Google Chrome – is it just another browser?

Google Says,

At Google, we have a saying: “launch early and iterate.” While this approach is usually limited to our engineers, it apparently applies to our mailroom as well! As you may have read in the blogosphere, we hit “send” a bit early on a comic book introducing our new open source browser, Google Chrome. As we believe in access to information for everyone, we’ve now made the comic publicly available — you can find it here. We will be launching the beta version of Google Chrome tomorrow in more than 100 countries.

So why are we launching Google Chrome? Because we believe we can add value for users and, at the same time, help drive innovation on the web.

All of us at Google spend much of our time working inside a browser. We search, chat, email and collaborate in a browser. And in our spare time, we shop, bank, read news and keep in touch with friends — all using a browser. Because we spend so much time online, we began seriously thinking about what kind of browser could exist if we started from scratch and built on the best elements out there. We realized that the web had evolved from mainly simple text pages to rich, interactive applications and that we needed to completely rethink the browser. What we really needed was not just a browser, but also a modern platform for web pages and applications, and that’s what we set out to build.

On the surface, we designed a browser window that is streamlined and simple. To most people, it isn’t the browser that matters. It’s only a tool to run the important stuff — the pages, sites and applications that make up the web. Like the classic Google homepage, Google Chrome is clean and fast. It gets out of your way and gets you where you want to go.

Under the hood, we were able to build the foundation of a browser that runs today’s complex web applications much better. By keeping each tab in an isolated “sandbox”, we were able to prevent one tab from crashing another and provide improved protection from rogue sites. We improved speed and responsiveness across the board. We also built a more powerful JavaScript engine, V8, to power the next generation of web applications that aren’t even possible in today’s browsers.

This is just the beginning — Google Chrome is far from done. We’re releasing this beta for Windows to start the broader discussion and hear from you as quickly as possible. We’re hard at work building versions for Mac and Linux too, and will continue to make it even faster and more robust.

We owe a great debt to many open source projects, and we’re committed to continuing on their path. We’ve used components from Apple’s WebKit and Mozilla’s Firefox, among others — and in that spirit, we are making all of our code open source as well. We hope to collaborate with the entire community to help drive the web forward.

The web gets better with more options and innovation. Google Chrome is another option, and we hope it contributes to making the web even better.

So check in again tomorrow to try Google Chrome for yourself. We’ll post an update here as soon as it’s ready.

Mount 2nd Hard Drive

1. Login to your server and “su -” to root (Do not forget the “-” after su).

2. Verify that the disk is present and there is nothing on it. Make note of the geometry, you will need the size of the disk in megabytes. It may vary slightly depending on drive brand and model.

# parted -s /dev/hdc print
Disk geometry for /dev/ide/host1/bus0/target0/lun0/disc: 0.000-78533.437 megabytes
Disk label type: msdos
Minor    Start       End     Type      Filesystem  Flags

3. Initialize the disk and create a partition.

# parted -s /dev/hdc mklabel msdos
# parted -s /dev/hdc mkpart primary ext2 0 78533.437

*** This last number needs to match the size of the drive in megabytes, as reported in Step 2 ***

4. You will need to reboot your server at this point to make sure the partition table is updated properly. If you do not, it is possible that the partition will disappear or be misaligned which will result in data loss.

5. After your server is rebooted, check the partition table and make sure your new partition is there and you do not receive any warnings from parted.

# parted -s /dev/hdc print
Disk geometry for /dev/ide/host1/bus0/target0/lun0/disc: 0.000-78533.437 megabytes
Disk label type: msdos
Minor    Start       End     Type      Filesystem  Flags
1          0.031  78528.669  primary

6. Now we can create a filesystem on our new partition.

# mke2fs -j /dev/hdc1

7. Create a mount point and add the new filesystem to the fstab so it is mounted automatically.

# mkdir /mnt/drive2
# echo "/dev/hdc1 /mnt/drive2 ext3 defaults 0 0" >> /etc/fstab

8. Mount your new filesystem and verify that it mounted correctly.

# mount /mnt/drive2
# mount
/dev/hdc1 on /mnt/drive2 type ext3 (rw)       <- make sure you see this line

Guide to Moving a Large mySQL Database to new Server using BigDump

So you have a larger mySQL database of more than 30 MB size, you want to move it to a new server, and you’re unable to import your database to the new server via phpMyAdmin, due to its time and size limitations.
But don’t worry, its not a big problem. It can be done using a tool BigDump

Here are the steps involved in moving your large database to a new server easily.

