Main Page: Difference between revisions

From Cheatsheet
Jump to navigation Jump to search
← Older edit
No edit summary
No edit summary
 
(142 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This is my wiki, containing all of my shortcuts.<br><br> Also I would like to note that...<br><center>YOU LOSE THE GAME! <br>[http://losethegame.com TG]<br>[http://shooltz.net/w/index.php?title=Fukung Fukung]<br>[http://shooltz.net/w/index.php?title=PointlessSites Pointless Sites]</center><hr>
This is my wiki, containing all of my SECRETS. Also I would like to note that... YOU LOSE THE GAME!  


                                                      <h1><center> .htaccess </center></h1>
[http://losethegame.com TG][http://shooltz.net/w/index.php?title=PointlessSites Pointless Sites] [http://vov.wks.liquidweb.com Addicting Pacman Games]
'''to enable the reading of the custom php.ini in the public_html for suphp you need to add the following and replaces username with the cpanel user's username'''


<pre>suPHP_ConfigPath /home/username/public_html</pre>
lw contributions [[wikis]]
then
{{Notice|blah blah}}
<pre>cd /home/username/public_html
 
cp /usr/local/lib/php.ini /home/username/public_html/php.ini
= Specified Guides =
touch phpinfo.php && echo "<?php phpinfo(); ?>" >> phpinfo.php
We are going to change this up a little.  Links to the Specified Guides will be first now.
chown username. php.ini phpinfo.php
 
</pre>
===== [[Cpanel_create_test_accounts]] =====
Now add you custom changes for that account into that php.ini, and then proceed to test by going to that users website/phpinfo.php and see it your changes are there.
===== [http://wiki.shooltz.net/w/index.php?title=Phpmyadmin_-_CORE_MANAGED Coremanaged phpmyadmin] =====
===== [http://wiki.shooltz.net/w/index.php?title=Coremanaged_Pure-ftp Coremanaged Pure-ftp] =====
===== [http://wiki.shooltz.net/w/index.php?title=Coremanaged_SSL Coremanaged SSL] =====
===== [http://wiki.shooltz.net/w/index.php?title=Cpanel_issues cpanel] =====
====== [http://wiki.shooltz.net/w/index.php?title=Cpanels_internal_php cpanels interal php] ======
===== [http://wiki.shooltz.net/w/index.php?title=Custom_Compiling Custom Compiling] =====
===== [http://churchofthegeek.com/screenshots/ Email walkthrough] =====
===== [http://wiki.shooltz.net/w/index.php?title=exim Exim] =====
===== [http://wiki.shooltz.net/w/index.php?title=Firewalls Firewalls] =====
===== [http://churchofthegeek.com/screenshots/ FTP walkthrough] =====
===== [http://wiki.shooltz.net/w/index.php?title=Godaddy Godaddy, nameserver setup] =====
===== [http://wiki.shooltz.net/w/index.php?title=HTTPD_and_APACHE HTTPD AND APACHE] =====
===== [http://wiki.shooltz.net/w/index.php?title=Memory_and_load_issues Memory and load] =====
===== [http://wiki.shooltz.net/w/index.php?title=MODSEC Modsec] =====
===== [http://wiki.shooltz.net/w/index.php?title=MySQL Mysql] =====
===== [http://wiki.shooltz.net/w/index.php?title=Nfs NFS] =====
===== [http://wiki.shooltz.net/w/index.php?title=Perl Perl] =====
===== [http://wiki.shooltz.net/w/index.php?title=PHP PHP] =====
 
===== [http://wiki.shooltz.net/w/index.php?title=Plesk Plesk] =====
===== [http://wiki.shooltz.net/w/index.php?title=Proxy_pass Proxy Pass] =====
===== [http://wiki.shooltz.net/w/index.php?title=Ptouch Ptouch] =====
===== [http://wiki.shooltz.net/w/index.php?title=Ramdisk Ramdisk] =====
===== [http://wiki.shooltz.net/w/index.php?title=Sar Sar] =====
===== [http://wiki.shooltz.net/w/index.php?title=Screen Screen] =====
===== [http://wiki.shooltz.net/w/index.php?title=Shared_Server_List Shared server list] =====
===== [http://wiki.shooltz.net/w/index.php?title=Spamassassin Spamassassin] =====
===== [https://wiki.int.liquidweb.com/articles/stats_script Stats_script] =====
===== [https://wiki.int.liquidweb.com/articles/Suphpfix Suphpfix] =====
 
===== [http://wiki.shooltz.net/w/index.php?title=Webmail Webmail] =====
===== [https://wiki.shooltz.net/w/index.php?title=Yum/rpm Yum/RPM] =====
 
= CMS guides =
===== [http://wiki.shooltz.net/w/index.php?title=DrupalGuide Drupal Guide] =====
===== [http://wiki.shooltz.net/w/index.php?title=Drupal_Modules Drupal Modules] =====
===== [http://wiki.shooltz.net/w/index.php?title=Joomla_guide Joomla Guide] =====
===== [http://wiki.shooltz.net/w/index.php?title=Joomla_Modules Joomla Modules] =====
===== [http://wiki.shooltz.net/w/index.php?title=Wordpress_guide Wordpress Guide] =====
===== [http://wiki.shooltz.net/w/index.php?title=Wordpress_plugins Wordpress Plugins] =====
 
= Core system understanding Guides =
 
These are to help you better understand the operating system itself.  (Coming shortly)
 
===== [http://wiki.shooltz.net/w/index.php?title=Linux_startup Understanding Linus startup] =====
 
= Cpanel& WHM Hackery =
 
===== [http://wiki.shooltz.net/w/index.php?title=2_domains_1_documentroot 2 domains 1 docroot] =====
===== [http://wiki.shooltz.net/w/index.php?title=2_domains_1_IP 2 domains 1 ip] =====


= General Shit =


=== .htaccess ===


                                                      <h1><center> Adding domains to Dedicated ips</center></h1>
To place more that one domain on a dedicated IP go to:
<pre>cd /var/cpanel/userdata/</pre>
Choose the domains user that we are adding to the ip example: username/domain.com
<pre> vim username/domain.com</pre>
Change the ip to the new ip, save the file.
<pre>
/scripts/rebuildhttpdconf
/etc/init.d/httpd stop
/etc/init.d/httpd stop
/etc/init.d/httpd startssl
</pre>
Wait for it to propagate, and viola!


                                                      <h1><center> Addon domain issues</center></h1>
=== Addon domain issues ===
If you come across this error:
If you come across this error:
<pre>" Error from park wrapper: Using nameservers with the following IPs:
" Error from park wrapper: Using nameservers with the following IPs:
174.132.129.99,174.132.129.98 Sorry, the domain is already pointed to an IP
174.132.129.99,174.132.129.98 Sorry, the domain is already pointed to an IP
address that does not appear to use DNS servers associated with this server.
address that does not appear to use DNS servers associated with this server.
Please transfer the domain to this servers nameservers or have your
Please transfer the domain to this servers nameservers or have your
administrator add one of its nameservers to /etc/ips.remotedns and make the
administrator add one of its nameservers to /etc/ips.remotedns and make the
proper A entries on that remote nameserver. "</pre>
proper A entries on that remote nameserver. "
go to tweak settings an check the option to:
go to tweak settings an check the option to:
<pre>Allow Creation of Parked/Addon Domains that resolve to other servers (i.e. domain transfers)</pre>
Allow Creation of Parked/Addon Domains that resolve to other servers (i.e. domain transfers)
 
                                                      <h1><center> APF</center></h1>
'''Apf un block'''
<pre>vi /etc/apf/deny_hosts.rules
/etc/init.d/apf restart</pre>


'''# of attemps'''
=== Bandwidth Unknown ===
<pre>vi /usr/local/bfd/conf.bfd</pre>
if it is a storm server login and run the following.
tcpdump -ni eth0 not port ssh > /root/dumpinfo
let it run for a few minutes and then ctrl-c and run the following on it.
egrep '(22[4-9]|23[0-9])\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ' /root/dumpinfo
if you get alot of results this server is suffering from multicast traffic hitting their instance raising their bandwidth.  


'''Starting APF:Unable to load iptables module (ipt_state), aborting.'''
log into their parent server and run the following command.
<pre>vi /etc/apf/conf.apf
/usr/local/lp/apps/virt-firewall/rebuildfirewall.sh
SET_MONOKERN change to 1
/etc/init.d/apf restart</pre>


<h1><center>ChkServd</center></h1>
=== ChkServd ===
'''enable chkservd'''
'''enable chkservd'''
<pre>/usr/local/cpanel/bin/tailwatchd --enable=Cpanel::TailWatch::ChkServd</pre>
<pre>/usr/local/cpanel/bin/tailwatchd --enable=Cpanel::TailWatch::ChkServd</pre>
Line 59: Line 94:
<pre>/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::ChkServd</pre>
<pre>/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::ChkServd</pre>


<h1><center>[http://shooltz.net/w/index.php?title=Phpmyadmin_-_CORE_MANAGED Coremanaged phpmyadmin]</center></h1>
=== Cpanel logs ===
 
Cpanel log locations.
<h1><center>[http://shooltz.net/w/index.php?title=Coremanaged_Pure-ftp Coremanaged Pure-ftp]</center></h1>
/usr/local/cpanel/logs/error_log
 
<h1><center>[http://shooltz.net/w/index.php?title=Coremanaged_SSL Coremanaged SSL]</center></h1>
 
<h1><center>CPANEL</center></h1>
'''LOGS ARE LOCATED AT'''
<pre>vim /usr/local/cpanel/logs/error_log</pre>


'''Cpanel gives this error'''
/usr/local/cpanel/logs/cpbackup
[a fatal error or timeout occurred while processing this directive]
mv /home/(username)/.cpanel/*cache different location
and or check permissions on the /home/(username)/.cpanel folder should be user:user


'''error when accessing http://ipaddress/~username/'''
=== Crond ===
Warning: Unknown: open_basedir restriction in effect. File(/home/hilariou/public_html/index.php) is not within the allowed path(s): (/usr/local/lp:/proc:/usr/lib/php:/usr/local/lib/php:/tmp) in Unknown on line 0
For help with crond entries go to this url
http://www.linuxhelp.net/guides/cron/


'''Move this line to the post section of the httpd.conf'''
cron log location
<pre>vim /usr/local/apache/conf/httpd.conf</pre>
Include "/usr/local/lp/configs/httpd/vhost.conf
 
<h1><center>Crond</center></h1>
'''For help with crond entries go to this url'''
<pre>http://www.linuxhelp.net/guides/cron/</pre>
 
'''cron log location'''
  vim /var/log/cron
  vim /var/log/cron


'''Location of the main cron'''
Location of the main cron
<pre>vim /var/spool/cron/root</pre>
vim /var/spool/cron/root


''' Location of the cpanel users crons'''
Location of the cpanel users crons
  /var/spool/cron/
  /var/spool/cron/


'''Location of the specific crons, daily weekly monthly...etc'''
Location of the specific crons, daily weekly monthly...etc
<pre>vim /etc/cron.</pre>
vim /etc/cron.
Tab complete to see all of the options<br>
Tab complete to see all of the options<br>


'''Add this to the main cron to make all mail in the .sent/cur directory erase after being 15 days old.'''
Add this to the main cron to make all mail in the .sent/cur directory erase after being 15 days old.
<pre>0 3 * * * find /home*/*/mail/*/*/cur /home*/*/mail/*/*/.Sent/cur -type f -mtime +30 -exec rm {} \;</pre>
0 3 * * * find /home*/*/mail/*/*/cur /home*/*/mail/*/*/.Sent/cur -type f -mtime +30 -exec rm {} \;


'''REMINDER CRON'''
REMINDER CRON
Also another nice cron for those of us who forget to clock out or in.  This will open the <br>time clock in a new window to remind you to clock out.  Use the link above to set your own time.
Also another nice cron for those of us who forget to clock out or in.  This will open the <br>time clock in a new window to remind you to clock out.  Use the link above to set your own time.
<pre>55 08 * * 1-5 art env DISPLAY=:0.0 firefox --new-window https://tc.int.liquidweb.com/content/index.html </pre>
55 08 * * 1-5 art env DISPLAY=:0.0 firefox --new-window https://tc.int.liquidweb.com/content/index.html


=== CSS not loading ===
Come accross a page that doesnt want to load its css on a vps?  Log into the server and do the following.


<h1><center>CSS not loading</center></h1>
curl -v 'http://domain.com/(path to the css file goes here)'
Come accross a page that doesnt want to load its css on a vps?  Log into the server and do the following.


