The issue is mainly occurring due to the absence of some code. To fix this issue, do the following:
"cd" into the corresponding directory of phpBB.
Create a file "addform.html" with the following content:
Change the ownerwship of the file according to the need (ie. cpanel -> username:nobody).
Take a backup of the file "includes/template.php"
In the 265 line of ./includes/template.php you can fine the following code:
$str = implode("", @file($filename));
if (empty($str))
{
die("Template->loadfile(): File $filename for handle $handle is empty");
}
Add the following code below it:
if(basename($filename) === 'posting_body.tpl')
{
$str = str_replace('', '
• Add image to post', $str);
}
This will add the image upload facility in the phpBB posts.
Wednesday 10 December 2008
How to Change Your FTP Port
Lately FTP has been a problem for a lot of hosting providers. Especially since the recent influx of Gumblar-related attacks and FTP exploits, some hosting providers are now considering changing their FTP ports as an added measure of security. If you’re on a cPanel server you have a couple extra steps to go through, but it’s a rather easy change.
1) Edit /etc/pure-ftpd.conf and look for the following line:
Where is a publically routable IP. The default example, 127.0.0.1, will cause the socket to bind locally but then this connection won’t serve externally. is the new port you wish to put the service on.
2) If necessary, add the new FTP port to your server’s firewall
3) Edit /etc/chkserv.d/ftpd and change the port, which is the first comma-separated entry to the right of ‘=’ on the line in the file, to match the port you put the service on.
Finally:
Edit /etc/proftpd.conf and change:
Then make sure to test to make sure FTP is working before notifying your users!
Pure-FTP
1) Edit /etc/pure-ftpd.conf and look for the following line:
Bind Where is a publically routable IP. The default example, 127.0.0.1, will cause the socket to bind locally but then this connection won’t serve externally. is the new port you wish to put the service on.
2) If necessary, add the new FTP port to your server’s firewall
3) Edit /etc/chkserv.d/ftpd and change the port, which is the first comma-separated entry to the right of ‘=’ on the line in the file, to match the port you put the service on.
Finally:
/etc/init.d/pure-ftpd restart
/etc/init.d/cpanel restart (restarts tailwatchd/chkservd)
ProFTP
Edit /etc/proftpd.conf and change:
Port 21Then make sure to test to make sure FTP is working before notifying your users!
Monday 10 November 2008
aquota.user: Permission denied
This error has been bugging me for over a year now:
This generally occurs when performing any function where the quota system is being modified, such as changing an account’s quota, suspending/unsuspended an account, or running one of cPanel’s quota scripts. First, check the permissions of /aquota.user (or the actual quota file being referenced in the error):
It should ideally return this output:
If you see an ‘i’ in there though, it means that for some reason the quota file has been made immutable, and therefore cannot be modified by the system. You can remove the immutable flag by running:
That should correct the problem, and allow you to proceed with the account function you were trying to perform.
touch: cannot touch `/aquota.user': Permission deniedThis generally occurs when performing any function where the quota system is being modified, such as changing an account’s quota, suspending/unsuspended an account, or running one of cPanel’s quota scripts. First, check the permissions of /aquota.user (or the actual quota file being referenced in the error):
lsattr /aquota.user
It should ideally return this output:
------------- /aquota.userIf you see an ‘i’ in there though, it means that for some reason the quota file has been made immutable, and therefore cannot be modified by the system. You can remove the immutable flag by running:
chattr -ia /aquota.user
That should correct the problem, and allow you to proceed with the account function you were trying to perform.
Monday 13 October 2008
How to block emails from a specific address using Exim
This is fairly easy to achieve with Exim.
First you’ll need to find the system filter file for Exim. This can be found out through WHM >> Main >> Service Configuration >> Exim Configuration Editor.
Towards the middle of the page, under the section ‘Filters’ , you ‘ll find the path to the file.
Open that file via SSH using your favorite editor and add the following to it :
If you would like a copy of the email to be sent to you after the message fails, use the following code :
Make sure that you substitute the correct email addresses in the above code.
First you’ll need to find the system filter file for Exim. This can be found out through WHM >> Main >> Service Configuration >> Exim Configuration Editor.
Towards the middle of the page, under the section ‘Filters’ , you ‘ll find the path to the file.
Open that file via SSH using your favorite editor and add the following to it :
if first_delivery
and ( (”$h_from:” contains “emailtoblock@domainname.com”)
)
then fail
endif
If you would like a copy of the email to be sent to you after the message fails, use the following code :
if first_delivery
and ( (”$h_from:” contains “emailtoblock@domainname.com”)
)
then
unseen deliver “youremail@yourdomainname.com”
fail
endif
Make sure that you substitute the correct email addresses in the above code.
Monday 22 September 2008
FTP error 530 Login incorrect
First of all check which FTP is using the Cpanel proftpd or pureftpd
If it is using the proftpd, do the folowing to fix the 530 error
1. First of all try the /scripts/ftpupdate
2. grep /etc/proftpd/passwd.vhosts (here is the domain username)
3. If it is not present there then grep /etc/proftpd/
4. Check details and cat >> /etc/proftpd/passwd.vhosts
5. Paste the main ftp account details in this file
6. /scripts/restartsrv_ftpserver
Note: please be careful in doing it. If you have specified cat > /etc/proftpd/passwd.vhosts, it w
ill overwrite the whole content.
If it is pureftpd:
Do the above 6 steps
7. Sometimes you need to rum "/usr/sbin/pure-uploadscript -B -r /usr/local/bin/ftpfilter" also
If it is using the proftpd, do the folowing to fix the 530 error
1. First of all try the /scripts/ftpupdate
2. grep /etc/proftpd/passwd.vhosts (here is the domain username)
3. If it is not present there then grep /etc/proftpd/
4. Check details and cat >> /etc/proftpd/passwd.vhosts
5. Paste the main ftp account details in this file
6. /scripts/restartsrv_ftpserver
Note: please be careful in doing it. If you have specified cat > /etc/proftpd/passwd.vhosts, it w
ill overwrite the whole content.
If it is pureftpd:
Do the above 6 steps
7. Sometimes you need to rum "/usr/sbin/pure-uploadscript -B -r /usr/local/bin/ftpfilter" also
Saturday 20 September 2008
Installing MySQL from Source
Get the source code
and if you want some more engines
Then:
path could also be:
Also run :
/usr/local/bin/mysql_install_db /usr/local/bin/mysqld_safe &
Dont forget to change the admin password :
mysqladmin -u root -p password 'new-password'
On Linux/CentOS/RedHat :
1. Copy mysql.server.sh from the src directory /support-files to /etc/init.d and rename it to mysqld 2. Enter it into the startup scripts :
chkconfig –add mysqld chkconfig mysqld on
3. Edit the /etc/init.d/mysqld script so that the correct parameters (basedir , datadir, etc) are filled in and run the script to test it
4. Start and stop the service with : service mysqld stop service mysqld start
tar -xzf mysql-5.0.XX.tar.gz
% cd mysql-5.0*
% ./configure
--enable-thread-safe-client
--with-big-tables
--with-fast-mutexes
--with-extra-charsets=all
--with-innodb
and if you want some more engines
--with-archive-storage-engine
--with-blackhole-storage-engine
--with-csv-storage-engine
--with-example-storage-engine
--with-federated-storage-engine
% make
% make install
Then:
chown -R mysql /usr/local/mysql/var
chmod -R 755 /usr/local/mysql/var
path could also be:
chown -R mysql /usr/local/var/
chmod -R 755 /usr/local/var
Also run :
/usr/local/bin/mysql_install_db /usr/local/bin/mysqld_safe &
Dont forget to change the admin password :
mysqladmin -u root -p password 'new-password'
On Linux/CentOS/RedHat :
1. Copy mysql.server.sh from the src directory /support-files to /etc/init.d and rename it to mysqld 2. Enter it into the startup scripts :
chkconfig –add mysqld chkconfig mysqld on
3. Edit the /etc/init.d/mysqld script so that the correct parameters (basedir , datadir, etc) are filled in and run the script to test it
4. Start and stop the service with : service mysqld stop service mysqld start
Wednesday 10 September 2008
Setting Google site map generator script for domain
You can setup the Google sitemap generator script in the domain using the help of following URL:
The config.xml file should be edited according to the need of the customer domain. All steps are
specified in the URL. The python version should be 2.2 or above.
https://www.google.com/webmasters/tools/docs/en/sitemap-generator.html
The config.xml file should be edited according to the need of the customer domain. All steps are
specified in the URL. The python version should be 2.2 or above.
https://www.google.com/webmasters/tools/docs/en/sitemap-generator.html
Thursday 28 August 2008
How to Fix PHPMyAdmin 403 Forbidden Error
If you have installed phpMyAdmin in your linux server (centos/RHEL/debian), and tried to access phpMyAdmin in most cases you will get this 403 forbidden error. I have seen this issue very often if you are installing phpmyadmin using yum or by apt-get. By default phpmyadmin installed path is /usr/share/phpmyadmin and the apache configuration file is located in /etc/httpd/conf.d/phpmyadmin.conf
Wednesday 13 August 2008
Spamd child process causing high server load
Sunday 10 August 2008
Wordpress admin login issue -due to siteurl
During the wordpress installation, customers set the Site URL as http://www.domainName/wordpress. But in the configuration file (or wordpress folder) it will be "WordPress". Due to this customer can't login wordpress admin using http://www.domaName/WordPress/wp-login.php.
