Linux Servers cPanel webhosting blog

GETCONF command not working

Gunjan — Fri, 18 May 2012 07:49:29 +0000

After upgrading the RPM on the server While using the GTECONF receiving the following error message.

GETCONF command missing

The above error message occur because glibc libraries are corrupted, to resolve the above error message run the following command from the shell but make sure that you have loggin in to the server as a root user.

yum install glibc*

The above command update the “glibc-common” and “glibc-utils” Packages to repair the glibc libraries.Now run the command “getconf LONG_BIT”, it will show you the following result.

getconf LONG_BIT result

As per above server having 32 bit OS.

Hide port for Ruby rail application

Gunjan — Thu, 17 May 2012 16:21:00 +0000

Basically Ruby Rail application run on its own port therefore in the application, we have to use the respective application with the domain name, for example the Ruby rail application is configured on the port 3111 then we will browse it in the browser as

http://yourdomainname.com:3111

By using the following simple code in the .htaccess, we can hide the Ruby rail application.

RewriteEngine on

RewriteCond %{HTTP_HOST} ^yourdomainname.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.yourdomainname.com$
RewriteRule ^typo-5.0.3 http://127.0.0.1:3111%{REQUEST_URI} [P,QSA,L]

If you have any query E-mail us…

DDOS attack solution part 2

Gunjan — Thu, 17 May 2012 06:13:59 +0000

In the last thread we have found out the DDOS initial stag and we have use the simple iptale command to stop the but if still facing the DDOS attack and then its better to add the iptable rule to block the DDOS ips by using the following iptable rules.

iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp –tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp –tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp –tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,URG URG -j DROP

The above iptables rull will check the connection for “SYN,FIN SYN,FIN” flag an once IP address found out the firewall will block the ips. Monitor the iptable rules performance and if still having issue then refer to the following URL “DDOS attack solution part 3″

Enable Telnet on Windows Vista

Gunjan — Wed, 16 May 2012 16:22:54 +0000

Basically by default,the Windows Vista won’t provide the Telnet service. The Telnet client is for the text based communication with remote server. We can install the Telnet by using the following steps:

1. Click Start then select Control Panel.

2. Select Programs and Features.

3. Select Turn Windows features on or off.

4. Select the Telnet Client option.

5. Click OK.

6. A new dialog box will be appear to confirm the installation. The Telnet client command should now be available now.

DDOS attack solution

Gunjan — Wed, 16 May 2012 14:16:06 +0000

In a modern days because of heavy competition many time DDOS attacks occur on Servers to destroy the reputation of hosting company.The lack of DDOS attack understanding many time tech engineers are not able to understand the attack and only monitoring the server and RAM memory.

In initial stage in DDOS attack, first check the connection for Apache web server by using the following simple commands.

netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n | tail

If any ip having excessive connection to the server then block it in the server by using the following command.

iptables -A INPUT -s xx.xx.xx.xx -p tcp –dport 80 -j DROP
iptables -A INPUT -s xx.xx.xx.xx drop

Now monitor the server for excessive connection ip for 10 to 15 minutes and block but if still you are facing the problem refer to the next part “Secure Server From DDOS“.

What is a cron job?

Gunjan — Tue, 15 May 2012 15:00:10 +0000

The cron job is allowed to run the command or script as per the schedule time as per requirement. A cron job is a scheduled task in the Linux flavor which executes after a certain time interval. For example the cron is used to generate the backup for mysql, hosting account or to send E-mails. By default the daemon process is configured for the cron job service, so that when ever server rebooted, crond service will started automatically and execute the cron as per the scheduled time. The cron service scans the file /etc/crontab every minute and it checks in an every line and once cron service triggers as per scheduled crons time/date information.
If the time/date is equal, then the cron job command will be executed. The main configuration file for cron, /etc/crontab, contains the following lines.

root@[~]# cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# For details see man 4 crontabs
# Example of job definition:
# .—————- minute (0 – 59)
# | .————- hour (0 – 23)
# | | .———- day of month (1 – 31)
# | | | .——- month (1 – 12) OR jan,feb,mar,apr …
# | | | | .—- day of week (0 – 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

If any reason the cron jobs are stopped to working the first check the service status of crond
service by running the following commands

service crond status
or
/etc/init.d/crond status

If the crond service is stopped, then starts it by using the following command from the shell or
from the whm.

service crond start
or
/etc/init.d/crond start

To list the cron jobs for the particular user refer to the command, it will show the cron set under
the particular user with the detail of time and commands.

crontab -l -u user_name

To edit the cron jobs for the paricular user refer to the command

crontab -e -u username

Once cron job setup completed make sure that cron job is running without any problem. We can
check the cron logs under the /var/log/cron file.

Block traffic from single referrer

Gunjan — Mon, 14 May 2012 05:09:37 +0000

The traffic from the referrer is useful for sites rank and promotion but some time wrong referrer can cause the bandwidth and ddos attacks therefore its always better to block such spam referrer. We can block the single referrer by using the following code in the .htaccess file.

The following code will disable the referrer from blocksinglereferrer.com

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} blocksinglereferrer\.com [NC]
RewriteRule .* – [F]

If you are facing the problem from too many referrer sites then you can refer to the following code.

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} blocksinglereferrer\.com [NC,OR]
RewriteCond %{HTTP_REFERER} blocksinglereferrer1\.com
RewriteRule .* – [F]

In above code the referrer from blocksinglereferrer.com and blocksinglereferrer1.com disabled.

Stop .pl .cgi Script Execution From Browser

Gunjan — Mon, 14 May 2012 04:09:35 +0000

To secure the web content from the hacker by executing the .pl or .cgi script, we can refer to the following code under the .htaccess file, so that when ever hacker try to execute the .pl or .cgi script, the script will show the plain text content instead of scripts execution result.

Create the simple .htaccess file or use the existing .htaccess file present under the root of your domain and insert the following code.

AddType text/plain .pl .cgi
or
Addhandler text/plain .pl .cgi

Mysql error – Acesss denied for the user to the database

Gunjan — Fri, 11 May 2012 14:46:21 +0000

The “Acesss denied for the user to the database” is a very common Mysql error. The Mysql error is occur due to the Mysql database username is not bind to the Mysql database therefore “Acesss denied for the user to the database” is occur.As soon as we create the MySQL database user then we will need to be given a privilege to access the specific databases to the newly created Mysql database user. Refer to the following steps to assign the privilege for Mysql database user to connect specific Mysql database.

Steps
1 Click on the Mysql icon above the words MySQL Databases on the cPanel main screen interface.

2 Select the Mysql Database user you want to grant privilege/ permissions from the drop box next to “Add User To Database” section:

3 Select the privileges which you want to grant the user to have by checking the box next to the privilege’s name.

Mysql Privileges

4 Click Make changes button to Db to give the user permission to access the database.

You can also refer the following Video

Grant Privilege To Mysql Database User

Partition targeted by hackers to hack Linux Server

Gunjan — Thu, 10 May 2012 14:58:18 +0000

Basically hackers uploading the hacking script under the server insecure partition, so that hacking script easily executed server side and user can’t understand where hacking script is actually.To secure the server make sure that partition not having execution permission.Once in every week monitor the following partition and remove the files which is seems to be hacking file.

/tmp
/dev/shm
/usr/local/apache/proxy
/usr/local/flash