,465,873"

# Common ICMP (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
EG_ICMP_TYPES="all"

10) Save and exit - hit 'esc' :wq 'enter'

11) Start APF

CODE
# /usr/local/sbin/apf -s


You may or may not get output, if you do please reply and I can advide as to what to fix. If all goes well ou go back to the command line.
You now want to verify everyhting works, you can still get into SSH, cPanel works, you can view a page, etc.

12) If all works edit the config file and change the developer mode to 0

CODE
# vi /etc/apf/conf.apf


Hit i to enter insert mode

CODE
Change
DEVM="1"
to
DEVM="0"



Save and quit
Hit 'esc' :wq 'enter'

13) Restart APF


CODE
# /usr/local/sbin/apf -r



APF is now installed and monitoring your server.

This tutorial is brought to you by MyCPAdmin.

*Note: We have used this method on many many servers but we cannot be held responsible for any damage this may cause.

Cpanel Max and Min Limit Emails Sent out/hr.

Limit the maximum number of each domain can send out per hour

You can modifiy that in 'Tweak Settings' in WHM panel.

Server Configuration -> Tweak Settings -> The maximum each domain can send out per hour (0 is unlimited)

Wordpress Fatal Error Fixed!

Error:

Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 30720 bytes) in /home/cortdttr/public_html/wp-admin/includes/comment.php on line 47

FIX:

Add the following line in the 'wp-config.php'.

MySQL settings

define('WP_MEMORY_LIMIT', '64M');

MySql Create DB and Assign Privilages

Mysql:
-----------
CREATE DATABASE ram_db;

CREATE USER 'ram'@'localhost' IDENTIFIED BY '1q2w3e4r';

GRANT ALL PRIVILEGES ON *.* TO 'ram'@'localhost'

GRANT ALL PRIVILEGES ON blossom.* TO 'ram'@'localhost' IDENTIFIED BY '1q2w3e4r';

Script for mysql database backup

#!/bin/bash
#Script for mysql database backup
cd /var/lib/mysql
for i in $(ls -d */ |tr -d /)
do

`mysqldump -u root -p"abcdef" $i > /disk2/dbdump-MID/$i.sql`

done

Wednesday, September 7, 2011

Plesk password issue.


ERROR Message:
--------------
ERROR: PleskFatalException
Unable to connect to database: saved admin password is incorrect.

0: common_func.php3:108
        psaerror(string 'Unable to connect to database: saved admin password is
incorrect.')
1: auth.php3:93

In order to fix such issue we need to put the right password into Plesk”s
database.

1. First access your server via SSH and switch to ”root”.

Stop the MySQL daemon. Under Linux systems this can be done with the
following command:

/etc/init.d/mysqld stop

# on Red Hat like Linux operating systems you can either use

# 'services' to stop the deamon

service mysqld stop

2. Now start it with no user information:

/usr/bin/safe_mysqld –skip-grant-tables &

Now you should be able to access the database without the root password.

3. To log in type :

mysql -u root

4. Then you will see ”mysql>” prompt. While you are there type the following:

UPDATE mysql.user SET Password=PASSWORD('new_pwd') WHERE User='admin';

Type the new password instead new_pwd. Keep the letters case and do not
forget to put ”;” at the end to finish the command line.

5. Once you are done you will need to flush the privileges:

FLUSH PRIVILEGES;

6. Quit ”mysql>” with exit command and restart the Plesk control panel.

7. Via SSH you can do that as typing:

service psa restart

Limit the maximum number mails of each domain can send out per hour.


Limit the maximum number mails of each domain can send out per hour

You can modifiy that in 'Tweak Settings' in WHM panel.

Server Configuration -> Tweak Settings -> The maximum each domain can send
out per hour (0 is unlimited)

FrontPage error: "Cannot run the FrontPage Server Extensions on this page"


I received this error when I try to submit a FrontPage form:

Cannot run the FrontPage Server Extensions on this page:

CAUSE

This problem occurs if you create a page in Microsoft FrontPage 2003 or Microsoft FrontPage 2002 by using the Feedback Form template and then you save the page to a subfolder instead of saving it to the root folder of the Web site. When you submit the form, the FrontPage Save Results component tries to save the results to the wrong location. For example, if you saved the feedback page to a subfolder named Test, the Save Results component tries to save the results to the Test/_private folder, which does not exist.

RESOLUTION

To resolve this problem, follow these steps:
1. Open your Web in FrontPage.
2. In the folder list, expand the _private folder that is in the root of your Web site.
3. Locate the Feedback.txt file. If you cannot locate this file, follow these steps:

>On the File menu, click New, and then click Page or Web.

The task pane opens.
>Under New from template, click Page Templates.
>On the General tab, click Normal Page, and then click OK.
>Switch to HTML view, and then delete all the HTML code.
>On the File menu, click Save.
>Locate and then double-click the _private folder that is in the root of your Web.
>In the Save as type box, click All Files (*.*).
>In the File name box, type Feedback.txt.
>Click Save.

4. Open the page that contains the feedback form.
5. Right-click the form, and then click Form Properties.

Note that the File name field shows that the results will be saved to the relative path of _private/Feedback.txt, which does not exist. (For example, if you saved the feedback page to a subfolder named Test in the root of your Web site, this path is /Test/_private/Feedback.txt.)
6. Click Browse.
7. Locate and then double-click the _private folder that is in the root of your Web.
8. Click the Feedback.txt file, and then click OK.
9. Save the form page.

MORE INFORMATION

By default, the Save Results component in the Feedback Form template saves the results to a text file named _private/Feedback.txt in the root of your Web. By default, if you save the feedback page to a subfolder, the Save Results component points to a _private folder relative to the subfolder--a _private folder that does not exist--instead of to the _private folder in the root of your Web.

Plesk the license key has expired.


Error:

The amount of Plesk Control Panel resources you operate with has exceeded the limits defined by your current product license. Please contact Parallels sales department in order to purchase a new licensed key.
OR
The amount of Plesk resources you operate with has exceeded the limits defined by your current product license. Please contact SWsoft, Inc. sales department in order to purchase a new licensed key
OR
the license key has expiered. please contact your service provider
Resolution:

Symptoms
Plesk cannot retrieve license key. The following error appears:

Key Update Status:
Unable to update Plesk Key. An error occurred while processing your key.

You can try to update it later. The key cannot be upgraded due to the network failure during connection with the Key Authority server. Please check that your Internet connection is configured, you can resolve and access ka.swsoft.com and your firewall enables outgoing connections to TCP port 5224.

However it is possible to telnet to ka.swsoft.com on port 5224.
Cause
When Plesk sends request to KA server it generates special XML packet. Data for this packet is taken from Plesk database `key_history` table.

In case the data is corrupted it cannot be retrieved.

Example of corrupted records in MySQL database:

mysql> select id, plesk_key_id from key_history;


+----+------------------------------------------------------------+ 
| id | plesk_key_id                                                          
+----+------------------------------------------------------------+ 
|  1 | plsk000000000000                                               
|  2 | ?^uxi~Lг¦--¬a°Nx-?L¦»<a;?г*f5>-??+?@t?¦b-+i¦ 
|  3 | ?^uxi~Lг¦--¬a°Nx-?L¦»<a;?г*f5>-??+?@t?¦b-+i¦ 
|  4 | PLSK005268120000                                           
|  5 | PLSK004332790001                                           
|  6 | PLSK004332790002                                           
+----+-----------------------------------------------------------+


6 rows in set (0.00 sec)

mysql>

Resolution
Records with ID 2 and 3 are corrupted. To fix the problem it is necessary to remove them. Use the following command to remove the problem records:

mysql> delete from key_history where id=2 or id=3;
Query OK, 2 rows affected(0.03 sec)

mysql>

Understanding Linux File Types.


