The Geek Decoder – Page 80

PHP Sessions causing Error

July 29, 2014 The Geek Decoder No Comments Administration, Cron, Find, Hardware

Currently your messages log is filling up with errors and the system is unstable. Check the message log:

$ server# tail -f /var/log/messages
Jul 28 08:57:30 mail kernel: EXT4-fs warning (device sda3): ext4_dx_add_entry: Directory index full!

Check the sessions directory

 $ server# php -i | grep session.save_path
session.save_path => /var/lib/php/session => /var/lib/php/session


$ server# du -shcx /var/lib/php/session
1000.0M    /var/lib/php/session
1000.0M    total

A cron job similar to the following ran every day, or periodically, should prevent those files from accumulating.


# find /var/lib/php/session -type d -mtime -15 -delete

Manually

# find /var/lib/php/session -depth -mindepth 1 -maxdepth 1 -type f -cmin +120 -delete;

Update Mysql field

July 29, 2014 The Geek Decoder No Comments MySQL

UPDATE table SET fieldname = 'newvalue' WHERE id = 'name'

Schedule ClamAV scanning via Cron with zero config, and e-mail notification

July 27, 2014 The Geek Decoder No Comments ClamAV

Clamav-cron
Summary:
This is a simple Bash script for those who want to schedule the following tasks via cron:
Source: https://code.google.com/p/clamav-cron/

update the ClamAV virus database (freshclam);
perform personal system scan (clamscan);
send a brief report via e-mail;
without any knowledge about ClamAV configuration files (such as clamd.conf or freshclam.conf) and without running the ClamAV daemon. You just have to configure the e-mail address(es) that will receive the report.

Dependencies:

To succesfilly run clamav-cron the following dependencies needs to be satisfied:

the ClamAV engine (look at ClamAV download center);
a mail server like Sendmail;
How to use:
Download clamav-cron somewhere like /usr/local/bin/ and give it execute permission:


wget http://clamav-cron.googlecode.com/files/clamav-cron-0.6 -O /usr/local/bin/clamav-cron


chmod 755 /usr/local/bin/clamav-cron

Simply open the clamav-cron script with your editor and edit the “User configuration” section following the instructions;
schedule the clamav-cron script via Cron in the preferred way. For example, you can install the clamav-cron in the crontab typing crontab -e from the user shell and entering a line like this:


45 23 * * 6 /usr/local/bin/clamav-cron /home

Cron will run clamav-cron every Saturday at 23:45 (11:45 pm) to recursevly scan the whole /home tree. At the end of task it will send a notification e-mail to the users specified at point 2. For more crontab option type man 5 crontab.

Restart Apache with Cron Job

July 27, 2014 The Geek Decoder No Comments Administration, Cron

Sometimes the loads on apache can be high:

Set up th efollowin cron job.


#MAILTO=admin@coldriverdata.com
#02 12 * * 1 /usr/bin/killall -9 httpd && /sbin/service httpd restart

rsync from one server to another

July 26, 2014 The Geek Decoder No Comments Administration, Rsync

Basically,


$ rsync options source destination

Synchronize Files From Local to Remote (Plesk to cPanel)


$ rsync -avz /var/www/vhosts/domain.com/httpdocs/ sshuser@192.168.200.99:/home/user/public_html/

Synchronize Files From Remote to Local )cPanel to Plesk)


$ rsync -avz sshuser@198.50.162.99:/home/username/public_html/ /var/www/vhosts/domain.com/httpdocs/

Here is a short summary of the options available in rsync. Please refer to the detailed description below for a complete description.