Fix: In that case you need to modify the wordpress database table entry.
Use the word press database and the following update:
select * from wp_options where option_name="siteurl"G;
update wp_options set option_value="http://www.domainName/WordPress" where option_name="siteurl";
Note: Replace the domainName by corresponding domain name. The wordpress prefix wp_ will change a
ccording to the situation.
Fix: In that case you need to modify the wordpress database table entry.
Use the word press database and the following update:
select * from wp_options where option_name="siteurl"G;
update wp_options set option_value="http://www.domainName/WordPress" where option_name="siteurl";
Note: Replace the domainName by corresponding domain name. The wordpress prefix wp_ will change a
ccording to the situation.
Perl mail script
#!/usr/bin/perl
# This is a simple script to test sendmail.
# Replace "me" with a from address and "mydom.com" with the #sending domain.
# Replace "you" with a username to send to and "yourdom.com" #with the recipient's domain name.
# Upload this to the public_html folder as mailtest.pl and CHMOD it to 755
print "Content-type: text/plainnn";
unless(open (MAIL, "|/usr/sbin/sendmail -t")) {
print "error.n";
warn "Error starting sendmail: $!";
}
else{
print MAIL "From: me@mydom.comn";
print MAIL "To: you@yourdom.comn";
print MAIL "Subject: test subjectnn";
print MAIL "Perl Sendmail is working, please check your code.";
close(MAIL) || warn "Error closing mail: $!";
print "Mail sent.n";
}
# This is a simple script to test sendmail.
# Replace "me" with a from address and "mydom.com" with the #sending domain.
# Replace "you" with a username to send to and "yourdom.com" #with the recipient's domain name.
# Upload this to the public_html folder as mailtest.pl and CHMOD it to 755
print "Content-type: text/plainnn";
unless(open (MAIL, "|/usr/sbin/sendmail -t")) {
print "error.n";
warn "Error starting sendmail: $!";
}
else{
print MAIL "From: me@mydom.comn";
print MAIL "To: you@yourdom.comn";
print MAIL "Subject: test subjectnn";
print MAIL "Perl Sendmail is working, please check your code.";
close(MAIL) || warn "Error closing mail: $!";
print "Mail sent.n";
}
Monday 14 July 2008
Awstats full year view error
Error will be look like in following way: Full year view has not been allowed from a browser Setu
p ('/home/domain/etc/awstats/awstats.domain.com.conf' file, web server or permissions) may be wron
g. Check config file, permissions and AWStats documentation (in 'docs' directory).
1. Edit "AllowFullYearView" option in the /home/domain/etc/awstats/awstats.domain.com.conf
2. To view the full year, the option should be "AllowFullYearView=3".
p ('/home/domain/etc/awstats/awstats.domain.com.conf' file, web server or permissions) may be wron
g. Check config file, permissions and AWStats documentation (in 'docs' directory).
1. Edit "AllowFullYearView" option in the /home/domain/etc/awstats/awstats.domain.com.conf
2. To view the full year, the option should be "AllowFullYearView=3".
Saturday 12 July 2008
Space full on device
Whenever you start Apache, it keeps crashing with error “semget: No space left on device”.
# tail /etc/httpd/logs/error_log
semget: No space left on device
semget: No space left on device
[Wed Sep 12 10:54:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 10:56:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 10:58:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 11:00:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
If you have similar problem as mine above + if your disk space is nowhere near/above 100% + /var/messages and /usr/local/apache/logs/error_log shows no clue about this problem + any files in /etc/httpd/logs/ and /etc/httpd/domlogs nowhere near/above 2GB in size, its most probably semaphore problem. Use the following script to cure your Apache.
#!/bin/bash
ipcs -s | grep nobody | perl -e ‘while () {
@a=split(/s+/); print `ipcrm sem $a[1]`}’
/scripts/restartsrv httpd
Script how to:
- SSH as root to your CPanel server
- Go to root dir
# cd /root
- Create a httpdsemclean.sh blank file
# pico httpdsemclean.sh
- Write above script
- Save
Ctrl + O
- Exit pico
Ctrl + X
- Chmod httpdsemclean.sh to 777
# chmod 777 httpdsemclean.sh
- Execute the script
./httpdsemclean.sh
If all goes fine, you’ll see something like this:
…
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
Waiting for httpd to restart…………..finished.
httpd started ok
Do this at your own risk, we do not guarantee this will work on all CPanel servers
# tail /etc/httpd/logs/error_log
semget: No space left on device
semget: No space left on device
[Wed Sep 12 10:54:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 10:56:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 10:58:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
[Wed Sep 12 11:00:27 2007] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten
– Unclean shutdown of previous Apache run? semget: No space left on device
If you have similar problem as mine above + if your disk space is nowhere near/above 100% + /var/messages and /usr/local/apache/logs/error_log shows no clue about this problem + any files in /etc/httpd/logs/ and /etc/httpd/domlogs nowhere near/above 2GB in size, its most probably semaphore problem. Use the following script to cure your Apache.
#!/bin/bash
ipcs -s | grep nobody | perl -e ‘while () {
@a=split(/s+/); print `ipcrm sem $a[1]`}’
/scripts/restartsrv httpd
Script how to:
- SSH as root to your CPanel server
- Go to root dir
# cd /root
- Create a httpdsemclean.sh blank file
# pico httpdsemclean.sh
- Write above script
- Save
Ctrl + O
- Exit pico
Ctrl + X
- Chmod httpdsemclean.sh to 777
# chmod 777 httpdsemclean.sh
- Execute the script
./httpdsemclean.sh
If all goes fine, you’ll see something like this:
…
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
resource(s) deleted
Waiting for httpd to restart…………..finished.
httpd started ok
Do this at your own risk, we do not guarantee this will work on all CPanel servers
Thursday 10 July 2008
How to find the PostgreSQL database size
PostgreSQL is a powerful, open source relational database system. It has more than 15 years of active development and a proven architecture that has earned it a strong reputation for reliability, data integrity, and correctness.
If you want to find the size of a database, in our example the sqview database, please tape:
sqview-# SELECT pg_database_size(’sqview’);
pg_database_size
——————
111415944
(1 ligne)
The result in octal, for a pretty print we will use the pg_size_pretty function which converts the size in bytes to human understandable format.
sqview-# SELECT pg_size_pretty(pg_database_size(’sqview’));
pg_size_pretty
—————-
106 MB
(1 ligne)
Well if we need to get the size of all databases
sqview-# SELECT pg_database.datname, pg_size_pretty(pg_database_size(pg_database.datname)) AS size FROM pg_database;
datname | size
———–+———
postgres | 3537 kB
template1 | 3537 kB
template0 | 3480 kB
freedom | 25 MB
anakeen | 6081 kB
sqview | 106 MB
rt | 8201 kB
(7 lignes)
PostgreSQL can also give the size of a table ‘users’ like this
sqview-# SELECT pg_size_pretty(pg_relation_size(‘users’));
pg_size_pretty
—————-
64 kB
(1 ligne)
This value exclude indexes and some auxiliary data.
If you want to include them use pg_total_relation_size instead of pg_relation_size as shown below.
sqview-# SELECT pg_size_pretty(pg_total_relation_size(‘users’));
pg_size_pretty
—————-
152 kB
(1 ligne)
to find the largest table in the postgreSQL database.
sqview-# SELECT relname, relpages FROM pg_class ORDER BY relpages DESC limit 1;
relname | relpages
———+———-
sqview | 9666
(1 ligne)
Tuesday 17 June 2008
Fix for Filezilla Failing to Retrieve Directory Listing
I use Filezilla FTP client to manage files on many servers. I had a specific Filezilla client that refused to retrieve a directory listing. Other computers could connect to the same server just fine. Thusly I knew it was a client configuration problem.
I ended up with messages like this:
Response: 200 PORT command successful. Consider using PASV.
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing
I ran the Filezilla configuration wizard to diagnose the problem. The configuration wizard utility ran for a while reporting success until the very end. After timing out, I received the following messages:
Response: 200 PORT command successful
LIST
Response: 150 opening data connection
Response: 503 Failure of data connection.
Server sent invalid reply.
