Web Hosting Tutorials

How to Compile Linux Kernel

Posted on November 24th, 2006 by Admin.
Categories: Server Security, Linux.

Below are steps to compile Linux Kernel …

cd /usr/local/src/
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.11.12.tar.bz2
wget http://grsecurity.net/grsecurity-2.1.6-2.6.11.12-200506141713.patch.gz
tar xvfj linux-2.6.11.12.tar.bz2
gunzip grsecurity-2.1.6-2.6.11.12-200506141713.patch.gz
patch -p0 < grsecurity-2.1.6-2.6.11.12-200506141713.patch
cd linux-2.6.11.12
make clean
make mrproper
cp /boot/config-’uname -r’ .config
make oldconfig
make menuconfig
make dep
make modules_install
make install
grubby –bootloader-probe
pico /etc/grub.conf
grub-install /dev/hda
cat /boot/grub/device.map
shutdown -r now

0 comments.

Major 352 Linux Distributions

Posted on November 23rd, 2006 by Alex P..
Categories: Linux.

There are more than 352 Linux Distributions till now which are all Open Source and Free .It also include some BSD and UNIX systems but they are also all open source and free. More information can be found at http://www.gridter.com/linx/linux.html .

0 comments.

Useful RPM commands

Posted on October 12th, 2006 by Admin.
Categories: Linux.

To Use RPM’s :->

1. Install (Full RPM filename is must)
# rpm -ivh bind-libs-9.2.4-16.i386.rpm

2. List of files installed with a particular package.

# rpm -ql bind-utils
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/share/man/man1/dig.1.gz
/usr/share/man/man1/host.1.gz
/usr/share/man/man1/nslookup.1.gz
/usr/share/man/man8/nsupdate.8.gz

3. List of files from a package that is not installed
# rpm -pql bind-libs-9.2.4-16.i386.rpm

4. List dependencies
# rpm -qpR libpcap-0.8.3-7.i386.rpm
/sbin/ldconfig
/sbin/ldconfig
kernel >= 2.2.0
libc.so.6
libc.so.6(GLIBC_2.0)
libc.so.6(GLIBC_2.1)
libc.so.6(GLIBC_2.1.3)
libc.so.6(GLIBC_2.3)
openssl
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1

5. Check the integrity, use the “-K” option.

# rpm -K /iso0/Fedora/RPMS/libpcap-0.8.3-7.i386.rpm
/iso0/Fedora/RPMS/libpcap-0.8.3-7.i386.rpm: (sha1) dsa sha1 md5 gpg OK

6. List all packages installed.
#rpm -qa

7.find out which file a package belongs to.
#rpm -qf /usr/lib/libecpg.so.4.1

8. uninstall a package
# rpm -e

9. verify md5 sum so that you know it downloaded ok
# rpm -K  *.rpm

0 comments.

DOS to UNIX and UNIX to DOS text file format converter

Posted on October 12th, 2006 by Admin.
Categories: Linux.

It converts text files in UNIX format to DOS format and vice versa…
1. DOS to UNIX text file format converter.

# dos2unix test.txt

2.  for reverse  way from UNIX to DOS

# unix2dos unixfile
Enjoy

0 comments.

ps command in depth

Posted on October 12th, 2006 by Admin.
Categories: Cpanel Hosting, Linux.

ps command in detail

Here are the possible codes when using state “$ ps -e -o state,cmd”

PROCESS STATE CODES
D uninterruptible sleep (usually IO)
R runnable (on run queue)
S sleeping
T traced or stopped
Z a defunct (”zombie”) process
< high-priority (not nice to other users)
N low-priority (nice to other users)
L has pages locked into memory (for real-time and custom IO)
s is a session leader
l is multi-threaded (using CLONE_THREAD, like NPTL pthreads do)
+ is in the foreground process group

For instance:

Note that the -o is for user defined, and -e is for select all process.

$ ps -e -o pid,state,start,time,etime,cmd

…
9946 S 15:40:45 00:00:00 02:23:29 /bin/bash -i
9985 T 15:41:24 00:00:01 02:22:50 vi manual
10320 T 17:38:42 00:00:00 25:32 vi test.c
…

You may want to command below, without the -e, which will give the process only under the current terminal.

