Sunday, March 2, 2008
550 email error<... > can't create output
The person you are sending email to is over quota. That means that they have no more disk space left on server to receive mail. They could have received a lot of mail recently, or a few large messages, or they may not have checked mail for a long time, or various other reasons that caused them to not have any disk space left on server. You might try sending the message again at a later time.
If the infected mails are coming from the server
Please see that when mail travels from souce node to the destination node, it makes many hops in between, it doesn't travel in one hop and has to pass through many nodes in between.
If any of the node in the path is infected then your mail packets can get infected and carry the infection to you.
As the issue is not in our hands, we can only suggest you to use a suitable mail filter and antivirus.
If any of the node in the path is infected then your mail packets can get infected and carry the infection to you.
As the issue is not in our hands, we can only suggest you to use a suitable mail filter and antivirus.
Working with POP3 from Telnet
[deskmerc@Evil-Fish deskmerc]$ telnet xxx.xxx.xxx.xxx 110
Trying xxx.xxx.xxx.xxx...
Connected to xxx.xxx.xxx.xxx.
Escape character is '^]'.
+OK POP3 [cppop 8.0] at [xxx.xxx.xxx.xxx]
user username
+OK Need a password
pass xpasswordx
+OK You have 1 messages totaling 1618 octets from /home/username/mail/inbox (full load)
list
+OK 1 messages (1618 octets) [0 control message(s) hidden]
1 1618
.
quit
+OK Bye!
Trying xxx.xxx.xxx.xxx...
Connected to xxx.xxx.xxx.xxx.
Escape character is '^]'.
+OK POP3 [cppop 8.0] at [xxx.xxx.xxx.xxx]
user username
+OK Need a password
pass xpasswordx
+OK You have 1 messages totaling 1618 octets from /home/username/mail/inbox (full load)
list
+OK 1 messages (1618 octets) [0 control message(s) hidden]
1 1618
.
quit
+OK Bye!
Testing IMAP using telnet
[admin@adp admin]$ telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See
COPYING for distribution information.
a001 login postmaster@mydomain.com *******
a001 OK LOGIN Ok.
Anything other than "* OK ..." is error.
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See
COPYING for distribution information.
a001 login postmaster@mydomain.com *******
a001 OK LOGIN Ok.
Anything other than "* OK ..." is error.
0x8004210B / 0x8004210A
This behavior occurs because some Internet service providers (ISP) do not permit message routing through another SMTP server while you are connected to their network.
To resolve this behavior, replace the SMTP server for the other ISP or the other e-mail account with the SMTP server that is associated with the ISP that you use to connect to the Internet. To do so, follow these steps:
Contact your ISP to obtain the outgoing SMTP e-mail server address.
Start Outlook 2002.
On the Tools menu, click E-mail Accounts.
Under E-mail, click View or change existing e-mail account, and then click Next.
Click the account that you want to change, and then click Change.
Under Server Information, typae the name of your e-mail server that you determined in step 1 in the Outgoing mail server (SMTP) box, and then click Next.
Click Finish
To resolve this behavior, replace the SMTP server for the other ISP or the other e-mail account with the SMTP server that is associated with the ISP that you use to connect to the Internet. To do so, follow these steps:
Contact your ISP to obtain the outgoing SMTP e-mail server address.
Start Outlook 2002.
On the Tools menu, click E-mail Accounts.
Under E-mail, click View or change existing e-mail account, and then click Next.
Click the account that you want to change, and then click Change.
Under Server Information, typae the name of your e-mail server that you determined in step 1 in the Outgoing mail server (SMTP) box, and then click Next.
Click Finish
How to get full email header for a email message
Full email headers tell an administrator the path that the message took on its way to your computer. It also can give the administrator information about the computer sending the message and the SPAM checks that the message passed through. To get full email headers you need to do the following for
Outlook Express
-------------------
1. Right click on the message.
2. Choose Properties.
3. Choose the Details tab.
Webmail
----------
1. Login to your webmail.
2. Open the message
3. Click on "View Full Header:
Outlook 2003
1. Right click on the message.
2. Choose Options
ThunderBird
--------------
1. click the + sign beside the subject in the message preview pane.
Copy the support headers and send them to your support person or enter them into a support ticket for analysis.
Outlook Express
-------------------
1. Right click on the message.
2. Choose Properties.
3. Choose the Details tab.
Webmail
----------
1. Login to your webmail.
2. Open the message
3. Click on "View Full Header:
Outlook 2003
1. Right click on the message.
2. Choose Options
ThunderBird
--------------
1. click the + sign beside the subject in the message preview pane.
Copy the support headers and send them to your support person or enter them into a support ticket for analysis.
0x8004210B
--------
CAUSE
--------
This behavior occurs because some Internet service providers (ISP) do not permit message routing through another SMTP server while you are connected to their network.
---------------
RESOLUTION
---------------
To resolve this behavior, replace the SMTP server for the other ISP or the other e-mail account with the SMTP server that is associated with the ISP that you use to connect to the Internet. To do so, follow these steps:
Contact your ISP to obtain the outgoing SMTP e-mail server address.
Start Outlook 2002.
On the Tools menu, click E-mail Accounts.
Under E-mail, click View or change existing e-mail account, and then click Next.
Click the account that you want to change, and then click Change.
Under Server Information, type the name of your e-mail server that you determined in step 1 in the Outgoing mail server (SMTP) box, and then click Next.
Click Finish
CAUSE
--------
This behavior occurs because some Internet service providers (ISP) do not permit message routing through another SMTP server while you are connected to their network.
---------------
RESOLUTION
---------------
To resolve this behavior, replace the SMTP server for the other ISP or the other e-mail account with the SMTP server that is associated with the ISP that you use to connect to the Internet. To do so, follow these steps:
Contact your ISP to obtain the outgoing SMTP e-mail server address.
Start Outlook 2002.
On the Tools menu, click E-mail Accounts.
Under E-mail, click View or change existing e-mail account, and then click Next.
Click the account that you want to change, and then click Change.
Under Server Information, type the name of your e-mail server that you determined in step 1 in the Outgoing mail server (SMTP) box, and then click Next.
Click Finish
Why can’t we send mail through SMTP ?
About “Port 25” blocking
Many ISP's (Internet Service Providers) are blocking what is called "Port 25" which is the port used to send e-mail. They have chosen to do this to cut down on the amount of "SPAM" mail that is sent. All e-mail sent via the Internet is routed through the port 25, the channel used for communication between a mail client and a mail server. Even though port 25 blocking will probably become an industry standard, however, the filter can create problems for e-mail servers and block legitimate e-mail as well as spam. You can check with your dial-up provider to see if they are doing this. The way around this is to set your SMTP settings to those of your ISP's. They can provide the settings for you to send email via their SMTP server. For example: "mail.aol.com". After doing that, you will be sending mail though your ISP's servers rather than the SMTP server on your computer. Unfortunately, you will not be able to use any SMTP mail server software, including your private server or hosting account.
Here are a few of the major ISP's that block Port 25:
• NetZero
• Mindspring
• MSN
• Earthlink
• Flashnet
• MediaOne
• AT&T
• Verizon
Many ISP's (Internet Service Providers) are blocking what is called "Port 25" which is the port used to send e-mail. They have chosen to do this to cut down on the amount of "SPAM" mail that is sent. All e-mail sent via the Internet is routed through the port 25, the channel used for communication between a mail client and a mail server. Even though port 25 blocking will probably become an industry standard, however, the filter can create problems for e-mail servers and block legitimate e-mail as well as spam. You can check with your dial-up provider to see if they are doing this. The way around this is to set your SMTP settings to those of your ISP's. They can provide the settings for you to send email via their SMTP server. For example: "mail.aol.com". After doing that, you will be sending mail though your ISP's servers rather than the SMTP server on your computer. Unfortunately, you will not be able to use any SMTP mail server software, including your private server or hosting account.
Here are a few of the major ISP's that block Port 25:
• NetZero
• Mindspring
• MSN
• Earthlink
• Flashnet
• MediaOne
• AT&T
• Verizon
Why can’t we send emails through the server? Is SMTP blocked
Most of the large ISP's now are requiring that messages be sent through the ISP's mail system to reduce the amount of spam originating from their networks. You can test this by doing the following.
go to start, run
type
telnet mail.yourdomainname.com 25
(substituting yourdomainname.com for your actual domain name)
press enter
You should see a telnet window that returns
telnet mail.yourdomainname.com 25
Trying 65.39.254.10...
Connected to mail.yourdomainname.com.
Escape character is '^]'.
220 mail.plhosting.com ESMTP
If you see anything other than
220 mail.plhosting.com ESMTP
then you must use your ISP's mail server for outgoing smtp as Your ISP is blocking connections on port 25 to our mail system.
go to start, run
type
telnet mail.yourdomainname.com 25
(substituting yourdomainname.com for your actual domain name)
press enter
You should see a telnet window that returns
telnet mail.yourdomainname.com 25
Trying 65.39.254.10...
Connected to mail.yourdomainname.com.
Escape character is '^]'.
220 mail.plhosting.com ESMTP
If you see anything other than
220 mail.plhosting.com ESMTP
then you must use your ISP's mail server for outgoing smtp as Your ISP is blocking connections on port 25 to our mail system.
Why do I receive the 550 error ( relaying denied ) message
Why do I receive the 550 error ( relaying denied ) message when sending the email ?
We use SMTP Authentication which means you must provide a username and password to send mail (SMTP) just as you do to receive mail (POP3). In most email client software there is a checkbox or field that allows you to specify whether the mail server, i.e. mail.yourdomain.com does or does not use SMTP authentication. In Outlook or Outlook Express, the checkbox says "My server requires authenticaton". Check it to activate this feature.
We use SMTP Authentication which means you must provide a username and password to send mail (SMTP) just as you do to receive mail (POP3). In most email client software there is a checkbox or field that allows you to specify whether the mail server, i.e. mail.yourdomain.com does or does not use SMTP authentication. In Outlook or Outlook Express, the checkbox says "My server requires authenticaton". Check it to activate this feature.
What causes slow email connections ?
This only applies to users that don't use our email cluster for email services. For POP3 and IMAP connections, xinetd will make a connection back to the IP Address that has initiated the POP3 or IMAP connections. xinetd is trying to connect to the ident port to determine the user name of the person connecting. This will fail if the user is behind a firewall because the firewall will not respond to this connection. You can turn this off by editing /etc/xinetd.d/wp_ipop3 and /etc/xinetd.d/wp_imap and removing the lines:
log_on_success += USERID
log_on_failure += USERID
Then restart xinetd by typing:
/etc/rc.d/init.d/xinetd restart
log_on_success += USERID
log_on_failure += USERID
Then restart xinetd by typing:
/etc/rc.d/init.d/xinetd restart
Plesk Linux Demo Panel Details
Hello Friends,
For accessing the demo control panel for plesk linux you can refer the following url :
http://www.swsoft.com/en/products/plesk7/demo/
Demo Plesk 7 as administrator
login : admin
pwd : plesk
Demo Plesk 7 as client
login : client
pwd : plesk
Demo Plesk 7 as Domain's owner
login : demo.swsoft.com
pwd : plesk
Demo Plesk 7 as from a mail users perpective
login : mailuser@demo.swsoft.com
pwd : plesk
====================================================================================
We do have another demo control panel which is much more faster than swsoft. Please refer the url :
http://www.apollohosting.com/webhostingreseller/p_Demo.php
Demo Plesk 7 as Admin
login : admin
pwd : plesk
Demo Plesk 7 as client
login : client
pwd : plesk
Demo Plesk 7 as domains owner
login : demo.sw-soft.com
pwd : plesk
Demo Plesk 7 as mail user
login : mailuser@demo.sw-soft.com
pwd : plesk
====================================================================================
For accessing the demo control panel for plesk 8 pls refer the following url :
http://www.swsoft.com/en/products/plesk8/demo/
Demo 8.0 for Linux/Unix Admin
login : admin
pwd : plesk
Demo 8.0 for Linux/Unix for Client
login : client
pwd : plesk
Demo 8.0 for Linux/Unix for Domain's Owner
login : demo.swsoft.com
pwd : plesk
Demo 8.0 for Linux/Unix for mail users perpestive
login : mailuser@demo.swsoft.com
pwd : plesk
====================================================================================
For accessing the demo control panel for plesk linux you can refer the following url :
http://www.swsoft.com/en/products/plesk7/demo/
Demo Plesk 7 as administrator
login : admin
pwd : plesk
Demo Plesk 7 as client
login : client
pwd : plesk
Demo Plesk 7 as Domain's owner
login : demo.swsoft.com
pwd : plesk
Demo Plesk 7 as from a mail users perpective
login : mailuser@demo.swsoft.com
pwd : plesk
====================================================================================
We do have another demo control panel which is much more faster than swsoft. Please refer the url :
http://www.apollohosting.com/webhostingreseller/p_Demo.php
Demo Plesk 7 as Admin
login : admin
pwd : plesk
Demo Plesk 7 as client
login : client
pwd : plesk
Demo Plesk 7 as domains owner
login : demo.sw-soft.com
pwd : plesk
Demo Plesk 7 as mail user
login : mailuser@demo.sw-soft.com
pwd : plesk
====================================================================================
For accessing the demo control panel for plesk 8 pls refer the following url :
http://www.swsoft.com/en/products/plesk8/demo/
Demo 8.0 for Linux/Unix Admin
login : admin
pwd : plesk
Demo 8.0 for Linux/Unix for Client
login : client
pwd : plesk
Demo 8.0 for Linux/Unix for Domain's Owner
login : demo.swsoft.com
pwd : plesk
Demo 8.0 for Linux/Unix for mail users perpestive
login : mailuser@demo.swsoft.com
pwd : plesk
====================================================================================
Grant previliages to the user for a database
To Grant previliages to the user for a database always use command:
GRANT ALL PRIVILEGES ON DataBaseName.* TO DatabaseUSer@'%' IDENTIFIED BY 'PassWord';
This also enables the remote connection on the database for that user, so that you can connect to the database using a MySql client.
