Admins eHow SysAdmin Tips & Tricks

May 31, 2009

Wrap text in pre tag

Filed under: CSS,HTML — Tags: , , , , — admin @ 5:21 pm

use the following CSS code to wrap the lines in a pre html tag :

pre {
white-space: -moz-pre-wrap; /* Mozilla, supported since 1999 */
white-space: -pre-wrap; /* Opera 4 - 6 */
white-space: -o-pre-wrap; /* Opera 7 */
white-space: pre-wrap; /* CSS3 - Text module (Candidate Recommendation) http://www.w3.org/TR/css3-text/#white-space */
word-wrap: break-word; /* IE 5.5+ */
}

How to configure nginx + php5 + mysql on debian 5 lenny

Filed under: Debian,General,MySQL,Nginx,PHP — Tags: , , , , — admin @ 3:56 pm

1.Install PHP5
We will use dotdeb repo for installing the latest version of PHP5 and MySQL Server so first we need to configure apt to use dotdeb repo.
Edit /etc/apt/sources.list :

nano /etc/apt/sources.list

Add The following lines to end of it :

deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

Press CTRL+X Choose Yes to save the file and Exit.
update apt cache :

apt-get update

Now install PHP5 :

apt-get install php5-cgi php5-mysql

Now edit /etc/php5/cgi/php.ini :

nano /etc/php5/cgi/php.ini

and change cgi.fix_pathinfo to 1 :

cgi.fix_pathinfo = 1

Save File and Exit.
2. Install MySQL Server

apt-get install mysql-server

3. Install Lighttpd
We need to install lighttpd because Nginx does not come with a FastCGI package, and there isn’t a standalone package yet. So we are going to install Lighttpd, disable it, and use spawn-fcgi from the Lighttpd package.

apt-get install lighttpd
/etc/init.d/lighttpd stop
update-rc.d -f lighttpd remove

Also remove lighttpd executable file :

rm /usr/sbin/lighttpd

4. Setup spawn-fcgi
Since we are going to use spawn-fcgi to handle PHP, we need to set it up to start when our server starts and make an init script so that we can control the processes. For starters, create the init script:

nano /etc/init.d/php-fastcgi

and add the following code to it and save it:

#! /bin/sh
### BEGIN INIT INFO
# Provides:          php-fastcgi
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start and stop php-cgi in external FASTCGI mode
# Description:       Start and stop php-cgi in external FASTCGI mode
### END INIT INFO

# Author: Kurt Zankl <[EMAIL PROTECTED]>

# Do NOT "set -e"

PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="php-cgi in external FASTCGI mode"
NAME=php-fastcgi
DAEMON=/usr/bin/php-cgi
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
PHP_CONFIG_FILE=/etc/php5/cgi/php.ini

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

# If the daemon is not enabled, give the user a warning and then exit,
# unless we are stopping the daemon
if [ "$START" != "yes" -a "$1" != "stop" ]; then
log_warning_msg "To enable $NAME, edit /etc/default/$NAME and set START=yes"
exit 0
fi

# Process configuration
export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS
DAEMON_ARGS="-q -b $FCGI_HOST:$FCGI_PORT -c $PHP_CONFIG_FILE"

do_start()
{
# Return
#   0 if daemon has been started
#   1 if daemon was already running
#   2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
--background --make-pidfile --chuid $EXEC_AS_USER --startas $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}

do_stop()
{
# Return
#   0 if daemon has been stopped
#   1 if daemon was already stopped
#   2 if daemon could not be stopped
#   other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE > /dev/null # --name $DAEMON
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently.  A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac

There is no editing needed for the code above. Now we need to make it executable.

chmod +x /etc/init.d/php-fastcgi

Now we will create the configuration file for spawn-fcgi:

nano /etc/default/php-fastcgi

and add:

