NiyasHussain.com

It is  working for me [ some times]. also you can modify the command with the most used attacking words like wget, etc

find /usr/local/apache/domlogs/ -exec egrep -H ‘(wget|curl|lynx|wget)%20′ {} \;

If the main shared IP is null routed, another IP should be added to the server and it should be made as the main shared IP. For that we need to
1. Edit zone files to reflect the new IP for the domains hosted in the old main shared IP
2. Edit httpd.conf and replace old IP with new one

Editing the zone files
@@@@@@@@@@@@@@@@@@@@@@@

Step 1
======
Finding the list of zone files which are needed to be edited. It can be found out from the same servers /var/named

script to list zone files
————————–

##################################
#!/bin/bash
cd /var/named
ls -l|awk ‘{print $9}’ > zones
##################################

Now the file “zones” will contain all the zone file list.

Step 2
======

scp the file “zone” to the dns server (if your DNS server is not the same server) and put it in the /var/named folder

Step 3
======

Now we need to take each domain from the file /var/named/zones which we put earlier and replace old IP with new IP

Script for that
—————

###################################
#!/bin/bash
for i in `cat /var/named/zones`
do
perl -pi -e ’s/<old_ip_address>/<new_ip_address>/’ $i
done
####################################

then reload the named   BEWARE !!!!!! DONT RESTART ONLY RELOAD

/etc/init.d/named reload

Editing httpd.conf
@@@@@@@@@@@@@@@@@@

Now we have to make similar change on the servers httpd.conf so that all the entries of the <old IP> should be replaced with the <new IP>, that can be accomplished by a simple one liner perl script

#############################################################################

perl -pi -e ’s/<old_ip_address>/<new_ip_address>/’ /etc/httpd/conf/httpd.conf

#############################################################################S

After that restart apache

/etc/init.d/httpd restart

Now it will take a few hours for DNS propagation…….thats all the issue is fixed…..  

Hello,

Quite few times your server’s main/shared IP address may get black listed by most of RBLs due to x reasons.
In such situations, it would be very difficult to receive/send some important emails due to this black list.
In such situation a quick solution is to route the emails through a secondary IP address on the same server which is not black listed under those RBLs.

The mail server on cpanel i.e exim allows you to change the default IP address used by the mail server so that you would be able to route all emails through this new secondary IP address.

Here are the step by step instructions for you to configure your exim mail server to use new IP address.

Step 1 : Shutdown the exim service.
# service exim stop or /etc/init.d/exim stop

Step 2 : Edit your exim configuration file.
# vi /etc/exim.conf

Step 3: go to “remote_smtp” section under “TRANSPORTS CONFIGURATION”.
By default it would look like below:

Quote:
remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_ho stname}}
Step 4 : Remove or comment line containing “interface” and “helo_data” and add new “interface” to match with that of your new IP address. It should look like as follows:
Quote:
remote_smtp:
driver = smtp
interface = 12.12.12.12 # Your IP address.
Step 5 : Save your changes and exit out from your exim configuration file.

Note : Dont forget to set read only attributes on exim configuration file, so that it wont get reset to default automatically.

You can do it using following command:
# chattr +aui /etc/exim.conf

Step 6 : start exim service on your server.
# service exim restart or /etc/init.d/exim restart

Step 7 : Make sure to set reverse DNS for this new IP address to point a valid FQDN.

Step 8 : Try sending a test email and you will find that, it was sent using this new IP address configured under your exim configuration.

You can verify it by checking the header of new email under exim’s log file i.e /var/log/exim_mainlog

I have encountered some common apache starting troubles regularly. This will help you fix that issue.

1)Perl process listening on port 80 and 443

If any other process listening on port 80 and 443 apache won’t start.To check  port 80 and 443 running for another process.

lsof -i TCP:80 | awk ‘{print $2}’ |xargs kill -9
lsof -i TCP:443 | awk ‘{print $2}’ |xargs kill -9

So kill those process first.

root@server204: lsof -i TCP:80 | grep perl | awk ‘{print $2}’ |xargs kill -9

root@server204: lsof -i TCP:443 | grep perl | awk ‘{print $2}’ |xargs kill -9

Then start apache

#/etc/init.d/httpd start

2)Semaphore issue.