GRANT ALL PRIVILEGES ON DataBaseName.* TO DatabaseUSer@'%' IDENTIFIED BY 'PassWord';
This also enables the remote connection on the database for that user, so that you can connect to the database using a MySql client.
Password protected Directories
The best way to create a password protected directory is from Plesk Control panel itself.
Login to control panel >> Domain >> Directories
here you can add password protected directories for the domain.
They will work only if yo have a index.xxx page under it.If it is not present they will not work and will keep asking fpr password.
Login to control panel >> Domain >> Directories
here you can add password protected directories for the domain.
They will work only if yo have a index.xxx page under it.If it is not present they will not work and will keep asking fpr password.
Manually install Fp for a site on linux Plesk server
Manually install Fp for a site on linux Plesk server
Quote:
cd /usr/local/frontpage/version5.0/bin
./owsadm.exe -o uninstall -p 80 -m domain.com
./owsadm.exe -o install -xu -s "/usr/local/frontpage/conf/domain.com.fp.80.cnf" -nochowncontent yes -pw -m domain.com
Quote:
cd /usr/local/frontpage/version5.0/bin
./owsadm.exe -o uninstall -p 80 -m domain.com
./owsadm.exe -o install -xu
Spamassassin Issue in PLESK 7.1.3
When you try to start via PLESK 7.1.3 the Spam Assassin service (under "Services management" of "Server") and if you get this error :
Unable to make action: Unable to manage service by spamd: Can't execute spammng --start System error 2: No such file or directory
---------------------
0: /usr/local/psa/admin/htdocs/server/restart_services.php:1 psaerror(string "Unable to make action: Unable to manage service by spamd: Can't execute spammng --start System error 2: No such file or directory")
Login to the server and go to --> cd /usr/local/psa/admin/bin/
and then --> ln -s /usr/local/psa/admin/sbin/wrapper spammng
now you can restart spamassassin service again
Unable to make action: Unable to manage service by spamd: Can't execute spammng --start System error 2: No such file or directory
---------------------
0: /usr/local/psa/admin/htdocs/server/restart_services.php:1 psaerror(string "Unable to make action: Unable to manage service by spamd: Can't execute spammng --start System error 2: No such file or directory")
Login to the server and go to --> cd /usr/local/psa/admin/bin/
and then --> ln -s /usr/local/psa/admin/sbin/wrapper spammng
now you can restart spamassassin service again
Enabling Spam Assassin in Plesk
Enabling spam assassin in plesk 6 is quite simple. In the latest plesk 7 it is inbuilt in control panel but in Plesk 6 it is to be ebabled from shell.
This can be done by modifying the /etc/mail/spamassassin/local.cf file by adding the line :
blacklist_to anything@__mydomain__.com
Here the mailboxes which get spam mails are to be provided and not the mail addresses from which the mails are comming. Then just restart the spamd service by : service spamd restart
But I was not able to find the exact method how this works(but it definitely works) i.e. does it block the mails if they come more than say 10 mails per hour ?
=====================================================================================
Another way to stop spam mails is by using IPTABLES rules. Please follow the steps : look at one of the emails...
in the headers, it will show stuff kind like this.
--------------------------------------------------------------------------------
Received: (qmail 5419 invoked by uid 2520); 23 May 2004 23:55:57 -0000
Received: from jerry@the-escape.org by air291.startdedicated.com by uid 2020 with qmail-scanner-1.20st
(clamuko: 0.71. spamassassin: 2.63. Clear:RC:1(68.162.126.87):.
Processed in 0.050185 secs); 23 May 2004 23:55:57 -0000
Received: from pool-68-162----.phil.east.verizon.net (HELO laptop) (68.162.255.255)
by www.the-escape.org with SMTP; 23 May 2004 23:55:56 -0000
--------------------------------------------------------------------------------
in this case, the email server has the hostname of www.the-escape.org. look for where your server receives the email. there will probably be a few more "Received:" lines lower in the email.
use the IP address in the ( ) as the address to block. so, if you wanted to block this IP address, you would log into your server via ssh and perform this command.
code:
--------------------------------------------------------------------------------
iptables -A INPUT -s 68.162.255.255 --dport 25 -j REJECT
--------------------------------------------------------------------------------
iptables is a program that allows you to manage the server firewall.
You can also use netmasks like this:
iptables -A INPUT -s 222.64.0.0/16 --dport 25 -j REJECT
the above would block a big part of CHINA.
This can be done by modifying the /etc/mail/spamassassin/local.cf file by adding the line :
blacklist_to anything@__mydomain__.com
Here the mailboxes which get spam mails are to be provided and not the mail addresses from which the mails are comming. Then just restart the spamd service by : service spamd restart
But I was not able to find the exact method how this works(but it definitely works) i.e. does it block the mails if they come more than say 10 mails per hour ?
=====================================================================================
Another way to stop spam mails is by using IPTABLES rules. Please follow the steps : look at one of the emails...
in the headers, it will show stuff kind like this.
--------------------------------------------------------------------------------
Received: (qmail 5419 invoked by uid 2520); 23 May 2004 23:55:57 -0000
Received: from jerry@the-escape.org by air291.startdedicated.com by uid 2020 with qmail-scanner-1.20st
(clamuko: 0.71. spamassassin: 2.63. Clear:RC:1(68.162.126.87):.
Processed in 0.050185 secs); 23 May 2004 23:55:57 -0000
Received: from pool-68-162----.phil.east.verizon.net (HELO laptop) (68.162.255.255)
by www.the-escape.org with SMTP; 23 May 2004 23:55:56 -0000
--------------------------------------------------------------------------------
in this case, the email server has the hostname of www.the-escape.org. look for where your server receives the email. there will probably be a few more "Received:" lines lower in the email.
use the IP address in the ( ) as the address to block. so, if you wanted to block this IP address, you would log into your server via ssh and perform this command.
code:
--------------------------------------------------------------------------------
iptables -A INPUT -s 68.162.255.255 --dport 25 -j REJECT
--------------------------------------------------------------------------------
iptables is a program that allows you to manage the server firewall.
You can also use netmasks like this:
iptables -A INPUT -s 222.64.0.0/16 --dport 25 -j REJECT
the above would block a big part of CHINA.
Apache Error: (28) No space left on device
Symptom: When dealing with mem-leaks in my mod_perl-apps I ran into a serious apache-problem. After a while apache could not be started but failed with strange errors like:
[emerg] (28)No space left on device: Couldn't create accept lock
or
[crit] (28)No space left on device: mod_rewrite: could not create
rewrite_log_lock Configuration Failed
Problem: There was definitely enough space on the device where the locks are stored, as df said. I tried to explicetely different Lockfiles using the LockFile- directive but this did not help. I also tried a non-default AcceptMutex (flock) which then solved the acceptlock-issue and ended in the rewrite_log_lock-issue.Only reboot of the system seemed to help out of the crisis, but this is undesirable and to be avoided at most costs, as it does not solve but shift the problem. Additionally, a lot of other services would have been affected by the downtime, too, so this was not a way to go.
Solution: There were myriads of semaphore-arrays left, owned by the apache user.
# ipcs -s | grep apache
Removing this semaphores immediately solved the problem.
# ipcs -s | grep apache | perl -e 'while () {
@a=split(/\s+/); print `ipcrm sem $a[1]`}'
tested with: apache 2.0.43, 2.0.45, 2.0.47
--
Source: http://www2.goldfisch.at/knowledge/224
[emerg] (28)No space left on device: Couldn't create accept lock
or
[crit] (28)No space left on device: mod_rewrite: could not create
rewrite_log_lock Configuration Failed
Problem: There was definitely enough space on the device where the locks are stored, as df said. I tried to explicetely different Lockfiles using the LockFile- directive but this did not help. I also tried a non-default AcceptMutex (flock) which then solved the acceptlock-issue and ended in the rewrite_log_lock-issue.Only reboot of the system seemed to help out of the crisis, but this is undesirable and to be avoided at most costs, as it does not solve but shift the problem. Additionally, a lot of other services would have been affected by the downtime, too, so this was not a way to go.
Solution: There were myriads of semaphore-arrays left, owned by the apache user.
# ipcs -s | grep apache
Removing this semaphores immediately solved the problem.
# ipcs -s | grep apache | perl -e 'while () {
@a=split(/\s+/); print `ipcrm sem $a[1]`}'
tested with: apache 2.0.43, 2.0.45, 2.0.47
--
Source: http://www2.goldfisch.at/knowledge/224
Tune apache with php & mysql
Use following links to refer to HOW TO TUNE APACHE for plesk server.
http://forums.ev1servers.net/showthread.php?s=897e8dd8f1b35f0a5c2bd704ac7b0053&threadid=38027
http://forums.ev1servers.net/showthread.php?s=897e8dd8f1b35f0a5c2bd704ac7b0053&threadid=9895
http://forums.ev1servers.net/showthread.php?s=897e8dd8f1b35f0a5c2bd704ac7b0053&threadid=38027
http://forums.ev1servers.net/showthread.php?s=897e8dd8f1b35f0a5c2bd704ac7b0053&threadid=9895
Open_basedir restriction
If you are getting the following type error
Code:
open_basedir restriction in effect. File is in wrong directory in /home/httpd/vhosts/domain.com/httpdocs/groupoffice/classes/sysinfo.class.inc on line 34
create a "vhost.conf" file in that domain's conf directory
In the conf file, add the following:
Code:
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/yourwebsite.com/httpdocs/:/"
Rebuid Apache using
Code:
/usr/local/psa/admin/sbin/my_apci_rst -v -a
For more information please refer to
http://forums.ev1servers.net/showthread.php?s=cf104255ef51c34f438b486c3c886de3&threadid=36637
Code:
open_basedir restriction in effect. File is in wrong directory in /home/httpd/vhosts/domain.com/httpdocs/groupoffice/classes/sysinfo.class.inc on line 34
create a "vhost.conf" file in that domain's conf directory
In the conf file, add the following:
Code:
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/yourwebsite.com/httpdocs/:/"
Rebuid Apache using
Code:
/usr/local/psa/admin/sbin/my_apci_rst -v -a
For more information please refer to
http://forums.ev1servers.net/showthread.php?s=cf104255ef51c34f438b486c3c886de3&threadid=36637
Cannot lstat `.': Permission denied in file manager
After the upgrade to PSA 6.0.2 customers have complained that they cannot delete files through the filemanager anymore:
Unable to remove file /httpdocs/test.htm: rm: cannot lstat `.': Permission denied
I've just confirmed this bug.
-------------------------------------------------
----------
chmod dir "/usr/local/psa/admin/htdocs/filemanager" to 755
This should be done by installation, but is not.
Unable to remove file /httpdocs/test.htm: rm: cannot lstat `.': Permission denied
I've just confirmed this bug.
-------------------------------------------------
----------
chmod dir "/usr/local/psa/admin/htdocs/filemanager" to 755
This should be done by installation, but is not.
Settings shared Ip for client
You will need to perform the following steps after you add the client via the PSA6 CP.
1) Click the "Client name" in question.
2) Click "Preferences".
3) Click "IP Pool".
4) Click "Add".
5) Highlight the main ip of the server (shared).
6) Click "Update".
1) Click the "Client name" in question.
2) Click "Preferences".
3) Click "IP Pool".
4) Click "Add".
5) Highlight the main ip of the server (shared).
6) Click "Update".
Cannot login to Horde
canot login to webmail
Changing servers.php (in /home/httpd/vhosts/webmail/horde/imp/config)
code:--------------------------------------------------------------------------------
$ServerName = preg_replace('/^webmail\./', '', preg_replace('/^www\./', '', $headers['Host']));
$DomainName = ($ServerName != '') ? $ServerName : 'mainserverdomain.com';
// changed the mainserverdomain.com to 127.0.0.1
-------------------------------------------
$servers['imap'] = array(
'name' => 'IMAP Server',
'server' => 'localhost',
'protocol' => 'imap',
'port' => 143,
'folders' => '',
'namespace' => 'INBOX.',
'maildomain' => $DomainName,
'smtphost' => 'localhost',
'realm' => $DomainName,
'preferred' => ''
=====================================================================================
Please note the following:
1) check the mailbox settings for the users mail accounts and make sure they are not set to zero ('0') and instead have a limited or are set at 'unlimited'.
2) Check that your php file contains the following:
engine = On
short_open_tag = On
asp_tags = Off
precision = 14
y2k_compliance = Off
output_buffering = Off
safe_mode = On
safe_mode_gid = Off
register_globals = On
magic_quotes_gpc = On
magic_quotes_runtime = Off
upload_max_filesize = 2M (alter this if you want larger attachments)
[mail function]
Please note the following line was COMMENTED OUT of the php.ini file intentionally
;sendmail_path = /usr/sbin/sendmail -t -i
[MySQL]
mysql.allow_persistent = Off
[Sessions]
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = " a=href,area=href,frame=src,input=src,form=fakeentr
y"
N.B. most of the above should be default settings when you install/upgrade to Plesk 7.0.2
3) Check that http://webmail.yourdomain.com/horde/test.php is giving a page and attempt to run the 'IMP tests'. The page should look something like http://webmail.unix66.com/horde/test.php
Please note this is for Redhat 9.0 systems running php 4.2.2 (default with the OS)
For more information refer to
http://forum.plesk.com/showthread.php?s=db97b9800f46ebcbfd87be4e28daa5c6&threadid=14955
Changing servers.php (in /home/httpd/vhosts/webmail/horde/imp/config)
code:--------------------------------------------------------------------------------
$ServerName = preg_replace('/^webmail\./', '', preg_replace('/^www\./', '', $headers['Host']));
$DomainName = ($ServerName != '') ? $ServerName : 'mainserverdomain.com';
// changed the mainserverdomain.com to 127.0.0.1
-------------------------------------------
$servers['imap'] = array(
'name' => 'IMAP Server',
'server' => 'localhost',
'protocol' => 'imap',
'port' => 143,
'folders' => '',
'namespace' => 'INBOX.',
'maildomain' => $DomainName,
'smtphost' => 'localhost',
'realm' => $DomainName,
'preferred' => ''
=====================================================================================
Please note the following:
1) check the mailbox settings for the users mail accounts and make sure they are not set to zero ('0') and instead have a limited or are set at 'unlimited'.
