hosting... servers... solutions... on LINUX | Nazeem's Blog

MySQL Commands

2010-08-18T14:44:00.001-07:00

This is a list of handy MySQL commands that I use time and time again. At the bottom are statements, clauses, and functions you can use in MySQL. Below that are PHP and Perl API functions you can use to interface with MySQL. To use those you will need to build PHP with MySQL functionality. To use MySQL with Perl you will need to use the Perl modules DBI and DBD::mysql.

Below when you see # it means from the unix shell. When you see mysql> it means from a MySQL prompt after logging into MySQL.

To login (from unix shell) use -h only if needed.

# [mysql dir]/bin/mysql -h hostname -u root -p

Create a database on the sql server.

mysql> create database [databasename];

List all databases on the sql server.

mysql> show databases;

Switch to a database.

mysql> use [db name];

To see all the tables in the db.

mysql> show tables;

To see database's field formats.

mysql> describe [table name];

To delete a db.

mysql> drop database [database name];

To delete a table.

mysql> drop table [table name];

Show all data in a table.

mysql> SELECT * FROM [table name];

Returns the columns and column information pertaining to the designated table.

mysql> show columns from [table name];

Show certain selected rows with the value "whatever".

mysql> SELECT * FROM [table name] WHERE [field name] = "whatever";

Show all records containing the name "Bob" AND the phone number '3444444'.

mysql> SELECT * FROM [table name] WHERE name = "Bob" AND phone_number = '3444444';

Show all records not containing the name "Bob" AND the phone number '3444444' order by the phone_number field.

mysql> SELECT * FROM [table name] WHERE name != "Bob" AND phone_number = '3444444' order by phone_number;

Show all records starting with the letters 'bob' AND the phone number '3444444'.

mysql> SELECT * FROM [table name] WHERE name like "Bob%" AND phone_number = '3444444';

Show all records starting with the letters 'bob' AND the phone number '3444444' limit to records 1 through 5.

mysql> SELECT * FROM [table name] WHERE name like "Bob%" AND phone_number = '3444444' limit 1,5;

Use a regular expression to find records. Use "REGEXP BINARY" to force case-sensitivity. This finds any record beginning with a.

mysql> SELECT * FROM [table name] WHERE rec RLIKE "^a";

Show unique records.

mysql> SELECT DISTINCT [column name] FROM [table name];

Show selected records sorted in an ascending (asc) or descending (desc).

mysql> SELECT [col1],[col2] FROM [table name] ORDER BY [col2] DESC;

Return number of rows.

mysql> SELECT COUNT(*) FROM [table name];

Sum column.

mysql> SELECT SUM(*) FROM [table name];

Join tables on common columns.

mysql> select lookup.illustrationid, lookup.personid,person.birthday from lookup left join person on lookup.personid=person.personid=statement to join birthday in person table with primary illustration id;

Creating a new user. Login as root. Switch to the MySQL db. Make the user. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO user (Host,User,Password) VALUES('%','username',PASSWORD('password'));
mysql> flush privileges;

Change a users password from unix shell.

# [mysql dir]/bin/mysqladmin -u username -h hostname.blah.org -p password 'new-password'

Change a users password from MySQL prompt. Login as root. Set the password. Update privs.

# mysql -u root -p
mysql> SET PASSWORD FOR 'user'@'hostname' = PASSWORD('passwordhere');
mysql> flush privileges;

Recover a MySQL root password. Stop the MySQL server process. Start again with no grant tables. Login to MySQL as root. Set new password. Exit MySQL and restart MySQL server.

# /etc/init.d/mysql stop
# mysqld_safe --skip-grant-tables &
# mysql -u root
mysql> use mysql;
mysql> update user set password=PASSWORD("newrootpassword") where User='root';
mysql> flush privileges;
mysql> quit
# /etc/init.d/mysql stop
# /etc/init.d/mysql start
Set a root password if there is on root password.

# mysqladmin -u root password newpassword

Update a root password.

# mysqladmin -u root -p oldpassword newpassword

Allow the user "bob" to connect to the server from localhost using the password "passwd". Login as root. Switch to the MySQL db. Give privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> grant usage on *.* to bob@localhost identified by 'passwd';
mysql> flush privileges;

Give user privilages for a db. Login as root. Switch to the MySQL db. Grant privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES ('%','databasename','username','Y','Y','Y','Y','Y','N');
mysql> flush privileges;

or

mysql> grant all privileges on databasename.* to username@localhost;
mysql> flush privileges;

To update info already in a table.

mysql> UPDATE [table name] SET Select_priv = 'Y',Insert_priv = 'Y',Update_priv = 'Y' where [field name] = 'user';

Delete a row(s) from a table.

mysql> DELETE from [table name] where [field name] = 'whatever';

Update database permissions/privilages.

mysql> flush privileges;

Delete a column.

mysql> alter table [table name] drop column [column name];

Add a new column to db.

mysql> alter table [table name] add column [new column name] varchar (20);

Change column name.

mysql> alter table [table name] change [old column name] [new column name] varchar (50);

Make a unique column so you get no dupes.

mysql> alter table [table name] add unique ([column name]);

Make a column bigger.

mysql> alter table [table name] modify [column name] VARCHAR(3);

Delete unique from table.

mysql> alter table [table name] drop index [colmn name];

Load a CSV file into a table.

mysql> LOAD DATA INFILE '/tmp/filename.csv' replace INTO TABLE [table name] FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n' (field1,field2,field3);

Dump all databases for backup. Backup file is sql commands to recreate all db's.

# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql

Dump one database for backup.

# [mysql dir]/bin/mysqldump -u username -ppassword --databases databasename >/tmp/databasename.sql

Dump a table from a database.

# [mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql

Restore database (or database table) from backup.

# [mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql

Create Table Example 1.

mysql> CREATE TABLE [table name] (firstname VARCHAR(20), middleinitial VARCHAR(3), lastname VARCHAR(35),suffix VARCHAR(3),officeid VARCHAR(10),userid VARCHAR(15),username VARCHAR(8),email VARCHAR(35),phone VARCHAR(25), groups VARCHAR(15),datestamp DATE,timestamp time,pgpemail VARCHAR(255));

Create Table Example 2.

mysql> create table [table name] (personid int(50) not null auto_increment primary key,firstname varchar(35),middlename varchar(50),lastnamevarchar(50) default 'bato');

MYSQL Statements and clauses

ALTER DATABASE

ALTER TABLE

ALTER VIEW

ANALYZE TABLE

BACKUP TABLE

CACHE INDEX

CHANGE MASTER TO

CHECK TABLE

CHECKSUM TABLE

COMMIT

CREATE DATABASE

CREATE INDEX

CREATE TABLE

CREATE VIEW

DELETE

DESCRIBE

DO

DROP DATABASE

DROP INDEX

DROP TABLE

DROP USER

DROP VIEW

EXPLAIN

FLUSH

GRANT

HANDLER

INSERT

JOIN

KILL

LOAD DATA FROM MASTER

LOAD DATA INFILE

LOAD INDEX INTO CACHE

LOAD TABLE...FROM MASTER

LOCK TABLES

OPTIMIZE TABLE

PURGE MASTER LOGS

RENAME TABLE

REPAIR TABLE

REPLACE

RESET

RESET MASTER

RESET SLAVE

RESTORE TABLE

REVOKE

ROLLBACK

ROLLBACK TO SAVEPOINT

SAVEPOINT

SELECT

SET

SET PASSWORD

SET SQL_LOG_BIN

SET TRANSACTION

SHOW BINLOG EVENTS

SHOW CHARACTER SET

SHOW COLLATION

SHOW COLUMNS

SHOW CREATE DATABASE

SHOW CREATE TABLE

SHOW CREATE VIEW

SHOW DATABASES

SHOW ENGINES

SHOW ERRORS

SHOW GRANTS

SHOW INDEX

SHOW INNODB STATUS

SHOW LOGS

SHOW MASTER LOGS

SHOW MASTER STATUS

SHOW PRIVILEGES

SHOW PROCESSLIST

SHOW SLAVE HOSTS

SHOW SLAVE STATUS

SHOW STATUS

SHOW TABLE STATUS

SHOW TABLES

SHOW VARIABLES

SHOW WARNINGS

START SLAVE

START TRANSACTION

STOP SLAVE

TRUNCATE TABLE

UNION

UNLOCK TABLES

USE

String Functions

AES_DECRYPT

AES_ENCRYPT

ASCII

BIN

BINARY

BIT_LENGTH

CHAR

CHAR_LENGTH

CHARACTER_LENGTH

COMPRESS

CONCAT

CONCAT_WS

CONV

DECODE

DES_DECRYPT

DES_ENCRYPT

ELT

ENCODE

ENCRYPT

EXPORT_SET

FIELD

FIND_IN_SET

HEX

INET_ATON

INET_NTOA

INSERT

INSTR

LCASE

LEFT

LENGTH

LOAD_FILE

LOCATE

LOWER

LPAD

LTRIM

MAKE_SET

MATCH AGAINST

MD5

MID

OCT

OCTET_LENGTH

OLD_PASSWORD

ORD

PASSWORD

POSITION

QUOTE

REPEAT

REPLACE

REVERSE

RIGHT

RPAD

RTRIM

SHA

SHA1

SOUNDEX

SPACE

STRCMP

SUBSTRING

SUBSTRING_INDEX

TRIM

UCASE

UNCOMPRESS

UNCOMPRESSED_LENGTH

UNHEX

UPPER

Date and Time Functions

ADDDATE

ADDTIME

CONVERT_TZ

CURDATE

CURRENT_DATE

CURRENT_TIME

CURRENT_TIMESTAMP

CURTIME

DATE

DATE_ADD

DATE_FORMAT

DATE_SUB

DATEDIFF

DAY

DAYNAME

DAYOFMONTH

DAYOFWEEK

DAYOFYEAR

EXTRACT

FROM_DAYS

FROM_UNIXTIME

GET_FORMAT

HOUR

LAST_DAY

LOCALTIME

LOCALTIMESTAMP

MAKEDATE

MAKETIME

MICROSECOND

MINUTE

MONTH

MONTHNAME

NOW

PERIOD_ADD

PERIOD_DIFF

QUARTER

SEC_TO_TIME

SECOND

STR_TO_DATE

SUBDATE

SUBTIME

SYSDATE

TIME

TIMEDIFF

TIMESTAMP

TIMESTAMPDIFF

TIMESTAMPADD

TIME_FORMAT

TIME_TO_SEC

TO_DAYS

UNIX_TIMESTAMP

UTC_DATE

UTC_TIME

UTC_TIMESTAMP

WEEK

WEEKDAY

WEEKOFYEAR

YEAR

YEARWEEK

Mathematical and Aggregate Functions

ABS

ACOS

ASIN

ATAN

ATAN2

AVG

BIT_AND

BIT_OR

BIT_XOR

CEIL

CEILING

COS

COT

COUNT

CRC32

DEGREES

EXP

FLOOR

FORMAT

GREATEST

GROUP_CONCAT

LEAST

LN

LOG

LOG2

LOG10

MAX

MIN

MOD

PI

POW

POWER

RADIANS

RAND

ROUND

SIGN

SIN

SQRT

STD

STDDEV

SUM

TAN

TRUNCATE

VARIANCE

Flow Control Functions

CASE

IF

IFNULL

NULLIF

Command-Line Utilities

comp_err

isamchk

make_binary_distribution

msql2mysql

my_print_defaults

myisamchk

myisamlog

myisampack

mysqlaccess

mysqladmin

mysqlbinlog

mysqlbug

mysqlcheck

mysqldump

mysqldumpslow

mysqlhotcopy

mysqlimport

mysqlshow

perror

Perl API - using functions and methods built into the Perl DBI with MySQL

available_drivers

begin_work

bind_col

bind_columns

bind_param

bind_param_array

bind_param_inout

can

clone

column_info

commit

connect

connect_cached

data_sources

disconnect

do

dump_results

err

errstr

execute

execute_array

execute_for_fetch

fetch

fetchall_arrayref

fetchall_hashref

fetchrow_array

fetchrow_arrayref

fetchrow_hashref

finish

foreign_key_info

func

get_info

installed_versions

last_insert_id

looks_like_number

neat

neat_list

parse_dsn

parse_trace_flag

parse_trace_flags

ping

prepare

prepare_cached

primary_key

primary_key_info

quote

quote_identifier

rollback

rows

selectall_arrayref

selectall_hashref

selectcol_arrayref

selectrow_array

selectrow_arrayref

selectrow_hashref

set_err

state

table_info

table_info_all

tables

trace

trace_msg

type_info

type_info_all

Attributes for Handles

PHP API - using functions built into PHP with MySQL

mysql_affected_rows

mysql_change_user

mysql_client_encoding

mysql_close

mysql_connect

mysql_create_db

mysql_data_seek

mysql_db_name

mysql_db_query

mysql_drop_db

mysql_errno

mysql_error

mysql_escape_string

mysql_fetch_array

mysql_fetch_assoc

mysql_fetch_field

mysql_fetch_lengths

mysql_fetch_object

mysql_fetch_row

mysql_field_flags

mysql_field_len

mysql_field_name

mysql_field_seek

mysql_field_table

mysql_field_type

mysql_free_result

mysql_get_client_info

mysql_get_host_info

mysql_get_proto_info

mysql_get_server_info

mysql_info

mysql_insert_id

mysql_list_dbs

mysql_list_fields

mysql_list_processes

mysql_list_tables

mysql_num_fields

mysql_num_rows

mysql_pconnect

mysql_ping

mysql_query

mysql_real_escape_string

mysql_result

mysql_select_db

mysql_stat

mysql_tablename

mysql_thread_id

mysql_unbuffered_query

Introduction to lsof

2010-05-22T13:20:00.000-07:00

Introduction to lsof

Overview

LiSt Open Files is a useful and powerful tool that will show you opened files. In Unix everything is a file: pipes are files, IP sockets are files, unix sockets are files, directories are files, devices are files, inodes are files...

Useful Examples

So in this tangle of files lsof listst files opened by processes running on your system.

When lsof is called without parameters, it will show all the files opened by any processes.

lsof | nl

Let us know who is using the apache executable file, /etc/passwd, what files are opened on device /dev/hda6 or who's accessing /dev/cdrom:

lsof `which apache2`
lsof /etc/passwd
lsof /dev/hda6
lsof /dev/cdrom

Now show us what process IDs are using the apache binary, and only the PID:

lsof -t `which apache2`

Show us what files are opened by processes whose names starts by "k" (klogd, kswapd...) and bash. Show us what files are opened by init:

lsof -c k
lsof -c bash
lsof -c init

Show us what files are opened by processes whose names starts by "courier", but exclude those whose owner is the user "zahn":

lsof -c courier -u ^zahn

Show us the processes opened by user apache and user zahn:

lsof -u apache,zahn

Show us what files are using the process whose PID is 30297:

lsof +p 30297

Search for all opened instances of directory /tmp and all the files and directories it contains:

lsof +D /tmp

List all opened internet sockets and sockets related to port 80:

lsof -i
lsof -i :80

List all opened Internet and UNIX domain files:

lsof -i -U

Show us what process(es) has an UDP connection opened to or from the host www.test.com at port 123 (ntp):

lsof -iUDP@www.test.com:123

lsof provides many more options and could be an unvaluable foresinc tool if your system get compromised or as daily basis check tool..

How to Mounting an USB External Hardrive on Linux Machine

2010-05-22T12:04:00.000-07:00

Here are few tips to mounting your external or USB hardrive:

after you plug your usb drive just type in your console

[code] [root@austin]# dmesg [/code]

then look at this following message

usb hd plugin

at this picture the device is detected as sdb1
then you should now that the device you need to mount is on /dev/sdb1

now create the directory that will be linked to the drive
[code] mkdir /mnt/usbdrive [/code]

now mount your drive to the directory that just created before:

[code] mount -t (your partition type) /dev/sdb1 /mnt/usbdrive [/code]

remember, you should know your partition type corectly before mounting

you can try to check with this command:

[code][root@austin]#fdisk -l
Disk /dev/hda: 240 heads, 63 sectors, 1940 cylinders
Units = cylinders of 15120 * 512 bytes

Device Boot Start End Blocks Id System
/dev/hda 1 286 2162128+ c Win95 FAT32 (LBA)
/dev/hda2 * 288 1940 12496680 5 Extended
/dev/hda5 288 289 15088+ 83 Linux
/dev/hda6 290 844 4195768+ 83 Linux
/dev/hda7 845 983 1050808+ 82 Linux swap
/dev/hda8 984 1816 6297448+ 83 Linux
/dev/hda9 1817 1940 937408+ 83 Linux
/dev/sdb1 1 2010 156301488+ 83 Linux [/code]

Various filesystem types like xiafs, ext2, ext3, reiserfs is using id 83
Some systems mistakenly assume that 83 must mean ext2.

example on linux partition:

[code] mount -t ext2 /dev/sdb1 /mnt/usbdrive [/code]

if you see some error you can try other types of partition id 83

[code] mount -t ext3 /dev/sdb1 /mnt/usbdrive [/code]

if you see this kind message.

that's mean you have succesfully mounting your external hardrive!
now you can move your file through your new mounting directiory /mnt/usbdrive

FYI: the name of windows partition in linux is Vfat aka FAT file system or ntfs
the name of usb flash disk partition is usbfs

How To Format Harddrive in Linux/Unix Console

2010-05-22T12:03:00.000-07:00

Here is a simple steps how to formatting a new harddrive in linux/unix console :

First, we need to take a look all partition in your server

[code]$fdisk -l
.....
.....
Disk /dev/hdd: 320.0 GB, 320072933376 bytes
255 heads, 63 sectors/track, 38913 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System[/code]

You will see a result above that tell /dev/hdd is have 320GB but don't have any partition on it.

We need to create a new partition for /dev/hdd with these steps below :

[code]$fdisk /dev/hdd
Command : n
Command Action : p
Partition Number : 1
First Cylinder : Enter
Last Cylinder : Enter
Command : p

Disk /dev/hdd: 320.0 GB, 320072933376 bytes
255 heads, 63 sectors/track, 38913 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hdd1 1 38913 312568641 83 Linux

Command : w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.[/code]

You will see that /dev/hdd1 is ready to format
We need to verify all devices again before do a format

[code]$fdisk -l

......
Disk /dev/hdd: 320.0 GB, 320072933376 bytes
255 heads, 63 sectors/track, 38913 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hdd1 1 38913 312568641 83 Linux

$ls -al /dev/hdd1
brw-r----- 1 root disk 22, 65 Sep 9 21:00 /dev/hdd1[/code]

Next, we will start formatting the harddrive partition file system with this command below

[code]$mkfs.ext3 /dev/hdd1
mke2fs 1.39 (29-May-2006)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
39075840 inodes, 78142160 blocks
3907108 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
2385 block groups
32768 blocks per group, 32768 fragments per group
16384 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872, 71663616

Writing inode tables: 1996/2385
.....

Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information:
done

This filesystem will be automatically checked every 24 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.[/code]

Finally, We just need to mount the partition and your new harddrive is ready to use

How To Create a Container/VPS Machine With OpenVZ Server

2010-04-24T15:14:00.000-07:00

After We have installed a OpenVZ VPS Master Server, We can create a container or VPS Machine on it.
Please see this URL if you still don't have OpenVZ VPS Master Server running/installed on your server.
http://wowtutorial.org/en/tutorial/97.html

Create a VPS Machine in OpenVZ VPS Master Server

First we need to make sure we have a vps config in /etc/vz/conf
All vps config that we have created will store in this directory
VPS config is use to define a harddrive space, memory, and other config stuff

Example there are 3 config file there
[code]$ls -al /etc/vz/conf
ve-light.conf-sample
ve-vps.basic.conf-sample
ve-vps.heavy.conf-sample[/code]

Next, We will need to make sure we have precreated template in /vz/template/cache directory
[code]$ls -al /vz/template/cache

centos-4-i386-default.tar.gz fedora-core-5-i386-minimal.tar.gz-old
centos-4-i386-default.tar.gz-old fedora-core-6-i686-default.tar.gz
centos-4-i386-minimal.tar.gz fedora-core-7-i386-default.tar.gz
centos-4-i386-minimal.tar.gz-old fedora-core-7-i386-minimal.tar.gz
centos-5-i386-minimal.tar.gz mandriva-2006-i386-minimal.tar.gz
debian-3.1-i386-minimal.tar.gz opensuse-10-i386-default.tar.gz
fedora-8-i386-minimal.tar.gz slackware-12.0-i386-minimal.tar.gz
fedora-8-i386-minimal.tar.gz.1 ubuntu-6.06-i386-minimal.tar.gz
fedora-core-5-i386-default.tar.gz ubuntu-7.10-i386-minimal.tar.gz
fedora-core-5-i386-minimal.tar.gz[/code]

If we have a config and precreated template we can start create a VPS Machine on OpenVZ VPS Master Server
We will use vzctl command to create,start,stop,destroy,etc.. the VPS Machine

Example command to create a VPS Machine:
[code]$vzctl create NODE --config yourconfigfile --ostemplate yourostemplate --ipadd yourvpsipadd[/code]

Here is the real examples command
[code]$vzctl create 1 --config vps.basic --ostemplate centos-4-i386-default --ipadd 10.10.1.2[/code]

Example config is : ve-vps.basic.conf-sample we can just use vps.basic in --config line command
NODE here is just numbering your VPS. we can name it 1, 100, 1000 ,etc

Next, We need to set a nameserver & Hostname for brandnew VPS Machine
[code]$vzctl set 1 --nameserver 10.10.1.50 --hostname server.testing.com --save[/code]

Note: Example Nameserver ip address is 10.10.1.50

After that, we can start the VPS Machine with this command
[code]$vzctl start 1[/code]

We also can directly enter into VPS Machine from VPS Master Server
[code]$vzctl enter 1[/code]

This command will automatically let us enter NODE 1 which is our brandnew vps
Then we can just use passwd to change the root password

If we want to exit from container/vps machine 1, it's simple type exit
[code]$exit[/code]

it will automatically logout and stay in OpenVZ Master VPS Machine again

To take a look a running VPS Machine type
[code]$vzlist

VEID NPROC STATUS IP_ADDR HOSTNAME
1 46 running 10.10.1.2 server.testing.com[/code]

Next Step is trying to connect the ip from outside network using putty.
If you are able to connect into 10.10.1.2 port 22 it's mean you are successfully configure a container/VPS Machine

If you want to stop the VPS Machine type
[code]$vzctl stop 1[/code]

It will automatically stop container/vps machine 1 (server.testing.com)

If you want to delete/destroy your VPS Machine, type
[code]$vzctl destroy 1[/code]

Note : you need to stop vps machine 1 first, before destroy the vps machine

WordPress or phpBB not Sending Email? Try this fix.

2009-09-03T22:29:00.000-07:00

Okay, for anybody who just upgraded Wordpress, only to realize you’re not getting notification emails anymore, or the PHP mail() function isn’t working, or SMTP isn’t working, here is your solution. Yes, this is guaranteed to work, even if you’re using Gmail.

Method 1

If you are using c-panel and if you have signed up with google mail application then login to your C-panel and find the option MX Entry.

Make sure that your setting is same as shown in image below

Click image to Zoome it

Method 2

1. Go to your hosting cpanel and create this email account: wordpress@yourdomain.com. Replace “yourdomain.com” with whatever your domain name is. Make sure that if you have a .net, that you use .net instead of .com in that email. Set up your username and password and remember it.

2. Download WP-Mail-SMTP or Cimy Swift SMTP. Just pick one of these and install and activate the plugin.

3a. Configure your SMTP plugin under Settings or Tools in your sidebar. This is the most important step! Do not fill in this info with what Gmail tells you to put in. Do the following instead:
3b. Sender e-mail must be: the new email account you created in your hosting cpanel. Put in the full wordpress@yourdomain.com in there.
3c. If there is a checkbox to use SMTP, check it.
3d. SMTP server address will be: mail.yourdomain.com. Replace “yourdomain.com” with your domain name again.
3e. Port will be 25 or 26. Try those before trying 456 for gmail. Contact your hosting provider if neither works. The chances of neither of these working are small.
3f. Username would be: wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name again.
3g. Password is the password for that account.
3h. Set SSL or TLS to no or no encryption. Try these before using TLS for gmail. Contact your hosting provider in case they require encryption, if this doesn’t work.

4. Wordpress@yourdomain.com will now send the email to your personal account. Make sure that the email on your profile is correct, whether it’s yahoo, hotmail, gmail or any other account. If you are using a contact form, make sure that the email is set to your personal account, as well. The emails should now go to your spam or inbox.

If it still doesn’t work, you can have your wordpress@yourdomain.com send the email to itself and have your personal account pop forward it. Read the following if you are still having problems. Gmail is used as an example because most people have problems getting it to agree with their wordpress/hosting.

5a. Make sure that the email on your profile is changed to the wordpress@yourdomain.com email. If you are using a contact form, make sure that the emails are sent to the wordpress@yourdomain.com email. *This is important because wordpress and Gmail conflict and this is the only workaround I’ve come up with.
5b. Now, wordpress is set up to use SMTP to send emails out with your wordpress@yourdomain.com email. Step 5a makes sure that all the emails are sent to that same account. So basically, wordpress@yourdomain.com will send emails to itself.
5c. Now login to Gmail and go to Settings.
5d. Under Settings, go to Accounts.
5e. Under “Get mail from other accounts,” go to “Add a mail account you own”.
5f. Username is wordpress@yourdomain.com. Replace “yourdomain.com” with your domain name.
5g. Password is wordpress@yourdomain.com’s password.
5h. POP Server should be mail.yourdomain.com. Replace “yourdomain.com” with your domain name.
5i. Port should be 110.
5j. Click Save Changes.