Sometimes semaphores will cause trouble. To kill those semaphore,

ipcs -s | grep nobody | perl -e ‘while (<STDIN>) { @a=split(/\s+/); print `ipcrm sem $a[1]`}’

and start apache

#/etc/init.d/httpd start

Also if your log rotates are not working, apache will give internal server error. Make sure that log rotates working fine or delete the log files manaully from

/usr/local/apache/logs

/usr/local/apache/domlogs

This command will be useful to kill php zombie process.

ps -ef | grep mailnull | grep -v grep | awk ‘{print “kill -9″, $2}’ | sh

replace mailnull with particular proces name which has zombie

It workzz!!!!

To redirect the site using php, add these lines into index.php

<?php

header( ‘Location: http://www.yoursite.com/new_page.html’ ) ;
?>

Replace yoursite.com/new_page.html with your destination site URL.

Go to WHM >> rvsitebuilder manager >> System Configuration, and add .mp3 on ‘Allow upload document file extension’ and ‘Allow upload media file extension’. In new version it will automatically add it without the admin intervention.

Removing Old Nameserver (BIND 4)

In the event that your distribution already comes with BIND 8, then all you need to do is find out how the configuration works, and/or put in entries for machines that the Linux box will be the nameserver for. I think Slackware comes with BIND 8. I don’t know about Debian. Most new distributions (including Red Hat 5.2) will already have BIND 8 so you’ll probably have to look for the configuration file and how it has been pre-configured.

I had to remove the old nameserver first, so it wouldn’t get in the way of the new one. It’s fine to remove it and replace it with a new one; there aren’t any other packages that really depend on it.

Using Red Hat 5.1, I typed rpm -e bind bind-utils caching-nameserver. That removed all the old packages. Be careful about this, especially about bind-utils, because bind-utils contains the tools such as dnsquery and nslookup that you might be using fairly often. Red Hat 5.2 already has BIND 8.
Installing New Nameserver (BIND

First, download BIND from ftp.isc.org. If you’ve got it on your system already, then you don’t need to get BIND 8 unless you want to make a minor upgrade. The filename is something like bind-8.1.2-src.tar.gz, which says that it’s BIND version 8.1.2 in source format (which you have to compile on your system). I’ll work with the source version since that’s what I usually do anyway.

After you have it on your system, type tar -zxvf bind-8.1.2.tar.gz. It will extract a directory called src/ and that’s where you go into. Simply type “make” and have it compiled for you. If you need anything to be tweaked then read the INSTALL file (less INSTALL) and find what you need. After it finishes compiling, type make install.
Configuration: /etc/named.conf

Configuring the nameserver was probably the hardest part of the process that I had to go through. Hopefully, what I’ve written up about what I learned will save the reader some trouble.

The main BIND 8 configuration file is in /etc/named.conf. The configuration syntax for the file is documented at http://www.isc.org/bind8/config.html. Here’s a sample of a configuration file (as /etc/named.conf), with an explanation below.

/*
* A simple BIND 8 configuration
*/

options {
directory “/var/named”;
};

zone “penguincomputing.com” in {
type master;
file “master/penguincomputing.com”;
};

zone “0.0.127.in-addr.arpa” in {
type master;
file “zone/127.0.0″;
};

zone “.” in {
type hint;
file “named.cache”;
};

In “options” I only had one option: where the directory for zone files were. Zone files are where information about domains is stored, and each file has information about a zone. It’s a section to cover, I guess, so that’s why they’re called zones. I have /var/named/ as my named data directory.

The “penguincomputing.com” section is pretty straightforward. It just indicates the location of the penguincomputing.com zone files and tells named that this server is a master nameserver for the penguincomputing.com zone.

The “0.0.127.in-addr.arpa” zone is for mapping localhost to 127.0.0.1, basically. It has its own zone file.