$ ps -o pid,state,start,time,etime,cmd

To Check cause of Load on Server ..

$ ps -e -o %cpu,pid,state,start,time,etime,%cpu,%mem,cmd|sort -rn|less

$ ps aux

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 1380 480 ? S Aug04 0:00 init [3]
root 2 0.0 0.0 0 0 ? SWN Aug04 0:00 [ksoftirqd/0]
root 3 0.0 0.0 0 0 ? SW< Aug04 0:00 [events/0]
root 4 0.0 0.0 0 0 ? SW< Aug04 0:00 [khelper]
...

Or, if you want to see the environment add the -e option

$ ps aeux

…
kyle 2735 0.0 0.1 4400 1492 pts/0 S Aug04 0:00 -bash USER=kyle LOGNAME=kyle HOME=/home/kyle PATH=/usr/
kyle 2771 0.0 0.0 4328 924 pts/0 S Aug04 0:00 screen -e^Pa -D -R HOSTNAME=third-fl-71.localdomain TERM=xterm S
kyle 2772 0.0 0.6 9476 6352 ? S Aug04 0:54 SCREEN -e^Pa -D -R HOSTNAME=third-fl-71.localdomain TERM=xterm S
kyle 2773 0.0 0.1 4432 1548 pts/1 S Aug04 0:10 /bin/bash STY=2772.pts-0.third-fl-71 TERM=screen TERMCAP=SC|scre
kyle 2797 0.0 0.1 4416 1496 pts/2 S Aug04 0:00 /bin/bash STY=2772.pts-0.third-fl-71 TERM=screen TERMCAP=SC|scre
…
There is also a -f “forrest” option. Also note below ” -bash” is the start of a login shell.

$ ps aeuxwwf

The ww option above gives a wide format with all variables. Use the above command if you plan to parse through a Perl script. Otherwise, it may be easier to do a quick read using the command below, without “ww”.

$ ps aeuxf

…
root 2339 0.0 0.1 3512 1444 ? S Dec01 0:00 /usr/sbin/sshd
root 25651 0.0 0.1 6764 1980 ? S Dec23 0:00 \_ /usr/sbin/sshd
kyle 25653 0.0 0.2 6840 2236 ? S Dec23 0:14 \_ /usr/sbin/sshd
kyle 25654 0.0 0.1 4364 1440 pts/4 S Dec23 0:00 \_ -bash USER=kyle LOGNAME=kyle HOME=/home/kyle
kyle 25690 0.0 0.0 4328 920 pts/4 S Dec23 0:00 \_ screen -e^Pa -D -R HOSTNAME=third-fl-71.localdomain TERM=xterm
root 2355 0.0 0.0 2068 904 ? S Dec01 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
…

It is also possible to list the process by command line. For example, the following command will only list the vi processes.

$ ps -fC vi
UID PID PPID C STIME TTY TIME CMD
kyle 5049 5020 0 May11 pts/13 00:00:00 vi -nw Notes
kyle 12368 5104 0 May12 pts/18 00:00:00 vi -nw dnotify.c
kyle 19792 18028 0 May13 pts/20 00:00:00 vi -nw hello.c
kyle 14034 27367 0 18:52 pts/8 00:00:00 vi -nw 1.txt

You may also want to consider using top in batch mode. Here the “-n 1″ means refresh once, and the “b” is for batch. The “fmt -s” is to put it in a more readable format.

$ top -n 1 b |fmt -s >>statfile

Enjoy

0 comments.

TCP wrappers

Posted on October 12th, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, Linux.

Greetings,

TCP Wrapper is a host-based network ACL system, used to filter network access to Internet protocol services run on Unix-like Operating Systems such as Linux or BSD. It allows host or subnetwork IP addresses names and/or query replies, to be used as tokens on which to filter for access control purposes .
First “/etc/hosts.allow” is check, and if there is an entry in this file, no more checking it done. If are no matches in “/etc/hosts.allow”, the “/etc/hosts.deny” file is checked and if a match is found, that service is blocked for that host.

