Linux System Admin Blog….
dinoIf you have Perl /cgi or Php scripts and you want to make them available to all clients on your server , add an Alias in
/etc/httpd/conf/httpd.conf
file pointing to a shared directory owned by root:wheel. This is how the cPanel achieves this with their cgi-sys shared scripts in /usr/local/cpanel/cgi-sys/
RVSiteBuilder warning messages under WHM :
WARNING !!
WARNING: RVSiteBuilder recommend PHP maximum execution time of each script , in 180 seconds or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “max_execution_time=180” or above, and restart cPanel service (/usr/local/cpanel/startup).
WARNING: RVSiteBuilder recommend maximum size of POST data 105M or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “post_max_size=105M” or above, and restart cPanel service (/usr/local/cpanel/startup).
WARNING: RVSiteBuilder recommend maximum allowed size for uploaded files that PHP will accept 100M or above.
HELP: Edit /usr/local/cpanel/3rdparty/etc/php.ini and change “upload_max_filesize=100M” or above, and restart cPanel service (/usr/local/cpanel/startup).
Solution :
Execute using root logins :
perl /var/cpanel/rvglobalsoft/rvsitebuilder/panelmenus/cpanel/scripts/autofixphpini.pl
Restart cPanel :
/usr/local/cpanel/startup
If again you see the warnings after cPanel restart, manually change the values for PHP under WHM >> Tweak Settings.
PHP PHP max execution time for cPanel PHP execution in seconds (default 90) PHP Max Post Size for cPanel PHP in Megabytes (default 55M) cPanel PHP Register Globals (Off [unchecked] is recommended for security reasons) PHP Max Upload Size for cPanel PHP in Megabytes (default 50M) Loader to use for internal cPanel PHP (Use oldsourceguardian for version 1.x and 2.x) none
ioncube
sourceguardian
oldsourceguardian
This fixes your issue.
If you get the next problem on rvsitebuilder running on a cpanel server:
Not Found
The server was not able to find the document
(./3rdparty/rvsitebuilder/index.php/sitebuilder/sitebuilderhome) you
requested.
Please check the url and try again. You might also want to report this
error to your webhost.
It should fix the problem to you:
Log in as root on your cpanel server and run these commands:
# rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/var/INSTALL_COMPLETE.php
# rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilderversion.txt
# perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi
OR
Simply run
perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi
Open your WHM on a web browser, https://serverip:2087
And go to root WHM -> Plugins -> RVSiteBuilder
The following web site will redirect you to a very well written article, which will cover the basics of “Passive vs Active” mode functions.
Active FTP vs. Passive FTP, a Definitive Explanation
After FTP connection has been made, The FTP server will generally choose a random port within a certain range to use and tell the client to connect to, but when the firewall is setup to block this port, the connection can not be made and the client times out. Error example below :
[14:55:16] PASV
[14:55:16] 227 Entering Passive Mode (74,86,43,171,13,209)
[14:55:16] Opening data connection to 74.86.43.171 Port: 3537
[14:55:16] LIST -aL
[14:55:37] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Opening the ports on APF
The first step was to tell APF to have a range of ports open for passive FTP connections. You can put in any range you want as long as it doesn’t conflict with another service. For this we’re going to use the range of 35000-35500.
Will be using vi in this How-To. Please see the Basic Guide to Vim
cd /etc/apf; vi conf.apf
Find IG_UDP_CPORTS and add passive ports 35000-35500 to look like :
IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,161,443,465,623,993,995,2082,2083,2086
,2087,2095,2096,3306,3389,6666,35000_35500“
Save the file and restart APF with
/etc/init.d/apf restart
Setting up the FTP Server (Pure-FTPD):
Now you need to tell PureFTPd to use those ports for passive connections. Open up the file /etc/pure-ftpd.conf in your editor and look for the following.
# PassivePortRange 30000 50000
Two things to note. One, the setting is commented out and two the range doesn’t match what we opened in APF. So change it to the following.