The “.” zone indicates a caching nameserver; that is, someone can actually use your machine to resolve hostnames (including you). I’ve heard that is is efficient especially when using PPP connections, but I don’t know for sure. Read the “Caching Nameserver” section to read up on how to create one.
Caching Nameserver

First you need to get a “named.cache” file. I’m not sure if you can name it anything else, but let’s just use that filename. In /var/named/ (or wherever you put your nameserver’s data files), type dig @a.root-servers.net > named.cache. This will ask for the addresses of the main DNS servers of the Internet and direct them to a file. I’m guessing that the purpose of this is to give your machine an idea of which machines on the Internet to ask about hosts.

Periodically, like once a month, update the named.cache file by running that command once in a while. You can use a cron job for that. If you don’t know what I’m talking about here, don’t worry about it. Just be sure to update it using dig once in a while, that’s all you have to do.

You have /etc/named.conf point to wherever your named.cache file is under the “.” zone.
Zone Files in /var/named/

In /var/named/, I created directories for every type of zone I had. The directories I have in there are: master, slave/, and zone. With the domain name system, there is a server for each domain that is the main server (the master). I suppose that the slave server is there in case the main (master) server is down. For each domain there should be at least 2 servers, one master and one slave. That’s just the way it goes.

While interning at Penguin Computing I set up both the master and slave DNS servers. The master’s information should go in the master directory. You should be able to figure out where the slave’s information goes. The information they store is the same, but since one machine is the main one that keeps the information (master) and the other simply follows the master’s information (slave), you need to stay organized and make sure you’re configuring the right machine for its right place in the nameserver system.

Note that the slave nameserver for one domain can also be the master nameserver for another domain. There just can’t be two masters for a single domain, though I think there can be several slaves.
Examples of Zone Files

To figure something like this out, I was looking hard for examples. And examples really help, so hopefully you won’t be too confused by my examples. Hey, I try.
Domains

The information for each domain is put in a single file. This file contains valuable information for each domain, such as machines that are under that domain (like, for the penguincomputing.com domain, the nameservers would have the information for what IP address pasta.penguincomputing.com gets and the one that antarctica.penguincomputing.com gets). Here’s an example of a domain’s records:

@ IN SOA penguincomputing.com. root.penguincomputing.com.
(
1998082403 ; serial
4H ; refresh, seconds
2H ; retry, seconds
1W ; expire, seconds
1D ) ; minimum, seconds
NS pasta.penguincomputing.com.
NS rice.penguincomputing.com.
MX 10 penguincomputing.com. ; Primary Mail Exchanger

localhost A 127.0.0.1
router A 140.174.204.2

penguincomputing.com. A 209.81.10.250
ns A 209.81.10.250
www A 209.81.10.250
ftp CNAME penguincomputing.com.
mail CNAME penguincomputing.com.
news CNAME penguincomputing.com.
pasta CNAME penguincomputing.com.
slashdot CNAME penguincomputing.com.
rice CNAME antarctica.penguincomputing.com.
antarctica A 209.81.10.252
antarctic CNAME antarctica.penguincomputing.com.
www.antarctic CNAME antarctica.penguincomputing.com.
www.antarctica CNAME antarctica.penguincomputing.com.
zork A 209.81.10.253
tux A 209.81.10.146
xfce A 209.81.10.252

@ TXT “Penguin Computing”
@ HINFO Linux 2.0.34

There’s a pretty weird syntax to be used for these zone files. I never would have figured it out on my own had I not read the Linux DNS HOWTO document. Basically, it specifies information about all the machines in the domain, and it contains information about the domain itself, such as the type of machine the server is running on.

I’ll start explaining what all the stuff does. In the first line, it’s saying that this file specifies the zones for the penguincomputing.com domain, and to send anything about the domain to root@penguincomputing.com. Since the “@” character has special significance in these zone files, the username (root) and machine name (penguincomputing.com) have to be separated by a dot. I guess BIND just knows how to split it up. That’s how you fill in stuff for your domain as well.