2) Check that your php file contains the following:
engine = On
short_open_tag = On
asp_tags = Off
precision = 14
y2k_compliance = Off
output_buffering = Off
safe_mode = On
safe_mode_gid = Off
register_globals = On
magic_quotes_gpc = On
magic_quotes_runtime = Off
upload_max_filesize = 2M (alter this if you want larger attachments)
[mail function]
Please note the following line was COMMENTED OUT of the php.ini file intentionally
;sendmail_path = /usr/sbin/sendmail -t -i
[MySQL]
mysql.allow_persistent = Off
[Sessions]
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags = " a=href,area=href,frame=src,input=src,form=fakeentr
y"
N.B. most of the above should be default settings when you install/upgrade to Plesk 7.0.2
3) Check that http://webmail.yourdomain.com/horde/test.php is giving a page and attempt to run the 'IMP tests'. The page should look something like http://webmail.unix66.com/horde/test.php
Please note this is for Redhat 9.0 systems running php 4.2.2 (default with the OS)
For more information refer to
http://forum.plesk.com/showthread.php?s=db97b9800f46ebcbfd87be4e28daa5c6&threadid=14955
Path to maildir
/usr/local/plesk/qmail/mailnames/lucysartandframe.com/lucy/Maildir
We again also go the the other alternative path :
/var/qmail/mailnames/domainname/username/Maildir/
We again also go the the other alternative path :
/var/qmail/mailnames/domainname/username/Maildir/
Delay in Mail sent and FTP
To avoid delay in mail send and FTP
SWSoft has provided following info...
Not the extra parameter added "-Rt0" in below file.
Dedicated server could not run with reverse lookup switched
on because it results in extrme delays in sending mail and FTP
Code:
[root@localhost root]# cat /etc/xinetd.d/smtp_psa
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
SWSoft has provided following info...
Not the extra parameter added "-Rt0" in below file.
Dedicated server could not run with reverse lookup switched
on because it results in extrme delays in sending mail and FTP
Code:
[root@localhost root]# cat /etc/xinetd.d/smtp_psa
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
Installation of Ruby On RAIL
First install Ruby:
wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6.tar.gz
tar -xvzf ruby-1.8.6.tar.gz
cd ruby-1.8.6
./configure
make
make install
Now, install the Gems and Rails:
wget http://rubyforge.org/frs/download.php/11289/rubygems-0.9.0.tgz
tar -xvzf rubygems-0.9.0.tgz
cd rubygems-0.9.0
ruby setup.rb
gem install rails
Install Fast CGI
wget fastcgi.com/dist/fcgi-2.4.0.tar.gz
tar -xvzf fcgi-2.4.0.tar.gz
cd fcgi-2.4.0
./configure
make
make install
wget fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz
tar -xvzf mod_fastcgi-2.4.2.tar.gz
cd mod_fastcgi-2.4.2
/usr/local/apache/bin/apxs -o mod_fastcgi.so -c *.c
/usr/local/apache/bin/apxs -i -a -n fastcgi mod_fastcgi.so
gem install fcgi
Edit the Apache config file and add the fcgi module:
pico /usr/local/apache/conf/httpd.conf
LoadModule fastcgi_module libexec/mod_fastcgi.so
FastCgiIpcDir /tmp/fcgi_ipc/
AddHandler fastcgi-script .fcgi
< /IfModule>
Then restart Apache
Install RMagick and GetText:
wget http://umn.dl.sourceforge.net/sourceforge/graphicsmagick/GraphicsMagick-1.1.7.tar.gz
tar -xvzf GraphicsMagick-1.1.7.tar.gz
cd GraphicsMagick-1.1.7
./configure
make
make install
Install MySQL for Ruby:
gem install mysql
Now make the test Installation. To do this, log in as your user (not root)
su user
cd ~
rails test
cd public_html
ln -s ../test/public/ rails
cd ../test/
chmod -Rf 777 tmp/
cd public
chmod 755 dispatch.fcgi
pico .htaccess
Now, find the line in the .htaccess that looks something like this:
RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
And change “dispatch.cgi” to “dispatch.fcgi”
To see if you’ve installed everything properly, just browse to the Rails folder:
http://yourdomain.com/rails/
wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6.tar.gz
tar -xvzf ruby-1.8.6.tar.gz
cd ruby-1.8.6
./configure
make
make install
Now, install the Gems and Rails:
wget http://rubyforge.org/frs/download.php/11289/rubygems-0.9.0.tgz
tar -xvzf rubygems-0.9.0.tgz
cd rubygems-0.9.0
ruby setup.rb
gem install rails
Install Fast CGI
wget fastcgi.com/dist/fcgi-2.4.0.tar.gz
tar -xvzf fcgi-2.4.0.tar.gz
cd fcgi-2.4.0
./configure
make
make install
wget fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz
tar -xvzf mod_fastcgi-2.4.2.tar.gz
cd mod_fastcgi-2.4.2
/usr/local/apache/bin/apxs -o mod_fastcgi.so -c *.c
/usr/local/apache/bin/apxs -i -a -n fastcgi mod_fastcgi.so
gem install fcgi
Edit the Apache config file and add the fcgi module:
pico /usr/local/apache/conf/httpd.conf
LoadModule fastcgi_module libexec/mod_fastcgi.so
FastCgiIpcDir /tmp/fcgi_ipc/
AddHandler fastcgi-script .fcgi
< /IfModule>
Then restart Apache
Install RMagick and GetText:
wget http://umn.dl.sourceforge.net/sourceforge/graphicsmagick/GraphicsMagick-1.1.7.tar.gz
tar -xvzf GraphicsMagick-1.1.7.tar.gz
cd GraphicsMagick-1.1.7
./configure
make
make install
Install MySQL for Ruby:
gem install mysql
Now make the test Installation. To do this, log in as your user (not root)
su user
cd ~
rails test
cd public_html
ln -s ../test/public/ rails
cd ../test/
chmod -Rf 777 tmp/
cd public
chmod 755 dispatch.fcgi
pico .htaccess
Now, find the line in the .htaccess that looks something like this:
RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
And change “dispatch.cgi” to “dispatch.fcgi”
To see if you’ve installed everything properly, just browse to the Rails folder:
http://yourdomain.com/rails/
Installation of Joomla
Go to SSH
login to ssh ( refer to specs )
cd /home/username public_html/DAN/joomla ( path is DAN/joomla ) if the path is not created then create it. to create path in public_html mkdir DAN , cd DAN, mkdir joomla , cd joomla
wgate link from where you can get joomla installation file.
or
you can also use saved .tar joomla installation file. for these you
go to SSh secure file transfer copy the path of the folder where you want to install joomla.
drag and drop the joomla installation file.
tar -xzvf < file name > ( this command is used to untar the .tar file )
now we have to create database for joomla in cpanel.
Go to cpanel DAN
click on mysql database
search for create database and create new database then click on go back
now we have to create user for database
search for create user and create new user then click on go back
now we have to create connection string
search for Add Users To Your Databases: select allabout_DAN(user name of the database)
select allabout_DAN(database name )
click on add user to database
now go to site where you have installed joomla and check permissions. it should be unwritable but we have to set it writable. that means 777 permission. for that we have to go to SSH.
command is chmod 777 < file name or folder name >
chmod 777 administrator/backups/
chmod 777 administrator/components/
chmod 777 administrator/modules/
chmod 777 administrator/templates/
chmod 777 cache/
chmod 777 components/
chmod 777 images/
chmod 777 images/banners/
chmod 777 images/stories/
chmod 777 language/
chmod 777 mambots/
chmod 777 mambots/content/
chmod 777 mambots/editors/
chmod 777 mambots/editors-xtd/
chmod 777 mambots/search/
chmod 777 mambots/system/
chmod 777 media/
chmod 777 modules/
chmod 777 templates/
Once installation is done, delete INSTALL.php file and installation/ directory
now we have to delete installation files.
command is rm -rf INSTALL.php
Now we have to change the ownership for joomla folder. it will show ownership as 1000. it should be username.username( user user )
go to [/home/username/public_html/DAN]#chown username.username joomla/ -R
to change the permission for file. -R is not necessary.
for directory it should be/ -R ( -R is to change permission for the files and folder under the mail folder )
done
Username : admin
Password : admin
www.ABC.com/DAN/joomla/
now we have to create configuration.php file
command is touch < file name > ( configuration.php )
now we have to assign 777 permission to configuration.php
for that command is chmod 777 configuration.php
login to ssh ( refer to specs )
cd /home/username public_html/DAN/joomla ( path is DAN/joomla ) if the path is not created then create it. to create path in public_html mkdir DAN , cd DAN, mkdir joomla , cd joomla
wgate link from where you can get joomla installation file.
or
you can also use saved .tar joomla installation file. for these you
go to SSh secure file transfer copy the path of the folder where you want to install joomla.
drag and drop the joomla installation file.
tar -xzvf < file name > ( this command is used to untar the .tar file )
now we have to create database for joomla in cpanel.
Go to cpanel DAN
click on mysql database
search for create database and create new database then click on go back
now we have to create user for database
search for create user and create new user then click on go back
now we have to create connection string
search for Add Users To Your Databases: select allabout_DAN(user name of the database)
select allabout_DAN(database name )
click on add user to database
now go to site where you have installed joomla and check permissions. it should be unwritable but we have to set it writable. that means 777 permission. for that we have to go to SSH.
command is chmod 777 < file name or folder name >
chmod 777 administrator/backups/
chmod 777 administrator/components/
chmod 777 administrator/modules/
chmod 777 administrator/templates/
chmod 777 cache/
chmod 777 components/
chmod 777 images/
chmod 777 images/banners/
chmod 777 images/stories/
chmod 777 language/
chmod 777 mambots/
chmod 777 mambots/content/
chmod 777 mambots/editors/
chmod 777 mambots/editors-xtd/
chmod 777 mambots/search/
chmod 777 mambots/system/
chmod 777 media/
chmod 777 modules/
chmod 777 templates/
Once installation is done, delete INSTALL.php file and installation/ directory
now we have to delete installation files.
command is rm -rf INSTALL.php
Now we have to change the ownership for joomla folder. it will show ownership as 1000. it should be username.username( user user )
go to [/home/username/public_html/DAN]#chown username.username joomla/ -R
to change the permission for file. -R is not necessary.