PassivePortRange 35000 35500
Restart the PureFTP server with
/etc/init.d/pure-ftpd restart
Test the connections and your are done !
I need file system quota support for FreeBSD server.
Quick and Dirty How to compile ‘QUOTA’ support for your FreeBSD server.
Please see: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html for more detailed instructions.
To complete the following you will need to have to ssh access to your host server along with full root access.
Login to the remote host via SSH and become root with ‘su -‘ then backup your current kernel and ‘/etc’ directory.
cp -Rp /boot/kernel /boot/kernel.good
cp -Rp /etc /etc.good
Now verify you have the correct source code for your server installed in ‘/usr/src’
cd /usr/src
ee UPDATING
Make sure the first displayed date matches your current ‘uname -a’ output.
Once you have confirmed you have the correct source code installed you can then create your custom kernel configuration file.
cd /usr/src/sys/i386/conf
cp GENERIC MYKERNELCONF
ee MYKERNELCONF
Add the line below to your kernel configuration file and then save the file.
## Example Entry for your Kernel Conf ##
options QUOTA # Provide Quota Support
##
Next you will need to build and install your custom kernel.( This step could take a few mins )
cd /usr/src/
make buildkernel KERNCONF=MYKERNELCONF
make installkernel KERNCONF=MYKERNELCONF
Now before you reboot you need to edit 2 files to enable QOUTA support for you file system.
The first is the ‘/etc/rc.conf’ which will we will edit to enable QUOTA support and to also check them on boot.
grep /etc/defaults/quota >> /etc/rc.conf
ee /etc/rc.conf
You will see the following entries at the bottom of the ‘/etc/rc.conf’ file.
enable_quotas=”NO” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).
Change both of the entries to “YES” and then save the file.
enable_quotas=”YES” # turn on quotas on startup (or NO).
check_quotas=”YES” # Check quotas on startup (or NO).
Now you need to modify your ‘/etc/fstab’ file to select which slices should have QUOTAS turned on.
Typical ‘/etc/fstab’ file with NO quota support enabled.
# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw 2 2
/dev/ad0s1e /usr ufs rw 2 2
/dev/ad0s1d /var ufs rw 2 2
Typical ‘/etc/fstab’ with quota support enabled.
# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1f /home ufs rw,userquota,groupquota 2 2
/dev/ad0s1e /usr ufs rw,userquota,groupquota 2 2
/dev/ad0s1d /var ufs rw 2 2
Now save the ‘/etc/fstab’ file and reboot the host to load the new kernel and remount your drives with full quota support enabled for your server.
reboot
If for some reason your server does not come back up after 2-10 mins from the reboot please contact your support team and let them know you just compiled a custom kernel and may need to have the server booted with the old backup kernel you made earlier. If the server reboots with no problems you should be all set and ready to go with full quota support for your control panel of choice.
How to bind a range of IP’s in Linux
This method is used by Redhat Linux based servers (Centos/RedhatEnterprise/FedoraCore).
Create a file called /etc/sysconfig/network-scripts/ifcfg-eth0-range0
And in the file place these 3 lines but change the IP’s to match YOUR assigned range.
## Start
IPADDR_START=67.18.xxx.xxx
IPADDR_END=67.18.xxx.xxx
CLONENUM_START=0
# Example | IPADDR_START=67.18.333.440
# Example | IPADDR_END=67.18.333.444
# Example | CLONENUM_START=0
## END
The CLONENUM_START should be the number at which the alias interfaces should start. If you add your 5 IP’s to this server and then want to bind a second set of IP’s you create a second file named ‘ifcfg-eth0-range1’ and change the CLONENUM_START to match the last interface alias. IE ‘eth0:5’ = CLONENUM_START=5
After you have created the above file execute the command ‘service network restart’ and your IP’s will be all setup.
*CPANEL NOTE*
Please do not use this method of binding additional IPs if you are using Cpanel. Bind the IPs through the Cpanel interface.