The line with the comment “serial” shows the serial number of that domain. The syntax is YYYYMMDDRR; that is, a four digit year, two digit month in numerical form, two digit day format, and a two digit revision number. In this example (1998082403), it shows that the zone file was last modified on August 24, 1998. It’s the third revision for that day. When you’re changing anything in the file, make sure to increase the revision number by one if the previous change was on the same day. If I were to change the IP of one of the hosts, I would make the last two numbers, currently 03, to 04.

The next few lines show times for certain functions such as refreshing, retrying, and expiring the information. I’m not absolutely sure, but my best guess is that H stands for hour, D stands for day, and W stands for week.

The “NS” line indicates all the nameservers for that particular domain, including the one this information is on. This information has to match what has been registered with InterNIC. For the hostnames of the nameservers, remember to add a dot at the end. If you don’t, it will add the hostname to the current domain. For example, if you forgot the dot at the end of pasta.penguincomputing.com, you would end up with the nameserver being pasta.penguincomputing.com.penguincomputing.com, which is obviously not what it’s supposed to be. Watch out for this.

The MX file is the Mail eXchange record, so that mail can get through to the domain. There should also be an entry in /etc/sendmail.cw to allow messages coming in from that domain (assuming you’re using Sendmail, the default on many Linux systems, for mail transfer).

The next couple of lines point to the local loopback (127.0.0.1), which all Linux systems should have even if they aren’t connected to a network. The “router” line points to the IP address of where the machine’s Internet connection is. I’m not sure if it’s really necessary but I was playing it safe back then and trying to copy the example from the DNS HOWTO as closely as possible.

The rest of the entries use either A (address) or CNAME (Canonical Name) to point hostnames to IP addresses. Note that hostnames can be mapped to other hostnames, or they can be mapped to IP addresses. Use A to map a name to an IP address, and CNAME to map a hostname to another hostname (which must be mapped to another IP address).
Localhost

The file for mapping localhost is pretty simple. Not much explanation needed. Of course, if you want to copy and paste, be sure you make the proper changes.

@ IN SOA penguincomputing.com root.penguincomputing.com (
1998072401 ; Serial number
3H ; Refresh
1H ; Retry
604800 ; Expire
86400) ; Minimum TTL

NS pasta.penguincomputing.com.
NS rice.penguincomputing.com.

1 PTR localhost.

Reverse Mapping

This file looks similar to the zone file for the domains, but it provides the opposite function. It points IP addresses to hostnames (as opposed to vice versa), because many servers on the Internet do this thing called reverse lookup on the IP address of your hostname to make sure that you’re not doing anything sneaky.

This is for the zone “209.81.10″ specified in the sample configuration file. Note that my example is not complete, nor does it work in reality, because Penguin Computing doesn’t own the whole block of “209.81.10.*”. But this is how you’d fill in a file to resolve your IP addresses to hostnames if you owned the entire block of IP addresses.

@ IN SOA penguincomputing.com. root.penguincomputing.com. (
1998072002 ; Serial
4H ; Refresh
2H ; Retry
604800 ; Expire
86400) ; Minimum TTL
NS pasta.penguincomputing.com.
NS rice.penguincomputing.com.
;
; Servers
;
250 PTR pasta.penguincomputing.com.
250 PTR penguincomputing.com.
250 PTR ftp.penguincomputing.com.
250 PTR www.penguincomputing.com.
250 PTR mail.penguincomputing.com.
251 PTR rice.penguincomputing.com.

;
; Workstations
;
252 PTR antarctica.penguincomputing.com.
252 PTR antarctic.penguincomputing.com.

If you were to fill in an actual zone file like this, it’s necessary to fill in all the entries in your block of IP addresses, from 1 to 255. For something like that you may want to assign the task to anyone who looks bored.

So what should you do if you only own a domain but not the block of IP addresses that it’s part of? Ask the people who are in charge of that block of IP addresses to map your IP addresses to their respective hostnames for you.