6. Now, Wordpress will send the emails to the hosting server email account. And Gmail will fetch them. You could also create a Yahoo or Hotmail account and skip step 5 entirely, and then have Yahoo or Hotmail forward those emails to Gmail.

If you are still having problems, or need assistance, leave a comment. And good luck.

Create user in mysql

2009-08-03T23:46:00.000-07:00

The mysql user information is kept inside USER table under mysql database. So creation of new user will affect the USER table of mysql database. In order to know a list of mysql users according with user table's description issue,

Here test is the root account password.
mysql -u root -ptest
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.1.30-community MySQL Community Server (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use mysql;
Database changed


mysql> desc user;
+-----------------------+-----------------------------------+------+-----+---------+-------+
| Field                 | Type                              | Null | Key | Default | Extra |
+-----------------------+-----------------------------------+------+-----+---------+-------+
| Host                  | char(60)                          | NO   | PRI |         |       |
| User                  | char(16)                          | NO   | PRI |         |       |
| Password              | char(41)                          | NO   |     |         |       |
| Select_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Insert_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Update_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Delete_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Create_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Drop_priv             | enum('N','Y')                     | NO   |     | N       |       |
| Reload_priv           | enum('N','Y')                     | NO   |     | N       |       |
| Shutdown_priv         | enum('N','Y')                     | NO   |     | N       |       |
| Process_priv          | enum('N','Y')                     | NO   |     | N       |       |
| File_priv             | enum('N','Y')                     | NO   |     | N       |       |
| Grant_priv            | enum('N','Y')                     | NO   |     | N       |       |
| References_priv       | enum('N','Y')                     | NO   |     | N       |       |
| Index_priv            | enum('N','Y')                     | NO   |     | N       |       |
| Alter_priv            | enum('N','Y')                     | NO   |     | N       |       |
| Show_db_priv          | enum('N','Y')                     | NO   |     | N       |       |
| Super_priv            | enum('N','Y')                     | NO   |     | N       |       |
| Create_tmp_table_priv | enum('N','Y')                     | NO   |     | N       |       |
| Lock_tables_priv      | enum('N','Y')                     | NO   |     | N       |       |
| Execute_priv          | enum('N','Y')                     | NO   |     | N       |       |
| Repl_slave_priv       | enum('N','Y')                     | NO   |     | N       |       |
| Repl_client_priv      | enum('N','Y')                     | NO   |     | N       |       |
| Create_view_priv      | enum('N','Y')                     | NO   |     | N       |       |
| Show_view_priv        | enum('N','Y')                     | NO   |     | N       |       |
| Create_routine_priv   | enum('N','Y')                     | NO   |     | N       |       |
| Alter_routine_priv    | enum('N','Y')                     | NO   |     | N       |       |
| Create_user_priv      | enum('N','Y')                     | NO   |     | N       |       |
| Event_priv            | enum('N','Y')                     | NO   |     | N       |       |
| Trigger_priv          | enum('N','Y')                     | NO   |     | N       |       |
| ssl_type              | enum('','ANY','X509','SPECIFIED') | NO   |     |         |       |
| ssl_cipher            | blob                              | NO   |     | NULL    |       |
| x509_issuer           | blob                              | NO   |     | NULL    |       |
| x509_subject          | blob                              | NO   |     | NULL    |       |
| max_questions         | int(11) unsigned                  | NO   |     | 0       |       |
| max_updates           | int(11) unsigned                  | NO   |     | 0       |       |
| max_connections       | int(11) unsigned                  | NO   |     | 0       |       |
| max_user_connections  | int(11) unsigned                  | NO   |     | 0       |       |
+-----------------------+-----------------------------------+------+-----+---------+-------+
39 rows in set (0.14 sec)


mysql> select host, user from user;
+-----------+---------+
| host      | user    |
+-----------+---------+
| %         | magento |
| 127.0.0.1 | root    |
| localhost |         |
| localhost | magento |
| localhost | pma     |
| localhost | root    |
+-----------+---------+
6 rows in set (0.00 sec)

By query the Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv etc you can check whether user has certain types of privilege or not.

There are several ways to create user in mysql which is described below.

Way 01: With the CREATE USER statement
1)Connect to mysql database as a user who must have the global CREATE USER privilege or the INSERT privilege for the mysql database. You can use root because by default root has privilege to create user.

2)In fact CREATE USER statement creates a new record in the mysql.user table that has no privileges assigned by default.

mysql> create user arju;
Query OK, 0 rows affected (0.13 sec)


mysql> select  user,password, host, select_priv, insert_priv from mysql.user where user='arju';
+------+----------+------+-------------+-------------+
| user | password | host | select_priv | insert_priv |
+------+----------+------+-------------+-------------+
| arju |          | %    | N           | N           |
+------+----------+------+-------------+-------------+
1 row in set (0.00 sec)

Notice that if you specify only the user name part of the account name while creating user, a host name part of '%' is used.

User arju is not assigned any password in this way as you see password is null. To assign password to user arju issue,

mysql> set password for 'arju'=password('test');
Query OK, 0 rows affected (0.03 sec)


mysql> select  user,password, host, select_priv, insert_priv from mysql.user where user='arju';
+------+-------------------------------------------+------+-------------+-------------+
| user | password                                  | host | select_priv | insert_priv |
+------+-------------------------------------------+------+-------------+-------------+
| arju | *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 | %    | N           | N           |
+------+-------------------------------------------+------+-------------+-------------+
1 row in set (0.00 sec)

In one command you can set password while creating user. The following command will crate a user arju2 and password is test in the host localhost. Both password, username and hostname should be within single quote.

mysql> create user 'arju2'@'localhost' identified by 'test';
Query OK, 0 rows affected (0.00 sec)


mysql> select  user,password, host, select_priv, insert_priv from mysql.user where user='arju2';
+-------+-------------------------------------------+-----------+-------------+-------------+
| user  | password                                  | host      | select_priv | insert_priv |
+-------+-------------------------------------------+-----------+-------------+-------------+
| arju2 | *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 | localhost | N           | N           |
+-------+-------------------------------------------+-----------+-------------+-------------+
1 row in set (0.00 sec)

If you don't put username, host name and password within single quote syntax error will be resulted.

mysql> create user 'arju2'@'localhost' identified by test;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test' at line 1

An equivalent statement of setting password is issuing update statement.

mysql> UPDATE mysql.user SET Password=PASSWORD('test')
-> WHERE User='arju' AND Host='%';
Query OK, 0 rows affected (0.05 sec)
Rows matched: 1 Changed: 0 Warnings: 0

Changing via update and insert of the user table, it is necessary to use FLUSH PRIVILEGES to tell the server to reload the grant tables. Otherwise, the changes go unnoticed until you restart the server.

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.08 sec)


mysql> select  user,password, host, select_priv, insert_priv from mysql.user where user='arju';
+------+-------------------------------------------+------+-------------+-------------+
| user | password                                  | host | select_priv | insert_priv |
+------+-------------------------------------------+------+-------------+-------------+
| arju | *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 | %    | N           | N           |
+------+-------------------------------------------+------+-------------+-------------+
1 row in set (0.00 sec)

Now, have a look that connecting to mysql database as user arju will fail but arju2 will be successful.
D:\xampp\mysql\bin>mysql -u arju -ptest
ERROR 1045 (28000): Access denied for user 'arju'@'localhost' (using password: YES)

D:\xampp\mysql\bin>mysql -u arju2 -ptest
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 18
Server version: 5.1.30-community MySQL Community Server (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.


mysql> select user();
+-----------------+
| user()          |
+-----------------+
| arju2@localhost |
+-----------------+
1 row in set (0.00 sec)

Note that the 'arju'@'localhost' account can be used only when connecting from the local host. The 'arju'@'%' account uses the '%' wildcard for the host part, so it can be used to connect from any host.

You can check the privilege assigned for a user by issuing,


mysql> show grants for arju;
+-----------------------------------------------------------------------------------------------------+
| Grants for arju@%                                                                                   |
+-----------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'arju'@'%' IDENTIFIED BY PASSWORD '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29' |
+-----------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

mysql> show grants for arju2;
ERROR 1141 (42000): There is no such grant defined for user 'arju2' on host '%'
mysql> show grants for arju2@localhost;
+--------------------------------------------------------------------------------------------------------------+
| Grants for arju2@localhost                                                                                   |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'arju2'@'localhost' IDENTIFIED BY PASSWORD '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29' |
+--------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

By default it is search for host '%'.

Way 02: With the grant option
To create a user named momin with password test2 and all privileges for a particular database called ecommerce issue,
mysql> grant ALL PRIVILEGES on ecommerce.* to 'momin'@'localhost' identified by 'test2';
Query OK, 0 rows affected (0.00 sec)

mysql> use mysql;
Database changed


mysql> select host, user from user where user='momin';
+-----------+-------+
| host      | user  |
+-----------+-------+
| localhost | momin |
+-----------+-------+
1 row in set (0.00 sec)

D:\xampp\mysql\bin>mysql -u momin -ptest2
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 32
Server version: 5.1.30-community MySQL Community Server (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.


mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| ecommerce          |
| test               |
+--------------------+
3 rows in set (0.00 sec)

Here ecommerce database is shown as we have given permission.

Way 03: Using INSERT statement into Table mysql.user
You can also create user in mysql by simply INSERT a new row into mysql.user table. Note that creating user through INSERT statement needs to use FLUSH PRIVILEGES to tell the server to reload the grant tables. If we don't do that the changes go unnoticed until you restart the server. This restriction is not applicable in CREATE USER statement.
Insert statement can be issued in two ways. One way to create user robert,

mysql> use mysql;
Database changed

mysql> INSERT INTO user SET Host='localhost',User='robert', Password=password('test');
Query OK, 1 row affected, 3 warnings (0.00 sec)

Alternative way of creating user richard is,

mysql> INSERT INTO user (Host,User,Password)
-> VALUES('localhost','richard',password('test'));
Query OK, 1 row affected, 3 warnings (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Check by,


mysql> select user, host, password from user where user in('robert','richard');
+---------+-----------+-------------------------------------------+
| user    | host      | password                                  |
+---------+-----------+-------------------------------------------+
| robert  | localhost | *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 |
| richard | localhost | *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 |
+---------+-----------+-------------------------------------------+
2 rows in set (0.01 sec)

See that while setting password we used the PASSWORD() function with INSERT in order to encrypt the password. But with the CREATE USER statement it was unnecessary as create user statement automatically encrypts the password.

How to Fix Cpanel/WHM quota

2009-08-03T02:05:00.001-07:00

To Fix Common reasons for quota problems

Run the following command as root user.

/scripts/fixquotas

Try finding other files owned by the user.

find -user username > /tmp/username.txt

This will list all files owned by this user that could be affecting the quota reported by Cpanel.

Cpanel/WHM sometimes has problems with the user quota files causing all users accounts to have unlimited disk space available or 0 megs of disk space in use.

*To enable user quota support on a file system, add "usrquota" to the fourth field containing the word "defaults".

If you need both user quota and group quota support on a file system?, then edit /etc/fstab

...
/dev/hda2 /home ext3 defaults,usrquota,grpquota 1 1

touch /partition/aquota.user

chmod 600 /partition/aquota.user

Re-boot or re-mount file partition with quotas.

From the Linux Man Pages:

quotacheck - scan a filesystem for disk usage, create, check and repair quota files.

quotacheck -vgum /partition
or
quotacheck -vguma

-v, --verbose
quotacheck reports its operation as it progresses. Normally it operates silently. If the option is specified twice, also the current directory is printed (note that printing can slow down the scan measurably).

-u, --user
Only user quotas listed in /etc/mtab or on the filesystems specified are to be checked. This is the default action.

-g, --group
Only group quotas listed in /etc/mtab or on the filesystems specified are to be checked.

-m, --no-remount
Don't try to remount filesystem read-only. See comment with option -M.

-a, --all
Check all mounted non-NFS filesystems in /etc/mtab

NOTE
quotacheck should only be run by super-user. Non-privileged users are presumably not allowed to read all the directories on the given filesystem.

FILES

aquota.user or aquota.group : located at filesystem root with quotas (version 2 quota, non-XFS filesystems)

quota.user or quota.group :located at filesystem root with quotas (version 1 quota, non-XFS filesystems)
/etc/mtab names and locations of mounted filesystems

Example Steps for /home partition:

1. First check whether quota is enabled for /home partition.

# vi /etc/fstab

LABEL=/home /home ext3 defaults,usrquota 1 2

2. Remount the /home partition

# mount -o remount /home

3. Create a file called aquota.user for which we need to run quotacheck.

# quotacheck -c /home

4. Enable quota

# quotaon /home

This will enable quota on /home. Now you can edit the quota of a user using.

# edquota

5) Run /scripts/fixquotas this will solve the quota issue of cpanel accounts.

# /scripts/fixquotas

6) After this `repquota -a` should print out the soft/hard limits with grace periods for all users. If quotas are still not reporting anything in WHM and/or CPanel, check

# repquota -a

7) /var/cpanel/cpanel.config for disablequotacache=0

If that is set to 0, try setting it to 1 and see if that fixes it.