for directory it should be
done
Username : admin
Password : admin
www.ABC.com/DAN/joomla/
now we have to create configuration.php file
command is touch < file name > ( configuration.php )
now we have to assign 777 permission to configuration.php
for that command is chmod 777 configuration.php
Installation Of Mod Security
wget http://www.modsecurity.org/download/modsecurity-apache_2.1.3.tar.gz
tar zxvf modsecurity-apache_2.1.3.tar.gz
cd modsecurity-apache_2.1.3
Lets Compile the module now:
/usr/local/apache/bin/apxs -cia mod_security.c
Ok, now its time to edit the httpd conf file. First we will make a backup just incase something goes wrong:
cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.backup
nano /usr/local/apache/conf/httpd.conf
Then add the following code :
================================================
# Turn the filtering engine On or Off
SecFilterEngine On
# Change Server: string
SecServerSignature "Apache"
# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off
# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. "On" will log everything,
# "DynamicOrRelevant" will log dynamic requests or violations,
# and "RelevantOnly" will only log policy violations
SecAuditEngine RelevantOnly
# The name of the audit log file
SecAuditLog logs/audit_log
# Should mod_security inspect POST payloads
SecFilterScanPOST On
# Action to take by default
SecFilterDefaultAction "deny,log,status:403"
## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ## ##
# Require HTTP_USER_AGENT and HTTP_HOST in all requests
# SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"
# Require Content-Length to be provided with
# every POST request
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
# Don't accept transfer encodings we know we don't handle
# (and you don't need it anyway)
SecFilterSelective HTTP_Transfer-Encoding "!^$"
# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "viewtopic\.php\?" chain
SecFilter "chr\(([0-9]{1,3})\)" "deny,log"
# Block various methods of downloading files to a server
SecFilterSelective THE_REQUEST "wget "
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "rcp "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
SecFilterSelective THE_REQUEST "links -dump "
SecFilterSelective THE_REQUEST "links -dump-charset "
SecFilterSelective THE_REQUEST "links -dump-width "
SecFilterSelective THE_REQUEST "links http:// "
SecFilterSelective THE_REQUEST "links ftp:// "
SecFilterSelective THE_REQUEST "links -source "
SecFilterSelective THE_REQUEST "mkdir "
SecFilterSelective THE_REQUEST "cd /tmp "
SecFilterSelective THE_REQUEST "cd /var/tmp "
SecFilterSelective THE_REQUEST "cd /etc/httpd/proxy "
SecFilterSelective THE_REQUEST "/config.php?v=1&DIR "
SecFilterSelective THE_REQUEST "&highlight=%2527%252E "
SecFilterSelective THE_REQUEST "changedir=%2Ftmp%2F.php "
SecFilterSelective THE_REQUEST "arta\.zip "
SecFilterSelective THE_REQUEST "cmd=cd\x20/var "
SecFilterSelective THE_REQUEST "HCL_path=http "
SecFilterSelective THE_REQUEST "clamav-partial "
SecFilterSelective THE_REQUEST "vi\.recover "
SecFilterSelective THE_REQUEST "netenberg "
SecFilterSelective THE_REQUEST "psybnc "
SecFilterSelective THE_REQUEST "fantastico_de_luxe "
SecFilter "bcc:"
SecFilter "bcc\x3a"
SecFilter "cc:"
SecFilter "cc\x3a"
SecFilter "bcc:|Bcc:|BCC:" chain
SecFilter "[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}\,\x20[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}"
SecFilterSelective POST_PAYLOAD "Bcc:"
SecFilterSelective POST_PAYLOAD "Bcc:\x20"
SecFilterSelective POST_PAYLOAD "cc:"
SecFilterSelective POST_PAYLOAD "cc:\x20"
SecFilterSelective POST_PAYLOAD "bcc:"
SecFilterSelective POST_PAYLOAD "bcc:\x20"
SecFilterSelective POST_PAYLOAD "bcc: "
SecFilterSelective THE_REQUEST "Bcc:"
SecFilterSelective THE_REQUEST "Bcc:\x20"
SecFilterSelective THE_REQUEST "cc:"
SecFilterSelective THE_REQUEST "cc:\x20"
SecFilterSelective THE_REQUEST "bcc:"
SecFilterSelective THE_REQUEST "bcc:\x20"
SecFilterSelective THE_REQUEST "bcc: "
# WEB-PHP phpbb quick-reply.php arbitrary command attempt
SecFilterSelective THE_REQUEST "/quick-reply\.php" chain
SecFilter "phpbb_root_path="
================================================
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
tar zxvf modsecurity-apache_2.1.3.tar.gz
cd modsecurity-apache_2.1.3
Lets Compile the module now:
/usr/local/apache/bin/apxs -cia mod_security.c
Ok, now its time to edit the httpd conf file. First we will make a backup just incase something goes wrong:
cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.backup
nano /usr/local/apache/conf/httpd.conf
Then add the following code :
================================================
# Turn the filtering engine On or Off
SecFilterEngine On
# Change Server: string
SecServerSignature "Apache"
# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off
# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. "On" will log everything,
# "DynamicOrRelevant" will log dynamic requests or violations,
# and "RelevantOnly" will only log policy violations
SecAuditEngine RelevantOnly
# The name of the audit log file
SecAuditLog logs/audit_log
# Should mod_security inspect POST payloads
SecFilterScanPOST On
# Action to take by default
SecFilterDefaultAction "deny,log,status:403"
## ## ## ## ## ## ## ## ## ##
## ## ## ## ## ## ## ## ## ##
# Require HTTP_USER_AGENT and HTTP_HOST in all requests
# SecFilterSelective "HTTP_USER_AGENT|HTTP_HOST" "^$"
# Require Content-Length to be provided with
# every POST request
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
# Don't accept transfer encodings we know we don't handle
# (and you don't need it anyway)
SecFilterSelective HTTP_Transfer-Encoding "!^$"
# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID "!^[0-9a-z]*$"
SecFilterSelective COOKIE_PHPSESSID "!^[0-9a-z]*$"
SecFilter "viewtopic\.php\?" chain
SecFilter "chr\(([0-9]{1,3})\)" "deny,log"
# Block various methods of downloading files to a server
SecFilterSelective THE_REQUEST "wget "
SecFilterSelective THE_REQUEST "lynx "
SecFilterSelective THE_REQUEST "scp "
SecFilterSelective THE_REQUEST "ftp "
SecFilterSelective THE_REQUEST "cvs "
SecFilterSelective THE_REQUEST "rcp "
SecFilterSelective THE_REQUEST "curl "
SecFilterSelective THE_REQUEST "telnet "
SecFilterSelective THE_REQUEST "ssh "
SecFilterSelective THE_REQUEST "echo "
SecFilterSelective THE_REQUEST "links -dump "
SecFilterSelective THE_REQUEST "links -dump-charset "
SecFilterSelective THE_REQUEST "links -dump-width "
SecFilterSelective THE_REQUEST "links http:// "
SecFilterSelective THE_REQUEST "links ftp:// "
SecFilterSelective THE_REQUEST "links -source "
SecFilterSelective THE_REQUEST "mkdir "
SecFilterSelective THE_REQUEST "cd /tmp "
SecFilterSelective THE_REQUEST "cd /var/tmp "
SecFilterSelective THE_REQUEST "cd /etc/httpd/proxy "
SecFilterSelective THE_REQUEST "/config.php?v=1&DIR "
SecFilterSelective THE_REQUEST "&highlight=%2527%252E "
SecFilterSelective THE_REQUEST "changedir=%2Ftmp%2F.php "
SecFilterSelective THE_REQUEST "arta\.zip "
SecFilterSelective THE_REQUEST "cmd=cd\x20/var "
SecFilterSelective THE_REQUEST "HCL_path=http "
SecFilterSelective THE_REQUEST "clamav-partial "
SecFilterSelective THE_REQUEST "vi\.recover "
SecFilterSelective THE_REQUEST "netenberg "
SecFilterSelective THE_REQUEST "psybnc "
SecFilterSelective THE_REQUEST "fantastico_de_luxe "
SecFilter "bcc:"
SecFilter "bcc\x3a"
SecFilter "cc:"
SecFilter "cc\x3a"
SecFilter "bcc:|Bcc:|BCC:" chain
SecFilter "[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}\,\x20[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}"
SecFilterSelective POST_PAYLOAD "Bcc:"
SecFilterSelective POST_PAYLOAD "Bcc:\x20"
SecFilterSelective POST_PAYLOAD "cc:"
SecFilterSelective POST_PAYLOAD "cc:\x20"
SecFilterSelective POST_PAYLOAD "bcc:"
SecFilterSelective POST_PAYLOAD "bcc:\x20"
SecFilterSelective POST_PAYLOAD "bcc: "
SecFilterSelective THE_REQUEST "Bcc:"
SecFilterSelective THE_REQUEST "Bcc:\x20"
SecFilterSelective THE_REQUEST "cc:"
SecFilterSelective THE_REQUEST "cc:\x20"
SecFilterSelective THE_REQUEST "bcc:"
SecFilterSelective THE_REQUEST "bcc:\x20"
SecFilterSelective THE_REQUEST "bcc: "
# WEB-PHP phpbb quick-reply.php arbitrary command attempt
SecFilterSelective THE_REQUEST "/quick-reply\.php" chain
SecFilter "phpbb_root_path="
================================================
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
Installation Of SubVersion on Linux
mkdir /usr/local/src/subversion
cd /usr/local/src/subversion
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-devel-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-debuginfo-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/neon-0.24.7-1.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/mod_dav_svn-1.2.3-1.rhel3.i386.rpm
rpm -Uvh *rpm
cd /usr/local/src/subversion
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-devel-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/subversion-debuginfo-1.2.3-1.rhel3.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/neon-0.24.7-1.i386.rpm
wget http://summersoft.fay.ar.us/pub/subversion/latest/rhel-3/bin/mod_dav_svn-1.2.3-1.rhel3.i386.rpm
rpm -Uvh *rpm
Installation Of SugarCRM
Some information on sugarcrm software
http://www.sugarcrm.com/crm/download/sugar-suite.html
How to install the sugarcrm
http://www.sugarcrm.com/docs/Installation_Guides/OpenSource_InstallGuide_4.5/Sugar_Install_Upgrade_Guide_v4.5.2.2.html
Path for the install the sugarcrm
([/home/username/public_html/crm])
wget http://www.sugarforge.org/frs/download.php/3103/SugarOS-4.5.1e.zip
http://www.sugarcrm.com/crm/download/sugar-suite.html
How to install the sugarcrm
http://www.sugarcrm.com/docs/Installation_Guides/OpenSource_InstallGuide_4.5/Sugar_Install_Upgrade_Guide_v4.5.2.2.html
Path for the install the sugarcrm
([/home/username/public_html/crm])
wget http://www.sugarforge.org/frs/download.php/3103/SugarOS-4.5.1e.zip
Installation Of Mychat
Q:How to install php Mychat manually?
Ans:PHP Mychat is the fantastic tool for chating.Steps to install it are as followos:
you can donaload this software from source: http://sourceforge.net/projects/phpmychat
Download phpMyChat-0.14.5.zip
1. wget http://www.tech-geeks.org/contrib/bbutts/phpChat/phpMyChat-0.14.5.zip
2 unzip phpMyChat-0.14.5.zip -d /home/username/public_html/
3. Setting up the database.
mysql_setpermission
Name of database :
Username :
Yes to password :yes
Enter Password :
Confirm Password :
Host :localhost
Yes to create :yes
Create Another :no
Exit :0
4 In browser, go to http://yourdomain.com/chat/setup.php3
5.select GO for auto setup.
6 - Fill the database
host=localhost, database name=yourdatabasename,
username= , password=
select GO to continue
7 - Fine Tuning Options.
Select the options you want and when finished
Click OK
8 - Go to admin Register Panel
Here you need to Enter a login and password to use for chat database admin.
9 - When prompted, copy and paste the generated text file into a
text editor.
10 - Edit the file with your database login and password.
(note the instructions to keep the at the end.)
11 - Save the file using the name config.lib.php3
12 - Move the file into the
/home/username/Public_html/chat/config/
13 - Now chatroom is ready at http://yourdomain.com/chat.
http://yourdomain.com/phpMyChat.php3
enjoy….with chat
Ans:PHP Mychat is the fantastic tool for chating.Steps to install it are as followos:
you can donaload this software from source: http://sourceforge.net/projects/phpmychat
Download phpMyChat-0.14.5.zip
1. wget http://www.tech-geeks.org/contrib/bbutts/phpChat/phpMyChat-0.14.5.zip
2 unzip phpMyChat-0.14.5.zip -d /home/username/public_html/
3. Setting up the database.
mysql_setpermission
Name of database :
Username :
Yes to password :yes
Enter Password :
Confirm Password :
Host :localhost
Yes to create :yes
Create Another :no
Exit :0
4 In browser, go to http://yourdomain.com/chat/setup.php3
5.select GO for auto setup.
6 - Fill the database
host=localhost, database name=yourdatabasename,
username= , password=
select GO to continue
7 - Fine Tuning Options.
Select the options you want and when finished
Click OK
8 - Go to admin Register Panel
Here you need to Enter a login and password to use for chat database admin.
9 - When prompted, copy and paste the generated text file into a
text editor.
10 - Edit the file with your database login and password.
(note the instructions to keep the at the end.)
11 - Save the file using the name config.lib.php3
12 - Move the file into the
/home/username/Public_html/chat/config/
13 - Now chatroom is ready at http://yourdomain.com/chat.
http://yourdomain.com/phpMyChat.php3
enjoy….with chat
Installation Of Pear
Packages are in the gzipped tar files with a description file inside, and installed on your server using the PEAR installer.
You can install any pear package as
———–
pear install pear-package-name
———–
You can check all the PEAR packages that are available with
————
pear list-all
————
You can check installed PEAR packages on your server as
————
pear list
You can install any pear package as
———–
pear install pear-package-name
———–
You can check all the PEAR packages that are available with
————
pear list-all
————
You can check installed PEAR packages on your server as
————
pear list
Installation of IonCube
For installation of ioncube for perticular account then goto
http://www.ioncube.com/loaders.php
download it one server server where it is available. you need to do the following process on the server.
1 go to user directory and wget http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
2 Extract the tar file with tar -zxvf ioncube_loaders_lin_x86.tar.gz
3. change the permission chown user:user ioncube
4. then goto ioncube directory cd /home/user/ioncube and again change the ownership of all files to user:user
5.after changing the permission copy ioncube-encoded-file.php and ioncube-loader-helper.php in public_html by
cp ioncube-encoded-file.php ../public_html/
cp ioncube-loader-helper.php ../public_html/
6.then goto public_html folder of that user and again change the ownership to user:user for ioncube
7 Now ioncube is get installed you can access that using access ioncube by http://domain.com/ioncube-loader-helper.php
http://www.ioncube.com/loaders.php
download it one server server where it is available. you need to do the following process on the server.
1 go to user directory and wget http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
2 Extract the tar file with tar -zxvf ioncube_loaders_lin_x86.tar.gz
3. change the permission chown user:user ioncube
4. then goto ioncube directory cd /home/user/ioncube and again change the ownership of all files to user:user
5.after changing the permission copy ioncube-encoded-file.php and ioncube-loader-helper.php in public_html by
cp ioncube-encoded-file.php ../public_html/
cp ioncube-loader-helper.php ../public_html/
6.then goto public_html folder of that user and again change the ownership to user:user for ioncube
7 Now ioncube is get installed you can access that using access ioncube by http://domain.com/ioncube-loader-helper.php
Installation Of FTP Services
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
How To Download And Install VSFTPD
Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, on RPMs, covers how to do this in detail. It is best to use the latest version of VSFTPD.
When searching for the file, remember that the VSFTPD RPM’s filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
How To Get VSFTPD Started(very sercure file transfer protocal)
You can start, stop, or restart VSFTPD
[root@t]# service vsftpd start
[root@]# service vsftpd stop
[root@]# service vsftpd restart
To configure VSFTPD to start at boot you can use the chkconfig command.
[root@]# chkconfig vsftpd on
Testing the Status of VSFTPD
You can check whether the VSFTPD process is running by using the netstat -a command which lists all the TCP and UDP ports on which the server is listening for trafficyour out put should be .
[root@]# netstat -a | grep ftp
tcp 0 0 *:ftp *:* LISTEN
[root@]#
If VSFTPD is not running, there would be no output at all.
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you’ll have to restart VSFTPD each time you edit the file in order for the changes to take effect.
This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that’s the same as their email address, we would suggest turning this off. The configuration file’s anonymous_enable directive can be set to no to disable this feature. You’ll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn’t allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
File should be .
# Allow anonymous FTP?
anonymous_enable=YES
…
# Uncomment this to allow local users to log in.
local_enable=YES
…
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
…
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
…
# Activate logging of uploads/downloads.
xferlog_enable=YES
…
# You may override where the log file goes if you like.
# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log
…
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
#anon_root=/data/directory
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user’s access to non-anonymous FTP, and you can change the configuration to not display the FTP server’s software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, we can restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn’t have FTP access. As FTP doesn’t encrypt passwords, thereby increasing the risk of data or passwords being compromised, these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
[root@]# mkdir /var/ftp/pub/upload
[root@]# chmod 722 /var/ftp/pub/upload
FTP Greeting Banner
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= New Banner Here
Installing Zend Optimizer
Zend optimizer is a plugin to php which allows a server to read zend encoded files as well as serve as a platform to install zend modules such as eaccelerator.
local copy of the files present on the server in the following path:
cd /usr/local/src
wget http://www.eth0.us/files/ZendOptimizer-2.5.10a-linux-glibc21-i386.tar.gz
tar -zxf ZendOptimizer-2.5.10a-linux-glibc21-i386.tar.gz
cd ZendOptimizer-2.5.10a-linux-glibc21-i386
./install
----------
Now just hit enter a few times until it is done and you are done! It is as easy as that.