Connection closed
Searching the Internet led to not so helpful posts such as "Please read the Network Configuration guide.". After analyzing the situation, it turns out the solution isn't so obvious. My Client had the default setting of Connection -> FTP -> Active Mode: Get External IP Address From This URL. Which pointed to http://ip.filezilla-project.org/ip.php . This is the source of the problem. If you go to that URL, you will probably get a result of 127.0.0.1. If the Filezilla client needs the external address, and is given 127.0.0.1, then there will be problems indeed!
If you have a similar problem with Filezilla, and the problem persists even when the Windows Firewall is disabled, here is what you need to do:
Open Filezilla, go to Edit -> Settings
Click on Connection -> FTP: Choose Active
Click on Connection -> FTP -> Active Mode: Select "Ask your operating system for the external IP address"
Click on Connection -> FTP -> Passive Mode: Choose Fall Back to Active Mode
Press OK.
Try connecting to your FTP site once again. Works!
Update: In some cases, and for reasons unknown, Filezilla just won't work. I have found that coreFTP is a nice FTP program that is free Windows software which includes the client FTP features you need. Features like SFTP (SSH), SSL, TLS, IDN, browser integration, site to site transfers, FTP transfer resume, drag and drop support, file viewing & editing, firewall support, custom commands, FTP URL parsing, command line transfers, filters, and much, much more!
If Filezilla still does not work for you after you follow the steps above, then install coreFTP and it will work just fine.
I ended up with messages like this:
Response: 200 PORT command successful. Consider using PASV.
Command: LIST
Error: Connection timed out
Error: Failed to retrieve directory listing
I ran the Filezilla configuration wizard to diagnose the problem. The configuration wizard utility ran for a while reporting success until the very end. After timing out, I received the following messages:
Response: 200 PORT command successful
LIST
Response: 150 opening data connection
Response: 503 Failure of data connection.
Server sent invalid reply.
Connection closed
Searching the Internet led to not so helpful posts such as "Please read the Network Configuration guide.". After analyzing the situation, it turns out the solution isn't so obvious. My Client had the default setting of Connection -> FTP -> Active Mode: Get External IP Address From This URL. Which pointed to http://ip.filezilla-project.org/ip.php . This is the source of the problem. If you go to that URL, you will probably get a result of 127.0.0.1. If the Filezilla client needs the external address, and is given 127.0.0.1, then there will be problems indeed!
If you have a similar problem with Filezilla, and the problem persists even when the Windows Firewall is disabled, here is what you need to do:
Open Filezilla, go to Edit -> Settings
Click on Connection -> FTP: Choose Active
Click on Connection -> FTP -> Active Mode: Select "Ask your operating system for the external IP address"
Click on Connection -> FTP -> Passive Mode: Choose Fall Back to Active Mode
Press OK.
Try connecting to your FTP site once again. Works!
Update: In some cases, and for reasons unknown, Filezilla just won't work. I have found that coreFTP is a nice FTP program that is free Windows software which includes the client FTP features you need. Features like SFTP (SSH), SSL, TLS, IDN, browser integration, site to site transfers, FTP transfer resume, drag and drop support, file viewing & editing, firewall support, custom commands, FTP URL parsing, command line transfers, filters, and much, much more!
If Filezilla still does not work for you after you follow the steps above, then install coreFTP and it will work just fine.
Friday 13 June 2008
MySQL ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)
The other day I got this error on one of our servers. Fantastico module in cpanel was showing the error: Unable to connect to mysql database. While mysql service was running fine, the root user was unable to login to mysql database. I initially tried to reset the mysql root password like http://rhcelinuxguide.wordpress.com/2008/08/08/reset-mysql-root-password/ but that did not help. The real issue was permission on the folder /var/lib/mysql/mysql . It is supposed to be 711 , while it was 751. That fixed it.
==================================================================
root@server1 [~]# mysql
ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)
root@server1 [~]#
root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql
drwxr-x–x 179 mysql mysql 12K Aug 25 01:44 /var/lib/mysql/
root@server1 [/var/lib/mysql/mysql]# chmod 711 /var/lib/mysql/mysql
root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql/mysql
drwx–x–x 2 mysql mysql 4.0K Aug 25 01:32 /var/lib/mysql/mysql/
root@server1 [/var/lib/mysql/mysql]# service mysql restart
Shutting down MySQL..
[ OK ]
Starting MySQL [ OK ]
root@server1 [/var/lib/mysql/mysql]# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1
Server version: 5.0.51a-community MySQL Community Edition (GPL)Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.
mysql> quit
Cheers!!
==================================================================
root@server1 [~]# mysql
ERROR 1045 (28000): Access denied for user ‘root’@'localhost’ (using password: YES)
root@server1 [~]#
root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql
drwxr-x–x 179 mysql mysql 12K Aug 25 01:44 /var/lib/mysql/
root@server1 [/var/lib/mysql/mysql]# chmod 711 /var/lib/mysql/mysql
root@server1 [/var/lib/mysql/mysql]# ls -lhd /var/lib/mysql/mysql
drwx–x–x 2 mysql mysql 4.0K Aug 25 01:32 /var/lib/mysql/mysql/
root@server1 [/var/lib/mysql/mysql]# service mysql restart
Shutting down MySQL..
[ OK ]
Starting MySQL [ OK ]
root@server1 [/var/lib/mysql/mysql]# mysql
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1
Server version: 5.0.51a-community MySQL Community Edition (GPL)Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.
mysql> quit
Cheers!!
Monday 12 May 2008
500: [warn] Directory / is not owned by username
If your site is getting a 500 error, you’ll want to check Apache’s error_log at /usr/local/apache/logs/error_log.
If you see the following error, you’ll want to check the ownership of “/” to ensure it’s owned by root:root, and not a user on your server.
[Mon May 13 2:26:47 2008] [warn] Directory / is not owned by rrsdd
Let’s check the ownership:
# stat /
File: `/'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 1bh/27d Inode: 99717474 Links: 26
Access: (0755/drwxr-xr-x) Uid: ( 535/ cpus123) Gid: ( 0/ cpus123)
This shows that the / folder is owned by “cpus123? which is incorrect, and you’ll want to change the ownership to root:root.
#chown root:root /
Now let’s verify:
# stat /
File: `/'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 17h/23d Inode: 917505 Links: 25
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
If you see the following error, you’ll want to check the ownership of “/” to ensure it’s owned by root:root, and not a user on your server.
[Mon May 13 2:26:47 2008] [warn] Directory / is not owned by rrsdd
Let’s check the ownership:
# stat /
File: `/'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 1bh/27d Inode: 99717474 Links: 26
Access: (0755/drwxr-xr-x) Uid: ( 535/ cpus123) Gid: ( 0/ cpus123)
This shows that the / folder is owned by “cpus123? which is incorrect, and you’ll want to change the ownership to root:root.
#chown root:root /
Now let’s verify:
# stat /
File: `/'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 17h/23d Inode: 917505 Links: 25
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Saturday 10 May 2008
Reseting Plesk admin Password
Reset Plesk’s admin password on windows Server :
Login to windows server via RDP as a administrator, then open command prompt and run following co
mmands :
C:Program FilesSWsoftPleskadminbinplesksrvclient.exe (according to plesk location)
or
cd %plesk_dir%
cd adminbin
Execute this "plesksrvclient.exe", you will be prompted to enter the new password for your “admin
” plesk user.
You can then log into the plesk interface again and use as normal.
Reset Plesk’s admin password on LInux Server :
Login to Linux server as root, and run following commands :
cd /usr/local/psa/admin/bin
export PSA_PASSWORD='newpassword'
echo $PSA_PASSWORD
./ch_admin_passwd
export PSA_PASSWORD=
cat /etc/psa/.psa.shadow
Login to windows server via RDP as a administrator, then open command prompt and run following co
mmands :
C:Program FilesSWsoftPleskadminbinplesksrvclient.exe (according to plesk location)
or
cd %plesk_dir%
cd adminbin
Execute this "plesksrvclient.exe", you will be prompted to enter the new password for your “admin
” plesk user.
You can then log into the plesk interface again and use as normal.
Reset Plesk’s admin password on LInux Server :
Login to Linux server as root, and run following commands :
cd /usr/local/psa/admin/bin
export PSA_PASSWORD='newpassword'
echo $PSA_PASSWORD
./ch_admin_passwd
export PSA_PASSWORD=
cat /etc/psa/.psa.shadow
Sunday 20 April 2008
Command Reference
Command Reference for IPCONFIG MS-DOS Command
Ipconfig is a MS-DOS command-line tool used to display and manage the network settings of your computer. Ipconfig is available on Windows machines, and it displays the current network connection details and DHCP client settings.
Ipconfig is an external MS-DOS command, and is available on Windows 95, Windows 98, ME, NT, 2000, XP and Windows Vista Operating Systems. On Windows 9x machines, a graphical tools such as "winipconfig" or "winipcfg" may be used instead. On Linux machine, the ifconfig command performs equivalent function.