1. First you will have to download your old mySQL database to your local computer. This can be done via phpMyAdmin using the Export function.
2. Download the dumper from BigDump website, and unzip it to your local computer, using Winzip or any other unzip tool.

3. Create a new folder named e.g. “dump” on your new web server, and change its permissions to chmod 777. (Do change it back to default when you’re don’t with importing database.)
4. Open the unzipped file bigdump.php in a text editor like notepad, and adjust the database setting, i.e. database name, username, password.
5. Upload bigdump.php along with the dump file (downloaded from old server) to the new server under the directory we just created named “dump”

6. Now open the bigdump.php file by using a browser, i.e. Firefox, Internet Explorer, using address something like http://www.yourwebsite.com/dump/bigdump.php
7. Select the appropriate options and start the process, then wait for the process to finish, do not close your browser, if you do so, then you will have incomplete database on your new server. As the dump file is present on the server it will take less than a minute to complete the process, if the dump file is, consider 40 MB.
8. You must remove your dump (MySQL) file and the bigdump.php file from your server, also delete the dump folder, or change its permissions back to default.

How To Install CHKROOTKIT

1. Login to your server as root. (SSH)

2. Down load the chkrootkit.
Type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

3. Unpack the chkrootkit you just downloaded.
Type: tar xvzf chkrootkit.tar.gz

4. Change to new directory
Type: cd chkrootkit*

5. Compile chkrootkit
Type: make sense

6. Run chkrootkit
Type: ./chkrootkit

If it says “Checking `bindshell’… INFECTED (PORTS: 465)”
This is normal and it is NOT really a virus.

Installing and Configuring Nagios

1) Getting Nagios

You need root access on the server, where you would like to install Nagios. Login as root.

Create a directory for downloads.

#mkdir -p /usr/src/backs/nagios
#cd /usr/src/backs/nagios

Download source of nagios and nagios-plugins at http://www.nagios.org/download/.

#wget http://keihanna.dl.sourceforge.net/sourceforge/nagios/nagios-1.2.tar.gz
#wget http://easynews.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.3.1.tar.gz

2) Compilation and installation of Nagios

Login as root and create a user, say “nagios”

#su
#adduser nagios
#passwd nagios
Changing password for user nagios.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

In some servers normal users may not have permission to use ‘mail’ inorder to send alerts.

usermod -G mail nagios  

Make a directory for working with the source code.

mkdir -p /usr/src/works/nagios
cd /usr/src/works/nagios/
tar -zxvf /usr/src/backs/nagios/nagios-1.2.tar.gz
cd nagios-1.2/
 ./configure
The default is fine for normal operation. for details see the file 'INSALL'.
./configure --prefix=prefix --with-cgiurl=cgiurl --with-htmurl=htmurl
--with-nagios-user=someuser --with-nagios-grp=somegroup
./configure
make all
make install
make install-init # Needed to add the service 'nagios'.
make install-commandmode
make install-config

Install the plugins

cd ../
tar -zxvf /usr/src/backs/nagios/nagios-plugins-1.3.1.tar.gz
cd nagios-plugins-1.3.1/
./configure
NOTE:- For mysql and postgresql plugins to work, their  libraries have
to be installed. so to avoid installing those we will use 'check_tcp'
Instead later with seperate port for mysql and postgresql.
make
make check
make install

Libraries will be installed in ‘/usr/local/nagios/libexec’ position by the default installation. If there is no contents do the following.

 mkdir /usr/local/nagios/libexec
 mv /usr/lib/nagios/plugins/* /usr/local/nagios/libexec/
 ln -s /lib/libcrypto.so.0.9.7a /lib/libcrypto.so.4

3) Post install Configuration of Nagios

Edit apache’s httpd.conf file. (the location of the httpd.conf file may differ)

vim /etc/httpd/conf/httpd.conf

Add the following line at the end of the file.

Include /etc/httpd/conf/nagios.conf

Create the file ‘/etc/httpd/conf/nagios.conf’.

vi /etc/httpd/conf/nagios.conf

Add the following contents to this file.

-------------------------------------------------
ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/
    <Directory ?/usr/local/nagios/sbin/?>
        AllowOverride AuthConfig
        Options ExecCGI
        Allow from all
        Order allow,deny
    </Directory>

Alias /nagios/ /usr/local/nagios/share/
    <Directory ?/usr/local/nagios/share?>
        Options None
        AllowOverride AuthConfig
        Order allow,deny
        Allow from all
    </Directory>
--------------------------------------------------

Make sure the updations done with http is fine and restart apache.