START=yes

# Which user runs PHP? (default: www-data)

EXEC_AS_USER=www-data

# Host and TCP port for FASTCGI-Listener (default: localhost:9000)

FCGI_HOST=localhost
FCGI_PORT=9000

# Environment variables, which are processed by PHP

PHP_FCGI_CHILDREN=4
PHP_FCGI_MAX_REQUESTS=1000

In this file, you can change the FCGI_PORT, PHP_FCGI_CHILDREN, and PHP_FCGI_MAX_REQUESTS. If you change the port, make sure to note what you change it to because we will need it for later. Now, we want to make sure that spawn-fcgi starts when the server starts:

update-rc.d php-fastcgi defaults
/etc/init.d/php-fastcgi restart

5. Install Nginx

apt-get install nginx

6. Configure Nginx and your default vhost
For help with configuring Nginx beyond just the default configuration, please refer to the Nginx Wiki. We are now going to configure the default vhost so that we can verify that PHP is working with Nginx.

nano /etc/nginx/sites-available/default

In the default vhost, change the following lines to look like this:

server_name _;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/nginx-default$fastcgi_script_name;
include fastcgi_params;
}

What we did here was changed the server_name to accept all incoming requests, uncommented the location stanza and defined where Nginx needs to look for spawn-fcgi. If you changed the port above in the /etc/default/php-fastcgi file, then you need to change the port on the fastcgi_pass line as well. On the line fastcgi_param SCRIPT_FILENAME /var/www/nginx-default$fastcgi_script_name;, you need to change /var/ww/nginx-default to match your web root. On the line include fastcgi_params; you need to add a space between the include and the fastcgi_params as there is a bug in the default configuration and that space was omitted. Once you save the default-vhost, you need to restart Nginx.

/etc/init.d/nginx restart

Now we will create an info.php file in your web root:

nano /var/www/nginx-default/info.php

Add the following code and save the file:

<? phpinfo(); ?>

Now in your web browser, pull up the newly created file (http://your-ip/info.php). You should see information about the version of PHP that you are running.

Note: When I installed Nginx, it did not start automatically, however it was setup to start when the server booted. I have heard stories of users having issues with Nginx starting automatically when the server boots. If Nginx does not start when you boot your server, run the following command which will make it start on boot:

update-rc.d nginx defaults

Enjoy!

Reference : ChrisJohnston.org

How to configure exim on debian

Filed under: Debian,General — Tags: , , , — admin @ 3:25 pm

exim is my favorite mailer daemon for debian , but you need to reconfigure it to act as a real internet mailer daemon. run the configuration by the following command :

dpkg-reconfigure exim4-config

May 20, 2009

How to reset photoshot settings to factory defaults

Filed under: General — Tags: , , , , — admin @ 2:28 pm

In order to reset PhotoShop CS3 settings to default , do the following steps :

1.Hold down 3 Keys all together : Ctrl +Alt + Shift
2.Right click on photoshop icon on your desktop or in start menu and choose “Open”
3.When photoshop starts , you will get a dialog which asks you if you want to delete your current settings
4.Click on YES.

it is done 🙂

May 18, 2009

Convert and Change MySQL Collation/Encoding to utf8

Filed under: General,MySQL — Tags: , , , , , , — admin @ 12:33 pm

This is simple , use the following command on mysql :

alter table TABLE_NAME convert to character set utf8 collate utf8_unicode_ci;

May 16, 2009

Guide to secure the server using DenyHosts

Filed under: CentOS,Debian,General,Security — Tags: , , , , — admin @ 9:20 am

One of the greatest tools I have found to secure the server from brute force attacks and keep your server out of the reach of hackers is DenyHosts.
What DenyHosts does is very simple , but very effective , it processes auth.log ( in Debian based distros ) or secure.log ( in Redhat based distros ) and finds unsuccessful login attempts through ssh and blocks the attacker through /etc/hosts.deny file.
also it has a central server which can synchronize all DenyHosts instances around the world , so if there is an attacker detected in US , it will be blocked in all of the world very fast ! but this option needs to be enabled in config file.
DenyHosts is an open source project and is available to download at sourceforge : http://denyhosts.sourceforge.net

As my favorite distro is Debian , I guide you how to install and use it on Debian. but steps are almost the same on CentOs.
DenyHosts is available through Debian repos so you can simply install it by :

apt-get install denyhosts

then you need to configure it , configuration file is located at /etc/denyhosts.conf
I suggest you to read the whole file and understand it , it worth’s the time. but in case you need a good working configuration, you can use mine :

SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 1w
PURGE_THRESHOLD = 2
BLOCK_SERVICE  = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES
LOCK_FILE = /var/run/denyhosts.pid
ADMIN_EMAIL = youremail@domain.com
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody@domain.com>
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
SYNC_INTERVAL = 1h
SYNC_UPLOAD = yes
SYNC_DOWNLOAD = yes
SYNC_DOWNLOAD_THRESHOLD = 3
SYNC_DOWNLOAD_RESILIENCY = 5h

Don’t Forget to set ADMIN_EMAIL and SMTP_FROM to your own emails.
One of the important steps that you should do is to add your own IP address to white list so it doesn’t get blocked.
to do this , open /var/lib/denyhosts/allowed-hosts file and enter your own IP in it.
if you have forgotten to do this and now you are blocked from server , you need to connect to server from another IP address and do the following steps :

1.Stop DenyHosts :

/etc/init.d/denyhosts stop

2.Remove the IP address from /etc/hosts.deny
3.Also you need to remove your IP address from any file located in /var/lib/denyhosts , first look which files contain your IP :

grep Your_IP *

The remove the IP from files using your favorite editor or method 😉

Edit : I have found a great solution to delete your IP from all files all at once.

sed -i '/Your IP/d' *

4.Consider adding the IP address to /var/lib/allowed-hosts
5.Start DenyHosts

May 13, 2009

How to block access to a file using .htaccess

Filed under: General,Security — Tags: , , , — admin @ 1:33 pm

If you have a file in your web directory which you want to keep secure , you can block the access to it by following lines in your .htaccess file:

<Files FILENAME>
deny from all
</Files>

May 12, 2009

Secure Your WebServer by Disabling Dangerous PHP Functions

Filed under: CentOS,cPanel,Debian,General,Security — Tags: , , , — admin @ 8:02 pm

In order to secure your web server you need to disable some php functions which may be used to hack your server.
open your php.ini file and search for “disable_functions” then replace it with following directive :

disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode"

after this step you need to restart apache server.
if you have cPanel installed on your server , you need to run the following command from SSH for cPanel work properly :

/scripts/makecpphp

it will make another instance of PHP for internal cPanel/WHM use.

Check Memory Usage in Linux

Filed under: CentOS,Debian,General — Tags: , — admin @ 5:39 pm

In order to check memory usage in Linux , there are several commands , but the most useful commands I have found are the following :

Check total memory usage :

# free -m
total       used       free     shared    buffers     cached
Mem:           512        490         21          0         16        160
-/+ buffers/cache:        314        197
Swap:         1023         76        947

what you are looking for is in front of “-/+ buffers/cache:” , in above example Total memory is 512MB , Used memory is 314MB and Free memory is 197MB.
it also shows the usage of Swap which is 76MB from 1023MB Total.

Check detailed processes memory usage :

# ps aux | awk '{print $4"\t"$11}' | sort | uniq -c | awk '{print $2" "$1" "$3}' | sort -nr
10.0 1 (squid)
2.7 1 python
1.5 1 /usr/sbin/pdns_recursor
1.3 1 sshd:
1.3 1 /usr/sbin/apache2
.........

This command is a little complex , we dont want to go into the details of command. we are only interested in the output.
The First column shows the percent of memory which this process is using , second column shows the number of instances of the process and the third column is the name of process. in the above example , process “squid” is using 10% of my server memory and python is using 2.7% of memory.

How to install a caching only dns server using powerdns on debian lenny

Filed under: Debian,General — Tags: , , , — admin @ 3:50 pm

I just noted my caching bind9 dns server is using 306MB of my precious memory ! what the hell is it doing !? go to hell bind !

/etc/init.d/bind9 stop
apt-get remove bind9

so I decided to install another caching dns server , after some research I found PowerDNS. it uses MySQL for storing its zones , but hopefully its caching component doesnt need mysql , so great , lets go and install it.
My favourite OS is debian lenny , so I ran the following command :

apt-get install pdns-recursor

WOW , it was very simple ! it is already working on localhost , but I needed it to listen on all IPs on my box and accept queries from everyone 😀 I wanted to serve public :p so I went to /etc/powerdns and opened “recursor.conf” file and made the following changes :

allow-from=
local-address=0.0.0.0

and restarted the service by :

/etc/init.d/pdns-recursor restart

it’s done 😀 now it is working as a public caching name server.

Older Posts »

Powered by WordPress