f you wish to find out what file or directory is taking up the most space in a particular you location, you can use the du command. For instance, to display the 50 largest files/directores in /usr/local, you would issue the following command:
du -a /usr/local | sort -n -r | head -n 50
Sunday, June 29, 2008
Fatal error: Out of memory
=================================
edit file /etc/httpd/conf/httpd.conf and comment following lines
#RLimitMEM 813712042
#RLimitCPU 240
edit file /etc/httpd/conf/httpd.conf and comment following lines
#RLimitMEM 813712042
#RLimitCPU 240
Fantastico is not installed at the default location
/usr/local/cpanel/3rdparty/fantastico. Either move the Fantastico directory
from it's current location to /usr/local/cpanel/3rdparty/fantastico OR
enable ioncube loaders in WHM -> Tweak settings.
Internal PHP's "php.ini" file (/usr/local/cpanel/3rdparty/etc/php.ini).
----------------------------------------
zend_extension="/usr/local/cpanel/3rdparty/fantastico/loaders/ioncube_loader_lin_5.2.so"
from it's current location to /usr/local/cpanel/3rdparty/fantastico OR
enable ioncube loaders in WHM -> Tweak settings.
Internal PHP's "php.ini" file (/usr/local/cpanel/3rdparty/etc/php.ini).
----------------------------------------
zend_extension="/usr/local/cpanel/3rdparty/fantastico/loaders/ioncube_loader_lin_5.2.so"
PERM_FAILURE: SMTP Error
-----------------------------------
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550-ug-out-1314.google.com [66.249.92.175]
is currently not permitted to relay
550-through this server. Perhaps you have not logged into the pop/imap server
550-in the last 30 minutes or do not have SMTP Authentication turned on in your
550 email client.
------------------------------------
==Nevertheless you have the site added to /etc/remotedomains, as if it was using
a remote mail server.
In order to rectify this issue, simply remove the domain from remotedomains and
add it to /etc/localdomains
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550-ug-out-1314.google.com [66.249.92.175]
is currently not permitted to relay
550-through this server. Perhaps you have not logged into the pop/imap server
550-in the last 30 minutes or do not have SMTP Authentication turned on in your
550 email client.
------------------------------------
==Nevertheless you have the site added to /etc/remotedomains, as if it was using
a remote mail server.
In order to rectify this issue, simply remove the domain from remotedomains and
add it to /etc/localdomains
host lookup did not complete error in logs
check out
/etc/resolve.conf
/etc/localdomains -- entry for that particular domain
/etc/resolve.conf
/etc/localdomains -- entry for that particular domain
Exim
You may log into WHM and click on "Mail Queue Manager" under the Email grouping.
If you wish to do this through SSH, you may issue the following commands:
exim -bpc (outputs a number which is the current messages in queue)
exim -bp (outputs the full list of messages)
To see the contents of an email, you can use:
exim -Mvl (shows the message log)
exim -Mvb (shows the message body)
exim -Mvh (shows the message header)
1) single message
exim -Mvl 1I7WhH-0003Ce-3B
2) Send mail
mail -vv youremail@com
If you wish to do this through SSH, you may issue the following commands:
exim -bpc (outputs a number which is the current messages in queue)
exim -bp (outputs the full list of messages)
To see the contents of an email, you can use:
exim -Mvl
exim -Mvb
exim -Mvh
1) single message
exim -Mvl 1I7WhH-0003Ce-3B
2) Send mail
mail -vv youremail@com
Sending emi file as attachment
open file
/etc/antivirus.exim
/etc/cpanel_exim_system_filter
remove .emi from
if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|
/etc/antivirus.exim
/etc/cpanel_exim_system_filter
remove .emi from
if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|
Domain Is Missing In WHM List Account
Domain Is Missing In WHM List Account
If you cannot find domain in WHM "List Account", Please make sure that the domain entry in the following files :
/etc/userdomains
/etc/localdomains
/etc/trueuserdomains
/var/cpanel/users
Please try again to find that domain in WHM "List Account" :)
If you cannot find domain in WHM "List Account", Please make sure that the domain entry in the following files :
/etc/userdomains
/etc/localdomains
/etc/trueuserdomains
/var/cpanel/users
Please try again to find that domain in WHM "List Account" :)
How to disable webmail interface for single account
How to disable webmail interface for single account?
if you want to disable 'Horde' and 'Neomail' for any user
vi /var/cpanel/users/anyuser
Then add the following lines ::
skiphorde = 1
skipneomail = 1
(Here '1' is for disable and '0' is for enable)
if you want to disable 'Horde' and 'Neomail' for any user
vi /var/cpanel/users/anyuser
Then add the following lines ::
skiphorde = 1
skipneomail = 1
(Here '1' is for disable and '0' is for enable)
Disable Direct Root Logins
Disable Direct Root Logins
Allowing the root user to login directly is a major security issue, we'll show you how to disable it so you can still login as root but just not directly, reducing the security issue.
This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you'll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.
1. SSH into your server as 'admin' and gain root access by su
2. Copy and paste this line to edit the file for SSH logins
pico -w /etc/ssh/sshd_config
3. Find the line
Protocol 2, 1
4. Uncomment it and change it to look like
Protocol 2
5. Next, find the line
PermitRootLogin yes
6. Uncomment it and make it look like PermitRootLogin no
7. Save the file Ctrl+X then Y then enter
8. Now you can restart SSH
/etc/rc.d/init.d/sshd restart
Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!
Allowing the root user to login directly is a major security issue, we'll show you how to disable it so you can still login as root but just not directly, reducing the security issue.
This will force a hacker to have to guess 2 seperate passwords to gain root access.
(you do have 2 seperate passwords for admin and root right?)
What happens is you'll first need to login as your admin user in SSH, then switch to the super user with the su command to get root.
We also will be forcing the use of SSH protocol 2, which is a newer, more secure SSH protocol
Just a couple more ways to help your server stay safe from the bad guys. If you're using cPanel make sure you add your admin user to the 'wheel' group so that you will be able to 'su -' to root, otherwise you may lock yourself out of root.
1. SSH into your server as 'admin' and gain root access by su
2. Copy and paste this line to edit the file for SSH logins
pico -w /etc/ssh/sshd_config
3. Find the line
Protocol 2, 1
4. Uncomment it and change it to look like
Protocol 2
5. Next, find the line
PermitRootLogin yes
6. Uncomment it and make it look like PermitRootLogin no
7. Save the file Ctrl+X then Y then enter
8. Now you can restart SSH
/etc/rc.d/init.d/sshd restart
Now, no one will be able to login to root with out first loggin in as admin and 'su -' to root, and you will be forcing the use of a more secure protocol. Just make sure you remember both passwords!
If site is showing default apache page
1)pico /etc/httpd/conf/httpd.conf
search for that particular domain entry. if not found add it
e.g
ServerAlias www.domain name
ServerAdmin webmaster@domain name
DocumentRoot /home/user/public_html/
User user
Group user
ServerName domain name
User user
Group user
BytesLog /usr/local/apache/domlogs/domainname-bytes_log
CustomLog /usr/local/apache/domlogs/domainname combined
ScriptAlias /cgi-bin/ /home/username//public_html/cgi-bin/
then save and exit
# service httpd configtest
# service httpd restart
search for that particular domain entry. if not found add it
e.g
ServerAlias www.domain name
ServerAdmin webmaster@domain name
DocumentRoot /home/user/public_html/
User user
Group user
ServerName domain name
User user
Group user
BytesLog /usr/local/apache/domlogs/domainname-bytes_log
CustomLog /usr/local/apache/domlogs/domainname combined
ScriptAlias /cgi-bin/ /home/username//public_html/cgi-bin/
then save and exit
# service httpd configtest
# service httpd restart
Creating a Welcome message for SSH logins
First off login to our server as root. Then type in the following:
pico /etc/motd
Now type in the security login message you wish all users to see once they login to your server through SSH.
Try something like this as a start:
---------------------------------------------------------------------------
This computer system is for authorized users only. All activity is logged and
regulary checked by systems personal. Individuals using this system without
authority or in excess of their authority are subject to having all their
services revoked. Any illegal services run by user or attempts to take down
this server or its services will be reported to local law enforcement, and
said user will be punished to the full extent of the law. Anyone using this
system consents to these terms.
---------------------------------------------------------------------------
pico /etc/motd
Now type in the security login message you wish all users to see once they login to your server through SSH.
Try something like this as a start:
---------------------------------------------------------------------------
This computer system is for authorized users only. All activity is logged and
regulary checked by systems personal. Individuals using this system without
authority or in excess of their authority are subject to having all their
services revoked. Any illegal services run by user or attempts to take down
this server or its services will be reported to local law enforcement, and
said user will be punished to the full extent of the law. Anyone using this
system consents to these terms.
