saravananlinux

#Kernel sysctl configuration file for Red Hat Linux  #  # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and  # sysctl.conf(5) for more details.  # Disables packet forwarding  net.ipv4.ip_forward=0  # Disables IP source routing  net.ipv4.conf.all.accept_source_route = 0  net.ipv4.conf.lo.accept_source_route = 0  net.ipv4.conf.eth0.accept_source_route = 0  net.ipv4.conf.default.accept_source_route = 0  # Enable IP spoofing protection, turn on source route verification  net.ipv4.conf.all.rp_filter = 1  net.ipv4.conf.lo.rp_filter = 1  net.ipv4.conf.eth0.rp_filter = 1  net.ipv4.conf.default.rp_filter = 1  # Disable ICMP Redirect Acceptance  net.ipv4.conf.all.accept_redirects = 0  net.ipv4.conf.lo.accept_redirects = 0  net.ipv4.conf.eth0.accept_redirects = 0  net.ipv4.conf.default.accept_redirects = 0  # Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets  net.ipv4.conf.all.log_martians = 0  net.ipv4.conf.lo.log_martians = 0  net

http://forum.parallels.com/showthread.php?70762-Plesk-Firewall-amp-IP-Range You want to use the bitmask at the end, heres a quick cheat sheet: 11.11.11.11/32 <- just the host 11.11.11.11 11.11.11.0/24 <- the whole 11.11.11.0 network (254 ips) 11.11.0.0/16 <- the 11.11.0.0 network (64k ips) 11.0.0.0/8 <- the 11.0.0.0 network (16million ips) Ahh taking out germany huh. So netmasks can be kind of daunting if you don't understand the guts of tcp/ip. Short version, the bitmask is a binary representation of a network block. So what that means is that in binary this: 255.255.255.0 looks like 11111111.11111111.11111111.00000000 and if you add all those 1's up you get: 24 It helps if you can do math in binary. Which is probably one of the least useful skills a person can have. Its actually my 2nd least useful skill, my first is I can also read heiroglyphics. But I digress, the answer for your firewall netblocks question is you need 2 networks:

PHP-FPM installation has been completed. I have removed php in > /etc/yum.conf exclude list and installed php-fpm through yum. mod_fcgid > enabled and working fine. > /etc/php-fpm.conf > /etc/httpd/conf/php.conf > > LoadModule fcgid_module modules/mod_fcgid.so > > Website is working fast now while compare previous php settings.

Lighttpd     Brief info: Pronounced “Lighty”, Lighttpd is as the name implies a small, lightweight web server which has a low memory footprint and light CPU load. Lighttpd is a good alternative to serve static content but it has also gained recognition in the Ruby on Rails and PHP communities.     Used by: Wikimedia (Wikipedia), Sourceforge, YouTube, The Pirate Bay, Meebo, Imageshack, Sendspace, Mininova.     Cost: Free     Open Source: Yes     OS platforms: Linux, freeBSD, Solaris, MacOS X, Windows (under Cygwin)     Homepage: www.lighttpd.net Nginx     Brief info: Pronounced “engine X”, Nginx is a lightweight web server and reverse proxy. Originally written by Igor Sysoev for Rambler.ru (Russia’s second most visited website). Nginx is known for stability and simple configuration in addition to its low resource consumption. It can also act as an IMAP/POP3 proxy.     Used by: Yellow Pages, Hulu, Zimbra, the Friends for Sale Facebook app, Rambler, and it also seems that Wo

I tried "/scripts/updatenow --force" but that doesn't work either. I fixed it by deleting upcp from /scripts/ and using rsync to get it from rsync://rsync.cpanel.net/scripts/ rsync -av rsync://rsync.cpanel.net/scripts/ /scripts/

We are receiving internal server error message when i try to access email queue option from WHM. Here is the error: Internal Server Error 500 No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/addon_cmq.cgi): subprocess exited with status 2 cpsrvd/11.38.0.19 Server at server06.247workinghost.com solution: /scripts/perlinstaller –force JSON::XS