There are seven basic types of file types in Linux.
Regular Files
Directories
Character  Device Files
Block Device Files
Local Domain Sockets
Named Pipes
Symbolic Links

You can use the “ls -l” command to see the various types of files.  In the following example, the first character in the output is a “-”, which indicates that it’s a regular file.

ls -la /var/log/messages
-rw——- 1 root root 204909 Jun  5 10:50 /var/log/messages

The next example shows that it is a directory as it starts with a “d”.

ls -ld /etc
drwxr-xr-x 105 root root 12288 Jun  5 08:36 .

File Type Encoding When Using ls
Regular file        -
Directory        d
Character Device     c
Block Device        b
Local Domain Socket    s
Named Pipe        p
Symbolic Link        l

Device files facilitate the communication between hardware and software.  The kernel manages modules that know how to communicate with system devices.  These device drivers create a standard method of communication with the hardware.  They look like regular files.  When the kernel receives a request for a character or block device it contacts the right device driver to take care of the communication.

Device files are assigned both a “major” and a “minor” number.  (An “ls -l” command will show you these instead of the file size that you’d see for regular files.)  The major number refers to the device driver, and the minor number tells you which physical device goes with that file.  For example, the device files “/dev/lp0″  and “/dev/lp1″ would both have a major number of “6″, indicating that they both represent parallel ports.  Their minor numbers of “0″ and “1″, respectively, refer to two different “lp” devices on the same system.

Major and minor numbers are very important to understand when you are scripting for software RAID devices for example.  RAID devices are indicated with md0, etc.   The major device number is 9 and then minor device number starts with 0 and will have to be incremented as you will need to create new RAID devices in order to add more than one RAID device on a server.

Local Domain Sockets, often called “UNIX Domain Sockets”, allow local processes to communicate with each other.  This is similar to how network sockets allow global communications with other hosts.  You can use the netstat command to view domain sockets.

netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ]         DGRAM                    1547   @/org/kernel/udev/udevd
unix  2      [ ]         DGRAM                    9009   @/org/freedesktop/hal/udev_event
unix  28     [ ]         DGRAM                    7384   /dev/log
unix  3      [ ]         STREAM     CONNECTED     23307  /tmp/orbit-mike/linc-151b-0-472aed0fe5012
unix  3      [ ]         STREAM     CONNECTED     23306
unix  3      [ ]         STREAM     CONNECTED     23285
unix  3      [ ]         STREAM     CONNECTED     23274  /tmp/orbit-mike/linc-151b-0-472aed0fe5012

Named pipes, also known as “FIFO” files, are another type of inter-process communications device.

Symbolic links are special files that point to either another file or to a directory.

Example:
ln -s /var/log/dmesg /home/mike/dmesg

Here you can see the link that was created.

lrwxrwxrwx  1 mike mike   14 Jun  5 14:13 dmesg -> /var/log/dmesg

Device nodes will allow users access to device files.  These can be listed with:

ls -l /dev

ls -l /dev
total 0
crw——-  1 root root    36,   8 May  9 02:10 arpd
lrwxrwxrwx  1 root root          3 May  9 02:10 cdrom -> hdc
lrwxrwxrwx  1 root root          3 May  9 02:10 cdwriter -> hdc
crw——-  1 mike root     5,   1 May  9 08:10 console
lrwxrwxrwx  1 root root         11 May  9 02:10 core -> /proc/kcore
crw——-  1 root root    36,  14 May  9 02:10 dnrtmsg
lrwxrwxrwx  1 root root          3 May  9 02:10 dvd -> hdc
lrwxrwxrwx  1 root root          3 May  9 02:10 dvdwriter -> hdc
crw——-  1 root root    13,  64 May  9 02:10 event0
lrwxrwxrwx  1 root root         13 May  9 02:10 fd -> /proc/self/fd
brw-rw—-  1 mike floppy   2,   0 May  9 08:10 fd0
—cut—
lrwxrwxrwx  1 root root          3 May  9 08:10 floppy -> fd0
crw-rw-rw-  1 root root     1,   7 May  9 02:10 full
crw——-  1 root root    36,   3 May  9 02:10 fwmonitor
srwx——  1 mike root          0 May  9 08:13 gpmctl
brw-rw—-  1 root disk     3,   0 May  9 02:10 hda
brw-rw—-  1 root disk     3,   1 May  9 02:10 hda1
brw-rw—-  1 root disk     3,   2 May  9 02:10 hda2
brw-rw—-  1 root disk     3,   3 May  9 02:10 hda3
brw-rw—-  1 root disk     3,  64 May  9 02:10 hdb
brw-rw—-  1 root disk     3,  65 May  9 02:10 hdb1
brw——-  1 mike disk    22,   0 May  9 02:10 hdc
brw-rw—-  1 root disk    22,  64 May  9 02:10 hdd
brw-rw—-  1 root disk    22,  65 May  9 02:10 hdd1

The device nodes consist of two types; character (stream-orientated) and block (random access).  In the list you can see the “c” for character and the “b” for block at the start of each line.  Again, note that file ownership and permissions are a part of the device nodes.  In addition, each node has a major and minor number.  The major number represents a specific device driver that is in the kernel while the minor number points to the device it indexes.

Device nodes can be created with the /bin/mknod command:

mknod device type major minor

mknod /dev/md1 b 9 1

This command would indicate that the device md1is a block device with a major number of 9, meaning it is a software RAID device, and a minor number of 1.

The kernel source contains a document called devices.txt which lists all of the major and minor numbers.

URL Masking.


<HTML><HEAD>
<META NAME=":::presentdomain.com:::" CONTENT="WEBSITE.com">
<META NAME="presentdomain.com" CONTENT="">
</HEAD>
<FRAMESET border=0 rows="100%,*" frameborder="no" marginleft=0 margintop=0
marginright=0 marginbottom=0>
<frame src="http://redirecteddomain.com/" scrolling=auto frameborder="no"
border=0 noresize>
<frame topmargin="0" marginwidth=0 scrolling=no marginheight=0
frameborder="no" border=0 noresize>
</FRAMESET>
</HTML>

Plesk reseller traffic not updateing properly.


Try to update the stats for all the domain using given below script were
done without any issue.

/usr/local/psa/admin/sbin/statistics --calculate-all

After completing the above process run the delow scrpit also,

/usr/local/psa/bin/sw-engine-pleskrun
/usr/local/psa/admin/plib/DailyMaintainance/script.php

This may fix the issue. If the above script is not successfull then we
have to check with the plesk upgrade.

How do I increase upload file limit from 2MB to 10MB under Apache 2 UNIX / Linux web server?


Your php installation putting limits on upload file size. The default will
restrict you to a max 2 MB upload file size. You need to set the following
two configuration options:


upload_max_filesize - The maximum size of an uploaded file.

memory_limit - This sets the maximum amount of memory in bytes that a
script is allowed to allocate. This helps prevent poorly written scripts
for eating up all available memory on a server. Note that to have no
memory limit, set this directive to -1.

post_max_size - Sets max size of post data allowed. This setting also
affects file upload. To upload large files, this value must be larger than
upload_max_filesize. If memory limit is enabled by your configure script,
memory_limit also affects file uploading. Generally speaking, memory_limit
should be larger than post_max_size.

There are two methods two fix this problem.

