NiyasHussain.com

An Apache module for embedding the Python enterpreter within the Apache server, like mod_php which is the most common way of deploying PHP on a web server. Mod_python is more powerful in the way that it gives more access to Apache internals so you can do more advanced stuff. But this is a problem in
a shared environment because it’s possible to do things to Apache that will affect other websites using the same Apache instance.

Apache modules run as the user name “Nobody” which means, if a file was writable, any client on the server using mod_python would be able to overwrite other clients files which is a security risk on a shared
environment.

I have encountered some common apache starting troubles regularly. This will help you fix that issue.

1)Perl process listening on port 80 and 443

If any other process listening on port 80 and 443 apache won’t start.To check  port 80 and 443 running for another process.

lsof -i TCP:80 | awk ‘{print $2}’ |xargs kill -9
lsof -i TCP:443 | awk ‘{print $2}’ |xargs kill -9

So kill those process first.

root@server204: lsof -i TCP:80 | grep perl | awk ‘{print $2}’ |xargs kill -9

root@server204: lsof -i TCP:443 | grep perl | awk ‘{print $2}’ |xargs kill -9

Then start apache

#/etc/init.d/httpd start

2)Semaphore issue.

Sometimes semaphores will cause trouble. To kill those semaphore,

ipcs -s | grep nobody | perl -e ‘while (<STDIN>) { @a=split(/\s+/); print `ipcrm sem $a[1]`}’

and start apache

#/etc/init.d/httpd start

Also if your log rotates are not working, apache will give internal server error. Make sure that log rotates working fine or delete the log files manaully from

/usr/local/apache/logs

/usr/local/apache/domlogs

* What is suEXEC?

The suEXEC feature — introduced in Apache 1.2 — provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web-server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server.

Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs. However, if suEXEC is improperly configured, it can cause any number of problems and possibly create new holes in your computer’s security. If you aren’t familiar with managing setuid root programs and the security issues they present, we highly recommend that you not consider using suEXEC.

Sample hello world script

#!/usr/local/bin/perl
# hello.pl — my first perl script!
print “Content-type: text/html\n\n”;
print “Hello, world!\n”;
——————————————–

* Check domain/apache error log file.
* Check /var/log/apache/suexec.log file that should give a solution.
* Upload your Perl script in ASCII mode.
* Set the permission of the file to 755, which allows the script to be executed by everybody.

Tracking Errors in the Script

perl -wc helloworld.pl

Will cause the Perl interpreter to check your script for syntax errors.

Running it without the syntax check options:

perl -w helloworld.pl

* If something strange has gone wrong with your program and youâre not sure where you should look for help, try the -w switch first. It will often point out exactly where the trouble is.

Add these lines into httpd.conf file

RLimitMEM 1220953088  (can change the value)
RLimitCPU 240

Explanation:

If you are using cPanel/WHM then you’ve got an option in your WHM to limit memory usage by apache processes (RLimitMEM), the option is under Security -> Modify Apache Memory Usage.

This option executes the script: /scripts/apachelimits. It works fine on dedicated systems, it reads the /proc/meminfo file for the currently installed memory and sets the limit accordingly.

Unfortunately the script is useless on a VPS, since a VPS uses a part of the system memory. As a result, the generated values are wrong and cause problems for many people.

I’ve written a perl script, based on the original cPanel apachelimits, which is for VPS servers hosted by Jag. The script will properly give you the setting based on the memory your VPS is allowed to use.

The script does NOT modify your configuration, it just prints the setting and it lets you copy/paste it, just in case you are not happy with the result.

Just copy/paste the following code into a file, make it executable with “chmod +x file.pl” and run it with “./file.pl”. You may also place it in your ~/bin directory if you want to frequently run it.

#!/usr/bin/perl
use lib ‘/scripts’;
use SafeFile;

print “\nSearching for VPS Memory Limit………….: “;
$file = ‘/proc/user_beancounters’;
open(INFO, $file);
@lines = <INFO>;
close(INFO);

$lines[9] =~ s/\s+/:/g;
print $lines[9].”\n”;
@words = split(/:/, $lines[9]);
$size = $words[4];
print “Found VPS memory limit (estimated)………: “.int($words[4]/1024*4).” MB\n”;

$lines[8] =~ s/\s+/:/g;
@words = split(/:/, $lines[8]);
print “Current VPS memory usage (estimated)…….: “.int($words[2]/1024*4).” MB\n”;

print “Calculating RLimitMEM………………….: “;
$size = int( $size / 2 );
$size = int( $size * 1024 );
print “$size”;
$size = int( $size / 3 );
print “, $size\n”;

$meg = int( $size / ( 1024 * 1024 ) );
print “Suggested apache child process limit…….: “.$meg.” MB\n\n”;
print “You may add the following into your /etc/httpd/conf/httpd.conf:\n\nRLimitMEM “.$size.”\n\n”;