Can't connect to socket. Maybe governor is not started- dbtop command error

Issue:
# dbtop
Can't connect to socket. Maybe governor is not started

Analysis:

Check error log for db governor /var/log/dbgovernor-error.log when running this command. I got below errors from log.

---------------------

Try to connect with options from dbgovernor config file

Try to connect with no password under root

Update your MySQL to CLL version from repo.cloudlinux.com. Current is 5.5.37-cll

Incorrect mysql version

Failed governor daemon, restart daemon

---------------------

 The db governor configuartion is looking for a different version of MySQL hence the issue. We need to correct the db governor configuartion with current MySQL version.

Fix:

Run the following commands:

# /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=MYSQL_VERSION

# /usr/share/lve/dbgovernor/mysqlgovernor.py --install

Thats it!!

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock'

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
it is not the error bcoz when mysql deamon starts it 1st checks the /tmp/mysql.sock
if /tmp permission changes to other than 777 then the above error comes
i've faced the same error
when i checked /var/lib/mysql/ for mysql.sock it didn't found there it never happens when it is not found but if not found then try to create uor self command is

cd /var/lib/mysql
touch mysql.sock
chown mysql:mysql mysql.sock
chmod 1777 mysql.sock

now make a sym link into /tmp

ln -s /var/lib/mysql/mysql.sock /tmp
then
chmod 1777 /tmp

now
/scripts/mysqlup --force


now just restart mysql
/etc/rc.d/init.d/mysql restart

Mod security disable for an account

In cpanel follow the steps below:

mkdir -p /usr/local/apache/conf/userdata/std/2/<username>/<domain.com>
nano /usr/local/apache/conf/userdata/std/2/<username>/<domain.com>/mod_security.conf
Add the following code to mod_security.conf:
 <IfModule mod_security2.c>
 SecRuleEngine Off
 </IfModule>
/scripts/ensure_vhost_includes --user=username


Reference: http://forums.cpanel.net/f185/how-disable-mod_security2-rule-one-domain-73135.html

Find files which are above 1G in size

Find files which are above 1G in size

find /home/ -type f -size +1048576 -printf "%s:%h%f\n"

WordPress xmlrpc vulnerability

There are four ways that WP‘s XML-RPC API  could be abused by an attacker:

Intel gathering — attacker may probe for specific ports in the target’s internal network
Port scanning — attacker may port-scan hosts in the internal network
DoS attacks — attacker may pingback via large number of sites for DoS attack
Router hacking — attacker may reconfigure an internal router on the network

Possible workarounds:

1. If you aren’t using the XML-RPC functionality for anything, to protect against any vulnerabilities, add below lines .htaccess:

# protect xmlrpc
<IfModule mod_alias.c>
RedirectMatch 403 /xmlrpc.php
</IfModule>

----------------------------------------------
2. To redirect requests for xmlrpc.php to a custom page, modify the RedirectMatch like so:

# protect xmlrpc
<IfModule mod_alias.c>
Redirect 301 /xmlrpc.php http://example.com/custom-page.php
</IfModule>

----------------------------------------------
3. Denying all access to xmlrpc.php:

# protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>

----------------------------------------------
4. Allow access to xmlrpc.php for specific IP addresses only.

# protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
Allow from <IP>
Allow from <IP>
</Files>

Postfix commands

View the postfix version :
#  postconf  mail_version
mail_version = 2.3.3

Check the postfix installation :
#  postfix check

Show default postfix values :
#  postconf -d

To show non default postfix values :
#  postconf -n

To restart postfix mail server  :

# postfix reload

Flush the mail queue :
#  postfix  flush
Or you can use:
#  postfix  -f

To see mail queue :
#  mailq
( in send mail sendmail -bp )
#  mailq | wc -l
(will give the total no of mails in queue )

To remove all mail from the queue :
#  postsuper -d ALL

To remove all mails in the deferred queue :
#  postsuper -d ALL deferred

To see the mails in a tree structure :
#  qshape

View the mail content :
#  postcat -q  AFD4A228 37C

You will get the above id from mailq . Or you can view the mails from postfix mail spool. Usually postfix will store the mails in /var/spool/postfix/active/ from this location also you can view the mails .  We can change the queue directory from the postfix conf.