---------------------------------------------------------------------------
Basic SSH Commands
Common SSH Commands or Linux Shell Commands,
ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.
cd : change directory cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory
cat : print file contents to the screen
cat filename.txt : cat the contents of filename.txt to your screen
tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it's being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen
more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit to go to the next page, to quit
pico : friendly, easy to use file editor
pico /home/nexus/public_html/index.html : edit the index page for the user's website.
vi : another editor, tons of features, harder to use at first than pico
vi /home/nexus/public_html/index.html : edit the index page for the user's website.
grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root
touch : create an empty file
touch /home/nexus/public_html/404.html : create an empty file called 404.html in the directory /home/nexus/public_html/
ln : create's "links" between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.
rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!
last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field
w : shows who is currently logged in and where they are logged in from.
netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.
top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn't bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage
ps: ps is short for process status, which is similar to the top command. It's used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux --forest : shows all system processes like the above but organizes in a hierarchy that's very useful!
file : attempts to guess what type of file a file is by looking at it's content.
file * : prints out a list of all files/directories in a directory
du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.
wc : word count
wc -l filename.txt : tells how many lines are in filename.txt
cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/nexus/new_design/* /home/nexus/public_html/ : copies all files, retaining permissions form one directory to another.
kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)
ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.
cd : change directory cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory
cat : print file contents to the screen
cat filename.txt : cat the contents of filename.txt to your screen
tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it's being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen
more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit to go to the next page, to quit
pico : friendly, easy to use file editor
pico /home/nexus/public_html/index.html : edit the index page for the user's website.
vi : another editor, tons of features, harder to use at first than pico
vi /home/nexus/public_html/index.html : edit the index page for the user's website.
grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root
touch : create an empty file
touch /home/nexus/public_html/404.html : create an empty file called 404.html in the directory /home/nexus/public_html/
ln : create's "links" between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.
rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!
last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field
w : shows who is currently logged in and where they are logged in from.
netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.
top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn't bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage
ps: ps is short for process status, which is similar to the top command. It's used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux --forest : shows all system processes like the above but organizes in a hierarchy that's very useful!
file : attempts to guess what type of file a file is by looking at it's content.
file * : prints out a list of all files/directories in a directory
du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.
wc : word count
wc -l filename.txt : tells how many lines are in filename.txt
cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/nexus/new_design/* /home/nexus/public_html/ : copies all files, retaining permissions form one directory to another.
kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)
Changing the php directive
Changing the php directive/setting with the help of .htaccess
To change the php directive/setting add following in .htaccess file in your DocumentRoot.
Code:
--------------------------------------------------
php_flag register_globals on
php_value register_globals off
php_value max_execution_time 60
php_value upload_max_filesize 16777216
php_value post_max_size 16777216
--------------------------------------------------
To change the php directive/setting add following in .htaccess file in your DocumentRoot.
Code:
--------------------------------------------------
php_flag register_globals on
php_value register_globals off
php_value max_execution_time 60
php_value upload_max_filesize 16777216
php_value post_max_size 16777216
--------------------------------------------------
Trailing Slash problem:
Put this in .htaccess in your document root (given example is for my site of course, replace the server name with yours)
Code:
--------------------------------------------------
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+[^/])$ http://servername/$1/ [R]
--------------------------------------------------
Code:
--------------------------------------------------
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.+[^/])$ http://servername/$1/ [R]
--------------------------------------------------
Blocking users by IP With the help of .htaccess
Code:
--------------------------------------------------
order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all
--------------------------------------------------
--------------------------------------------------
order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all
--------------------------------------------------
execute cgi script out of cgi-bin directory
The apache treat cgi scripts as stated in httpd.conf in ScriptAlias directory i.e. cgi-bin. To execute cgi script outside cgi-bin just adds following 2 lines in .htaccess files to execute cgi scripts in any folder outside cgi-bin.
Code:
--------------------------------------------------
AddHandler cgi-script .pl .cgi
Options Includes ExecCGI
--------------------------------------------------
Code:
--------------------------------------------------
AddHandler cgi-script .pl .cgi
Options Includes ExecCGI
--------------------------------------------------
Avoiding Directory listing
If default index page is not created the apache server by default shows Directory Listing to avoid this create an empty file named as index.html or index.php or add following code in your .htaccess.
Code:
--------------------------------------------------
IndexIgnore * # > for avoiding listing of all files
IndexIgnore *.gif *.jpg # > for avoiding listing of only particular type of file.
Options Indexes # > Deny directory listing completely. [Only site name appear]
--------------------------------------------------
Code:
--------------------------------------------------
IndexIgnore * # > for avoiding listing of all files
IndexIgnore *.gif *.jpg # > for avoiding listing of only particular type of file.
Options Indexes # > Deny directory listing completely. [Only site name appear]
--------------------------------------------------
Customize Error document with .htaccess.
Add following in your sites DocumentRoot to take the error page from within errors folder in DocumentRoot.
Code:
--------------------------------------------------
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.html
--------------------------------------------------
Code:
--------------------------------------------------
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.html
--------------------------------------------------
Redirecting with the help of .htaccess
Add following line in .htaccess file in the directory you want to redirect to somewhere else.
Code:
--------------------------------------------------
RedirectMatch .* http://domainname/PathToFile
--------------------------------------------------
Code:
--------------------------------------------------
RedirectMatch .* http://domainname/PathToFile
--------------------------------------------------
named.conf fixed
if named.conf is corrupt or needs rebuilding you can:
Method 1
cd /scripts;
service named stop ; killall -9 named ; mv /etc/named.conf /etc/named.old ; ./rebuildnamedconf > /etc/named.conf ; ./fixndc ; ./fixndc
ndc status
Method 1
cd /scripts;
service named stop ; killall -9 named ; mv /etc/named.conf /etc/named.old ; ./rebuildnamedconf > /etc/named.conf ; ./fixndc ; ./fixndc
ndc status
clear mail queue
service exim stop;
service exim stop;
rm -rf /var/spool/exim/msglog;
rm -rf /var/spool/exim/input;
rm -rf /var/spool/exim/msglog;
rm -rf /var/spool/exim/input;
perl /scripts/restartsrv exim
service exim stop;
rm -rf /var/spool/exim/msglog;
rm -rf /var/spool/exim/input;
rm -rf /var/spool/exim/msglog;
rm -rf /var/spool/exim/input;
perl /scripts/restartsrv exim
cpu/memory/mysql usage blank
/usr/local/cpanel/bin/dcpumon stop
/usr/local/cpanel/bin/dcpumon start
service crond restart
verify dcpumon exists in /var/spool/cron/root
/usr/local/cpanel/bin/dcpumon start
service crond restart
verify dcpumon exists in /var/spool/cron/root
Securing php.ini
The following values can be used on servers that have cronic php hacking issues:
disable_functions = "system,exec,shell_exec"
OR -if that doesn't work -
disable_functions = "system,exec,shell_exec,passthru,readfile,escapeshellarg,escapeshellcmd,popen,pcntl_exec"
disable_functions = "system,exec,shell_exec"
OR -if that doesn't work -
disable_functions = "system,exec,shell_exec,passthru,readfile,escapeshellarg,escapeshellcmd,popen,pcntl_exec"
IP address not responding
If an IP address or group of IPs stop responding, and they are showing as "RED" in "show IP addresses" in WHM, the fix is quite simple...
service ipaliases restart
service ipaliases restart
Blank PHP Pages
I recently ran in to a situation where all the php pages were blank.
I tried all the normal fixes (eg. easyapache, upcp etc...) all did not work.
I ended up copying php.ini from another server and then restarting apache... this solved the problem.
I tried all the normal fixes (eg. easyapache, upcp etc...) all did not work.
I ended up copying php.ini from another server and then restarting apache... this solved the problem.
php open_basedir problems
If you get: Warning: main(): open_basedir restriction in effect. error, then it means that the php open_basedir protection is turned on in the server.
You will need to turn it off by making an "exception" for this.
To make the exception, log in to WHM, click "Tweak Security", then click "configure" below "Php open_basedir Tweak".
Now place a check mark beside the domain in question (exclude protection box) and hit save.
This should clear up the php open base problem.
You will need to turn it off by making an "exception" for this.
To make the exception, log in to WHM, click "Tweak Security", then click "configure" below "Php open_basedir Tweak".
Now place a check mark beside the domain in question (exclude protection box) and hit save.
This should clear up the php open base problem.
Error: failed to open stream: Operation not permitted
If you get an error like:
Warning: main(/home2/user/public_html/folder/somefile.php): failed to open stream: Operation not permitted in /home/user/public_html/includes/somefile.php on line XXX
Then it is becuase the "user" folder needs to be moved from home2 to home, or vice versa.