<pre>curl -v 'http://domain.com/(path to the css file goes here)'</pre>
If in that's response this line is returned
If in that's response this line is returned
<pre> * transfer closed with 1386 bytes remaining to read
 
* Closing connection #0
* transfer closed with 1386 bytes remaining to read
curl: (18) transfer closed with 1386 bytes remaining to read</pre>
* Closing connection #0
curl: (18) transfer closed with 1386 bytes remaining to read


OR an easier way is to use these if they return nothing, go to next step.
OR an easier way is to use these if they return nothing, go to next step.
<pre>cat /usr/local/apache/conf/includes/* | grep EnableSendFile
 
cat /usr/local/apache/conf/httpd.conf | grep EnableSendFile
cat /usr/local/apache/conf/includes/* | grep EnableSendFile
</pre>
cat /usr/local/apache/conf/httpd.conf | grep EnableSendFile


Copy and paste the following to fix
Copy and paste the following to fix
<pre>echo "EnableSendFile Off">>/usr/local/apache/conf/includes/pre_main_global.conf
echo "EnableSendFile Off">>/usr/local/apache/conf/includes/pre_main_global.conf
/etc/init.d/httpd restart</pre>
/etc/init.d/httpd restart
 
=== Custom php Handler===
====suPHP inside of DSO.====
(original info from here https://hd.int.liquidweb.com/msgs/index.mhtml?id=2806215#14)
 
First off make sure that you have ran an EA and have suphp installed but not activated, now edit the following file.
 
mkdir -p /usr/local/apache/conf/userdata/std/2/
vim /usr/local/apache/conf/userdata/std/2/$CPUSER/suphp.conf
 
Place the following inside of that file.
 
# SuPHP configuration for PHP5
LoadModule suphp_module modules/mod_suphp.so
suPHP_Engine on
AddType application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml
<Directory />
        suPHP_AddHandler application/x-httpd-php5 .php
</Directory>
<IfModule mod_suphp.c>
    suPHP_UserGroup $CPUSER $CPUSER
</IfModule>
# End of autogenerated PHP configuration.
 
Now assuming the customer has no special edits made to the apache conf rebuild the conf.
 
cp -Rp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.preincludebackup
/scripts/rebuildhttpdconf
/etc/init.d/httpd restart
chmod +s /opt/suphp/sbin/suphp
 
Now you can test the page out using a phpinfo.php (look below) and it should be running underneath suPHP.
 
{{Notice|
In the phpinfo.php SUPHP will say the following:
                Server API : CGI
 
In the phpinfo.php DSO will say the following:
                Server API : Apache 2.0 Handler
}}
 
=== Custom php.ini ===
And a super method to do this for '''suphp only'''
First cd to the users public_html
cd /home/$user/public_html
then run the following.
for i in `pwd | cut -d/ -f3`; do cp /usr/local/lib/php.ini /home/$i/public_html/php.ini && chown $i. /home/$i/public_html/php.ini && htb=`cat .htaccess` && echo -e "suPHP_ConfigPath /home/$i/public_html\n<Files php.ini>\norder allow,deny\ndeny from all\n</Files>\n\n$htb" > /home/$i/public_html/.htaccess && touch /home/$i/public_html/phpinfo.php && chown $i. /home/$i/public_html/phpinfo.php && echo "<?php phpinfo(); ?>" > /home/$i/public_html/phpinfo.php; done


<h1><center>Custom php.ini</center></h1>
Now you should have a php.ini, phpinfo.php and the apropiate lines should be in the htaccess file all set to the correct perms and ready to customize.
'''For SuPhP'''
==== For SuPhP ====
First copy the php.ini over
First copy the php.ini over


Line 141: Line 209:
Note: the local php.ini REPLACES the system one, it does not override like a .htaccess setting does.
Note: the local php.ini REPLACES the system one, it does not override like a .htaccess setting does.


'''For CGI'''
==== For CGI ====
First copy the php.ini over
First copy the php.ini over  


  cp /usr/local/lib/php.ini /home/(username)/public_html/php.ini
cd /home/(username)/public_html
  chown (username). /home/(username)/public_html/php.ini
  cp /usr/local/lib/php.ini php.ini
  chown (username). php.ini


In .htaccess under public_html, add the following:
In the .htaccess in the public_html, add the following:


  AddHandler php-cgi .php .htm
  AddHandler php-cgi .php
  Action php-cgi /home/(username)/public_html/cgi-bin/php5.cgi
  Action php-cgi /cgi-bin/phpini.cgi
 
if by chance the php5.cgi does not exist please add it with the following contents.
if by chance the phpini.cgi does not exist please add it with the following contents.
   
   
  #!/bin/sh
  #!/bin/sh
  export PHPRC=/home/(username)/public_html/php.ini
  export PHPRC=/home/(username)/public_html/php.ini
  exec /usr/local/cpanel/cgi-sys/php5
  exec /usr/local/cpanel/cgi-sys/php5 -c /home/(username)/public_html/
 
Also make sure that you correct the permissions on the phpini.cgi.  They should be the following.
 
chmod +x /cgi-bin/phpini.cgi
chown (username). /cgi-bin/phpini.cgi
 
=== Disable root login ===
 
useradd lwstaff
passwd (assign a password)
usermod -G wheel lwstaff
vim /etc/ssh/sshd_config
 
change
 
PermitRootLogin = yes
 
to no and un-comment it. restart sshd and test your work.
 
/etc/init.d/sshd restart
 
=== DNS Cheats ===
Adding a wildcard to every dns record


<h1><center>Disable root login</center></h1>
for i in `cat /var/cpanel/users/*| grep DNS|cut -d = -f 2`; do echo "* IN CNAME $i." >> /var/named/$i.db;done
<pre>
useradd lwstaff
passwd (assign a password)
usermod -G wheel lwstaff
vim /etc/ssh/sshd_config
</pre>
change
PermitRootLogin = yes
to no and un-comment it.
restart sshd and test your work.


<h1><center>DNS Cheats</center></h1>
Adjusting all ttls on a server to 300
'''Adding a wildcard to every dns record'''
<pre>for i in `cat /var/cpanel/users/*| grep DNS|cut -d = -f 2`; do echo "* IN CNAME $i." >> /var/named/$i.db;done </pre>


'''Adjusting all ttls on a server to 300'''
#check current TTLs and serial number
<pre>
grep --color -e '^\$TTL.*' /var/named/*.db
#check current TTLs and serial number
grep --color -e '[0-9]\{10\}' /var/named/*.db  # this will be the serial number, 10 numbers in a row
grep --color -e '^\$TTL.*' /var/named/*.db
#also check that date works as expected/is newer than the serial numbers currently existing
grep --color -e '[0-9]\{10\}' /var/named/*.db  # this will be the serial number, 10 numbers in a row
date +%Y%m%d%H  
#also check that date works as expected/is newer than the serial numbers currently existing
date +%Y%m%d%H


#the -i flag will create backups in the same directory, liquidweb.com.lwbak for example
#the -i flag will create backups in the same directory, liquidweb.com.lwbak for example
sed -i.lwbak -e 's/^\$TTL.*/$TTL 300/g' -e 's/[0-9]\{10\}/'`date +%Y%m%d%H`'/g' /var/named/*.db
sed -i.lwbak -e 's/^\$TTL.*/$TTL 300/g' -e 's/[0-9]\{10\}/'`date +%Y%m%d%H`'/g' /var/named/*.db


#check your work
#check your work
grep --color -e '^\$TTL.*' /var/named/*.db
grep --color -e '^\$TTL.*' /var/named/*.db
grep --color -e '[0-9]\{10\}' /var/named/*.db  
grep --color -e '[0-9]\{10\}' /var/named/*.db
</pre>


                                                      <h1><center>[http://shooltz.net/w/index.php?title=DrupalGuide Drupal Guide]</center></h1>
=== DU commands ===
du and sort by human readable size:


                                                      <h1><center>[http://churchofthegeek.com/screenshots/ Email walkthrough]</center></h1>
On newer servers(centos 6+):
du -hx --max-depth=1 | sort -h


                                                      <h1><center>Email</center></h1>
On old servers(centos 5 and below):
for i in G M K; do du -hx --max-depth=1 | grep [0-9]$i | sort -nr -k 1; done


=== Email ===
'''For the number of spam in all default accounts.'''
'''For the number of spam in all default accounts.'''
<pre>for i in `ls /var/cpanel/users`; do ls -d /home/$i/mail/cur && ls -l /home/$i/mail/cur | wc -l; done</pre>
<pre>for i in `ls /var/cpanel/users`; do ls -d /home/$i/mail/cur && ls -l /home/$i/mail/cur | wc -l; done</pre>
Line 227: Line 308:
<pre>/scripts/linksubemailtomainacct</pre>
<pre>/scripts/linksubemailtomainacct</pre>


<h1><center>Empty files</center></h1>
 
=== Empty files ===
To create a '''empty file''' that takes so much spce for testing uploads.
To create a '''empty file''' that takes so much spce for testing uploads.
<pre>dd if=/dev/zero of=file1G.tmp bs=1G count=1</pre>
<pre>dd if=/dev/zero of=file1G.tmp bs=1G count=1</pre>


<h1><center>EXIM</center></h1>
=== End line Character removal ===
 
'''number of msg in q'''
<pre>exim -bpc  </pre>
 
'''print msg q summary'''
<pre>exim -bp | exiqsumm </pre>


'''Start a full q run'''
You know those pesky characters that sometimes show up on files and break stuff
<pre>exim -q -v</pre>


'''Start a local delivery q run'''
^M
<pre>exim -ql -v </pre>
^M
^M
^M


'''Flush exim queue'''
Well there is a easy way to fix these.
<pre>exim -bpr | awk {'print $3'} | xargs exim -Mrm</pre>


'''Do a traceroute on the email path to the mx hosts'''
dos2unix -n .htaccess .htaccess.fixed
<pre>exim -bt Email address here</pre>


Viola!!


<h1><center>Fantastico</center></h1>
=== Fantastico ===
 
'''add the Fantastico installer plugin'''
'''add the Fantastico installer plugin'''
<pre>cd /usr/local/cpanel/whostmgr/docroot/cgi
<pre>cd /usr/local/cpanel/whostmgr/docroot/cgi
Line 260: Line 335:
rm -rf fantastico_whm_admin.tgz</pre>
rm -rf fantastico_whm_admin.tgz</pre>


<h1><center>Flash plugin for centos</center></h1>
=== Finding I/O by process ===
<pre>yum install flash-plugin.1386</pre>
Run this
echo 1 > /proc/sys/vm/block_dump
 
Wait for a bit then shut it off
echo 0 > /proc/sys/vm/block_dump
 
Check your results (may have to alter this to report correctly, depends on their kernel)
dmesg | egrep "READ|WRITE|dirtied" | egrep -o '([a-zA-Z]*)' | sort | uniq -c | sort -rn | head
Alternate
dmesg | egrep "READ|WRITE|dirtied" | cut -d\( -f1 | sort | uniq -c | sort -rn | head
 
Flush ring buffer after, and between tests.
dmesg -c
 
=== Flash plugin for centos ===
INSTALL RPMFORGE FIRST!!!
yum install flash-plugin


<h1><center>For loops and other loops</center></h1>
=== For loops and other loops ===
'''ALWAYS RUN THIS FIRST!!!!!
'''ALWAYS RUN THIS FIRST!!!!!
<pre>unalias ls</pre>'''
<pre>unalias ls</pre>'''
Line 276: Line 367:
<pre>while x=0; do ps aux | grep easyapache |grep -v grep; sleep 30; done</pre>
<pre>while x=0; do ps aux | grep easyapache |grep -v grep; sleep 30; done</pre>


                                                      <h1><center>[http://churchofthegeek.com/screenshots/ FTP walkthrough]</center></h1>
'''Monitoring server load against core count, and restarting mysql id needed'''
 
while true; do MyLoad=`cat /proc/loadavg | cut -d\  -f1| cut -d\. -f1`; MyCores=`cat /proc/cpuinfo | grep processor | wc -l`; if [ $MyLoad -gt $MyCores ]; then /etc/init.d/mysql restart; else echo "`date +%r` - load of $MyLoad is below the total core count of $MyCores, good to go so far."; fi; sleep 90; done;
                                                      <h1><center>[http://shooltz.net/w/index.php?title=Godaddy Godaddy, nameserver setup]</center></h1>
10:20:21 PM - load of 2 is below the total core count of 8, good to go so far.


