Showing posts from 2012

NginX reverse proxy

NginX is a high performance, lightweight webserver. In most situations, it is used as an alternative to Apache. However, in the configurations with cPanel, typical protocol is to install it as a reverse proxy. Reverse proxy NginX runs as a reverse proxy server. In a normal proxy situation, a user makes a request to a server through a proxy. The user and the server never interact directly-- the proxy makes the request on behalf of the user. Likewise, the proxy hands the responses from the server back to the user. A reverse proxy works by the same concept-- it's just a proxy that works on behalf of the server instead of the user. Rather than having Apache process requests directly, NginX takes them, finds any requests it is best suited to satisfy (such as static content) and forwards the rest on to Apache. Apache gives its response to NginX, and NginX sends the response to the client. If NginX finds itself able to serve a request directly, it does so and never involves Apache

Fix FTP issue when CSF is installed

Symptom: FTP almost connects but can not get directory listing Fix: It is important when using an SPI ( Stateful Packet Inspection )  firewall to ensure FTP client applications are configured to use Passive (PASV) mode connections to the server. On servers running Monolithic kernels (e.g. VPS Virtuozzo/OpenVZ and custom built kernels), "ip_conntrack" and "ip_conntrack_ftp" iptables kernel modules may not be available or fully functional. If this happens, FTP passive mode (PASV) won't work. In such circumstances you will have to open a hole in your firewall and configure the FTP server to use that same hole. For example, with pure-ftpd you could add the port range 30000:35000 to TCP_IN and add the following line to /etc/pure-ftpd.conf and then restart pure-ftpd: PassivePortRange 30000 35000 For example, with proftpd you could add the port range 30000:35000 to TCP_IN and add the following line to /etc/proftpd.conf and then restart proftpd

How to install Zimbra in CentOS

Prerequisites: 1. You need to configure the DNS entry that is pointing to the server. 2. You need to verify the hostname of the server in the files " /etc/sysconfig/network " and " /etc/hosts ". 3. The machine will need at least 1024mb of memory to run the default Zimbra services. 4. You will need to install some required packages to proceed with the setup and avoid errors further on: *wget – download utility that will be using to download the latest version of Zimbra Open Source Edition. *postfix – an open-source mail transfer agent (MTA) that routes and delivers electronic mail; installation of Zimbra will fail without this package. *ntp – a protocol designed to synchronize the clocks of computers over a network. You can install these packages with the following command: # yum install wget postfix ntp Installation steps: 1. mkdir /download 2. cd /download 3. wget

XML Parsing Error

Sometimes you get the following error message on your website: XML Parsing Error: not well-formed Location: Line Number 17, Column 24: <img src="img/img.gif"alt=""/> "XML Parsing Error" usually occurs when something is trying to read the XML, not when it is being generated. Also, "not well-formed" usually refers to errors in the structure of the document, such as a missing end-tag, not the characters it contains. Also, the error occur due to using of Unicode Character ”( RIGHT DOUBLE QUOTATION MARK ) instead of " (Unicode Character 'QUOTATION MARK) in your codes. Sometimes, this error comes due to the plugin which is used for the RSS feed or the code issue related to RSS feed. Your feed is not well formed according to the XML specification . All feeds must be well-formed XML.  There are several basic approaches to solving this: escaping problematic characters ( < becomes &lt;

spamd failed

If you get the following error: -------- spamd failed @ Sat Jul 25 16:39:14 2015. A restart was attempted automagically. Service Check Method:  [check command] Cmd Service Check Raw Output: Spamd is not running -------- Fix: You can follow the below mentioned steps to avoid that: ------- 1. Deleted the old file '/var/run/chkservd/spamd'. 2. Restarted  chkservd service. 3. Run the script /scripts/fixspamassassinfailedupdate. ------- Monitor the logs /var/log/chkservd.log . grep for "Restarting spamd". If you cannot find any such details that means the spamd is running fine now without sending any failure notices.