---------
as well as we can use the below script
/scripts/installzendopt
--------
local copy of the files present on the server in the following path:
cd /usr/local/src
wget http://www.eth0.us/files/ZendOptimizer-2.5.10a-linux-glibc21-i386.tar.gz
tar -zxf ZendOptimizer-2.5.10a-linux-glibc21-i386.tar.gz
cd ZendOptimizer-2.5.10a-linux-glibc21-i386
./install
----------
Now just hit enter a few times until it is done and you are done! It is as easy as that.
---------
as well as we can use the below script
/scripts/installzendopt
--------
Installing MyTop like Top Commands
We are going to install 2 perl modules in addition to mytop to ensure that it will work.
Install TermReadKey:
cd /usr/local/src
wget http://search.cpan.org/CPAN/authors/id/J/JS/JSTOWE/TermReadKey-2.30.tar.gz
tar -zxf TermReadKey-2.30.tar.gz
cd TermRead*
perl Makefile.PL
make test
make
make install
cd ..
Now install DBI:
wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
tar -zxf DBI-1.48.tar.gz
cd DBI*
perl Makefile.PL
make test
make
make install
cd ..
Finally install mytop:
wget http://jeremy.zawodny.com/mysql/mytop/mytop-1.4.tar.gz
tar -zxf mytop-1.4.tar.gz
cd mytop*
perl Makefile.PL
make test
make
make install
Now simply run "mytop" and your done!
Install TermReadKey:
cd /usr/local/src
wget http://search.cpan.org/CPAN/authors/id/J/JS/JSTOWE/TermReadKey-2.30.tar.gz
tar -zxf TermReadKey-2.30.tar.gz
cd TermRead*
perl Makefile.PL
make test
make
make install
cd ..
Now install DBI:
wget http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-1.48.tar.gz
tar -zxf DBI-1.48.tar.gz
cd DBI*
perl Makefile.PL
make test
make
make install
cd ..
Finally install mytop:
wget http://jeremy.zawodny.com/mysql/mytop/mytop-1.4.tar.gz
tar -zxf mytop-1.4.tar.gz
cd mytop*
perl Makefile.PL
make test
make
make install
Now simply run "mytop" and your done!
Install the updated version of CPANEL
Updating CPAN will resolve both issues "1" and "2" for you as well as other issues. On productions systems (which almost always have a working LWP installed) this will occur automatically. To install CPAN manually, the steps are very similar to the above steps for LWP:
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.82.tar.gz
tar zxvf CPAN-1.82.tar.gz
cd CPAN-1.82
perl Makefile.PL
make
make install
If you experienced problems with any recent installations and resolved them, then it is recommended that you run the following command:
/usr/local/cpanel/bin/checkperlmodules
This command is ran automatically by our update system. Running this command on new installs will ensure a proper Perl setup, otherwise it is optional.
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.82.tar.gz
tar zxvf CPAN-1.82.tar.gz
cd CPAN-1.82
perl Makefile.PL
make
make install
If you experienced problems with any recent installations and resolved them, then it is recommended that you run the following command:
/usr/local/cpanel/bin/checkperlmodules
This command is ran automatically by our update system. Running this command on new installs will ensure a proper Perl setup, otherwise it is optional.
Install Perl
Where can I find the current release of the Perl source code?
http://www.cpan.org/src/latest.tar.gz - (UNIX-style tar.gz)
http://www.cpan.org/src/latest.zip - (PC-style ZIP, with CR LF line endings).
http://www.cpan.org/src/index.html - A more detailed list of source code offerings.
----------
fix for the perl problems which are causing a lot of trouble with just about everything, including email.
Here is the copy/paste version I created:
ls -alh /root/.gnupg
(just make sure it exists)
cd /usr/local/src/
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.805.tar.gz
tar zxvf libwww-perl-5.805.tar.gz
cd libwww-perl-5.805
perl Makefile.PL
make
make install
cd ../
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.83.tar.gz
tar zxvf CPAN-1.83.tar.gz
cd CPAN-1.83
perl Makefile.PL
make
make install
/usr/local/cpanel/bin/checkperlmodules
/scripts/updatenow
/scripts/rrdtoolinstall
Here is the cPanel email:
these are a few of the steps that you can take to ensure continued normal operation of your cPanel server.
1. Ensure that the directory /root/.gnupg exists.
The latest versions of CPAN are using Module::Signature by default. This module will check the GPG signature of modules during their installation. If your server is using Module::Signature and this directory does not exist, then the signature check will fail and the module will not be installed or updated. This will be handled automatically in all builds dated January 4th or later.
2. Ensure that the Perl's LWP is installed.
If LWP is not installed, and Net::FTP is not used (and it's often skipped), CPAN will attempt to fetch the Perl module using one of the system applications, such as wget. In this case, the module will be saved without its proper extension and the installation will exit shortly after downloading the module. You can install LWP manually using the following commands:
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.805.tar.gz
tar zxvf libwww-perl-5.805.tar.gz
cd libwww-perl-5.805
perl Makefile.PL
make
make install
When running "perl MakeFile.PL" you will be asked several questions.
It's safe to accept the default values.
3. Install the updated version of CPAN (1.82)
Updating CPAN will resolve both issues "1" and "2" for you as well as other issues. On productions systems (which almost always have a working LWP installed) this will occur automatically. To install CPAN manually, the steps are very similar to the above steps for LWP:
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.82.tar.gz
tar zxvf CPAN-1.82.tar.gz
cd CPAN-1.82
perl Makefile.PL
make
make install
If you experienced problems with any recent installations and resolved them, then it is recommended that you run the following command:
/usr/local/cpanel/bin/checkperlmodules
This command is ran automatically by our update system. Running this command on new installs will ensure a proper Perl setup, otherwise it is optional.
http://www.cpan.org/src/latest.tar.gz - (UNIX-style tar.gz)
http://www.cpan.org/src/latest.zip - (PC-style ZIP, with CR LF line endings).
http://www.cpan.org/src/index.html - A more detailed list of source code offerings.
----------
fix for the perl problems which are causing a lot of trouble with just about everything, including email.
Here is the copy/paste version I created:
ls -alh /root/.gnupg
(just make sure it exists)
cd /usr/local/src/
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.805.tar.gz
tar zxvf libwww-perl-5.805.tar.gz
cd libwww-perl-5.805
perl Makefile.PL
make
make install
cd ../
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.83.tar.gz
tar zxvf CPAN-1.83.tar.gz
cd CPAN-1.83
perl Makefile.PL
make
make install
/usr/local/cpanel/bin/checkperlmodules
/scripts/updatenow
/scripts/rrdtoolinstall
Here is the cPanel email:
these are a few of the steps that you can take to ensure continued normal operation of your cPanel server.
1. Ensure that the directory /root/.gnupg exists.
The latest versions of CPAN are using Module::Signature by default. This module will check the GPG signature of modules during their installation. If your server is using Module::Signature and this directory does not exist, then the signature check will fail and the module will not be installed or updated. This will be handled automatically in all builds dated January 4th or later.
2. Ensure that the Perl's LWP is installed.
If LWP is not installed, and Net::FTP is not used (and it's often skipped), CPAN will attempt to fetch the Perl module using one of the system applications, such as wget. In this case, the module will be saved without its proper extension and the installation will exit shortly after downloading the module. You can install LWP manually using the following commands:
wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.805.tar.gz
tar zxvf libwww-perl-5.805.tar.gz
cd libwww-perl-5.805
perl Makefile.PL
make
make install
When running "perl MakeFile.PL" you will be asked several questions.
It's safe to accept the default values.
3. Install the updated version of CPAN (1.82)
Updating CPAN will resolve both issues "1" and "2" for you as well as other issues. On productions systems (which almost always have a working LWP installed) this will occur automatically. To install CPAN manually, the steps are very similar to the above steps for LWP:
wget http://search.cpan.org/CPAN/authors/id/A/AN/ANDK/CPAN-1.82.tar.gz
tar zxvf CPAN-1.82.tar.gz
cd CPAN-1.82
perl Makefile.PL
make
make install
If you experienced problems with any recent installations and resolved them, then it is recommended that you run the following command:
/usr/local/cpanel/bin/checkperlmodules
This command is ran automatically by our update system. Running this command on new installs will ensure a proper Perl setup, otherwise it is optional.
Install Nobody Check
Nobody Check is available for download free here: nobody_check.tar.gz
Installation Script: NEW
Install Nobody Check has never been easier.
1) Login to your server as the root user through shell
2) wget http://www.webhostgear.com/projects/nobodycheck/install.sh
3) chmod +x install.sh
4) ./install.sh
Wait for the installer to finish
5) rm -f install.sh
6) Open the /usr/local/nobody_check/nc.conf and put in your email address and select your options
Demo Nobody Check now!
While we can't run an actual demo of the script we can provide you with the output it produces so you get the idea of how it works.
- Email Detection Result
- Shell Scan Result
Documentation
- readme which answers many questions
- changelog
Licensing
Nobody Check is Copyright of Wave Point Media Inc. and WebHostGear. All rights reserved. We express no warranty or liability if you use this tool. This script may not be copied, altered or redistributed unless you have explicit written permission from Wave Point Media Inc.
Also feel free to ask questions in our forums in our official Nobody Check support thread here.
Stay Updated New Releases
Join our mailing list and get details when we make product changes. We're frequently changing this script, adding new features and fixing bugs - we highly suggest joining the mailing list. We will never send you spam or sell your address.
Installation Script: NEW
Install Nobody Check has never been easier.
1) Login to your server as the root user through shell
2) wget http://www.webhostgear.com/projects/nobodycheck/install.sh
3) chmod +x install.sh
4) ./install.sh
Wait for the installer to finish
5) rm -f install.sh
6) Open the /usr/local/nobody_check/nc.conf and put in your email address and select your options
Demo Nobody Check now!
While we can't run an actual demo of the script we can provide you with the output it produces so you get the idea of how it works.
- Email Detection Result
- Shell Scan Result
Documentation
- readme which answers many questions
- changelog
Licensing
Nobody Check is Copyright of Wave Point Media Inc. and WebHostGear. All rights reserved. We express no warranty or liability if you use this tool. This script may not be copied, altered or redistributed unless you have explicit written permission from Wave Point Media Inc.
Also feel free to ask questions in our forums in our official Nobody Check support thread here.
Stay Updated New Releases
Join our mailing list and get details when we make product changes. We're frequently changing this script, adding new features and fixing bugs - we highly suggest joining the mailing list. We will never send you spam or sell your address.
PhpMyAdmin Installation Step by Step
This is a step-by-step tutorial for installation of phpMyAdmin on your shared/reseller/dedicated hosting space using FTP access or shell access.
1.ftp::Download the latest version from http://www.phpmyadmin.net/home_page/downloads.php.
The latest version is at the top. You can download the .zip file.
Shell::wget
http://mesh.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.9.0-rc1.tar.gz
2. ftp ::Extract the contents of the .zip file using a program like winrar.
shell:: tar -zxvf phpMyAdmin-2.9.0-rc1.tar.gz
3. [Optional] You may want to delete unneeded language files. This saves time while uploading. Go into ‘lang’ folder and delete all files except a) all the .sh files and b) the three .php files having names starting w/ ‘english’.
4. In this tutorial scope, we are going to have phpMyAdmin access and control all the tables in a single database that you are going to create.
a. Create a DB using cPanel
b. Create MySQL username and a password for this user
c. Assign all privileges to this user to access the DB
5. Edit the config.inc.php file.
a. Usually it is ‘localhost’.
$cfg[’Servers’][$i][’host’] = ‘localhost’; // MySQL hostname or IP address
b. Enter MySQL user you created in step 4 b.
$cfg[’Servers’][$i][’controluser’] = ‘MySQL_user’; // MySQL control user
settings
c. Enter MySQL user’s password that you created in step 4 b.
$cfg[’Servers’][$i][’controlpass’] = ‘MySQL_pass’; // access to the
“mysql/user”
d. Save the file and close it.
6. ftp::Log into your web space using a FTP client and create a directory, say phpmyadmin under public_html. Upload all the content into the directory created.
Shell:: For the convient move the phpMyAdmin fodler to phpmyadmin using following command under your public_html folder
mv phpMyAdmin-2.9.0-rc1 phpmyadmin
7. Installation is complete. Simply point your browser to the directory where you installed phpMyAdmin and you should be able to start using it.
8. Important: Password protect the directory where you installed phpMyAdmin or else anyone will be able to access it! You can do that using the admin panel that your host provides.
1.ftp::Download the latest version from http://www.phpmyadmin.net/home_page/downloads.php.
The latest version is at the top. You can download the .zip file.
Shell::wget
http://mesh.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.9.0-rc1.tar.gz
2. ftp ::Extract the contents of the .zip file using a program like winrar.
shell:: tar -zxvf phpMyAdmin-2.9.0-rc1.tar.gz
3. [Optional] You may want to delete unneeded language files. This saves time while uploading. Go into ‘lang’ folder and delete all files except a) all the .sh files and b) the three .php files having names starting w/ ‘english’.
4. In this tutorial scope, we are going to have phpMyAdmin access and control all the tables in a single database that you are going to create.
a. Create a DB using cPanel
b. Create MySQL username and a password for this user
c. Assign all privileges to this user to access the DB
5. Edit the config.inc.php file.
a. Usually it is ‘localhost’.
