Archive for » January, 2010 «

Horde session issue?

By Gunjan · January 27, 2010

There is a very common  issue where Horde prevents access to webmail by repeatedly redirecting viewers to Language Selection screen. The following commands, executed as root, will solve these issues:

root@server[~]#/usr/local/cpanel/bin/checkperlmodules
root@server[~]#/scripts/fullhordereset
root@server[~]#myisamchk -r /var/lib/mysql/horde/horde_sessionhandler.MYI

If still you have problem then check the ownership for session directory present in /var/cpanel/userhomes/cpanelhorde directory.

root@server[~]#ll /var/cpanel/userhomes/cpanelhorde

drwx–x–x 4 cpanelhorde cpanelhorde 4096 Jun  5  2009 ./
drwx–x–x 7 root        root        4096 Dec 17 01:48 ../
drwxr-x— 2 cpanelhorde cpanelhorde 4096 Jun  5  2009 mail/
drwx—— 2 cpanelhorde cpanelhorde 4096 Jan 27 14:01 sessions/
Session directory should be cpanelhorde.cpanelhorde ownership recursively


Category: E-mails issue, Linux Permissions, VPS  Tags: , , , , ,  Comments off

How to define iptables rules save option?

By Gunjan ·

iptables creating rules after restarting the iptables. When iptables service is restarted settings from /etc/sysconfig/iptables file are applied and used with the iptables.

You can either set up iptables rule so that current stat is saved the rule upon restart or stop/start:

You need to make changes in following file as per your requirement for values received in following GREP result.

root@server[~]# grep IPTABLES_SAVE /etc/sysconfig/iptables-config
IPTABLES_SAVE_ON_STOP=”no”
IPTABLES_SAVE_ON_RESTART=”no”
IPTABLES_SAVE_COUNTER=”no”

Or overwrite current settings with iptables-save to /etc/sysconfig/iptables file:

root@server[~]# iptables-save > /etc/sysconfig/iptables

Note : Its always good if we use NO option for following options because some time due to wrong rule we face major problem to access server.

IPTABLES_SAVE_ON_STOP=”no”
IPTABLES_SAVE_ON_RESTART=”no”
IPTABLES_SAVE_COUNTER=”no”


Category: Basic Linux, Linux Administrator Interview Questions, Server Security, VPS  Tags: , , , , , , ,  Comments off

Simple steps for SSH Server Hardening.

By Gunjan · January 12, 2010

SSH Server Hardening in one of the security part to secure your server.Refer following steps to secure SSH.

root@serevr[~]#pico /etc/ssh/sshd_config

Uncomment  #Protocol 2, 1

Change to Protocol 2

Append these lines to the bottom:

LoginGraceTime 120
IgnoreRhosts yes
X11Forwarding no
Save file and restart the SSH service.

root@serevr[~]#/etc/rc.d/init.d/sshd restart

Note : SSH Protocol one  based servers are facing many automated root kits attacks.As a result to step up the security Protcol 2 should be enabled on server.The reason to use SSH Protocol 2 on any webserver is that it is more secure as compare to protocol 1.

Category: Linux Administrator Interview Questions, Server Security, VPS  Tags: , , , , , , ,  One Comment