MySQL is not running on the server. when I try to connect to MySQL I get the following error :-
root@server [~]# mysql
ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
root@server [~]# /etc/init.d/mysql status
ERROR! MySQL is not running, but lock exists
root@server [~]#
When checked with the MySQL service I got this error
root@server [~]# /etc/init.d/mysql status
ERROR! MySQL is not running, but lock exists
Here are the steps that should fix the issue.
root@server [~]# rm /var/lock/subsys/mysql
rm: remove regular empty file `/var/lock/subsys/mysql’? y
root@server [~]# /etc/init.d/mysql start
If still it doesn't solve the issue, The best possibility is that the mysql PID file was left after the system restart and I assume that mysql server was not stopped properly.
So please check mysql by following command
root@server [~]# top |grep mysql
OR
root@server [~]# ps aufx | grep mysql
If it shows the mysql process, Kill that mysql process and again run the command :-
root@server [~]# rm /var/lock/subsys/mysql
and start the mysql service by
root@server [~]# /etc/init.d/mysql start
This should resolve the issue
Note : There could be some chances that your disk usage 100% full.
root@server [~]# df -h
If that one is usr, var or tmp then you can remove old logs.
=================
Friday 28 February 2014
Tuesday 11 February 2014
How to install ConfigServer Apps On A cPanel/WHM Server ?
ConfigServer provide a range of paid and free applications, including a significantly more advanced firewall, that plug directly into WHM on your cPanel server. These applications are highly recommended for anyone who is serious about the security of their cPanel Server, as they not only provide enhanced security functionality, but also allow you to easily manage a number of other basic cPanel functions, such as mail settings, mail queues, and a more advanced ModSecurity tool.
Below is a list of the free applications that we will be providing the simple installation instructions for:
- CSF - this is an advanced firewall system utilising Linux ip tables
- Mail Manage – allows you to adjust mail settings, such as hourly limits and email forwarders, on a per account basis
- Mail Queues – easily manage your email queues with the ability to force run the queue and delete stuck messages
- ModSecurity Control – if you have installed ModSecurity on your cPanel Server, this provide an advanced management interface
- Explorer – This is a file system explorer web interface which allows you to also run basic shell commands within folders – WARNING: While this utility can be very useful it is also very dangerous indeed. You can easily render your server inoperable and unrecoverable by performing ill advised actions. No warranty or guarantee is provided with the product that protects against system damage.
NOTE: All of the installations below require you to be logged into SSH as root.
Install ConfigServer Security & Firewall
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
Remove installation files:
cd ..
rm -Rfv csf/ csf.tgz
Install ConfigServer Mail Manage
rm -fv cmm.tgz
wget http://www.configserver.com/free/cmm.tgz
tar -xzf cmm.tgz
cd cmm
sh install.sh
Remove installation files:
cd ..
rm -Rfv cmm/ cmm.tgz
To uninstall:
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/addon_cmm.cgi
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/cmmversion.txt
rm -Rfv /usr/local/cpanel/whostmgr/docroot/cgi/cmm/
Install ConfigServer Mail Queues
rm -fv cmq.tgz
wget http://www.configserver.com/free/cmq.tgz
tar -xzf cmq.tgz
cd cmq
sh install.sh
Remove installation files:
cd ..
rm -Rfv cmq/ cmq.tgz
To uninstall:
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/addon_cmq.cgi
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/cmqversion.txt
rm -Rfv /usr/local/cpanel/whostmgr/docroot/cgi/cmq/
Install ConfigServer ModSecurity Control
rm -fv cmc.tgz
wget http://www.configserver.com/free/cmc.tgz
tar -xzf cmc.tgz
cd cmc
sh install.sh
Remove installation files:
cd ..
rm -Rfv cmc/ cmc.tgz
To uninstall:
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/addon_cmc.cgi
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/cmcversion.txt
rm -Rfv /usr/local/cpanel/whostmgr/docroot/cgi/cmc/
Install ConfigServer Explorer
rm -fv cse.tgz
wget http://www.configserver.com/free/cse.tgz
tar -xzf cse.tgz
cd cse
sh install.sh
Remove installation files:
cd ..
rm -Rfv cse/ cse.tgz
To uninstall:
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/addon_cse.cgi
rm -fv /usr/local/cpanel/whostmgr/docroot/cgi/cseversion.txt
If you run into any issue with the install, just head over to the ConfigServer forums and you’ll find plenty of people who can assist you.