C:> ipconfig /?
USAGE:
ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] ]
where
adapter Connection name
(wildcard characters * and ? allowed, see examples)
Options:
/? Display this help message
/all Display full configuration information.
/release Release the IP address for the specified adapter.
/renew Renew the IP address for the specified adapter.
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
/displaydns Display the contents of the DNS Resolver Cache.
/showclassid Displays all the dhcp class IDs allowed for adapter.
/setclassid Modifies the dhcp class id.
The default is to display only the IP address, subnet mask and
default gateway for each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address
leases for all adapters bound to TCP/IP will be released or renewed.
For Setclassid, if no ClassId is specified, then the ClassId is removed.
Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"
C:>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : topwebhosts
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless LAN 2100 3B Mi
ni PCI Adapter
Physical Address. . . . . . . . . : 00-0C-F1-65-5B-70
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Thursday, February 08, 2007 2:27:17
PM
Lease Expires . . . . . . . . . . : Thursday, February 15, 2007 2:27:17
PM
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Mobile Connecti
on
Physical Address. . . . . . . . . : 00-0D-60-FB-4E-E9
To learn the names of ethernet adapters that you can optionally specify with "ipconfig" command, you may simply type ipconfig command by itself. The command output displays all adapters by name that are available on your computer: e.g. "Local Area Connection", "Wireless Network Connection".
Ipconfig command is most often used to diagnose network problem on a Windows machine. If you're using DHCP, you may try releasing and renewing IP address by performing "ipconfig /release" and "ipconfig /renew" commands shown below.
C:> ipconfig /release
Windows IP Configuration
No operation can be performed on Local Area Connection while it has its media di
sconnected.
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
C:> ipconfig /renew
Windows IP Configuration
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
To workaround DNS caching issue, you may perform "ipconfig /flushdns" to clear DNS cache value on your computer. DNS uses TTL (Time-To-Live) value which let the intermediate name servers to cache DNS information. If you changed your DNS settings, and your computer doesn't see the change immediately, you may perform "ipconfig /flushdns" to clear the DNS cache.
C:> ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
Ipconfig is a MS-DOS command-line tool used to display and manage the network settings of your computer. Ipconfig is available on Windows machines, and it displays the current network connection details and DHCP client settings.
Ipconfig is an external MS-DOS command, and is available on Windows 95, Windows 98, ME, NT, 2000, XP and Windows Vista Operating Systems. On Windows 9x machines, a graphical tools such as "winipconfig" or "winipcfg" may be used instead. On Linux machine, the ifconfig command performs equivalent function.
C:> ipconfig /?
USAGE:
ipconfig [/? | /all | /renew [adapter] | /release [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] ]
where
adapter Connection name
(wildcard characters * and ? allowed, see examples)
Options:
/? Display this help message
/all Display full configuration information.
/release Release the IP address for the specified adapter.
/renew Renew the IP address for the specified adapter.
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
/displaydns Display the contents of the DNS Resolver Cache.
/showclassid Displays all the dhcp class IDs allowed for adapter.
/setclassid Modifies the dhcp class id.
The default is to display only the IP address, subnet mask and
default gateway for each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address
leases for all adapters bound to TCP/IP will be released or renewed.
For Setclassid, if no ClassId is specified, then the ClassId is removed.
Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"
C:>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : topwebhosts
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless LAN 2100 3B Mi
ni PCI Adapter
Physical Address. . . . . . . . . : 00-0C-F1-65-5B-70
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Thursday, February 08, 2007 2:27:17
PM
Lease Expires . . . . . . . . . . : Thursday, February 15, 2007 2:27:17
PM
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Mobile Connecti
on
Physical Address. . . . . . . . . : 00-0D-60-FB-4E-E9
To learn the names of ethernet adapters that you can optionally specify with "ipconfig" command, you may simply type ipconfig command by itself. The command output displays all adapters by name that are available on your computer: e.g. "Local Area Connection", "Wireless Network Connection".
Ipconfig command is most often used to diagnose network problem on a Windows machine. If you're using DHCP, you may try releasing and renewing IP address by performing "ipconfig /release" and "ipconfig /renew" commands shown below.
C:> ipconfig /release
Windows IP Configuration
No operation can be performed on Local Area Connection while it has its media di
sconnected.
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
C:> ipconfig /renew
Windows IP Configuration
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
To workaround DNS caching issue, you may perform "ipconfig /flushdns" to clear DNS cache value on your computer. DNS uses TTL (Time-To-Live) value which let the intermediate name servers to cache DNS information. If you changed your DNS settings, and your computer doesn't see the change immediately, you may perform "ipconfig /flushdns" to clear the DNS cache.
C:> ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
Steps how to install Cacti on CentOS 5.2 + DirectAdmin
First of all, I'm not an Linux/DirectAdmin expert. I just played around with them and found the way to do it. I tried to install Cacti on my server but I couldn't find a complete instruction to do it. So, I just gathered all information I found into one place so that it is easier for many others. I hope it can help someone that needs the same thing that I did.
The software I use:
- CentOS 5.2 - 64-bit
- DirectAdmin 1.323 - Custombuild 1.1.13
- PHP 5 - CGI
- Apache 2.2
- MySQL 5
- Cacti 0.8.7b
Package Required by Cacti :
* RRDTool 1.0.49 or 1.2.x or greater
* MySQL 3.23 or greater, 4.0.20d or greater highly recommended for advanced features
* PHP 4.1 or greater, 4.3.6 or greater highly recommended for advanced features
Apache, PHP and MySQL are already installed by DirectAdmin. However, there are 2 required packages which are net-smtp and RRDTool that I need to install.
1. Install net-snmp with this command :
shell> yum install net-snmp net-snmp-utils
2. RRDTool, to compile or using RPM is not easy. It required many other packages. So, what I did is to follow this instruction : Installing RRDTool Using Yum
2.1 Create a file dag.repo under /etc/yum.repos.d :
shell> nano /etc/yum.repos.d/dag.repo
2.2 Then, copy and paste the following code :
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
gpgkey=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
enabled=1
2.3 Save and run :
shell> yum install perl-rrdtool rrdtool
3. I, then, follow steps from Here. Extract the distribution tarball. Then, move to /var/www/html/cacti
shell> tar xzvf cacti-version.tar.gz
shell> mv cacti-version cacti
shell> mv cacti /var/www/html
4. Create the MySQL database: (Check MySQL Root password from /usr/local/directadmin/scripts/setup.txt)
shell> mysqladmin --user=root --password=password create cacti
5. Import the default cacti database: (cacti.sql is under cacti directory)
shell> cd /var/www/html/cacti
shell> mysql --user=root --password=password cacti < cacti.sql
6. Optional: Create a MySQL username and password for Cacti.
shell> mysql --user=root --password=password
mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword';
mysql> flush privileges;
7. Edit include/config.php and specify the MySQL user, password and database for your Cacti configuration.
shell> cd /var/www/html/cacti/include
shell> nano -w config.php
Change information below :
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cactiuser";
$database_password = "somepassword";
8. Set the appropriate permissions on cacti's directories. In DirectAdmin, I tried a few users and got 500 Internal Server Error. So, I end up using user webapps and it works great.
shell> cd /var/www/html
shell> chown -R webapps:webapps cacti
9. Add a line to your /etc/crontab file similar to:
shell> nano -w /etc/crontab
Copy and paste following code:
*/5 * * * * webapps /usr/local/php5/bin/php-cgi /var/www/html/cacti/poller.php > /dev/null 2>&1
10. Edit your PHP Config File at /usr/local/etc/php5/cgi/php.ini for DirectAdmin CGI mode to allocate sufficient memory for Cacti:
shell> nano /usr/local/etc/php5/cgi/php.ini
By default, DirectAdmin comes with 128Mb, so, no need to do anything here.
memory_limit=128m
11. If you need to use SNMP with PHP, then, follow these steps :
If you don't have net-snmp-devel installed. Chec it by using "rpm -q net-snmp-devel"
If it's not installed, it will show :
shell> rpm -q net-snmp-devel
package net-snmp-devel is not installed
If it's already installed, it will show :
shell> rpm -q net-snmp-devel
net-snmp-devel-5.3.1-24.el5_2.1
net-snmp-devel-5.3.1-24.el5_2.1
If you want to install, use this command -> "yum install net-snmp-devel" After you've done installing net-snmp-devel, go through steps below to compile it into PHP.
shell> nano -w /usr/local/directadmin/custombuild/configure/suphp/configure.php5
Add a following line :
"--with-snmp"
Then recompile PHP :
shell> cd /usr/local/directadmin/custombuild
shell> ./build php n
12. Point your web browser to:
http://your-server/cacti/
Log in with a username/password of admin. You will be required to change this password immediately. Make sure to fill in all of the path variables carefully and correctly on the following screen.
