Apache Semaphore issue

Semaphore issues

This is one of the rarest conditions which I came across. The webserver failed to load with following error messages in the server log file. The server had fairly good uptime and was a busy server.

============================================================

[emerg] (28)No space left on device: Couldn't create accept lock [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [notice] Digest: generating secret for digest authentication ... [notice] Digest: done [warn] pid file /etc/httpd/run/httpd.pid overwritten -- Unclean shutdown of previous Apache run? [emerg] (28)No space left on device: Couldn't create accept lock

 ===========================================================

Apache service issue - Module issues

Module issues

Apache may experience issues  to load apache modules configured . The error log will contain the information indicating the issue. In such cases, make sure the  .so file of the module is present in the correct location and it is accessible. If the location is correct check whether the module has any issues. You can check it using the command “ldd”

A sample output would look like this

root@redhat003 [/usr/local/apache/modules]# ls

 

./   httpd.exp   ../   mod_hostinglimits.so* mod_security2.so




Apache service issue - Unable to bind to port

Unable to bind to port

The webserver will fail to bind to the concerned port i.e. 80 if it is open by another process. In such cases, we need to identify the process which occupies the port and need to terminate it.The following command will show the existing connections to port 80

#netstat -an | grep \\.80



or

You can identify the apache process using the command as well




# pgrep httpd




or

The process associated with the port number using the following command:




#lsof -i tcp:80




Apache service issue Log file size

Log file size

Older kernal versions may not be capable of handling files more than 2 GB.  This creates issue for apache if the size of error_log exceeds 2 GB. In such cases, simply clearing the log file alone fix the issue.

# : > /usr/local/apache/logs/error_log

Whitelist Mod_security rules for a CPanel account

Preface:
Sometimes you may arise an issue like this. When a client tries to install IFrames he gots the following error

"you don't have permission to access /e107_admin/cpage.php on this server"


This issue arises due to this installtion is blocked by a mod_security rule

Recover the issue
First  you’ll need to get the Rule ID number. You can find these either in the apache error log (grep for your IP) or if you have CSF installed and keep getting your IP blocked, check /etc/csf/csf.deny to see if its listing the mod_security rule that you were blocked from.

ie

#grep <ip> /usr/local/apache/logs/error_log
or
#grep <ip> /etc/csf/csf.deny

From here you will get the application ID

Once you have the rule’s id number, you will need to create the following file

vi /usr/local/apache/conf/userdata/std/2/USER/<domain.com>/<anything>.conf

For example
vi /usr/local/apache/conf/userdata/std/2/USER/example.com/modsec.conf

Now open the .conf file and add the below mentioned lines in it.


<IfModule mod_security2.c>
SecRuleRemoveById <NUMBER>
</IfModule>


Be sure to replace <NUMBER> with the Rule ID number of the mod_security rule you need to whitelist. Save the file, and then run the following commands, replacing <CPANEL USER> with the actual cpanel user name.

/scripts/ensure_vhost_includes --user=<CPANEL USER>
/usr/local/cpanel/bin/apache_conf_distiller --update
/usr/local/cpanel/bin/build_apache_conf

:)

cPanel Shell commands

Restart chkservd:
/etc/init.d/chkservd restart

Tail Apache log:
tail -f /usr/local/apache/logs/error_log

Updates the cpanel server software:
/scripts/upcp

Reinstalls exim:
/scripts/exim4

View traffic or if you think a site is being DDoS:
cd /usr/local/apache/domlogs
tail -f targetsite.com

Correct bandwidth issues
/scripts/cleanbw

Useful commands

Useful Commands for checking the domains

1:#traceroute domain.com
2:#whois domain.com
3:#dig domain.com
4:#ping domain.com

File permissions in cPanel accounts

Please use below mentioned files for your account

Permissions

/home/user               711
/home/user/public_html   750
public_html/directory    755
public_html/file         644

Command to find the hacked files

You can search the hacked files using the below mentioned command


#grep -ril <hack content> ./*

For example
#grep -ril 'Hacked By Sizzling Soul' ./*

Wordpress Blank page occuring when clicking on Permalinks

Officially, Permalinks are the permanent URLs to your individual weblog posts, as well as categories and other lists of weblog postings. A permalink is what another weblogger will use to link to your article (or section), or how you might send a link to your story in an e-mail message. The URL to each post should be permanent, and never change — hence permalink.

Permalinks would help us to retrieve an article from a huge collection and its the most important significance of it.