#service httpd restart

Create ‘.htaccess’ file in ‘/usr/local/nagios/share/’ and ‘/usr/local/nagios/sbin/’.

#touch /usr/local/nagios/share/.htaccess
#touch /usr/local/nagios/sbin/.htaccess

Add the following contents to both these files.

AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
require valid-user

Create the username, password for logging into the Nagios interface.

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
ls -l /usr/local/nagios/etc/htpasswd.users

Make it available for the user who runs httpd.

chmod o+r /usr/local/nagios/etc/htpasswd.users

Restart the httpd service.

service httpd restart

5)Advanced Nagios Configurations.

Rename the sample files to the real names.

cd /usr/local/nagios/etc/
for i in *sample ; do mv $i `echo "$i" |sed s/-sample//` ; done

Edit the main conf file, nagios.cfg. and change only these lines.

check_external_commands=1

Make these Cgi specific changes in cgi.cfg.

use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin

Add servers that need to be monitored

Make the Host specific changes to the hosts.cfg.

 Generic host definition template
define host{
        name                            generic-host
        notifications_enabled          1
        event_handler_enabled          1
        flap_detection_enabled          1
        process_perf_data              1
        retain_status_information      1
        retain_nonstatus_information    1

        register                        0
        }

define host{
        use                    generic-host            ; Name of host
template to use

        host_name              <FQDN of server>
        alias                  <Any alias name for the host>
        address                <IP of server>
        check_command          check-host-alive
        max_check_attempts      10
        notification_interval  120
        notification_period    24x7
        notification_options    d,u,r
        }

Repeat for all the hosts we want to check.

Group them in hostgroups.cfg

define hostgroup{
        hostgroup_name  <Host group name>
        alias          <any alias name>
        contact_groups  <contact group name>
        members        <<host1>,<host2>,..>
}

Repeat for all the hosts groups.

Specify the services that need to be checked

Edit the details of all the services, we want checked by Nagios in services.cfg.

 Generic service definition template
define service{
        name                            generic-service
        active_checks_enabled          1
        passive_checks_enabled          1
        parallelize_check              1
        obsess_over_service            1
        check_freshness                0
        notifications_enabled          1
        event_handler_enabled          1
        flap_detection_enabled          1
        process_perf_data              1
        retain_status_information      1
        retain_nonstatus_information    1
        register                        0
        }

define service{
        use                            generic-service
        host_name                      <FQDN of server to check the service>
        service_description            <Service name>
        is_volatile                    0
        check_period                    24x7
        max_check_attempts              3
        normal_check_interval          3
        retry_check_interval            1
        contact_groups                  <contact group name for alerts
to send>
        notification_interval          120
        notification_period            24x7
        notification_options            w,u,c,r
        check_command                  <check command for the service>
        }

Repeat for each service on each host.

Specify Alert Contacts

In order to specify details of the contacts for alerts, we need to edit contacts.cfg.

 'nagios' contact definition
define contact{
        contact_name                    <contact name>
        alias                          <some nickname>
        service_notification_period    24x7
        host_notification_period        24x7
        service_notification_options    w,u,c,r
        host_notification_options      d,u,r
        service_notification_commands  notify-by-email,notify-by-epager
        host_notification_commands
host-notify-by-email,host-notify-by-epager
        email                          <email address of the contact>
        pager                          <pager or mobile no.(optional)>
        }

Repeat for all contacts.

Group the contacts

Edit contactgroups.cfg, in order to specify groups of contacts.

define contactgroup{
        contactgroup_name      <contact group name>
        alias                  <any nickname for the group>
        members                <members (comma seperated)>
        }

Repeat for all groups to include all contacts

Escelating with nagios

If you need to send selective alerts, for example when critical issues occur, simply configure the escalations.cfg file.

define serviceescalation{
        host_name                      <FQDN of the server>
        service_description            < name>
        first_notification              2
        last_notification              6
        contact_groups                  < groups (comma seperated)>
        notification_interval          0
        }

Repeat for all escalations Once again, check all the files, nagios.cfg cgi.cfg hosts.cfg hostgroups.cfg, services.cfg, contacts.cfg, contactgroups.cfg, escalations.cfg and checkcommands.cfg Restart httpd and then Nagios.

service httpd restart

Add Nagios to system services.

chkconfig --add nagios
service nagios restart

Check for any errors reported, and solve them one by one if any.
Enable nagios in runlevels, so that it starts on boot.

chkconfig nagios on

Create cron.daily entry if we want to restart the service daily. Here is the script.

vi etc/cron.daily/nagios-restart.cron
#!/bin/sh
/sbin/service nagios restart >/dev/null 2>&1

Make it executable

chmod +x etc/cron.daily/nagios-restart.cron

And finally, Check if nagios is working fine.!!!

http://NAGIOS-SERVER-NAME/nagios/index.html

How to sync data between 2 servers automatically?

Have you ever wanted to know how to easily synchronize the data between multiple servers automatically?
In this article I’ll explain how to setup 2 Linux servers to automatically synchronize data between a specific directory on each server. To do this we will use rsync, ssh key authentication, and a cron job.

Let’s call the 2 servers ‘SOURCESERVER’ and ‘DESTSERVER’ for
SOURCESERVER = Source server (the server we’re connecting from to upload the data)
DESTSERVER = Destination server (the server we’re connecting to receive the data)

Part 1 – Setting up SSH key authentication

First, we need to make sure the DESTSERVER has the ability to use key authentication enabled. Find your sshd configuration file (usually ‘/etc/ssh/sshd_config’) and enable the following options if they are not already set.

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

If you edit the file be sure to restart sshd afterwards.

# /etc/init.d/sshd restart

Next, on the SOURCESERVER we will create the public / private key pair to be used for authentication with the following command.

# ssh-keygen -t rsa

*Note: Do not enter a passphrase for this, just hit enter when prompted.

This should create 2 files, a public key file and a private key file.
The public key file (usually [homedir]/.ssh/id_rsa.pub) we will upload to the DESTSERVER.
The private key file (usually [homedir]/.ssh/id_rsa) we will keep on the SOURCESERVER.
*Be sure to keep this private key safe. With it anyone will be able to connect to the DESTSERVER that contains the public key.

Now we will plant the public key we created on to the DESTSERVER.
Choose the user account which you will use to connect to on DESTSERVER, we’ll call this user ‘destuser’ for now.
In that account’s home directory, create a ‘.ssh’ subdirectory, and in that directory create a new text file called ‘authorized_keys’. If it already exists, great, use the existing file.
Open the ‘authorized_keys’ file and paste in the contents of the public key you created in the previous step (id_rsa.pub). It should look something like the following

ssh-rsa <lots and lots of characters…> sourceuser@SOURCESERVER

Save the file and change the permissions to 600 for the file and 700 for the ‘.ssh’ directory.

Now to test that the keys are working.
From the SOURCESERVER try logging in as normal using ssh to the DESTSERVER.

# ssh destuser@DESTSERVER

If all is working you should not be prompted for a password but instead connected directly to a shell on the DESTSERVER.

Part 2 – Creating the rsync script

Now for the rsync script.
I use a simple script such as the following

——————————————-

#!/bin/bash

SOURCEPATH=’/source/directory’
DESTPATH=’/destination’
DESTHOST=’123.123.123.123′
DESTUSER=’destuser’
LOGFILE=’rsync.log’

echo $’\n\n’ >> $LOGFILE
rsync -av –rsh=ssh $SOURCEPATH $DESTUSER@$DESTHOST:$DESTPATH 2>&1 >> $LOGFILE
echo “Completed at: `/bin/date`” >> $LOGFILE

——————————————-

Copy this file into the home directory of the sourceuser on the SOURCESERVER
and modify the first 4 variables in the file.
SOURCEPATH (Source path to be synced)
DESTPATH (Destination path to be synced)
DESTHOST (Destination IP address or host name)
DESTUSER (User on the destination server)
Save it as something like ‘rsync.sh’
Set the permissions on the file to 700.
# chmod 700 rsync.sh

Now you should be able to run the script, have it connect to the DESTSERVER, and transfer the files all without your interaction.
The script will send all output to the ‘rsync.log’ file specified in the script.

Part 3 – Setting up the cron job

Assuming everything has worked so far all that’s left is to setup a cron job to run the script automatically at a predefined interval.

As the same sourceuser use the ‘crontab’ command to create a new cron job.

# crontab -e

This will open an editor where you can schedule the job.
Enter the following to have the script run once every hour

——————————————-
# Run my rsync script once every hour
0 * * * * /path/to/rsync.sh
——————————————-

Your 2 servers should now be syncing the chosen directory once every hour.
Hope this helped, let me know if you have any questions.

How to Restore off a mounted slave disk on Redhat + Cpanel (crash/hack/bad kernel)

How to Restore off a mounted slave disk on Redhat + Cpanel (crash/hack/bad kernel)

Warning: This is not to be done by the unexperienced admins bad things could happen. Hire someone.

Sometimes if you get hacked or boot with a bad kernel you need to have the datacenter mount your old drive, and install a new one with a fresh installation of redhat. First things first lets make sure you have an updated kernel, we will do it with up2date for ease of use:

up2date -f kernel

check the grub.conf /or lilo config to ensure the settings are right. (if using lilo run this command aswell /sbin/lilo -v -v and check for errors)

Now reboot the server

shutdown -r now
I. Mount the backup Drive

First check to see if there are any drives mounted.

df -h

You should get something simular to this if it isent mounted yet:

[root@localhost root]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda2 37G 1.4G 33G 4% /
/dev/hda1 101M 7.7M 88M 9% /boot
none 125M 0 125M 0% /dev/shm
[root@localhost root]#

if it is mounted you will see something like this:

-bash-2.05b# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda3 53G 31G 20G 62% /
/dev/hda1 99M 14M 80M 15% /boot
none 248M 0 248M 0% /dev/shm
/dev/hdc3 53G 31G 20G 61% /mnt/old
-bash-2.05b#

as you can see hdc3 is the old drive, and it is mounted as /mnt/old. Yours will be diffent possibly. But keep in mind you need to know the mount point for the backup drive for the following steps.

Lets mount if not already mounted.

fdisk -l

check for additional drives, in this tutorial we will use /dev/hdc3.

mount /dev/hdb3 /mnt/old

now that the drive is mounted you can browse files like:

ls /mnt/old/home

II. Rsync the files

Do these commands one by one,

rsync -vrplogDtH /mnt/old/usr/local/apache/conf /usr/local/apache
rsync -vrplogDtH /mnt/old/var/named /var
rsync -vrplogDtH /mnt/old/home/* /home
rsync -vrplogDtH /mnt/old/usr/local/cpanel /usr/local
rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib
rsync -vrplogDtH /mnt/old/var/cpanel /var
rsync -vrplogDtH /mnt/old/usr/share/ssl /usr/share
rsync -vrplogDtH /mnt/old/var/ssl /var
rsync -vrplogDtH /mnt/old/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty
rsync -vrplogDtH /mnt/old/var/log/bandwidth /var/log
rsync -vrplogDtH /mnt/old/usr/local/frontpage /usr/local
rsync -vrplogDtH /mnt/old/var/spool/cron /var/spool

Next Step – Get some important files from etc:

cd /mnt/old/etc
rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* proftpd* pure-ftpd* passwd* group* *domain* *named* wwwacct.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl /etc

Now would be a good time to change your password for root:

passwd

III. Updating software and restarting services

/scripts/upcp
/scripts/updatenow
/scripts/sysup
/scripts/fixeverything
/scripts/exim4
/scripts/easyapache
/scripts/securetmp

This is needed to update cpanel information. Please note, sshd might fail and not start after running fixeverything. You have to login to whm, and go to the rpm installer and “FORCE” install opensshd-server, opensshd, opensshd-client and then restart sshd from whm.

IV. Restarting services

/scripts/restartsrv httpd
/scripts/restartsrv cpanel
/scripts/restartsrv mysql
/scripts/restartsrv named
/scripts/restartsrv exim

After you are pleased that everything is working fine, restart the entire server.

This tutorial works 100% on redhat, 7.3, 8.0, 9.0 and fedora. it has been tested on those boxes. But remember, if you dont know what your doing them hire someone to check your server out.

Stop PHP nobody Spammers

PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where. Watching your exim_mainlog doesn’t exactly help, you see th email going out but you can’t track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you’ll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP – so everything will go through /usr/sbin/sendmail =)

Requirements:
We assume you’re using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we’re only tested it on a Cpanel/WHM Red Hat Enterprise system.

Time:
10 Minutes, Root access required.

Step 1)
Login to your server and su – to root.