                                                      <h1><center>Grep</center></h1>
=== Grep ===


Use these to figure out a usename without logging into WHM.
Use these to figure out a usename without logging into WHM.
Line 288: Line 379:
</pre>
</pre>


<h1><center>History Removal commands</center></h1>
 
=== History Removal commands ===
 
'''If the customer would like their history cleared.'''
'''If the customer would like their history cleared.'''
<pre>echo "" > /var/log/messages && echo "" /var/log/secure
<pre>echo "" > /var/log/messages && echo "" /var/log/secure
Line 295: Line 388:
'''If for some reason you ever need to cover your own tracks, like creating a usre on the wrong server or such, this will remove your session history'''
'''If for some reason you ever need to cover your own tracks, like creating a usre on the wrong server or such, this will remove your session history'''
<pre>history -r</pre>
<pre>history -r</pre>
                                                      <h1><center>HTOP</center></h1>
'''Source Install:''' (for other methods to install please see https://wiki.int.liquidweb.com/articles/Htop)
<pre>cd /usr/local/src/ 
wget http://www.sfr-fresh.com/linux/misc/htop-0.8.3.tar.gz
tar zxf htop-0.8.3.tar.gz
cd htop-0.8.3
./configure ; make ; make install</pre>


=== HTOP ===
Twicherts method (easier and prefered)
exec 3<&1 && bash <&3 <(curl http://layer3.liquidweb.com/lantern/htop.sh)


                                                      <h1><center>HTTPD and APACHE</center></h1>
Source Install: (for other methods to install please see https://wiki.int.liquidweb.com/articles/Htop)
cd /usr/local/src/ 
wget http://www.sfr-fresh.com/linux/misc/htop-0.8.3.tar.gz
tar zxf htop-0.8.3.tar.gz
cd htop-0.8.3
./configure ; make ; make install
 
=== HTTPD and APACHE ===
'''to distill changes to the httpd.conf'''
'''to distill changes to the httpd.conf'''
<pre>/usr/local/cpanel/bin/apache_conf_distiller --update</pre>
<pre>/usr/local/cpanel/bin/apache_conf_distiller --update</pre>
Line 311: Line 407:
<pre>/usr/bin/lynx -dump -width 500  http://127.0.0.1/whm-server-status</pre>
<pre>/usr/bin/lynx -dump -width 500  http://127.0.0.1/whm-server-status</pre>


<h1><center>Index blocking</center></h1>
=== Index's ===
'''Add this to the .htaccess, Blocks the index of / from being seen. Comment out to make visible again.'''
Trying to veiw an index
<pre>Options -Indexes
 
OR
If you can do the following tail command( with you ip of course after you have visited the site or while)
Options +Indexes +a-</pre>
[root@host2.managed-me.net] snap >> tail -f /usr/local/apache/logs/error_log | grep 69.16.222.26
[Tue Dec 21 04:31:33 2010] [error] [client 69.16.222.26] Directory index forbidden by rule: /home/xencomca/public_html/ssm1/snap/
[Tue Dec 21 04:31:33 2010] [error] [client 69.16.222.26] File does not exist: /home/xencomca/public_html/403.shtml
Do the following, (i am using the above as an example.)
vim /home/xencomca/public_html/ssm1/snap/.htaccess
And add this line to the top of the file.
Options +Indexes
Now save and refresh the page.
 
Blocks the index of /  
 
Add the following to the .htaccess of the folder in question.  
Options -Indexes
to disable this just change the - to a +.
 
 
=== Finding Inode Usage ===
Script
wget -O /scripts/inodes.sh http://shooltz.net/resources/scriptrepo/inodes.sh
chmod +x /scripts/inodes.sh
/scripts/inodes.sh
 
One liner
for i in *; do echo -e "$(find $i | wc -l)\t$i"; done | sort -rn
 
=== Intermittent apache/nginx connections/403's ===
 
If you ever run across a server that has any software install that has to proxy to apache make sure that mod_evasive is disabled in the httpd.conf.  Having this module enabled will cause a condition that makes it appear as though you can connect to the page every 1 / 15 tries.
 
To fix comment out this line in the apache config.
 
#LoadModule evasive20_module modules/mod_evasive20.so
 


<h1><center>IonCube Problems</center></h1>
=== IonCube Problems ===
If you get this error  
If you get this error  
<pre>The ionCube PHP Loader is disabled because of startup problems.</pre>
<pre>The ionCube PHP Loader is disabled because of startup problems.</pre>
Line 332: Line 460:
<pre>/etc/init.d/httpd restart</pre>
<pre>/etc/init.d/httpd restart</pre>


<h1><center>IPTABLES</center></h1>
 
=== IPTABLES ===
'''Block temp with IPtables'''
'''Block temp with IPtables'''
<pre>iptables -I INPUT 1 -s ipaddress -j DROP</pre>
<pre>iptables -I INPUT 1 -s ipaddress -j DROP</pre>
Line 339: Line 468:
<pre>/etc/apf/deny_hosts.rules</pre>
<pre>/etc/apf/deny_hosts.rules</pre>


                                                      <h1><center> LIST</center></h1>
 
=== LIST ===
'''list by last modified'''
'''list by last modified'''
<pre>ls -lt</pre>
<pre>ls -lt</pre>
Line 346: Line 476:
<pre>lsof -p PID</pre>
<pre>lsof -p PID</pre>


                                                      <h1><center>Load checking</center></h1>
=== Locating log files ===
'''Listening on port'''
Finding a log file that has been modified in the last 24hrs
<pre>lsof -i :25</pre>
find /home -name error_log -mtime -1
 
=== Mailman ===
 
Mailman reports that the list is trying to be pulled from login and do a grep in the mailman directory. in this example i will use our shared servers.
 
cd /usr/local/cpanel/3rdparty/mailman
grep -R koala.liquidweb.com * > list.txt
 
Now cat that list - the archives
 
cat list.txt | grep -v archive
 
Should give you similar results of whats below, the mailman config that contain the offending url.
 
archive Binary file lists/members_lendaheart.org/config.pck.last matches
Binary file lists/members_lendaheart.org/config.pck matches
 
now make a backup of the config.pck and edit it.
 
cp config.pck config.pck.lwback
sed -i -e 's/koala/hydra/g' config.pck
 
this will change koala to hydra, now login to mailman and see if the problem is solved.
This should fix the problem of mailman going to the wrong server.
 
=== mbstring ===
Check if it is installed with the following
php -i | grep --color mbstring


'''Load per process checking'''
if that come back with this it is installed but not enabled:
<pre>/usr/local/cpanel/bin/dcpumonview</pre>


'''Total connections on port 80'''
mbstring
<pre>netstat -nap |grep -c :80</pre>
mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.func_overload => 0 => 0
mbstring.http_input => pass => pass
mbstring.http_output => pass => pass
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value


'''rough per sec hits'''
Then
<pre>/usr/bin/lynx -dump -width 500 http://127.0.0.1/whm-server-status | grep GET | awk '{print $12}' | sort | uniq -c | sort -rn | head</pre>


'''Tells how many are using port 80'''
/etc/init.d/httpd stop
<pre>netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -f1 -d: | sort | uniq -c | sort -rn | head</pre>
/etc/init.d/httpd startssl


                                                      <h1><center>Locating log files</center></h1>
=== ModRewrite ===
'''Finding a log file that has been modified in the last 24hrs'''
Make sure mod_rewrite is on in the httpd.conf
<pre>find /home -name error_log -mtime -1</pre>


<h1><center>Memory and load issues</center></h1>
Redirect all traffic for a url to main index.
'''Load per process checking'''
<pre>/usr/local/cpanel/bin/dcpumonview</pre>


'''Memory per user''' foo'ed up by mwineland
  RewriteEngine on
  lwtmpvar='';for each in `ps aux | grep -v COMMAND | awk '{print $1}' | sort | uniq`; do lwtmpvar="$lwtmpvar\n`ps aux | egrep ^$each | awk 'BEGIN{total=0};{total += $4};END{print total, $1}'`"; done; echo -e $lwtmpvar | grep -v ^$ | sort -rn | head
  RewriteCond %{REQUEST_URI} !^\/$
RewriteRule .* / [L,R=302]


'''Checking swaps memory usage'''
Block a url from hitting the page.
<pre>vmstat 1</pre>


'''If digging into swaps''' memory run this and see if there are any tables that are "[!!] Total fragmented tables"
RewriteEngine On
If it does show that there are fragmented tables, run an optimize on the tables.
RewriteCond %{http_host} ^.*shooltz.net.* [NC]
<pre>wget mysqltuner.pl/mysqltuner.pl && perl mysqltuner.pl</pre>
RewriteRule ^(.*)$ - [F,L]


'''Optimization script here'''
www redirect:
<pre>
for i in $(mysql -e "show databases;" | sed 's/Database//') ; do for each in $(mysql -e "use $i; show tables;" \
| sed 's/Tables.*//' ;) ; do mysql -e "use $i ; optimize table $each" ; done ; done
</pre>


<h3>'''Using Sar'''</h3> this can be helpful in figuring out what the swaps are are or the iowait.
  Options +FollowSymlinks
<pre>sar</pre>
RewriteEngine on
This will display Collected, report, or save system activity information.
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]


<pre>sar -r</pre>
Non www Redirect for https and http to https://domain.com:
This will show you the memory and swap space utilization statistics.<br>
You can futher clean that up to show just mem used and swpused with the following.
<pre>sar -r | awk '{print $1,"\t"$2,"\t"$5,"\t\t"$10}'</pre>


You can also use sar to view previous days log files. Do the following.
Options +FollowSymlinks
RewriteCond %{SERVER_PORT} 80
Rewritecond %{http_host} domain.com [nc,OR]
Rewritecond %{http_host} www.domain.com [nc]
Rewriterule ^(.*)$ https://domain.com/$1 [r=301,nc]
RewriteCond %{SERVER_PORT} 443
Rewritecond %{http_host} www.domain.com [nc]
Rewriterule ^(.*)$ https://domain.com/$1 [r=301,nc]


<pre>cd /var/log/sa
https redirect:
ll</pre>
This should provide you with a list that looks like the following.
<pre>
-rw-r--r--  1 root root 484640 Aug  1 15:51 sa01
-rw-r--r--  1 root root 484176 Aug  2 23:50 sa02
-rw-r--r--  1 root root 228576 Aug  3 11:00 sa03
-rw-r--r--  1 root root 490992 Jul 26 23:50 sa26
-rw-r--r--  1 root root 490992 Jul 27 23:50 sa27
-rw-r--r--  1 root root 490992 Jul 28 23:50 sa28
-rw-r--r--  1 root root 481232 Jul 29 23:50 sa29
-rw-r--r--  1 root root 490992 Jul 30 23:50 sa30
-rw-r--r--  1 root root 485104 Jul 31 15:37 sa31
-rw-r--r--  1 root root 491873 Aug  1 23:53 sar01
-rw-r--r--  1 root root 491907 Aug  2 23:53 sar02
-rw-r--r--  1 root root 498737 Jul 25 23:53 sar25
-rw-r--r--  1 root root 498737 Jul 26 23:53 sar26
-rw-r--r--  1 root root 498737 Jul 27 23:53 sar27
-rw-r--r--  1 root root 498737 Jul 28 23:53 sar28
-rw-r--r--  1 root root 489709 Jul 29 23:53 sar29
-rw-r--r--  1 root root 498737 Jul 30 23:53 sar30
-rw-r--r--  1 root root 493163 Jul 31 23:53 sar31
</pre>
Each of those files is a log for that day of the month.  Pick and choose then view them with the following command.
<pre>sar -f sa01</pre>
If you want to view different modes of the sar add the flags at the end of the command like so.
<pre> sar -f sa01 -r</pre>


'''check the parent for oomage'''
Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:
figure out the instance id
<pre>
vzlist -a
</pre>
place id here.
<pre>cat /var/log/messages | grep OOM.*ve\=(id goes here)</pre>
run this to see how many times this has happened in one day.
<pre>grep Aug\ 21.*OOM.*ve\=(id goes here) /var/log/messages | wc -l</pre>
To find '''script memory''' usage run the following lines
<pre>for each in `ls -A /var/cpanel/users | fgrep -v "."`; do grep -R memory_limit /home/$each/public_html/ >> /root/temp.txt; done
cat /root/temp.txt | grep ini_set
</pre>


                                                      <h1><center>mbstring</center></h1>
RewriteEngine On
'''Check if it is installed with the following'''
RewriteCond %{SERVER_PORT} 80
<pre>php -i | grep --color mbstring</pre>
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
if that come back with this it is installed but not enabled:
<pre>
mbstring
mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.func_overload => 0 => 0
mbstring.http_input => pass => pass
mbstring.http_output => pass => pass
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value
</pre>
Go into the php.ini and un-comment these lines.
<pre>
vim /usr/local/lib/php.ini
</pre>
and un-comment these lines.
<pre>
extension=php_mbstring.dll
extension=php_mcrypt.dll
</pre>
Then
<pre>
/etc/init.d/httpd stop
/etc/init.d/httpd startssl
</pre>


                                                      <h1><center>MODSEC</center></h1>
Filematch redirect, put in the htaccess for the folder you want this protection on.


'''my whitelisting script'''
<FilesMatch "\.(png|txt)$">
<pre>
  Options +FollowSymlinks
wget http://shooltz.net/modsec_whitelister.sh
  RewriteEngine on
chmod +x modsec_whitelister.sh
  rewriterule ^(.*)$ http://domain.com/ [r=301,nc]
./modsec_whitelister.sh
</FilesMatch>
</pre>
'''Remove specified directory from modsec'''
<pre>SecRule REQUEST_URI  "URI goes here" phase:1,nolog,allow,ctl:ruleEngine=Off</pre>
Add to this file and restart
<pre>vi /usr/local/apache/conf/modsec2/whitelist.conf
/etc/init.d/httpd restart
/etc/init.d/apf restart</pre>


'''Remove a whole domain'''
Please, note that the .htaccess should be located in the web site main folder.
<pre>SecRule SERVER_NAME "handymanreality.com" phase:1,nolog,allow,ctl:ruleEngine=Off</pre>
Please, note that the .htaccess should be located in the web site main folder.
In case you wish to force HTTPS for a particular folder you can use:


'''Common modsec uri's'''
RewriteEngine On
<pre>
RewriteCond %{SERVER_PORT} 80
/wp-admin/post.php
RewriteCond %{REQUEST_URI} somefolder
/wp-admin/admin-ajax.php
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]
/wp-admin/page.php


</pre>
The .htaccess file should be placed in the folder where you need to force HTTPS.