Example “/etc/hosts.deny” file:

sshd: 192.168.1.1

The above file blocks access to computer 192.168.1.1 . It’s also possible to run commands when someone from this computer tries to ssh in.

This example sends mail.
sshd: 192.168.1.1: spawn (echo -e “%d %h %H %u”| /bin/mail -s ‘hosts.deny entry’ root)

Of course, you can also run commands in the “/etc/hosts.allow” if you wanted mail sent for a successful login.

Cheers

0 comments.

How to install mod_security

Posted on September 25th, 2006 by Jason.
Categories: Cpanel Hosting, Server Security, Linux, web Hosting.

Hello,
First we will download and unzip mod_security.

—–command—–
wget http://www.modsecurity.org/download/modsecurity-apache_1.9.4.tar.gz
tar -zxf modsecurity-apache_1.9.4.tar.gz
—–command—–

If you are using Apache 1.3.x you need to go into the apache1 directory as shown below. Cpanel and ensim both use apache 1.3.x

—–command—–
cd modsecurity-apache_1.9.4/apache1
—–command—–

If you are using Apache 2.x you need to go into the apache 2 directory as shown below. Plesk uses apache 2.x and may require the httpd-devel rpm to be installed to get mod_security working.
—–command—–
cd modsecurity_1.9.4/apache2
—–command—–

Next compile mod_security at a module. One of the lines below should work to compile it.
—–command—–
/etc/httpd/bin/apxs -cia mod_security.c
—–command—–

If you get a file not found install httpd-devel using up2date then try to compile it again. This will work fine on Plesk and the newer versions of Ensim that do not use “ensimized” httpd rpms. If you are running below Ensim 4.0 you should not continue unless you are certain of what you are doing.
—–command—–
up2date -i httpd-devel
/usr/sbin/apxs -cia mod_security.c
—–command—–

Make a backup of your httpd.conf before touching anything so you have something to go back to if it does not work.
—–command—–
cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-mod_sec
—–command—–

Now edit the httpd.conf , even though Ensim has multiple httpd.conf files you can put it in the primary config.
—–command—–
pico -w /etc/httpd/conf/httpd.conf
—–command—–

If you are running Apache 1.3.x - cPanel and Pre 4.0 Ensim
Scroll down below the following line:
AddModule mod_security.c
If you do not have the addmodule line find where the rest of them are located and put it right below the others.

If you are running Apache 2.x (Plesk and Ensim 4.0+)
Scroll down below the following line at which point you can continue on and paste the ruleset.
LoadModule security_module modules/mod_security.so

Now you are going to paste in this ruleset. Please feel free to modify it as you see fit. I think that it is a very non-agreesive ruleset that will work fine on just about any server. Please post any problems you have with it below!

—-Ruleset—-

# Turn the filtering engine On or Off
SecFilterEngine On

# Change Server: string
SecServerSignature “Apache”

# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off

# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. “On” will log everything,
# “DynamicOrRelevant” will log dynamic requests or violations,
# and “RelevantOnly” will only log policy violations
SecAuditEngine RelevantOnly

# The name of the audit log file
SecAuditLog logs/audit_log

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# Action to take by default
SecFilterDefaultAction “deny,log,status:403″

## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ## ##

# Require HTTP_USER_AGENT and HTTP_HOST in all requests
# SecFilterSelective “HTTP_USER_AGENT|HTTP_HOST” “^$”

# Require Content-Length to be provided with
# every POST request
SecFilterSelective REQUEST_METHOD “^POST$” chain
SecFilterSelective HTTP_Content-Length “^$”

# Don’t accept transfer encodings we know we don’t handle
# (and you don’t need it anyway)
SecFilterSelective HTTP_Transfer-Encoding “!^$”

# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID “!^[0-9a-z]*$”
SecFilterSelective COOKIE_PHPSESSID “!^[0-9a-z]*$”

SecFilter “viewtopic\.php\?” chain
SecFilter “chr\(([0-9]{1,3})\)” “deny,log”