** If there is no /home2, then simply log in to ssh and run:
cd /
ln -s home home2
And that should fix.
** If there is a /home2, then simply move the site to /home2
Warning: main(/home2/user/public_html/folder/somefile.php): failed to open stream: Operation not permitted in /home/user/public_html/includes/somefile.php on line XXX
Then it is becuase the "user" folder needs to be moved from home2 to home, or vice versa.
** If there is no /home2, then simply log in to ssh and run:
cd /
ln -s home home2
And that should fix.
** If there is a /home2, then simply move the site to /home2
black listed / blacklist IP address / change smtp ip in exim
In case a primary IP is being blocked by AOL, hotmail, etc, you can change the SMTP IP in /etc/exim.conf
Look for:
remote_smtp:
driver = smtp
interface = new IP
Look for:
remote_smtp:
driver = smtp
interface = new IP
Cannot access port 2087 and 2083
Check if stunnel is working with
ps -aux | grep stunnel
If you get any process, kill it.
Then start stunnel using
/usr/sbin/stunnel /usr/local/cpanel/etc/stunnel/default/stunnel.conf
ps -aux | grep stunnel
If you get any process, kill it.
Then start stunnel using
/usr/sbin/stunnel /usr/local/cpanel/etc/stunnel/default/stunnel.conf
tweaksettings config file
ncase you need to modify the variables found on whm/tweak settings, the file is:
/var/cpanel/cpanel.config
/var/cpanel/cpanel.config
cpanel license error
If you are getting a consistent license error for cpanel, and have done all the normal fixes, try checking the date... if it is off by more than a day, the licensing won't work.
To fix, you will need to change the date from SSH.
For example, if it is 10:17 AM CST April 15, 2006 run:
date 041510172006
(month, date, time, year)
Then run:
/sbin/hwclock --systohc (this syncs the time with the bios).
----------------------------------------
Your license file is active.
You may verify this at http://verify.cpanel.net
Please log into your server and issue the following command.
/usr/local/cpanel/cpkeyclt
This should refresh your Cpanel license.
To fix, you will need to change the date from SSH.
For example, if it is 10:17 AM CST April 15, 2006 run:
date 041510172006
(month, date, time, year)
Then run:
/sbin/hwclock --systohc (this syncs the time with the bios).
----------------------------------------
Your license file is active.
You may verify this at http://verify.cpanel.net
Please log into your server and issue the following command.
/usr/local/cpanel/cpkeyclt
This should refresh your Cpanel license.
SSH window closes at LOGIN
I encountered a new problem today where the SSH window would disappear just as soon as you entered "root" in the login.
The fix was simple.
Go to: http://a.b.c.d:2086/scripts2/sshkeys (Replace IP with affected IP)
- Delete the SSH key
- Restart SSH (from WHM is OK).
The problem should go away.
The fix was simple.
Go to: http://a.b.c.d:2086/scripts2/sshkeys (Replace IP with affected IP)
- Delete the SSH key
- Restart SSH (from WHM is OK).
The problem should go away.
Issue with /cpanel or /whm or /webmail.
user can access cpanel by http://domain.com/cpanel then please try doing following,
1) Login ot WHM and go to "Tweak Settings"
2) Uncheck following two options from "System",
Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.
When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname (unless a custom certificate has been installed in Manage Service Certificates).
In order to access /cpanel or /whm or /webmail these two options should be unchecked.
1) Login ot WHM and go to "Tweak Settings"
2) Uncheck following two options from "System",
Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc.
When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname (unless a custom certificate has been installed in Manage Service Certificates).
In order to access /cpanel or /whm or /webmail these two options should be unchecked.
DNS Zones Missing in WHM
Hello,
If you ran 'upcp --force' and then found the DNS Zones missing in WHM at "Edit DNS Zone" section. In order to fix this issue, you need to install the perl module Scalar::Util by executing the following command in shell :
/scripts/perlinstaller --force Scalar::Util
and that should resolve the issue.
But if still the problem persists, then you can try installing the another perl module ie. Tie::IxHash by executing the following command :
perl -MCPAN -e 'install Tie::IxHash;'
If you ran 'upcp --force' and then found the DNS Zones missing in WHM at "Edit DNS Zone" section. In order to fix this issue, you need to install the perl module Scalar::Util by executing the following command in shell :
/scripts/perlinstaller --force Scalar::Util
and that should resolve the issue.
But if still the problem persists, then you can try installing the another perl module ie. Tie::IxHash by executing the following command :
perl -MCPAN -e 'install Tie::IxHash;'
Remote Reboot / Administration of a VPS
In case someone wants to be able to remote reboot their VPS, you can give them this feature:
1 - Lets make sure its available to the client first... log in to VZCC then select the VPS ID, then go to Preferences -> advanced. Make sure that "Offline Management" has been selected.
2 - Tell client to log in to VZPP (Note VZPP, not VZCC) via: https://ip.of.their.vps:4643
3 - The user/password is the same as their root login (Or administrator login for windows).
Once logged in, they can remote-manage their server.
1 - Lets make sure its available to the client first... log in to VZCC then select the VPS ID, then go to Preferences -> advanced. Make sure that "Offline Management" has been selected.
2 - Tell client to log in to VZPP (Note VZPP, not VZCC) via: https://ip.of.their.vps:4643
3 - The user/password is the same as their root login (Or administrator login for windows).
Once logged in, they can remote-manage their server.
Fixing Most Cpanel Mail / exim issues
rm -f /etc/exim.conf.old
mv /etc/exim.conf /etc/exim.conf.old
/scripts/perlinstaller Digest::SHA1
/scripts/perlinstaller --force Mail::SpamAssassin
/scripts/fixspamassassinfailedupdate
/scripts/updatenow
/scripts/installspam --force
/scripts/eximup --force
/etc/rc.d/init.d/exim restart
/scripts/restartsrv spamd
/etc/rc.d/init.d/chkservd restart
mv /etc/exim.conf /etc/exim.conf.old
/scripts/perlinstaller Digest::SHA1
/scripts/perlinstaller --force Mail::SpamAssassin
/scripts/fixspamassassinfailedupdate
/scripts/updatenow
/scripts/installspam --force
/scripts/eximup --force
/etc/rc.d/init.d/exim restart
/scripts/restartsrv spamd
/etc/rc.d/init.d/chkservd restart
Dos Attacks
1 - Check apache status
If you see a lot of ? marks in there, chances are the server is being dossed.
Click here for an example of apache under dos attack
Use the command: netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
This will tell you how many httpd connections there are to the server.
This command may also be useful: lsof -i :80
2 - Block any IP's that have 20 or more connections using:
route add -host reject
AND
apf -d
3 - Then:
edit /usr/local/apache/conf/httpd.conf
and change:
KeepAlive On TO KeepAlive Off
then:
/scripts/restartsrv httpd
===========================================
Another thing to try:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Put following in /etc/sysctl.conf
# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
Then execute the command :-
# /sbin/sysctl -p
You can also execute the following commands to minimize the syn attack in the future :-
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
If you see a lot of ? marks in there, chances are the server is being dossed.
Click here for an example of apache under dos attack
Use the command: netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
This will tell you how many httpd connections there are to the server.
This command may also be useful: lsof -i :80
2 - Block any IP's that have 20 or more connections using:
route add -host
AND
apf -d
3 - Then:
edit /usr/local/apache/conf/httpd.conf
and change:
KeepAlive On TO KeepAlive Off
then:
/scripts/restartsrv httpd
===========================================
Another thing to try:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Put following in /etc/sysctl.conf
# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 30
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
Then execute the command :-
# /sbin/sysctl -p
You can also execute the following commands to minimize the syn attack in the future :-
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
general security
1. EXECUTE THE FOLLOWING COMMANDS TO HELP PREVENT UPLOADS OF EXPLOITS:
chmod 0750 `which curl` 2>&-; chmod 0750 `which fetch` 2>&-;
chmod 0750 `which wget` 2>&-
2. EXECUTE THE FOLLOWING COMMANDS TO CHECK FOR POSSIBLE EXISTING EXPLOITS:
sh
for x in "/dev/shm /tmp /usr/local/apache/proxy /var/spool /var/tmp";
do ls -loAFR $x 2>&- | grep -E "^$|^/| apache | nobody | unknown |
www | web | htdocs " | grep -E "^$|^/|/$|\*$|\.pl$" | grep -Ev
"sess_" | tee exploits.txt; done; echo -e "\n\nPossible Exploit
Files and Directories: `grep -Ev "^$|^/" exploits.txt | wc -l | tr -d
' '`" | tee -a exploits.txt
exit
chmod 0750 `which curl` 2>&-; chmod 0750 `which fetch` 2>&-;
chmod 0750 `which wget` 2>&-
2. EXECUTE THE FOLLOWING COMMANDS TO CHECK FOR POSSIBLE EXISTING EXPLOITS:
sh
for x in "/dev/shm /tmp /usr/local/apache/proxy /var/spool /var/tmp";
do ls -loAFR $x 2>&- | grep -E "^$|^/| apache | nobody | unknown |
www | web | htdocs " | grep -E "^$|^/|/$|\*$|\.pl$" | grep -Ev
"sess_" | tee exploits.txt; done; echo -e "\n\nPossible Exploit
Files and Directories: `grep -Ev "^$|^/" exploits.txt | wc -l | tr -d
' '`" | tee -a exploits.txt
exit
Restricting SSH for only certain IPS:
For IPS that are ONLY allowed to connect to SSH, add the following to:
/etc/hosts.allow
sshd: ALL EXCEPT 24.155.140.36, 70.84.214.90, 24.84.46.248, 203.193.136.61 : DENY
You can add/subtract any ips here.