<h3>Script to email Modsec logs</h3> per day to the customer.
Exclude a folder from a ruleset
First make the script
####################      Added by mshooltz
<pre>
##          Excludes folders listed.
touch /root/modseclog.sh
##          can add more folders as follows:
touch /root/tmplog.txt
#                    change (retailers) to (retailers|NEWFOLDER)
touch /root/tmplog2.txt
chmod +x /root/modseclog.sh
    RewriteRule ^(retailers)($|/) - [L]
vim /root/modseclog.sh
</pre>
Paste the following into it.
<pre>
#!/bin/bash


date=`date | awk '{print$2, $3}'`
=== Mouse sensitivity in linux ===
echo "" > /root/tmplog.txt && echo "" > /root/tmplog2.txt
if you type "xset m 100 10" this will move your mouse 100 times faster after it has been moved past the treshold of 10 pixels.
cat /usr/local/apache/logs/error_log | grep modsec > /root/tmplog.txt
cat /root/tmp.txt | grep "$date" > /root/tmplog2.txt
cat /root/tmplog2.txt | mail -s "Modsec Log for $date" (email goes here)
</pre>
Save it and then add the following line into your crontab.
<pre>57 23 * * * /root/modseclog.sh</pre>


Now wait for 11:57 and then check your email. :P
  man xset


=== MTR <enhanced traceroute> ===
To install:


<h1><center>ModRewrite</center></h1>
yum install mtr
'''www redirect'''
Make sure mod_rewrite is on in the httpd.conf
<pre>Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]</pre>


                                                    <h1><center>MTR <enhanced traceroute></center></h1>
'''To install:'''
<pre>yum install mtr</pre>
If it fails to find the package you will need to add rpmforge to your repo's
If it fails to find the package you will need to add rpmforge to your repo's


                                                    <h1><center>MYSQL</center></h1>
=== MS SQL on a cpanel box ===
'''To backup all databases to remote location'''
To install MS SQL Do the following.
<pre>mkdir /home/sqlbackup
 
for db in `mysql -s -B -e "show databases"`;do mysqldump $db > /home/sqlbackup/$db.sql.(version number here);done
Install unixODBC:
</pre>
cd /usr/src
'''repair a crashed MYISAM table'''
wget http://www.unixodbc.org/unixODBC-2.3.0.tar.gz
stop chkservd and mysql
tar -zxf unixODBC-2.3.0.tar.gz
<pre>/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::ChkServd
cd unixODBC-2.3.0
/etc/init.d/mysql stop
./configure -prefix=/usr/local -enable-gui=no
</pre>
make install
then do
<pre>myisamchk -r /var/lib/mysql/(databasename)/(tablename)
Install FreeTDS:
/etc/init.d/mysql start
cd /usr/src/
/usr/local/cpanel/bin/tailwatchd --enable=Cpanel::TailWatch::ChkServd
  wget ftp://ftp.ibiblio.org/pub/Linux/ALPHA/freetds/stable/freetds-stable.tgz
</pre>
tar -zxf freetds-stable.tgz
<h2>"MySQL server has gone away" fix'''</h2>
cd freetds-*
<pre>vim /etc/my.cnf</pre>
./configure -with-tdsver=8.0 -with-unixODBC=/usr/local
is to increase
make install
<pre>wait_timeout
ldconfig
max_allowed_packet</pre>
Usually doubling these settings will solve this error.  
Tell EasyApache we want MSSQL support:
<pre>/etc/init.d/mysql stop
echo '--with-mssql' >> /var/cpanel/easy/apache/rawopts/all_php5
/etc/init.d/mysql start
</pre>
Now, recompile PHP/Apache through EasyApache. It’s OK to use the same options as previous, because MSSQL isn’t an option in EasyApache that can be toggled on and off; we did it manually (and permanently) in the last step.
<h3>Correct way to upgrade mysql in cpanel box</h3>
 
<pre>vim /var/cpanel/cpanel.config</pre>
Verify your work by checking phpinfo() for the mssql section.
mysql=version you want (IE...4.1, 5.1)
<pre>/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings
=== MR Radar ===
mkdir /home/sqlbackup
Install mr radar
for db in `mysql -s -B -e "show databases"`;do mysqldump $db > /home/sqlbackup/$db.sql.(old mysql version number here);done
lpyum install mm3k-client-pull
/scripts/mysqlup --force
 
mysqladmin version
=== Netstat ===
/scripts/easyapache
</pre>
'''Myqsl packages are installed'''
<pre>rpm -qa | grep SQL | grep -vi perl</pre>
'''Force perl update'''
<pre>/scripts/perlinstaller --force Bundle::DBD::mysql</pre>
'''what mysql version'''
<pre>mysqladmin version</pre>
'''Mysql database location'''
<pre>cd /var/lib/mysql</pre>
'''imports a dumped file'''
<pre>mysql database < db-dump-file.sql</pre>
'''Mysqldump'''
<pre>mysqldump dbname > dbname.sql</pre>
'''Export all databases to a single sql file'''
<pre>mysqldump -u root -p --all-databases > all.sql</pre>
'''Import all databases back to mysql.'''
<pre>mysql -u root -p < all.sql</pre>


<h3>Mtop</h3>
SYN detection
This is a monitoring tool much like Htop or top, but for mysql.
netstat -nap |grep SYN
<pre>
Number of SYN connections
mysql -e "CREATE USER 'mysqltop'@'localhost';grant super, reload, process on *.* to 'mysqltop'@'localhost';"
netstat -nap |grep SYN | wc -l
cd /usr/local/src
Check what is listening on what ports.
wget http://downloads.sourceforge.net/project/mtop/mtop/v0.6.6/mtop-0.6.6.tar.gz
netstat -lnp
tar -zxvf mtop-0.6.6.tar.gz
Check what is listening on a specific port.
rm -rf mtop-0.6.6.tar.gz
netstat -lnp | grep (portnumber)
cd mtop-0.6.6
perl Makefile.PL
make
make install
mtop
</pre>
ENJOY!!!
<h1><center>MR Radar</center></h1>
'''Install mr radar'''
<pre>lpyum install mm3k-client-pull</pre>


<h1><center>NGINX</center></h1>
=== NGINX ===
'''ADD VHOST'''
ADD VHOST
To add a vhost you must go to:
To add a vhost you must go to:
<pre>
 
cd /etc/nginx/vhosts/
cd /etc/nginx/vhosts/
</pre>
 
The copy an already existing domain vhost file over to the name that you need.
The copy an already existing domain vhost file over to the name that you need.
<pre>
 
cp -Rp Existing.com newdomain.com
cp -Rp Existing.com newdomain.com
vim newdomain.com
vim newdomain.com
</pre>
 
Change the document root over to the new users document root, also change all references of the existingdomain to the new domain then save and exit the file.
Change the document root over to the new users document root, also change all references of the existingdomain to the new domain then save and exit the file.
restart nginx
restart nginx
<pre>/etc/init.d/nginx restart</pre>
/etc/init.d/nginx restart


            <h1><center>Openssl</center></h1>
=== Openssl ===
[http://www.openssl.org/docs/apps/pkcs12.html my guide to openssl]
[http://www.openssl.org/docs/apps/pkcs12.html my guide to openssl]
this will unpackage global sign certs that look like this CEDS1008174562.pfx
this will unpackage global sign certs that look like this CEDS1008174562.pfx
<pre>openssl pkcs12 -in CEDS1008174562.pfx -out cert -nodes</pre>
of course replace the "CEDS1008174562.pfx" with your .pfx files name and change "cert" to what ever you want the output file called.


            <h1><center>OwnerShip & Groups</center></h1>
openssl pkcs12 -in CEDS1008174562.pfx -out cert -nodes
'''Tell what group number owner is'''
 
<pre>cat /etc/passwd | grep nobody</pre>
of course replace the "CEDS1008174562.pfx" with your .pfx files name and change "cert" to what ever you want the output file called, <br>also at this point you will need to enter the password that you setup when you converted the cert.
 
=== OwnerShip & Groups ===
Tell what group number owner is
cat /etc/passwd | grep nobody


Add user to group
Add user to group
<pre>useradd -G {group-name} username</pre>
useradd -G {group-name} username
 
=== Permissions ===
Find 777 folders
find /home -perm 0777 -type d -print
 
Find files and folders and change to 755 and 644


<h1><center>Perl</center></h1>
find /home/(username)/public_html/ -type d -exec chmod 755 '{}' \;
'''Update all perl modules'''
find /home/(username)/public_html/ -type f -exec chmod 644 '{}' \;
<pre>/scripts/checkperlmodules</pre>


'''To list all Perl modules.'''
=== Permisions folder Crawler ===
<pre>perl -MFile::Find=find -MFile::Spec::Functions -Tlwe 'find { wanted =>
Courtesy of Aglenn
sub { print canonpath $_ if /\.pm\z/ }, no_chdir => 1 }, @INC' >
for dir in $(pwd | sed 's/\//\ /g'); do ls -ld $olddir/$dir; olddir="$olddir/$dir"; done; unset dir olddir;
Perlmodules.txt
</pre>
then if you wanted to find the imagemagick perl module do the following.
<pre>cat Perlmodules.txt |grep -i imagemagick</pre>


<h1><center>Permissions</center></h1>
=== Pixel Post ===
'''Find 777 folders'''
You can go to [http://www.pixelpost.org pixelpost.org] for more details about this program, for the installation guide go here [http://www.pixelpost.org/docs/GettingStarted/Install Install guide]
<pre>find /home -perm 0777 -type d -print</pre>


''' Find files and folders'''  and change to 755 and 644
Log into the server and go to the folder that the customer wants this installed at.
<pre>
 
find /home/(username)/public_html/ -type d -exec chmod 755 '{}' \;
cd /usr/local/src
find /home/(username)/public_html/ -type f -exec chmod 644 '{}' \;
wget http://www.pixelpost.org/releases/latest.zip 
</pre>
unzip pixelpost_v1.7.3.zip


                                                        <h1><center>[http://shooltz.net/w/index.php?title=Plesk Plesk]</center></h1>
Make sure you change the user in the next command to the correct name.


                                                      <h1><center>PHP</center></h1>
chown -R user. ./*
PHP info
<pre><?php phpinfo(); ?> </pre>
One liner PHP info, make sure to change (username here) ti the account in questions username.
<pre>touch phpinfo.php && chown (username here). phpinfo.php && echo "<?php phpinfo(); ?> " > phpinfo.php</pre>


PHP version
Give customer this link to complete setup.
<pre>/usr/local/cpanel/bin/rebuild_phpconf --current</pre>
http://domain.com/installation directory/admin/install.php


Set the default version in the .htaccess
=== Ports ===
<pre>vim /usr/local/apache/conf/php.conf</pre>
Bindings
go to the following and you want to copy out the line starting with "AddType"<br>
netstat -lnc
will look something like this but might be different...<br>
AddType application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml<br>
copy the whole line and if you are doing php4 change the 5 to 4's and vice versa, but dont have any duplicate options.


PHP 4 module check
=== Python ===
<pre>/usr/local/php4/bin/php</pre>
find python version
python -V


enable/disable monitoring script ---
=== Redirects and finding them ===
<pre>wget http://scripts.ssullivan.org/apiCalls/confMonitoring
Check all of the apache include files.
perl confMonitoring</pre>


PhP mem limit on a shared with dso goes into the public_html in the .htaccess
cd /usr/local/apache/conf/includes
<pre>php_value memory_limit 64M</pre>
cat post_virtualhost_1.conf
cat post_virtualhost_2.conf
cat post_virtualhost_global.conf
cat pre_main_1.conf
cat pre_main_2.conf
cat pre_main_global.conf
cat pre_virtualhost_1.conf
cat pre_virtualhost_2.conf
cat pre_virtualhost_global.conf


veiw availiable php upgrades
=== Register_globals ===
<pre>/scripts/phpextensionmgr list</pre>
turn off register globals in dso for one cpanel account, just add the following to the cpanel account .htaccess that you want to disable globals for.


install php upgrade
php_flag register_globals off
<pre>/scripts/phpextensionmgr install (name here)</pre>


'''php rpm'''
=== Renamer Script ===
[http://shooltz.net/w/index.php?title=Php_rpms. php rpms]
Run this in a directory that is full of files that need to have the spaces replaced with _'s


wget http://shooltz.net/scriptrepo/renamer.sh


                                                      <h1><center>PHPmyadmin</center></h1>
=== Reverse DNS ===
To update just phpmyadmin.
File location where you add it
<pre>/usr/local/cpanel/bin/updatephpmyadmin --force</pre>
Since my workstations ip is 69.16.222.26 I would find my ptr record in this file, on NS.liquidweb.com.


