How do I find out my RHEL (Red Hat Enterprise Linux) 6 Linux kernel version number running on HP server?
You need to use the uname command to find name and information about current kernel. It can provide the following information
The kernel name (-s)
The Network node hostname (-n)
The kernel release (-r)
The kernel version (-v)
The machine hardware name (-m)
The processor type (-p)
The hardware platform (-i)
The operating system (-o)
RHEL 6 Kernel Version Command
Open a command-line terminal (select Applications > Accessories > Terminal), OR login to remote server using the ssh command and then type:
$ uname -r
Sample outputs:
2.6.32-220.2.1.el6.x86_6
The following provides a little more information:
$ uname -mrs
Sample outputs:
Linux 2.6.32-220.2.1.el6.x86_64 x86_64
You can see the complete information with the following command:
$ uname -a
Sample outputs:
Linux example.cyberciti.biz 2.6.32-220.2.1.el6.x86_64 #1 SMP Tue Dec 13 16:21:34 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
Find Red Hat Linux Distribution Version
Type the following cat command:
$ cat /etc/redhat-release
Sample outputs:
Red Hat Enterprise Linux Server release 6.2 (Santiago)
You can also view the manual page on uname using the following command:
$ man uname
Wednesday 30 January 2013
Sunday 27 January 2013
File Permissions
In the interests of keeping WordPress as locked down as is reasonably possible, directory and file permissions should be set accordingly:
Pay special attention to wp-config as a special case, lock this down as much as possible. If possible, move it to a directory outside of the DocumentRoot.
http://codex.wordpress.org/Hardening_WordPress
find ~/public_html -type d -exec chmod 755 {} ;
find ~/public_html -type f -exec chmod 644 {} ;
Pay special attention to wp-config as a special case, lock this down as much as possible. If possible, move it to a directory outside of the DocumentRoot.
http://codex.wordpress.org/Hardening_WordPress
Saturday 19 January 2013
How to stop syn attack on linux server
The SYN (TCP connection request) attack is a common denial of service (DoS) technique.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system
When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs like this:
The client requests a connection by sending a SYN (synchronize) message to the server.
The server acknowledges this request by sending SYN-ACK back to the client.
The client responds with an ACK, and the connection is established.
How to check the SYN attack on the server.
A quick and useful command for checking if a server is under ddos:
netstat -anp |grep ‘tcp|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
That will list the IPs taking the most amounts of connections to a server. It is important to remember that ddos is becoming more sophisticated and they are using fewer connections with more attacking ips. If this is the case you will still get low number of connections even while you are under a DDOS.
Another very important thing to look at is how many active connections your server is currently processing.
netstat -n | grep :80 |wc -l
netstat -n | grep :80 | grep SYN |wc -l
The first command will show the number of active connections that are open to your server. Many of the attacks typically seen work by starting a connection to the server and then not sending any reply making the server wait for it to time out. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems. If the second command is over 100 you are having trouble with a syn attack.
Solution:
First go with
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
and then
Try with all these IPtables rule , there may other attacks too.
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
then,
service iptables save
service iptables restart
it should resolve your issue.
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system
When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs like this:
The client requests a connection by sending a SYN (synchronize) message to the server.
The server acknowledges this request by sending SYN-ACK back to the client.
The client responds with an ACK, and the connection is established.
How to check the SYN attack on the server.
A quick and useful command for checking if a server is under ddos:
netstat -anp |grep ‘tcp|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
That will list the IPs taking the most amounts of connections to a server. It is important to remember that ddos is becoming more sophisticated and they are using fewer connections with more attacking ips. If this is the case you will still get low number of connections even while you are under a DDOS.
Another very important thing to look at is how many active connections your server is currently processing.
netstat -n | grep :80 |wc -l
netstat -n | grep :80 | grep SYN |wc -l
The first command will show the number of active connections that are open to your server. Many of the attacks typically seen work by starting a connection to the server and then not sending any reply making the server wait for it to time out. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems. If the second command is over 100 you are having trouble with a syn attack.
Solution:
First go with
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
and then
Try with all these IPtables rule , there may other attacks too.
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
then,
service iptables save
service iptables restart
it should resolve your issue.
Warning: shell_exec() has been disabled for security reasons in
Warning: shell_exec() has been disabled for security reasons in
You would receive the above warning message while accessing Fantastico through cPanel.
Please check if the below options are selected in WHM (you need to access WHM as root)
Login to your WHM control panel as root scroll down to the PHP section and make sure the
IONCUBE PHP Loader option is selected.
Then log into your server as root using SSH and execute the following command:
Above command will check the php config files and will make the changes if required.
You would receive the above warning message while accessing Fantastico through cPanel.
Please check if the below options are selected in WHM (you need to access WHM as root)
Login to your WHM control panel as root scroll down to the PHP section and make sure the
IONCUBE PHP Loader option is selected.
Then log into your server as root using SSH and execute the following command:
#/scripts/makecpphp
Above command will check the php config files and will make the changes if required.
Exception printing is disabled by default for security reasons - Magento
Error :
Exception printing is disabled by default for security reasons.
Error log record number: XXXXXXXXXXXXXXX
Solution :
After installation of magento then some of pages shows this error.
Exception printing is disabled by default for security reasons.
Error log record number: XXXXXXXXXXXXXXX
In this case you need to check following steps.
1) Go to folder /home/username/public_html/errors/
2) cp -p local.xml.sample local.xml
3) vi /home/username/public_html/lib/Zend/Cache/Backend/File.php
and search
protected $_options = array(
'cache_dir' => 'null',
and Change it to:
protected $_options = array(
'cache_dir' => 'tmp/',
Save the changes.
Create “tmp” folder under “/home/username/public_html/” folder.
done
Exception printing is disabled by default for security reasons.
Error log record number: XXXXXXXXXXXXXXX
Solution :
After installation of magento then some of pages shows this error.
Exception printing is disabled by default for security reasons.
Error log record number: XXXXXXXXXXXXXXX
In this case you need to check following steps.
1) Go to folder /home/username/public_html/errors/
2) cp -p local.xml.sample local.xml
3) vi /home/username/public_html/lib/Zend/Cache/Backend/File.php
and search
protected $_options = array(
'cache_dir' => 'null',
and Change it to:
protected $_options = array(
'cache_dir' => 'tmp/',
Save the changes.
Create “tmp” folder under “/home/username/public_html/” folder.
done
Sunday 6 January 2013
Back Up MySQL Databases From The Command Line
While automated backups are important on Linux server, sometimes you just want to take a quick and dirty snapshot before making a change to your data. When changing files in Linux, you can simply copy a file to another name, and c0py it back if your change does not work out. With MySQL, it is not quite that simple, but it is by no means difficult.
Creating A Backup
The mysqldump command is used to create textfile “dumps” of databases managed by MySQL. These dumps are just files with all the SQL commands needed to recreate the database from scratch.
If you want to back up a single database, you merely create the dump and send the output into a file, like so:
Multiple databases can be backed up at the same time:
It is also simple to back up all of the databases on a server:
Restoring a Backup
Since the dump files are just SQL commands, you can restore the database backup by telling mysql to run the commands in it and put the data into the proper database.
If you are trying to restore a single database from dump of all the databases, you have to let mysql know like this:
mysql --one-database database_name < all_databases.sql
Restoring Databases From cPanel Backups
Creating A Backup
The mysqldump command is used to create textfile “dumps” of databases managed by MySQL. These dumps are just files with all the SQL commands needed to recreate the database from scratch.
If you want to back up a single database, you merely create the dump and send the output into a file, like so:
mysqldump database_name > database_name.sql
Multiple databases can be backed up at the same time:
mysqldump --databases database_one database_two > two_databases.sql
It is also simple to back up all of the databases on a server:
mysqldump --all-databases > all_databases.sql
Restoring a Backup
Since the dump files are just SQL commands, you can restore the database backup by telling mysql to run the commands in it and put the data into the proper database.
mysql database_name < database_name.sql
If you are trying to restore a single database from dump of all the databases, you have to let mysql know like this:
mysql --one-database database_name < all_databases.sql
Restoring Databases From cPanel Backups
Enable Ioncube cPanel
Overview
The following guide will show you enable Ioncube in cPanel.
