الجمعة، 28 مايو 2010

How to start IPs on the server if they are assigned but not working

There are instances when additional IPs are assigned to a certain server but they still do not ping or respond, and only the main IP of the server pings. For Cpanel based servers you will find them assigned at below link as well :
WHM >> IP Functions >> Show IP Address Usage
You can verify the IPs on shell using below command to see if they are attached to the virtual network interfaces are not :

ifconfig -a

Now if you find that additional IPs are not appearing , then you can make them available using below command :

service ipaliases start

How to Install rkhunter (Rootkit Hunter)


rkhunter is a good tool for server security audit, either you are doing a general proactive error or in a suspicion of server compromise.
Its easy to install and use , you can install rkhunter following below steps :
Note : It do not give accurate results in VPS environment so its only recommended for Physical servers.
Installation steps :

#switch to source directory
cd /usr/local/src
#download source
wget http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.3.6/rkhunter-1.3.6.tar.gz?use_mirror=nchc
#untar (according to version number and file name)
tar -xzvf rkhunter-1.3.6.tar.gz
#Installation
cd rkhunter-1.3.6
./installer.sh --install

#Running a scan (you can run ' rkhunter --help' to see detailed options available )
rkhunter --check

The scan will give you result of scans on console, saying ok or giving warning etc for different checks (like rootkit files check, check for malware, network etc), pausing for you to press enter before performing each set of test. You can review the results on the console in real time and if you have any doubt about any output, you can search on internet for that or consult a system administrator. Or you can drop a comment and I will try to help/guide with any issues you might have.
It logs all the output in below file, so you can review that file at any time after completing the scan :

/var/log/rkhunter.log

Have a happy security audit

Mysql databases showing 0MB disk usage in Cpanel


If you are facing a problem where databases in the Cpanel account are showing 0Mb disk usage, then usually its caused by the related Cpanel configuration being set to 0 (zero).
You can check this by finding the value of parameter ‘disk_usage_include_sqldbs‘ in the cpanel.config file using below :

root@CpanelServer [~]# grep disk_usage_include_sqldbs /var/cpanel/cpanel.config
disk_usage_include_sqldbs=0
root@CpanelServer [~]#

If its 0 like in above case, then edit the Cpanel config file at /var/cpanel/cpanel.config and update this parameter and set it to 1 and save the config file.
After that use below command to update the cache :

/scripts/update_db_cache

appy security audit :)

How to install extension Managers on Cpanel Server

Many don’t know that you don’t need to run EasyApache to install EAccelerator, IonCube Loader, Zend Optimizer, SourceGuardian, or SuHosin. Why waste your time?
You can use /scripts/phpextensionmgr to install or uninstall these modules!
# /scripts/phpextensionmgr list
Available Extensions:
EAccelerator
IonCubeLoader
Zendopt
SourceGuardian
PHPSuHosin

So, if you wanted to install Zend Optimizer, you’d run:
# /scripts/phpextensionmgr install Zendopt
Installing Zendopt
Determining PHP version
Installing Zend Optimizer binary
Activating Zend Optimizer in /usr/local/lib/php.ini
Zend Optimizer activated
Skipping install to /usr/local/php4, missing php.ini





Easy peasy. :)

cPanel: Install SPF record with command

If you have cPanel server and wish to add SPF record in one shot, there is a command come with cPanel to allow you to done it without modify each of the DNS record.
The command line will be as below where cPanel_username should represent your cPanel's username.

 
 
 /usr/local/cpanel/bin/spf_installer cPanel_username
 
Example,

/usr/local/cpanel/bin/spf_installer mickgenie



It will result the DNS zone added the following line,
 "v=spf1 a mx ip4:110.4.45.74 ?al



"v=spf1 a mx ip4:110.4.45.74 ?al

Redirecting using .htaccess

Using htaccess for redirection.


Some useful information about Redirection using .htaccess.

Apache web server provides several way for setting up redirects. The most simple one is using the “Redirect” directive.

REDIRECT DIRECTIVE


Redirects we use:
================
# permanent - (301) resource has moved permanently.
# temp - (302). resource has moved temporarily.
# seeother - (303) resource has been replaced.
================



* Redirecting a particular directory to a remote website.
================
redirect 301 /source_dir/ http://www.new-site.com/
================

The status "301" can be replaced according to the requirement.


* Redirect an entire site.
================
redirect 301 / http://www.new-site.com/
================


* Redirecting a file
================
redirect 301 /path_to_file http://www.new-site.com/new_file
================


REWRITE RULE:


The RewriteRule is more powerful than the Redirect rule, and thus should serve the redirection more effectively.


Tips:

In order to get an idea about RewriteRule, please check the rule given below.

RewriteRule ^(.*)$ http://www.new-domain.com/$1 [R=301]

The above rule will redirect the old website to the new website new-domain.com. It contains the following parts.


1) (.*) — Is a regular expression. The request string is everything that comes after the slash after the domain name. So if you request the URL “http://old_domain/test_pattern”, the request string that get tested against this pattern is “test_pattern”.

This particular pattern, “(.*)”, will match anything. It even successfully matches a empty string, which means it will successfully match when we request the URL “http://old_domain/”.

2) http://www.new-domain.com/$1 — the replacement pattern. When the regular expression in the first part matches, this pattern describes how to rewrite the URL. $1 is a reference to the text captured by the sub-pattern within the parentheses; if we had a pattern with more than one set of parentheses, we can use $2, $3, etc. So in the above example $1 will contain the value "test_pattern"

That means http://www.old_domain.com/$1 will be redirected exactly to http://www.new-domain.com/test_pattern

3) [R=301] - this is a flag that says that this redirection is permanent. That means the HTTP redirection goes out with a 301 code.

Examples:

* Redirect from Old domain to new domain.
================
RewriteEngine On
RewriteRule ^(.*)$ http://www.new-site.com/$1 [R=301,L]
================

* Redirect from http://www.domain.com to http://domain.com
================
RewriteEngine on
RewriteCond % ^www\.domain\.tld$ [NC]
RewriteRule ^(.*)$ http://domain.tld/$1 [R=301,L]
================
RewriteCond tells that if the if HTTP_HOST is www.domain.tld, then apply the rewrite rule.

* Redirect a URL that starts with a given string.
================
RewriteEngine on
RewriteRule ^test http://www.new-site.com/ [R=301]
================
The above rule specifies that URLS like http://old_site.com/test_whatever will be forwarder to the URL http://www.new-site.com/

* To redirect a URL that exactly matches a given string.
================
RewriteEngine on
RewriteRule ^test$ http://www.new-site.com/[R=301]
================
The above rule will redirect http://old_domain.com/test/ to http://www.new-site.com/. This can be used for redirecting directories to remote URLs.


REDIRECTMATCH


RedirectMatch can be used to direct a different string to a correct directory.

================
RedirectMatch ^/director(y|ies) http://www.domain.com/exact_directory
================
The above rule will redirect the URLs http://domain.com/directory and http://domain.com/directories to the URL http://www.domain.com/exact_directory.


Thank you.

Command to delete mails for a particular user

In order to delete all undelivered/queued mails for a given user( abc@xyz.com This e-mail address is being protected from spambots. You need JavaScript enabled to view it ), execute the following command:


cd /var/spool/exim/input; grep -lir abc\@xyz\.com * | xargs rm -fv


That's all :-)