Method # 1: Edit php.ini

Edit your php.ini file (usually stored in /etc/php.ini or
/etc/php.d/cgi/php.ini or /usr/local/etc/php.ini):

# vi /etc/php.ini

Sample outputs:


memory_limit = 32M
upload_max_filesize = 10M
post_max_size = 20M

Save and close the file. Restart apache or lighttpd web server:

# service httpd restart

Method #2: Edit .htaccess

Edit .htaccess file in your root directory. This is useful when you do not
have access to php.ini file. In this example, /home/httpd/html is
considered as root directory (you can also create .htaccess file locally
and than upload it using ftp / sftp / scp client):
# vi /home/httpd/html/.htaccess

Append / modify setting as follows:


php_value upload_max_filesize 10M
php_value post_max_size 20M
php_value memory_limit 32M

Save and close the file.

A Note About Suhosin (Optional)

This is not installed by default on many servers (latest version of
Debian, Ubuntu, and FreeBSD does install Suhosin by default). Use
phpinfo() to find out if suhosin enabled or not (create test.php):


<?php
   phpinfo();
?>

If you are using Suhosin which was designed to protect your servers
against a number of well known problems in PHP applications and on the
other hand against potential unknown vulnerabilities within these
applications or the PHP core itself. You need to edit
/etc/php.d/suhosin.ini to set correct memory and upload limit. As long
scripts are not running within safe_mode they are free to change the
memory_limit to whatever value they want.

suhosin.memory_limit=32M

How do I create a cron job?


A cron job (run by the cron daemon, or cron service) is a request for the
server to run a particular command and/or program via the command line and
set points during the hour, day, week, month or year.

The name is derived from Greek chronos , meaning time.

At the moment, there are two ways you can add, edit or delete cron jobs on
our servers. The first is the easiest and that's using the Plesk
interface. The second is more complex, using the crontab program, but if
you're used to using the SSH console and have knowledge of VIM, it's
available.

However, if you're not familiar with the way cronjobs are configured,
please read the following section which will explain the syntax and how
it's works.

What does a cron line and how does it work?

A cronjob line if a very simple line with six parts. The first five set
the day/time the job is/are run, while the last part is the command to be
run. For example:

0 * * * * php /var/www/vhosts/example.com/httpdocs/cron.php
will run the php command-line interpreter, processing the file cron.php
(on the website for example.com) at the start of every hour.

The date/time fields have the following meaning:

# +------------ Minute (0 - 59)
# | +---------- Hour (0 - 23)
# | | +-------- Day of the Month (1 - 31)
# | | | +------ Month (1 - 12)
# | | | | +---- Day of the Week (0 - 7) (Sunday is 0 or 7)
# | | | | |
# * * * * * command
Therefore, the option 0 * * * * (from the above example) means 'on the
zeroth minute of any hour on any day of the month, in any month, on any
day in the week, run this command'.

Although can you add a single value, the power of cron comes in it's
ability to allow a number of different syntax options for specifying
different values. The following examples will be based on the minutes
field, but they can be used in any of the five fields to specific month,
day, etc.:

0          - Run it when the minute is zero
*          - Run it on any value (i.e. every minute)
0,15,30,45 - Run it when the minute is 0, 15, 30 or 45 (i.e. every 15 min)
*/15       - Same as above - run it when the minute is divisible by 15
10-15      - Run it every minute between 10 and 15 minutes
30-59/5    - Run it every fifth minute of 30 (i.e. 30, 35, 40, ...)
However, taking the last example, the divisor is not against the minute of
the hour, but against the minute within the period selected, therefore
while 30-59/5 is when the minute can be divided by 5 between 30 and 59,
the option 3-58/5 will not enact on 5, 10, etc., but on 3, 8, 13, etc.

Also, where as the first four fields must match to run the command (i.e.
when the minute, hour, day of the month and month match), if the fifth
field (day of the week) is also specified, the command will run when
either the day of the month OR day of the week match.

To finish off, here are a number of complete examples:

*/15    *     *  *  *   - Run every 15 minutes
3-58/5  *     *  *  *   - Run every 5 minutes on the 3rd and 8th minute
0       */2   *  *  *   - Run every 2 hours, on the hour
25      8,17  *  *  *   - Run at 08:25 and 17:25
0       6     *  *  1   - Run at 06:00 every Monday
30      7     *  1  *   - Run at 07:30 on the first day of the month
0       0     1  *  5   - Run at midnight on the first of the month OR a
Friday
*/30    9-17  *  *  1-5 - Run every 30 minutes between 9 to 5, Monday to
Friday
Editing your crontab with Plesk

To add a cron job in Plesk:

Log onto Plesk using your username and password.
From your list of domains, click on the domain you would like to add the
cronjob to.
Click on Crontab.
If you have multiple users on this domain (i.e. you have setup different
FTP accounts for sub-domains or web users), from the drop-down select the
username you want to create the cronjob for, and then click Set.
Click on Add New Task.
For each of the first five fields, enter the value as it would be for the
cron line (i.e. the date/time fields). All fields are required, so if you
don't have a specific value in that field, enter *.
Finally, enter the full command into the Command field.
Click OK to save or Cancel to return.
If you return back to the page with any errors, please correct the errors
and click OK again.
By default, the sever will send any error messages or output from the
cronjobs to username@server, e.g. mysite33@gamma.jabservers.co.uk, which
will always come to us. If you want to see the output from your cronjob,
or notices if it doesn't run (for whatever reason), you'll need to change
the address the e-mail is set to.

To do this, goto the crontab page and select the user running the crontab,
click on Set, and then change Send Crontab messages to address to the
e-mail address you want them sent to. Click Set again to commit the
change.

Editing your Crontab via SSH

The main limitation with this option is that you can only edit the crontab
for the main domain, as you can only log on via SSH using the user for the
master FTP account. If you need to change the crontab for a web user or
sub-domain, you will have to use the Plesk interface.

To add a cron job via SSH:

Although we will take you through the steps of using VIM on the server,
knowledge of VIM is important for using the crontab program - if you do
not know how to use VIM, please see how to add a cronjob using Plesk
above.

Log onto SSH using your chosen program and the username/password for the
domain.
Run the command 'crontab -e' to edit the crontab.
Move to the end of the file, press i to enter Insertion mode, create a new
line and then enter the cron line.
Press Esc and then enter :wq to write (save) the changes and quit the
program.
If there is an error in the line, you will be notified and asked if you
want to re-edit your changes.
If there is no error, you will see the message 'crontab: installing new
crontab'.
Again, like with Plesk, any errors, notices or output from the cronjob
will go to username@server (e.g. mysite33@gamma.jabservers.co.uk), which,
as we manage server, or gamma.jabservers.co.uk in the example, the e-mails
will come to us.

To change this and tell the cron daemon to send the e-mails to you, add
the line 'MAILTO=example@example.com' to the top of your crontab.

Perl module installation.


Please follow the below steps to install the Perl module,

Login to server and enter the following commands,

#perl -MCPAN -e shell

>cpan

then provide below command

>install LWP::UserAgent

#perl -MCPAN -e shell

>cpan

then provide below command

>install HTML::LinkExtor

Commands to check the whether Perl module is installed in the server or not.

instmodsh or perl -MNet::Ping -e "print \"Module installed.\\n\";"

Mostly "instmodsh" this command is easy to check the whether Perl module.

perl -MNet::Ping -e "print \"Module installed.\\n\";"

instmodsh or perl -MNet::Ping -e "print \"Module installed.\\n\";"

Below commands are also used to install Perl modules.

 yum install perl-HTML-Parser.x86_64
 yum search perl-HTML-Parser.x86_64
 yum search perl-HTML-Parser
 yum search perl-LWP-UserAgent
 yum install perl-LWP-UserAgent

URL redirect using PHP.


This is used for URL redirect in PHP. For this you need to add any
index.php or default.php. Then add it in the Directory Indexes.