$cfg[’Servers’][$i][’host’] = ‘localhost’; // MySQL hostname or IP address
b. Enter MySQL user you created in step 4 b.
$cfg[’Servers’][$i][’controluser’] = ‘MySQL_user’; // MySQL control user
settings
c. Enter MySQL user’s password that you created in step 4 b.
$cfg[’Servers’][$i][’controlpass’] = ‘MySQL_pass’; // access to the
“mysql/user”
d. Save the file and close it.
6. ftp::Log into your web space using a FTP client and create a directory, say phpmyadmin under public_html. Upload all the content into the directory created.
Shell:: For the convient move the phpMyAdmin fodler to phpmyadmin using following command under your public_html folder
mv phpMyAdmin-2.9.0-rc1 phpmyadmin
7. Installation is complete. Simply point your browser to the directory where you installed phpMyAdmin and you should be able to start using it.
8. Important: Password protect the directory where you installed phpMyAdmin or else anyone will be able to access it! You can do that using the admin panel that your host provides.
Installing PHP 5.0
This is not a set up you might use for a sharing hosting scenario, this is just for our solo server where Apache runs under a ‘www’ user, and we dont don’t have SSH. For a more secure set up you’d probably want to use suphp / SuExec etc.
we assuming you’ve already got PHP4 happily running as an Apache module. These instructions only cover installing FastCGI, PHP5 & configuration.
Code:
cd /usr/src/
wget fastcgi.com/dist/fcgi-2.4.0.tar.gz
wget fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz
tar xzf fcgi-2.4.0.tar.gz
tar xzf mod_fastcgi-2.4.2.tar.gz
cd fcgi-2.4.0
./configure
&& make
&& make install
cd ../
cd mod_fastcgi-2.4.2
$
apxs -o mod_fastcgi.so -c *.c
$
apxs -i -a -n fastcgi mod_fastcgi.so
cp Makefile.AP2 Makefile
make
&& make install
If you were successful you’ll see ‘mod_fastcgi.so’ in your Apache modules dir. In our case:
Code:
ls -l /usr/local/apache2/modules/ -rw-r–r– 1 root root 8440 Feb 28 2005 httpd.exp -rwxr-xr-x 1 root root 345172 Apr 29 16:54 mod_fastcgi.so -rwxr-xr-x 1 root root 140451 Feb 6 2005 mod_rewrite.so
Check that this line exists in your httpd.conf (typically it should be found near the top with other LoadModule statements):
Code:
LoadModule fastcgi_module modules/mod_fastcgi.so
Now we need to configure FastCGI.
Code:
mkdir -p /tmp/fcgi_ipc/dynamic chmod -R 777 /tmp/fcgi_ipc/
Next edit your httpd.conf and add the following.
This line is optional but if you choose not to include it, apache will check the document root of the current site - this gives you per site configuration of Fast CGI; for me it was overkill and I only needed one file to define these settings so I aliased it and put the config file in apache’s cgi-bin dir.
Code:
ScriptAlias /php5.fcgi “/usr/local/apache2/cgi-bin/php5.fcgi”
# FastCGI directives AddHandler fastcgi-script .fcgi FastCgiIpcDir /tmp/fcgi_ipc/ FastCgiConfig -autoUpdate -singleThreshold 100 -killInterval 300 -idle-timeout 240 -pass-header HTTP_AUTHORIZATION
Add these lines below your PHP4 ‘AddType’ directives to bind the .php5 file extension to your FastCGI config script ‘php5.fcgi’:
Code:
AddHandler application/x-httpd-php5 .php5 Action application/x-httpd-php5 /php5.fcgi
Next create your ‘php5.fcgi’ and add the following:
Code:
#!/bin/sh PHP_FCGI_CHILDREN=2 export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_MAX_REQUESTS exec /usr/local/php5/bin/php
Make sure ‘php5.fcgi’ has the correct permissions & user/group so Apache can access it. Apache runs under ‘www’ on our box, please specify the appropriate user & group.
Code:
chown www:www php5.fcgi chmod 755 php5.fcgi
Now it’s time to install PHP5. It’s probably worth matching your PHP4 configure line which can be found on the phpinfo() page. To find out the available configure options type ‘./configure –help’. Whats important are the configure switches we have shown and that you specify a prefix path to install PHP5.
Code:
cd /usr/src wget uk.php.net/get/php-5.1.2.tar.bz2/from/this/mirror tar xjf php-5.1.2.tar.bz2 cd php-5.1.2 ./configure –with-config-file-path=/usr/local/php5/php.ini –prefix=/usr/local/php5 –enable-fastcgi –enable-discard-path –enable-force-cgi-redirect …your switches… make && make install cp php.ini-dist /usr/local/php5/php.ini
You can check the installation was successful:
Code:
/usr/local/php5/bin/php -v
the code should be
Code:
Now restart apache. Then create a phpinfo() page with the extension .php5 (eg. phpinfo.php5 - don’t forget to remove this once you’ve confirmed PHP5 is running successfully!)
If this hasn’t worked check the modules Apache has loaded, specifically mod_action.
Code:
/usr/local/apache2/bin/apachectl -l
Hopefully you’ve now got PHP5 running along side PHP4!
we assuming you’ve already got PHP4 happily running as an Apache module. These instructions only cover installing FastCGI, PHP5 & configuration.
Code:
cd /usr/src/
wget fastcgi.com/dist/fcgi-2.4.0.tar.gz
wget fastcgi.com/dist/mod_fastcgi-2.4.2.tar.gz
tar xzf fcgi-2.4.0.tar.gz
tar xzf mod_fastcgi-2.4.2.tar.gz
cd fcgi-2.4.0
./configure
&& make
&& make install
cd ../
cd mod_fastcgi-2.4.2
apxs -o mod_fastcgi.so -c *.c
apxs -i -a -n fastcgi mod_fastcgi.so
cp Makefile.AP2 Makefile
make
&& make install
If you were successful you’ll see ‘mod_fastcgi.so’ in your Apache modules dir. In our case:
Code:
ls -l /usr/local/apache2/modules/ -rw-r–r– 1 root root 8440 Feb 28 2005 httpd.exp -rwxr-xr-x 1 root root 345172 Apr 29 16:54 mod_fastcgi.so -rwxr-xr-x 1 root root 140451 Feb 6 2005 mod_rewrite.so
Check that this line exists in your httpd.conf (typically it should be found near the top with other LoadModule statements):
Code:
LoadModule fastcgi_module modules/mod_fastcgi.so
Now we need to configure FastCGI.
Code:
mkdir -p /tmp/fcgi_ipc/dynamic chmod -R 777 /tmp/fcgi_ipc/
Next edit your httpd.conf and add the following.
This line is optional but if you choose not to include it, apache will check the document root of the current site - this gives you per site configuration of Fast CGI; for me it was overkill and I only needed one file to define these settings so I aliased it and put the config file in apache’s cgi-bin dir.
Code:
ScriptAlias /php5.fcgi “/usr/local/apache2/cgi-bin/php5.fcgi”
# FastCGI directives
Add these lines below your PHP4 ‘AddType’ directives to bind the .php5 file extension to your FastCGI config script ‘php5.fcgi’:
Code:
AddHandler application/x-httpd-php5 .php5 Action application/x-httpd-php5 /php5.fcgi
Next create your ‘php5.fcgi’ and add the following:
Code:
#!/bin/sh PHP_FCGI_CHILDREN=2 export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_MAX_REQUESTS exec /usr/local/php5/bin/php
Make sure ‘php5.fcgi’ has the correct permissions & user/group so Apache can access it. Apache runs under ‘www’ on our box, please specify the appropriate user & group.
Code:
chown www:www php5.fcgi chmod 755 php5.fcgi
Now it’s time to install PHP5. It’s probably worth matching your PHP4 configure line which can be found on the phpinfo() page. To find out the available configure options type ‘./configure –help’. Whats important are the configure switches we have shown and that you specify a prefix path to install PHP5.
Code:
cd /usr/src wget uk.php.net/get/php-5.1.2.tar.bz2/from/this/mirror tar xjf php-5.1.2.tar.bz2 cd php-5.1.2 ./configure –with-config-file-path=/usr/local/php5/php.ini –prefix=/usr/local/php5 –enable-fastcgi –enable-discard-path –enable-force-cgi-redirect …your switches… make && make install cp php.ini-dist /usr/local/php5/php.ini
You can check the installation was successful:
Code:
/usr/local/php5/bin/php -v
the code should be
Code:
Now restart apache. Then create a phpinfo() page with the extension .php5 (eg. phpinfo.php5 - don’t forget to remove this once you’ve confirmed PHP5 is running successfully!)
If this hasn’t worked check the modules Apache has loaded, specifically mod_action.
Code:
/usr/local/apache2/bin/apachectl -l
Hopefully you’ve now got PHP5 running along side PHP4!
Install OScommerce
http://www.siteground.com/tutorials/oscommerce/oscommerce_manual_installation.htm
forum
http://www.oscommerce.info/
To upload your pages directly from the cPanel, please login to your account and select the File Manager icon from the cPanel's main page. A new window will open, listing files and directories, found on your web space. Please click on the folder image in front of the www directory.
The www directory is the one where you site needs to reside in order to be viewable. At the top of the list you will see an arrow image – please select that to be prompted to select 12 files from your local computer to be uploaded. After the files are chosen, you need to click the Upload button.
Please note that depending on file size and Internet connection, the upload may take some time to complete. After the transfer is over, a confirmation message will appear, and you will be able to see the new files in the list.
forum
http://www.oscommerce.info/
To upload your pages directly from the cPanel, please login to your account and select the File Manager icon from the cPanel's main page. A new window will open, listing files and directories, found on your web space. Please click on the folder image in front of the www directory.
The www directory is the one where you site needs to reside in order to be viewable. At the top of the list you will see an arrow image – please select that to be prompted to select 12 files from your local computer to be uploaded. After the files are chosen, you need to click the Upload button.
Please note that depending on file size and Internet connection, the upload may take some time to complete. After the transfer is over, a confirmation message will appear, and you will be able to see the new files in the list.
Install Mod perl on Cpanel Server
link for tutorial http://perl.apache.org/docs/tutorials/index.html
---------------
This set of instructions will show you how to easily install mod_perl onto a cpanel server.
1) Create a new account, or choose an existing account where you will install mod_perl. I typically choose either the rvskin admin account or fantastico admin account. This tutorials will assume you install it in the rvadmin account.
2) SSH into the server, and go to:
cd /home/rvadmin/ directory
3) Get the mod_perl-1.29.tar.gz
wget http://perl.apache.org/dist/mod_perl-1.0-current.tar.gz 4) Unpack the file:
tar -xzf mod_perl-1.29.tar.gz
5) Move to the mod_perl directoy:
cd mod_perl-1.29
6) Configure
perl Makefile.PL USE_APXS=1 WITH_APXS=/usr/local/apache/bin/apxs EVERYTHING=1
7) Run Make
make
8) Run Install
make install
9) Activate Mod Perl
/usr/local/apache/bin/apxs -a -n perl -i libperl.so
#########
Create the script below, and add it to the root directory of the mod_perl account holder (in this case rvadmin), and change the permissions (chmod +x add-mod-perl.sh), so to add mod_perl back into apache, you just need to run the script, and then verify that apache restarted with mod perl in it, you can check in WHM/News to see if mod_perl is listed .
#########
That last line is the one you’ll need to run if you re-compile Apache. The mod_perl binary is at
/home/rvadmin/mod_perl-1.29/apaci/libperl.so, so a simple way to do this would be to put the following lines in a file:
— cut here —
#!/bin/sh
libperl=/home/rvadmin/mod_perl-1.29/apaci/libperl.so
apxs=/usr/local/apache/bin/apxs
$apxs -a -n perl -i $libperl
/etc/init.d/httpd stop
/etc/init.d/httpd start
— cut here —
Name the file add-mod-perl.sh and execute “chmod +x add-mod-perl.sh”. Then, after compileing apache run the script (”./add-mod-perl.sh”) and it should all work.
---------------
This set of instructions will show you how to easily install mod_perl onto a cpanel server.
1) Create a new account, or choose an existing account where you will install mod_perl. I typically choose either the rvskin admin account or fantastico admin account. This tutorials will assume you install it in the rvadmin account.
2) SSH into the server, and go to:
cd /home/rvadmin/ directory
3) Get the mod_perl-1.29.tar.gz
wget http://perl.apache.org/dist/mod_perl-1.0-current.tar.gz 4) Unpack the file:
tar -xzf mod_perl-1.29.tar.gz
5) Move to the mod_perl directoy:
cd mod_perl-1.29
6) Configure
perl Makefile.PL USE_APXS=1 WITH_APXS=/usr/local/apache/bin/apxs EVERYTHING=1
7) Run Make
make
8) Run Install
make install
9) Activate Mod Perl
/usr/local/apache/bin/apxs -a -n perl -i libperl.so
#########
Create the script below, and add it to the root directory of the mod_perl account holder (in this case rvadmin), and change the permissions (chmod +x add-mod-perl.sh), so to add mod_perl back into apache, you just need to run the script, and then verify that apache restarted with mod perl in it, you can check in WHM/News to see if mod_perl is listed .
#########
That last line is the one you’ll need to run if you re-compile Apache. The mod_perl binary is at
/home/rvadmin/mod_perl-1.29/apaci/libperl.so, so a simple way to do this would be to put the following lines in a file:
— cut here —
#!/bin/sh
libperl=/home/rvadmin/mod_perl-1.29/apaci/libperl.so
apxs=/usr/local/apache/bin/apxs
$apxs -a -n perl -i $libperl
/etc/init.d/httpd stop
/etc/init.d/httpd start
— cut here —
Name the file add-mod-perl.sh and execute “chmod +x add-mod-perl.sh”. Then, after compileing apache run the script (”./add-mod-perl.sh”) and it should all work.