Below is the Path I used in Cacti :
snmpwalk Binary Path : /usr/bin/snmpwalk
snmpget Binary Path : /usr/bin/snmpget
snmpbulkwalk Binary Path : /usr/bin/snmpbulkwalk
snmpgetnext Binary Path : /usr/bin/snmpgetnext
RRDTool Binary Path : /usr/bin/rrdtool
PHP Binary Path : /usr/local/php5/bin/php-cgi
Cacti Log File Path : /var/www/html/cacti/log/cacti.log
If you use CLI Mode, Configuration is below
shell> nano -w /usr/local/directadmin/custombuild/configure/ap2/configure.php5
Add "--with-snmp" into the file. You have to check that it's last line or not. All other lines will end with "" except last line. It will look like below :
.
.
.
--enable-magic-quotes
--enable-sockets
--enable-mbstring
--with-snmp
The software I use:
- CentOS 5.2 - 64-bit
- DirectAdmin 1.323 - Custombuild 1.1.13
- PHP 5 - CGI
- Apache 2.2
- MySQL 5
- Cacti 0.8.7b
Package Required by Cacti :
* RRDTool 1.0.49 or 1.2.x or greater
* MySQL 3.23 or greater, 4.0.20d or greater highly recommended for advanced features
* PHP 4.1 or greater, 4.3.6 or greater highly recommended for advanced features
Apache, PHP and MySQL are already installed by DirectAdmin. However, there are 2 required packages which are net-smtp and RRDTool that I need to install.
1. Install net-snmp with this command :
shell> yum install net-snmp net-snmp-utils
2. RRDTool, to compile or using RPM is not easy. It required many other packages. So, what I did is to follow this instruction : Installing RRDTool Using Yum
2.1 Create a file dag.repo under /etc/yum.repos.d :
shell> nano /etc/yum.repos.d/dag.repo
2.2 Then, copy and paste the following code :
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
gpgkey=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
enabled=1
2.3 Save and run :
shell> yum install perl-rrdtool rrdtool
3. I, then, follow steps from Here. Extract the distribution tarball. Then, move to /var/www/html/cacti
shell> tar xzvf cacti-version.tar.gz
shell> mv cacti-version cacti
shell> mv cacti /var/www/html
4. Create the MySQL database: (Check MySQL Root password from /usr/local/directadmin/scripts/setup.txt)
shell> mysqladmin --user=root --password=password create cacti
5. Import the default cacti database: (cacti.sql is under cacti directory)
shell> cd /var/www/html/cacti
shell> mysql --user=root --password=password cacti < cacti.sql
6. Optional: Create a MySQL username and password for Cacti.
shell> mysql --user=root --password=password
mysql> GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword';
mysql> flush privileges;
7. Edit include/config.php and specify the MySQL user, password and database for your Cacti configuration.
shell> cd /var/www/html/cacti/include
shell> nano -w config.php
Change information below :
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cactiuser";
$database_password = "somepassword";
8. Set the appropriate permissions on cacti's directories. In DirectAdmin, I tried a few users and got 500 Internal Server Error. So, I end up using user webapps and it works great.
shell> cd /var/www/html
shell> chown -R webapps:webapps cacti
9. Add a line to your /etc/crontab file similar to:
shell> nano -w /etc/crontab
Copy and paste following code:
*/5 * * * * webapps /usr/local/php5/bin/php-cgi /var/www/html/cacti/poller.php > /dev/null 2>&1
10. Edit your PHP Config File at /usr/local/etc/php5/cgi/php.ini for DirectAdmin CGI mode to allocate sufficient memory for Cacti:
shell> nano /usr/local/etc/php5/cgi/php.ini
By default, DirectAdmin comes with 128Mb, so, no need to do anything here.
memory_limit=128m
11. If you need to use SNMP with PHP, then, follow these steps :
If you don't have net-snmp-devel installed. Chec it by using "rpm -q net-snmp-devel"
If it's not installed, it will show :
shell> rpm -q net-snmp-devel
package net-snmp-devel is not installed
If it's already installed, it will show :
shell> rpm -q net-snmp-devel
net-snmp-devel-5.3.1-24.el5_2.1
net-snmp-devel-5.3.1-24.el5_2.1
If you want to install, use this command -> "yum install net-snmp-devel" After you've done installing net-snmp-devel, go through steps below to compile it into PHP.
shell> nano -w /usr/local/directadmin/custombuild/configure/suphp/configure.php5
Add a following line :
"--with-snmp"
Then recompile PHP :
shell> cd /usr/local/directadmin/custombuild
shell> ./build php n
12. Point your web browser to:
http://your-server/cacti/
Log in with a username/password of admin. You will be required to change this password immediately. Make sure to fill in all of the path variables carefully and correctly on the following screen.
Below is the Path I used in Cacti :
snmpwalk Binary Path : /usr/bin/snmpwalk
snmpget Binary Path : /usr/bin/snmpget
snmpbulkwalk Binary Path : /usr/bin/snmpbulkwalk
snmpgetnext Binary Path : /usr/bin/snmpgetnext
RRDTool Binary Path : /usr/bin/rrdtool
PHP Binary Path : /usr/local/php5/bin/php-cgi
Cacti Log File Path : /var/www/html/cacti/log/cacti.log
If you use CLI Mode, Configuration is below
shell> nano -w /usr/local/directadmin/custombuild/configure/ap2/configure.php5
Add "--with-snmp" into the file. You have to check that it's last line or not. All other lines will end with "" except last line. It will look like below :
.
.
.
--enable-magic-quotes
--enable-sockets
--enable-mbstring
--with-snmp
Monday 14 April 2008
Unable to update Centos 5.3
Unable to update Centos 5.3 using the command, "yum -y update." When doing so, I receive the long message below. I have also tried "yum clean all,"yum clean metadata" and "yum update kernel." The server has 256 MB and my only interest is keeping up with security updates before I get hacked
yum clean metadata
Loaded plugins: fastestmirror
12 metadata files removed
8 sqlite files removed
0 metadata files removed
> yum update kernel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Excluding Packages in global exclude list
Finished
Setting up Update Process
No Packages marked for Update
> yum update kernel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Excluding Packages in global exclude list
Finished
Setting up Update Process
No Packages marked for Update
Here is the fix:-
--------------
yum clean all
yum update glibc*
yum update yum* rpm* python*
yum clean all
yum update
shutdown -r now
yum clean metadata
Loaded plugins: fastestmirror
12 metadata files removed
8 sqlite files removed
0 metadata files removed
> yum update kernel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Excluding Packages in global exclude list
Finished
Setting up Update Process
No Packages marked for Update
> yum update kernel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Excluding Packages in global exclude list
Finished
Setting up Update Process
No Packages marked for Update
Here is the fix:-
--------------
yum clean all
yum update glibc*
yum update yum* rpm* python*
yum clean all
yum update
shutdown -r now
Sunday 16 March 2008
Deny visitors by IP address
The visitor blocking facilities offered by the Apache Web Server enable us to deny access to specific visitors, or allow access to specific visitors. This is extremely useful for blocking unwanted visitors, or to only allow the web site owner access to certain sections of the web site, such as an administration area. To set-up visitors restrictions and blocking, create a .htaccess file following the main instructions and guidance which includes the following text:
|
The above lines tell the Apache Web Server to block visitors from the IP address '255.0.0.0' and '123.45.6.', note the second IP address is missing the fourth set of digits, this means any IP address which matches the firth three set of digits will be blocked, e.g. '123.45.6.10' and '123.45.6.255' would be blocked.
To set-up blocking of all visitors except yourself, create a .htaccess file following the main instructions and guidance which includes the following text:
|
The above lines tell the Apache Web Server to block all visitors except those with the IP address '255.0.0.0', which you should replace with your own IP address.
You may add any number of 'deny from' and 'allow from' records after the 'order allow,deny'. Note the change from 'allow from all' to 'deny from all' on the bottom line, this is important and must be changed depending on your requirements. If you want to allow your visitor access, you would use 'allow from all' and place 'deny from' lines above.
Blocked visitors will be shown a '403 Forbidden' error message. You can customise this error message by following the 'Error Documents' section of this article.
Hot link prevention techniques
Hot link prevention refers to stopping web sites that are not your own from displaying your files or content, e.g. stopping visitors from other web sites. This is most commonly used to prevent other web sites from displaying your images but it can be used to prevent people using your JavaScript or CSS (cascading style sheet) files. The problem with hot linking is it uses your bandwidth, which in turn costs money, hot linking is often referred to as 'bandwidth theft'.Using .htaccess we can prevent other web sites from sourcing your content, and can even display different content in turn. For example, it is common to display what is referred to as an 'angry man' images instead of the desired images.
Note, this functionality requires that 'mod_rewrite' is enabled on your server. Due to the demands that can be placed on system resources, it is unlikely it is enabled so be sure to check with your system administrator or web hosting company.