<?php

   header( 'Location: http://www.yoursite.com/new_page.html' ) ;

?>

RDP port change on windows.

To change Remote desktop port on windows

1. Start Registry Editor.
2. Locate and then click the following registry subkey:
 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
3. On the Edit menu, click Modify, and then click Decimal.
4. Type the new port number, and then click OK.
5. Quit Registry Editor.
6.  Restart the computer.

Make sure the firewall has the new port opened! If you do not set access
enabled for that specific new port, you wont be able to have access via
remote computer.

Run apache specified users and group.


The following are the steps which you can run in apache virtual host with
the separate user/group privileges


#wget http://repo.webtatic.com/yum/centos/5/x86_64/httpd-itk-2.2.19-1.w5.x86_64.rpm

#rpm -ivh httpd-itk-2.2.19-1.w5.x86_64.rpm

#/etc/init.d/httpd stop

Then edit /etc/sysconfig/httpd and add the following line:

HTTPD=/usr/sbin/httpd.itk


Then edit httpd.conf file and make changes to the domain's Virtual host
entry  as below


<VirtualHost *:80>
    ServerName example.com
    DocumentRoot /path/to/web/root

    AssignUserId username groupname
</VirtualHost>

#/etc/init.d/httpd start

#chown username:groupname /path/to/webroot
#chmod o-rwx /path/to/webroot

Refence:http://www.webtatic.com/packages/httpd-itk/

Create user in Mysql DB and grant all privileges.



Ref: http://www.databasef1.com/tutorial/mysql-create-user.html

        http://lists.mysql.com/mysql/206641

[root@b6253 ~]# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using
password: YES)
[root@b6253 ~]# /etc/init.d/mysqld stop
Stopping MySQL:                                            [  OK  ]
[root@b6253 ~]# ps -ef | grep mysql
[root@b6253 ~]#
[root@b6253 ~]# mysqld_safe --skip-grant-tables &
[1] 14884
[root@b6253 ~]# Starting mysqld daemon with databases from /var/lib/mysql

[root@b6253 ~]#
[root@b6253 ~]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.77 Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> UPDATE user SET Password=xxxxxxx('xxxxxx') where USER='root';
    -> FLUSH PRIVILEGES;
ERROR 1046 (3D000): No database selected

ERROR 1290 (HY000): The MySQL server is running with the
--skip-grant-tables option so it cannot execute this statement

[root@b6253 ~]# /etc/init.d/mysqld restart

mysql> CREATE USER 'db-abc'@'localhost' IDENTIFIED BY 'bsa2206';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT ALL ON abc.* TO 'db-abc'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> select * from mysql.user;

18 STEPS FOR SERVER HARDENING - LINUX


1. Syctl.conf Hardening has been done help prevent spoofing and dos attacks.

Syctl.conf Hardening - Ref: http://www.eth0.us/sysctl

NOTICE: Make sure that eth0 is your primary interface, if it is not
replace eth0 with eth1 in the code below.

-----command-----
vi /etc/sysctl.conf
-----command-----

Basic:
------
# Turn on execshield
kernel.exec-shield=1
kernel.randomize_va_space=1
# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter=1
# Disable IP source routing
net.ipv4.conf.all.accept_source_route=0
# Ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_messages=1
# Make sure spoofed packets get logged
net.ipv4.conf.all.log_martians = 1

Now paste the following into the file, you can overwrite the current
information.


#Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Disables packet forwarding
net.ipv4.ip_forward=0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Disables the magic-sysrq key
kernel.sysrq = 0

# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15

# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800

# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0

# Turn off the tcp_sack
net.ipv4.tcp_sack = 0

# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1

# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024

# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000

# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536

----------------------------------------------------------

After you make the changes to the file you need to run /sbin/sysctl -p and
sysctl -w net.ipv4.route.flush=1 to enable the changes without a reboot.

The rules were taken from:
http://ipsysctl-tutorial.frozentux.net/ipsysctl-tutorial.html

2. /tmp, /var/tmp, and /dev/shm are now mounted in a way that no program can
be directly run from these directories.

Ref:
http://sysadmingear.blogspot.com/2007/10/how-to-secure-tmp-and-devshm-partition.html

A. First you should secure /tmp:

Make a 1GB file for /tmp parition and an ext3 filesystem for tmp:
# dd if=/dev/zero of=/dev/tmpFS bs=1024 count=1000000
# /sbin/mkfs.ext3 /dev/tmpFS

Create a backup copy of your current /tmp drive:
# cp -Rpf /tmp /tmpbackup
Mount our new tmp parition and change permissions:
# mount -o loop,noexec,nosuid,rw /dev/tmpFS /tmp
# chmod 1777 /tmp
Copy the old data:
cp -Rpf /tmpbackup/* /tmp/
If you run the mount command and you should get something like this:
/dev/tmpMnt on /tmp type ext3 (rw,noexec,nosuid,loop=/dev/loop0)
Edit /etc/fstab and add this:
/dev/tmpMnt /tmp ext3 loop,nosuid,noexec,rw 0 0
Test your fstab entry:
# mount -o remount /tmp

You can test it runnig a script on /tmp partitio, if you get "permission
denied" it is fine :)


B. Secure /var/tmp:

It should be done because some applications use /var/tmp as the temporary
folder, and anything that's accessible by all, needs to be secured.
Rename it and create a symbolic link to /tmp:
# mv /var/tmp /var/tmp1
# ln -s /tmp /var/tmp
Copy the old data back:
# cp /var/tmpold/* /tmp/
Note: you should restart and services that uses /tmp partition

C. Securing /dev/shm:

To get all the work well done, you should secure /dev/shm to stop rootkits
running here.

Edit your /etc/fstab:
# nano /etc/fstab
change:
"none /dev/shm tmpfs defaults,rw 0 0" to
"none /dev/shm tmpfs defaults,nosuid,noexec,rw 0 0"
Remount /dev/shm:
# mount -o remount /dev/shm

3. Miscellaneous system tweaks has been done.
   a. tcp_syncookies enabled which will will help with a few different types
of DOS style attacks.

   b. Hardened the resolv.conf because if improperly configured it can be
used to spoof or create a DOS attack.

   c. verified and setup the /etc/hosts, removed the additional entries.

   d. SSHD has been secured

   e. Changed the permission from 755 to 750 for few binaries

a. tcp_syncookies enabled which will will help with a few different types
of DOS style attacks.

vi sysctl.conf
            # Enable TCP SYN Cookie Protection
            net.ipv4.tcp_syncookies = 1

b. Hardened the resolv.conf because if improperly configured it can be
used to spoof or create a DOS attack.(only nameservers)

nameserver 10.0.80.11
nameserver 10.0.80.12

c. verified and setup the /etc/hosts, removed the additional entries.

127.0.0.1               localhost.localdomain localhost
75.126.147.142          newsj.sjservernew.com newsj

d. SSHD has been secured

Protocol 2
change the port number other than 22
SyslogFacility AUTHPRIV

e. Changed the permission from 755 to 750 for few binaries


chmod 750 /usr/bin/rcp
chmod 750 /usr/bin/wget
chmod 750 /usr/bin/lynx
chmod 750 /usr/bin/links
chmod 750 /usr/bin/scp

4. Hiddend the versions from apache, named and exim which will help prevent
against many automated attacks that attack based on version number.

