*Migration
for CT in $(vzlist -H -o veid);do vzmigrate -r no --keep-dst 77.95.229.43(destinationIP) $CT; done
*Updating SolusVM
for VSERVERID in $`cat vsrvrids.txt`;do /scripts/vm-migrate $VSERVERID 12; done
A Blog to share my experience and knowledge, Iam dealing with Linux Server Administration.
Tuesday, 24 April 2012
MScripts to do migration of containers in OPenVZ from one node to another
*Migration
for CT in $(vzlist -H -o veid);do vzmigrate -r no --keep-dst 77.95.229.43(destinationIP) $CT; done
*Updating SolusVM
for VSERVERID in $`cat vsrvrids.txt`;do /scripts/vm-migrate $VSERVERID 12; done
Thursday, 19 April 2012
Domain name Transfer
Domain Name Registration
When a domain is first registered, the process
is done under a registrar. This means that the registrar claims a domain
name for a user on their behalf. This registrar has user interfaces
where users can manage all their domains registered through that
specific registrar.
Domain Name Transfer
Domain transfer is a process of moving a domain
name from one registrar to another. All relevant information and the
domain name remain the same. It is only the administration aspects of
that domain and the registrar information that will be changed. This is
particularly useful when a user has multiple domains and wishes to
administer them all under one panel/registrar.
Terminologies
- Current registrar: Registrar you currently have a domain with (losing registrar).
- New registrar: Registrar you want to move your domain to (gaining registrar).
Transferring a domain involves the following steps:
- The user submits the name of the domain or domains to be transferred to the new registrar.
- If an authorization or EPP key is required, the current registrar will send an email to the domain owner with the proper key. (Authorization keys are required for all tlds handles: .com, .net., .org, etc.)
- Authorization key is provided to the new registrar.
- The domain transfer is submitted to the registry by the new registrar.
- An email is sent to the domain owner requesting for approval of the transfer process by the new registrar.
- The domain owner can either approve or disapprove the transfer request.
- If the request is approved, the transfer is completed. The transfer period varies between registrars, but it is estimated to be between 5 to 10 days.
Reasons for domain name transfer failure:
- It is locked with your current registrar.
- Incorrect EPP/Authorization Key.
- You are transferring it to the same registrar it is registered with (yes this can happen sometimes).
- The name includes profanity (some registrars do not allow that).
- It is privately registered (the email wouldn’t get to the owner).
- The email address on file is not the most recent email (administrative contact email address is inaccessible).
- A domain name transfer is prohibited during the first 60 days of initial registration or during the first 60 days after a registrar transfer.
- The domain name has already expired.
All the information listed above can be obtained by performing a whois check or through the registrar administration interface.
Unlocking a domain can be done easily by:
- Going to the website of the current domain registrar.
- Using your username and password to login to your account.
- Going to the domain management of your domains and choosing the domain you wish to unlock.
- In the detailed options of your domain, choose to unlock the domain.
Many people use the option for “private
registration” or “domain privacy” which hides the personal contact
information from the WHOIS database. This privacy feature must be
disabled before initiating the domain transfer, or else the email will
be sent to the registrar’s anonymous address instead of the domain
owner.
Wednesday, 18 April 2012
Commands to check linux server attacks
1. How to Detect a TCP/IP Denial of Service Attack This are
the commands I use to find out if a loaded Linux server is under a heavy
DoS attack, one of the most essential one is of course netstat.
To check if a server is under a DoS attack with netstat, it’s common to use:
If the output of below command returns a result like 2000 or 3000 connections!, then obviously it’s very likely the server is under a DoS attack.
To check all the IPS currently connected to the Apache Webserver and get a very brief statistics on the number of times each of the IPs connected to my server, I use the cmd:
As you could see from the above command output the IP 80.143.207.107 is either connected 221 times to the server or is in state of connecting or disconnecting to the node.