To set-up hot link prevention for '.gif', '.jpg' and '.css' files, create a .htaccess file following the main instructions and guidance which includes the following text:
The above lines tell the Apache Web Server to block all links to '.gif', '.jpg' and '.css' files which are not from the domain name 'http://www.yourdomain.com/'. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.
To set-up hot link prevention for '.gif', '.jpg' files which displays alternate content (such as an angry man image), create a .htaccess file following the main instructions and guidance which includes the following text:
The above lines tell the Apache Web Server to block all links to '.gif' and '.jpg' files which are not from the domain name 'http://www.yourdomain.com/' and to display the file 'http://www.yourdomain.com/hotlink.jpg' instead. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.
Note, this functionality requires that 'mod_rewrite' is enabled on your server. Due to the demands that can be placed on system resources, it is unlikely it is enabled so be sure to check with your system administrator or web hosting company.
To set-up hot link prevention for '.gif', '.jpg' and '.css' files, create a .htaccess file following the main instructions and guidance which includes the following text:
|
The above lines tell the Apache Web Server to block all links to '.gif', '.jpg' and '.css' files which are not from the domain name 'http://www.yourdomain.com/'. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.
To set-up hot link prevention for '.gif', '.jpg' files which displays alternate content (such as an angry man image), create a .htaccess file following the main instructions and guidance which includes the following text:
|
The above lines tell the Apache Web Server to block all links to '.gif' and '.jpg' files which are not from the domain name 'http://www.yourdomain.com/' and to display the file 'http://www.yourdomain.com/hotlink.jpg' instead. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.
DirectoryIndex uses
The directoryindex command allows you to specify a default page to display when a directory is accessed. For instance, if a visitor requests a directory on your web site, you can specify the file to load when the directory is accessed (if a filename is not specified in the initial request). For example, to display a 'index.html' file rather than showing directory listings or to load a 'index.php' file rather than an 'index.html' file.To set-up a directoryindex, create a .htaccess file following the main instructions and guidance which includes the following text:
The above lines tell the Apache Web Server to display the 'index.html' file, whenever the directory containing this .htaccess file (or any subdirectory) is accessed.
We can setup a directoryindex to call multiple files using the following text:
The above lines tell the Apache Web Server to display the 'index.html' file as the directoryindex, if this file is not available then display 'index.cgi', and if this is not available then display 'index.php'.
If not of the specified files are available, the Apache Web Server will revert to it's default settings, either displaying an error message, a directory listings not available message, or displaying the directory listings of files and directories (this can be prevented which we discuss in section 'Prevent viewing of directory listings').
|
The above lines tell the Apache Web Server to display the 'index.html' file, whenever the directory containing this .htaccess file (or any subdirectory) is accessed.
We can setup a directoryindex to call multiple files using the following text:
|
The above lines tell the Apache Web Server to display the 'index.html' file as the directoryindex, if this file is not available then display 'index.cgi', and if this is not available then display 'index.php'.
If not of the specified files are available, the Apache Web Server will revert to it's default settings, either displaying an error message, a directory listings not available message, or displaying the directory listings of files and directories (this can be prevented which we discuss in section 'Prevent viewing of directory listings').
Blocking offline browsers and 'bad bots'
Offline browsers are pieces of software which download your web page, following the links to your other web pages, downloading all the content and images. The purpose of this is innocent, so the visitor can log off the Internet and browse the site without a connection, but the demand on the server and bandwidth usage can be expensive. Bad bots as they are often called refers to programs which visit your web site, either to source content, look for security holes or to scan for email addresses. This is often how your email address ends up on 'Spam' databases, because they have set a 'bot' to scan the Internet and collect email addresses. These programs and 'bots' often ignore the rules set out in 'robot.txt' files.Below is a useful example of how to block some common 'bots' and site rippers. Create a .htaccess file following the main instructions and guidance which includes the following text:
|
Adding MIME types
MIME types set what a file is, or rather what file extensions refer to what file types. For example, a '.html' file extension refers to a HTML document, a '.zip' file extension refers to a ZIP archive file. The server needs to know this so it knows how to deal with the file. This is often used to create custom file extension for common file types.To setup a MIME type, create a .htaccess file following the main instructions and guidance which includes the following text:
'AddType' specifies that you are adding a MIME type. The second part is the MIME type, in this case text or HTML, and the final part is the file extension, in this example 'htm0'.
A common issue with MP3 or SWF files not playing can be resolved with the following text:
A handy trick, to force a file to be downloaded, via the 'Save As' feature in the web browser, set the MIME type to application/octet-stream and the browser will immediately prompt for download. Note, this does not work consistently in some versions of Microsoft Internet Explorer.
Here is a list of various MIME types and some associations:
|
'AddType' specifies that you are adding a MIME type. The second part is the MIME type, in this case text or HTML, and the final part is the file extension, in this example 'htm0'.
A common issue with MP3 or SWF files not playing can be resolved with the following text:
|
A handy trick, to force a file to be downloaded, via the 'Save As' feature in the web browser, set the MIME type to application/octet-stream and the browser will immediately prompt for download. Note, this does not work consistently in some versions of Microsoft Internet Explorer.
Here is a list of various MIME types and some associations:
|
Wednesday 12 March 2008
How to install Subversion on a shared Server
Installation Instructions
These instructions assume basic proficiency with the Unix command line. Note that the goal is to install the SVN client, plan on hosting your repositories somewhere else.
Connect to your account with ssh and create a working directory, mine’s called _src:
cd
mkdir _src
cd _src
get http://subversion.tigris.org/downloads/subversion-1.4.6.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.4.6.tar.gz
tar -xzvf subversion-1.4.6.tar.gz
tar -xzvf subversion-deps-1.4.6.tar.gz
cd subversion-1.4.6
One step, maybe (32-bit?)
At this point, depending on your server configuration, you might be able to install with the following two commands:
./configure –prefix=$HOME –without-berkeley-db
–with-ssl –with-editor=/usr/bin/vim
–without-apxs –without-apache
make && make install
These instructions assume basic proficiency with the Unix command line. Note that the goal is to install the SVN client, plan on hosting your repositories somewhere else.
Connect to your account with ssh and create a working directory, mine’s called _src:
cd
mkdir _src
cd _src
get http://subversion.tigris.org/downloads/subversion-1.4.6.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.4.6.tar.gz
tar -xzvf subversion-1.4.6.tar.gz
tar -xzvf subversion-deps-1.4.6.tar.gz
cd subversion-1.4.6
One step, maybe (32-bit?)
At this point, depending on your server configuration, you might be able to install with the following two commands:
./configure –prefix=$HOME –without-berkeley-db
–with-ssl –with-editor=/usr/bin/vim
–without-apxs –without-apache
make && make install
Monday 10 March 2008
HowTo ignore some files/folders from awstats reports
Awstats will consider as a page hit any entry from the log it processes. By default some file extensions (for regular image types and css/js) are excluded from what awstats will consider as a page:
The SkipFiles parameter is by default empty, and in order to use it we have to add the appropriate config in our awstats.conf file. For example to ignore a file called somefile.php we will add “/somefile.php“:
while if we want to ignore all the pages in a folder called somefolder we will have to use a regex value like: “REGEX[^/somefolder]“
We can add several rules separated by spaces:
Note: this will be effective only for new updates; meaning existing data will not be affected by this (if really needed you will have to regenerate your stats to get rid of those pages in old stats).
NotPageList="css js class gif jpg jpeg png bmp ico"(this is the default). All other file types will be counted as pages. Now, if we want to completely ignore some files, or even all the content of one folder from the awstats processing we can use the SkipFiles parameter. We might want to do this to ignore some frames, hidden pages, ajax calls, etc.The SkipFiles parameter is by default empty, and in order to use it we have to add the appropriate config in our awstats.conf file. For example to ignore a file called somefile.php we will add “/somefile.php“:
SkipFiles="/somefile.php"while if we want to ignore all the pages in a folder called somefolder we will have to use a regex value like: “REGEX[^/somefolder]“
We can add several rules separated by spaces:
SkipFiles="/somefile.php REGEX[^/somefolder]"Note: this will be effective only for new updates; meaning existing data will not be affected by this (if really needed you will have to regenerate your stats to get rid of those pages in old stats).
Dev-mysql-maint error occurred during the installation of VHCS Control panel
Error message:
Can’t connect on ‘DBI:mysql:;localhost’ :Access denied for user ‘debian-sys-maint’@'localhost’ (using password: YES)
The issue occurring due to the absence of grant privilege (to the user dev-mysql-maint) on the databases.
You obtain details of "dev-mysql-maint" from /etc/mysql/debian.cnf.
One example is mentioned below:
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host = localhost
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
basedir = /usr
You need to grant the privileges to dev-mysql-maint, according to the above information.
grant all privileges to *.* on 'dev-mysql-maint'@'localhost' identified by '0nQp8g7pmupSbcpg' with grant option;
Note: Modify the password according to the information in /etc/mysql/debian.cnf.