# Block various methods of downloading files to a server
SecFilterSelective THE_REQUEST “wget ”
SecFilterSelective THE_REQUEST “lynx ”
SecFilterSelective THE_REQUEST “scp ”
SecFilterSelective THE_REQUEST “ftp ”
SecFilterSelective THE_REQUEST “cvs ”
SecFilterSelective THE_REQUEST “rcp ”
SecFilterSelective THE_REQUEST “curl ”
SecFilterSelective THE_REQUEST “telnet ”
SecFilterSelective THE_REQUEST “ssh ”
SecFilterSelective THE_REQUEST “echo ”
SecFilterSelective THE_REQUEST “links -dump ”
SecFilterSelective THE_REQUEST “links -dump-charset ”
SecFilterSelective THE_REQUEST “links -dump-width ”
SecFilterSelective THE_REQUEST “links http:// ”
SecFilterSelective THE_REQUEST “links ftp:// ”
SecFilterSelective THE_REQUEST “links -source ”
SecFilterSelective THE_REQUEST “mkdir ”
SecFilterSelective THE_REQUEST “cd /tmp ”
SecFilterSelective THE_REQUEST “cd /var/tmp ”
SecFilterSelective THE_REQUEST “cd /etc/httpd/proxy ”
SecFilterSelective THE_REQUEST “/config.php?v=1&DIR ”
SecFilterSelective THE_REQUEST “&highlight=%2527%252E ”
SecFilterSelective THE_REQUEST “changedir=%2Ftmp%2F.php ”
SecFilterSelective THE_REQUEST “arta\.zip ”
SecFilterSelective THE_REQUEST “cmd=cd\x20/var ”
SecFilterSelective THE_REQUEST “HCL_path=http ”
SecFilterSelective THE_REQUEST “clamav-partial ”
SecFilterSelective THE_REQUEST “vi\.recover ”
SecFilterSelective THE_REQUEST “netenberg ”
SecFilterSelective THE_REQUEST “psybnc ”
SecFilterSelective THE_REQUEST “fantastico_de_luxe ”

SecFilter “bcc:”
SecFilter “bcc\x3a”
SecFilter “cc:”
SecFilter “cc\x3a”
SecFilter “bcc:|Bcc:|BCC:” chain
SecFilter “[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}\,\x20[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}”
SecFilterSelective POST_PAYLOAD “Bcc:”
SecFilterSelective POST_PAYLOAD “Bcc:\x20″
SecFilterSelective POST_PAYLOAD “cc:”
SecFilterSelective POST_PAYLOAD “cc:\x20″
SecFilterSelective POST_PAYLOAD “bcc:”
SecFilterSelective POST_PAYLOAD “bcc:\x20″
SecFilterSelective POST_PAYLOAD “bcc: ”
SecFilterSelective THE_REQUEST “Bcc:”
SecFilterSelective THE_REQUEST “Bcc:\x20″
SecFilterSelective THE_REQUEST “cc:”
SecFilterSelective THE_REQUEST “cc:\x20″
SecFilterSelective THE_REQUEST “bcc:”
SecFilterSelective THE_REQUEST “bcc:\x20″
SecFilterSelective THE_REQUEST “bcc: ”
# WEB-PHP phpbb quick-reply.php arbitrary command attempt
SecFilterSelective THE_REQUEST “/quick-reply\.php” chain
SecFilter “phpbb_root_path=”

—/Ruleset—

Now simply restart apache to enable mod_security.
—–command—–
service httpd restart
—–command—–

If sites start to have problems look at error log.
/etc/httpd/logs/audit_log

If you need or want to remove mod_security at any time simply comment out (put a # in front of) the AddModule mod_security.c line and restart apache. This will disable all of the rules and not allow it to load into apache.

Ok mod_security is all setup. I would tail the audit log occasionally to see if it is causing any trouble with legit traffic. The ruleset above should not cause many problems though. Thanks to all that have helped with the rules for this especially ryan at rfxnetworks and err0r. I have also adapted some rules from suggestions on the netberg forums by HostMerit.

Enjoy..

0 comments.

“/cpanel” internal server error

Posted on September 25th, 2006 by Jason.
Categories: Cpanel Hosting, Linux, web Hosting.