# vi /var/cpanel/cpanel.config ; /scripts/fixquotas

8) If a user’s quota shows more space being used than is in their home directory chances are there are stray files on the system owned by their UID. To find these files, run the following as root:

# find -user username > /tmp/username.txt

Hope this helps.

Mod_Rewrite - Hide index.php

2009-07-20T09:42:00.001-07:00

This article follows Mod_Rewrite and .htaccess which explains how an .htaccess file can be used to prevent search engines from indexing non-www web pages that contain exactly the same content as those with-www in front. By hiding the 'duplicate content' we avoid the risk of a 'downgrading' effect by Google and other search engines.

Exactly the same principle applies to web page addresses like:

http://www.mysite.com/index.php
http://www.mysite.com/subfolder/index.php

when we want the content to be displayed only on:

http://www.mysite.com/
http://www.mysite.com/subfolder/

This can be done by using ModRewrite to permanently redirect (eg):

http://www.mysite.com/index.php
to
http://www.mysite.com/

The file index.php continues to exist on the website but there's no need for 'index.php' to appear in the page address for its content to be displayed. The same applies to 'index.html', 'default.html' (etc) and to 'index' pages located in sub-folders, eg '/subfolder/index.php' or '/subfolder/another/index.php'. Those filenames should never normally be displayed to the visitor. The process of hiding them is sometimes referred to as the canonicalization of index pages.
The .htaccess file

For websites running on Apache web server (most websites do), a Mod_Rewrite module can be enabled to allow an .htaccess file to be installed in the root folder, containing rules on how web page requests should be rewritten 'behind the scenes' by the 'rewriting engine'. The Mod_Rewrite rules to achieve the effect we want here are:

#
Options +FollowSymLinks
RewriteEngine On
#
# REDIRECT /folder/index.php to /folder/
RewriteCond %{THE_REQUEST}
(on same line) ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$
(on same line) http://www.mysite.com/$1 [R=301,L]
#

Piece by piece…

A line beginning with hash (#) is ignored by the web server and is useful to split up the rules visually, and to add comments.

Options +FollowSymLinks
RewriteEngine On

For the rewriting engine to work, we need to enable Options FollowSymLinks and set RewriteEngine On (this is for security).

# REDIRECT /folder/index.php to /folder/
RewriteCond %{THE_REQUEST}
(on same line) ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$
(on same line) http://www.mysite.com/$1 [R=301,L]

The .htaccess file is eliminating the duplicate content problem by redirecting the visitor (and Google) from all the site's web page addresses that contain the superfluous index.php to the folder name (directory) in which they reside. Exactly the same content is presented as if the index.php file itself was being viewed, but index.php doesn't appear in the browser's address bar.
How the Mod_Rewrite works

(1) RewriteCond

Looking first at RewriteCond, we need to specify the conditions under which the RewriteRule will be processed by the server, and here, we want our rule to apply to any 'index.php' page requested on the domain. This prevents the .htaccess file from triggering an 'infinite loop' on the server, in which the RewriteRule keeps repeating itself. If the request contains 'index.php' (as in the condition we've referenced), it has not yet been rewritten. If it has been rewritten, it won't contain 'index.php' and the RewriteRule won't be applied.

%{THE_REQUEST}

In this part, {THE_REQUEST}, is a standard server variable, in this instance the page requested by the visitor, because that's what we're going to try to match in the second part. In RewriteCond, a server variable is preceded by $ to denote an Apache variable.

^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/

This second part is known as the 'condition'. The ^ caret defines the start, and is followed by a regular expression. Looking at the regular expression in detail:

[A-Z]{3,9}\ matches from 3 to 9 occurences of any uppercase letter (eg 'GET') followed by an \ escaped space.

/([^/]+/)* matches a forward slash followed by any quantity of [one or more characters not preceded by a forward slash but ending with a forward slash], eg '/subfolder1/subfolder2/'.

index\.php\ matches 'index.php' - the backslashes are required to 'escape' (i) the dot metacharacter (to make it into a real dot) and (ii) the space before 'HTTP/'.

HTTP/ matches 'HTTP/'.

Why do we need all this? Because we're testing our condition against {THE_REQUEST} - the entire client request header for an 'index' page, which is typically something like:

GET /index.php HTTP/1.1
or
GET /subfolder1/index.php HTTP/1.1

(2) RewriteRule

Looking now at the RewriteRule, it contains three essential parts.

^(([^/]+/)*)index\.php$

This first part is the 'thing' that we want to be re-written by the web server. The ^ caret symbol defines the start, (([^/]+/)*) is a designated variable (using brackets) containing a regular expression that matches a forward slash followed by any quantity of [one or more characters not preceded by a forward slash but ending with a forward slash], eg '/subfolder1/subfolder2/', index\.php matches 'index.php', and the $ symbol defines the end.

http://www.mysite.com/$1

This second part is what we want the server to process behind the scenes. It consists of the domain's root folder (homepage) plus the designated variable from the first part, expressed as $1.

In the above example, the designated variable (([^/]+/)*) is added by the server, after the page has been requested, as $1 to the end of http://www.mysite.com/. If the requested 'index' page is the site's homepage, the $1 variable will be empty and the server will simply process http://www.mysite.com/. If the requested 'index' page is in a subfolder and the designated variable's value is '/folder1/', the server will process http://www.mysite.com/folder1/.

[R=301,L]

This third part, the flag, designates any special instructions that might be needed, in this instance R=301 for redirect permanently and L for 'last rule' so that no other rules are processed for the specified rewrite condition.

The full rewrite rule is thus:

RewriteRule ^(([^/]+/)*)index\.php$
(on same line) http://www.mysite.com/$1 [R=301,L]

The RewriteRule in action

Here, again, is the full .htaccess file:

#
Options +FollowSymLinks
RewriteEngine On
#
# REDIRECT /folder/index.php to /folder/
RewriteCond %{THE_REQUEST}
(on same line) ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$
(on same line) http://www.mysite.com/$1 [R=301,L]
#

In plain English, it's saying that "if someone tries to open a folder's 'index.php' page, redirect them to a version of the folder without 'index.php', and if the visitor is Google(bot), mention the fact that this is permanent."

See this in action by typing http://www.patricktaylor.com/index.php into an HTTP viewer. The first receiving header is HTTP/1.1 301 Moved Permanently and the second receiving header is HTTP/1.1 200 OK. And of course it can be tested by attempting to view http://www.patricktaylor.com/index.php in your browser.

Mod_Rewrite and .htaccess

2009-07-20T09:39:00.001-07:00

Grabbing code snippets off the web and re-using them on one's own websites is easy enough to do. Every web designer solves a problem this way at one time or another. Having done so, why not take a little trouble to understand what the code is doing? This article looks at a simple example of a code snippet and attempts to demystify some of the so-called voodoo surrounding rewriting URLs with .htaccess.

Mod_Rewrite is an Apache web server module that is often installed on shared web hosting packages. If the module is available, a special file named .htaccess can be uploaded to the server, containing rules on how web page requests should be handled 'behind the scenes' by the 'rewriting engine'. The .htaccess file is normally placed in a website's root folder to apply its effect to all pages on the domain.
Why have an .htaccess file?

An .htaccess file is important to any webmaster who is interested in a good ranking in search engines, especially Google. It has many uses, the most basic being to prevent search engines from indexing different pages (URLs) that contain exactly the same content.
A simple .htaccess example: the canonical URL

Consider two web pages:

http://www.mysite.com/
http://mysite.com/

Technically, these two URLs are different pages, but they contain exactly the same content when viewed. If Google indexes both, there's a risk that one, or the other, or both, will be 'downgraded' by Google as 'duplicate content'. With the .htaccess file, this can be prevented by nominating only one as the 'canonical' homepage. Here's an example of what to put in the file:

#
Options +FollowSymLinks
RewriteEngine On
#
# REDIRECT to canonical url
RewriteCond %{HTTP_HOST} ^mysite\.com [NC]
RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]
#

Piece by piece…

A line beginning with hash (#) is ignored by the web server and is useful to split up the rules visually, and to add comments.

Options +FollowSymLinks
RewriteEngine On

For the rewriting engine to work, we need to enable Options FollowSymLinks and set RewriteEngine On (this is for security).

# REDIRECT to canonical url
RewriteCond %{HTTP_HOST} ^mysite\.com [NC]
RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]

The 'canonical URL' is the preferred internet address for a web page, and in the above instance is any page at http://www.mysite.com/. The .htaccess file is removing the duplicate content problem by redirecting the visitor (and Google) from the non-www version to the with-www version. This means that only canonical URLs will ever be accessible - for all the pages on the domain, not just the homepage.
How the Mod_Rewrite works

(1) RewriteCond

Looking firstly at RewriteCond, we need to specify the conditions under which the RewriteRule will be processed by the server, and here, we want our rule to apply only when a visitor (or Google) attempts to view http://mysite.com/any-page (without www).

%{HTTP_HOST}

In this first part, {HTTP_HOST}, is a standard server variable, in this instance the site's host (domain name), because that's what we're going to try to match in the second part. In RewriteCond, a server variable is preceded by $ to denote an Apache variable.

^mysite\.com

This second part is known as the 'condition'. The ^ caret symbol defines the start and mysite\.com is the pattern to be matched, in this instance http://mysite.com without www. The backslash before the dot is required to 'escape' it, because in a regular expression, the dot is a special 'metacharacter'. Escaping the dot converts it back to a normal character - a plain dot.

[NC]

This third part is known as the flag. [NC] stands for no case (case-insensitive).

The full rewrite condition is thus:

RewriteCond %{HTTP_HOST} ^mysite\.com [NC]

(2) RewriteRule

Looking now at the RewriteRule, it contains three essential parts.

^(.*)$

This first part is the 'thing' that we want to be re-written by the web server. The ^ caret symbol defines the start, (.*) is a designated variable (using brackets) containing a regular expression that matches any combination of characters, and the $ symbol defines the end.

http://www.mysite.com/$1

This second part is what we want the server to process behind the scenes. It consists of the canonical URL, plus the designated variable from the first part, expressed as $1. If we had two designated variables we could use $1 and $2.

In the above example, the (.*) (any combination of characters, eg: 'about-us.html') is added by the server, after the page has been requested, as $1 to the end of http://www.mysite.com/ to make http://www.mysite.com/about-us.html.

[R=301,L]

This third part, the flag, is an integral part of the rule writing process because it designates any special instructions that might be needed, in this instance R=301 for redirect permanently and L for 'last rule' so that no other rules are processed for the specified rewrite condition.

The full rewrite rule is thus:

RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]

The RewriteRule in action

Here, again, is the full .htaccess file:

#
Options +FollowSymLinks
RewriteEngine On
#
# REDIRECT to canonical url
RewriteCond %{HTTP_HOST} ^mysite\.com [NC]
RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]
#

In plain English, it's saying that "if someone tries to open any page on our website without entering www at the front, redirect them to a version of the page with the www, and if the visitor is Google(bot), mention the fact that this is permanent."

The redirect can be tested by typing a web page address like http://patricktaylor.com/mod_rewrite-htaccess into an HTTP viewer. The first receiving header is HTTP/1.1 301 Moved Permanently and the second receiving header is HTTP/1.1 200 OK. And of course the addition of www can be tested by pasting http://patricktaylor.com/ into your browser's address bar.

A general note: on some shared web hosting accounts, the .htaccess file can't be seen when the root folder is opened in an FTP client. This can often be corrected by enabling server side filtering in the FTP client program and setting the remote filter as -rtaF. The precise details of how to do this will vary from one program to another.

Generate CSR for Red Hat Linux Apache / SSL Server

2009-07-02T19:16:00.001-07:00

Step 1: Generating the Private Key

1. Use the cd command to move to the /etc/httpd/conf directory.

2. As root, type in one of the following three commands to generate your key:

3. If you're using Official Red Hat Linux Professional and you want to use the included password feature, type in the following command: make genkey

4. Your key will be generated and you will be asked to enter and confirm a password. Please note that you will need to remember and enter this password every time you start your secure Web server, so don't forget it.

5. If you're using Official Red Hat Linux Professional and you don't want to be required to type in a password every time you start your secure Web server, use the following command instead of make genkey to create your key (note that the following command should be typed in all on one line):

/usr/sbin/sslgenrsa -rand /dev/urandom -out ssl.key/server.key 1024

6. Then use the following command to set the correct permissions on your key:

chmod go-rwx ssl.key/server.key

7. If you use the above commands to create your key, you will not need to use a password to start your secure Web server. However, we don't recommend that you disable the password feature for your secure Web server, since it decreases the level of security for your server.

8. Your key will be created and saved to a file named server.key. If you're using Official Red Hat Linux Professional, server.key will be located in the /etc/httpd/conf/ssl.key directory. If you're using Official Red Hat Linux Professional, International Edition, server.key will be located in /etc/httpd/conf.

