Wednesday 20 August 2014

Can't connect to socket. Maybe governor is not started- dbtop command error

Issue:
# dbtop
Can't connect to socket. Maybe governor is not started

Analysis:
Check error log for db governor /var/log/dbgovernor-error.log when running this command. I got below errors from log.
---------------------
Try to connect with options from dbgovernor config file
Try to connect with no password under root
Update your MySQL to CLL version from repo.cloudlinux.com. Current is 5.5.37-cll
Incorrect mysql version
Failed governor daemon, restart daemon
---------------------

 The db governor configuartion is looking for a different version of MySQL hence the issue. We need to correct the db governor configuartion with current MySQL version.

Fix:
Run the following commands:

# /usr/share/lve/dbgovernor/db-select-mysql --mysql-version=MYSQL_VERSION
# /usr/share/lve/dbgovernor/mysqlgovernor.py --install

Thats it!!

Sunday 17 August 2014

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock'

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
it is not the error bcoz when mysql deamon starts it 1st checks the /tmp/mysql.sock
if /tmp permission changes to other than 777 then the above error comes
i've faced the same error
when i checked /var/lib/mysql/ for mysql.sock it didn't found there it never happens when it is not found but if not found then try to create uor self command is

cd /var/lib/mysql
touch mysql.sock
chown mysql:mysql mysql.sock
chmod 1777 mysql.sock

now make a sym link into /tmp

ln -s /var/lib/mysql/mysql.sock /tmp
then
chmod 1777 /tmp

now
/scripts/mysqlup --force


now just restart mysql
/etc/rc.d/init.d/mysql restart

Saturday 2 August 2014

Mod security disable for an account

In cpanel follow the steps below:

mkdir -p /usr/local/apache/conf/userdata/std/2/<username>/<domain.com>
nano /usr/local/apache/conf/userdata/std/2/<username>/<domain.com>/mod_security.conf
Add the following code to mod_security.conf:
 <IfModule mod_security2.c>
 SecRuleEngine Off
 </IfModule>
/scripts/ensure_vhost_includes --user=username


Reference: http://forums.cpanel.net/f185/how-disable-mod_security2-rule-one-domain-73135.html

Find files which are above 1G in size

Find files which are above 1G in size

find /home/ -type f -size +1048576 -printf "%s:%h%f\n"

WordPress xmlrpc vulnerability

There are four ways that WP‘s XML-RPC API  could be abused by an attacker:

Intel gathering — attacker may probe for specific ports in the target’s internal network
Port scanning — attacker may port-scan hosts in the internal network
DoS attacks — attacker may pingback via large number of sites for DoS attack
Router hacking — attacker may reconfigure an internal router on the network

Possible workarounds:

1. If you aren’t using the XML-RPC functionality for anything, to protect against any vulnerabilities, add below lines .htaccess:

# protect xmlrpc
<IfModule mod_alias.c>
RedirectMatch 403 /xmlrpc.php
</IfModule>

----------------------------------------------
2. To redirect requests for xmlrpc.php to a custom page, modify the RedirectMatch like so:

# protect xmlrpc
<IfModule mod_alias.c>
Redirect 301 /xmlrpc.php http://example.com/custom-page.php
</IfModule>

----------------------------------------------
3. Denying all access to xmlrpc.php:

# protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
</Files>

----------------------------------------------
4. Allow access to xmlrpc.php for specific IP addresses only.