Ref: http://www.cyberciti.biz/faq/rhel-centos-hide-httpd-version/
       http://www.cyberciti.biz/faq/hide-bind9-dns-sever-version/
       http://forums.cpanel.net/f43/security-annoyance-hide-exim-version-119521.html

HTTPD.CONF:
-----------
Open your httpd.conf - serversiganture off
                       ServerTokens Prod

/etc/init.d/httpd restart

NAMED.CONF:
-----------
Open your named.conf file, find out options { ... }; section,

options
{
        query-source    port 53;
        query-source-v6 port 53;
        listen-on { 174.ttt.xx.yy; };
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";
        dnssec-enable yes;
        recursion no;
        allow-notify { 174.zzz.yy.zz; 172.xx.yy.zz; };
        version "BIND";
};

To hide your bind version:
version "YOUR Message";

OR
version "use fpdns to get version number ;)";

Save and close the file. Restart named, enter:

# service bind9 restart

OR

# service named restart

How do I see bind version?

Use dig command, enter

$ dig @ns1.softlayer.com -c CH -t txt version.bind

EXIM.CONF:
----------
Open the file /etc/exim.conf and find for smtp_banner.

The line would look like

smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} \
Remove the "Exim ${version_number}" from the line. The modified line would
look like

smtp_banner = "${primary_hostname} ESMTP \

5. PHP has been secured by disabling few of its functions.(find / -name
php.ini)

vi /etc/php.ini

OR

vi /usr/bin/php/php.ini

expose_php = Off

6. Rkhunter has been installed which is a very useful tool that is used to
check for trojans, rootkits, and other security problems

Download:
http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.3.8/rkhunter-1.3.8.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Frkhunter%2

1. Login to your server via SSH as root.
cd /usr/local/src/
2. Download latest RKHunter Version
wget
http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.3.8/rkhunter-1.3.8.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Frkhunter%2
3. Extract files
tar -xzvf rkhunter-1.3.2.tar.gz
cd rkhunter-1.3.2
./installer.sh
4. Setup cron for RKHunter to e-mail you daily scan reports.
pico /etc/cron.daily/rkhunter.sh
Add The Following Lines:
#!/bin/bash
/usr/local/bin/rkhunter –update && /usr/local/bin/rkhunter -c –cronjob
2>&1 | mail -s "RKhunter Scan Details" support@domain.com (Replace the
e-mail above with your e-mail.)

Type: chmod 700 /etc/cron.daily/rkhunter.sh

7. CHKROOTKIT has been installed which is a powerful tool to scan Linux
server for trojans

Step 1: Downloading and Installing it:

1. Login to your server via SSH as root.
cd /usr/local/src
2. Download latest CHKROOTKIT Version
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
wget wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5
md5sum -c chkrootkit.md5
3. Extract files
tar -zxvf chkrootkit.tar.gz
4. Make directory
mkdir /usr/local/chkrootkit
mv /usr/local/src/chkrootkit*/* /usr/local/chkrootkit
cd /usr/local/chkrootkit
5. Install CHKROOTKIT
make sense

8. System Integrity Monitor has been installed which is a 24x7 Internal
Monitor that checks all services and restarts them if they are down.

System Integrity Monitor

Current Release:

http://www.rfxn.com/downloads/sim-current.tar.gz
http://www.rfxn.com/appdocs/README.sim
http://www.rfxn.com/appdocs/CHANGELOG.sim

9. host.conf hardenening has been done which will prevent dns lookup
poisoning & spoofing protection.

vi /etc/host.conf.

order bind,hosts
nospoof on

10. FTP hardening has been done.

11. Find Listening Network Ports

Ref: http://www.cyberciti.biz/tips/linux-security.html

a. Use the following command to list all open ports and associated programs:

netstat -tulpn

OR

nmap -sT -O localhost
nmap -sT -O server.example.com

Use iptables to close open ports or stop all unwanted network services
using above service and chkconfig commands.

12. Disable Unwanted SUID and SGID Binaries

#See all set user id files:
find / -perm +4000
# See all group id files
find / -perm +2000
# Or combine both in a single command
find / \( -perm -4000 -o -perm -2000 \) -print
find / -path -prune -o -type f -perm +6000 -ls

You need to investigate each reported file. See reported file man page for
further details.

13. Disable Unwanted Services

Disable all unnecessary services and daemons (services that runs in the
background). You need to remove all unwanted services from the system
start-up. Type the following command to list all services which are
started at boot time in run level # 3:

# chkconfig --list | grep '3:on'

To disable service, enter:

# service serviceName stop
# chkconfig serviceName off

14. Make Sure No Non-Root Accounts Have UID Set To 0

Only root account have UID 0 with full permissions to access the system.
Type the following command to display all accounts with UID set to 0:
# awk -F: '($3 == "0") {print}' /etc/passwd

You should only see one line as follows:

root:x:0:0:root:/root:/bin/bash
If you see other lines, delete them or make sure other accounts are
authorized by you to use UID 0.

15. How Do I Verify No Accounts Have Empty Passwords?

Type the following command
# awk -F: '($2 == "") {print}' /etc/shadow

Lock all empty password accounts:
# passwd -l accountName

16. LMD has been installed which is a malware detection tool.

Ref: http://www.rfxn.com/
Download: http://www.rfxn.com/downloads/maldetect-current.tar.gz

17. SSH has been secured and restricted the access.

host.allow

/etc/host.allow

sshd:122.165.59.183
sshd:122.183.241.126
sshd:58.68.29.210

hosts.deny

vi /etc/hosts.deny

sshd:ALL

18. Noowner Files

Files not owned by any user or group can pose a security problem. Just
find them with the following command which do not belong to a valid user
and a valid group
find /dir -xdev \( -nouser -o -nogroup \) -print

You need to investigate each reported file and either assign it to an
appropriate user and group or remove it.

Tuesday, April 5, 2011

MySQL Setup Guide

MySQL is becoming more and more popular. So if you want to install it, get the RPM, Deb, tarball, or whatever and let's get started.
Packages needed:
Debian: mysql-client and mysql-server. Obtain it from ftp.debian.org or use apt-get install.
RedHat: MySQL and MySQL-client. Obtain it from http://www.rpmfind.net/RPM
Tarball: Obtain it from http://www.mysql.com

Now that MySQL is installed, you may want to know how to configure it. For this guide, I assume that you have the programs: mysqladmin and mysql, which should have been installed when you got the MySQL packages.
First, if you haven't done this already, set the root password for MySQL. You can do this by typing:
mysqladmin -u root password 'passwordyouwant'
Now that the root password is set, connect to your MySQL server:
mysql -u root -p
It will prompt you for a password. Make sure to enter the one you just/previously set. You should now be left at a prompt which looks like this:

mysql>
At this point, you will create basic permissions for a user and database. For my setup, I want to allow access to localhost to all databases, and a computer which is also on the network, which is referred to as "windowsbox" will have access to all databases.
To access the user, host databases, etc... type this;

mysql> use mysql;
Database changed
mysql>
To give localhost permission to access all databases, enter this:

mysql> insert into 
         -> host(host,db,Select_priv, Insert_priv, Update_priv, 
         -> Delete_priv, Create_priv, Drop_priv)
         -> values('localhost','%','Y','Y','Y','Y','Y','Y');

Note, the '%' can be replaced with a database name. The '%' is a wildcard.
Following the previous format, to allow access from another hostname (in this case "windowsbox") add this:

mysql> insert into 
         -> host(host,db,Select_priv, Insert_priv, Update_priv, 
         -> Delete_priv, Create_priv, Drop_priv)
         -> values('windowsbox','%','Y','Y','Y','Y','Y','Y');
Again, '%' is used as a Wild-Card.
To create a user 'djg' who can access the MySQL server from localhost, type this:

mysql> insert into 
         -> user (host, user, password)
         -> values('localhost','djg',password('mypassword'));

To give the user access from another hostname, domain, etc... add other entries accordingly. For example, to give user djg access from windowsbox:

mysql> insert into 
         -> user (host, user, password)
         -> values('windowsbox','djg',password('mypassword'));
Now... to give the user permissions to access a database from localhost, add this entry and change with your appropriate information:
mysql> insert into
      -> db (host,db,user,Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv)
      -> values ('localhost','mydatabase','djg','Y','Y','Y','Y','Y','Y');
To give the user permissions from windowsbox, add this:
mysql> insert into
      -> db (host,db,user,Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv)
      -> values ('windowsbox','mydatabase','djg','Y','Y','Y','Y','Y','Y');
Now, type: quit and you will exit mysql.
Finally, create the actual database (in this case, 'mydatabase') type this:
mysqladmin -u root -p create mydatabase
After prompting you for a password, it should create the database.
At this point, you must reload MySQL. Type:
mysqladmin -u root -p reload
After prompting you for a password it should reload MySQL.
Congratulations. If all goes well you have set up a user and database with MySQL. You may now create/edit/delete/etc... tables as much as you'd like.
Also, please note that by default, MySQL will open up network port 3306 to allow remote requests. If you do not want this port open, append "--skip-networking" when running safe_mysqld to start the daemon. Debian users can edit /etc/init.d/mysqld and change this line:

/usr/bin/safe_mysqld > /www.null 2>&1 &
to this:

/usr/bin/safe_mysqld --skip-networking > /www.null 2>&1 &
Now whenever running /etc/init.d/mysql start, it will not open up port 3306

Saturday, February 19, 2011

Important paths on Plesk + centos.


1) Document root for domain.

/var/www/vhosts/domainname/httpdocs

2) path to php.ini

/etc/php.ini 
OR
/usr/local/lib/php.ini

3) maillog path:

/usr/local/psa/var/log/maillog

4) Domain Error log path

/var/www/vhosts/domainname/statistics/logs/error_log

5) 4) Domain access log path

/var/www/vhosts/domainname/statistics/logs/access_log

6) Domain backup path

/var/lib/psa/dumps/domainname

7) Path of the domain email account

/var/qmail/mailnames/domain

8) Check EMails in mail queue :

/var/qmail/bin/qmail-qstat

9) Path to mysql database:

/var/lib/mysql/databasename

10) Plesk named file path

/var/named/run-root/var/domainname

11) The other logs can be found in the below mentioned folder

/var/log/......

12) Document root for domain with ssl.

/var/www/vhosts/domainname/httpsdocs

13) The Redirect conditions can be put in this file.

/var/www/vhosts/domainname/conf/vhost.conf

14) Httpd file for the domain

/var/www/vhosts/domainname/conf/httpd.include

15) cgi-bin path

/var/www/vhosts/domainname/cgi-bin

16) Sub-Domain path

/var/www/vhosts/domainname/subdomains

17) Domain backups

/var/www/vhosts/domainname/library/backups

18) Domain logs

/var/www/vhosts/domainname/library/logs

How to install Wordpress?


Wordpress installation steps:

Kindly follow the given below steps to install wordpress.

1.Create the Database for the wordpress from your control panel. ex.
DB_wordDB
2.Create user name and password for the "DB_wordDB"
3.Download the wordpress from "wordpress.org"
4.Unzip the file
5.Edit the file name "wp-config-sample", Change that file name to "wp-config"
6.Enter the details of database created above in the configuration file.

Ex.
define('DB_NAME', 'DB_wordDB'); // The name of the database
define('DB_USER', 'Admin'); // Your MySQL username
define('DB_PASSWORD', 'password'); // ...and password
define('DB_HOST', 'localhost'); // 99% chance you won't need to change
this value

7.Access the URL "domain.com/wp-admin/install.php"

8.When you click the First Step link, another new window will open.

8.1. Enter the name you have selected for your blog.
8.2. Enter your email address and double check it before continuing.
8.3. Place a check in the box for I would like my blog to appear in search
engines like Google and Technorati. (This is important!)
8.4. Click "Continue to Second Step".

9.Once you have followed the instructions on each new window, your blog
will be created automatically for you. Make sure to save the user name and
password provided.

Directory Structure of Cpanel


Apache
=======
/usr/local/apache
+ bin- apache binaries are stored here – httpd, apachectl, apxs
+ conf – configuration files – httpd.conf
+ cgi-bin
+ domlogs – domain log files are stored here
+ htdocs
+ include – header files
+ libexec – shared object (.so) files are stored here –
libphp4.so,mod_rewrite.so
+ logs – apache logs – access_log, error_log, suexec_log
+ man – apache manual pages
+ proxy -
+ icons -

Init Script :/etc/rc.d/init.d/httpd – apache start script
Cpanel script to restart apache – /scripts/restartsrv_httpd

Exim
=====
Conf : /etc/exim.conf – exim main configuration file
/etc/localdomains – list of domains allowed to relay mail
Log : /var/log/exim_mainlog – incoming/outgoing mails are logged here
/var/log/exim_rejectlog – exim rejected mails are reported here
/var/log/exim_paniclog – exim errors are logged here
Mail queue: /var/spool/exim/input
Cpanel script to restart exim – /scripts/restartsrv_exim
Email forwarders and catchall address file – /etc/valiases/domainname.com
Email filters file – /etc/vfilters/domainname.com
POP user authentication file – /home/username/etc/domainname/passwd
catchall inbox – /home/username/mail/inbox
POP user inbox – /home/username/mail/domainname/popusername/inbox
POP user spambox – /home/username/mail/domainname/popusername/spam
Program : /usr/sbin/exim (suid – -rwsr-xr-x 1 root root )
Init Script: /etc/rc.d/init.d/exim

ProFTPD
========
Program :/usr/sbin/proftpd
Init Script :/etc/rc.d/init.d/proftpd
Conf: /etc/proftpd.conf
Log: /var/log/messages, /var/log/xferlog
FTP accounts file – /etc/proftpd/username – all ftp accounts for the
domain are listed here

Pure-FTPD
=========
Program : /usr/sbin/pure-ftpd
Init Script :/etc/rc.d/init.d/pure-ftpd
Conf: /etc/pure-ftpd.conf
Anonymous ftp document root – /etc/pure-ftpd/ip-address

Frontpage Extensions
=================
Program – (Install): /usr/local/frontpage/version5.0/bin/owsadm.exe
Uninstall and then install for re-installations
FP files are found as _vti-bin, _vti-pvt, _vti-cnf, vti-log inside the
public_html

Mysql
=======
Program : /usr/bin/mysql
Init Script : /etc/rc.d/init.d/mysql
Conf : /etc/my.cnf, /root/.my.cnf
Data directory – /var/lib/mysql – Where all databases are stored.
Database naming convention – username_dbname (eg: john_sales)
Permissions on databases – drwx 2 mysql mysql
Socket file – /var/lib/mysql/mysql.sock, /tmp/mysql.sock

SSHD
======
Program :/usr/local/sbin/sshd
Init Script :/etc/rc.d/init.d/sshd
/etc/ssh/sshd_config
Log: /var/log/messages

Perl
====
Program :/usr/bin/perl
Directory :/usr/lib/perl5/5.6.1/

PHP
====

Program :/usr/local/bin/php, /usr/bin/php
ini file: /usr/local/lib/php.ini – apache must be restarted after any
change to this file
php can be recomplied using /scripts/easyapache

Named(BIND)
============
Program: /usr/sbin/named
Init Script: /etc/rc.d/init.d/named
/etc/named.conf
db records:/var/named/
/var/log/messages

————————————————————————————————————————————–

Cpanel installation directory structure
=============================
/usr/local/cpanel
+ 3rdparty/ – tools like fantastico, mailman files are located here
+ addons/ – AdvancedGuestBook, phpBB etc
+ base/ – phpmyadmin, squirrelmail, skins, webmail etc
+ bin/ – cpanel binaries
+ cgi-sys/ – cgi files like cgiemail, formmail.cgi, formmail.pl etc
+ logs/ – cpanel access log and error log
+ whostmgr/ – whm related files