No need to restart ssh. Only those IPS listed here will respond to SSH!
/etc/hosts.allow
sshd: ALL EXCEPT 24.155.140.36, 70.84.214.90, 24.84.46.248, 203.193.136.61 : DENY
You can add/subtract any ips here.
No need to restart ssh. Only those IPS listed here will respond to SSH!
SSH login notification email
Add this to end of /root/.bashrc
echo 'ALERT - Root Shell Access on:" `date` `who` |mail -s "Alert: Root shell access from `who | cut -d"(" -f2 | cut -d")" -f1`" you@yourdomain.com
Then: service sshd restart
*Note: DO replace "you@yourdomain.com" with the notification address.
echo 'ALERT - Root Shell Access on:" `date` `who` |mail -s "Alert: Root shell access from `who | cut -d"(" -f2 | cut -d")" -f1`" you@yourdomain.com
Then: service sshd restart
*Note: DO replace "you@yourdomain.com" with the notification address.
SPF record
In the zone file, add:
Domain.com. TXT "v=spf1 a ptr ~all"
Note: be sure to put the "." after the domain name!!!
Domain.com. TXT "v=spf1 a ptr ~all"
Note: be sure to put the "." after the domain name!!!
Installing SSL
Installing an SSL cert is generally easy.
To so, you will need 2 pieces of information:
1 - CRT
2 - KEY
Note: Often times the client will give the CSR, CABUNDLE, and 12 other certs to go along with it... the only two pieces that are generally needed are the two above.
- To install, log in to WHM, click "Install an SSL certificate and set up the domain"
- Enter the domain name (secure host, eg. www.yourdomain.com, or secure.yourdomain.com or what ever the secure host name is).
(This should populate the top and middle box, along with the username and IP)
- Take the CRT and copy/paste/overwrite the contents of the TOP box
Then click "DO IT"
Once httpd is restarted, please check https://the.secure.domain.com and if it is working, then inform the cilent. If not, escalate to me.
To so, you will need 2 pieces of information:
1 - CRT
2 - KEY
Note: Often times the client will give the CSR, CABUNDLE, and 12 other certs to go along with it... the only two pieces that are generally needed are the two above.
- To install, log in to WHM, click "Install an SSL certificate and set up the domain"
- Enter the domain name (secure host, eg. www.yourdomain.com, or secure.yourdomain.com or what ever the secure host name is).
(This should populate the top and middle box, along with the username and IP)
- Take the CRT and copy/paste/overwrite the contents of the TOP box
Then click "DO IT"
Once httpd is restarted, please check https://the.secure.domain.com and if it is working, then inform the cilent. If not, escalate to me.
httpd restart error
Apache Fixes
If you have a bad group error when restarting apache... for example:
root@[/usr/local/apache/conf]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
httpd: bad group name tasty01
/etc/init.d/httpd restart: httpd could not be started
Simply add the group that is "bad", then restart httpd.
Eg:
root@[/usr/local/apache/conf]# groupadd tasty01
root@[/usr/local/apache/conf]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
/etc/init.d/httpd restart: httpd started
root@[/usr/local/apache/conf]#
If you have a bad group error when restarting apache... for example:
root@[/usr/local/apache/conf]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
httpd: bad group name tasty01
/etc/init.d/httpd restart: httpd could not be started
Simply add the group that is "bad", then restart httpd.
Eg:
root@[/usr/local/apache/conf]# groupadd tasty01
root@[/usr/local/apache/conf]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
/etc/init.d/httpd restart: httpd started
root@[/usr/local/apache/conf]#
Disable Session Support for PHP
To Disable to Session Support for specific domain. Make the entry following entry in domain's .htaccess
php_flag session.use_trans_sid off
and restart apache.This will disable the session support for domain.
php_flag session.use_trans_sid off
and restart apache.This will disable the session support for domain.
horde Fix.
If the Horde login page is getting redirected to itself and you are unable o login to horde.
Please check the Horde log in /tmp folder and if the error is same as follows,
Error :
HORDE [error] [horde] Error writing session data
The Fix Is :
The table - horde_sessionhandler in the database - horde was corrupt. I fixed it using the command -
repair table horde_sessionhandler
Please check the Horde log in /tmp folder and if the error is same as follows,
Error :
HORDE [error] [horde] Error writing session data
The Fix Is :
The table - horde_sessionhandler in the database - horde was corrupt. I fixed it using the command -
repair table horde_sessionhandler
Starting cPanel ssl services: [FAILED]
If you find following output in cpanel restart,
Starting cPanel ssl services: [FAILED]
Then check if the stunnel is running by following command,
ps ax | grep stunnel
This should show following output,
root@server1 [/etc/xinetd.d]# ps ax | grep stunnel
3919 ? S 0:00 /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/mycabundle/stunnel.conf.run
4281 pts/0 S 0:00 grep stunnel
root@server1 [/etc/xinetd.d]#
If it's just showing,
root@server1 [/etc/xinetd.d]# ps ax | grep stunnel
4281 pts/0 S 0:00 grep stunnel
root@server1 [/etc/xinetd.d]#
Then again restart cpanel and fire command tail -100 /var/log/messages
check why stunnel is failed. And then fix as per the error.
I got the error in messages,
Dec 17 19:10:42 server1 stunnel[1790]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
Dec 17 19:10:42 server1 stunnel[1790]: FD_SETSIZE=16384, file ulimit=1024 -> 500 clients allowed
Dec 17 19:10:42 server1 stunnel[1790]: Error binding pop3s to 0.0.0.0:995
Dec 17 19:10:42 server1 stunnel[1790]: bind: Address already in use
Dec 17 19:10:42 server1 cpanel: startstunnel startup failed
The reason is in file /etc/xinetd.d/pop3s it's set as desable = no it should be desable = yes
make these changes and then restart xinetd and cpanel....
Starting cPanel ssl services: [FAILED]
Then check if the stunnel is running by following command,
ps ax | grep stunnel
This should show following output,
root@server1 [/etc/xinetd.d]# ps ax | grep stunnel
3919 ? S 0:00 /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/mycabundle/stunnel.conf.run
4281 pts/0 S 0:00 grep stunnel
root@server1 [/etc/xinetd.d]#
If it's just showing,
root@server1 [/etc/xinetd.d]# ps ax | grep stunnel
4281 pts/0 S 0:00 grep stunnel
root@server1 [/etc/xinetd.d]#
Then again restart cpanel and fire command tail -100 /var/log/messages
check why stunnel is failed. And then fix as per the error.
I got the error in messages,
Dec 17 19:10:42 server1 stunnel[1790]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
Dec 17 19:10:42 server1 stunnel[1790]: FD_SETSIZE=16384, file ulimit=1024 -> 500 clients allowed
Dec 17 19:10:42 server1 stunnel[1790]: Error binding pop3s to 0.0.0.0:995
Dec 17 19:10:42 server1 stunnel[1790]: bind: Address already in use
Dec 17 19:10:42 server1 cpanel: startstunnel startup failed
The reason is in file /etc/xinetd.d/pop3s it's set as desable = no it should be desable = yes
make these changes and then restart xinetd and cpanel....
cpsrvd not running.
If Cpanel is not running on the server and you are getting following,
# service cpanel status
cpsrvd dead but pid file exists
entropychat is stopped
melange is stopped
stunnel is stopped
interchange is stopped
qrunner is stopped
Then if you try to restart cpsrvd and if you are getting following error,
# /usr/local/cpanel/cpsrvd restart
Cwd object version 3.11 does not match $Cwd::VERSION 3.14
Then please try running following to fix the problem,
rm -rf /usr/local/cpanel/modules-install/pro-* (kill old version of pro modulres)
echo -n > /var/cpanel/addonmoduleversions/pro
/scripts/upcp --force
This will fix the problem and Cpanel will start working again.