Sort by from address :

#  mailq | awk ‘/^[0-9,A-F]/ {print $7}’ | sort | uniq -c | sort -n

To remove all mails sent by user@adminlogs.info from the queue :

#  mailq| grep ‘^[A-Z0-9]‘|grep user@adminlogs.info|cut -f1 -d’ ‘ |tr -d \*|postsuper -d -

To remove all mails being sent using the From address “user@adminlogs.info” :

#  mailq | awk ‘/^[0-9,A-F].*user@adminlogs.info / {print $1}’ | cut -d ‘!’ -f 1 | postsuper -d -

To remove all mails sent by the domain adminlogs.info from the queue :

#  mailq| grep ‘^[A-Z0-9]‘|grep @adminlogs.info|cut -f1 -d’ ‘ |tr -d \*|postsuper -d -

Opevz commands

OpenVz commands
Some of commonly used openvz commands

VZ Information To list all the running/stopped VPS in the node
vzlist -a

To list all the running VPS in the node
vzlist

To display the templates present in the server
vzpkgls

Creating a VPS To create a VPS with VEID 101 and ostemplate fedora-core-4 with vps.basic configuration
vzctl create 101 –ostemplate fedora-core-4 -.config vps.basic

Deleting a VPS To destroy a VPS with VEID 101
vzctl destroy 101

Configuring VPS (The changes are saved in /etc/vz/conf/<VEID>.conf) To automatically boot when a node is up
vzctl set 101 –onboot yes –save

To set hostname
vzctl set 101 –hostname test101.my.org –save

To add an IP address
vzctl set 101 –ipadd 10.0.186.1 –save

To delete an IP address
vzctl set 101 –ipdel 10.0.186.1 –save

To set the name servers
vzctl set 101 –nameserver 192.168.1.165 –save

To set the root password of VPS 101
vzctl set 101 –userpasswd root:password

To set shortname for VPS
vzctl set 101 –name test101 –save

Start/Stop/Restart VPS To start a VPS
vzctl start 101

To start a disabled VPS
vzctl start 101 –force

To stop a VPS
vzctl stop 101

To restart a VPS
vzctl restart 101

To know the status of a VPS
vzctl status 101

To get the details of the VPS like VEID, ClassID, number of processes inside each VPS and the IP addresses of VPS
cat /proc/vz/veinfo

To enter into a VPS 101
vzctl enter 101

To execute a command in VPS 101
vzctl exec 101 command — replace command with the command you need to execute
vzctl exec 101 df -h

Managing Disk Quotas To assign disk quotas – First limit is soft limit, second limit is hard limit
vzctl set 101 –diskspace 10485760 –save  ==>> for setting 10GB
OR
vzctl set 101 –diskspace 1048576 –save   ==>> for setting 1GB

To assign disk inodes
vzctl set 101 –diskinodes 90000:91000 –save

To check the disk quota of a VPS
vzquota stat 101 -t

Managing CPU quota To display the available CPU power
vzcpucheck

To set the number of CPUs available to a VPS
vzctl set 101 –cpus 2 –save

To set the minimum and maximum CPU limits
vzctl set 101 –cpuunits nnnn –cpulimit nn –save

(cpuunits is a an absolute number (fraction of power of the node) and cpulimit is taken as percentage)

Managing memory quota To display memory usage
vzmemcheck -v

To set kmem
vzctl set 101 –kmemsize 2211840:2359296 –save

To set privvmpages
vzctl set 101 –privvmpages 2G:2G –save

Other Commands To copy/clone a VPS
vzmlocal -C <source_VEID>:<desitnation_VEID>

To disable a VPS
vzctl set 101 –disabled yes

To enable a VPS
vzctl set 101 –disabled no

To suspend a VPS
vzctl suspend 101

To resume a VPS
vzctl resume 101

To run yum update on a VPS
vzyum 101 -y update

To install a package using yum on VPS
vzyum 101 -y install package

To install a package using rpm on VPS
vzrpm 101 -ivh package

Refer : http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf