Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. When working with a Linux server, chances are, you will spend most of your time in a terminal session connected to your server through SSH. There are different ways to login into the server using ssh and here I am discussing about the ssh key based authentication. Continue reading
RAID is a technology that is used to increase the performance and/or reliability of data storage. It combines multiple physical disk drive components into a single logical unit. Data in RAID is distributed across the drives in one of several ways, referred to as RAID levels, depending on the required level of redundancy and performance. The different schemas, or data distribution layouts, are named by the word RAID followed by a number
Note
In all the diagrams mentioned below:
A, B, C, D, E,F,G and H – represents blocks
p1, p2,p3 and p4 represents parity
RAID 0 divides a set of data among multiple hard drives, usually two drives.This configuration has striping but no redundancy of data. It offers the best performance but no fault-tolerance.If one drive fails then all data in the array is lost.
RAID 1 stores an exact copy of your data on two or more drives. This makes your data much more secure; if one drive in the system fails, your data can simply be retrieved from any other drive in the system. This is known as data redundancy.
Level 5 is one of the most popular configuration of RAID and is the most common secure RAID level. It requires at least 3 drives but can work with up to 16. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are not written to a fixed drive, they are spread across all drives.
Provides block-level striping with parity data distributed across all disks. It requires at least 4 drives and can withstand 2 drives dying simultaneously. The chances that two drives break down at exactly the same moment are of course very small.This technique is similar to RAID 5.If a drive in a RAID 5 systems dies and is replaced by a new drive, it takes hours to rebuild the swapped drive. If another drive dies during that time, you still lose all of your data. With RAID 6, the RAID array will even survive that second failure.
Combining RAID 1 and RAID 0, this level is referred to as RAID 10, which offers higher performance than RAID 1 but at a much higher cost. In RAID 1+0, the data is mirrored and the mirrors are striped.This is a hybrid RAID configuration. It provides security by mirroring all data on secondary drives while using striping across each set of drives to speed up data transfers.
All RAID levels except RAID 0 offer protection from a single drive failure. A RAID 6 system even survives 2 disks dying simultaneously. For complete security you do still need to back-up the data from a RAID system.
Based on the number of available disk drives and your requirements for performance and reliability. Disk drive usage, read performance, and write performance depend on the number of drives in the array. In general, the more drives, the better the performance.
While RAID 0 is the least costly, it could never be used for databases unless you can withstand data loss or rebuild adequately from other backed up media.
RAID 1 and 10 win on data protection, but lose in terms of disk costs. RAID 10 offers the best performance and data protection, but at a cost.
RAID 5 offers the best trade-off in terms of price and performance, and includes data protection for database use.
Sometimes we need to get the output of df command in an arranged manner to use the output in some scripting or not. You can use the following command to view the output in properly formatted form.
df -Ph
-P, --portability use the POSIX output format -h, --human-readable print sizes in human readable format (e.g., 1K 234M 2G)
You can check the following screenshots for more details.
Continue reading
For getting the successful cPanel/WHM logins, using the following commands.
For getting the successful cPanel logins.
cat /usr/local/cpanel/logs/session_log | grep "myuser" | grep "NEW .*app=cpaneld" # "myuser" is cPanel username xx.xx.xx.xx [09/11/2015:13:17:40 -0000] NEW myuser:bOMyuserz8hKvThis1XUgnISnh4AWMMXSampleKgHE3lString1JpnOSiK5a45t3 address=122.165.84.98,app=cpaneld,creator=myuser,method=handle_form_login,path=form,possessed=0
For gettign successful WHM logins
cat /usr/local/cpanel/logs/session_log | grep "root" | grep "NEW .*app=whostmgrd" # Use required WHM user instead of "root" xx.xx.xx.xx [09/05/2015:07:22:39 -0000] NEW root:KGJsPXy_h243av2XchbPGBajfsSDj0eRz4ryHIj_tGZtYODFSZVb5s4rkdx20LJd address=xx.xx.xx.xx,app=whostmgrd,creator=root,method=handle_form_login,path=form,possessed=0
Here I am writing a short guide to setup IM client for Kayako live chat, as I feel the instructions in their website is little confusing. Setting up IM ( XMPP ) live chat client is very helpful for people, whom are using Linux as there is no official Live Cht client for Linux yet.
To start with the configuration, you need to install an IM client first. I use Pidgin on my system and it is one of my personl favourites.
Next you need to register your throaway yourhelpdeskname.kayako.com FQDN for your heldesk. You can do it from https://my.kayako.com/Backend/ChatDomain/ ; make sure you have a valid to login their system. Additionally inster your helpdesk URL with “https” if you have SSL installed for your helpdesk; otherwise you will not be able to add encryption support to the chat.
Once the FQDN is generated, copy it out.
Now open your IM client and add a new Account. Fill in the values as following.
Username :- Your helpdek user name
Domain :- FQDN generated from https://my.kayako.com/Backend/ChatDomain/
Password :- Your helpdesk password
Connect Server :- chatgateway.kayako.com
Connect Port :- 5222
Connection Security :- Require Encryption ( if you have https enabled ; else use “Use encryption if it is available” )
Thats it! Enable account and enjoy the live chat facility 🙂
To read more about the instructions and tips to handle chats, please have a look at https://kayako.atlassian.net/wiki/display/DOCS/Kayako+Chat+Gateway
We were not able to send mails from Round Cube and while trying we were getting this error.
SMTP Error (535): Authentication failed
To fix this we need to make a change in the RoundCube config file.
In a normal server , roundcube config file will be this /usr/share/roundcube/config/main.inc.php
To fix this we need to change the below value and save the config file.
$rcmail_config[‘smtp_user’] = ‘%u’;
to
$rcmail_config[‘smtp_user’] = ”;
After this you should be able to send mails without any issues.
Installation
—————-
PNP is an addon for the Nagios Network Monitoring System. PNP provides easy to use, easy to configure RRDTools based performance charts feeded by the performance data output of the Nagios Plugins. To install this,
1. Download the latest version of pnp4nagios source from http://sourceforge.net/projects/pnp4nagios/
2. Untar it and cd into the extracted directory.
3. Run ./configure –with-nagios-user=nagios –with-nagios-group=nagios
a. Some lines run across the screen after running this. The paths shown should be checked. If the displayed values aren’t correct you can change them calling ./configure with appropriate options( ./configure –help ).
NB:: Make sure that we have rrdtool and perl-rrdtool are installed on our server.
4. Run make; make install clean; make install-webconf; make install-config; make install-init;
Attention: After copying the configuration file for the web server you have to restart the web server (/etc/init.d/httpd restart).
A detailed installation documentation can be found at http://docs.pnp4nagios.org/pnp-0.6/install
Configuration
——————
We can configure pnp4nagios in three different modes, they are
Default Mode
Bulk Mode
Bulk Mode with NPCD
Among these, Default mode is less complicated and it will take less time to configure. To configure pnp4nagios in Default mode,
1. Enable processing of performance data in nagios.cfg. Please note that this directive might already exist in the config file. Default is “0�?.
process_performance_data=1
2. Data processing has to be disabled in the definition of every host or service whose performance data should NOT be processed. By default it isn’t enabled for any definitions. Just make sure that the particular directive isn’t explicitly set to 1.
define service {
…
process_perf_data 0
…
}
3. Set enable_environment_macros to 1 in nagios.cfg
4. Additionally the command to process performance data is to be specified in nagios.cfg
service_perfdata_command=service_perfdata
5. Starting with Nagios 3.0 it may be useful to enable processing of performance data for hosts as well. Due to changed host check logic Nagios 3 now performs regularly scheduled host checks.
host_perfdata_command=host_perfdata
6. Define the following two commands from nconf
check command name – service_perfdata
check command line – /usr/bin/perl /usr/local/pnp4nagios/libexec/process_perfdata.pl
check command name – host_perfdata
check command line – /usr/bin/perl /usr/local/pnp4nagios/libexec/process_perfdata.pl -d HOSTPERFDATA
7. Save the changes and run generate nagios configuration.
Read more details at http://docs.pnp4nagios.org/pnp-0.4/config
Last day there was an issue for a wordpress installation. None of the product images are not working and if we take the image directly in the browser, we can see the below errors
==================
Warning: Creating default object from empty value in /home/wp-user/public_html/wp-content/plugins/shopp/core/model/Asset.php on line 123
Warning: Cannot modify header information – headers already sent by (output started at /home/wp-user/public_html/wp-content/plugins/shopp/core/model/Asset.php:123) in /home/wp-user/public_html/wp-content/plugins/shopp/core/model/Asset.php on line 199
Warning: Cannot modify header information – headers already sent by (output started at /home/wp-user/public_html/wp-content/plugins/shopp/core/model/Asset.php:123) in /home/wp-user/public_html/wp-content/plugins/shopp/core/model/Asset.php on line 200
The following script will give an overview of all the domains and the corresponding hits to wordpress login page. By analyzing the result, you will be be able to find which all domains are facing brute-force attack.
for dom in `ls -l /var/www/vhosts/ | awk -F” ” {‘print $9’}`; do if [ -f /var/www/vhosts/$dom/statistics/logs/access_log ]; then COUNT=`grep wp-login.php /var/www/vhosts/$dom/statistics/logs/access_log |wc -l`; echo “$dom:$COUNT”;fi; done | sort -n -t “:” -k 2 -r
Redis is an open-source, networked, in-memory, key-value data store with optional durability. It is written in ANSI C. It’s a “NoSQL” key-value data store. More precisely, it is a data structure server.
To install Redis as daemon on a CentOS/RHEL/cPanel server, do the following steps
cd /usr/local/ wget http://download.redis.io/releases/redis-2.8.12.tar.gz tar -xvzf redis-2.8.12.tar.gz cd redis-2.8.12 make cp src/redis-server /usr/local/bin cp src/redis-cli /usr/local/bin mkdir -p /etc/redis mkdir -p /var/redis cp redis.conf /etc/redis/redis.conf
Open /etc/redis/redis.conf using vi edirot and set the values as follows.
daemonize yes port 6379 bind 127.0.0.1 dir /var/redis/ logfile /var/log/redis.log pidfile /var/run/redis.pid
Now create the startup script. Create a new file as /etc/init.d/redis and add the following contents to it ( Reference https://gist.github.com/paulrosania/257849 ). And make it executable ( chmod 755 /etc/init.d/redis ).
#!/bin/sh
#
# redis - this script starts and stops the redis-server daemon
#
# chkconfig: - 85 15
# description: Redis is a persistent key-value database
# processname: redis-server
# config: /etc/redis/redis.conf
# config: /etc/sysconfig/redis
# pidfile: /var/run/redis.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
redis="/usr/local/bin/redis-server"
prog=$(basename $redis)
REDIS_CONF_FILE="/etc/redis/redis.conf"
[ -f /etc/sysconfig/redis ] && . /etc/sysconfig/redis
lockfile=/var/lock/subsys/redis
start() {
[ -x $redis ] || exit 5
[ -f $REDIS_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $redis $REDIS_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading $prog: "
killproc $redis -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
Now make sure the daemon will start after server reboot.
chkconfig --add redis chkconfig redis on
Now we can start redis using command /etc/init.d/redis start
To make sure redis is working, run command “redis-cli ping” from commandline. If you get result “PONG”, that shows redis is working.
Now install redis PHP extension, using following command.
pecl install redis
Now open php.ini ( /usr/local/lib/php.ini on cPanel servers ) file and add the following line to it
extension=redis.so
Now restart Apache to apply the changes to php.ini file.