I would like to bind all 5 of my usable IP’s to the ‘eth0’ device
Just define a new interface in /etc/network interfaces:
## Start
auto eth0
auto eth0:0
auto eth0:1
auto eth0:2
auto eth0:3
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.248
gateway 192.168.1.1
iface eth0:0 inet static
address 192.168.1.3
netmask 255.255.255.248
gateway 192.168.1.1
iface eth0:1 inet static
address 192.168.1.4
netmask 255.255.255.248
iface eth0:2 inet static
address 192.168.1.5
netmask 255.255.255.248
iface eth0:3 inet static
address 192.168.1.6
netmask 255.255.255.248
## End
Then you can reboot or use the commands below to bring the interfaces up without a reboot.
ifup eth0:0
ifup eth0:1
ifup eth0:2
ifup eth0:3
ifup eth0:4
On the next reboot they should automatically bind to the NIC.
First login to your FreeBSD host as a ‘non-root’ user. You should have an account in the ‘wheel’ group that you can do this with. Once you have logged in run the following commands to switch users to ‘root’
su –
Password:
server#
The prompt should have a # in it now meaning you are the ‘root’ user.
Now run these commands.
ee /etc/rc.conf
Using 192.168.1.3 – 192.168.1.6 as an example
ifconfig_fxp0=”inet 192.168.1.2 netmask 255.255.255.248″
ifconfig_fxp0_alias0=”inet 192.168.1.3 netmask 255.255.255.255″
ifconfig_fxp0_alias1=”inet 192.168.1.4 netmask 255.255.255.255″
ifconfig_fxp0_alias2=”inet 192.168.1.5 netmask 255.255.255.255″
ifconfig_fxp0_alias3=”inet 192.168.1.6 netmask 255.255.255.255″
Note that changes to the ‘_aliasNN’ and also the ‘netmask’ changes to ‘255.255.255.255’ from ‘255.255.255.248’. The IP’s will not work unless you use a ‘255.255.255.255’ netmask for the alias IP’s.
Once you have added the enteries to your file you need to press ‘ESC’ and then select the ‘Save File’ option. You can then reboot the server and the IP’s will be bound and ready to use.
You can also use ‘ifconfig’ on the command line to add them without a reboot.
Please see the following man pages for more information.
man ifconfig
man rc.conf
man netstat
How MySQL Uses Memory
This page lists some of the ways that the mysqld server uses memory, and associated mysqld variable names
Memory Use MySQL 5.0
Memory Use MySQL 4.1
MySQL Optimization which covers:
– Optimization Overview
– Optimizing SELECT and Other Statements
– Locking Issues
– Optimizing Database Structure
– Optimizing the MySQL Server
– Disk Issues
Optimization MySQL 5.0
Optimization MySQL 4.1
MySQL Server Variables – SQL layer or Storage Engine specific.
List some of the more common variables as well as a brief description
Go to article 1
Go to article 2
Optimizing the mysqld variables by Ian Gilfillan
Great article on MySQL optimization, including some guidelines on what you should set mysqld server variable too.
(key_buffer_size, Query cache variables, table_cache, sort_buffer, etc..)
Go to article
Repairing Database Corruption in MySQL by Ian Gilfillan
Table corruption should be rare when using MySQL, however it helps to know how to fix the problem when it does occur.
Go to article
Optimizing MySQL: Queries and Indexes by Ian Gilfillan
The database is just too slow. Queries are queuing up, backlogs growing, users being refused connection. Management is ready to spend millions on “upgrading” to some other system, when the problem is really that MySQL is simply not being used properly. Badly defined or non-existent indexes are one of the primary reasons for poor performance, and fixing these can often lead to phenomenal improvements.
Go to article
Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html
Additionally some good practices are:
Note: There are many excellent articles available on the web for MySQL security. Go to your search engine of choice and search “securing mysql” and you should have reading for weeks.