# service cpanel status
cpsrvd dead but pid file exists
entropychat is stopped
melange is stopped
stunnel is stopped
interchange is stopped
qrunner is stopped
Then if you try to restart cpsrvd and if you are getting following error,
# /usr/local/cpanel/cpsrvd restart
Cwd object version 3.11 does not match $Cwd::VERSION 3.14
Then please try running following to fix the problem,
rm -rf /usr/local/cpanel/modules-install/pro-* (kill old version of pro modulres)
echo -n > /var/cpanel/addonmoduleversions/pro
/scripts/upcp --force
This will fix the problem and Cpanel will start working again.
RDP Issue on Windows Server.
Hello,
If you are facing max connections, problems on windows server and unable to login to RDP. Then no need to reboot the server.
Just go to Command prompt of your local PC and give following command,
mstsc /console /v: 67.18.223.146
Using this command you can login to server console using administrator username and it's password set.
Just login to console and kill the other sessions opened.
If you are facing max connections, problems on windows server and unable to login to RDP. Then no need to reboot the server.
Just go to Command prompt of your local PC and give following command,
mstsc /console /v: 67.18.223.146
Using this command you can login to server console using administrator username and it's password set.
Just login to console and kill the other sessions opened.
Saturday, June 28, 2008
How to change the Main IP of server.
Inorder to change the primary IP of the server, please make sure that you have more then one IP added on the server.
Please login to ssh using main IP as well as secondary IP of the server (this will required for the backup)
Then from the main IP ssh window,
pico -w /etc/sysconfig/network-scripts/ifcfg-eth0
Change the IP address and Gateway if required.
Once this done, please check file,
pico -w /etc/sysconfig/network
If this file having the IP address of the server, just change that too.
Once these chanegs made give,
service network restart
This will disconnect the current shell, and you will be able to access the server by new IP set.
Please login to ssh using main IP as well as secondary IP of the server (this will required for the backup)
Then from the main IP ssh window,
pico -w /etc/sysconfig/network-scripts/ifcfg-eth0
Change the IP address and Gateway if required.
Once this done, please check file,
pico -w /etc/sysconfig/network
If this file having the IP address of the server, just change that too.
Once these chanegs made give,
service network restart
This will disconnect the current shell, and you will be able to access the server by new IP set.
Installing DB module for pear
pear install DB
Also, you can run "pear list-all" to give you a list of all available pear modules and install them using "pear install"
Also, you can run "pear list-all" to give you a list of all available pear modules and install them using "pear install
How to upgrade Perl on server.
To upgrade perl on server,
1) Get perl Installer for 5.8.7 from layer1.cpanel.net by,
cd /root;wget http://layer1.cpanel.net/perl587installer.tar.gz
2) tar -zxvf perl587installer.tar.gz
3) cd perl587installer
4) run ./install
This will upgrade perl on server from 5.8.0 to 5.8.7
1) Get perl Installer for 5.8.7 from layer1.cpanel.net by,
cd /root;wget http://layer1.cpanel.net/perl587installer.tar.gz
2) tar -zxvf perl587installer.tar.gz
3) cd perl587installer
4) run ./install
This will upgrade perl on server from 5.8.0 to 5.8.7
Webstats Issues.
Hello,
If you are getting perl error while running /scripts/runweblogs
1) Check the perl version on the server by perl -v
2) If perl 5.8.0 is installed on the server, you may have to upgrade it to 5.8.7
3) Please use http://staff.fatnetwork.net/forum/viewtopic.php?p=226 to upgrade perl on server.
4) Still if you are getting following error at runweblogs,
error: List::Util object
> version 1.14 does not match bootstrap parameter 1.18 at
> /usr/lib/perl5/5.8.7/i686-linux/XSLoader.pm line 92.
5) You will have to force installed the List::Util Perl module by
/scripts/perlinstaller --force List::Util
OR
# cpan
cpan> install --force List::Util
cpan> exit
If you are getting perl error while running /scripts/runweblogs
1) Check the perl version on the server by perl -v
2) If perl 5.8.0 is installed on the server, you may have to upgrade it to 5.8.7
3) Please use http://staff.fatnetwork.net/forum/viewtopic.php?p=226 to upgrade perl on server.
4) Still if you are getting following error at runweblogs,
error: List::Util object
> version 1.14 does not match bootstrap parameter 1.18 at
> /usr/lib/perl5/5.8.7/i686-linux/XSLoader.pm line 92.
5) You will have to force installed the List::Util Perl module by
/scripts/perlinstaller --force List::Util
OR
# cpan
cpan> install --force List::Util
cpan> exit
Another Perl Error.
If you face following per error on any of the server,
/usr/bin/perl: relocation error:
/usr/local/cpanel/3rdparty/lib/perl/auto/RRDs/RRDs.so: undefined symbol:
Perl_Gthr_key_ptr
while updating stats OR restarting Cpanel. Then please apply following fix,
removed the old rrdtool binary first by executing `rm -f
/usr/local/cpanel/3rdparty/bin/rrdtool`, then updated rrdtool by executing
`/scripts/rrdtoolinstall`.
If this did not help then please reinstall perl on server from layer1.cpanel.net and then run /scripts/rrdtoolinstall
/usr/bin/perl: relocation error:
/usr/local/cpanel/3rdparty/lib/perl/auto/RRDs/RRDs.so: undefined symbol:
Perl_Gthr_key_ptr
while updating stats OR restarting Cpanel. Then please apply following fix,
removed the old rrdtool binary first by executing `rm -f
/usr/local/cpanel/3rdparty/bin/rrdtool`, then updated rrdtool by executing
`/scripts/rrdtoolinstall`.
If this did not help then please reinstall perl on server from layer1.cpanel.net and then run /scripts/rrdtoolinstall
Setting up backups when there is only 1 drive
This can be tricky, but, do the following:
cd /home
mkdir cpbackup
mkdir /backup
cd /backup
ln -s /home/cpbackup
Then go in to WHM, and enable daily/weekly/monthly backups in to /backup
cd /home
mkdir cpbackup
mkdir /backup
cd /backup
ln -s /home/cpbackup
Then go in to WHM, and enable daily/weekly/monthly backups in to /backup
New HTTPS Issue.
Hello,
If you face problem for https that https://serverhostname is working but https://serverhostname/~username is not working.
Please login to server and check ssl entry in httpd.conf file,
If you see following pice of code there,
Userdir disabled
Userdir enabled nobody
Just commect this pice of code and restart apache. this wil fix the problem.
If you face problem for https that https://serverhostname is working but https://serverhostname/~username is not working.
Please login to server and check ssl entry in httpd.conf file,
If you see following pice of code there,
Userdir disabled
Userdir enabled nobody
Just commect this pice of code and restart apache. this wil fix the problem.
uninstall / reinstall server rpm or modules named
Today I encounted a problem where an RPM/module (bind) was aparantly either corrupt or not working.
To fix, I used:
yum remove bind*
yum install bind*
/scripts/fixndc
*Note: Accept YES to install everything EXCEPT bind-choot.
This fixed it and I'm sure it would fix other server modules as well.
To fix, I used:
yum remove bind*
yum install bind*
/scripts/fixndc
*Note: Accept YES to install everything EXCEPT bind-choot.
This fixed it and I'm sure it would fix other server modules as well.
Restoring a server that has a 2nd drive mounted as old copy
In case a server ever has a crashed primary drive, feel free to ask the datacenter to install a new primary drive, and mount the old primary drive as the secondary, so that we can copy from it when the system is back online.
1 - mount old drive as /old /old/usr /old/var etc.
Most servers should be:
mkdir /old
mount /dev/sdb1 /old
mount /dev/sdb2 /old/var
mount /dev/sdb3 /old/usr
mount /dev/sdb7 /old/home
But you may need to figure out exactly which /dev/sdbX it is.