Another possible way to check, if a Linux or BSD server is under a Distributed DoS is with the list open files command lsof
Here is how lsof can be used to list the approximate number of ESTABLISHED connections to port 80.
Another way to get an approximate number of established connections to let’s say Apache or LiteSpeed webserver with lsof can be achieved like so:
I find it handy to keep track of above lsof command output every few secs with gnu watch , like so:
2. How to Detect if a Linux server is under an ICMP SMURF attack
ICMP attack is still heavily used, even though it’s already old fashioned and there are plenty of other Denial of Service attack types, one of the quickest way to find out if a server is under an ICMP attack is through the command:
As you can see the above one liner in a loop would check for sent and recieved ICMP packets every few seconds, if there are big difference between in the output returned every few secs by above command, then obviously the server is under an ICMP attack and needs to hardened.
3. How to detect a SYN flood with netstat
1032 SYNs per second is quite a high number and except if the server is not serving let’s say 5000 user requests per second, therefore as the above output reveals it’s very likely the server is under attack, if however I get results like 100/200 SYNs, then obviously there is no SYN flood targetting the machine
Another two netstat command application, which helps determining if a server is under a Denial of Service attacks are:
and
Of course there also some other ways to check the count the IPs who sent SYN to the webserver, for example:
In many cases of course the top or htop can be useful to find, if many processes of a certain type are hanging around.
4. Checking if UDP Denial of Service is targetting the server
The above command will list information concerning possible UDP DoS.
The command can easily be accustomed also to check for both possible TCP and UDP denial of service, like so:
If after getting an IP that has too many connections to the server and is almost certainly a DoS host you would like to filter this IP.
You can use the /sbin/route command to filter it out, using route will probably be a better choice instead of iptables, as iptables would load up the CPU more than simply cutting the route to the server.
Here is how I remove hosts to not be able to route packets to my server:
The above command would null route the access of IP 110.92.0.55 to my server.
Later on to look up for a null routed IP to my host, I use:
Well hopefully this should be enough to give a brief overview on how, one can dig in his server and find if he is under a Distributed Denial of Service, hope it’s helpful to somebody out there.
To check if a server is under a DoS attack with netstat, it’s common to use:
linux:~# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n|wc -lIf the output of below command returns a result like 2000 or 3000 connections!, then obviously it’s very likely the server is under a DoS attack.
To check all the IPS currently connected to the Apache Webserver and get a very brief statistics on the number of times each of the IPs connected to my server, I use the cmd:
linux:~# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
221 80.143.207.107 233 145.53.103.70 540 82.176.164.36As you could see from the above command output the IP 80.143.207.107 is either connected 221 times to the server or is in state of connecting or disconnecting to the node.
Another possible way to check, if a Linux or BSD server is under a Distributed DoS is with the list open files command lsof
Here is how lsof can be used to list the approximate number of ESTABLISHED connections to port 80.
linux:~# lsof -i TCP:80
litespeed 241931 nobody 17u IPv4 18372655 TCP server.pc-freak.net:http (LISTEN)
litespeed 241931 nobody 25u IPv4 18372659 TCP 85.17.159.89:http (LISTEN)
litespeed 241931 nobody 30u IPv4 29149647 TCP server.pc-freak.net:http->83.101.6.41:54565 (ESTABLISHED)
litespeed 241931 nobody 33u IPv4 18372647 TCP 85.17.159.93:http (LISTEN)
litespeed 241931 nobody 34u IPv4 29137514 TCP server.pc-freak.net:http->83.101.6.41:50885 (ESTABLISHED)
litespeed 241931 nobody 35u IPv4 29137831 TCP server.pc-freak.net:http->83.101.6.41:52312 (ESTABLISHED)
litespeed 241931 nobody 37w IPv4 29132085 TCP server.pc-freak.net:http->83.101.6.41:50000 (ESTABLISHED)Another way to get an approximate number of established connections to let’s say Apache or LiteSpeed webserver with lsof can be achieved like so:
linux:~# lsof -i TCP:80 |wc -l
2100I find it handy to keep track of above lsof command output every few secs with gnu watch , like so:
linux:~# watch "lsof -i TCP:80"2. How to Detect if a Linux server is under an ICMP SMURF attack
ICMP attack is still heavily used, even though it’s already old fashioned and there are plenty of other Denial of Service attack types, one of the quickest way to find out if a server is under an ICMP attack is through the command:
server:~# while :; do netstat -s| grep -i icmp | egrep 'received|sent' ; sleep 1; done
120026 ICMP messages received
1769507 ICMP messages sent
120026 ICMP messages received
1769507 ICMP messages sentAs you can see the above one liner in a loop would check for sent and recieved ICMP packets every few seconds, if there are big difference between in the output returned every few secs by above command, then obviously the server is under an ICMP attack and needs to hardened.