I found that horde will use 'popen' function to open /var/qmail/bin/sendmail. And will use 'escapeshellcmd' function to send an e-mail. After removed those two functions from 'disable_functions' parameter (/etc/php.ini), horde and mail system will be OK.  escapeshellarg - removed this function in disable_functions. [which means enabled in php.ini]      It's just a setting change:     edit /usr/share/psa-horde/config/conf.php.     Change the line that says:     $conf['mailer']['type'] = 'sendmail';     to     $conf['mailer']['type'] = 'smtp'; http://forum.parallels.com/showthread.php?75426-Failed-to-open-sendmail-Horde-not-sending-emails

The following will enable legacy backups for all accounts Code: https://<hostname>:2087/<session_token>/xml-api/backup_skip_users_all?api.version=1&backupversion=legacy_backups&state=1 The following will disable legacy backups for all accounts. Code: https://<hostname>:2087/<session_token>/xml-api/backup_skip_users_all?api.version=1&backupversion=legacy_backups&state=0 The following will enable all accounts for the new backup system. Code: https://<hostname:2087/<session_token>/xml-api/backup_skip_users_all?api.version=1&backupversion=backups&state=1 The following will disable all users from using the new backup system. Code: https://<hostname>:2087/<session_token>/xml-api/backup_skip_users_all?api.version=1&backupversion=backups&state=0 Running any of the mentioned API calls will take some time to update (depending on how many accounts your machine has). Took me an average 10 minutes

Fixing file and directory permission. find /home/*/public_html/* -type f -exec chmod 644 {} \; find /home/*/public_html/* -type d -exec chmod 755 {} \; we can specify user by replace * with usename To fix the permission for all the websites. for i in `ls /var/cpanel/users` ; do chown -R $i.$i /home/$i/public_html/* ; done for folder only to be 700 + sub dir find . -type d -exec chmod 0755 {} \; for file only to be 600 + sub dir find . -type f -exec chmod 0644 {} \; find /home/*/public_html -type d -exec chmod 0755 {} \; find /home/?/public_html -type d -perm 777 -print -exec chmod 755 {} \; find /home/*/public_html -type f -perm 777 -print -exec chmod 644 {} \; find /home/*/public_html/wp-content/uploads -exec chmod 777 -R {} \; or use this technique: find /home/*/public_html -type d -perm 777 > badpermlist find /home/*/public_html -type d -perm 777 > badpermlist for each in `cat badpermlist` do chmod 755 $each done # This script ma

Partitioned disk using sgdisk as follows,which means disk structure copied to replaced drive. # sgdisk --backup=table /dev/sdb # sgdisk --load-backup=table /dev/sda # sgdisk -G /dev/sda OR Use sfdisk command, -replace the old /dev/sda hard drive with a new one  sfdisk -d /dev/sdb | sfdisk /dev/sda OR  sfdisk /dev/sdb > part_table sfdisk /dev/sda < part_table sfdisk /dev/sda < part_table --force To view the disk structure. parted  /dev/sdb parted  /dev/sda Added the partition to raid array, Ex: /dev/sda1 to /dev/md1 array and /dev/sda2 to /dev/md2   mdadm --add /dev/md1 /dev/sda1---------------->add the sda1 to raid md1.    mdadm --detail /dev/md1--------------------->details To remove failed disk from raid.    mdadm /dev/md1 -f /dev/sda1  ---------->mark sda1 as faulty drive.     mdadm --detail /dev/md1------>shown sda1 degraded    mdadm /dev/md1 -r /dev/sda1 ---------------->remove sda1 from md1. Refer:-  http://www.cyber