Step 2: Create the Certificate Signing Request

1. In the /etc/httpd/conf directory, become root and type in one of the following two commands:

2. If you're using Official Red Hat Linux Professional, type in the following command:
make certreq

3. If you're using Official Red Hat Linux Professional, International Edition, type in the following single command (all on one line):
/usr/bin/openssl req -new -key /etc/httpd/conf/server.key -out /etc/httpd/conf/server.csr

4. You will be prompted for your password (if you used a password when you generated your key). Type in the password, if necessary.

5. You'll see some instructions and you will be prompted for responses. Your inputs will be incorporated into the CSR.

6. When you've finished entering your information, a file named server.csr will be created. If you're using Official Red Hat Linux Professional, server.csr will be located in the /etc/httpd/conf/ssl.csr directory.

7. You have just created a key pair and a CSR.

8. The server.csr file contains your certificate request. To copy and paste the information into the orderform, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).

9. Go to our website ssl.nu for the SSL Certicate request

Terms defined:
Country Name (C):
Use the two-letter code without punctuation for country, for example: US or CA.

State or Province (S):
Spell out the state completely; do not abbreviate the state or province name, for example: California

Locality or City (L):
The Locality field is the city or town name, for example: Berkeley.

Organization (O):
If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll. Example: XYZ Corporation

Organizational Unit (OU):
This field is optional; but can be used to help identify certificates registered to an organization. The Organizational Unit (OU) field is the name of the department or organization unit making the request.

Common Name (CN):
The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.com".
Note: When prompted for your "first- and lastname", enter the desired Common Name.

SSL Certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com" or "secure.domain.com", because "www.domain.com" and "secure.domain.com" are different from "domain.com".

Networking4all certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com" or "secure.domain.com", because "www.domain.com" and "secure.domain.com" are different from "domain.com".

Please do not enter your email address, challenge password or an optional company name when generating the CSR.

Create a Certificate Signing Request using the RSA private key

2009-07-02T19:13:00.000-07:00

Create a Certificate Signing Request using the RSA private key

openssl req -new -key domain.com.key -out domain.com.csr

Use following script for generating CSR

#/scripts/gencrt

This script will ask you all the information like email address , domain name, Ip Address country code , Locality , Company , company Divison etc.

enter the proper information as per the request and the certificate will get generated under directory /usr/share/ssl/Certs/ as www.tuks123.com.csr

Generate csr and install SSL through shell

2009-07-02T19:10:00.000-07:00

You can generate a csr through the shell using the following command:
root@server1[/]# /scripts/gencsr
This will ask you all the information like email address, domain name, country code, City, Company etc; fill the values and it generates a csr certificate and a private key.Use the following steps to install an ssl certificate:

Please check the domain name for which the ssl certificate is issued means www.domainname.com or domainname.com. Suppose you have to install an ssl certificate for domainname.com. You already generate csr for the domainname.com. Check following steps.

1)
Go to directory /usr/share/ssl/certs

root@server1[/]# cd /usr/share/ssl/certs

Please check domainname.com.csr file is present already.

root@server1[/usr/share/ssl/certs]# ls –l | grep domainname.com.csr

Create the .crt file and paste the ssl certificate into a .crt file as per below

root@server1 [/usr/share/ssl/certs]# vi domainname.com.crt

paste ssl certificate
save the file.

If cabundle is provided by the client then add it in the domainname.com.cabundle file under the directory /usr/share/ssl/certs

root@server1 [/usr/share/ssl/certs]# vi domainname.com.cabundle

paste the cabundle key and save the file.

2)

Go to directory /usr/share/ssl/private and check to see if the file domainname.com.key is already present.

root@server1[/]# cd /usr/share/ssl/private
root@server1[/usr/share/ssl/private]# ls –l | grep domainname.com.key

3)
Go to the file /etc/httpd/conf/httpd.conf and copy the virtual host entry for the domainname.com in notepad and add the following line above the end of the tag

SSLEnable
SSLCertificateFile /usr/share/ssl/certs/domainname.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/domainname.com.key
SSLCACertificateFile /usr/share/ssl/certs/domainname.com.cabundle
SSLLogFile /usr/local/apache/domlogs/shop.discdudes.com-ssl_data_log
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown

Add the following line above the virtual host entry.

add the following line at the end of the virtualhost tag.

Now your sslVH entry should look like as per below. Please check the sample sslVH entry.

ServerAlias domainname.com
ServerAdmin webmaster@domainname.com
DocumentRoot /home/username/public_html
BytesLog domlogs/domainname.com-bytes_log
ServerName domainname.com

User username
Group username

CustomLog /usr/local/apache/domlogs/domainname.com combined
ScriptAlias /cgi-bin/ /home/username/public_html/cgi-bin/

SSLEnable
SSLCertificateFile /usr/share/ssl/certs/domainname.com.crt
SSLCertificateKeyFile /usr/share/ssl/private/domainname.com.key
SSLCACertificateFile /usr/share/ssl/certs/domainname.com.cabundle
SSLLogFile /usr/local/apache/domlogs/shop.discdudes.com-ssl_data_log
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown

4)
If cabundle is not given by the client then remove the following line from the sslVH entry

SSLCACertificateFile /usr/share/ssl/certs/domainname.com.cabundle

5)
Add the sslVH entry in httpd.conf file and restart the httpd service.

Now you are able to access site https://domainname.com

Please check the file paths are correctly specified for .crt, .key and .cabundle file. If the file paths are incorrect in the sslVH entry then the httpd service won’t started.

Processes listening on a particular port

2009-07-01T22:06:00.003-07:00

Inorder to find out the process listening on a particula port you can use the following command

lsof -i TCP:portnumber

eg: lsof -i TCP:80

httpd 31969 linux 3u IPv6 8152068 TCP *:http (LISTEN)
httpd 31971 linux 3u IPv6 8152068 TCP *:http (LISTEN)
httpd 31972 linux 3u IPv6 8152068 TCP *:http (LISTEN)

Fixing corrupted RPM db

2009-07-01T22:06:00.001-07:00

Remove /var/lib/rpm/__db* files to avoid stale locks:

cd /var/lib/rpm
rm -rf __db*

Rebuild RPM database

# rpm --rebuilddb
# rpmdb_verify Packages

If you are still getting errors, then try your luck with following commands:

# mv Packages Packages-BAKUP
# db_dump Packages-BAKUP | db_load Packages
# rpm -qa
# rpm --rebuilddb

password protecting directories using .htaccess

2009-07-01T22:05:00.001-07:00

If you want to protect /home/username/publlic_html do as follows

cd /home/username/publlic_html
touch .htaccess [if it is already there you can use it no need to create]

Add the following line to the .htaccess file

AuthUserFile /home/username/public_html/.htpasswd
AuthName "Title for Protected Site"
AuthType Basic
Require valid-user

The next stage is creating the .htpasswd file create it in the same directory as .htaccess

cd /home/username/public_html [same place where your .htaccess is]

touch .htpasswd
htpasswd -c .htpasswd test
New password:
Re-type new password:
Adding password for user test

Thats it dont forget to change ownership and permission

How to enable and disable ping request

2009-07-01T22:04:00.002-07:00

To disable ping

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

To enable ping
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

WHAT IS RSYNC

2009-07-01T22:04:00.001-07:00

RSYNC

rsync utility is used for synchronising files one of the major adavantage of rsync is that rsync can preserve permissions and ownership information, copy symbolic links, and generally is designed to intelligently handle your files

The basic syntax for rsync is simple enough -- just run
rsync [options] source destination

If you want to rsync the contents from /home/mabin/ to /var/www/html/ the command

rsync -a /home/mabin /var/www/html

Whe doing rsync there is a big meaning in the ending '/' because if I rsync /home/mabin/ then only the contents inside the folder mabin will be copied.....but if didn't used the '/' ie /home/mabin then the entire directory will be taken ..that is a directory named mabin will be created at the destination

some switches with rsync
-----------------------------
-a --> archive option, which actually combines several rsync options. It combines the recursive and copy symlinks options, preserves group and owner, and generally makes rsync suitable for making archive copies. Note that it doesn't preserve hardlinks

-H --> Copies hard link

-v --> verbose mode

-z --> Compress option, will compress the data during transfer

--delete --> For deleting the already transferred data from source (a dangerous option, try to avoid it)

--exclude=".*/" --> To avoid copying hidden files. With this option you can avoid copying any particular file( If you dont want to copy .php files then pot it like this --exclude="*.php/"

sample command for local copying
----------------------------------------

rsync -avh /home/mabin/ /var/www/html

Rsync for remote copying
------------------------------------------------------------

rsync -avhe ssh /home/user/dir/ user@remote.host.com:dir/

If you want to know how fast the transfer is going use the --progress option

rsync --progress -avhe ssh /home/user/dir/ user@remote.host.com:dir/

How do I export and import a mysql db using PHPMyAdmin?

2009-07-01T22:03:00.003-07:00

Step 1: Open phpMyAdmin and select the database from where you want to export data and/or structure. Go to the tab with "Export". Select the table(s) you want to save.

Select the option you need: Data only or data and structure or structure only:

--> if you only want to update a table on another server, which has a table with the same structure, then you choose data only

--> if you want to create a new table on another server (for instance, if you have a development environment and you now want to put your application in production) then choose structure only

--> if you are moving a complete table, choose data and structure Select "save as file" Hit "go" You can now enter a filename and specify where the file needs to be saved. It's recommended to choose a meaningful filename that includes the date. Like "shop_05_07_03.sql" This creates the dumpfile. If you open it in notepad or any other texteditor, it looks something like: Quote:

# phpMyAdmin MySQL-Dump # version 2.4.0 # http://www.phpmyadmin.net/ (download page) # # Host: thehostname would be here # Generation Time: Apr 04, 2004 at 02:39 PM # Server version: 4.0.13 # PHP Version: 4.2.3 # Database : `db-name would be here` # -------------------------------------------------------- # # Table structure for table `test` # CREATE TABLE test ( siteID int(6) NOT NULL auto_increment, uname tinytext NOT NULL, upwd tinytext NOT NULL, nick tinytext NOT NULL, sitename text NOT NULL, regdate date NOT NULL default '9999-01-01', numtrial int(7) unsigned NOT NULL default '0', PRIMARY KEY (siteID) ) TYPE=MyISAM COMMENT='Table with userinfo'; # # Dumping data for table `useradmin` # INSERT INTO test VALUES (1, 'mytest', 'testt', 'myteste', 'www.mysite.com/site/test.html', '0000-00-00', 0);

This is the dumpfile for table 'test' that contains one record. As you can see, it's just a series of sql statements to recreate the table and insert all records.

Step 2: If necessary, can can upload this file to a server or move it to another PC (on a disk or whatever)

Step 3: Open phpMyAdmin. Select the database you want to import the table(s) in. Go to the SQL tab. Look at the bottom for "Or location of the textfile" and browse to the dumpfile. Doubleclick on it so that the fileadress appears in the textbox. Then hit "go" All sql-statement will be executed and you will get a notification after the file is processed.

Quota error on vps while starting a particular node

2009-07-01T22:03:00.001-07:00

vzquota drop VE ID
Vzctl start VE ID

Apache not starting:(No space left on device: mod_rewrite)

2009-07-01T21:58:00.000-07:00

The error specifies that there is no more space left in Semaphore Arrays for Apache.
Please run this through shell

for ipsemId in $(ipcs -s | grep apache | cut -f 2 -d ' '); do ipcrm $ipsemId; done

VPS related issues

2009-07-01T21:57:00.001-07:00

Please visit this link for vps related issues:

http://forum.openvz.org/index.php?t=thread&frm_id=2&

Adding ssh key-passwordless login

2009-07-01T21:56:00.001-07:00

On the source server do the following

ssh-keygen -t dsa -f filename

It will prompt for a passphrace, it is desirable to leave it empty.
Two files will be created

filename
filename.pub

copy the filename.pub file to the destination server to the location /root/.ssh add the public key entry into authorized_keys as follows

cat filename.pub >> authorized_keys

/etc/init.d/sshd restart

Disk quota error in VPS

2009-07-01T21:55:00.001-07:00

This error occurs due to 2 reasons: DISKINODES or DISKSPACE configuration in VPS
solution: This worked for me as the DISKINODES did nto have much space assigned.
Try changing it to : DISKINODES="1000000:1200000" and restart vps

Ip tables

2009-07-01T21:50:00.000-07:00

Iptables is a packet filtering tool which allows system administrator to define incoming and outgoing packets to a system using certain rules. Iptables can be confusing it's pretty straightforward once you get the hang of it.

Iptables is in short a Linux based packet filtering firewall. Iptables interfaces to the Linux netfilter module to perform filtering of network packets. This can be to deny/allow traffic filter or perform Network Address Translation (NAT). With careful configuration iptables can be a very cost effective, powerful and flexible firewall or gateway solution. Iptables is available from http://www.netfilter.org/ or via your Linux distribution.

Rules, Chains, and Tables

Iptables rules are grouped into chains. A chain is a set of rules used to determine what to do with a packet. These chains are grouped into tables. Iptables has three built in tables filter, NAT, mangle. More tables can be added through iptables extensions.