Then start copying
cp -R --reply=yes -p /old/etc/proftpd/* /etc/proftpd
cp -R --reply=yes -p /old/etc/valiases/* /etc/valiases
cp -R --reply=yes -p /old/etc/vfilters/* /etc/vfilters
cp -R --reply=yes -p /old/etc/userdomains /etc
cp -R --reply=yes -p /old/usr/local/cpanel/3rdparty/mailman/* /usr/local/cpanel/3rdparty/mailman
cp -R --reply=yes -p /old/usr/local/frontpage/* /usr/local/frontpage
cp -R --reply=yes -p /old/usr/share/ssl/* /usr/share/ssl
cp -R --reply=yes -p /old/var/cpanel/* /var/cpanel
cp -R --reply=yes -p /old/var/lib/mysql/* /var/lib/mysql
cp -R --reply=yes -p /old/var/log/bandwidth/* /var/log/bandwidth
cp -R --reply=yes -p /old/var/named/* /var/named
cp -R --reply=yes -p /old/var/spool/cron/* /var/spool/cron
cp -R --reply=yes -p /old/etc/ips /etc/ips
cp -R --reply=yes -p /old/etc/group /etc/group
cp -R --reply=yes -p /old/etc/localdomains /etc/localdomains
cp -R --reply=yes -p /old/etc/named.conf /etc/named.conf
cp -R --reply=yes -p /old/etc/passwd /etc/passwd
cp -R --reply=yes -p /old/etc/proftpd.conf /etc/proftpd.conf
cp -R --reply=yes -p /old/etc/quota.conf /etc/quota.conf
cp -R --reply=yes -p /old/etc/rndc.conf /etc/rndc.conf
cp -R --reply=yes -p /old/etc/secondarymx /etc/secondarymx
cp -R --reply=yes -p /old/etc/shadow /etc/shadow
cp -R --reply=yes -p /old/etc/wwwacct.conf /etc/wwwacct.conf
cp -R --reply=yes -p /old/usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf
cp -R --reply=yes -p /old/usr/local/cpanel/3rdparty/interchange/interchange.cfg /usr/local/cpanel/3rdparty/interchange/interchange.cfg
cp -R --reply=yes -p /old/home/* /home
chown -R mysql:mysql /var/lib/mysql
/scripts/restartsrv httpd
/scripts/restartsrv exim
/scripts/restartsrv mysql
/scripts/enablefileprotect
/scripts/mailperm
Important things to check
1 - rndc status should show all the zones. If it only shows 8, or nothing, then run /scripts/fixndc
2 - You should reboot the server and check to see if sample sites are loading. This is quite important!! If not, then fix/diagnose.
3 - Don't forget to recompile apache, otherwise everyone with GD requirements will be screaming at you!!!
4 - Pls also install fantastico, zend, and ioncube as well
5- If you are copying from an old cpanel install, you'll have to run /scripts/convert2maildir as well.
CGI Script to change ownership of all /home folders (may not be necessary):
NOTE: You may be able to use: /scripts/chownpublichtmls
If not, then put this in: file.cgi in /home and then execute it like this "perl file.cgi"
@ls = `ls -1`;
foreach $line (@ls){
chop $line;
print `chown $line\.$line -R $line`;
print `chmod 755 -R $line`;
}
Please check following steps to install Cpanel on server (ONLY IF NEEDED),
mkdir /home/cpins
cd /home/cpins
wget http://layer1.cpanel.net/latest
sh latest
1 - mount old drive as /old /old/usr /old/var etc.
Most servers should be:
mkdir /old
mount /dev/sdb1 /old
mount /dev/sdb2 /old/var
mount /dev/sdb3 /old/usr
mount /dev/sdb7 /old/home
But you may need to figure out exactly which /dev/sdbX it is.
Then start copying
cp -R --reply=yes -p /old/etc/proftpd/* /etc/proftpd
cp -R --reply=yes -p /old/etc/valiases/* /etc/valiases
cp -R --reply=yes -p /old/etc/vfilters/* /etc/vfilters
cp -R --reply=yes -p /old/etc/userdomains /etc
cp -R --reply=yes -p /old/usr/local/cpanel/3rdparty/mailman/* /usr/local/cpanel/3rdparty/mailman
cp -R --reply=yes -p /old/usr/local/frontpage/* /usr/local/frontpage
cp -R --reply=yes -p /old/usr/share/ssl/* /usr/share/ssl
cp -R --reply=yes -p /old/var/cpanel/* /var/cpanel
cp -R --reply=yes -p /old/var/lib/mysql/* /var/lib/mysql
cp -R --reply=yes -p /old/var/log/bandwidth/* /var/log/bandwidth
cp -R --reply=yes -p /old/var/named/* /var/named
cp -R --reply=yes -p /old/var/spool/cron/* /var/spool/cron
cp -R --reply=yes -p /old/etc/ips /etc/ips
cp -R --reply=yes -p /old/etc/group /etc/group
cp -R --reply=yes -p /old/etc/localdomains /etc/localdomains
cp -R --reply=yes -p /old/etc/named.conf /etc/named.conf
cp -R --reply=yes -p /old/etc/passwd /etc/passwd
cp -R --reply=yes -p /old/etc/proftpd.conf /etc/proftpd.conf
cp -R --reply=yes -p /old/etc/quota.conf /etc/quota.conf
cp -R --reply=yes -p /old/etc/rndc.conf /etc/rndc.conf
cp -R --reply=yes -p /old/etc/secondarymx /etc/secondarymx
cp -R --reply=yes -p /old/etc/shadow /etc/shadow
cp -R --reply=yes -p /old/etc/wwwacct.conf /etc/wwwacct.conf
cp -R --reply=yes -p /old/usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf
cp -R --reply=yes -p /old/usr/local/cpanel/3rdparty/interchange/interchange.cfg /usr/local/cpanel/3rdparty/interchange/interchange.cfg
cp -R --reply=yes -p /old/home/* /home
chown -R mysql:mysql /var/lib/mysql
/scripts/restartsrv httpd
/scripts/restartsrv exim
/scripts/restartsrv mysql
/scripts/enablefileprotect
/scripts/mailperm
Important things to check
1 - rndc status should show all the zones. If it only shows 8, or nothing, then run /scripts/fixndc
2 - You should reboot the server and check to see if sample sites are loading. This is quite important!! If not, then fix/diagnose.
3 - Don't forget to recompile apache, otherwise everyone with GD requirements will be screaming at you!!!
4 - Pls also install fantastico, zend, and ioncube as well
5- If you are copying from an old cpanel install, you'll have to run /scripts/convert2maildir as well.
CGI Script to change ownership of all /home folders (may not be necessary):
NOTE: You may be able to use: /scripts/chownpublichtmls
If not, then put this in: file.cgi in /home and then execute it like this "perl file.cgi"
@ls = `ls -1`;
foreach $line (@ls){
chop $line;
print `chown $line\.$line -R $line`;
print `chmod 755 -R $line`;
}
Please check following steps to install Cpanel on server (ONLY IF NEEDED),
mkdir /home/cpins
cd /home/cpins
wget http://layer1.cpanel.net/latest
sh latest
Install ImageMagick
wget http://easynews.dl.sourceforge.net/sourceforge/imagemagick/ImageMagick-6.2.7-1.tar.gz
tar xvzf ImageMagick-6.2.7-1.tar.gz
cd ImageMagick-6.2.7-1
./configure --prefix=/usr
make
make install
cd PerlMagick
perl Makefile.PL
make
make install
tar xvzf ImageMagick-6.2.7-1.tar.gz
cd ImageMagick-6.2.7-1
./configure --prefix=/usr
make
make install
cd PerlMagick
perl Makefile.PL
make
make install
Webmail works cppop does not.
If you are getting password prompt wile checking emails throufg Outlook but emails are working fine through Webmail, then please try running following commands:
<>
mv /etc/xinetd.d /etc/xinetd.d-
cd /etc
scp -pr root@70.86.115.106:/etc/xinetd.d . (or other IP)
killall -9 uwimap
killall -9 cppop
/scripts/restartsrv cppop
/scripts/restartsrv uwimap
This will jump start the emails.
This should fix the problem.
When logging in to webmail:
We were getting the following error: Connection failed to localhost,143: Connection
The fix was the one above.
<
mv /etc/xinetd.d /etc/xinetd.d-
cd /etc
scp -pr root@70.86.115.106:/etc/xinetd.d . (or other IP)
killall -9 uwimap
killall -9 cppop
/scripts/restartsrv cppop
/scripts/restartsrv uwimap
This will jump start the emails.
This should fix the problem.
We were getting the following error: Connection failed to localhost,143: Connection
The fix was the one above.
Useful Exim Commands
--Remove all messages older than five days (86400 * 5 = 432000 seconds): root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm You can make changes as per needs. --Remove all frozen messages: root@localhost# exiqgrep -z -i | xargs exim -Mrm |
-bash: /bin/rm: Argument list too long
f you are facing trouble and getting the following error message while removing the files in bulk using the "rm" command,
Error :
====
root@pluto [/tmp]# rm -rf *
-bash: /bin/rm: Argument list too long
====
then you can use the following "find | rm" command combination as given below in order get done this task :
find . -name '' | xargs rm
= Any matching file pattern that you want remove/delete.