# protect xmlrpc
<Files xmlrpc.php>
Order Deny,Allow
Deny from all
Allow from <IP>
Allow from <IP>
</Files>

Thursday 31 July 2014

Postfix commands

View the postfix version :
#  postconf  mail_version
mail_version = 2.3.3
Check the postfix installation :
#  postfix check
Show default postfix values :
#  postconf -d
To show non default postfix values :
#  postconf -n
To restart postfix mail server  :
# postfix reload
Flush the mail queue :
#  postfix  flush
Or you can use:
#  postfix  -f
To see mail queue :
#  mailq
( in send mail sendmail -bp )
#  mailq | wc -l
(will give the total no of mails in queue )
To remove all mail from the queue :
#  postsuper -d ALL
To remove all mails in the deferred queue :
#  postsuper -d ALL deferred
To see the mails in a tree structure :
#  qshape
View the mail content :
#  postcat -q  AFD4A228 37C
You will get the above id from mailq . Or you can view the mails from postfix mail spool. Usually postfix will store the mails in /var/spool/postfix/active/ from this location also you can view the mails .  We can change the queue directory from the postfix conf.
Sort by from address :
#  mailq | awk ‘/^[0-9,A-F]/ {print $7}’ | sort | uniq -c | sort -n
To remove all mails sent by user@adminlogs.info from the queue :
#  mailq| grep ‘^[A-Z0-9]‘|grep user@adminlogs.info|cut -f1 -d’ ‘ |tr -d \*|postsuper -d -
To remove all mails being sent using the From address “user@adminlogs.info” :
#  mailq | awk ‘/^[0-9,A-F].*user@adminlogs.info / {print $1}’ | cut -d ‘!’ -f 1 | postsuper -d -
To remove all mails sent by the domain adminlogs.info from the queue :
#  mailq| grep ‘^[A-Z0-9]‘|grep @adminlogs.info|cut -f1 -d’ ‘ |tr -d \*|postsuper -d -

Opevz commands

OpenVz commands
Some of commonly used openvz commands
VZ Information To list all the running/stopped VPS in the node
vzlist -a
To list all the running VPS in the node
vzlist
To display the templates present in the server
vzpkgls
Creating a VPS To create a VPS with VEID 101 and ostemplate fedora-core-4 with vps.basic configuration
vzctl create 101 –ostemplate fedora-core-4 -.config vps.basic
Deleting a VPS To destroy a VPS with VEID 101
vzctl destroy 101
Configuring VPS (The changes are saved in /etc/vz/conf/<VEID>.conf) To automatically boot when a node is up
vzctl set 101 –onboot yes –save
To set hostname
vzctl set 101 –hostname test101.my.org –save
To add an IP address
vzctl set 101 –ipadd 10.0.186.1 –save
To delete an IP address
vzctl set 101 –ipdel 10.0.186.1 –save
To set the name servers
vzctl set 101 –nameserver 192.168.1.165 –save
To set the root password of VPS 101
vzctl set 101 –userpasswd root:password
To set shortname for VPS
vzctl set 101 –name test101 –save
Start/Stop/Restart VPS To start a VPS
vzctl start 101
To start a disabled VPS
vzctl start 101 –force
To stop a VPS
vzctl stop 101
To restart a VPS
vzctl restart 101
To know the status of a VPS
vzctl status 101
To get the details of the VPS like VEID, ClassID, number of processes inside each VPS and the IP addresses of VPS
cat /proc/vz/veinfo
To enter into a VPS 101
vzctl enter 101
To execute a command in VPS 101
vzctl exec 101 command — replace command with the command you need to execute
vzctl exec 101 df -h
Managing Disk Quotas To assign disk quotas – First limit is soft limit, second limit is hard limit
vzctl set 101 –diskspace 10485760 –save  ==>> for setting 10GB
OR
vzctl set 101 –diskspace 1048576 –save   ==>> for setting 1GB
To assign disk inodes
vzctl set 101 –diskinodes 90000:91000 –save
To check the disk quota of a VPS
vzquota stat 101 -t
Managing CPU quota To display the available CPU power
vzcpucheck
To set the number of CPUs available to a VPS
vzctl set 101 –cpus 2 –save
To set the minimum and maximum CPU limits
vzctl set 101 –cpuunits nnnn –cpulimit nn –save
(cpuunits is a an absolute number (fraction of power of the node) and cpulimit is taken as percentage)
Managing memory quota To display memory usage
vzmemcheck -v
To set kmem
vzctl set 101 –kmemsize 2211840:2359296 –save
To set privvmpages
vzctl set 101 –privvmpages 2G:2G –save
Other Commands To copy/clone a VPS
vzmlocal -C <source_VEID>:<desitnation_VEID>
To disable a VPS
vzctl set 101 –disabled yes
To enable a VPS
vzctl set 101 –disabled no
To suspend a VPS
vzctl suspend 101
To resume a VPS
vzctl resume 101
To run yum update on a VPS
vzyum 101 -y update
To install a package using yum on VPS
vzyum 101 -y install package
To install a package using rpm on VPS
vzrpm 101 -ivh package
Refer : http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf