The WordPress.com stats helper monkeys prepared a 2011 annual report for this blog.
Here’s an excerpt:
A San Francisco cable car holds 60 people. This blog was viewed about 1,700 times in 2011. If it were a cable car, it would take about 28 trips to carry that many people.
1. Rule: iptables to reject all outgoing network connections
The second line of the rules only allows current outgoing and established connection. This is very useful when you are login to the server vie ssh or telnet
# iptables -F OUTPUT
# iptables -A OUTPUT -m state \
–state ESTABLISHED -j ACCEPT
# iptables -A OUTPUT -j REJECT
2. Rule: iptables to reject all incoming network connections
The second line of the rules only allows current outgoing and established connection. This is very useful when you are login to the server vie ssh or telnet
# iptables -F INPUT
# iptables -A INPUT -m state \
–state ESTABLISHED -j ACCEPT
# iptables -A INPUT -j REJECT
3. Rule: iptables to reject all network connections
NOTE: This rule will drop and block all network connection whether incoming or outgoing. More importantly this will also include current ongoing established connections
# iptables -F
# iptables -A INPUT -j REJECT
# iptables -A OUTPUT -j REJECT
# iptables -A FORWARD -j REJECT
4. Rule: iptables to drop incoming ping requests
This iptables rule will DROP all incoming ping requests.
NOTE: it is possible to use REJECT instead of DROP. The difference between DROP vs REJECT is that DROP silently discards the incoming package, whereas REJECT will result in ICMP error being returned.
# iptables -A INPUT -p icmp –icmp-type echo-request -j DROP5. Rule: iptables to drop outgoing telnet connections
This iptables rule will block any outgoing traffic to any host where destination port is 23 ( telnet ).
# iptables -A OUTPUT -p tcp –dport telnet -j REJECT
6. Rule: iptables to reject incoming telnet connections
Refuse all incoming connection requests to a local port 23
# iptables -A INPUT -p tcp –dport telnet -j REJECT
7. Rule: iptables to reject outgoing ssh connections
# iptables -A OUTPUT -p tcp –dport ssh -j REJECT
8. Rule: iptables to reject incoming ssh connections
Refuse all incoming connections to a local port 22 ( ssh ).
# iptables -A INPUT -p tcp –dport ssh -j REJECT
9. Rule: iptables to reject all incoming traffic except ssh and local connections
# iptables -A INPUT -i lo -j ACCEPT
# iptables -A INPUT -p tcp –dport ssh -j ACCEPT
# iptables -A INPUT -j REJECT
10. Rule: iptables to accept incoming ssh connections from specific IP address
Using this iptables rule we will block all incoming connections to port 22 ( ssh ) except host with IP address 77.66.55.44. What it meas is that only host with IP 77.66.55.44 will be able to ssh.
# iptables -A INPUT -p tcp -s 77.66.55.44 –dport ssh -j ACCEPT
# iptables -A INPUT -p tcp –dport ssh -j REJECT
11. Rule: iptables to accept incoming ssh connections from specific MAC address
Using this iptables rule we will block all incoming connections to port 22 ( ssh ) except host with MAC address 00:e0:4c:f1:41:6b . In other works all ssh connections will be limited to a single host with a MAC address 00:e0:4c:f1:41:6b.
# iptables -A INPUT -m mac –mac-source 00:e0:4c:f1:41:6b -p tcp –dport ssh -j ACCEPT
# iptables -A INPUT -p tcp –dport ssh -j REJECT
12. Rule: iptables to reject incoming connections on a specific TCP port
The following iptables rule will drop all incoming traffic on TCP port 3333
# iptables -A INPUT -p tcp –dport 3333 -j REJECT
13. Rule: iptables to drop all incoming connections on a specific network interface
The following rule will drop incoming traffic on a specific network interface coming from subnet 192.168.0.0/16. The is very useful in attempt to drop all spoofed IP addresses. If eth0 is an external network interface, no incoming traffic originating from internal network should hit eth0 network interface.
# iptables -A INPUT -i eth0 -s 192.168.0.0/16 -j DROP
14. Rule: iptables to create a simple IP Masquerading
The following rule will create a simple IP Masquerading gateway to allow all host on the same subnet to access the Internet. The below specified eth0 is a external interface connected to the Internet.
# echo “1″ > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -o $EXT_IFACE -j MASQUERADE
15. Rule: Reject all incoming telnet traffic except specified IP address
The following iptables rule will reject all incoming telnet traffic except connection request from IP 222.111.111.222
# iptables -A INPUT -t filter ! -s 222.111.111.222 -p tcp –dport 23 -j REJECT
16. Rule: Reject all incoming ssh traffic except specified IP address range
The following iptables rule will reject all incoming ssh traffic except connection request from IP address range 10.1.1.90 – 10.1.1.1.100.
Removing negator “!” from the below rule reject all ssh traffic originating from IP address range 10.1.1.90 – 10.1.1.100.
iptables -A INPUT -t filter -m iprange ! –src-range 10.1.1.90-10.1.1.100 -p tcp –dport 22 -j REJECT
17. Rule: iptables to reject all outgoing traffic to a specific remote host
The following iptables rule will reject all outgoing traffic to a remote host with an IP address 222.111.111.222
# iptables -A OUTPUT -d 222.111.111.222 -j REJECT
18. Rule: iptables to block an access to a specific website
The following iptables rule will block all incoming traffic from facebook.com where source port is port 80 / www
# iptables -A INPUT -s facebook.com -p tcp –sport www -j DROP
You can view all messages in the email queue.
To Display all Messages in the Email Queue
Log in to your server using SSH.
Type su -.
Enter the password you used to log in to your server.
At the command prompt, type:
/var/qmail/bin/qmail-qstat
To list multiple messages in the queue, type:
/var/qmail/bin/qmail-qread
There is a built-in utility to control qmail called qmailctl. LifeWithqmail will put the file in /usr/bin/qmailctl.
‘qmailctl help’ will give you the general help output displaying the available commands. The following pertain to your question:
/usr/bin/qmailctl queue
This will show you the status of your queue, if messages are queued, run:
/usr/bin/qmailctl doqueue
This will deliver the queued messages for ‘immediate’ delivery
If you are curious on the messages being sent as you send them, locate the path of your log files and run a tail -f on the qmail-smtpd/current file. Below is an example:
/usr/bin/tail -f /var/log/qmail/qmail-smtpd/current
The -f flag will continue to monitor the file mentioned, displaying new data as it is being written to the file.
424Boyz
How to delete queue mail list from qmail queue while you have a bunch of queue mail stuck in qmail queue ?
Try the following syntax :
qmailctl stop
find /var/qmail/queue/mess -type f -exec rm {} \;
find /var/qmail/queue/info -type f -exec rm {} \;
find /var/qmail/queue/local -type f -exec rm {} \;
find /var/qmail/queue/intd -type f -exec rm {} \;
find /var/qmail/queue/todo -type f -exec rm {} \;
find /var/qmail/queue/remote -type f -exec rm {} \;
qmailctl start
But, I recommend to run this script not at busy time. I mean if you currently have busy traffic on qmail, otherwise your qmail won’t start properly and you must reboot your machine.
In other way to automatically remote qmail queue, is to set how long these qmail queues will stay, You can edit the /var/qmail/control/queuelifetime file this is the file to control how long a message stays in a queue. Just put a number (to represent seconds)in this file.By default 86400 sec Will keep the mail for 1 day and expire after that. Here you can change this value to 1 and restart your qmail server it should clear your qmail queue.
You can see on qmail log status at /var/log/qmail/qmail-send/current or /var/log/qmail/current.
find /home/*/public_html/ -type d -print0 | xargs -0 chmod 0755 # For directories
find /home/*/public_html/ -type f -not -name “*.pl” -not -name “*.cgi” -not -name “*.sh” -print0 | xargs -0 chmod 0644 # For files
find /home/*/public_html/ -type f -name “*.cgi” -print0 -o -name “*.pl” -print0 -o -name “*.sh” -print0 | xargs -0 chmod 0755 # For CGI/Scripts
grep -r ‘Jul 6*’ maillog > bklog
awk ‘$0>=from&&$0<=to’ from=”Jul 6 20:00:02″ to=”Jul 7 00:00:02″ bklog > bklog5
I’ve found that’s very useful and interested post from Mick Genie Blog’s about web hosting hot topics issues – mod_security. Sometimes, some applications will be need to disabled the mod_security applied to the virtual server in order to make their application works. You might wonder how to do on it?
Here with sharing with you all today.
If you are using Apache with mod_security, it could be done from the configuration file.However, you have to understand the Apache version and mod_security version that you used.
Normally, a hosted server will use Apache 1.x with mod_security 1.x and Apache 2.x with mod_security 2.x. To find out the Apache version, you may use the following command.
CODE:
1. $ httpd -v
With mod_security 1.x, you may use the following command from each of the virtual host path and add into the .htaccess file.
CODE:
1. ‹IfModule mod_security.c›
2. SecFilterEngine Off
3. SecFilterScanPOST Off
4. ‹/IfModule›
With mod_security 2.x, you could not add them to the .htaccess file, but you have to done it from the httpd.conf where they have improved the security and implementation.
If you using cPanel server, you will need to modify the httpd.conf file. Assume your Apache configuration located at /usr/local/apache/conf,
CODE:
1. vi /usr/local/apache/conf/httpd.conf
Search the virtual hosting such as mickgenie.com, uncommented(remove) the # from line as below.
Include “/usr/local/apache/conf/userdata/std/2/mickgenie/mickgenie.com/*.conf
Run the following command to create the mentioned path.
CODE:
1. mkdir -p /usr/local/apache/conf/userdata/std/2/username/domain_name/;cd /usr/local/apache/conf/userdata/std/2/username/domain_name/
Then you will need to create a file named bypass_modsec.conf and insert the command as below.
CODE:
1. ‹IfModule mod_security2.c›
2. SecRuleEngine Off
3. ‹/IfModule›
Save it and restart the Apache.
Install Zend Optimizer /scripts/installzendopt
Hostname A Entry Missing! /scripts/fixndc then restart bind and apache
Install Cron on New Server /scripts/installrpm anacron vixie-cron ; /etc/rc.d/init.d/crond start
Bandwidth issues /scripts/cleanbw
/scripts/fixwebalizer (To fix problem in webalizer that stop updating stats)
/scripts/fixcommonproblems
/scripts/fixeverything
Fixing Mail List MailMan /usr/local/cpanel/bin/convertmailman2
Reinstall MailMan /scripts/reinstallmailman
Fix Permissions on accounts: /scripts/fixhome
Edit mySQL conf file: pico /etc/my.cnf
Edit php.ini: pico /usr/local/lib/php.ini
Edit Apache Conf: pico /etc/httpd/conf/httpd.conf
Checking Real Time Top Processes Login to SSH and run: top
Run cpanel backup /scripts/cpbackup
To try and fix domain controller: /scripts/fixndc
Quotas /scripts/initquotas – takes a while to run
/scripts/resetquotas
/scripts/fixquotas – takes a while to run
/scripts/adddns Add a Dns Entry
/scripts/addfpmail Install Frontpage Mail Exts
/scripts/addservlets Add JavaServlets to an account (jsp plugin required)
/scripts/adduser Add a User
/scripts/admin Run WHM Lite
/scripts/apachelimits Add Rlimits (cpu and mem limits) to apache.
/scripts/dnstransfer Resync with a master DNS Server
/scripts/editquota Edit A User’s Quota
/scripts/finddev Search For Trojans in /dev
/scripts/findtrojans Locate Trojan Horses
Suggest Usage
/scripts/findtrojans > /var/log/trojans
/scripts/fixtrojans /var/log/trojans
/scripts/fixcartwithsuexec Make Interchange work with suexec
/scripts/fixinterchange Fix Most Problems with Interchange
/scripts/fixtrojans Run on a trojans horse file created by findtrojans to remove them
/scripts/fixwebalizer Run this if a user’s stats stop working
/scripts/fixvaliases Fix a broken valias file
/scripts/hdparamify Turn on DMA and 32bit IDE hard drive access (once per boot)
/scripts/initquotas Re-scan quotas. Usually fixes Disk space display problems
/scripts/initsuexec Turn on SUEXEC (probably a bad idea)
/scripts/installzendopt Fetch + Install Zend Optimizer
/scripts/ipusage Display Ipusage Report
/scripts/killacct Terminate an Account
/scripts/killbadrpms Delete “Security Problem Infested RPMS”
/scripts/mailperm Fix Various Mail Permission Problems
/scripts/mailtroubleshoot Attempt to Troubleshoot a Mail Problem
/scripts/mysqlpasswd Change a Mysql Password
/scripts/quicksecure Kill Potential Security Problem Services
/scripts/rebuildippool Rebuild Ip Address Pool
/scripts/remdefssl Delete Nasty SSL entry in apache default httpd.conf
/scripts/restartsrv Restart a Service (valid services: httpd,proftpd,exim,sshd,cppop,bind,mysql)
/scripts/rpmup Syncup Security Updates from RedHat/Mandrake
/scripts/runlogsnow Force a webalizer/analog update.
/scripts/secureit Remove non-important suid binaries
/scripts/setupfp4 Install Frontpage 4+ on an account.
/scripts/simpleps Return a Simple process list. Useful for finding where cgi scripts are running from.
/scripts/suspendacct Suspend an account
/scripts/sysup Syncup Cpanel RPM Updates
/scripts/unblockip Unblock an IP
/scripts/unsuspendacct UnSuspend an account
/scripts/upcp Update Cpanel
/scripts/updatenow Update /scripts
/scripts/wwwacct Create a New Account
/scripts/runweblogs account username for awstats to run manually
Reply With Quote
To check the httpd configuration is either SUPHP or DSO
/usr/local/cpanel/bin/rebuild_phpconf –current
You should able to transfer accounts from your old server to this via WHM as follows. To work this properly you should able to SSH from this sever to the old server without any issue.
WHM login >> Main >> Transfers >> Copy multiple accounts/packages from another server
Here you need to provide the old server IP, SSH port, and root password.
If the above method fails you can transfer accounts manually as follows.
1. Take backup of the accounts using the following script: ( in source server)
# /scripts/pkgacct <account username>
This will create a backup file under /home with name cpmove-<username>.tar.gz
2. Copy(use scp) this file into the target server: (say 99..99.99.99)
# scp cpmove-<username>.tar.gz root@99..99.99.99:/home
3. Restore accounts using the following script:
# /scripts/restorepkg <account username
http://www.techotopia.com/index.php/MySQL_Essentials
http://www.linuxtopia.org/online_books/database_guides/mysql_5.1_database_reference_guide/index.html