In this article, I'm going to describe how an issue with the Blank Permalinks page can be resolved


Issue

The Permalinks page in Wordpress Administration panel appears to be Blank

Whereas it should be show more options

Mysql Connection

The below mentioned command is used for the mysql connection test.

1. Touch a php file for example
    connection.php

2. Coppy paste below mentioned code in that file

Traceroute

You can use below steps to take the traceroute results from different operating systems.

In Windows,
Start > Programs > Accessories > Command Prompt.
c:\> tracert <domain.com>

Linux:
get into a terminal and execute the command as given below
$traceroute <domain.com>

MAC
These steps were created using Mac OS X. For earlier operating systems, you will need to download and use a third party program.
1. From your hard-drive, open the Applications folder, and click to open the Utilities folder.
2. Double-click Terminal.
3.Type traceroute followed by your domain name, and hit Enter.

Iostat

Iostat

iostat (input/output statistics) an utility that reports Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions. The iostat command is used for monitoring system input/output device performance.  This is quite handy to identify which partition is being heavily used and if any HW issues exists.  The details regarding the various parameters will make this article quite confusing. So I am focusing on the values which needs to be monitored during a suspected server issue.




# iostat -x


 As you can see from the result the first part  explains the IO activities for the cpu.  You can get the CPU performance alone using the following command-line.

How to clear /temp

You can use below mentioned commands

find /tmp -size +2M -mtime +2 -exec rm {} \; 

Removes all files greater than 2 MB size that was last modified before 48 hours

Remove Sess files

find . -type f -name "FILE-TO-FIND" -exec rm -f {} \;

find /tmp -type f -name "sess_*" -exec rm -f {} \;




use this along with mtime parameter only or this will never end

Socket and Port

Socket vs Port

In the context of computer networking, a socket is an end point of a bidirectional communication that occurs in a network that is based on the internet protocol. Sockets will distribute the data packets that are coming through the communication channel to the correct application. This is done using the information such as IP address and port number. In general a (software) port is a logical data connection that can be used to exchange data. On the internet TCP and UDP ports are used to exchange data between computers and these are the most widely used ports.

Basic cPanel Details

Ports
Webmail - 2095
whm - 2086
cPanel - 2082


grep domain.com /etc/userdomains
grep example.com /etc/userdomains

The primary domain of a user , is specified in the file  /etc/trueuserdomains

Packages -

user details
/var/cPanel/users/<username>

If the account is not a resold one then the owner will be either "root" or the one specified by the admin.

The packages are placed within the folder /var/cPanel/packages

/var/cPanel/features:

Disk space script fixes it normally: /scripts/fixquotas

exiqgrep & exigrep

exiqgrep & exigrep

exigrep searches the log, while exiqgrep is exim queue grep. See the table which has the link to the documentation as well.


    52.2 exiqgrep grep the queue
    52.3 exiqsumm summarize the queue
    52.4 exigrep grep search the main log


Exiqgrep Options & Usages

Options                 What is the option for            Usage

-i                         list the message IDs                    exiqgrep -i
-z                         show frozen messages                exiqgrep -z
-x                             show unfrozen messages            exiqgrep -x
-f                         match the sender address  exiqgrep -f beserk2@server1.beserk.com.au
-r                         match the recipient address     exiqgrep -r update_profile@westpac.com.au
-c                         count the matching results exiqgrep -c -r update_profile@westpac.com.au
-o                            older than a number of seconds   exiqgrep -o 43000
-y                        younger than a number of seconds / to get the latest emails exiqgrep -y 3600

Shell

The word Shell is an application / binary / program in Linux/ Unix machines.

Details
The main purpose of a shell (the program) is to act as an interface between the Operating System's Kernel and the user. Basically when you type ls command in the shell programs like /bin/bash, ksh, sh, csh or tcsh, shell or those programs are taking the keyboard inputs of `ls` and when  you type an ‘Enter’ it passes `ls` command to the shell. The shell tries to interpret those keystrokes as commands.

The shell applies its built-in rules to figure out that you want to run the executable command in the file /bin/ls. It makes a system call asking the kernel to start /bin/ls as a new child process and give it access to the screen and keyboard through the kernel. Then the shell goes to sleep, waiting for ls to finish.

When /bin/ls is done, it tells the kernel it's finished by issuing an exit system call. The kernel then wakes up the shell and tells it it can continue running. The shell issues another prompt and waits for another line of input.

It's called a shell because it wraps around and hides the operating system kernel.