Can’t connect on ‘DBI:mysql:;localhost’ :Access denied for user ‘debian-sys-maint’@'localhost’ (using password: YES)
The issue occurring due to the absence of grant privilege (to the user dev-mysql-maint) on the databases.
You obtain details of "dev-mysql-maint" from /etc/mysql/debian.cnf.
One example is mentioned below:
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host = localhost
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
basedir = /usr
You need to grant the privileges to dev-mysql-maint, according to the above information.
grant all privileges to *.* on 'dev-mysql-maint'@'localhost' identified by '0nQp8g7pmupSbcpg' with grant option;
Note: Modify the password according to the information in /etc/mysql/debian.cnf.
Cpanel- How can we solve the problem "Unable to login FAQMasterFlex admin area" ?
How can we solve the problem "Unable to login FAQMasterFlex admin area" ?
This might be due to 'register globals =off'. Because of that, the server variables must be expli
citly pulled into the script in order for the authentication to work. Add the following two state
ments to admin_authorize.php, just above the "if" statement that tests their values:
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
This might be due to 'register globals =off'. Because of that, the server variables must be expli
citly pulled into the script in order for the authentication to work. Add the following two state
ments to admin_authorize.php, just above the "if" statement that tests their values:
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
Saturday 16 February 2008
Ultimate htaccess Examples
Here's my list of the ultimate htaccess code snippets and examples that I use all the time. I tried to keep them extremely minimalistic.
This lets google crawl the page, lets me access the whole site (24.205.23.222) without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org)
Each code snippet has been copied from htaccesselite. Additional and detailed info on each htaccess code snippet can be found at askapache.com
NOTE: Most of these snippets can be used with a Files or Filesmatch directive to only apply to certain files.
NOTE: Any htaccess rewrite examples should always begin with:
Additional https/ssl information and Apache SSL in htaccess examples
chmod .htpasswd files 640 chmod .htaccess files 644 chmod php files 600 chmod files that you really dont want people to see as 400 NEVER chmod 777, if something requires write access use 766
Article: Setting Charset in htaccess
Article: Using FilesMatch and Files in htaccess
Article: Custom PHP.ini tips and tricks
Heres a couple different ways I do it
This is cool, you are basically categorizing all those files that end in those extensions so that they fall under the jurisdiction of the -ExecCGI command, which also means -FollowSymLinks (and the opposite is also true, +ExecCGI also turns on +FollowSymLinks)
Then in your HTML you could just link directly to the file..
And then you will get a pop-up box asking whether you want to save the file or open it.
If you'd rather have .pl, .py, or .cgi files displayed in the browser as source rather than be executed as scripts, simply create a .htaccess file in the relevant directory with the following:
Article: Speed Up Sites with htaccess Caching
Article: Additional ErrorDocument Info and Examples
Note: You can also do an external link, but don't do an external link to your site or you will cause a loop that will hurt your SEO.
Article: Additional SetEnvIf examples
I use this when I start a new site, and uncomment or delete parts of the file depending on the sites needs
Heres the actual code that I use when I'm developing sites for clients
This lets google crawl the page, lets me access the whole site (24.205.23.222) without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org)
# ELITE HTACCESS FOR WEBDEVELOPERS
##############################################
AuthName "SiteName Administration"
AuthUserFile /home/sitename.com/.htpasswd
AuthType basic
Require valid-user
Order deny,allow
Deny from all
Allow from 24.205.23.222
Allow from w3.org htmlhelp.com
Allow from googlebot.com
Satisfy AnyEach code snippet has been copied from htaccesselite. Additional and detailed info on each htaccess code snippet can be found at askapache.com
NOTE: Most of these snippets can be used with a Files or Filesmatch directive to only apply to certain files.
NOTE: Any htaccess rewrite examples should always begin with:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /Apache Documentation: 1.3 | 2.0 | 2.2 | Current
Make any file be a certain filetype (regardless of name or extension)
#Makes image.gif, blah.html, index.cgi all act as php
ForceType application/x-httpd-phpRedirect non-https requests to https server fixing double-login problem and ensuring that htpasswd authorization can only be entered using HTTPS
Additional https/ssl information and Apache SSL in htaccess examples
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.comSEO Friendly redirects for bad/old links and moved links
For single moved file
Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.htmlFor multiple files like a blog/this.php?gh
RedirectMatch 301 /blog(.*) http://www.askapache.com/$1different domain name
Redirect 301 / http://www.newdomain.comRequire the www
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots.txt$
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L] Require the www without hardcoding
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots.txt$ [NC]
RewriteCond %{HTTP_HOST} !^www.[a-z-]+.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]Require no subdomain
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots.txt$
RewriteCond %{HTTP_HOST} .([a-z-]+.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]Require no subdomain
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} .([^.]+.[^.0-9]+)$
RewriteCond %{REQUEST_URI} !^/robots.txt$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]Redirect everyone to different site except 1 IP address (useful for web-development)
ErrorDocument 403 http://www.someothersite.com
Order deny,allow
Deny from all
Allow from 24.33.65.6CHMOD your files
chmod .htpasswd files 640 chmod .htaccess files 644 chmod php files 600 chmod files that you really dont want people to see as 400 NEVER chmod 777, if something requires write access use 766
Variable (mod_env) Magic
Set the Timezone of the server:
SetEnv TZ America/Indianapolis Set the Server Administrator Email:
SetEnv SERVER_ADMIN webmaste@htaccesselite.comTurn off the ServerSignature
ServerSignature OffAdd a "en-US" language tag and "text/html; UTF-8" headers without meta tags
Article: Setting Charset in htaccess
Article: Using FilesMatch and Files in htaccess
AddDefaultCharset UTF-8
# Or AddType 'text/html; charset=UTF-8' html
DefaultLanguage en-USUsing the Files Directive
AddDefaultCharset UTF-8
DefaultLanguage en-US
Using the FilesMatch Directive (preferred)
AddDefaultCharset UTF-8
DefaultLanguage en-US
Use a custom php.ini with mod_php or php as a cgi
Article: Custom PHP.ini tips and tricks
When php run as Apache Module (mod_php) in root .htaccess SetEnv PHPRC /location/todir/containing/phpinifile When php run as CGI Place your php.ini file in the dir of your cgi’d php, in this case /cgi-bin/ htaccess might look something like this AddHandler php-cgi .php .htm Action php-cgi /cgi-bin/php5.cgi When cgi’d php is run with wrapper (for FastCGI) You will have a shell wrapper script something like this: #!/bin/sh export PHP_FCGI_CHILDREN=3 exec /user3/x.com/htdocs/cgi-bin/php5.cgi Change To #!/bin/sh export PHP_FCGI_CHILDREN=3 exec /x.com/cgi-bin/php.cgi -c /abs/path/to/php.ini
Securing directories: Remove the ability to execute scripts
Heres a couple different ways I do it
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGIThis is cool, you are basically categorizing all those files that end in those extensions so that they fall under the jurisdiction of the -ExecCGI command, which also means -FollowSymLinks (and the opposite is also true, +ExecCGI also turns on +FollowSymLinks)
Only allow GET and PUT request methods to your server.
Options -ExecCGI -Indexes -All +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} !^(GET|PUT)
RewriteRule .* - [F]Processing All gif files to be processed through a cgi script
Action image/gif /cgi-bin/filter.cgiProcess request/file depending on the request method
Script PUT /cgi-bin/upload.cgiForce Files to download, not be displayed in browser
AddType application/octet-stream .avi
AddType application/octet-stream .mpgThen in your HTML you could just link directly to the file..
And then you will get a pop-up box asking whether you want to save the file or open it.
Show the source code of dynamic files
If you'd rather have .pl, .py, or .cgi files displayed in the browser as source rather than be executed as scripts, simply create a .htaccess file in the relevant directory with the following:
RemoveHandler cgi-script .pl .py .cgiDramatically Speed up your site by implementing Caching!
Article: Speed Up Sites with htaccess Caching
# MONTH
Header set Cache-Control "max-age=2592000"
# WEEK
Header set Cache-Control "max-age=604800"
# DAY
Header set Cache-Control "max-age=43200"
Prevent Files image/file hotlinking and bandwidth stealing
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?askapache.com/.*$ [NC]
RewriteRule .(gif|jpg|swf|flv|png)$ http://www.askapache.com/feed.gif [R=302,L]ErrorDocuments
Article: Additional ErrorDocument Info and Examples
ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.phpNote: You can also do an external link, but don't do an external link to your site or you will cause a loop that will hurt your SEO.