Filter Table

The filter table is used to allow and block traffic, and contains three chains INPUT, OUTPUT, FORWARD. The input chain is used to filter packets destined for the local system. The output chain is used to filter packets created by the local system. The forward chain is used for packets passing through the system, mainly used for gateways/routers.

There are three real "chains" which iptables uses:

* INPUT
Which is used to grant or deny incoming connections to your machine.
* OUTPUT
Which is used to grant or deny outgoing connections from your machine.
* FORWARD
Which is used for forwarding packages across interfaces, only really needed (in general) when you're setting up a gateway machine.

NAT Table

The NAT table is used to setup the rules to rewrite packets allowing NAT to happen. This table also has 3 chains, PREROUTING, POSTROUTING, and OUTPUT. The prerouting chain is where packets come to prior to being parsed by the local routing table. The postrouting chain is where packets are sent after going through the local routing table. The output chain

The general form of an IP tables command is:

iptables -A CHAIN -p tcp/udp [options] -j ACTION

The CHAIN we've briefly covered before, "INPUT", "OUTPUT", "FORWARD", etc. Here "-A INPUT" means "append this rule to the input chain".

The "-p tcp" means this rule applies only to TCP connections, not UDP. (To specify UDP connections you'd use "-p udp" instead.)

"[options]" is where you specify what you wish to match against.

Finally "-j ACTION" is used to specify what to do to packets which match your rule. Usually an action will be one of "-j DROP" to drop the package, "-j ACCEPT", to accept the packet or "-j LOG" to log it.

Commands

The first step is to know iptables commands.

Main commands

* -A --append : Add the rule a the end of the specified chain

Code:
iptables -A INPUT ...

* -D --delete : Allow to delete a chain.
There's 2 way to use it, you can specify the number of the chain to delete or specify the rule to delete

Code:
iptables -D INPUT 1
iptables -D INPUT --dport 80 -j DROP

* -R --replace : Allow to replace the specified chain

Code:
iptables -R INPUT 1 -s 192.168.0.1 -j DROP

* -I --insert : Allow to add a chain in a specific area of the global chain

Code:
iptables -I INPUT 1 --dport 80 -j ACCEPT

* -L --list : Display the rules

Code:
iptables -L # Display all the rules of the FILTER chains
iptables -L INPUT # Display all the INPUT rules (FILTER)

* -F --flush : Delete all the rules of a chain

Code:
iptables -F INPUT # Delete all the rules of the INPUT chain
iptables -F # Delete all the rules

* -N --new-chain : Allow to create a new chain

Code:
iptables -N LOG_DROP

* -X --delete-chain : Allow to delete a chain

Code:
iptables -X LOG_DROP # Delete the LOG_DROP chain
iptables -X # Delete the chains

* -P --policy : Allow to specify to the kernel the default policy of a chain ACCEPT, REJECT, DROP ...
Code:
iptables -P INPUT DROP

Basic Uses

The most common use of iptables is to simply block and allow traffic.

Allow Traffic

Iptables allows you to allow traffic based on a number of different conditions such as Ethernet adapter, IP Address, port, and protocol.

Allow incoming TCP traffic on port 22 (ssh) for adapter eth0
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT

Allow incoming TCP traffic on port 80 (HTTP) for the IP range 192.168.0.1 Ã¢â‚¬â€œ 192.168.0.254.
iptables -A INPUT -s 192.168.0.0/24 -p tcp -m tcp --dport 80 -j ACCEPT

Block Traffic

Iptables can block traffic on the same conditions that traffic can be allowed.

Blocks inbound TCP traffic port 22 (ssh)
iptables -A INPUT -p tcp -m tcp --dport 22 -j DRROP

Blocks inbound TCP traffic on port 80 (HTTP) from the IP 192.168.1.100
iptables -A INPUT -s 192.168.1.100 -p tcp -m tcp --dport 80 -j DRROP

Limit Traffic

Along with allowing and denying traffic IP tables can be used to limit the number of connections allowed over time thresholds.

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m sshbrute --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m sshbrute --update --seconds 60 --hitcount 4 -j DRROP

[:p:] this is a common set of rules used to block brute force ssh attacks. The first rule makes sure the IP connecting is added to the sshbrute list. The second rule tells iptables to check the sshbrute list and if the packet threshold is exceeded to drrop the traffic.

Common Options and Switches
-A -- adds a rule at the end of the chain
-I -- inserts the rule at the given rule number. If no rule number is given the rule is inserted at the head of the chain.
-p -- protocol of the rule
--dport the destination port to check on the rule
-i -- interface on which the packet was received.
-j -- what to do if the rule matches
-s -- source IP address of packet
-d -- destination IP address of packet

Examples :

Drop all inbound telnet traffic
iptables -I INPUT -p tcp --dport 23 -j DRrOP

Drop all outbound web traffic
iptables -I OUTPUT -p tcp --dport 80 -j DRROP

Drop all outbound traffic to 192.168.0.1
iptables -I OUTPUT -p tcp --dest 192.168.0.1 -j DRROP

Allow all inbound web traffic
iptables -I INPUT -p tcp --dport 80 -j ACCEPT

Allow inbound HTTPS traffic from 10.2.2.4
iptables -I INPUT -s 10.2.2.4 -p tcp -m tcp --dport 443 -j DRROP

Deny outbound traffic to 192.2.4.0-192.2.4.255
iptables -I OUTPUT -d 192.2.4.6.0/24 -j DRROP

Allow incoming connections to port 21 from one IP address 11.22.33.44
iptables -A INPUT -p tcp -m state --state NEW --dport 21 --source 11.22.33.44

Deny all other incoming connections to port 21.
iptables -A INPUT -p tcp -m state --state NEW --dport 21 -j DROP

We used the "-m state --state NEW --dport 21" to match against new connections to port 21. Other options allow you to match against different things.

Squirrel mail login prompting repeatedly

2009-07-01T21:49:00.001-07:00

Sometimes these issue is found in cpanel servers.
If you are facing any such issues. Please restart the following services

/scripts/restartsrv_exim
/scripts/restartsrv_cppop
/scripts/restartsrv_imap

Log File Paths

2009-07-01T21:48:00.000-07:00

The first place you should go when trying to debug a problem is the log file for that program.

The list of Log Files are as follows:

DirectAdmin:
/var/log/directadmin/error.log
/var/log/directadmin/errortaskq.log
/var/log/directadmin/system.log
/var/log/directadmin/security.log

Apache:
/var/log/httpd/error_log
/var/log/httpd/access_log
/var/log/httpd/suexec_log
/var/log/httpd/fpexec_log
/var/log/httpd/domains/domain.com.error.log
/var/log/httpd/domains/domain.com.log
/var/log/messages (generic errors)

Proftpd:
/var/log/proftpd/access.log
/var/log/proftpd/auth.log
/var/log/messages (generic errors)

vm-pop3d:
/var/log/maillog
/var/log/messages

named (bind):
/var/log/messages

exim:
/var/log/exim/mainlog
/var/log/exim/paniclog
/var/log/exim/processlog
/var/log/exim/rejectlog
(on FreeBSD, they have "exim_" in front of the filenames)

mysqld:

RedHat:
/var/lib/mysql/server.hostname.com.err
FreeBSD:
/usr/local/mysql/data/server.hostname.com.err

crond:
/var/log/cron

To view a log file, run:

less /var/log/filename
Where /var/log/filename is the path of the log you wish to view. If the log is too large you can use the "tail" command:

tail -n 30 /var/log/filename
Where 30 is the number of lines from the end you wish to view.

Basic commands in Exim

2009-07-01T21:47:00.002-07:00

Print a count of the messages in the queue:

root@localhost# exim -bpc

Print a listing of the messages in the queue (time queued, size, message-id, sender, recipient):

root@localhost# exim -bp

Print a summary of messages in the queue (count, volume, oldest, newest, domain, and totals):

root@localhost# exim -bp | exiqsumm

Print what Exim is doing right now:

root@localhost# exiwhat

Test how exim will route a given address:

root@localhost# exim -bt alias@localdomain.com
user@thishost.com
<-- alias@localdomain.com
router = localuser, transport = local_delivery

root@localhost# exim -bt user@thishost.com
user@thishost.com
router = localuser, transport = local_delivery
root@localhost# exim -bt user@remotehost.com
router = lookuphost, transport = remote_smtp
host mail.remotehost.com [1.2.3.4] MX=0

Run a pretend SMTP transaction from the command line, as if it were coming from the given IP address. This will display Exim's checks, ACLs, and filters as they are applied. The message will NOT actually be delivered.

root@localhost# exim -bh 192.168.11.22

Display all of Exim's configuration settings:

root@localhost# exim -bP

Searching the queue with exiqgrep

Exim includes a utility that is quite nice for grepping through the queue, called exiqgrep. Learn it. Know it. Live it. If you're not using this, and if you're not familiar with the various flags it uses, you're probably doing things the hard way, like piping `exim -bp` into awk, grep, cut, or `wc -l`. Don't make life harder than it already is.

First, various flags that control what messages are matched. These can be combined to come up with a very particular search.

Use -f to search the queue for messages from a specific sender:

root@localhost# exiqgrep -f [luser]@domain

Use -r to search the queue for messages for a specific recipient/domain:

root@localhost# exiqgrep -r [luser]@domain

Use -o to print messages older than the specified number of seconds. For example, messages older than 1 day:

root@localhost# exiqgrep -o 86400 [...]

Use -y to print messages that are younger than the specified number of seconds. For example, messages less than an hour old:

root@localhost# exiqgrep -y 3600 [...]

Use -s to match the size of a message with a regex. For example, 700-799 bytes:

root@localhost# exiqgrep -s '^7..$' [...]

Use -z to match only frozen messages, or -x to match only unfrozen messages.

There are also a few flags that control the display of the output.

Use -i to print just the message-id as a result of one of the above two searches:

root@localhost# exiqgrep -i [ -r | -f ] ...

Use -c to print a count of messages matching one of the above searches:

root@localhost# exiqgrep -c ...

Print just the message-id of the entire queue:

root@localhost# exiqgrep -i

Managing the queue

The main exim binary (/usr/sbin/exim) is used with various flags to make things happen to messages in the queue. Most of these require one or more message-IDs to be specified in the command line, which is where `exiqgrep -i` as described above really comes in handy.

Start a queue run:

root@localhost# exim -q -v

Start a queue run for just local deliveries:

root@localhost# exim -ql -v

Remove a message from the queue:

root@localhost# exim -Mrm [ ... ]

Freeze a message:

root@localhost# exim -Mf [ ... ]

Thaw a message:

root@localhost# exim -Mt [ ... ]

Deliver a message:

root@localhost# exim -M [ ... ]

Force a message to fail and bounce as "cancelled by administrator":

root@localhost# exim -Mg [ ... ]

Remove all frozen messages:

root@localhost# exiqgrep -z -i | xargs exim -Mrm

Remove all messages older than five days (86400 * 5 = 432000 seconds):

root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm

Freeze all queued mail from a given sender:

root@localhost# exiqgrep -i -f luser@example.tld | xargs exim -Mf

View a message's headers:

root@localhost# exim -Mvh

View a message's body:

root@localhost# exim -Mvb

View a message's logs:

root@localhost# exim -Mvl

Add a recipient to a message:

root@localhost# exim -Mar
[
... ]

Edit the sender of a message:

root@localhost# exim -Mes

Access control

Exim allows you to apply access control lists at various points of the SMTP transaction by specifying an ACL to use and defining its conditions in exim.conf. You could start with the HELO string.

# Specify the ACL to use after HELO
acl_smtp_helo = check_helo

# Conditions for the check_helo ACL:
check_helo:

deny message = Gave HELO/EHLO as "friend"
log_message = HELO/EHLO friend
condition = ${if eq {$sender_helo_name} }

deny message = Gave HELO/EHLO as our IP address
log_message = HELO/EHLO our IP address
condition = ${if eq {$sender_helo_name}{$interface_address} }

accept

NOTE: Pursue HELO checking at your own peril. The HELO is fairly unimportant in the grand scheme of SMTP these days, so don't put too much faith in whatever it contains. Some spam might seem to use a telltale HELO string, but you might be surprised at how many legitimate messages start off with a questionable HELO as well. Anyway, it's just as easy for a spammer to send a proper HELO than it is to send HELO im.a.spammer, so consider yourself lucky if you're able to stop much spam this way.

Next, you can perform a check on the sender address or remote host. This shows how to do that after the RCPT TO command; if you reject here, as opposed to rejecting after the MAIL FROM, you'll have better data to log, such as who the message was intended for.

# Specify the ACL to use after RCPT TO
acl_smtp_rcpt = check_recipient

# Conditions for the check_recipient ACL
check_recipient:

# [...]

drop hosts = /etc/exim_reject_hosts
drop senders = /etc/exim_reject_senders

# [ Probably a whole lot more... ]

This example uses two plain text files as blacklists. Add appropriate entries to these files - hostnames/IP addresses to /etc/exim_reject_hosts, addresses to /etc/exim_reject_senders, one entry per line.