3. How to detect a SYN flood with netstat
linux:~# netstat -nap | grep SYN | wc -l
10321032 SYNs per second is quite a high number and except if the server is not serving let’s say 5000 user requests per second, therefore as the above output reveals it’s very likely the server is under attack, if however I get results like 100/200 SYNs, then obviously there is no SYN flood targetting the machine
Another two netstat command application, which helps determining if a server is under a Denial of Service attacks are:
server:~# netstat -tuna |wc -l
10012and
server:~# netstat -tun |wc -l
9606Of course there also some other ways to check the count the IPs who sent SYN to the webserver, for example:
server:~# netstat -n | grep :80 | grep SYN |wc -lIn many cases of course the top or htop can be useful to find, if many processes of a certain type are hanging around.
4. Checking if UDP Denial of Service is targetting the server
server:~# netstat -nap | grep 'udp' | awk '{print $5}' | cut -d: -f1 | sort |uniq -c |sort -nThe above command will list information concerning possible UDP DoS.
The command can easily be accustomed also to check for both possible TCP and UDP denial of service, like so:
server:~# netstat -nap | grep 'udp|udp' | awk '{print $5}' | cut -d: -f1 | sort |uniq -c |sort -n
104 109.161.198.86
115 112.197.147.216
129 212.10.160.148
227 201.13.27.137
3148 91.121.85.220If after getting an IP that has too many connections to the server and is almost certainly a DoS host you would like to filter this IP.
You can use the /sbin/route command to filter it out, using route will probably be a better choice instead of iptables, as iptables would load up the CPU more than simply cutting the route to the server.
Here is how I remove hosts to not be able to route packets to my server:
route add 110.92.0.55 rejectThe above command would null route the access of IP 110.92.0.55 to my server.
Later on to look up for a null routed IP to my host, I use:
route -n |grep -i 110.92.0.55Well hopefully this should be enough to give a brief overview on how, one can dig in his server and find if he is under a Distributed Denial of Service, hope it’s helpful to somebody out there.
How to Enable Iptables Modules for a VPS:-
1 . Before enabling the modules to a VPS , make sure that its enabled in the root node of the VPS. You can check it using the command :
lsmod | grep -i module_name
2. If its not enabled, then it can enable by using the modprobe command :-
modprobe iptables_module
modprobe ipt_helper
modprobe ipt_REDIRECT
modprobe ipt_TCPMSS
modprobe ipt_LOG
modprobe ipt_TOS
modprobe iptable_nat
modprobe ipt_length
modprobe ipt_tcpmss
modprobe iptable_mangle
modprobe ipt_tos
modprobe iptable_filter
modprobe ipt_helper
modprobe ipt_tos
modprobe ipt_ttl
modprobe ipt_SAME
modprobe ipt_REJECT
modprobe ipt_helper
modprobe ipt_owner
modprobe ip_tables
modprobe ipt_MASQUERADE
modprobe ipt_multiport/xt_multiport
modprobe ipt_state/xt_state
modprobe ipt_limit/xt_limit
modprobe ipt_recent
modprobe xt_connlimit
modprobe ipt_owner/xt_owner
modprobe iptable_nat/ipt_DNAT
modprobe iptable_nat/ipt_REDIRECT
3. Stop the container which one you want to enable the module :
vzctl stop 101
4 . Executing the following command:-
1) By Command:
Execute following command to enable all the modules for the VPS
vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
or
2) Adding Rules manually:
Open the VPS configuration file which exists at /etc/vz/conf/veid.conf and paste following in the last line of the file.