Step 2)
Turn off exim while we do this so it doesn’t freak out.
/etc/init.d/exim stop

Article provided by WebHostGear.com

Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

Step 4)
Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date – $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n”;
}
else {

print INFO “$date – $PWD -  @infon”;

}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach  (@ARGV) {
$arg=”$arg” . ” $_”;
}

open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

Step 5)
Change the new sendmail permissions
chmod +x /usr/sbin/sendmail

Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7)
Start Exim up again.
/etc/init.d/exim start

Step
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function – a message board, a contact script.
tail – f /var/log/spam_log

Sample Log Output

Mon Apr 11 07:12:21 EDT 2005 – /home/username/public_html/directory/subdirectory -  nobody x 99 99   Nobody / /sbin/nologin

Log Rotation Details
Your spam_log file isn’t set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.

pico /etc/logrotate.conf

FIND:
# no packages own wtmp — we’ll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}

ADD BELOW:

# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}

Notes:
You may also want to chattr + i /usr/sbin/sendmail so it doesn’t get overwritten.

Enjoy knowing you can see nobody is actually somebody

How to install MRTG on Your Cpanel Server

How to install MRTG on Your Cpanel Server

The Multi Router Traffic Grapher or just simply MRTG is free software for monitoring the traffic load on network links. It allows the user to see traffic load on a network over time in graphical form. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of this traffic. How does it work? MRTG uses the Simple Network Management Protocol (SNMP) to send requests with two object identifiers (OIDs) to a device. The device, which must be SNMP-enabled, will have a management information base (MIBs) to lookup the OID’s specified. After collecting the information it will send back the raw data encapsulated in an SNMP protocol. MRTG records this data in a log on the client along with previously recorded data for the device. The software then creates an HTML document from the logs, containing a list of graphs detailing traffic for the selected device.

This is a “How to” for installing MRTG (2.9.17) on a cpanel server. Let’s start:

# Download the software (http://oss.oetiker.ch/mrtg/) and move it to your download folder on your server. Or use the RPM installation information further down below.
cd /root/downloads

# Unninstall any older version in case we have an old/broken installation
rpm -e mrtg

# Get the latest rpm. The RPM might not reflect the latest available stand-alone version
wget http://www.dedicated-resources.com/files/mrtg-2.9.17-1cpanel.i386.rpm
# Or grab a newer version from here: http://rpmfind.net/linux/rpm2html/search.php?query=mrtg

# Installing the application
rpm -Uvh mrtg-2.9.17-1cpanel.i386.rpm

# Moving libpng
cd /usr/lib
mv libpng.so.2 libpng.so.2.OLD

# Creating the symlink
ln -s libpng.so.3 libpng.so.2

# Edit language at and specify only “en_US”
pico /etc/sysconfig/i18n

# Restarting MRTG
service mrtg restart

# Configure MRTG to allow only your local IP to see the reports at http://IP/mrtg – Important: If your local IP changes due to DHCP very often, you should skip this step.
# This can be happening often when being on DSL.

pico /usr/local/apache/conf/httpd.conf

#Search for the line (CTRL+W):
# It should look like this:
Options Indexes FollowSymlinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
#After the last line () paste this and change allowed IPs:
order deny,allow
allow from [ SERVER IP ]
allow from [YOUR LOCAL IP]
deny from all
# Restarting httpd
service httpd restart

# Let’s put MRTG to start with the system
chkconfig –level 0123456 mrtg on

# Important: Add MRTG to the up2date skip-list of your server. If you don’t do this, after the system updates your MRTG installation will be broken.
up2date –configure
# Select the skip-list option
# Add mrtg to the skip-list
“mrtg*”
After this final step, your MRTG report should be available at: http://SERVER_IP/mrtg

[cPanel] Move Large Site from one Server to another

1. Login to your server and su – to root (do not forget the – after su).

2. Change to the /home directory:

# cd /home

3. Run the following command: (this may take a while depending on the size of your site)

# /scripts/pkgacct USERNAME

(NOTE: USERNAME is the name of the user account not domain in cPanel).

4. Move the resulting file to the home directory of your primary user:

# mv /home/cpmove-USERNAME.tar.gz /home/primaryuser/cpmove-USERNAME.tar.gz

5. Change permissions of the file:

# chmod 755 /home/primaryuser/cpmove-USERNAME.tar.gz

6. Login to the destination server and su – to root (do not forget the – after su).

7. Change to the /home directory (see step #2).

8. Run the following command:

# /scripts/restorepkg USERNAME

**You may want to delete the “cpmove-USERNAME.tar.gz” from both servers as it may consume a lot of disk space.*