Install Bandwidth Manager
Install Bandwidth manager on linux server
cd /usr/local/src
[/usr/local/src]#wget http://www.gropp.org/bwm-ng/bwm-ng-0.5.tar.gz
[/usr/local/src]tar -zxf bwm-ng-0.5.tar.gz
[/usr/local/src]#cd bwm-ng-0.5
[/usr/local/src/bwm-ng-0.5]#./configure; make; make install
/usr/local/src/bwm-ng-0.5]# bwm-ng
it will show you following action
bwm-ng v0.5 (probing every 0.500s), press 'h' for help
input: /proc/net/dev type: rate
/ iface Rx Tx Total
===========================================================================
lo: 0.00 KB/s 0.00 KB/s 0.00 KB/s
eth0: 8.24 KB/s 17.83 KB/s 26.07 KB/s
---------------------------------------------------------------------------
total: 8.24 KB/s 17.83 KB/s 26.07 KB/s
cd /usr/local/src
[/usr/local/src]#wget http://www.gropp.org/bwm-ng/bwm-ng-0.5.tar.gz
[/usr/local/src]tar -zxf bwm-ng-0.5.tar.gz
[/usr/local/src]#cd bwm-ng-0.5
[/usr/local/src/bwm-ng-0.5]#./configure; make; make install
/usr/local/src/bwm-ng-0.5]# bwm-ng
it will show you following action
bwm-ng v0.5 (probing every 0.500s), press 'h' for help
input: /proc/net/dev type: rate
/ iface Rx Tx Total
===========================================================================
lo: 0.00 KB/s 0.00 KB/s 0.00 KB/s
eth0: 8.24 KB/s 17.83 KB/s 26.07 KB/s
---------------------------------------------------------------------------
total: 8.24 KB/s 17.83 KB/s 26.07 KB/s
How to install shoutcast
Generally you dont want to run shoutcast as root as that can be really bad. so we create a shoutcast user:
1.) Login to root
2.) adduser shoutcast
3.) passwd shoutcast
Now it will ask for a new password set this and remember it.
Now login as the new shoutcast user.
Installing shoutcast:
Lets take shoutcast from nullsoft:
wget http://www.shoutcast.com/downloads/s…-glibc6.tar.gz
extract shoutcast:
tar -zxvf shoutcast-1-9-2-linux-glibc6.tar.gz
rm -rf shoutcast-1-9-2-linux-glibc6.tar.gz
mv shoutcast-1-9-2-linux-glibc6 shoutcast
cd shoutcast
How to configure shoutcast?
your going to want to edit the shoutcast configuration.
pico sc_serv.conf
or
nano sc_serv.conf
MaxUser
Password
PortBase
uncomment AdminPassword and set an admin password.
Now at this point you can go threw the settings and change them to what you want or you can save and start shoutcast and it will work perfectly.
to save crtl+x
How do i start shoutcast?
./sc_serv sc_serv.conf
1.) Login to root
2.) adduser shoutcast
3.) passwd shoutcast
Now it will ask for a new password set this and remember it.
Now login as the new shoutcast user.
Installing shoutcast:
Lets take shoutcast from nullsoft:
wget http://www.shoutcast.com/downloads/s…-glibc6.tar.gz
extract shoutcast:
tar -zxvf shoutcast-1-9-2-linux-glibc6.tar.gz
rm -rf shoutcast-1-9-2-linux-glibc6.tar.gz
mv shoutcast-1-9-2-linux-glibc6 shoutcast
cd shoutcast
How to configure shoutcast?
your going to want to edit the shoutcast configuration.
pico sc_serv.conf
or
nano sc_serv.conf
MaxUser
Password
PortBase
uncomment AdminPassword and set an admin password.
Now at this point you can go threw the settings and change them to what you want or you can save and start shoutcast and it will work perfectly.
to save crtl+x
How do i start shoutcast?
./sc_serv sc_serv.conf
How to install MediaWiki
To create a MediaWiki site accessible at follow the instructions below
>>>http://www.mediawiki.org/wiki/Download_from_SVN#Download
Download the MediaWiki software from the>>
http://www.mediawiki.org/wiki/Download_from_SVN#Download
2>>Decide what the URL to your wiki will be. For this example we'll use a generic name that you should alter to your liking.
e.g. http://www.cs.nyu.edu/~USERNAME/PROJECT_NAME/wiki/
Create all the necessary directories in your ~/public_html folder that correspond to the path to your wiki, except for the last directory in the URL
e.g. mkdir -p ~/public_html/PROJECT_NAME
Then upload the MediaWiki software to the new folder created. For example, I uploaded mediawiki-1.8.2.tar.gz to
~/public_html/PROJECT_NAME/
3>Change to the directory into which you uploaded the mediawiki software. Run the following two commands (with the filename of the software you uploaded):
gunzip mediawiki-1.8.2.tar.gz
tar -xpf mediawiki-1.8.2.tar
This will create a directory called mediawiki-1.8.2 (depending on the version) containing all the MediaWiki files. Since this directory will be part of the URL, rename it to the last folder in your wiki URL. In our case we renamed it wiki (e.g. mv mediawiki-1.8.2 wiki ). At this point all the MediaWiki software is located at
~/public_html/PROJECT_NAME/wiki
4>Now that your wiki software’s in the right place, you need to create a MySQL database. For this, see our instructions on
--------------------------------
To create a MySQL database and access it from the CIMS network, follow the instructions below (mostly borrowed from Michael Schidlowsky):
1. Login to access.cims.nyu.edu
ssh access.cims.nyu.edu
2. Decide on a data directory for you MySQL database. This should NOT be in your public_html directory. I recommend creating a directory in your home folder just for this purpose, something like
~/data/mysql
3. Connect to one of the courses machines (courses1, courses2, or courses3). This is where you should run the mysql process (mysql will not run on the access machines). Since the courses machine are not publicly accessible, you will have to ssh to them from the access machines. From the UNIX prompt, just execute:
ssh courses1
4. Now issue the following command to create your database:
/usr/local/pkg/mysql/bin/mysql_install_db \ --datadir=/PATH/TO/DATA_DIR
An example might be:
/usr/local/pkg/mysql/bin/mysqld_install_db \ --datadir=/home/YOUR_USERNAME/data/mysql
5. Pick a port number between 10000 and 65535 for your MySQL server and make sure you remember it. For this example we'll use 25000. Start the MySQL database using this command (don't forget to use the ampersand so that the process runs in the background), also make sure that someone isn't already using this port
/usr/local/pkg/mysql/bin/mysqld_safe --port25000 \ --datadir=/home/YOUR_USERNAME/data/mysql &
You can check if your process is running by issuing this command:
ps -ef | grep YOUR_USERNAME
You can check if other MySQL processes are using this port by issuing this command:
ps -ef | grep port
6. Come up with a root password for the MySQL database and use the following command to set it (we'll use the password foobar):
/usr/local/pkg/mysql/bin/mysqladmin --port=25000 -u root password 'foobar'
7. You can now access your MySQL database from any CIMS computer using the database hostname (machine:port) courses1:25000, specifying your user name and password. Run the following command to start up the MySQL command line interface:
/usr/local/pkg/mysql/bin/mysql --hostname=courses1.cims.nyu.edu --port=25000 -u root -p
----------------------------------
5># Run the following command to start up the mysql command line interface:
/usr/local/pkg/mysql/bin/mysql --host=HOSTNAME \ --port=PORTNUMBER -u root -p
Replace HOSTNAME with the name of the computer where you are running your mysql server, and replace the PORTNUMBER with the port you are using. Then enter the root password when prompted.
Now think of a password for the wikidb user and issue the following four commands (we’ll use 'wikidb_password' for the password):
create database wikidb;
Grant all privileges on wikidb.* to 'wikidb_user'@'%' identified by 'wikidb_password';
flush privileges;
\q
Once you have extracted the wiki and created a database, the only thing left is some configuration. Luckily, MediaWiki has a nice and simple web-based installation form.
---------------------------------------
---------------------------------------
Configure MediaWiki
>
1. Visit your wiki’s homepage using a web browser. Mine could be found at http://www.cs.nyu.edu/~USERNAME/PROJECT_NAME/wiki
Now fill out the form. Pay careful attention to these fields:
* Database type: MySQL
* Database host: HOSTNAME:PORT
* Database name: wikidb
* Database username: wikidb_user
* Database password: wikidb_password
* Database table prefix: wiki_
Replace the host information with the hostname and port used in creating your database. Next replace the wikidb_password with the password you specified. Do NOT modify the superuser information or password. We want MediaWiki to use the account we created and not log in as root.
2. Once you successfully submit the form, MediaWiki will create a file in the config folder called LocalSettings.php. Copy this file to the main wiki directory. For our example this is
~/public_html/PROJECT_NAME/wiki
Securing your server
By using ACLs (Access Control Lists) you can restrict access to files and folders to specific users. Most importantly, you'll want to create an ACL for the LocalSettings.php file, since it contains a copy of the wiki database username and password. Issue the following three commands to secure this file so that only you and wwwcims can read it:
* chmod 700 LocalSettings.php
* setfacl -s u::rwx,g::---,m:rwx,o:--- LocalSettings.php
* setfacl -m user:wwwcims:r-x LocalSettings.php
Also, you'll want the images directory (the directory where file uploads are stored) to be readable and writable by yourself and by wwwcims, so execute the following four commands:
* chmod 700 images
* setfacl -s "u::rwx,g::---,m:rwx,o:---,\ d:u::rwx,d:g::---,d:m:rwx,d:o:---" images
* setfacl -m u:wwwcims:rwx images
* setfacl -m d:u:wwwcims:rwx images
MediaWiki Customizations
You now have a running MediaWiki instance. There are certain default settings that probably aren't optimal for a course wiki. Here are the changes I made with links to instructions:
* * Change the default Logo
* * Prevent new user registrations
* * Disable anonymous edits
* * Disable anonymous reads
* * Enable media uploads
* * Enable user emails
* * Set Browser bookmark icon (favicon)
Now that you've made it impossible for anonymous users to read pages on the wiki, you've also made it impossible for anyone to login or see the front page of your website. Find the $wgWhitelistRead variable in your LocalSettings.php file and make sure it lists all the pages that anonymous users should be able to see. At the very least, it should include these:
* $wgWhitelistRead = array( "Main_Page", "Special:Userlogin",
* "-", "MediaWiki:Monobook.css", "Special:Booksources",
* "Help:Contents", "Special:Confirmemail",
* "Special:Userlogout" );
You will also need to modify a file to make it possible for the email confirmation and booksources links to work properly. Find the end of the userCanRead() function in includes/Title.php and replace this
* }
* return false;
* }
with this code block:
* $names=split("/", $name);
* if(strcmp($names[0],"Special:Confirmemail")==0 &&
* count($names)==2 &&
* preg_match('/[a-f0-9]{32}/', $names[1])) {
* return true; #Confirmemail link
* }
* if(strcmp($names[0],"Special:Booksources")==0 &&
* count($names)==2) {
* return true; #Booksources link
* }
* }
* return false;
* }
Last but not least, you'll probably want to have an account for yourself that is not the WikiSysop. For your username the MediaWiki standard is to use your full name (e.g., "Some User") rather than a typical system username like someuser. (You should know that no matter what name you choose, MediaWiki will capitalize the first letter of every word, turning someuser to Someuser.)
>>>http://www.mediawiki.org/wiki/Download_from_SVN#Download
Download the MediaWiki software from the>>
http://www.mediawiki.org/wiki/Download_from_SVN#Download
2>>Decide what the URL to your wiki will be. For this example we'll use a generic name that you should alter to your liking.
e.g. http://www.cs.nyu.edu/~USERNAME/PROJECT_NAME/wiki/
Create all the necessary directories in your ~/public_html folder that correspond to the path to your wiki, except for the last directory in the URL
e.g. mkdir -p ~/public_html/PROJECT_NAME
Then upload the MediaWiki software to the new folder created. For example, I uploaded mediawiki-1.8.2.tar.gz to
~/public_html/PROJECT_NAME/
3>Change to the directory into which you uploaded the mediawiki software. Run the following two commands (with the filename of the software you uploaded):
gunzip mediawiki-1.8.2.tar.gz
tar -xpf mediawiki-1.8.2.tar
This will create a directory called mediawiki-1.8.2 (depending on the version) containing all the MediaWiki files. Since this directory will be part of the URL, rename it to the last folder in your wiki URL. In our case we renamed it wiki (e.g. mv mediawiki-1.8.2 wiki ). At this point all the MediaWiki software is located at
~/public_html/PROJECT_NAME/wiki
4>Now that your wiki software’s in the right place, you need to create a MySQL database. For this, see our instructions on
--------------------------------
To create a MySQL database and access it from the CIMS network, follow the instructions below (mostly borrowed from Michael Schidlowsky):
1. Login to access.cims.nyu.edu
ssh access.cims.nyu.edu
2. Decide on a data directory for you MySQL database. This should NOT be in your public_html directory. I recommend creating a directory in your home folder just for this purpose, something like
~/data/mysql
3. Connect to one of the courses machines (courses1, courses2, or courses3). This is where you should run the mysql process (mysql will not run on the access machines). Since the courses machine are not publicly accessible, you will have to ssh to them from the access machines. From the UNIX prompt, just execute:
ssh courses1
4. Now issue the following command to create your database:
/usr/local/pkg/mysql/bin/mysql_install_db \ --datadir=/PATH/TO/DATA_DIR
An example might be:
/usr/local/pkg/mysql/bin/mysqld_install_db \ --datadir=/home/YOUR_USERNAME/data/mysql
5. Pick a port number between 10000 and 65535 for your MySQL server and make sure you remember it. For this example we'll use 25000. Start the MySQL database using this command (don't forget to use the ampersand so that the process runs in the background), also make sure that someone isn't already using this port
/usr/local/pkg/mysql/bin/mysqld_safe --port25000 \ --datadir=/home/YOUR_USERNAME/data/mysql &
You can check if your process is running by issuing this command:
ps -ef | grep YOUR_USERNAME
You can check if other MySQL processes are using this port by issuing this command:
ps -ef | grep port
6. Come up with a root password for the MySQL database and use the following command to set it (we'll use the password foobar):
/usr/local/pkg/mysql/bin/mysqladmin --port=25000 -u root password 'foobar'
7. You can now access your MySQL database from any CIMS computer using the database hostname (machine:port) courses1:25000, specifying your user name and password. Run the following command to start up the MySQL command line interface:
/usr/local/pkg/mysql/bin/mysql --hostname=courses1.cims.nyu.edu --port=25000 -u root -p
----------------------------------
5># Run the following command to start up the mysql command line interface:
/usr/local/pkg/mysql/bin/mysql --host=HOSTNAME \ --port=PORTNUMBER -u root -p
Replace HOSTNAME with the name of the computer where you are running your mysql server, and replace the PORTNUMBER with the port you are using. Then enter the root password when prompted.