How to upgrade/downgrade MySQL version in cPanel server

You can easily change the major version of MySQL running on your server through WHM, keeping in mind that the actual version will be dependent on what cPanel has released in their repository. WHM >> Software >> MySQL Upgrade >> Select between "MySQL 5.1" or "MySQL 5.5" To change the MySQL version below 5.1, edit the file /var/cpanel/cpanel.config and look for this line: mysql-version=5.1 Then change the version number to the major version that you want to downgrade to. For instance, 4.0, 4.1 or 5.0. Then save the file and run the following script: # /scripts/mysqlup --force Now re-run apache build (easyapache) script so it can build php-mysql connector: # /scripts/easyapache  The method described would be performed at one's own risk. A manual downgrade is not recommended and can incur significant risk when attempted on an existing system. A full backup of the MySQL data directory is advised, and for a proper downgrade one sh

cPanel changes through shell commands

Contact Information & Preferences Change the email address inside of cPanel for alert emails. # grep CONTACT /var/cpanel/users/username Modify the above lines in the users file and run: /scripts/updateuserdomains Email Notification settings Modify the below lines to affect emails being sent on quota hits. # grep notify /home/username/.cpanel/contactinfo Change Style # grep RS /var/cpanel/users/username Change the above line and run /scripts/updateuserdomains Change Language # grep LANG /var/cpanel/users/username Change the above line to the language of choice and run /scripts/updateuserdomains Change Owner # grep OWNER /var/cpanel/users/username Owner should be set to root for a shared account or the reseller user for a reseller/resold account. Run /scripts/updateuserdomains after making any changes to the owner. Email Accounts List all Email accounts. # user=ausisdha; gawk -F":" '{ print $6 }' /home/$

strace command

strace can be seen as a useful diagnostic and instructional debugger. It allows a programmer/user to quickly find out how a program is interacting with the OS. It does this by monitoring system calls and signals. Syntax: strace -tf -s 1000 <command> The above syntax include timestamps, follow forks, increase string size to 1000 characters. You can reduce the set of calls returned to just those dealing with network, file access, reads, and writes as follows: strace -tf -s 1000 -e trace=file,network,write,read <command> Reading strace output: Each line in the output represents a system call. They follow the format: system_call(argument1, argument2, ... ) = return_value execve - the arguments show the path to the command being run followed by a list of arguments (the command itself is argument 0) brk - the process requests memory access - check to see if the file is able to be read and/or written to open - open the file specified read - read the conten

DNS Errors

1. rndc: connect failed: connection refused This error may appear on Centos 6.3+ when named is unable to bind to port 953 for rndc. This is caused by the named init script not being configured properly for "portreserve" and can be fixed using the following steps: # mv -v /etc/init.d/named /etc/init.d/named.prfixbak # yum -y reinstall bind # service named stop # service portreserve restart # service named start 2. Using named-checkzone to check for errors named-checkzone will check a given DNS zone for errors. # named-checkzone /var/named/ 3. Flush local DNS cache The local DNS cache can be flushed, thereby forcing an actual domain name lookup. You can do it using following steps: In Linux : Open up a root terminal window (ctrl T in gnome). Type the following command and hit enter. # /etc/init.d/nscd restart Restart your application (e.g. browser or email). In Windows: Run the following on command promp

SQL Injection

What is SQL Injection SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database. SQL Injection Example: Below is a sample string that has been gathered from a normal user and a bad user trying to use SQL Injection. We asked the users for their login, which will be used to run a SELECT statement to get their information. MySQL & PHP Code: // a good user's name $name = "avi";  $query = "SELECT * FROM customers WHERE username = '$name'"; echo "Normal: " . $query . "<br />"; // user input that uses SQL Injection $name_bad = "' OR 1'";  // our MySQL query builder, however, not a very safe one $query_bad = "SELECT * FROM customers WHERE username = 

How to configure Master Slave replication in MySQL

Replication enables data from one MySQL server, called the master to be replicated to one or more MySQL servers, called slaves. MySQL database replication is used to spread the load among multiple slaves to improve performance. MySQL allows slave nodes to have read access on the replicated databases. This means, that you can load balance the requests so that the master will handle the write requests while the slave(s) will manage the reading. I suppose MySQL is already installed in the Master as well as slave server. Now, follow the steps to configure Master Slave replication: Master server Setup: 1. Login to the MySQL shell and create a new user for replication using following queries: [root@master-node~] # mysql mysql> GRANT REPLICATION SLAVE ON *.* to 'replication_user'@'%' IDENTIFIED BY 'repl_password'; mysql> FLUSH PRIVILEGES; mysql> quit; 2. Dump the data from the Master server and copy it to the Slave server using mysqldump: [ro