It is also possible to perform content scanning using a regex against the body of a message, though obviously this can cause Exim to use more CPU than it otherwise would need to, especially on large messages.

# Specify the ACL to use after DATA
acl_smtp_data = check_message

# Conditions for the check_messages ACL
check_message:

deny message = "Sorry, Charlie: $regex_match_string"
regex = ^Subject:: .*Lower your self-esteem by becoming a sysadmin

accept

Fix SMTP-Auth for Pine

If pine can't use SMTP authentication on an Exim host and just returns an "unable to authenticate" message without even asking for a password, add the following line to exim.conf:

begin authenticators

fixed_plain:
driver = plaintext
public_name = PLAIN
server_condition = "${perl{$1}{$2}{$3}}"
server_set_id = $2
> server_prompts = :

This was a problem on CPanel Exim builds awhile ago, but they seem to have added this line to their current stock configuration.
Log the subject line

This is one of the most useful configuration tweaks I've ever found for Exim. Add this to exim.conf, and you can log the subject lines of messages that pass through your server. This is great for troubleshooting, and for getting a very rough idea of what messages may be spam.

log_selector = +subject

Reducing or increasing what is logged.
Disable identd lookups

Frankly, I don't think identd has been useful for a long time, if ever. Identd relies on the connecting host to confirm the identity (system UID) of the remote user who owns the process that is making the network connection. This may be of some use in the world of shell accounts and IRC users, but it really has no place on a high-volume SMTP server, where the UID is often simply "mail" or whatever the remote MTA runs as, which is useless to know. It's overhead, and results in nothing but delays while the identd query is refused or times out. You can stop your Exim server from making these queries by setting the timeout to zero seconds in exim.conf:

rfc1413_query_timeout = 0s

Disable Attachment Blocking

To disable the executable-attachment blocking that many Cpanel servers do by default but don't provide any controls for on a per-domain basis, add the following block to the beginning of the /etc/antivirus.exim file:

if $header_to: matches "example\.com|example2\.com"
then
finish
endif

It is probably possible to use a separate file to list these domains, but I haven't had to do this enough times to warrant setting such a thing up.
Searching the logs with exigrep

The exigrep utility (not to be confused with exiqgrep) is used to search an exim log for a string or pattern. It will print all log entries with the same internal message-id as those that matched the pattern, which is very handy since any message will take up at least three lines in the log. exigrep will search the entire content of a log entry, not just particular fields.

One can search for messages sent from a particular IP address:

root@localhost# exigrep '<= .* \[12.34.56.78\] ' /path/to/exim_log

Search for messages sent to a particular IP address:

root@localhost# exigrep '=> .* \[12.34.56.78\]' /path/to/exim_log

This example searches for outgoing messages, which have the "=>" symbol, sent to "user@domain.tld". The pipe to grep for the "<=" symbol will match only the lines with information on the sender - the From address, the sender's IP address, the message size, the message ID, and the subject line if you have enabled logging the subject. The purpose of doing such a search is that the desired information is not on the same log line as the string being searched for.

root@localhost# exigrep '=> .*user@domain.tld' /path/to/exim_log | fgrep '<='

Generate and display Exim stats from a logfile:

root@localhost# eximstats /path/to/exim_mainlog

Same as above, with less verbose output:

root@localhost# eximstats -ne -nr -nt /path/to/exim_mainlog

Same as above, for one particular day:

root@localhost# fgrep YYYY-MM-DD /path/to/exim_mainlog | eximstats

Bonus!

To delete all queued messages containing a certain string in the body:

root@localhost# grep -lr 'a certain string' /var/spool/exim/input/ | \
sed -e 's/^.*\/$[a-zA-Z0-9-]*$-[DH]$/\1/g' | xargs exim -Mrm

Note that the above only delves into /var/spool/exim in order to grep for queue files with the given string, and that's just because exiqgrep doesn't have a feature to grep the actual bodies of messages. If you are deleting these files directly, YOU ARE DOING IT WRONG! Use the appropriate exim command to properly deal with the queue.

If you have to feed many, many message-ids (such as the output of an `exiqgrep -i` command that returns a lot of matches) to an exim command, you may exhaust the limit of your shell's command line arguments. In that case, pipe the listing of message-ids into xargs to run only a limited number of them at once. For example, to remove thousands of messages sent from joe@example.com:

root@localhost# exiqgrep -i -f '' | xargs exim -Mrm

How to enable“Update Now” Button in Cpanel Awstats

2009-07-01T21:47:00.001-07:00

Tired of bugging your host to update Cpanel awstats? You can generate stats, update it by your own by clicking the ‘update now’ link at the top of the main page in the awstats. You can place this “update now” by yourself .
Find out how to change the configuration file for Awstats to re-enable the ‘update now’ button.

Follow these steps:
1. login into cPanel
1a. Open File Manager
2. navigate to /home/username/tmp/awstats/
3. edit the .conf file (e.g. awstats.yourdomain.com.conf)
4. look for this line: AllowToUpdateStatsFromBrowser, set the value to 1 (AllowToUpdateStatsFromBrowser=1)
5. Save the .conf file. When you refresh your statistics page. you will get ‘update now’ link at the top of the page.

Managing mail queue

2009-07-01T21:44:00.001-07:00

If mail queue have more then 10000 mails client is unable to send the mails, you may need to clear out frozen mails.

exim -bpru|grep frozen | wc -l --- This will list the number of frozen mails

exim -bpru|grep frozen|awk {'print $3'}|xargs exim -Mrm --- Remove the frozen messages.

Please check mail queue properly and observer which account is sending the mask mails.
run following command to delete mails of that account.
Example:

grep -lr account@yourdomain.com /var/spool/exim/input/* | xargs rm -rf

Do the following things to delete mail from perticuler domains.

grep -lr domainname.com /var/spool/exim/input/* |xargs rm -rf

Cannot login to Horde

2009-07-01T21:43:00.003-07:00

Hope you would have got this issue often. The client cannot able to login to his Horde account to check his mail. He would have reached till the login screen and if he click "Login" it will stay back in the same screen instead of going to his inbox. Here is the fix for it,

Check the following first,

1. goto " cd var/lib/mysql/horde " and check if there is a file named " horde_sessionhandler.frm "

2. move all the file named "horde_sessionhandler" with other name

3. Or you can goto mysql and can drop the table "horde_sessionhandler". It will show error message some times. If so use the step 2, so that the table gets moved automatically.(Remember that if you are using step2 skip the step 3)

4. Now type in shell "mysql"

5. It will take to mysql prompt . type "use horde";

6. copy this command and paste there :

CREATE TABLE horde_sessionhandler (session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL, session_data LONGBLOB, PRIMARY KEY (session_id)) ENGINE = InnoDB;

7. quit from mysql and restart mysql.

8. Try now... Your issue is fixed!!!!!

Important Vps commands

2009-07-01T21:43:00.001-07:00

Following are some important commands which are normally used while working on a Hardware Node.

1) vzlist -a : Shows list of all the VPS’s hosted on the Node.
2) vzctl start VPS_ID: To start the VPS.
3) vzctl stop VPS_ID : To stop (Shut Down) the VPS
4) vzctl status VPS_ID : To view the status of the particular VPS
5) vzctl stop VPS_ID –-fast : to stop the VPS quickly and forcefully
6) vzctl enter VPS_ID : To enter in a particular VPS

Configuration Commands

1) vzctl set VPS_ID –hostname vps.domain.com –save: To set the Hostname of a VPS.
2) vzctl set VPS_ID –ipadd 1.2.3.4 –save : To add a new IP to the VPS.
3) vzctl set VPS_ID –ipdel 1.2.3.4 –save : To delete the IP from VPS.
4) vzctl set VPS_ID –userpasswd root:new_password –save : to reset root password of a VPS.
5) vzctl set VPS_ID –nameserver 1.2.3.4 –save : To add the nameserver IP’s to the VPS.
6) vzctl exec VPS_ID command : To run any command on a VPS from Node.
6) vzyum VPS_ID install package_name : To install any package/Software on a VPS from Node.

Here VPS_ID refers to the ID of the Particular VPS

Adding Reverse Dns

2009-07-01T21:42:00.001-07:00

Adding reverse dns on a DC's resolvers need much care and attention you should ensure that you are going through the right path always. Any error in that may cause a down time to the resolvers.
Inoredr add reverse entries please follow the steps given below

1.) Ensure that the hostname resolves to the IP that the client is requesting prior to inserting the reverse DNS record. This can be done by pinging the hostname

2.) Login to the resolver server

3.) Edit the correct file for the IP address of the reverse DNS record. For example, if a client requested "please add abc.domain.com -> 205.64.34.142" then we will need to edit the file for c-class 205.64.142.1. The command would be as follows: ee /etc/namedb/master/34.64.205.in-addr.arpa
5. You will then need to insert a reverse DNS entry like: 142 IN PTR abc.domain.com.
6. Once inserted, you need to change the serial number in the file.
7. Save the file, and exit.
8. Reload named to reflect the new changes by executing the command: /etc/rc.d/named reload

Reset Mysql Root Password:

2009-07-01T21:41:00.001-07:00

Stop mysql server

/etc/init.d/mysql.server stop

Start mysql in safe mode

/usr/local/mysql/bin/mysqld_safe --user=root --skip-grant-tables --skip-networking &

NOw the mysql will be running in the background in safe mode. You will be able to klogin as root by just using

mysql -u root

Once you got in you can use the following commands to reset the root password.

UPDATE mysql.user SET Password=PASSWORD('qwert123') WHERE User='root'; //Here password is qwert123

FLUSH PRIVILEGES;

Now just quit from the mysql prompt and try using the new password

mysql -u root -p

When it ask for passwprd, provide the new password. It will work.

Some useful commands

2009-07-01T21:39:00.001-07:00

mkdir - make directories

Usage

mkdir [OPTION] DIRECTORY

Options

Create the DIRECTORY(ies), if they do not already exist.

Mandatory arguments to long options are mandatory for short options too.

-m, mode=MODE set permission mode (as in chmod), not rwxrwxrwx - umask

-p, parents no error if existing, make parent directories as needed

-v, verbose print a message for each created directory

-help display this help and exit

-version output version information and exit

cd - change directories

Use cd to change directories. Type cd followed by the name of a directory to access that directory.Keep in mind that you are always in a directory and can navigate to directories hierarchically above or below.

mv- change the name of a directory

Type mv followed by the current name of a directory and the new name of the directory.

Ex: mv testdir newnamedir

pwd - print working directory

will show you the full path to the directory you are currently in. This is very handy to use, especially when performing some of the other commands on this page

rmdir - Remove an existing directory

rm -r

Removes directories and files within the directories recursively.

chown - change file owner and group

Usage

chown [OPTION] OWNER[:[GROUP]] FILE

chown [OPTION] :GROUP FILE

chown [OPTION] --reference=RFILE FILE

Options

Change the owner and/or group of each FILE to OWNER and/or GROUP. With --reference, change the owner and group of each FILE to those of RFILE.

-c, changes like verbose but report only when a change is made

-dereference affect the referent of each symbolic link, rather than the symbolic link itself

-h, no-dereference affect each symbolic link instead of any referenced file (useful only on systems that can change the ownership of a symlink)

-from=CURRENT_OWNER:CURRENT_GROUP

change the owner and/or group of each file only if its current owner and/or group match those specified here. Either may be omitted, in which case a match is not required for the omitted attribute.

-no-preserve-root do not treat `/' specially (the default)

-preserve-root fail to operate recursively on `/'

-f, -silent, -quiet suppress most error messages

-reference=RFILE use RFILE's owner and group rather than the specifying OWNER:GROUP values

-R, -recursive operate on files and directories recursively

-v, -verbose output a diagnostic for every file processed

The following options modify how a hierarchy is traversed when the -R option is also specified. If more than one is specified, only the final one takes effect.

-H if a command line argument is a symbolic link to a directory, traverse it

-L traverse every symbolic link to a directory encountered

-P do not traverse any symbolic links (default)

chmod - change file access permissions

Usage

chmod [-r] permissions filenames

r Change the permission on files that are in the subdirectories of the directory that you are currently in. permission Specifies the rights that are being granted. Below is the different rights that you can grant in an alpha numeric format.filenames File or directory that you are associating the rights with Permissions

u - User who owns the file.

g - Group that owns the file.

o - Other.

a - All.

r - Read the file.

w - Write or edit the file.

x - Execute or run the file as a program.