# Other default tuning values # MySQL Server Instance Configuration File # ---------------------------------------------------------------------- # Generated by the MySQL Server Instance Configuration Wizard # # # Installation Instructions # ---------------------------------------------------------------------- # # On Linux you can copy this file to /etc/my.cnf to set global options, # mysql-data-dir/my.cnf to set server-specific options # (@localstatedir@ for this installation) or to # ~/.my.cnf to set user-specific options. # # On Windows you should keep this file in the installation directory # of your server (e.g. C:\Program Files\MySQL\MySQL Server X.Y). To # make sure the server reads the config file use the startup option # "--defaults-file". # # To run run the server from the command line, execute this in a # command line shell, e.g. # mysqld --defaults-file="C:\Program Files\MySQL\MySQL Server X.Y\my.ini" # # To install the server a

mod_pagespeed caches resources to disk. If you are running on a heavily loaded server or a VPS, disk IO is a premium. So we should really cache to memory, its faster, cheaper and easy to set up. Put this in /etc/fstab, please change the uid & guid to the appropiate user & group of your apache webserver, and the path to your needs. Feel free to change the size (here it is 256Mb) and set to use the httpd user.     tmpfs /var/www/mod_pagespeed/cache tmpfs size=256m,mode=0775,uid=httpd,gid=httpd 0 0 Save it, and after that mount the tmpfs: /bin/mount tmpfs /var/mod_pagespeed/cache -i -t tmpfs mod_pagespeed will now be even faster!

[root@tlondon ~]# mount -t tmpfs tmpfs /ephemeral mount: wrong fs type, bad option, bad superblock on tmpfs,        missing codepage or helper program, or other error        (for several filesystems (e.g. nfs, cifs) you might        need a /sbin/mount.<type> helper program)        In some cases useful info is found in syslog - try        dmesg | tail  or so TRY this, [root@tlondon packages]# /bin/mount tmpfs /ephemeral -i -t tmpfs /bin/mount tmpfs /var/mod_pagespeed/cache -i -t tmpfs

for apache put this entry in .htaccess files, <FilesMatch ".(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$"> Header set Cache-Control "max-age=290304000, public" </FilesMatch> ## EXPIRES CACHING ## <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType text/css "access plus 1 month" ExpiresByType application/pdf "access plus 1 month" ExpiresByType text/x-javascript "access plus 1 month" ExpiresByType application/x-shockwave-flash "access plus 1 month" ExpiresByType image/x-icon "access plus 1 year" ExpiresDefault "access plus 2 days" </IfModule> ## EXPIRES CACHING ## For nginx,put this entry in domain vhost file[/etc/nginx/vhost/ser.com] locati

1) There is huge session problem. Some time all start working well and some time no body able to login. Apparently session variable stop working. Error:  Within the Apache error logs, this message appeared over and over: [emerg] (28)No space left on device: Couldn't create accept lock command to see semaphores, Added the below lines in /etc/sysctl.conf Increased Apache Semaphore value system wide kernel.msgmni = 15727 kernel.sem = 250 256000 32 1024 2). Open file limits error.  Modified fs.file-max=200000 in /etc/sysctl.conf

It is recommended to run these commands in a screen (remote management module console) session as you will likely lose the SSH connection as soon as the new settings are applied Important: Ensure that Ethtool is installed on your operating system before proceeding further. Open the file: # vi /etc/sysconfig/network-scripts/ifcfg-eth0 Append following line directly beneath the ‘DEVICE’ line: ETHTOOL_OPTS="speed 100 duplex full autoneg off" You can simply restart networking to change the port settings of your network interface. WARNING: This will terminate your SSH connection. /etc/init.d/network restart

Need to increase the max_input_vars value.

If you are using cPanel with Exim and want to relay your email through SendGrid, go to Main > Service Configuration > Exim Configuration Editor, click on the Advanced Editor button, and enter the following:     begin authenticators sendgrid_login:   driver = plaintext   public_name = LOGIN   client_send = : username : YourSendGridPassword Only include “begin authenticators” if it’s not already in the configuration. Add a route in the Router Configuration Box:   send_via_sendgrid:   driver = manualroute   domains = ! +local_domains   transport = sendgrid_smtp   route_list = "* smtp.sendgrid.net::587 byname"   host_find_failed = defer   no_more Add a transport to the Transport Configuration Box: sendgrid_smtp:   driver = smtp   hosts = smtp.sendgrid.net   hosts_require_auth = smtp.sendgrid.net   hosts_require_tls = smtp.sendgrid.net Once you have completed and saved all changes to Exim’s configuration files, you will need to restart it