Other usages of word shell in an Unix box
The /etc/shells file contains a list of login shells on the system. Applications use this file to determine whether a shell is valid

=======================================================

sarath@sage3:~$ cat /etc/shells
# /etc/shells: valid login shells
/bin/sh
/bin/dash
/bin/bash
/bin/rbash
/usr/bin/screen
======================================================

For more details, check References

References
http://www.iitk.ac.in/LDP/HOWTO/Unix-and-Internet-Fundamentals-HOWTO/running-programs.html
http://www.lancs.ac.uk/~tipper/writing/luui/html/unix-intro007.html

Exim Commands

1. To check the number of emails present in the queue:

# exim -bpc

2. To check the emails present in the queue with the mail id and sender ID:

# exim -bp
# exim -bp | less

3. To view the header of a particular email using mail ID:

# exim -MvH mail_id

4.  To view the body of a particular email using mail ID:

# exim -Mvb mail_id

5. To view a message's logs:

# exim -Mvl mail_id

How to create CSR for SSL Installation

SSL means Secure Sockets Layer. It is a technology that the communications between the user and the web server go through in a encrypted format. It helps to prevent hack attacks from outside. You see a padlock icon when you use a web page that is protected by SSL, that assures you that the page is secure.

Please note
For SSL installation the account require dedicated IP and a valid SSL Certificate


Steps to create CSR from WHM

1.Login to WHM

2.Select Generate a SSL Certificate & Signing Request under the SSL/TLS Tab in the left side of WHM

3.Provide the correct details.

4.Then click the Create bottom.  Now the private key, and CSR will send to the below mention email address (Contact Info)

Change HTTPD port number

We all know that the default Port number of Apache is 80. For more security purpose we can change Apache port number, Please see below mentioned steps inorder to change the port number.



Assume you need  to change the port number of httpd from  80 to 8080 and for https from 443 to 1023

Search the httpd configuration file


#vi /usr/local/apache/conf/httpd.conf

Add multiple Webmail Interfaces in Plesk

Sometimes you may arise a situation that client need to access multiple webmails Applications (such as Horde, SqurrileMail, Roundcube ...)  at a time in Plesk, through different links such as webmail.domainname.com for Horde and domainname.com/webmail for SqurrileMail. In such situation you can follow the below mentioned steps.

Please go through the example inorder to solve these type of issues.

At first login to Plesk and go to the Clients control panel

Click on Mail tab as specified in the screen shot.

 

Now you will be directed to the following page. Click on Change Settings option in the Mail tab.

Multiple PHP versions in the cPanel server

The PHP version on the servers will be the most tested out or proven one. But some clients may want a newer version and make use of the various upcoming features. Due to the various compatibility issues,  we can't perform a server wide PHP version change. In such cases, we need to install the newer version with the existing one and enable the client to switch to the newer one by changing the Handler.

Scenario

The client is hosted on a server with php 5.3.24 and he want to enable  5.4.14 for his domain.  There are  various blogs about running different major version of PHP on the server ie php 5 and php 4. But enabling different minor versions of same major version is a tricky one.

Recompile and install the default PHP (Optional)

If the existing installation is fine and has the necessary modules , then you can skip this step. Otherwise you need to recompile it using

/scripts/easyapache

Once it is done. You can proceed with the new PHP 5.4.14

Wordpress Sample index page

If you face any hack attempts like, may be your your wordpress index page is hacked by the hcaker. You can use below mentioned  index page.

===========================================================


<?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */
/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define('WP_USE_THEMES', true);
/** Loads the WordPress Environment and Template */
require('./wp-blog-header.php');

===============================================================

Mysql Commands

Configuration file

/etc/my.cnf     /root/.my.cnf


>mysqladmin varialbles

>mysql

>mysql -h <hostname/IP> -u user -p<password> dbname

logs
datadir     cPannel-/var/lib/mysql       server_name.err


file formats - storage engine format


Create Database

>mysqladmin create dbname;
>mysql> use dbname;
>SELECT User FROM mysql.user;
>mysql> show databases;
>mysql> show tables;
>mysql>CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
>select user();

Command to change the permissions

Use below mentioned command to change the permissions

For files


find . -type f -exec chmod 644 {} \;


For Directories

find . -type d -exec chmod 755 {} \;

:)

Command to find Symbolic links

Some times we may face hack attempts in the servers. The hackers place may symbolic links in a particular account in order to login to other account also as root user.

In order to find the symbolic links in the server use below mentioned command

#find . -type l -not -xtype l