-v, –verbose -q, –quiet –no-motd -c, –checksum -a, –archive –no-OPTION -r, –recursive -R, –relative –no-implied-dirs -b, –backup –backup-dir=DIR –suffix=SUFFIX -u, –update –inplace –append –append-verify -d, –dirs -l, –links -L, –copy-links –copy-unsafe-links –safe-links -k, –copy-dirlinks -K, –keep-dirlinks -H, –hard-links -p, –perms -E, –executability –chmod=CHMOD -A, –acls -X, –xattrs -o, –owner -g, –group –devices –specials -D -t, –times -O, –omit-dir-times –super –fake-super -S, –sparse -n, –dry-run -W, –whole-file -x, –one-file-system -B, –block-size=SIZE -e, –rsh=COMMAND –rsync-path=PROGRAM –existing –ignore-existing –remove-source-files –del –delete –delete-before –delete-during –delete-delay –delete-after –delete-excluded –ignore-errors –force –max-delete=NUM –max-size=SIZE –min-size=SIZE –partial –partial-dir=DIR –delay-updates -m, –prune-empty-dirs –numeric-ids –timeout=SECONDS –contimeout=SECONDS -I, –ignore-times –size-only –modify-window=NUM -T, –temp-dir=DIR -y, –fuzzy –compare-dest=DIR –copy-dest=DIR –link-dest=DIR -z, –compress –compress-level=NUM –skip-compress=LIST -C, –cvs-exclude -f, –filter=RULE -F –exclude=PATTERN –exclude-from=FILE –include=PATTERN –include-from=FILE –files-from=FILE -0, –from0 -s, –protect-args –address=ADDRESS –port=PORT –sockopts=OPTIONS –blocking-io –stats -8, –8-bit-output -h, –human-readable –progress -P -i, –itemize-changes –out-format=FORMAT –log-file=FILE –log-file-format=FMT –password-file=FILE –list-only –bwlimit=KBPS –write-batch=FILE –only-write-batch=FILE –read-batch=FILE –protocol=NUM –iconv=CONVERT_SPEC –checksum-seed=NUM -4, –ipv4 -6, –ipv6 –version (-h) –help increase verbosity
suppress non-error messages
suppress daemon-mode MOTD (see caveat)
skip based on checksum, not mod-time & size
archive mode; equals -rlptgoD (no -H,-A,-X)
turn off an implied OPTION (e.g. –no-D)
recurse into directories
use relative path names
don’t send implied dirs with –relative
make backups (see –suffix & –backup-dir)
make backups into hierarchy based in DIR
backup suffix (default ~ w/o –backup-dir)
skip files that are newer on the receiver
update destination files in-place
append data onto shorter files
–append w/old data in file checksum
transfer directories without recursing
copy symlinks as symlinks
transform symlink into referent file/dir
only “unsafe” symlinks are transformed
ignore symlinks that point outside the tree
transform symlink to dir into referent dir
treat symlinked dir on receiver as dir
preserve hard links
preserve permissions
preserve executability
affect file and/or directory permissions
preserve ACLs (implies -p)
preserve extended attributes
preserve owner (super-user only)
preserve group
preserve device files (super-user only)
preserve special files
same as –devices –specials
preserve modification times
omit directories from –times
receiver attempts super-user activities
store/recover privileged attrs using xattrs
handle sparse files efficiently
perform a trial run with no changes made
copy files whole (w/o delta-xfer algorithm)
don’t cross filesystem boundaries
force a fixed checksum block-size
specify the remote shell to use
specify the rsync to run on remote machine
skip creating new files on receiver
skip updating files that exist on receiver
sender removes synchronized files (non-dir)
an alias for –delete-during
delete extraneous files from dest dirs
receiver deletes before transfer (default)
receiver deletes during xfer, not before
find deletions during, delete after
receiver deletes after transfer, not before
also delete excluded files from dest dirs
delete even if there are I/O errors
force deletion of dirs even if not empty
don’t delete more than NUM files
don’t transfer any file larger than SIZE
don’t transfer any file smaller than SIZE
keep partially transferred files
put a partially transferred file into DIR
put all updated files into place at end
prune empty directory chains from file-list
don’t map uid/gid values by user/group name
set I/O timeout in seconds
set daemon connection timeout in seconds
don’t skip files that match size and time
skip files that match in size
compare mod-times with reduced accuracy
create temporary files in directory DIR
find similar file for basis if no dest file
also compare received files relative to DIR
… and include copies of unchanged files
hardlink to files in DIR when unchanged
compress file data during the transfer
explicitly set compression level
skip compressing files with suffix in LIST
auto-ignore files in the same way CVS does
add a file-filtering RULE
same as –filter=’dir-merge /.rsync-filter’
repeated: –filter=’- .rsync-filter’
exclude files matching PATTERN
read exclude patterns from FILE
don’t exclude files matching PATTERN
read include patterns from FILE
read list of source-file names from FILE
all *from/filter files are delimited by 0s
no space-splitting; wildcard chars only
bind address for outgoing socket to daemon
specify double-colon alternate port number
specify custom TCP options
use blocking I/O for the remote shell
give some file-transfer stats
leave high-bit chars unescaped in output
output numbers in a human-readable format
show progress during transfer
same as –partial –progress
output a change-summary for all updates
output updates using the specified FORMAT
log what we’re doing to the specified FILE
log updates using the specified FMT
read daemon-access password from FILE
list the files instead of copying them
limit I/O bandwidth; KBytes per second
write a batched update to FILE
like –write-batch but w/o updating dest
read a batched update from FILE
force an older protocol version to be used
request charset conversion of filenames
set block/file checksum seed (advanced)
prefer IPv4
prefer IPv6
print version number
show this help (see below for -h comment)

Update Plesk

July 23, 2014 The Geek Decoder No Comments Plesk

Run:

 /usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component base

Stop Spam and http access with IPtables

July 22, 2014 The Geek Decoder No Comments Email, Firewall, Iptables, Spam

To stop Spam:

drop SMTP on port 25, 465 and 587 to prevent further spam from being sent out by running the following commands:


# /sbin/iptables -A INPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 587 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 587 -j DROP

Restart:

# service iptables restart

Block an IP accessing the site:

# iptables -A INPUT -s 80.35.xx.xxx -j DROP

Restart:

# service iptables restart

After that – check the cpnael access logs for the domain and see that there is a 403 Error:

# tail -f /usr/local/apache/domlogs/gamedayboston.com

80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"

Add/Drop IP in iptables on cPanel server

July 22, 2014 The Geek Decoder No Comments cPanel, Firewall, Iptables

on cpanel, use


iptables -A cP-Firewall-1-INPUT -s 203.90.xxx.xxx -j DROP

Error with restarting SSHD in WHM

July 21, 2014 The Geek Decoder No Comments WHM

Issue

Error with restarting SSHD in WHM. Verified the error, but SSHD appears to restart and take changes anyways even though the error is reported by WHM. Restarted SSHD from SSH does not show any errors and there is nothing in the logs about any errors with SSHD.

Fix

The issue here is that SSH is running on a non-standard port (3333). WHM/Cpanel doesn’t support non-standard ports in WHM.

Can I have two domains on a Windows cloud server?

July 19, 2014 The Geek Decoder No Comments Windows Server

Q: Can I have two domains on a Windows cloud server?

You sure can you just have to use host headers in IIS. Here’s a link to a Microsoft article that should help you out.

http://technet.microsoft.com/en-us/library/cc753195(WS.10).aspx

GEEKDECODER

Author: The Geek Decoder