                                                        <h1><center>Pixel Post</center></h1>
[root@ns /var/named]# vim 222.16.69.in-addr.arpa.db
You can go to [http://www.pixelpost.org pixelpost.org] for more details about this program.  for the installation guide go here [http://www.pixelpost.org/docs/GettingStarted/Install Install guide]


Log into the server and go to the folder that the customer wants this installed at.
Then I locate the line that says 26, (since that is the last octet of my ip) and add the following.
<pre>wget http://www.pixelpost.org/releases/latest.zip 
unzip pixelpost_v1.7.3.zip</pre>Make sure you change the user in the next command to the correct name.<pre>
chown -R user. ./*
</pre>
Give customer this link to complete setup.
<pre> http://domain.com/installation directory/admin/install.php</pre>


                                                        <h1><center>Ports</center></h1>
26 IN PTR      vov.wks.liquidweb.com.
Bindings
<pre>netstat -lnc</pre>


<h1><center>Premigrations</center></h1>
change the ttl to 300, change the serial, and then reload the bitch.
====Lower TTLs====


After you are in your screen session, the first thing you will want to do is lower the TTLs of each domain being movedThis is to prevent extended downtimes for our customers. Lowering the TTLs usually requires you to edit the zone file, change the TTL and modify the serial number.
rndc reload 222.16.69.in-addr.arpa
  rndc reload 222.16.69.in-addr.arpa


You can use the Greps that follow to check the current serial numbers and the sed  command to lower the TTLs and set the serial number to todays date.  TEST if you use this, only use rndc reload once you have tested.
You are done, Welcome to the world of being tracked by Liquidweb.


check current TTLs and serial number
=== Rdesktop ===
  grep --color -e '^\$TTL.*' -e '[0-9]\{10\}' /var/named/*.db  # this [0-9]\{10\}  will be the serial number, 10 numbers in a row
  rdesktop (servername here) -u mshooltz -p (passhere) &


make sure date works
=== ROBOTS.TXT ===
date +%Y%m%d%H
To make a file that prevents indexing of certain folders.


the -i flag will create backups in the same directory, liquidweb.com.lwbak for example
  touch robots.txt
  sed -i.lwbak -e 's/^\$TTL.*/$TTL 300/g' -e 's/[0-9]\{10\}/'`date +%Y%m%d%H`'/g' /var/named/*.db


or this
change the permissions to user.user and the edit the file and add these lines to it.
for domain in `cat domains.txt`; do sed -i.lwbak -e 's/^\$TTL.*/$TTL 300/g' -e 's/[0-9]\{10\}/'`date +%Y%m%d%H`'/g' /var/named/$domain.db ; done


check your work
  User-agent: *
  grep --color -e '^\$TTL.*' -e '[0-9]\{10\}' /var/named/*.db
Disallow: /


If everything looks ok, reload the domains to have the changes take effect, otherwise replace the backups.
You can specify othe directorys that you wish to be blocked by adding the path, and for this file "/" = public_html.
rndc reload


In case of external migrations, check that the structure of /var/named is sane, and that files are named as expected (you may have to change them from .com.domain to .com.db, for instance).
=== Rsync ===
Basic rsync
rsync -avHl /home/(username)/public_html/ /home/(username)/public_html/


<h1><center>Python</center></h1>
rsync from a remote server to a local server
find python version
rsync -avHle ssh -p 22222 root@67.225.167.252/usr/share/ssl /usr/share/
<pre>python -V</pre>


<h1><center>[http://shooltz.net/w/index.php?title=Ramdisk Ramdisk]</center></h1>
=== Ruby ===


<h1><center>Register_globals</center></h1>
Re-installation
'''turn off in dso for one account'''
mv /usr/lib/ruby /usr/lib/ruby.bak
<br> just add the following to the cpanel account .htaccess that you want to disable globals for.
mv /usr/local/lib/ruby /usr/local/lib/ruby.bak
mv /usr/bin/ruby /usr/bin/ruby.bak
mv /usr/local/bin/ruby /usr/local/bin/ruby.bak
mv /usr/bin/rails /usr/bin/rails.bak
mv /usr/local/bin/rails /usr/local/bin/rails.bak
mv /usr/bin/gem /usr/bin/gem.bak
mv /usr/local/bin/gem /usr/local/bin/gem.bak
/scripts/installruby


php_flag register_globals off
=== SCP ===
To secure copy do the following.


<h1><center>Rdesktop</center></h1>
scp {file} root@(servers ip here):/home/
<pre>rdesktop (servername here) -u mshooltz -p (passhere) &</pre>


                                                      <h1> <center>ROBOTS.TXT</center></h1>
=== SED ===
To make a file that prevents indexing of certain folders.
replace this with THIS
<pre>
touch robots.txt
</pre>
change the permissions to user.user and the edit the file and add these lines to it.
<pre>
User-agent: *
Disallow: /
</pre>
You can specify othe directorys that you wish to be blocked by adding the path, and for this file "/" = public_html.


                                                      <h1> <center>RPM</center></h1>
sed -i -e 's/(this)/(THIS)/g' path/filename
Rpm src packages go here
<pre>/usr/local/src/</pre>


remove old kernal srcs
=== S.M.A.R.T stuffs ===
<pre>rpm -qa | grep kernel-source | xargs rpm -e</pre>
hard drive statistics (replace X with hard drive number).


Rpm remove installed packages
smartctl -A /dev/sdbX
<pre>rpm -e --nodeps {package name here}</pre>


                                                      <h1><center>Rsync</center></h1>
Do a long HDD test
'''basic rsync'''
<pre>rsync -avHl /home/(username)/public_html/ /home/(username)/public_html/</pre>
'''rsync from a remote server to a local server'''
<pre>rsync -avHle ssh -p 22222 root@67.225.167.252/usr/share/ssl /usr/share/</pre>


<h1><center>SCP</center></h1>
smartctl -t long /dev/hdX
<pre>scp {file} root@(servers ip here):/home/ </pre>


check you test with the following


<h1><center>SED</center></h1>
smartctl -l selftest /dev/hdx
replace this with THIS
<pre>sed -i 's/(this)/(THIS)/g' path/filename</pre>


<h1><center>S.M.A.R.T stuffs</center></h1>
=== SPAM filtering fix ===
'''hard drive statistics'''
Make spamassassin learn spam, Firstly you will have to have the customer put all of their spam in a folder, I use LWSPAM. After that has been completed you will have to figure out what cpanel users this has to be done forThen you will ne to swithch to those users at the CLI.
  smartctl -A /dev/sdbX
replace X with hard drive number.


<h1><center>SPAM filtering fix</center></h1>
  su (cpanel username here)
'''Make spamassassin learn spam'''
Firstly you will have to have the customer put all of their spam in a folder, I use LWSPAM. After that has been completed you will have to figure out what cpanel users this has to be done for.  Then you will ne to swithch to those users at the CLI.
<pre>su (cpanel username here)</pre>


After logging into the user you will then run the following command on that LWSPAM folder you had the customer add.
After logging into the user you will then run the following command on that LWSPAM folder you had the customer add.
<pre>/usr/bin/sa-learn --spam /home/(username)/mail/cur/.LWSPAM/*</pre>
 
/usr/bin/sa-learn --spam /home/(username)/mail/cur/.LWSPAM/*
 
This has been completed tell the cusromer hola.<br>
This has been completed tell the cusromer hola.<br>


<h1><center>SPAMD</center></h1>
=== SPAMD ===
SPAMD failing


'''SPAMD failing'''
/scripts/perlinstaller Digest::SHA1
<pre>/scripts/perlinstaller Digest::SHA1
/scripts/perlinstaller --force Mail::SpamAssassin
/scripts/perlinstaller --force Mail::SpamAssassin
/etc/rc.d/init.d/exim restart
/etc/rc.d/init.d/exim restart
/scripts/restartsrv spamd
/scripts/restartsrv spamd</pre>


'''Watch to see if spamd still fails'''
Watch to see if spamd still fails
<pre>while x=0; do ps aux | grep spamd | grep -v grep; sleep 15; done</pre>
while x=0; do ps aux | grep spamd | grep -v grep; sleep 15; done


<h1><center>SSH</center></h1>
=== SSH ===
Add to make ssh not time out.
Add to make ssh not time out.
<pre>
echo "serveraliveinterval 60" >> /home/mike/.ssh/config && echo "serveralivecountmax 10" >> /home/mike/.ssh/config
</pre>
<h1><center>Stats</center></h1>


For individual accounts, run:
echo "serveraliveinterval 60" >> /home/mike/.ssh/config && echo "serveralivecountmax 10" >> /home/mike/.ssh/config
<pre>/scripts/runweblogs</pre>
 
or for all accounts on the server, try
Sick of ssh alway asking you to type in yes? to accept that key.  So do this to fix it.
<pre>for i in `ls -A /var/cpanel/users`; do /scripts/runweblogs $i;done</pre>


                                                    <h1><center>Suphp fix</center></h1>
sed -i -e 's#\#  StrictHostKeyChecking ask#  StrictHostKeyChecking no#g' /etc/ssh/ssh_config
suPHPfix '''(cPanel only)''' corrects common permission/ownership issues (as well as some PHP setting issues) that are commonly encountered when switching to CGI/FCGI/suPHP (with suexec enabled). suPHPfix also has the ability to restore cPanel accounts to the state they were in before it made any changes. This is useful when customers decide CGI/FCGI/suPHP (with suexec enabled) is not for them and you wish to undo/revert all changes made by suPHPfix.
/etc/init.d/sshd restart


{{Box Notice| suPHPfix can only restore states if --save-state was ran! See section three (Full Usage/Help) for full details. }}
now you wont have to ever type yes again.


== Download/Installation ==
=== SSH Auth Issues===


/scripts/perlinstaller JSON && /scripts/perlinstaller Linux::Ext2::FileAttributes
This occurs when the password is set correctly and you are still unable to login as root on a vps.
wget -O /scripts/suphpfix.pl http://layer3.liquidweb.com/scripts/suphpfix.pl
chmod +x /scripts/suphpfix.pl


== Example Commands ==
First set the password to make sure it is right.  Login to their server from the vps parent, and su to root.
'''Fixing Common suPHP Conversion Problems'''


To fix/prepare all cPanel accounts for the conversion to suPHP, you would run '''(This was the default option before version 2.0.0)''':
  su -
  /scripts/suphpfix.pl --prep all
  passwd
To fix/prepare the 'liquidweb' cPanel account for the conversion to suPHP, you would run:
  /scripts/suphpfix.pl --prep liquidweb


'''Saving States'''
Now paste their password from billing in.


To save current permission/ownership states for all files/directories in every users WWW, run:
  /etc/init.d/sshd restart
  /scripts/suphpfix.pl --save-state all
To save current permission/ownership states for all files/directories in the 'liquidweb' cPanel accounts WWW, run:
/scripts/suphpfix.pl --save-state liquidweb


'''Restoring States'''
Try to login via ssh if this still doesnt work proceed on.


To restore all saved cPanel accounts permissions/ownerships in WWW, run:
rpm -qa | grep openssh
  /scripts/suphpfix.pl --restore-state all
Take the server package name that the previous command gave you and place it in the command below. (i am using openssh-server-3.9p1-11.el4_8.1 as an example.)
To restore just the 'liquidweb' cPanel accounts permissions/ownerships in WWW, run:
  rpm -e openssh-server-3.9p1-11.el4_8.1 --nodeps
  /scripts/suphpfix.pl --restore-state liquidweb
Now
{{Box Notice| If you want to see what chmods/chowns suphpfix will run before suPHPfix makes any changes, add verify. Example: /scripts/suphpfix.pl --restore-state all verify }}


== Full Usage/Help ==
=== Stats ===
For individual accounts, run:
/scripts/runweblogs


>> /scripts/suphpfix.pl --help
or for all accounts on the server, try
-suphpfix 2.0.0
  for i in `ls -A /var/cpanel/users`; do /scripts/runweblogs $i;done
*** Options:
+++ Fix common problems when converting to suPHP
'''--prep all ==>''' 
    This will chown all cPanel users files/directories in their public_html's to cPanelUser.cPanelUser. It will also remove group and world write from files/directories. In addition, any php directive in .htaccess such as php_flag will be  commented out  (unless htscanner is present).
'''--prep cPanelUser ==>'''
    Same as '--prep all' but only applies fixes to the specified cPanel account.
+++ Saving states
'''--save-state all ==>'''
    This saves the current permission/ownership settings (for later restores) for all cPanel accounts files/directories under their public_html's.
'''--save-state cPanelUser ==>'''
    Same as '--save-state all' but only for the specified cPanel account.
+++ Restoring states
'''--restore-state all ==>'''
    This restores all saved cPanel accounts permission/ownership settings at the time --save-state all was last ran. It also uncomments any php directives in accounts .htaccess file(s).
  '''--restore-state all verify ==>'''
    Same as '--restore-state all' but just outputs proposed chmods/chowns for all accounts without actually changing anything.
'''--restore-state cPanelUser ==>'''
    This restores only the specified cPanel accounts permissions/ownership settings at the time --save-state was last ran for the user. It also uncomments any php directives in the accounts .htaccess file(s).
'''--restore-state cPanelUser verify ==>'''
    Same as '--restore-state cPanelUser' but just outputs proposed chmods/chowns for the user without actually changing anything.
*** General:
* suphpfix uses /root/datastore_suphpfix/ to store JSON data. These JSON files allow suphpfix to store what permissions/ownerships each backed up cPanel user had at the time of the last --save-state. There are two JSON files for each cPanel account (one for files, one for directories). In this directory suphpfix uses backedupUserList.all to store what cPanel users were backed up with --save-state all.