How to allow Anonymous users to create a new directory and write to that directory?
We need to edit the parameter ‘anon_mkdir_write_enable’ and set it’s value to ‘YES’. But in order to make the parameter working, ‘write_enable’ must be activated. The default is NO.
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
How to allow secured SSL connections to Anonymous users? How ?
Yes! It is possible to allow anonymous users to use secured SSL connections. The value of parameter ‘allow_anon_ssl’ should be ‘YES’ in the vsftpd.conf file. If it, set to NO it wont allow anonymous users to use SSL connections. The default value is NO.
# Add this line to enable secured SSL connection to anonymous users.
allow_anon_ssl=YES
How would you block an IP which is acting malicious on internal private VSFTP network?
Block IP using host.deny file
Open ‘/etc/hosts.deny’ file.
Append the following line at the bottom of the file with the IP address that you want to block access to FTP.
Block IP using iptables rule
To block FTP access to particular IP address, add the following drop rule to iptables INPUT chain.
Open ‘/etc/hosts.deny’ file.
# vi /etc/hosts.deny
Append the following line at the bottom of the file with the IP address that you want to block access to FTP.
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
vsftpd:198.28.0.0
Block IP using iptables rule
To block FTP access to particular IP address, add the following drop rule to iptables INPUT chain.
iptables -A RH-Firewall-1-INPUT -p tcp -s 172.16.16.1 -m state --state NEW -m tcp --dport 21 -j DROP
Wednesday 5 February 2014
Scripts location on linux cpanel server through command line
- addns – add a dns zone
- addfpmail – Add frontpage mail extensions to all domains without them
- addfpmail2 -Add frontpage mail extensions to all domains without them
- addnetmaskips – Add the netmask 255.255.255.0 to all IPs that have no netmask
- addnobodygrp – Adds the gorup nobody and activates security
- addpop – add a pop account
- addservlets – Add JSP support to an account (requires tomcat)
- addstatus – (Internal use never called by user)
- adduser – Add a user to the system
- bandwidth – (OLD)
- betaexim – Installs the latest version of exim
- biglogcheck – looks for logs nearing 2 gigabytes in size
- bsdcryptoinstall – Installs crypto on FreeBSD
- bsdldconfig – Configures the proper lib directories in FreeBSD
- bsdpkgpingtest – Tests the connection speed for downloading FreeBSD packages
- buildbsdexpect – Install expect on FreeBSD
- builddomainaddr – (OLD)
- buildeximconf – Rebuilds exim.conf
- buildpostgrebsd-dev – Installs postgresql on FreeBSD.
- chcpass – change cpanel passwords
- easyapache – recompile/upgrade apache and/or php
- exim4 – reinstall exim and fix permissions
- fixcommonproblems – fixes most common problems
- fixfrontpageperm – fixes permission issues with Front Page
- fixmailman – fixes common mailman issues
- fixnamed – fixes common named issues
- fixndc – fixes rndc errors with named
- fixquotas – fixes quota problems
- fullhordereset – resets horde database to a fresh one – all previous user data are lost
- initquotas – initializes quotas
- installzendopt – installs zend optimizer
- killacct – terminate an account – make sure you take a backup of the account first
- mailperm – fixes permission problems with inboxes
- park – to park a domain
- pkgacct – used to backup an account
- restartsrv – restart script for services
- restorepkg – restores an account from a backup file ( pkgacct file)
- runlogsnow – update logs of all users
- runweblogs – update stats for a particular user
- securetmp – secures /tmp partition with options nosuexec and nosuid
- suspendacct – suspends an account
- unsuspendacct – unsuspends a suspended account
- upcp – updates cpanel to the latest version
- updatenow – updates the cpanel scripts
- updateuserdomains – updates userdomain entries
Tuesday 4 February 2014
How to disable mod_sec for domain from linux command line ?
If mod_sec is causing problem in proper functioning of web site then we will need to disable it by placing few statements into your .htaccesss . Statement vary depending on your Apache version.
First we need to check apache version installed on your server by running below command:
root@linux [~]# httpd -v
OR
root@linux [~]# /usr/local/apache/bin/httpd -v
If you have Apache 1.x then create .htaccess file into your document root and place following statements.
SecFilterEngine Off
SecFilterScanPOST Off
If you have Apache 2.x then place following statements.
SecRuleEngine Off
SecAuditEngine Off
Note : False Or Spam reviews will be deleted, all reviews are cross checked.
Subscribe to:
Posts (Atom)