To start
/usr/local/cpanel/3rdparty/mailman/bin/mailmanctl start,

To stop
/usr/local/cpanel/3rdparty/mailman/bin/mailmanctl stop

The –bwlimit option limit I/O bandwidth. You need to set bandwidth using KBytes per second.
You need to set bandwidth using KBytes per second. For example, limit I/O banwidth to 10000KB/s (9.7MB/s), enter:
# rsync –delete –numeric-ids –relative –delete-excluded –bwlimit=10000 /path/to/source /path/to/dest/
For more details you can check http://www.cyberciti.biz/faq/throttle-disk-io-rate-limit-disk-io

To disable ping

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
To enable ping
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

Many a times we have a requirement where by we want to make a pager refresh by itself at a certain interval. We may also want to redirect the page to another page after a certain amount of time. I know we can do this with the help of Asp.Net Ajax Extension’s Timer control. But that can only be used when you are using Ajax in your page and more importantly should be used when you have requirement to update some small section of the page. For this requirement we can simply use a Meta tag in the Page header.

To refresh the page after a certain period of time, we can use the meat tag refresh. Here is how to use the tag (The tag should be added in the Head section of the page).

<meta http-equiv=”refresh” content=”300″>

The content attribute defines the time in second after which the page should refresh. So in the example the page would refresh after every 5 minutes.

To redirect the page to another page after certain time we can modify Meta tag like this.

<meta http-equiv=”refresh” content=”2;url=http://www.niyashussain.com”>

Here the page will be redirected to given URL after the time mentioned (2 seconds here) in the content (attribute) before URL here.

Type mount command to display filesystem type such as ext2, ext3 and so on…
Quote:
mount
Sample output:
Quote:
/dev/sdb1 on / type ext3 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
/sys on /sys type sysfs (rw,noexec,nosuid,nodev)
/dev/sdb5 on /media/docs type ext3 (rw)
/dev/sdb3 on /media/isomp3s type ext3 (rw)
/dev/sdc1 on /media/backup type ext3 (rw)
/dev/sdb1 is mounted on / and type is ext3 fs.

u can also use command
Code:

less /proc/mounts

is it ok to clean up all directory n files on /tmp?

clean all I think no, becoz some are used by the system and your user.

You may need to use a command called tmpwatch which removes files which haven’t been accessed for a period of time. Normally, it’s used to clean up directories which are used for temporary holding space such as /tmp.

Following code will remove all files/dirs from /tmp if they are not accessed in last 2 weeks (24 * 14 days = 336)

tmpwatch –mtime –all 336 /tmp

also

tmpwatch -auv 1 /tmp

Make sure that you have installed “tmpwatch” in the server using yum or rpm method.

• Backup mysql db using Cron.

    date=`date -I` ; mysqldump -uusername -pthepass .all-databases | gzip >
    /home/linux/mysql_$date.sql.gz

• Replace username and thepass with the correct username and the pass.
• The user need to have access to the database being taken for backup.

Check the URL http://dev.mysql.com/doc/refman/5.0/en/access-denied.html

Cpanel-perl-upgarde-steps

To check what is the perl version on your system, use

perl -v

If you need to upgrade your perl installation

* Copy and paste this to a file and run the file using sh command.

wget http://layer1.cpanel.net/perl587installer.tar.gz
tar xfz perl587installer.tar.gz
cd perl587installer
./install
/scripts/upcp
/usr/local/cpanel/bin/checkperlmodules
perl -v

* Cpanel Latest Perl installer and Latest cPanel/WHM Build

Please visit the url layer2.cpanel.net

cd /usr/local/
wget http://www.boutell.com/gd/http/gd-2.0.9.tar.gz
tar -xvzf gd-2.0.9.tar.gz
cd gd-2.0.9
cd ..
ln -s gd2.0 gd

Adding GD Support to PHP

Use the configure command used last time and add –with-gd=/usr/local/gd

If you already have an older version of gd in /usr/lib and /usr/include, you may wish to use:

./configure –prefix=/usr

To ensure that your new installation overwrites the old.