                                                    <h1><center>System specs</center></h1>
=== System specs ===
tells the system infos
tells the system infos
  uname -a
  uname -a
What linux version and release
What linux version and release
  cat /etc/redhat-release
  cat /etc/redhat-release
tells system kernel version
tells system kernel version
  uname -r
  uname -r
<h1><center>Tar</center></h1>
 
'''Extract a .tar.gz'''
Want cpuinfo?
cat /proc/cpuinfo
 
=== Tar ===
Create a tar
tar -cvf file.tar.gz /path/to/file
 
Extract a .tar.gz
  tar -zxvf filename.tar.gz
  tar -zxvf filename.tar.gz
'''Extract a .tar'''
 
Extract a .tar
  tar -xvf filename.tar
  tar -xvf filename.tar
'''Preview the contents''' of a package so you can pick what to pull out
 
Preview the contents of a package so you can pick what to pull out
  tar -tvzf filename.tar.gz
  tar -tvzf filename.tar.gz
you can also pipe that to search for a certain folder
you can also pipe that to search for a certain folder
  tar -tvzf filename.tar.gz | grep (folder or filename)
  tar -tvzf filename.tar.gz | grep (folder or filename)
'''Extract a certain file''' from a backup or tar file
 
Extract a certain file from a backup or tar file
 
  tar -xvzf filname.tar.gz /home/mike/public_html
  tar -xvzf filname.tar.gz /home/mike/public_html
us the exact line that the previous command gave you.
 
use the exact line that the previous command gave you.
   
   
<h1><center>Time sync</center></h1>
=== Time sync ===
'''sync time to lws time server'''
sync time to liquidwebs time server
 
  rdate -s time.liquidweb.com
  rdate -s time.liquidweb.com


<h1><center>Top</center></h1>
=== Top ===
'''sort by memory'''
sort by memory
  shift - m
  shift - m
'''sort by processor usage'''
sort by processor usage
  shift - p
  shift - p


<h1><center>Users</center></h1>
=== Users ===
'''This is a one liner to add user, put them in a group, and change their password.'''
This is a one liner to add user, put them in a group, and change their password.
 
  useradd bmurphy && usermod -G wheel bmurphy && passwd bmurphy
  useradd bmurphy && usermod -G wheel bmurphy && passwd bmurphy


<h1><center>VI commands</center></h1>
=== VI commands ===
'''Add line numbers'''
Add line numbers'''
 
  :set number
  :set number
'''Remove line numbers'''
 
Remove line numbers'''
 
  :set nonumber
  :set nonumber


                                                        <h1><center>VPS</center></h1>
Uncommenting several lines at once.
<h2>Get root fight when logged in using LDAP</h2>
 
<pre>sudo su -</pre>
ctrl v
highlight
shift i
#
escape
 
=== VPS ===
Get root fight when logged in using LDAP
 
sudo su -
 
VPS is locked when some operation (backup, migration, start / stop, etc.) with this VPS is in progress. You can determine which process is holding VPS #101 using the following command on the hardware node:
VPS is locked when some operation (backup, migration, start / stop, etc.) with this VPS is in progress. You can determine which process is holding VPS #101 using the following command on the hardware node:
<pre># cat /vz/lock/101.lck</pre>
 
cat /vz/lock/101.lck
 
You can kill that process if needed. Make sure that the process is really killed. If there is no process with that PID on the node, just remove the lockfile.
You can kill that process if needed. Make sure that the process is really killed. If there is no process with that PID on the node, just remove the lockfile.


                                                        <h1><center>WordPress Solutions</center></h1>
====VPS Control panel====
'''Moving a WP site'''
To move a wordpress site forward a directory  You will do the following:<br>
1) cd to the users public_html then move the contents forward
<pre>mv (current installation)/* /home/user/public_html/</pre>
now edit the wp-config.php and add the following lines..
<pre>define('WP_HOME','http://domain.com');
define('WP_SITEURL','http://domain.com');</pre>


Then login to their whm and go into WHM and then find the database, and modify the site url to the correct domain. (located under the wp-options table as the siteurl description)
Log into the VPS parent server and find the VEID.
vzlist -a | grep hostname
 
To turn off the Virtuozzo Offline Management port for an instance.
vzctl set $VEID --offline_management no --save
 
To turn on the Virtuozzo Offline Management port for an instance.
vzctl set $VEID --offline_management yes --save
 
=== WHM Service Manager ===
To add a service to the WHM service manager and have tailwatchedd monitor it do the following.
Adding the script to /etc/chkserv.d/ will let it be monitored and restarted automatically if needed. Code:
 
echo "service[(servicenamehere)]=x,x,x,/etc/init.d/(servicenamehere) restart,root,root" > /etc/chkserv.d/(servicenamehere)
echo "(servicenamehere):1" >> /etc/chkserv.d/chkservd.conf
/usr/local/cpanel/bin/tailwatchd restart
 
=== WordPress Solutions & fixes ===
 
'''Changeing a Wordpress sites domain'''
<br>To change the domain on a wordpress site do the following, edit the wp-config file and change the folling lines to the new url.
 
define('WP_HOME','http://domain.com');
define('WP_SITEURL','http://domain.com');
 
Then login to their whm and go into PHPmyadmin and then find the database, and modify the site url to the correct domain. (located under the wp-options table as the siteurl description)
 
Now for the fun part we get to edit their Database contents, first dump the database.
 
mysqldump dbname > dbname.sql
 
Now make a backup of it just incase we foobar it up.
 
cp dbname.sql dbname.sql.bak


Then if the urls need stuffs removed do the following.
<pre>mysqldump dbname > dbname.sql
cp dbname.sql dbname.sql.bak</pre>
Then we will have to run a sed statement to change the links to the new url.
Then we will have to run a sed statement to change the links to the new url.
<pre>sed -i 's/old url/newurl/g' dbname.sql </pre>
Then you have to re-import the .sql
<pre>mysql dbname < dbname.sql</pre>


should be done now.
sed -i -e 's#oldurl#newurl#g' dbname.sql


                                                        <h1><center>YUM problems</center></h1>
Then you have to re-import the .sql
First off always check this location
ls -lah /etc/yum.repos.d
And if it lists anything MORE than the following please mv everything else out of this folder.
 
root@host [/usr/local/cpanel/logs/easy/apache]# ls -lah /etc/yum.repos.d
total 20K
drwxr-xr-x  2 root    root    4.0K Nov 14 19:08 ./
drwxr-xr-x  63 root    root      12K Nov 14 20:02 ../
-rw-r--r--  1 systuser systuser  660 Mar  2  2005 yum.system.repo
if you see anything more than this please move all other repos out of this folder and try again. If you problem still occurs please proceed on.  Next check you yum.conf to make sure it is correct should look like the following.
[root@Shooltz.net [~]$ cat /etc/yum.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=centos-release
tolerant=1
exactarch=1
retries=20
obsoletes=1
gpgcheck=1
exclude=apache* bind-chroot centos-yumconf courier* dovecot* exim* httpd* mod_ssl* mysql* nsd* perl* php* proftpd* pure-ftpd* ruby* spamassassin* squirrelmail*
If you yum.conf does not look lik ethat please back it up and replace it with what follows.
mv /etc/yum.conf /etc/yum.conf.bak
echo -e "[main]\ncachedir=/var/cache/yum\ndebuglevel=2\nlogfile=/var/log/yum.log\npkgpolicy=newest\ndistroverpkg=centos-release\ntolerant=1\nexactarch=1\nretries=20\nobsoletes=1\ngpgcheck=1\nexclude=apache* bind-chroot centos-yumconf courier* dovecot* exim* httpd* mod_ssl* mysql* nsd* perl* php* proftpd* pure-ftpd* ruby* spamassassin* squirrelmail*" > /etc/yum.conf
After this has been completed, and if it is still broken we will reset the rpm databases.
rm -f /var/lib/rpm/__db*
rpm -vv --rebuilddb


mysql dbname < dbname.sql


<hr>
Everything should be fine now to test the site you will not be able to use the http://ip/~user link as this will break their code, please add the domain to your hosts file and veiw the domain from the correct URL to test if needed.
[http://shooltz.net/w/index.php?title=MediaWiki:Common.css CSS for my wiki]

Latest revision as of 03:34, 27 September 2018

This is my wiki, containing all of my SECRETS. Also I would like to note that... YOU LOSE THE GAME!

TGPointless Sites Addicting Pacman Games

lw contributions wikis


Notice: blah blah


Specified Guides

We are going to change this up a little. Links to the Specified Guides will be first now.

Cpanel_create_test_accounts
Coremanaged phpmyadmin
Coremanaged Pure-ftp
Coremanaged SSL
cpanel
cpanels interal php
Custom Compiling
Email walkthrough
Exim
Firewalls
FTP walkthrough
Godaddy, nameserver setup
HTTPD AND APACHE
Memory and load
Modsec
Mysql
NFS
Perl
PHP
Plesk
Proxy Pass
Ptouch
Ramdisk
Sar
Screen
Shared server list
Spamassassin
Stats_script
Suphpfix
Webmail
Yum/RPM

CMS guides

Drupal Guide
Drupal Modules
Joomla Guide
Joomla Modules
Wordpress Guide
Wordpress Plugins

Core system understanding Guides

These are to help you better understand the operating system itself. (Coming shortly)

Understanding Linus startup

Cpanel& WHM Hackery

2 domains 1 docroot
2 domains 1 ip

General Shit

.htaccess

Addon domain issues

If you come across this error: 

" Error from park wrapper: Using nameservers with the following IPs:
174.132.129.99,174.132.129.98 Sorry, the domain is already pointed to an IP
address that does not appear to use DNS servers associated with this server.
Please transfer the domain to this servers nameservers or have your
administrator add one of its nameservers to /etc/ips.remotedns and make the
proper A entries on that remote nameserver. "

go to tweak settings an check the option to: 

Allow Creation of Parked/Addon Domains that resolve to other servers (i.e. domain transfers)

Bandwidth Unknown

if it is a storm server login and run the following. 

tcpdump -ni eth0 not port ssh > /root/dumpinfo

let it run for a few minutes and then ctrl-c and run the following on it. 

egrep '(22[4-9]|23[0-9])\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ' /root/dumpinfo

if you get alot of results this server is suffering from multicast traffic hitting their instance raising their bandwidth.

log into their parent server and run the following command. 

/usr/local/lp/apps/virt-firewall/rebuildfirewall.sh

ChkServd

enable chkservd 

/usr/local/cpanel/bin/tailwatchd --enable=Cpanel::TailWatch::ChkServd

Disable chkservd 

/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::ChkServd

Cpanel logs

Cpanel log locations. 

/usr/local/cpanel/logs/error_log

/usr/local/cpanel/logs/cpbackup

Crond

For help with crond entries go to this url 

http://www.linuxhelp.net/guides/cron/

cron log location 

vim /var/log/cron

Location of the main cron 

vim /var/spool/cron/root

Location of the cpanel users crons 

/var/spool/cron/

Location of the specific crons, daily weekly monthly...etc 

vim /etc/cron.

Tab complete to see all of the options

Add this to the main cron to make all mail in the .sent/cur directory erase after being 15 days old. 

0 3 * * * find /home*/*/mail/*/*/cur /home*/*/mail/*/*/.Sent/cur -type f -mtime +30 -exec rm {} \;

REMINDER CRON Also another nice cron for those of us who forget to clock out or in. This will open the
time clock in a new window to remind you to clock out. Use the link above to set your own time. 

55 08 * * 1-5 art env DISPLAY=:0.0 firefox --new-window https://tc.int.liquidweb.com/content/index.html

CSS not loading

Come accross a page that doesnt want to load its css on a vps? Log into the server and do the following. 

curl -v 'http://domain.com/(path to the css file goes here)'

If in that's response this line is returned 

* transfer closed with 1386 bytes remaining to read
* Closing connection #0
curl: (18) transfer closed with 1386 bytes remaining to read

OR an easier way is to use these if they return nothing, go to next step. 

cat /usr/local/apache/conf/includes/* | grep EnableSendFile
cat /usr/local/apache/conf/httpd.conf | grep EnableSendFile

Copy and paste the following to fix 

echo "EnableSendFile Off">>/usr/local/apache/conf/includes/pre_main_global.conf
/etc/init.d/httpd restart

Custom php Handler

suPHP inside of DSO.

(original info from here https://hd.int.liquidweb.com/msgs/index.mhtml?id=2806215#14)

First off make sure that you have ran an EA and have suphp installed but not activated, now edit the following file. 

mkdir -p /usr/local/apache/conf/userdata/std/2/
vim /usr/local/apache/conf/userdata/std/2/$CPUSER/suphp.conf

Place the following inside of that file. 

# SuPHP configuration for PHP5
LoadModule suphp_module modules/mod_suphp.so
suPHP_Engine on
AddType application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml
<Directory />
       suPHP_AddHandler application/x-httpd-php5 .php
</Directory>
<IfModule mod_suphp.c>
   suPHP_UserGroup $CPUSER $CPUSER
</IfModule>
# End of autogenerated PHP configuration.