WHM related files
===============
/var/cpanel – whm files
+ bandwidth/ – rrd files of domains
+ username.accts – reseller accounts are listed in this files
+ packages – hosting packages are listed here
+ root.accts – root owned domains are listed here
+ suspended – suspended accounts are listed here
+ users/ – cpanel user file – theme, bwlimit, addon, parked, sub-domains
all are listed in this files
+ zonetemplates/ – dns zone template files are taken from here

Common CPanel scripts
===================
cpanel/whm Scripts are located in /scripts/
+ addns – add a dns zone
+ addfpmail – Add frontpage mail extensions to all domains without them
+ addfpmail2 -Add frontpage mail extensions to all domains without them
+ addnetmaskips – Add the netmask 255.255.255.0 to all IPs that have no
netmask
+ addnobodygrp – Adds the gorup nobody and activates security
+ addpop – add a pop account
+ addservlets – Add JSP support to an account (requires tomcat)
+ addstatus – (Internal use never called by user)
+ adduser – Add a user to the system
+ bandwidth – (OLD)
+ betaexim – Installs the latest version of exim
+ biglogcheck – looks for logs nearing 2 gigabytes in size
+ bsdcryptoinstall – Installs crypto on FreeBSD
+ bsdldconfig – Configures the proper lib directories in FreeBSD
+ bsdpkgpingtest – Tests the connection speed for downloading FreeBSD
packages
+ buildbsdexpect – Install expect on FreeBSD
+ builddomainaddr – (OLD)
+ buildeximconf – Rebuilds exim.conf
+ buildpostgrebsd-dev – Installs postgresql on FreeBSD.
+ chcpass – change cpanel passwords
+ easyapache – recompile/upgrade apache and/or php
+ exim4 – reinstall exim and fix permissions
+ fixcommonproblems – fixes most common problems
+ fixfrontpageperm – fixes permission issues with Front Page
+ fixmailman – fixes common mailman issues
+ fixnamed – fixes common named issues
+ fixndc – fixes rndc errors with named
+ fixquotas – fixes quota problems
+ fullhordereset – resets horde database to a fresh one – all previous
user data are lost
+ initquotas – initializes quotas
+ installzendopt – installs zend optimizer
+ killacct – terminate an account – make sure you take a backup of the
account first
+ mailperm – fixes permission problems with inboxes
+ park – to park a domain
+ pkgacct – used to backup an account
+ restartsrv – restart script for services
+ restorepkg – restores an account from a backup file ( pkgacct file)
+ runlogsnow – update logs of all users
+ runweblogs – update stats for a particular user
+ securetmp – secures /tmp partition with options nosuexec and nosuid
+ suspendacct – suspends an account
+ unsuspendacct – unsuspends a suspended account
+ upcp – updates cpanel to the latest version
+ updatenow – updates the cpanel scripts
+ updateuserdomains – updates userdomain entries

Important cpanel/whm files
====================
/etc/httpd/conf/httpd.conf – apache configuration file
/etc/exim.conf – mail server configuration file
/etc/named.conf – name server (named) configuration file
/etc/proftpd.conf – proftpd server configuration file
/etc/pure-ftpd.conf – pure-ftpd server configuration file
/etc/valiases/domainname – catchall and forwarders are set here
/etc/vfilters/domainname – email filters are set here
/etc/userdomains – all domains are listed here – addons, parked,subdomains
along with their usernames
/etc/localdomains – exim related file – all domains should be listed here
to be able to send mails
/var/cpanel/users/username – cpanel user file
/var/cpanel/cpanel.config – cpanel configuration file ( Tweak Settings )*
/etc/cpbackup-userskip.conf -
/etc/sysconfig/network – Networking Setup*
/etc/hosts -
/var/spool/exim -
/var/spool/cron -
/etc/resolv.conf – Networking Setup–> Resolver Configuration
/etc/nameserverips – Networking Setup–> Nameserver IPs ( FOr resellers to
give their nameservers )
/var/cpanel/resellers – For addpkg, etc permissions for resellers.
/etc/chkserv.d – Main >> Service Configuration >> Service Manager *
/var/run/chkservd – Main >> Server Status >> Service Status *
/var/log/dcpumon – top log process
/root/cpanel3-skel – skel directory. Eg: public_ftp, public_html. (Account
Functions–>Skeleton Directory )*
/etc/wwwacct.conf – account creation defaults file in WHM (Basic
cPanel/WHM Setup)*
/etc/cpupdate.conf – Update Config *
/etc/cpbackup.conf – Configure Backup*
/etc/clamav.conf – clamav (antivirus configuration file )
/etc/my.cnf – mysql configuration file
/usr/local/Zend/etc/php.ini OR /usr/local/lib/php.ini – php configuration
file
/etc/ips – ip addresses on the server (except the shared ip) (IP
Functions–>Show IP Address Usage )*
/etc/ipaddrpool – ip addresses which are free
/etc/ips.dnsmaster – name server ips
/var/cpanel/Counters – To get the counter of each users.
/var/cpanel/bandwidth – To get bandwith usage of domain

Structure Of Cpanel


Structure Of Cpanel

cPanel is a hosting automation company driven by technology and dedicated
to providing the most feature rich, easy to use, practical applications.
We are committed to the hosting community and our continued role as a
market leader.

cPanel and WebHost Manager (WHM) combine to form a fully featured web
hosting control panel system. cPanel and WHM allow you to provide an
interface for both your customers and your staff.

The cPanel and WebHost Manager package includes: * cPanel – Domain Owner
Control Panel
* WebHost Manager – Server Administration and Reseller Panel
* Webmail Panel – Webmail Access Panel

How to sync data between 2 servers automatically ?


Have you ever wanted to know how to easily synchronize the data between
multiple servers automatically?

In this article I’ll explain how to setup 2 Linux servers to automatically
synchronize data between a specific directory on each server. To do this
we will use rsync, ssh key authentication, and a cron job.

Let’s call the 2 servers ‘SOURCESERVER’ and ‘DESTSERVER’ for
SOURCESERVER = Source server (the server we’re connecting from to upload
the data)
DESTSERVER = Destination server (the server we’re connecting to receive
the data)


Part 1 - Setting up SSH key authentication

First, we need to make sure the DESTSERVER has the ability to use key
authentication enabled. Find your sshd configuration file (usually
‘/etc/ssh/sshd_config’) and enable the following options if they are not
already set.

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

If you edit the file be sure to restart sshd afterwards.

# /etc/init.d/sshd restart

Next, on the SOURCESERVER we will create the public / private key pair to
be used for authentication with the following command.

# ssh-keygen -t rsa

*Note: Do not enter a passphrase for this, just hit enter when prompted.

This should create 2 files, a public key file and a private key file.
The public key file (usually [homedir]/.ssh/id_rsa.pub) we will upload to
the DESTSERVER.
The private key file (usually [homedir]/.ssh/id_rsa) we will keep on the
SOURCESERVER.
*Be sure to keep this private key safe. With it anyone will be able to
connect to the DESTSERVER that contains the public key.

Now we will plant the public key we created on to the DESTSERVER.
Choose the user account which you will use to connect to on DESTSERVER,
we’ll call this user ‘destuser’ for now.
In that account’s home directory, create a ‘.ssh’ subdirectory, and in
that directory create a new text file called ‘authorized_keys’. If it
already exists, great, use the existing file.
Open the ‘authorized_keys’ file and paste in the contents of the public
key you created in the previous step (id_rsa.pub). It should look
something like the following

ssh-rsa  sourceuser@SOURCESERVER

Save the file and change the permissions to 600 for the file and 700 for
the ‘.ssh’ directory.