Authentication Magic
Require password for 1 file:
AuthName "Prompt"
AuthType Basic
AuthUserFile /home/askapache.com/.htpasswd
Require valid-user
Protect multiple files:
AuthName "Development"
AuthUserFile /.htpasswd
AuthType basic
Require valid-user
Example uses of the Allow Directive:
# A (partial) domain-name
Allow from 10.1.0.0/255.255.0.0
# Full IP address
Allow from 10.1.2.3
# More than 1 full IP address
Allow from 192.168.1.104 192.168.1.205
# Partial IP addresses
# first 1 to 3 bytes of IP, for subnet restriction.
Allow from 10.1
Allow from 10 172.20 192.168.2
# network/netmask pair
Allow from 10.1.0.0/255.255.0.0
# network/nnn CIDR specification
Allow from 10.1.0.0/16
# IPv6 addresses and subnets
Allow from 2001:db8::a00:20ff:fea7:ccea
Allow from 2001:db8::a00:20ff:fea7:ccea/10Using visitor dependent environment variables:
Article: Additional SetEnvIf examples
SetEnvIf User-Agent ^KnockKnock/2.0 let_me_in
Order Deny,Allow
Deny from all
Allow from env=let_me_inAllow from apache.org but deny from foo.apache.org
Order Allow,Deny
Allow from apache.org
Deny from foo.apache.orgAllow from IP address with no password prompt, and also allow from non-Ip address with password prompt:
AuthUserFile /home/www/site1-passwd
AuthType Basic
AuthName MySite
Require valid-user
Allow from 172.17.10
Satisfy Anyblock access to files during certain hours of the day
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
# If the hour is 16 (4 PM) Then deny all access
RewriteCond %{TIME_HOUR} ^16$
RewriteRule ^.*$ - [F,L]A good default example .htaccess file
I use this when I start a new site, and uncomment or delete parts of the file depending on the sites needs
# DEFAULT SETTINGS
##############################################
Options +ExecCGI -Indexes
DirectoryIndex index.php index.html index.htm
### DEFAULTS ###
ServerSignature Off
AddType video/x-flv .flv
AddType application/x-shockwave-flash .swf
AddType image/x-icon .ico
AddDefaultCharset UTF-8
DefaultLanguage en-US
SetEnv TZ America/Indianapolis
SetEnv SERVER_ADMIN webmaster@askapache.com
### FAST-CGI ###
AddHandler fastcgi-script fcgi
AddHandler php-cgi .php
Action php-cgi /cgi-bin/php5-wrapper.fcgi
# HEADERS and CACHING
##############################################
#### CACHING ####
# YEAR
Header set Cache-Control "max-age=2592000"
# WEEK
Header set Cache-Control "max-age=604800"
# 10 minutes
Header set Cache-Control "max-age=600"
# DONT CACHE
Header unset Cache-Control
# REWRITES AND REDIRECTS
##############################################
### SEO REDIRECTS ###
Redirect 301 /2006/uncategorized/htaccesselitecom-aboutus.html http://www.^^SITE^^.^^TLD^^
### REWRITES ###
RewriteEngine On
RewriteBase /
### WORDPRESS ###
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
# AUTHENTICATION
##############################################
AuthName "askapache.com"
Require valid-user
AuthUserFile /askapache/.htpasswd
AuthType basicMonday 14 January 2008
How To Transfer CPanel Accounts
In this how to we'll describe how to transfer CPanel accounts from one server to another. To transfer account you should have root access on both servers. Because to transfer account you need every thing to backup for transfer including Cpanel User / Pass (Same), Website, Database, Emails, Users, Stats etc. The thing we like about CPanel is it will transfer accounts 100%, you will not miss any single think related to your accounts. This method implies on VPS’s and Dedicated Server where you can access WHM (Web Host Manager) or root shell.
Lets consider we have two servers A and B. Server A is the old server with two accounts and Server B is new server to which we will transfer accounts.
Server A = 192.168.0.1
Server B = 172.20.0.1
Login to Server B WHM using following url
http://172.20.0.1:2086
where 2086 is the port on which WHM is running.
In the middle page select Transfer and then on Transfer page selectCopy multiple accounts/packages from another server.
It will open new page to put info of the Server through which you are going to transfer i.e Server A.
Remote server type is (WHM version will be auto detected on multi account copies): leave as it is
Remote server address (ip address or FQDN): put server hostname or IP
Remote SSH port: 22 is the default, if you have changed ssh port on old server use that one here.
Do not compress transfers (cPanel 10.8.3+ required on both ends): leave at it is
Turn off SSL (cPanel 11.23.6+ required on both ends): leave at it is
Allow override*: leave at it is
Login as : Choose USER if you have sudo or direct root login are not allowed. Else select ROOT (recommended)
Select authentication method: Choose Password here, if you are using Public Key then you have to upload Key using Security -> Manage SSH Keys to use here.
Root Password: put root password here
After putting all information above click on Fetch Account List. In few second you will see list of accounts from Server A to transfer. Select the account using check boxes to copy, if need to copy all select Select All to check all accounts. When done with select click on Copy. (Beware once you click on Copy dont close browser or click on Back button).
You will see account transfer log on your browser and when finished it will show nice summary about transfer.
SSH your Server A using putty from windows and command line from linux.
Now first of all we will create full backup to transfer and all the backups created are placed under /home directory.
If you wish to backup single account, then execute following command
you will find corresponding backup in /home directory named cpmove-cpaneluser*.tar.gz
To create all accounts backup on your server, execute following command
again you will find all accounts backup under /home named cpmove-cpaneluser*.tar.gz
After creating backup you have to transfer all accounts backup to your new server i.e Server B using SCP.
Besure all backups should move to /home directory of new server.
If you have done all accounts backup then you should have to move /var/cpanel/users file for restore on new server i.e Server B in /home directory with name user.txt
To restore single account backup execute following command.
where cpaneluser is of old server and can be found on backup filename after cpmove. i.e
cpmove-cpaneluser*.tar.gz
To restore all accounts
Now you can List Account in WHM to see all accounts are transferred successfully to your new server and you can login to cpanel accounts of user using same Cpanel user / pass as old server.
Lets consider we have two servers A and B. Server A is the old server with two accounts and Server B is new server to which we will transfer accounts.
Server A = 192.168.0.1
Server B = 172.20.0.1
1 Transfer using WHM
Login to Server B WHM using following url
http://172.20.0.1:2086
where 2086 is the port on which WHM is running.
In the middle page select Transfer and then on Transfer page selectCopy multiple accounts/packages from another server.
It will open new page to put info of the Server through which you are going to transfer i.e Server A.
Remote server type is (WHM version will be auto detected on multi account copies): leave as it is
Remote server address (ip address or FQDN): put server hostname or IP
Remote SSH port: 22 is the default, if you have changed ssh port on old server use that one here.
Do not compress transfers (cPanel 10.8.3+ required on both ends): leave at it is
Turn off SSL (cPanel 11.23.6+ required on both ends): leave at it is
Allow override*: leave at it is
Login as : Choose USER if you have sudo or direct root login are not allowed. Else select ROOT (recommended)
Select authentication method: Choose Password here, if you are using Public Key then you have to upload Key using Security -> Manage SSH Keys to use here.
Root Password: put root password here
After putting all information above click on Fetch Account List. In few second you will see list of accounts from Server A to transfer. Select the account using check boxes to copy, if need to copy all select Select All to check all accounts. When done with select click on Copy. (Beware once you click on Copy dont close browser or click on Back button).
You will see account transfer log on your browser and when finished it will show nice summary about transfer.
2 Transfer using Shell (Command Line)
SSH your Server A using putty from windows and command line from linux.
ssh 192.168.0.1
Now first of all we will create full backup to transfer and all the backups created are placed under /home directory.
2.1 Create One Account Backup
If you wish to backup single account, then execute following command
/scripts/pkgacct cpaneluser
you will find corresponding backup in /home directory named cpmove-cpaneluser*.tar.gz
2.2 Create all Accounts Backup
To create all accounts backup on your server, execute following command
cat /var/cpanel/users | while read a; do
/scripts/pkgacct $a
done
again you will find all accounts backup under /home named cpmove-cpaneluser*.tar.gz
2.3 SCP Backups to New Server
After creating backup you have to transfer all accounts backup to your new server i.e Server B using SCP.
scp cpmove-* root@172.120.0.1:/home
Besure all backups should move to /home directory of new server.
If you have done all accounts backup then you should have to move /var/cpanel/users file for restore on new server i.e Server B in /home directory with name user.txt
scp /var/cpanel/users root@172.120.0.1:/home/user.txt
2.4 Restore Backup
To restore single account backup execute following command.
/scripts/restorepkg cpaneluser
where cpaneluser is of old server and can be found on backup filename after cpmove. i.e
cpmove-cpaneluser*.tar.gz
To restore all accounts
cat /home/user.txt | while read a; do
/scripts/restorepkg $a
done
Now you can List Account in WHM to see all accounts are transferred successfully to your new server and you can login to cpanel accounts of user using same Cpanel user / pass as old server.
Subscribe to:
Posts (Atom)