Now assuming the customer has no special edits made to the apache conf rebuild the conf. 

cp -Rp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.preincludebackup
/scripts/rebuildhttpdconf
/etc/init.d/httpd restart
chmod +s /opt/suphp/sbin/suphp

Now you can test the page out using a phpinfo.php (look below) and it should be running underneath suPHP.


Notice: 
In the phpinfo.php SUPHP will say the following:
                Server API : CGI

In the phpinfo.php DSO will say the following:
                Server API : Apache 2.0 Handler


Custom php.ini

And a super method to do this for suphp only First cd to the users public_html 

cd /home/$user/public_html

then run the following. 

for i in `pwd | cut -d/ -f3`; do cp /usr/local/lib/php.ini /home/$i/public_html/php.ini && chown $i. /home/$i/public_html/php.ini && htb=`cat .htaccess` && echo -e "suPHP_ConfigPath /home/$i/public_html\n<Files php.ini>\norder allow,deny\ndeny from all\n</Files>\n\n$htb" > /home/$i/public_html/.htaccess && touch /home/$i/public_html/phpinfo.php && chown $i. /home/$i/public_html/phpinfo.php && echo "<?php phpinfo(); ?>" > /home/$i/public_html/phpinfo.php; done

Now you should have a php.ini, phpinfo.php and the apropiate lines should be in the htaccess file all set to the correct perms and ready to customize.

For SuPhP

First copy the php.ini over 

cp /usr/local/lib/php.ini /home/(username)/public_html/php.ini
chown (username). /home/(username)/public_html/php.ini

In .htaccess under public_html, add the following: 

suPHP_ConfigPath /home/user/public_html 
<Files php.ini> 
order allow,deny 
deny from all 
</Files>

Note: the local php.ini REPLACES the system one, it does not override like a .htaccess setting does.

For CGI

First copy the php.ini over 

cd /home/(username)/public_html
cp /usr/local/lib/php.ini php.ini
chown (username). php.ini

In the .htaccess in the public_html, add the following: 

AddHandler php-cgi .php
Action php-cgi /cgi-bin/phpini.cgi

if by chance the phpini.cgi does not exist please add it with the following contents. 

#!/bin/sh
export PHPRC=/home/(username)/public_html/php.ini
exec /usr/local/cpanel/cgi-sys/php5 -c /home/(username)/public_html/

Also make sure that you correct the permissions on the phpini.cgi. They should be the following. 

chmod +x /cgi-bin/phpini.cgi
chown (username). /cgi-bin/phpini.cgi

Disable root login

useradd lwstaff
passwd (assign a password)
usermod -G wheel lwstaff
vim /etc/ssh/sshd_config

change 

PermitRootLogin = yes

to no and un-comment it. restart sshd and test your work. 

/etc/init.d/sshd restart

DNS Cheats

Adding a wildcard to every dns record 

for i in `cat /var/cpanel/users/*| grep DNS|cut -d = -f 2`; do echo "* IN CNAME $i." >> /var/named/$i.db;done

Adjusting all ttls on a server to 300 

#check current TTLs and serial number
grep --color -e '^\$TTL.*' /var/named/*.db
grep --color -e '[0-9]\{10\}' /var/named/*.db   # this will be the serial number, 10 numbers in a row
#also check that date works as expected/is newer than the serial numbers currently existing
date +%Y%m%d%H 

#the -i flag will create backups in the same directory, liquidweb.com.lwbak for example
sed -i.lwbak -e 's/^\$TTL.*/$TTL 300/g' -e 's/[0-9]\{10\}/'`date +%Y%m%d%H`'/g' /var/named/*.db

#check your work
grep --color -e '^\$TTL.*' /var/named/*.db
grep --color -e '[0-9]\{10\}' /var/named/*.db

DU commands

du and sort by human readable size:

On newer servers(centos 6+): 

du -hx --max-depth=1 | sort -h

On old servers(centos 5 and below): 

for i in G M K; do du -hx --max-depth=1 | grep [0-9]$i | sort -nr -k 1; done

Email

For the number of spam in all default accounts. 

for i in `ls /var/cpanel/users`; do ls -d /home/$i/mail/cur && ls -l /home/$i/mail/cur | wc -l; done

horde mail update (nothing can be in account of will all get erased) 

/usr/local/cpanel/bin/update-horde --force

To determine mailserver type 

/scripts/setupmailserver --current

Count mail in folder 

ls | wc -l

removing mass spam 

rm -Rf /home/(user here}/mail/cur*

And if that command fails, and only if that command fails try this one.
DO NOT IGNORE you MUST be in the directory that the spam is in or this command could ruin this server... 

find . -type f | xargs rm -f

spam removal script 

for i in $(find . | xargs grep -m 1 -s -i "Mailer-Daemon" | sed -e 's/\.\/[A-Z0-9a-z]\/\([A-Z0-9a-z\-]\{16\}\)\-[HDJ].*/\1/'); do exim -Mrm $i;done

List all email accounts on the server 

for domain in `grep DNS /var/cpanel/users/* |grep DNS|cut -d = -f 2`; do for user in `cat /home/*/etc/$domain/passwd|cut -d : -f 1`;do echo $user@$domain ;done;done 2> /dev/null

List all email accounts on the server and place in a text file 

for domain in `grep DNS /var/cpanel/users/* |grep DNS|cut -d = -f 2`; do for user in `cat /home/*/etc/$domain/passwd|cut -d : -f 1`;do echo $user@$domain ;done;done 2> /dev/null > EMAILLIST.txt

Fix the symlinks on the email accounts so that they show up in main account veiw.

/scripts/linksubemailtomainacct


Empty files

To create a empty file that takes so much spce for testing uploads. 

dd if=/dev/zero of=file1G.tmp bs=1G count=1

End line Character removal

You know those pesky characters that sometimes show up on files and break stuff 

^M
^M
^M
^M

Well there is a easy way to fix these. 

dos2unix -n .htaccess .htaccess.fixed

Viola!!

Fantastico

add the Fantastico installer plugin 

cd /usr/local/cpanel/whostmgr/docroot/cgi
wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz
tar -xzpf fantastico_whm_admin.tgz
rm -rf fantastico_whm_admin.tgz

Finding I/O by process

Run this 

echo 1 > /proc/sys/vm/block_dump

Wait for a bit then shut it off 

echo 0 > /proc/sys/vm/block_dump

Check your results (may have to alter this to report correctly, depends on their kernel) 

dmesg | egrep "READ|WRITE|dirtied" | egrep -o '([a-zA-Z]*)' | sort | uniq -c | sort -rn | head

Alternate 

dmesg | egrep "READ|WRITE|dirtied" | cut -d\( -f1 | sort | uniq -c | sort -rn | head

Flush ring buffer after, and between tests. 

dmesg -c

Flash plugin for centos

INSTALL RPMFORGE FIRST!!! 

yum install flash-plugin

For loops and other loops

ALWAYS RUN THIS FIRST!!!!! 

unalias ls

package all cpanel accounts 

for user in `ls -A /var/cpanel/users`; do /scripts/pkgacct $user;done

looping a command 

while x=0; do killall -9 php5; sleep .1; done

Watching for a cpanel not ran in a screen 

while x=0; do ps aux | grep easyapache |grep -v grep; sleep 30; done

Monitoring server load against core count, and restarting mysql id needed 

while true; do MyLoad=`cat /proc/loadavg | cut -d\  -f1| cut -d\. -f1`; MyCores=`cat /proc/cpuinfo | grep processor | wc -l`; if [ $MyLoad -gt $MyCores ]; then /etc/init.d/mysql restart; else echo "`date +%r` - load of $MyLoad is below the total core count of $MyCores, good to go so far."; fi; sleep 90; done;

10:20:21 PM - load of 2 is below the total core count of 8, good to go so far.

Grep

Use these to figure out a usename without logging into WHM. 

cat /usr/local/apache/conf/httpd.conf | grep -A1 www.domain.com
grep -A1 www.domain.com /usr/local/apache/conf/httpd.conf


History Removal commands

If the customer would like their history cleared. 

echo "" > /var/log/messages && echo "" /var/log/secure
echo "" > /var/log/wtmp && echo "" > /var/log/lastlog && history -r

If for some reason you ever need to cover your own tracks, like creating a usre on the wrong server or such, this will remove your session history 

history -r

HTOP

Twicherts method (easier and prefered) 

exec 3<&1 && bash <&3 <(curl http://layer3.liquidweb.com/lantern/htop.sh)

Source Install: (for other methods to install please see https://wiki.int.liquidweb.com/articles/Htop) 

cd /usr/local/src/   
wget http://www.sfr-fresh.com/linux/misc/htop-0.8.3.tar.gz
tar zxf htop-0.8.3.tar.gz
cd htop-0.8.3
./configure ; make ; make install

HTTPD and APACHE

to distill changes to the httpd.conf 

/usr/local/cpanel/bin/apache_conf_distiller --update

apache uptime 

/usr/bin/lynx -dump -width 500  http://127.0.0.1/whm-server-status

Index's

Trying to veiw an index

If you can do the following tail command( with you ip of course after you have visited the site or while) 

[root@host2.managed-me.net] snap >> tail -f /usr/local/apache/logs/error_log | grep 69.16.222.26
[Tue Dec 21 04:31:33 2010] [error] [client 69.16.222.26] Directory index forbidden by rule: /home/xencomca/public_html/ssm1/snap/
[Tue Dec 21 04:31:33 2010] [error] [client 69.16.222.26] File does not exist: /home/xencomca/public_html/403.shtml

Do the following, (i am using the above as an example.) 

vim /home/xencomca/public_html/ssm1/snap/.htaccess

And add this line to the top of the file. 

Options +Indexes

Now save and refresh the page.

Blocks the index of /

Add the following to the .htaccess of the folder in question. 

Options -Indexes

to disable this just change the - to a +.


Finding Inode Usage

Script 

wget -O /scripts/inodes.sh http://shooltz.net/resources/scriptrepo/inodes.sh
chmod +x /scripts/inodes.sh
/scripts/inodes.sh

One liner 

for i in *; do echo -e "$(find $i | wc -l)\t$i"; done | sort -rn

Intermittent apache/nginx connections/403's

If you ever run across a server that has any software install that has to proxy to apache make sure that mod_evasive is disabled in the httpd.conf. Having this module enabled will cause a condition that makes it appear as though you can connect to the page every 1 / 15 tries.

To fix comment out this line in the apache config. 

#LoadModule evasive20_module modules/mod_evasive20.so


IonCube Problems

If you get this error 

The ionCube PHP Loader is disabled because of startup problems.

Check the /usr/local/lib/php.ini for duplicate line that look like the following. 

; Directory in which the loadable extensions (modules) reside.
extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613"
zend_extension="/usr/local/IonCube/ioncube_loader_lin_5.2.so"
extension_dir = "/usr/local/lib/php/extensions/no-debug-non-zts-20060613"
zend_extension="/usr/local/IonCube/ioncube_loader_lin_5.2.so"

Remove a set of line and restart apache, should fix the problem. 

/etc/init.d/httpd restart


IPTABLES

Block temp with IPtables 

iptables -I INPUT 1 -s ipaddress -j DROP

Block permanently with APF 

/etc/apf/deny_hosts.rules


LIST

list by last modified 

ls -lt

list by Proc id 

lsof -p PID

Locating log files

Finding a log file that has been modified in the last 24hrs 

find /home -name error_log -mtime -1

Mailman

Mailman reports that the list is trying to be pulled from login and do a grep in the mailman directory. in this example i will use our shared servers. 

cd /usr/local/cpanel/3rdparty/mailman
grep -R koala.liquidweb.com * > list.txt

Now cat that list - the archives 

cat list.txt | grep -v archive

Should give you similar results of whats below, the mailman config that contain the offending url. 

archive Binary file lists/members_lendaheart.org/config.pck.last matches
Binary file lists/members_lendaheart.org/config.pck matches

now make a backup of the config.pck and edit it. 

cp config.pck config.pck.lwback
sed -i -e 's/koala/hydra/g' config.pck

this will change koala to hydra, now login to mailman and see if the problem is solved. This should fix the problem of mailman going to the wrong server.

mbstring

Check if it is installed with the following 

php -i | grep --color mbstring

if that come back with this it is installed but not enabled: 

mbstring
mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.
mbstring.detect_order => no value => no value
mbstring.encoding_translation => Off => Off
mbstring.func_overload => 0 => 0
mbstring.http_input => pass => pass
mbstring.http_output => pass => pass
mbstring.internal_encoding => no value => no value
mbstring.language => neutral => neutral
mbstring.strict_detection => Off => Off
mbstring.substitute_character => no value => no value

Then 

/etc/init.d/httpd stop
/etc/init.d/httpd startssl

ModRewrite

Make sure mod_rewrite is on in the httpd.conf

Redirect all traffic for a url to main index. 

RewriteEngine on
RewriteCond %{REQUEST_URI} !^\/$
RewriteRule .* / [L,R=302]

Block a url from hitting the page. 