Error :
====
root@pluto [/tmp]# rm -rf *
-bash: /bin/rm: Argument list too long
====
then you can use the following "find | rm" command combination as given below in order get done this task :
find . -name '
Exim Overloads & how to find a spammer
if multiple exim connections are the problem you should turn on extended logging:
To find the spammer:
edit /etc/exim.conf
and under: hostlist auth_relay_hosts = *
add the following:
log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
Then tail the log file.. I like to use: tail -f /var/log/exim_mainlog |grep /home/ so that i can see a simplified list of where the spams are coming from.
When you have located the username/folder that is sending the email, please suspend the account.
then, /root/mailq to clear out the queue.
then restart exim AND httpd AND mysql
To find the spammer:
edit /etc/exim.conf
and under: hostlist auth_relay_hosts = *
add the following:
log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
Then tail the log file.. I like to use: tail -f /var/log/exim_mainlog |grep /home/ so that i can see a simplified list of where the spams are coming from.
When you have located the username/folder that is sending the email, please suspend the account.
then, /root/mailq to clear out the queue.
then restart exim AND httpd AND mysql
Splitting a VERY large file > 2GB.
To split a very large file, i.e. over 2GB to download via FTP, use:
split -b 1900m
I.e. split -b 1900m backup-12.whatever.gz
Then to put them back to gether, use:
cat file1 file2 file3 file4 file5 >
split -b 1900m
I.e. split -b 1900m backup-12.whatever.gz
Then to put them back to gether, use:
cat file1 file2 file3 file4 file5 >
Another Apache Issue.
f you find following error in apache logs,
Syntax error on line 1199 of /usr/local/apache/conf/httpd.conf:
Invalid command 'BytesLog', perhaps mis-spelled or defined by a module not included in the server configuration
The fix is as follows,
cd /usr/local/cpanel/apache
/usr/local/apache/bin/apxs -iac mod_log_bytes.c
/usr/local/apache/bin/apxs -iac mod_bwlimited.c
/usr/local/apache/bin/apxs -iac mod_bandwidth.c
Syntax error on line 1199 of /usr/local/apache/conf/httpd.conf:
Invalid command 'BytesLog', perhaps mis-spelled or defined by a module not included in the server configuration
The fix is as follows,
cd /usr/local/cpanel/apache
/usr/local/apache/bin/apxs -iac mod_log_bytes.c
/usr/local/apache/bin/apxs -iac mod_bwlimited.c
/usr/local/apache/bin/apxs -iac mod_bandwidth.c
Mail Server Upgrade in Progress
If you are getting email error as Mail Server Upgrade in Progress. Message Queued.
Then please do following,
Just remove the router file "/usr/local/cpanel/etc/exim/cf/fail_remote_domains" and then remove the lines
temp_defer:
driver = redirect
allow_defer
data = :defer: Mail Server Upgrade in Progress. Message Queued.
verify = false
from the /etc/exim.conf.buildtest and save the file and then /scripts/eximup --force
Then please do following,
Just remove the router file "/usr/local/cpanel/etc/exim/cf/fail_remote_domains" and then remove the lines
temp_defer:
driver = redirect
allow_defer
data = :defer: Mail Server Upgrade in Progress. Message Queued.
verify = false
from the /etc/exim.conf.buildtest and save the file and then /scripts/eximup --force
To change a VEID from SSH, simply do:
To change a VEID from SSH, simply do:
1- Stop VPS Instance
2- Run: vzmlocal: (Ex: vzmlocal 1050:50)
3 - Start VPS Instance (New ID)
1- Stop VPS Instance
2- Run: vzmlocal
3 - Start VPS Instance (New ID)
How to Install IIS on Windows Server.
Please check following steps to install IIS, Email, FTP, SMTP and ASP.Net on plain windows 2003 server.
First please check if you have folder called "i386" in "C:" of server. If you do not have this folder, please ask respective DC to put this folder on "C:" of server.
Then when you have, please use following steps,
1. From the Start menu, click Control Panel.
2. Double-click Add or Remove Programs.
3. Click Add/Remove Windows Components.
4. In the Components list box, click Application Server.
5. Click Details.
6. Click Internet Information Services Manager.
7. Click Details to view the list of IIS optional components. For a detailed description of IIS optional components, see "Optional Components" in this topic.
8. Select all optional components you wish to install.
First please check if you have folder called "i386" in "C:" of server. If you do not have this folder, please ask respective DC to put this folder on "C:" of server.
Then when you have, please use following steps,
1. From the Start menu, click Control Panel.
2. Double-click Add or Remove Programs.
3. Click Add/Remove Windows Components.
4. In the Components list box, click Application Server.
5. Click Details.
6. Click Internet Information Services Manager.
7. Click Details to view the list of IIS optional components. For a detailed description of IIS optional components, see "Optional Components" in this topic.
8. Select all optional components you wish to install.
Logs:
Logs :
=======
Exim maillog : /var/log/exim_mainlog
Rejection log: /var/log/exim_rejectlog
Server logs : /var/log/messages
Secure logs : /var/log/secure (login logs)
Cron logs : /var/log/cron
Mysql : /var/log/mysqld.log
Apache logs : /usr/local/apache/logs/error_log
: /usr/local/apache/logs/access_log
Cpanel logs : /usr/local/cpanel/logs/error_log
: /usr/local/cpanel/logs/access_log
=======
Exim maillog : /var/log/exim_mainlog
Rejection log: /var/log/exim_rejectlog
Server logs : /var/log/messages
Secure logs : /var/log/secure (login logs)
Cron logs : /var/log/cron
Mysql : /var/log/mysqld.log
Apache logs : /usr/local/apache/logs/error_log
: /usr/local/apache/logs/access_log
Cpanel logs : /usr/local/cpanel/logs/error_log
: /usr/local/cpanel/logs/access_log
All the confiuguration files for the server:
All the confiuguration files for the server:
===============================================
cpanel : /etc/cpupdate.conf (for setting up the cpanel version)
cpanel : /var/cpanel/cpanel.config (configuration values)
exim : /etc/exim.conf
resolver: /etc/resolv.conf
named : /etc/named.conf
yum : /etc/yum.conf
httpd : /etc/httpd/conf/httpd.conf
===============================================
cpanel : /etc/cpupdate.conf (for setting up the cpanel version)
cpanel : /var/cpanel/cpanel.config (configuration values)
exim : /etc/exim.conf
resolver: /etc/resolv.conf
named : /etc/named.conf
yum : /etc/yum.conf
httpd : /etc/httpd/conf/httpd.conf
stats update
stats update
===================
== service cpanel restart
== service crond restart
== /scripts/runweblogs cpanel_usernamemail
===================
== service cpanel restart
== service crond restart
== /scripts/runweblogs cpanel_usernamemail
Upgrading MySQL on the server
======================================================
1. Go to "Tweak Settings" and select the second button for MySQL.
2. /scripts/sysup --force
3. /scripts/mysqlup --force
4. /scripts/perlinstaller --force Bundle::DBD::mysql
5. /scripts/easyapache OR Do it from WHM
1. Go to "Tweak Settings" and select the second button for MySQL.
2. /scripts/sysup --force
3. /scripts/mysqlup --force
4. /scripts/perlinstaller --force Bundle::DBD::mysql
5. /scripts/easyapache OR Do it from WHM
Too many MySQL connections error
Too many MySQL connections error
===========================
= mysqladmin flush-hosts
===========================
= mysqladmin flush-hosts
MySQL sock file not found
MySQL sock file not found
====================
= killall -9 mysqld
= service mysql stop
cp var/lib/mysql/mysql.sock var/lib/mysql/mysql.sock_backup
= rm -f /var/lib/mysql/mysql.sock
= service mysql start
= ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock
= /scripts/restartsrv mysql
====================
= killall -9 mysqld
= service mysql stop
cp var/lib/mysql/mysql.sock var/lib/mysql/mysql.sock_backup
= rm -f /var/lib/mysql/mysql.sock
= service mysql start
= ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock
= /scripts/restartsrv mysql
Restoring databases from .sql file created other from other than Cpanel
1. gzip -d FILENAME.GZ
2. Create MySQL DB's from Cpanel and then execute the following command in SSH :
======== mysql -D DBNAME < sqlfilename
This will insert all data into the DB
2. Create MySQL DB's from Cpanel and then execute the following command in SSH :
======== mysql -D DBNAME < sqlfilename
This will insert all data into the DB
Client not able to see an account in WHM (Account is created on the server)
Client not able to see an account in WHM (Account is created on the server)
==========================================================
Check the following files :
/etc/userdomains => Check if the domain is present in this list
ls /var/cpanel/users/username => Username should be replaced by the actual username
/var/cpanel/users/heramrkt => Check if this file exists
If all the above are giving proper output then run the following :
/scripts/updateuserdomains
==========================================================
Check the following files :
/etc/userdomains => Check if the domain is present in this list
ls /var/cpanel/users/username => Username should be replaced by the actual username
/var/cpanel/users/heramrkt => Check if this file exists
If all the above are giving proper output then run the following :
/scripts/updateuserdomains
Email issues
If a domain is receiving too many mails then login to its Cpanel and check for a default address.