Now to test that the keys are working.
From the SOURCESERVER try logging in as normal using ssh to the DESTSERVER.

# ssh destuser@DESTSERVER

If all is working you should not be prompted for a password but instead
connected directly to a shell on the DESTSERVER.


Part 2 - Creating the rsync script

Now for the rsync script.
I use a simple script such as the following

——————————————-

#!/bin/bash

SOURCEPATH=’/source/directory’
DESTPATH=’/destination’
DESTHOST=’123.123.123.123&#8242;
DESTUSER=’destuser’
LOGFILE=’rsync.log’

echo $’\n\n’ >> $LOGFILE

rsync -avz -u --progress --delete $SOURCEPATH
$DESTUSER@$DESTHOST:$DESTPATH 2>&1 >> $LOGFILE
echo “Completed at: `/bin/date`” >> $LOGFILE

——————————————-

Copy this file into the home directory of the sourceuser on the SOURCESERVER
and modify the first 4 variables in the file.
SOURCEPATH (Source path to be synced)
DESTPATH (Destination path to be synced)
DESTHOST (Destination IP address or host name)
DESTUSER (User on the destination server)
Save it as something like ‘rsync.sh’
Set the permissions on the file to 700.
# chmod 700 rsync.sh

Now you should be able to run the script, have it connect to the
DESTSERVER, and transfer the files all without your interaction.
The script will send all output to the ‘rsync.log’ file specified in the
script.


Part 3 - Setting up the cron job

Assuming everything has worked so far all that’s left is to setup a cron
job to run the script automatically at a predefined interval.

As the same sourceuser use the ‘crontab’ command to create a new cron job.

# crontab -e

This will open an editor where you can schedule the job.
Enter the following to have the script run once every hour

——————————————-
# Run my rsync script once every hour
0 * * * * /path/to/rsync.sh
——————————————-

Your 2 servers should now be syncing the chosen directory once every hour.
Hope this helped, let me know if you have any questions.
Have you ever wanted to know how to easily synchronize the data between
multiple servers automatically?
In this article I’ll explain how to setup 2 Linux servers to automatically
synchronize data between a specific directory on each server. To do this
we will use rsync, ssh key authentication, and a cron job.

FreeBSD - File paths


CRON
====
/var/cron/tabs/<Username>
#/etc/rc.d/cron start

QMAIL
=====
/usr/local/etc/rc.d/qmaild.sh restart

/etc/mail/relay-domains ---contains a list of hosts which are allowed to
relay mail through your mail server.

or

/var/qmail/control/virtualdomains ---add entery of the domain

Apache
=======
/usr/local/etc/rc.d/apache.sh restart
/hsphere/shared/apache/conf/httpd.conf

PHP
===
/usr/local/Zend/etc/php.ini
/hsphere/shared/apache/conf/php.ini

Zone file
==========
/etc/namedb/master/<domain.com>

VPOPMAIL of Domain in Hsphere:
==============================
/hsphere/local/var/vpopmail/domains =====> contains password and necessary
info about the accounts in that domain

Wednesday, January 26, 2011

MRTG Installation.

MRTG installation
==============

SNMP installation

#yum install net-snmp*

Configuration of snmpd.conf
=====================

Inside the /etc/snmp/ folder, there will be the snmp configuration
file named, snmpd.conf

#mv snmpd.conf snmpd.conf.old

#vi snmpd.conf

Enter the following line in the new configuration file to set the Read
Only community string to any password of your choice, say for eg.,
1q2w3e

rocommunity 1q2w3e


#etc/rc.d/init.d/snmpd start

Run the following commnds from the command line

#snmpwalk -v 1 -c 1q2w3e localhost system

#snmpwalk -v 1 -c 1q2w3e localhost interface

The above steps are called as polling localhost. You can poll any SNMP
aware network device that has SNMP enabled. All you need is the IP
address and SNMP read only string and you’ll be able to get similar
results.

There are currently three versions of SNMP; versions 1, 2 and 3. The
Linux snmpwalk and snmpget commands have v 1, v 2c and v 3 switches for
specifying the SNMP version to be used for queries. Always make sure you
are using the correct one.

Now that we know SNMP is working correctly on your Linux server, we can
configure a SNMP statistics gathering software package such as MRTG to
create online graphs of your traffic flows.

Gd installation
============
This is a graphic drawing library developed by Thomas Boutell. The present versions only develop PNG images as GIF images runs into problems.

http://www.libgd.org/releases/

#wget http://www.libgd.org/releases/

#tar -xvf gd-(*.*.*).tar.gz

#cd gd(*.*.*)

#env CPPFLAGS="-I../zlib -I../libpng" LDFLAGS="-L../zlib -L../libpng" ./configure --disable-shared --without-freetype --without-jpeg

#make

For Gd to produce graphic PNG images you need libpng
========================================

This can be downloaded from

http://sourceforge.net/projects/libpng/files/libpng15/1.5.0/libpng-1.5.0.tar.xz/download
#tar -xvf libpng-1.5.0.tar.gz

#cd libpng-1.5.0

#env CFLAGS="-O3 -fPIC" ./configure --prefix=$INSTALL_DIR

#make

zlib is needed by libpng to compress those graphic images
=========================================

Zlib can be downloaded from

http://downloads.sourceforge.net/project/libpng/zlib/1.2.5/zlib-1.2.5.tar.gz?r=&ts=1288349087&use_mirror=space

#wget http://downloads.sourceforge.net/project/libpng/zlib/1.2.5/zlib-1.2.5.tar.gz?r=&ts=1288349087&use_mirror=space

#tar -xvz zlib-1.2.5.tar.gz

#cd zlib-1.2.5

#./configure

#make

Finally MRTG Compilation
====================

Can be downloaded from,

http://oss.oetiker.ch/mrtg/pub/

#wget http://oss.oetiker.ch/mrtg/pub/mrtg-2.16.4.tar.gz

#tar -xvf mrtg-2.16.4.tar.gz

# cd mrtg-2.16.4

# ./configure --prefix=/usr/local/mrtg-2

#make

#make install

Configuring MRTG
================

#cd /usr/local/mrtg-2/bin

#mkdir /home/mrtg

#./cfgmaker --global 'WorkDir: /home/mrtg' --global 'Options[_]: bits,growright' --output /home/mrtg/mrtg.cfg 1q2w3e@localhost

#./indexmaker --output=/home/mrtg/index.html /home/mrtg/mrtg.cfg

Configuring on ZEUS web server
=======================

Then if that is zeus web server

1.Check the server and select the configure button

2.Now you will be taken to a new page where in left side you will have URL mapping option just below URL handling, select url mapping.

3.Add the word /mrtg/ to the space corresponding to "Map requests for (relative to document root)"

4.Add /home/mrtg/ to the space corresponding to "Map requests to (filesystem path)"

Now apply setting and save the settings

Configuration in apache web server
==========================
Configuration in apache web server is simple it is just by adding an alias in apache configuration file.

1.#vi /etc/https/conf/httpd.conf to open the apache configuration file
2.Add the line "Alias /mrtg/ /home/mrtg/" save and exit.
3.#/etc/init.d/httpd restart to restart apache server.

Cron for MRTG
=============

#vi /var/spool/cron/root

add the following line

*/5 * * * * env LANG=C /usr/local/mrtg-2/bin/mrtg /home/mrtg/mrtg.cfg --logging /var/log/mrtg.log >/dev/null 2>&1

#service crond restart

http://X.X.X.X/mrtg/