RewriteEngine On
RewriteCond %{http_host} ^.*shooltz.net.* [NC]
RewriteRule ^(.*)$ - [F,L]

www redirect: 

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} ^domain.com [nc]
rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]

Non www Redirect for https and http to https://domain.com: 

Options +FollowSymlinks
RewriteCond %{SERVER_PORT} 80
Rewritecond %{http_host} domain.com [nc,OR]
Rewritecond %{http_host} www.domain.com [nc]
Rewriterule ^(.*)$ https://domain.com/$1 [r=301,nc]

RewriteCond %{SERVER_PORT} 443
Rewritecond %{http_host} www.domain.com [nc]
Rewriterule ^(.*)$ https://domain.com/$1 [r=301,nc]

https redirect:

Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines: 

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Filematch redirect, put in the htaccess for the folder you want this protection on. 

<FilesMatch "\.(png|txt)$">
 Options +FollowSymlinks
 RewriteEngine on
 rewriterule ^(.*)$ http://domain.com/ [r=301,nc]
</FilesMatch>

Please, note that the .htaccess should be located in the web site main folder. Please, note that the .htaccess should be located in the web site main folder. In case you wish to force HTTPS for a particular folder you can use: 

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} somefolder 
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]

The .htaccess file should be placed in the folder where you need to force HTTPS.

Exclude a folder from a ruleset 

####################       Added by mshooltz
##           Excludes folders listed.
##           can add more folders as follows:
#                    change (retailers) to (retailers|NEWFOLDER)

   RewriteRule ^(retailers)($|/) - [L]

Mouse sensitivity in linux

if you type "xset m 100 10" this will move your mouse 100 times faster after it has been moved past the treshold of 10 pixels. 

man xset

MTR <enhanced traceroute>

To install: 

yum install mtr

If it fails to find the package you will need to add rpmforge to your repo's

MS SQL on a cpanel box

To install MS SQL Do the following.

Install unixODBC: 

cd /usr/src
wget http://www.unixodbc.org/unixODBC-2.3.0.tar.gz
tar -zxf unixODBC-2.3.0.tar.gz
cd unixODBC-2.3.0
./configure -prefix=/usr/local -enable-gui=no
make install

Install FreeTDS: 

cd /usr/src/
wget ftp://ftp.ibiblio.org/pub/Linux/ALPHA/freetds/stable/freetds-stable.tgz
tar -zxf freetds-stable.tgz
cd freetds-*
./configure -with-tdsver=8.0 -with-unixODBC=/usr/local
make install
ldconfig

Tell EasyApache we want MSSQL support: 

echo '--with-mssql' >> /var/cpanel/easy/apache/rawopts/all_php5

Now, recompile PHP/Apache through EasyApache. It’s OK to use the same options as previous, because MSSQL isn’t an option in EasyApache that can be toggled on and off; we did it manually (and permanently) in the last step.

Verify your work by checking phpinfo() for the mssql section.

MR Radar

Install mr radar 

lpyum install mm3k-client-pull

Netstat

SYN detection 

netstat -nap |grep SYN

Number of SYN connections 

netstat -nap |grep SYN | wc -l

Check what is listening on what ports. 

netstat -lnp

Check what is listening on a specific port. 

netstat -lnp | grep (portnumber)

NGINX

ADD VHOST To add a vhost you must go to: 

cd /etc/nginx/vhosts/

The copy an already existing domain vhost file over to the name that you need. 

cp -Rp Existing.com newdomain.com
vim newdomain.com

Change the document root over to the new users document root, also change all references of the existingdomain to the new domain then save and exit the file. restart nginx 

/etc/init.d/nginx restart

Openssl

my guide to openssl

this will unpackage global sign certs that look like this CEDS1008174562.pfx 

openssl pkcs12 -in CEDS1008174562.pfx -out cert -nodes

of course replace the "CEDS1008174562.pfx" with your .pfx files name and change "cert" to what ever you want the output file called,
also at this point you will need to enter the password that you setup when you converted the cert.

OwnerShip & Groups

Tell what group number owner is 

cat /etc/passwd | grep nobody

Add user to group 

useradd -G {group-name} username

Permissions

Find 777 folders 

find /home -perm 0777 -type d -print

Find files and folders and change to 755 and 644 

find /home/(username)/public_html/ -type d -exec chmod 755 '{}' \;
find /home/(username)/public_html/ -type f -exec chmod 644 '{}' \;

Permisions folder Crawler

Courtesy of Aglenn 

for dir in $(pwd | sed 's/\//\ /g'); do ls -ld $olddir/$dir; olddir="$olddir/$dir"; done; unset dir olddir;

Pixel Post

You can go to pixelpost.org for more details about this program, for the installation guide go here Install guide

Log into the server and go to the folder that the customer wants this installed at. 

cd /usr/local/src
wget http://www.pixelpost.org/releases/latest.zip  
unzip pixelpost_v1.7.3.zip

Make sure you change the user in the next command to the correct name. 

chown -R user. ./*

Give customer this link to complete setup. 

http://domain.com/installation directory/admin/install.php

Ports

Bindings 

netstat -lnc

Python

find python version 

python -V

Redirects and finding them

Check all of the apache include files. 

cd /usr/local/apache/conf/includes
cat post_virtualhost_1.conf
cat post_virtualhost_2.conf
cat post_virtualhost_global.conf
cat pre_main_1.conf
cat pre_main_2.conf
cat pre_main_global.conf
cat pre_virtualhost_1.conf
cat pre_virtualhost_2.conf
cat pre_virtualhost_global.conf

Register_globals

turn off register globals in dso for one cpanel account, just add the following to the cpanel account .htaccess that you want to disable globals for. 

php_flag register_globals off

Renamer Script

Run this in a directory that is full of files that need to have the spaces replaced with _'s 

wget http://shooltz.net/scriptrepo/renamer.sh

Reverse DNS

File location where you add it Since my workstations ip is 69.16.222.26 I would find my ptr record in this file, on NS.liquidweb.com. 

[root@ns /var/named]# vim 222.16.69.in-addr.arpa.db

Then I locate the line that says 26, (since that is the last octet of my ip) and add the following. 

26 IN PTR      vov.wks.liquidweb.com.

change the ttl to 300, change the serial, and then reload the bitch. 

rndc reload 222.16.69.in-addr.arpa
rndc reload 222.16.69.in-addr.arpa

You are done, Welcome to the world of being tracked by Liquidweb.

Rdesktop

rdesktop (servername here) -u mshooltz -p (passhere) &

ROBOTS.TXT

To make a file that prevents indexing of certain folders. 

touch robots.txt

change the permissions to user.user and the edit the file and add these lines to it. 

User-agent: *
Disallow: /

You can specify othe directorys that you wish to be blocked by adding the path, and for this file "/" = public_html.

Rsync

Basic rsync 

rsync -avHl /home/(username)/public_html/ /home/(username)/public_html/

rsync from a remote server to a local server 

rsync -avHle ssh -p 22222 root@67.225.167.252/usr/share/ssl /usr/share/

Ruby

Re-installation 

mv /usr/lib/ruby /usr/lib/ruby.bak
mv /usr/local/lib/ruby /usr/local/lib/ruby.bak
mv /usr/bin/ruby /usr/bin/ruby.bak
mv /usr/local/bin/ruby /usr/local/bin/ruby.bak
mv /usr/bin/rails /usr/bin/rails.bak
mv /usr/local/bin/rails /usr/local/bin/rails.bak
mv /usr/bin/gem /usr/bin/gem.bak
mv /usr/local/bin/gem /usr/local/bin/gem.bak
/scripts/installruby

SCP

To secure copy do the following. 

scp {file} root@(servers ip here):/home/

SED

replace this with THIS 

sed -i -e 's/(this)/(THIS)/g' path/filename

S.M.A.R.T stuffs

hard drive statistics (replace X with hard drive number). 

smartctl -A /dev/sdbX

Do a long HDD test 

smartctl -t long /dev/hdX

check you test with the following 

smartctl -l selftest /dev/hdx

SPAM filtering fix

Make spamassassin learn spam, Firstly you will have to have the customer put all of their spam in a folder, I use LWSPAM. After that has been completed you will have to figure out what cpanel users this has to be done for. Then you will ne to swithch to those users at the CLI. 

su (cpanel username here)

After logging into the user you will then run the following command on that LWSPAM folder you had the customer add. 

/usr/bin/sa-learn --spam /home/(username)/mail/cur/.LWSPAM/*

This has been completed tell the cusromer hola.

SPAMD

SPAMD failing 

/scripts/perlinstaller Digest::SHA1
/scripts/perlinstaller --force Mail::SpamAssassin
/etc/rc.d/init.d/exim restart
/scripts/restartsrv spamd

Watch to see if spamd still fails 

while x=0; do ps aux | grep spamd | grep -v grep; sleep 15; done

SSH

Add to make ssh not time out. 

echo "serveraliveinterval 60" >> /home/mike/.ssh/config && echo "serveralivecountmax 10" >> /home/mike/.ssh/config

Sick of ssh alway asking you to type in yes? to accept that key. So do this to fix it. 

sed -i -e 's#\#   StrictHostKeyChecking ask#   StrictHostKeyChecking no#g' /etc/ssh/ssh_config
/etc/init.d/sshd restart

now you wont have to ever type yes again.

SSH Auth Issues

This occurs when the password is set correctly and you are still unable to login as root on a vps.

First set the password to make sure it is right. Login to their server from the vps parent, and su to root. 

su -
passwd

Now paste their password from billing in. 

/etc/init.d/sshd restart

Try to login via ssh if this still doesnt work proceed on. 

rpm -qa | grep openssh

Take the server package name that the previous command gave you and place it in the command below. (i am using openssh-server-3.9p1-11.el4_8.1 as an example.) 

rpm -e openssh-server-3.9p1-11.el4_8.1 --nodeps

Now

Stats

For individual accounts, run: 

/scripts/runweblogs

or for all accounts on the server, try 

for i in `ls -A /var/cpanel/users`; do /scripts/runweblogs $i;done

System specs

tells the system infos 

uname -a

What linux version and release 

cat /etc/redhat-release

tells system kernel version 

uname -r

Want cpuinfo? 

cat /proc/cpuinfo

Tar

Create a tar 

tar -cvf file.tar.gz /path/to/file

Extract a .tar.gz 

tar -zxvf filename.tar.gz

Extract a .tar 

tar -xvf filename.tar

Preview the contents of a package so you can pick what to pull out 

tar -tvzf filename.tar.gz

you can also pipe that to search for a certain folder 

tar -tvzf filename.tar.gz | grep (folder or filename)

Extract a certain file from a backup or tar file 

tar -xvzf filname.tar.gz /home/mike/public_html

use the exact line that the previous command gave you.

Time sync

sync time to liquidwebs time server 

rdate -s time.liquidweb.com

Top

sort by memory 

shift - m

sort by processor usage 

shift - p

Users

This is a one liner to add user, put them in a group, and change their password. 

useradd bmurphy && usermod -G wheel bmurphy && passwd bmurphy

VI commands

Add line numbers 

:set number

Remove line numbers 

:set nonumber

Uncommenting several lines at once. 

ctrl v
highlight
shift i
#
escape

VPS

Get root fight when logged in using LDAP 

sudo su -

VPS is locked when some operation (backup, migration, start / stop, etc.) with this VPS is in progress. You can determine which process is holding VPS #101 using the following command on the hardware node: 

cat /vz/lock/101.lck

You can kill that process if needed. Make sure that the process is really killed. If there is no process with that PID on the node, just remove the lockfile.

VPS Control panel

Log into the VPS parent server and find the VEID. 

vzlist -a | grep hostname

To turn off the Virtuozzo Offline Management port for an instance. 

vzctl set $VEID --offline_management no --save

To turn on the Virtuozzo Offline Management port for an instance. 

vzctl set $VEID --offline_management yes --save

WHM Service Manager

To add a service to the WHM service manager and have tailwatchedd monitor it do the following. Adding the script to /etc/chkserv.d/ will let it be monitored and restarted automatically if needed. Code: 

echo "service[(servicenamehere)]=x,x,x,/etc/init.d/(servicenamehere) restart,root,root" > /etc/chkserv.d/(servicenamehere)
echo "(servicenamehere):1" >> /etc/chkserv.d/chkservd.conf
/usr/local/cpanel/bin/tailwatchd restart

WordPress Solutions & fixes

Changeing a Wordpress sites domain
To change the domain on a wordpress site do the following, edit the wp-config file and change the folling lines to the new url. 

define('WP_HOME','http://domain.com');
define('WP_SITEURL','http://domain.com');

Then login to their whm and go into PHPmyadmin and then find the database, and modify the site url to the correct domain. (located under the wp-options table as the siteurl description)

Now for the fun part we get to edit their Database contents, first dump the database. 

mysqldump dbname > dbname.sql

Now make a backup of it just incase we foobar it up. 

cp dbname.sql dbname.sql.bak

Then we will have to run a sed statement to change the links to the new url. 

sed -i -e 's#oldurl#newurl#g' dbname.sql

Then you have to re-import the .sql 

mysql dbname < dbname.sql

Everything should be fine now to test the site you will not be able to use the http://ip/~user link as this will break their code, please add the domain to your hosts file and veiw the domain from the correct URL to test if needed.

Retrieved from "https://wiki.shooltz.net/w/index.php?title=Main_Page&oldid=1348"