Now think of a password for the wikidb user and issue the following four commands (we’ll use 'wikidb_password' for the password):
create database wikidb;
Grant all privileges on wikidb.* to 'wikidb_user'@'%' identified by 'wikidb_password';
flush privileges;
\q
Once you have extracted the wiki and created a database, the only thing left is some configuration. Luckily, MediaWiki has a nice and simple web-based installation form.
---------------------------------------
---------------------------------------
Configure MediaWiki
>
1. Visit your wiki’s homepage using a web browser. Mine could be found at http://www.cs.nyu.edu/~USERNAME/PROJECT_NAME/wiki
Now fill out the form. Pay careful attention to these fields:
* Database type: MySQL
* Database host: HOSTNAME:PORT
* Database name: wikidb
* Database username: wikidb_user
* Database password: wikidb_password
* Database table prefix: wiki_
Replace the host information with the hostname and port used in creating your database. Next replace the wikidb_password with the password you specified. Do NOT modify the superuser information or password. We want MediaWiki to use the account we created and not log in as root.
2. Once you successfully submit the form, MediaWiki will create a file in the config folder called LocalSettings.php. Copy this file to the main wiki directory. For our example this is
~/public_html/PROJECT_NAME/wiki
Securing your server
By using ACLs (Access Control Lists) you can restrict access to files and folders to specific users. Most importantly, you'll want to create an ACL for the LocalSettings.php file, since it contains a copy of the wiki database username and password. Issue the following three commands to secure this file so that only you and wwwcims can read it:
* chmod 700 LocalSettings.php
* setfacl -s u::rwx,g::---,m:rwx,o:--- LocalSettings.php
* setfacl -m user:wwwcims:r-x LocalSettings.php
Also, you'll want the images directory (the directory where file uploads are stored) to be readable and writable by yourself and by wwwcims, so execute the following four commands:
* chmod 700 images
* setfacl -s "u::rwx,g::---,m:rwx,o:---,\ d:u::rwx,d:g::---,d:m:rwx,d:o:---" images
* setfacl -m u:wwwcims:rwx images
* setfacl -m d:u:wwwcims:rwx images
MediaWiki Customizations
You now have a running MediaWiki instance. There are certain default settings that probably aren't optimal for a course wiki. Here are the changes I made with links to instructions:
* * Change the default Logo
* * Prevent new user registrations
* * Disable anonymous edits
* * Disable anonymous reads
* * Enable media uploads
* * Enable user emails
* * Set Browser bookmark icon (favicon)
Now that you've made it impossible for anonymous users to read pages on the wiki, you've also made it impossible for anyone to login or see the front page of your website. Find the $wgWhitelistRead variable in your LocalSettings.php file and make sure it lists all the pages that anonymous users should be able to see. At the very least, it should include these:
* $wgWhitelistRead = array( "Main_Page", "Special:Userlogin",
* "-", "MediaWiki:Monobook.css", "Special:Booksources",
* "Help:Contents", "Special:Confirmemail",
* "Special:Userlogout" );
You will also need to modify a file to make it possible for the email confirmation and booksources links to work properly. Find the end of the userCanRead() function in includes/Title.php and replace this
* }
* return false;
* }
with this code block:
* $names=split("/", $name);
* if(strcmp($names[0],"Special:Confirmemail")==0 &&
* count($names)==2 &&
* preg_match('/[a-f0-9]{32}/', $names[1])) {
* return true; #Confirmemail link
* }
* if(strcmp($names[0],"Special:Booksources")==0 &&
* count($names)==2) {
* return true; #Booksources link
* }
* }
* return false;
* }
Last but not least, you'll probably want to have an account for yourself that is not the WikiSysop. For your username the MediaWiki standard is to use your full name (e.g., "Some User") rather than a typical system username like someuser. (You should know that no matter what name you choose, MediaWiki will capitalize the first letter of every word, turning someuser to Someuser.)
How to install Eaccelerator
Eaccelerator is a PHP accelerator/encoder/caching utility that is based
off of the old mmcache (which is no longer being maintained).
What Eaccelerator does is: it caches your PHP scripts so that the database
is no longer being queried everytime someone needs a script. This is
particularly useful for large forums, but pretty much anyone can benefit
from it. Since these scripts are cached, you’ll notice a decrease in
memory use and server load.
Now, onto installing this!
______________________________
Installing Eaccelerator
1. First, you’ll want to SSH into your server as the root user. you should
be in the default directory now. If you’re not, type in cd ~
2. Now we’ll make the eaccelerator directory:
mkdir /ea/
cd /ea/
2. Now we’ll grab the files, and untar them:
Notice that it’s a tar.bz2 file, so we need to decompress it twice.
wget
http://heanet.dl.sourceforge.net/sourceforge/eaccelerator/eaccelerator-0.9.4-rc1.tar.bz2
bzip2 -d eaccelerator-0.9.4-rc1.tar.bz2
tar xvf eaccelerator-0.9.4-rc1.tar
3. Now that we’ve done that, let’s install Eaccelerator:
Note: in the following “export” command, you need to point that to where
PHP is installed. For most, it’s usually either “usr/” or “usr/local”, but
it may be something else.
cd eaccelerator-0.9.4-rc1/
export PHP_PREFIX=”/usr”
$PHP_PREFIX/bin/phpize
./configure –enable-eaccelerator=shared
–with-php-config=$PHP_PREFIX/bin/php-config
make
make install
4. It’s basically installed, now we need to edit the php.ini files to
include Eaccelerator. This is usually found in the /etc/ folder, but if
you can’t find it, run a “locate php.ini” (without quotes) to find it.
[i]I’m editting my file with nano, which pretty much anyone with a modern
server should have. You can use pico or vi, it’s your choice:
cd ~
nano /etc/php.ini
Now find ;Windows Extensions (press ctrl + W). Remove the mmcache lines
(if you had it installed before) above this and…
—————————————————————————-
For a PHP extension install (most will probably want this)
—————————————————————————-
extension=”eaccelerator.so”
eaccelerator.shm_size=”16?
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1?
eaccelerator.optimizer=”1?
eaccelerator.check_mtime=”1?
eaccelerator.debug=”0?
eaccelerator.filter=”"
eaccelerator.shm_max=”0?
eaccelerator.shm_ttl=”0?
eaccelerator.shm_prune_period=”0?
eaccelerator.shm_only=”0?
eaccelerator.compress=”1?
eaccelerator.compress_level=”9?
—————————————————————————-
For a Zend extension install (only if you have Zend installed, or
if you’re going to install it
—————————————————————————-
zend_extension=”/usr/lib/php4/eaccelerator.so”
eaccelerator.shm_size=”16?
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1?
eaccelerator.optimizer=”1?
eaccelerator.check_mtime=”1?
eaccelerator.debug=”0?
eaccelerator.filter=”"
eaccelerator.shm_max=”0?
eaccelerator.shm_ttl=”0?
eaccelerator.shm_prune_period=”0?
eaccelerator.shm_only=”0?
eaccelerator.compress=”1?
eaccelerator.compress_level=”9?
5. Now we need to make the cache directory, where the cache files will be
stored.
cd ~
mkdir /tmp/eaccelerator/
chmod 0777 /tmp/eaccelerator/
6. Yay, it’s installed! Let’s restart Apache now so that Eaccelerator will
start working:
service httpd restart
cp /ea/eaccelerator-0.9.4-rc1/eaccelerator.php /usr/local/apache/htdocs/
—————————–
7. You *should* notice some sort of speed boost or that the server
load/memory use has decreased. But let’s just make sure that it’s
installed properly.
Open up your favorite FTP client and upload the eaccelerator.php and
eaccelerator_password.php files to any directory on your website. I
uploaded mine to my forum directory, but you can pretty much place them
anywhere in the public_html directory.
Once that’s done, you can go to
http://www.your-domain.com/path_to_s…ccelerator.php (of course,
replacing that with the path to the script) to see if it’s installed. If
it’s installed properly, you’ll see a screen like this:
Otherwise, you’ll see a screen saying that it’s not installed. You have to
go back through the instructions, retry it and see if that works. Check to
make sure that you specified the right directories and files in the
instructions above!
Now, we’ll probably want to add a password to prevent some mean user from
clearing the cached scripts or causing other bad stuff to happen. Navigate
to the eaccelerator_password file and set an administrator name and
password.
This doesn’t set the password, but it gives you a line of code to place in
your php.ini file (just below the eaccelerator part). Once you do this,
you need to log in to view the eaccelerator page.
After you’re done, you can delete or rename this file, but it’s not required.
off of the old mmcache (which is no longer being maintained).
What Eaccelerator does is: it caches your PHP scripts so that the database
is no longer being queried everytime someone needs a script. This is
particularly useful for large forums, but pretty much anyone can benefit
from it. Since these scripts are cached, you’ll notice a decrease in
memory use and server load.
Now, onto installing this!
______________________________
Installing Eaccelerator
1. First, you’ll want to SSH into your server as the root user. you should
be in the default directory now. If you’re not, type in cd ~
2. Now we’ll make the eaccelerator directory:
mkdir /ea/
cd /ea/
2. Now we’ll grab the files, and untar them:
Notice that it’s a tar.bz2 file, so we need to decompress it twice.
wget
http://heanet.dl.sourceforge.net/sourceforge/eaccelerator/eaccelerator-0.9.4-rc1.tar.bz2
bzip2 -d eaccelerator-0.9.4-rc1.tar.bz2
tar xvf eaccelerator-0.9.4-rc1.tar
3. Now that we’ve done that, let’s install Eaccelerator:
Note: in the following “export” command, you need to point that to where
PHP is installed. For most, it’s usually either “usr/” or “usr/local”, but
it may be something else.
cd eaccelerator-0.9.4-rc1/
export PHP_PREFIX=”/usr”
$PHP_PREFIX/bin/phpize
./configure –enable-eaccelerator=shared
–with-php-config=$PHP_PREFIX/bin/php-config
make
make install
4. It’s basically installed, now we need to edit the php.ini files to
include Eaccelerator. This is usually found in the /etc/ folder, but if
you can’t find it, run a “locate php.ini” (without quotes) to find it.
[i]I’m editting my file with nano, which pretty much anyone with a modern
server should have. You can use pico or vi, it’s your choice:
cd ~
nano /etc/php.ini
Now find ;Windows Extensions (press ctrl + W). Remove the mmcache lines
(if you had it installed before) above this and…
—————————————————————————-
For a PHP extension install (most will probably want this)
—————————————————————————-
extension=”eaccelerator.so”
eaccelerator.shm_size=”16?
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1?
eaccelerator.optimizer=”1?
eaccelerator.check_mtime=”1?
eaccelerator.debug=”0?
eaccelerator.filter=”"
eaccelerator.shm_max=”0?
eaccelerator.shm_ttl=”0?
eaccelerator.shm_prune_period=”0?
eaccelerator.shm_only=”0?
eaccelerator.compress=”1?
eaccelerator.compress_level=”9?
—————————————————————————-
For a Zend extension install (only if you have Zend installed, or
if you’re going to install it
—————————————————————————-
zend_extension=”/usr/lib/php4/eaccelerator.so”
eaccelerator.shm_size=”16?
eaccelerator.cache_dir=”/tmp/eaccelerator”
eaccelerator.enable=”1?
eaccelerator.optimizer=”1?
eaccelerator.check_mtime=”1?
eaccelerator.debug=”0?
eaccelerator.filter=”"
eaccelerator.shm_max=”0?
eaccelerator.shm_ttl=”0?
eaccelerator.shm_prune_period=”0?
eaccelerator.shm_only=”0?
eaccelerator.compress=”1?
eaccelerator.compress_level=”9?
5. Now we need to make the cache directory, where the cache files will be
stored.
cd ~
mkdir /tmp/eaccelerator/
chmod 0777 /tmp/eaccelerator/
6. Yay, it’s installed! Let’s restart Apache now so that Eaccelerator will
start working:
service httpd restart
cp /ea/eaccelerator-0.9.4-rc1/eaccelerator.php /usr/local/apache/htdocs/
—————————–
7. You *should* notice some sort of speed boost or that the server
load/memory use has decreased. But let’s just make sure that it’s
installed properly.
Open up your favorite FTP client and upload the eaccelerator.php and
eaccelerator_password.php files to any directory on your website. I
uploaded mine to my forum directory, but you can pretty much place them
anywhere in the public_html directory.
Once that’s done, you can go to
http://www.your-domain.com/path_to_s…ccelerator.php (of course,
replacing that with the path to the script) to see if it’s installed. If
it’s installed properly, you’ll see a screen like this:
Otherwise, you’ll see a screen saying that it’s not installed. You have to
go back through the instructions, retry it and see if that works. Check to
make sure that you specified the right directories and files in the
instructions above!
Now, we’ll probably want to add a password to prevent some mean user from
clearing the cached scripts or causing other bad stuff to happen. Navigate
to the eaccelerator_password file and set an administrator name and
password.
This doesn’t set the password, but it gives you a line of code to place in
your php.ini file (just below the eaccelerator part). Once you do this,
you need to log in to view the eaccelerator page.
After you’re done, you can delete or rename this file, but it’s not required.
Subscribe to:
Posts (Atom)