SSH keys

SSH Keying through Linux, Mac OS X SSH keys are fairly simple to setup and can be done so even simpler when using a native terminal application, such as the terminal in OSX. Here's how! In terminal, type the following command: ssh-keygen -t dsa This will ask you a few questions, the defaults for which are just fine, no passcode is necessary. This will generate a key in the ~/.ssh/ directory. Now we just need to get that file up to the server. You can do this using scp or rsync, I'll give rsync as an example here. rsync -av -e "ssh" ~/.ssh/ root@IP_address:.ssh/authorized_keys In the event your server uses a non-standard port for ssh, you can specify this inside the quotes around ssh, an example for port 2222 is below. rsync -av -e "ssh -p 2222" ~/.ssh/ Once running this command you will be prompted for your root password as rsync creates an SSH connection to tra

Merge two MySQL databases

To copy data from a table to another table in two MySQL databases, both the databases need to exist on the same account. Method 1: Using Cpanel From cPanel, click on phpMyAdmin icon. Click on the SQL tab at the top. You will see where it says, 'Run SQL query/queries on server "localhost":' In the text box below that, insert the following code, but replace DB1 and DB2 with the database names. Also, replace TABLE1 with the table name you are trying to merge. INSERT INTO DB1.TABLE1 SELECT * FROM DB2.TABLE1 Click on Go button. Repeat for any other tables you want to merge. Method 2. Through Shell (SSH) From SSH, you need to type the command to access mysql. Here is the format, but replace MYNAME with your username and PASS with your password. mysql -u MYNAME -pPASS Now type the following code, but replace DB1 and DB2 with the database names. Also, replace TABLE1 with the table name you are trying to merge. INSERT IN

cPanel and Plesk Log file locations

cPanel/WHM Initial Installation Errors: »» /var/log/cpanel*install* These log files contain verbose logs of the cPanel installation, and should be the first point of reference for any issues which might occur ‘out of the box’ with new cPanel installations. cPanel/WHM Requests and Errors: »» /usr/local/cpanel/logs/error_log cPanel logs any error it incurs here. This should always be the first place you look when you encounter errors or strange behavior in cPanel/WHM. »» /usr/local/cpanel/logs/license_log All license update attempts are logged here. If you run into any license errors when logging in, check here. »» /usr/local/cpanel/logs/stats_log The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here. »» /usr/local/cpanel/logs/access_log General information pertaining to cPanel requests is logged here(Client Information, Request URI) cPanel/WHM Update Logs »» /var/cpanel/updatelogs/up

Advanced Linux Commands for system Administration

top → The top program provides a dynamic real-time view of a running system activity vmstat → System Activity, Hardware and System Information w → Find Out Who Is Logged on And What They Are Doing uptime → Tell How Long The System Has Been Running ps → Displays The Processes free → Memory Usage iostat → Average CPU Load, Disk Activity sar → Collect and Report System Activity mpstat → Multiprocessor Usage ss → Command is used to dump socket statistics netstat → Network Statistics strace → System Calls mtr → Combines the functionality of the traceroute and ping programs in a single network diagnostic tool. lsof → list open files, network connections and much more. psacct → to keep a detailed audit trail of what’s being done on your Linux systems ac → The ac command displays statistics about how long users have been logged on. lastcomm → The lastcomm command displays information about previous executed commands. accton

Linux Commands For Handling Users

adduser:- Command used to add user accounts. chage:- Used to change the time the user's password will expire. chfn:- Change a user's finger information chsh:- Change a user's shell chgrp: -Changes the group ownership of files. chown:- Change the owner of file(s ) to another user. gpasswd:- Used to administer the /etc/group file. groupadd:- Create a new group. grpconv:- Creates /etc/gshadow from the file /etc/group which converts to shadow passwords. grpunconv:- Uses the files /etc/passwd and /etc/shadow to create /etc/passwd, then deletes /etc/shadow which converts from shadow groupdel:- Delete a group groupmod:- Modify a group groups:- print the groups a user is in grpck:- Verify the integrity of group files. id:- Print group or user ID numbers for the specified user. newgrp:- Allows a user to log in to a new group. newusers:- Update and create new users in batch form. passwd:- Used to update a user's password. The command "pass