#!/bin/bash tech=$(cat /proc/loadavg | awk '{print $1}' | awk -F. '{print $1}') if [ $tech -ge 50 ] then /bin/ps -ef | mail -s "imediatube server PROCESS report" aztest@gmail.com /usr/bin/tail -n50 /var/log/{messages,dmesg} | mail -s "imediatube server DMESG report" aztest@gmail.com fi

Need to add the wildcard dns entry in the template file: /var/cpanel/templates/apache2_2/vhost.default [% FOREACH alias IN vhost.serveralias_array -%]     ServerAlias [% alias %] ServerAlias *.[% wildcard_safe(vhost.servername) %]

After transferring some web sites to new server, most of them (joomla, and similar php applications) stopped working because of errors like "fatal error: out of memory" After research, it turned out that reason is too low RLimitMEM parameter in httpd.conf. It had value that were set by "Memory Usage Restrictions" script from cPanel Apache Configuration. Most of them try to increase the php memory limit. -Remove the RLimitMEM directives in httpd.conf

Apahce Errorlog: libmysqlclient.so.18: cannot open shared object file: No such file or directory root@x3430-24863 [/usr/lib64]# php php: error while loading shared libraries: libmysqlclient.so.18: cannot open shared object file: No such file or directory which means php needs shared library libmysqlclient.so.18,but it doesn't exit. Fix: root@x3430-24863 [/usr/lib64]# ln -s libmysqlclient.so.16 libmysqlclient.so.18  To create symlink it with before .so file version.

At the time of dual php compilation,we can face this error, /usr/src/php-5.2.17/ext/dom/node.c: In function ‘dom_canonicalization’: /usr/src/php-5.2.17/ext/dom/node.c:1953: error: dereferencing pointer to incomplete type /usr/src/php-5.2.17/ext/dom/node.c:1955: error: dereferencing pointer to incomplete type make: *** [ext/dom/node.lo] Error 1 It need to install libxml[http://xmlsoft.org/sources/libxml2-2.7.7.tar.gz] And compile with specific path, ./configure --prefix=/opt/xml/ Then during Dual php compilation give like this.......>--with-libxml-dir=/opt/xml/  Method 2: ------------- 1. cd php-5.2.17  2. ./configure --disable-fileinfo --enable-bcmath --enable-calendar --enable-ftp --enable-gd-native- ttf --enable-libxml --enable-sockets --prefix=/opt/php52 --with-config-file-path=/opt/php52/lib --with-co nfig-file-scan-dir=/opt/php52/lib/php.ini.d --with-curl=/opt/curlssl/ --with-freetype-dir=/usr --with-gd --with-imap=/opt/php_with_imap_client/ --with-imap-

For example,if you want to install ffmpeg php module for secondary php. At the time of compiling,please add the secondary php installation path. Ex: ./configure --with-php-config=/opt/lsphp53/bin/php-config  --enable-shared

In suphp,it is easy to install dual php,but it is bit difficult in dso. At first,Need to compile the dual php,please follow the below link:  http://servermanagement24x7.com/how-to-configure-dual-php-or-two-versions-of-php-on-a-linux-cpanel-server.html 1. We need to enable/install suphp module in apache via easyapche or manually. 2. Add the suphp module in php.conf, After the DSO module entry,add the entry as below. LoadModule suphp_module modules/mod_suphp.so suPHP_Engine on <Directory />     suPHP_AddHandler application/x-httpd-php53---->for php5.3 </Directory> 3. Set Userid for suphp binary file. chmod u+s /opt/suphp/sbin/suphp That's all.

1. Add wildcard entry in DNS zone of main domain. 2. Dont create server alias[*.example.com] in main doamin,then both non-existing & existing accounts will show main domain content. we need create seperate 3.  Create an dummy account in WHM and change its vhost as below, ServerName example1.com ServerAlias *.example.com[wildcard to main DocumentRoot /home/example/public_html Now all non-existing accounts will show main domain content and existing accounts will show their own contents.

ps -ylC apache2 | awk '{x += $8;y += 1} END {print "Apache Memory Usage (MB): "x/1024; print "Average Proccess Size (MB): "x/((y-1)*1024)}'