Numeric Permissions:

CHMOD can also to attributed by using Numeric Permissions:

400 read by owner

040 read by group

004 read by anybody (other)

200 write by owner

020 write by group

002 write by anybody

100 execute by owner

010 execute by group

001 execute by anybody

ls - Short listing of directory contents

-a list hidden files

-d list the name of the current directory

-F show directories with a trailing '/'

executable files with a trailing '*'

-g show group ownership of file in long listing

-i print the inode number of each file

-l long listing giving details about files and directories

-R list all subdirectories encountered

-t sort by time modified instead of name

cp - Copy files

cp myfile yourfile

Copy the files "myfile" to the file "yourfile" in the current working directory. This command will create the file "yourfile" if it doesn't exist. It will normally overwrite it without warning if it exists.

cp -i myfile yourfile

With the "-i" option, if the file "yourfile" exists, you will be prompted before it is overwritten.

cp -i /data/myfile

Copy the file "/data/myfile" to the current working directory and name it "myfile". Prompt before overwriting the file.

cp -dpr srcdir destdir

Copy all files from the directory "srcdir" to the directory "destdir" preserving links (-poption), file attributes (-p option), and copy recursively (-r option). With these options, a directory and all it contents can be copied to another dir

ln - Creates a symbolic link to a file.

ln -s test symlink

Creates a symbolic link named symlink that points to the file test Typing "ls -i test symlink" will show the two files are different with different inodes. Typing "ls -l test symlink" will show that symlink points to the file test.

locate - A fast database driven file locator.

slocate -u

This command builds the slocate database. It will take several minutes to complete this command.This command must be used before searching for files, however cron runs this command periodically on most systems.locate whereis Lists all files whose names contain the string "whereis". directory.

more - Allows file contents or piped output to be sent to the screen one page at a time

less - Opposite of the more command

cat - Sends file contents to standard output. This is a way to list the contents of short files to the screen. It works well with piping.

whereis - Report all known instances of a command
wc - Print byte, word, and line counts

bg

bg jobs Places the current job (or, by using the alternative form, the specified jobs) in the background, suspending its execution so that a new user prompt appears immediately. Use the jobs command to discover the identities of background jobs.

cal month year - Prints a calendar for the specified month of the specified year.

cat files - Prints the contents of the specified files.

clear - Clears the terminal screen.

cmp file1 file2 - Compares two files, reporting all discrepancies. Similar to the diff command, though the output format differs.

diff file1 file2 - Compares two files, reporting all discrepancies. Similar to the cmp command, though the output format differs.

dmesg - Prints the messages resulting from the most recent system boot.

fg

fg jobs - Brings the current job (or the specified jobs) to the foreground.

file files - Determines and prints a description of the type of each specified file.

find path -name pattern -print

Searches the specified path for files with names matching the specified pattern (usually enclosed in single quotes) and prints their names. The find command has many other arguments and functions; see the online documentation.

finger users - Prints descriptions of the specified users.

free - Displays the amount of used and free system memory.

ftp hostname

Opens an FTP connection to the specified host, allowing files to be transferred. The FTP program provides subcommands for accomplishing file transfers; see the online documentation.

head files - Prints the first several lines of each specified file.

ispell files - Checks the spelling of the contents of the specified files.

kill process_ids

kill - signal process_ids

kill -l

Kills the specified processes, sends the specified processes the specified signal (given as a number or name), or prints a list of available signals.

killall program

killall - signal program

Kills all processes that are instances of the specified program or sends the specified signal to all processes that are instances of the specified program.

mail - Launches a simple mail client that permits sending and receiving email messages.

man title

man section title - Prints the specified man page.

ping host - Sends an echo request via TCP/IP to the specified host. A response confirms that the host is operational.

reboot - Reboots the system (requires root privileges).

shutdown minutes

shutdown -r minutes

Shuts down the system after the specified number of minutes elapses (requires root privileges). The -r option causes the system to be rebooted once it has shut down.

sleep time - Causes the command interpreter to pause for the specified number of seconds.

sort files - Sorts the specified files. The command has many useful arguments; see the online documentation.

split file - Splits a file into several smaller files. The command has many arguments; see the online documentation

sync - Completes all pending input/output operations (requires root privileges).

telnet host - Opens a login session on the specified host.

top - Prints a display of system processes that's continually updated until the user presses the q key.

traceroute host - Uses echo requests to determine and print a network path to the host.

uptime - Prints the system uptime.

w - Prints the current system users.

wall - Prints a message to each user except those who've disabled message reception. Type Ctrl-D to end the message.

Get mysql root password from

2009-07-01T21:38:00.001-07:00

Get mysql root password from
If you forgot your mysql root password you can get it from
/root/.my.cnf

Some useful Mysql Queries

2009-07-01T21:37:00.001-07:00

Mysql query to delete a user

mysql> delete from user where user='username';
mysql> FLUSH PRIVILEGES;

Setting Privileges

grant all privileges on DB.* to 'username'@'localhost' identified by 'pass';

SET PASSWORD FOR @localhost = OLD_PASSWORD('passwd');

To see Tables:

mysql> use DB;
mysql> show tables;

To see fields

mysql> desc tablename;

To View The contents of the table

mysql> select * from ;

UPDATE Query

mysql> update ='' where ;

Eg :update wp_users set user_pass=md5('one') where user_login='cee';

How to disable direct root login

2009-07-01T21:35:00.000-07:00

Inorder to disable direct root login on a linux server, you need to do the following things

1. vi /etc/ssh/sshd_config in that file make
Permitrootlogin no then save it

2. Restart sshd service
/etc/init.d/sshd restart

3. Now create a new user and set password for that user.

4. Add that user to the wheel group
vi /etc/groups // add that user to the group of wheel

5. Now logon to the server using the username and password and then do
su - and provide the root password

Inorder to work this properly you should have the following permission settings

chmod 4755 /bin/su
chmod 1700 /etc/passwd
chmod 1700 /etc/shadow
chmod 1755 /etc/groups

If there is anything wrong with this permission, you may get permission denied or incorrect password errors.

Park wrapper error

2009-06-30T13:48:00.000-07:00

Sometimes you may get the park wrapper error while creating a new parked domain(example.com) in cpanel. In order that you can remove the domain name(example.com) in the following files and try. It will fix the issue.

/etc/usrdomains
/etc/localdomains
/etc/named.conf
/etc/valiases
/etc/vdomainaliases
http.conf
/var/named/

Important Directories in Linux

2009-06-30T13:43:00.002-07:00

Different distributions have different directory structures, despite attempts at standardization such as the the Linux Filesystem Hierarchy Standard (FHS) organization.

* /bin - essential UNIX commands such as ls, etc. Should contain all binaries needed to boot the system or run it in single-user mode

* /boot - files used during booting and possibly the kernel itself are stored here

* /dev - contains device files for various devices on system

* /etc - files used by subsystems such as networking, NFS, and mail. Includes tables of disks to mount, processes to run on startup, etc.

* /etc/profile.d - contains scripts that are run by /etc/profile upon login.

* /etc/rc.d - contains a number of shell scripts that are run on bootup at different run levels. There is also typically an rc.inet1 script to set up networking (in Slackwar), an rc.modules script to load modular device drivers, and an rc.local script that can be edited to run commands desired by the administrator, along the lines of autoexec.bat in DOS.

* /etc/rc.d/init.d - contains most of the initialization scripts themselves on an rpm-based system.

* /etc/rc.d/rc*.d - where ``*'' is a number corresponding to the default run level. Contains files for services to be started and stopped at that run level. On rpm-based systems, these files are symbolic links to the initialization scripts themselves, which are in /etc/rc.d/init.d.

* /etc/skel - directory containing several example or skeleton initialization shells. Often contains subdirectories and files used to populate a new user's home directory.

* /etc/X11 - configuration files for the X Window system

* /home - home directories of individual users

* /lib - standard shared library files

* /lib/modules - modular device driver files, most with .o extensions

* /mnt - typical mount point for many user-mountable devices such as floppy drives, cd-rom readers, etc. Each device is mounted on a subdirectory of /mnt.

* /proc - virtual file system that provides a number of system statistics

* /root - home directory for root

* /sbin - location of binaries used for system administration, configuration, and monitoring

* /tmp - directory specifically designed for programs and users to store temporary files.

* /usr - directory containing a number of subdirectory with programs, libraries, documentation, etc.

* /usr/bin - contains most user commands. Should not contain binaries necessary for booting the system, which go in /bin. The /bin directory is generally located on the same disk partition as /, which is mounted in read-only mode during the boot process. Other filesystems are only mounted at a later stage during startup, so putting binaries essential for boot here is not a good idea.

* /usr/bin/X11 - most often a symbolic link to /usr/X11R6/bin, which contains executable binaries related to the X Window system

* /usr/doc - location of miscellaneous documentation, and the main location of program documentation files under Slackware

* /usr/include - standard location of include files used in C programs such as stdio.h

* /usr/info - primary location of the GNU info system files

* /usr/lib - standard library files such as libc.a. Searched by the linker when programs are compiled.

* /usr/lib/X11 - X Window system distribution

* /usr/local/bin - yet another place to look for comon executables

* /usr/man - location of manual page files

* /usr/sbin - other commands used by superuser for system administration

* /usr/share - contains subdirectories where many installed programs have configuration, setup and auxiliary files

* /usr/share/doc - location of program documentation files under Mandrake and Red Hat

* /usr/src - location of source programs used to build system. Source code for programs of all types are often unpacked in this directory.

* /usr/src/linux - often a symbolic link to a subdirectory whose name corresponds to the exact version of the Linux kernel that is running. Contains the kernel sources.

* /var - administrative files such as log files, used by various utilities

* /var/log/packages - contains files, each of which has detailed information on an installed package in Slackware. The same file can also be found at /var/adm/packages, since the adm subdirectory is a symbolic link to log. Each package file contains a short description plus a list of all installed files.

* /var/log/scripts - package installation scripts in Slackware are stored here. You can inspect these scripts to see what special features are included in individual packages.

* /var/spool - temporary storage for files being printed, mail that has not yet been picked up, etc

Linux-Overview

2009-06-30T13:43:00.001-07:00

Linux is a Unix-like computer Operating System (or OS) that uses the Linux kernel. Linux started out as a personal computer system used by individuals, and has since gained the support of several large corporations, such as Sun Microsystems, HP and IBM. It is now used mostly as a server operating system, with some large organizations using an enterprise version for desktops. Linux is a prime example of open-source development, which means that the source code is available freely for anyone to use.
Back in August of 1991, a student from Finland began a post to the comp.os.minix newsgroup with the words
Hello everybody out there using minix -I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones.

The student was Linus Torvalds, and the "hobby" he spoke of eventually became what we know today as Linux.

A full-featured POSIX-like operating system, Linux has been developed not just by Linus, but by hundreds of programmers around the world.

Script For DNS forwarding of all accounts under a RESELLER Account

2009-06-24T05:49:00.000-07:00

updateResellerDNS.sh

Written By Nazeem S
Copy the bellow content and put it in file called "updateResellerDNS.sh" and give permission 755(executable) then run it (sh updateResellerDNS.sh or ./updateResellerDNS.sh)

############# Starting ########################
###############NAZEEM S####################
#############################################
#! /bin/bash
>/var/log/updateResellerDNS.log
>user
>domains
echo -n "Enter Reseller Account Name:--- "
read a
echo -n "Enter IP to be Changed (Source IP):--- "
read b
echo -n "Enter the New IP (Destination IP):--- "
read c
grep $a /etc/trueuserowners |cut -d ':' -f1|sort >user

for i in `cat user`
do
cat /etc/userdomains|grep $i |cut -d: -f1|sort >>domains;
done
for x in `cat domains`
do
ls /var/named/ |grep $x|sort >>updateResellerDNS.log;
done
for y in `cat updateResellerDNS.log`
do
#replace '$b' '$c' --/var/named/$y;
sed -i 's/$b/$c/g' /var/named/$y;
echo "$y---------------- converted"
done
export c=`cat updateResellerDNS.log | wc -l`
echo "Total count of zone files has been updated = $c"
echo "log file on /var/log/updateResellerDNS.log"
#############################################
###############NAZEEM S####################
############### Ending #######################

GREP _ the most useful command

2009-06-22T09:05:00.000-07:00

grep command syntax

grep 'word' filename

grep 'string1 string2'  filename

cat otherfile | grep 'something'

command | grep 'something'

Use grep to search file

Search /etc/passwd for boo user:

$ grep boo /etc/passwd

You can force grep to ignore word case i.e match boo, Boo, BOO and all other combination with -i option:

$ grep -i "boo" /etc/passwd

Use grep recursively

You can search recursively i.e. read all files under each directory for a string "192.168.1.5"
$ grep -r "192.168.1.5" /etc/

Use grep to search 2 different words

use egrep as follows:
$ egrep -w 'word1|word2' /path/to/file

Count line when words has been matched

grep can report the number of times that the pattern has been matched for each file using -c (count) option:
$ grep -c 'word' /path/to/file

Also note that you can use -n option, which causes grep to precede each line of output with the number of the line in the text file from which it was obtained:
$ grep -n 'word' /path/to/file

Grep invert match

You can use -v option to print inverts the match; that is, it matches only those lines that do not contain the given word. For example print all line that do not contain the word bar:
$ grep -v bar /path/to/file

Colour

Finally, you can force grep to display output in colors:
$ grep --color vivek /etc/passwd

list file name

Use the -l option to list file name whose contents mention main():
$ grep -l 'main' *.c