Enabling Ioncube
- Login to WHM (root)
- Go to Server Configuration -> Tweak Settings -> PHP
- Select ioncube from the radio-button for cPanel PHP loader.
- Click on Save button.
- That's it. This will enable Ioncube for you in 3rd party PHP binary.
Thursday 3 January 2013
How to install Git on CentOS running cPanel
Recently when working on creating a new bash script to calculate inode usage I attempted to install Git on a CentOS 5 cPanel server and got a lot of Perl errors. After running the install command from Yum as you can see in the output below it was complaining about dependencies.
Here's a few of the errors that I received when trying to install
# yum install git-core
After searching around and doing a little bit of research I figured out the problem was related to cPanel itself. cPanel was blocking the installation of any Perl modules to prevent it from conflicting with their packages.
Thankfully though there is a really simple way through Yum to install Git and bypass this block from cPanel.
# yum --disableexcludes=main install git
We add in the --disableexcludes=main and you should be able to install Git without any problems.
If you end up having problems with cPanel afterwards (which I have not experienced), you can run this script from cPanel to check the Perl modules installed.
# /scripts/checkperlmodules
Here's a few of the errors that I received when trying to install
# yum install git-core
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirror.team-cymru.org
* base: yum.singlehop.com
* epel: mirrors.servercentral.net
* extras: mirror.steadfast.net
* rpmforge: fr2.rpmfind.net
* updates: pubmirrors.reflected.net
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package git.i386 0:1.7.3-1.el4.rf set to be updated
--> Processing Dependency: perl-Git = 1.7.3-1.el4.rf for package: git
--> Processing Dependency: libcrypto.so.4 for package: git
--> Processing Dependency: perl(DBI) for package: git
--> Processing Dependency: libssl.so.4 for package: git
--> Processing Dependency: perl(Git) for package: git
--> Running transaction check
---> Package git.i386 0:1.7.3-1.el4.rf set to be updated
--> Processing Dependency: perl-Git = 1.7.3-1.el4.rf for package: git
--> Processing Dependency: perl(DBI) for package: git
--> Processing Dependency: perl(Git) for package: git
---> Package openssl097a.i386 0:0.9.7a-9.el5_4.2 set to be updated
--> Finished Dependency Resolution
git-1.7.3-1.el4.rf.i386 from rpmforge has depsolving problems
--> Missing Dependency: perl(DBI) is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
git-1.7.3-1.el4.rf.i386 from rpmforge has depsolving problems
--> Missing Dependency: perl(Git) is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
git-1.7.3-1.el4.rf.i386 from rpmforge has depsolving problems
--> Missing Dependency: perl-Git = 1.7.3-1.el4.rf is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
Error: Missing Dependency: perl(DBI) is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
Error: Missing Dependency: perl(Git) is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
Error: Missing Dependency: perl-Git = 1.7.3-1.el4.rf is needed by package git-1.7.3-1.el4.rf.i386 (rpmforge)
You could try using --skip-broken to work around the problem
You could try running: package-cleanup --problems
package-cleanup --dupes
rpm -Va --nofiles --nodigest
After searching around and doing a little bit of research I figured out the problem was related to cPanel itself. cPanel was blocking the installation of any Perl modules to prevent it from conflicting with their packages.
Thankfully though there is a really simple way through Yum to install Git and bypass this block from cPanel.
# yum --disableexcludes=main install git
We add in the --disableexcludes=main and you should be able to install Git without any problems.
If you end up having problems with cPanel afterwards (which I have not experienced), you can run this script from cPanel to check the Perl modules installed.
# /scripts/checkperlmodules
Subscribe to:
Posts (Atom)