In these cases you can change it to :fail:
OR
Just change all instances of "ctweb" in /etc/valiases/* to :fail:
Just do : replace ctweb :fail: -- /etc/valiases/*
Note : "ctweb" is the primary owner.
In these cases you can change it to :fail:
OR
Just change all instances of "ctweb" in /etc/valiases/* to :fail:
Just do : replace ctweb :fail: -- /etc/valiases/*
Note : "ctweb" is the primary owner.
If Fantastico is missing in Cpanel perform the following steps
If Fantastico is missing in Cpanel perform the following steps
=============================================
In SSH enter these commands :
mkdir /usr/local/cpanel/base/frontend/x/cells
If you get a "File exists" error just ignore
mv /usr/local/cpanel/3rdparty/fantastico/xskin.html /usr/local/cpanel/base/frontend/x/cells/fantastico.html
If you get ANY error after this command, please post in the forums
ln -s /usr/local/cpanel/base/frontend/x/cells /usr/local/cpanel/base/frontend/x2/cells
If you get a "File exists" error just ignore
After you perform these steps you'll see Fantastico in the Cpanel.
If you try to access it you'll get the following error :
"Parse error: parse error, unexpected T_STRING in /tmp/cpanel_phpengine.1128143669.13923515.05532235937 on line 98"
Fix :
Upgrade Cpanel and then run the following command through SSH :
/scripts/makecpphp
=============================================
In SSH enter these commands :
mkdir /usr/local/cpanel/base/frontend/x/cells
If you get a "File exists" error just ignore
mv /usr/local/cpanel/3rdparty/fantastico/xskin.html /usr/local/cpanel/base/frontend/x/cells/fantastico.html
If you get ANY error after this command, please post in the forums
ln -s /usr/local/cpanel/base/frontend/x/cells /usr/local/cpanel/base/frontend/x2/cells
If you get a "File exists" error just ignore
After you perform these steps you'll see Fantastico in the Cpanel.
If you try to access it you'll get the following error :
"Parse error: parse error, unexpected T_STRING in /tmp/cpanel_phpengine.1128143669.13923515.05532235937 on line 98"
Fix :
Upgrade Cpanel and then run the following command through SSH :
/scripts/makecpphp
/home full
Clean out /home and /home2 :
cd /home
locate backup- |grep /home > /root/delete
locate .pureftp* |grep /home >> /root/delete
locate cpmove-* |grep /home >> /root/delete
locate fantastico_backups |grep /home >> /root/delete
deltree -f /home/cprestore/*
deltree -f /home2/cprestore/*
deltree -f /home/cpmove*
deltree -f /home2/cpmove*
=================================
script to clean home
#!/bin/sh
#
#
locate backup- |xargs rm -rf
locate .pureftp |xargs rm -rf
locate cpmove- |xargs rm -rf
locate fantastico_backups |xargs rm -rf
deltree -rf /home/cprestore/*
deltree -rf /home2/cprestore/*
deltree -rf /home/cpmove*
deltree -rf /home2/cpmove*
locate cpanel.TMP |xargs rm -rf
locate .trash |xargs rm -rf
locate error_log |grep home |xargs rm -rf
done
=================================
Also you can find large files using
= cd /home
= find ./ -size +10000k -exec ls -lShr {} \;
= find / -user uname -exec ls -lhSr {} \;
cd /home
locate backup- |grep /home > /root/delete
locate .pureftp* |grep /home >> /root/delete
locate cpmove-* |grep /home >> /root/delete
locate fantastico_backups |grep /home >> /root/delete
deltree -f /home/cprestore/*
deltree -f /home2/cprestore/*
deltree -f /home/cpmove*
deltree -f /home2/cpmove*
=================================
script to clean home
#!/bin/sh
#
#
locate backup- |xargs rm -rf
locate .pureftp |xargs rm -rf
locate cpmove- |xargs rm -rf
locate fantastico_backups |xargs rm -rf
deltree -rf /home/cprestore/*
deltree -rf /home2/cprestore/*
deltree -rf /home/cpmove*
deltree -rf /home2/cpmove*
locate cpanel.TMP |xargs rm -rf
locate .trash |xargs rm -rf
locate error_log |grep home |xargs rm -rf
done
=================================
Also you can find large files using
= cd /home
= find ./ -size +10000k -exec ls -lShr {} \;
= find / -user uname -exec ls -lhSr {} \;
httpd: File size limit exceeded error
File size limit exceeded error
======================
ls -lS /usr/local/apache/domlogs |less
Check for any file that is > 2GB
Then : echo "" > thatfile
service httpd restart
======================
ls -lS /usr/local/apache/domlogs |less
Check for any file that is > 2GB
Then : echo "" > thatfile
service httpd restart
Checking number of apache connections
Checking number of apache connections
===============================
= netstat -an |grep :80
= netstat -autpn | grep :80
= netstat -anop | grep 995
= netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
= netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Block the IP that has too many connections :
= apf -d 203.200.84.194
= iptables -I INPUT -s 123.123.123.123 -j DROP
= route add -host 67.15.111.131 reject
= service httpd restart
= /usr/local/apache/bin/apachectl start
===============================
= netstat -an |grep :80
= netstat -autpn | grep :80
= netstat -anop | grep 995
= netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
= netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Block the IP that has too many connections :
= apf -d 203.200.84.194
= iptables -I INPUT -s 123.123.123.123 -j DROP
= route add -host 67.15.111.131 reject
= service httpd restart
= /usr/local/apache/bin/apachectl start
Deleting logs
Deleting logs
==========
= cd /var/log
= rm -f *.1 *.2 *.3 *.4
= echo "" > messages
= echo "" > exim_mainlog
= echo "" > exim_rejectlog
==========
= cd /var/log
= rm -f *.1 *.2 *.3 *.4
= echo "" > messages
= echo "" > exim_mainlog
= echo "" > exim_rejectlog
FTP not working (Firewall problem)
FTP not working (Firewall problem)
==========================
service iptables save
service iptables stop
OR
iptables -A INPUT -s --sport 21 -j ACCEPT
==========================
service iptables save
service iptables stop
OR
iptables -A INPUT -s
Changing the time on server
Changing the time on server
=====================
date -s 'Sun Nov 27 00:40:00 PST 2005'
OR
date 11270040 (MMDDHHSS)
=====================
date -s 'Sun Nov 27 00:40:00 PST 2005'
OR
date 11270040 (MMDDHHSS)
To block a particular IP range
To block a particular IP range
=======================
apf -d 210.0.0.0/8
apf -d 210.213.0.0/16
apf -d 210.213.100.0/24
= service apf restart
OR
echo "" > /etc/apf/deny_hosts.rules; service apf restart
=======================
apf -d 210.0.0.0/8
apf -d 210.213.0.0/16
apf -d 210.213.100.0/24
= service apf restart
OR
echo "" > /etc/apf/deny_hosts.rules; service apf restart
Copying files from another server using "scp"
Copying files from another server using "scp"
==================================
= scp -pr root@a.b.c.d:/home/filename.gz /home
==================================
= scp -pr root@a.b.c.d:/home/filename.gz /home
Clear the mail queue
Clear the mail queue
================
= exim -bpru|awk {'print $3'}|xargs exim -Mrm
================
= exim -bpru|awk {'print $3'}|xargs exim -Mrm
Command to empty the /tmp
Command to empty the /tmp
======================
= cd /tmp
= chattr +i lost+found; deltree -f *; deltree -f .*; chattr -i lost+found
= ln -s /var/lib/mysql/mysql.sock
= service mysql restart
= /scripts/restartsrv mysql
======================
= cd /tmp
= chattr +i lost+found; deltree -f *; deltree -f .*; chattr -i lost+found
= ln -s /var/lib/mysql/mysql.sock
= service mysql restart
= /scripts/restartsrv mysql
semget error in httpd
Hello,
Whenever you get semget error while restarting httpd. Please do the following
ipcs -s | grep nobody | perl -e 'while () {@a=split(/\s+/); print `ipcrm sem $a[1]`}'
/scripts/restartsrv httpd
Thanks
Whenever you get semget error while restarting httpd. Please do the following
ipcs -s | grep nobody | perl -e 'while (
/scripts/restartsrv httpd
Thanks
Subscribe to:
Posts (Atom)