Hello,

The first thing you will have to do when you get internal server error is to check the server logs first.
If you are getting something like “Premature end of script headers: /home/kaizen/public_html/cgi-bin/mt/mt-config.cgi”
make sure that all the files in /usr/local/cpanel/cgi-sys/*.cgi should be 755
also the files /usr/local/cpanel/base/*.cgi should under group wheel

In /etc/httpd/conf/httpd.conf file check following correctly.
—————————————————————————————————
ScriptAliasMatch ^/cpanel/(.*) /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /cpanel /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAlias /whm /usr/local/cpanel/cgi-sys/whmredirect.cgi
ScriptAlias /securewhm /usr/local/cpanel/cgi-sys/swhmredirect.cgi
ScriptAlias /webmail /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/webmail/(.*) /usr/local/cpanel/cgi-sys/wredirect.cgi
—————————————————————————————————

/scripts/updatenow
/scripts/fixeverything
/scripts/upcp –force

If that doesn’t even work for you then in httpd.conf change this line
RLimitMEM 23178922 (~22 MB)
and replaced it with
RLimitMEM 157286400 (~150 MB)

Also some time it may happen because of phpsuexec. So you can try turning it off by going to “Enable/Disable SuExec” under “Server Setup” in WHM.

Also try chmod /usr/bin/* then to 755

Enjoy..

0 comments.

Mount mysql on secondary drive

Posted on September 25th, 2006 by Jason.
Categories: Linux, web Hosting, MySQL.

Hello,

Use this guide at your own risk! Fdisk is a very powerful tool and can easily screw up a server if you are not careful. This guide was designed around a server that has SCSI disks and it is mounted in the secondary positions, sdb. If you have a ide drive it would be hdb.

This guide is pretty vague, that was done on purpose. It is very hard to do something like this if you are not familiar with linux and fdisk. I do not want people screwing around with this if they are not confident in what they are doing. I am just trying to stop people from getting mad at me. Anyways below is the guide it is to be used totaly at your own risk but I can say that if done correctly it will work just fine.

That all say here is the actual guide.

fdisk /dev/sdb

The first step is to delete all of the old partitions. If you have a lot of partitions you are going to have to keep trying to go to higher numbers. Once you have deleted all partitions it will say there are no paritions.

d –delete
1 — partition 1
d
2
d
3
d
4

Create a new partition as /dev/sdb1
n — new
p — primary
1 — first partition
– use default cylinder value, which is the first available
+5000M — make ~ a 5Gb partition which I think is a good size for a mysql database directory

Create a /tmp partition as /dev/sdb2 that will be ~1Gb
n
p
2

+1000M

Create a backup partition as /dev/sdb3 which will take up whatever extra space the disk has.
n
p
3

- uses the rest of the disk

w — writes out and saves

Now we are going to format the filesystem as ext3 which is what most servers run with and is in my opinion the best choice.
mkfs -t ext3 /dev/sdb1
mkfs -t ext3 /dev/sdb2
mkfs -t ext3 /dev/sdb3

Now add the following in /etc/fstab so that they are mounted automatically on boot.

/dev/sdb1 /var/lib/mysql ext3 defaults,usrquota 1 1
/dev/sdb2 /tmp ex3 noexec,nosuid,rw 0 0
/dev/sdb3 /backup ext3 defaults 0 0

service mysql stop; killall -9 mysqld

Now copy the old dir so we can copy
mv /tmp /tmp_old; mkdir /tmp
mv /var/lib/mysql /var/lib/mysql_old; mkdir /var/lib/mysql

mount /var/lib/mysql
mount /tmp

cp -R /var/lib/mysql_old/* /var/lib/mysql/
chmod 755 /var/lib/mysql
chown mysql:mysql -R /var/lib/mysql

cp -R /tmp_old/* /tmp/
chmod 0777 /tmp

service mysql start

Hopefully it should all be working fine.

0 comments.

Set Time stamp in History command

Posted on September 22nd, 2006 by Admin.
Categories: Cpanel Hosting, Server Security, Linux.

Greetings ,

Just type ….

HISTTIMEFORMAT=”%D %T ”

To set Date and Time format for History command and figure out who and when fired what command

Cheers ,

Kyle

0 comments.

Older » « Newer