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc"
5. Restart the container.
vzctl restart 101
----------------------------------error--------------------------------
[root@abc ~]# perl /etc/csf/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
Testing ipt_limit/xt_limit...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
Testing ipt_recent...FAILED [Error: iptables: Unknown error 4294967295] - Required for PORTFLOOD and PORTKNOCKING features
Testing xt_connlimit...FAILED [Error: iptables: Unknown error 4294967295] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...FAILED [Error: iptables: Unknown error 4294967295] - Required for SMTP_BLOCK and UID/GID blocking features
Testing iptable_nat/ipt_REDIRECT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for MESSENGER feature
Testing iptable_nat/ipt_DNAT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for csf.redirect feature
Monday, 16 April 2012
pure-ftp does'nt run unter virtuozzo
There are two easy solutions, if this is your own server, run these
command on the host server, replace the ID with the ID of your virtual
machine:
VPSID=101
for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
do
vzctl set $VPSID --capability ${CAP}:on --save
done
#vzctl set <VEID> --capability capname:on|offVPSID=101
for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
do
vzctl set $VPSID --capability ${CAP}:on --save
done
Saturday, 14 April 2012
To synchronize time in linux serers
Procedure
Login as the root userType the following command to install ntp
# yum install ntpTurn on service
# chkconfig ntpd onSynchronize the system clock with 0.pool.ntp.org server:
# ntpdate pool.ntp.orgStart the NTP:
# /etc/init.d/ntpd starUnable to open pty: No such file or directory
If you come across the problem
enter into CT 1820 failed
Unable to open pty: No such file or directory
To fix this run the following commands
# vzctl exec VEID /sbin/MAKEDEV tty
# vzctl exec VEID /sbin/MAKEDEV pty
# vzctl enter VEID
VEID-container ID of the VPS
enter into CT 1820 failed
Unable to open pty: No such file or directory
To fix this run the following commands
# vzctl exec VEID /sbin/MAKEDEV tty
# vzctl exec VEID /sbin/MAKEDEV pty
# vzctl enter VEID
VEID-container ID of the VPS
Container already locked
Some times We come across this problem when we try to enter into the VPS.
If you received this message when you try and stop the VE...
If you received this message when you try and stop the VE...
[root@server ~]# vzctl stop 104 Container already lockedHere's how to fix it:
- Delete the lock file
[root@server ~]# rm /vz/lock/104.lck rm: remove regular file `/vz/lock/104.lck'? y
- Kill the checkpoint
[root@server ~]# vzctl chkpnt 104 --kill Killing...
Now try to start the container,It will start working.
Friday, 13 April 2012
Scritpt for massive cpanel migration
First in the server from which the accounts should be migrated use the following command,
for i in `cat /etc/trueuserdomains | awk -F: '{print $2}'`
do
/bin/echo "$i"
/scripts/pkgacct $i
file=$(ls /home/cpmove*$i*)
/bin/echo "$file"
scp -P PORT $file root@IP:/root
wait
ls -lh $file
rm -rf $file
done
cPanel Data restoration.
The script is given below. Move to the location whether the cpmove files are located and then execute the following.
for i in `cat /etc/trueuserdomains | awk -F: '{print $2}'`
do
/bin/echo "$i"
/scripts/pkgacct $i
file=$(ls /home/cpmove*$i*)
/bin/echo "$file"
scp -P PORT $file root@IP:/root
wait
ls -lh $file
rm -rf $file
done
cPanel Data restoration.
The script is given below. Move to the location whether the cpmove files are located and then execute the following.
# ls cpmove-*.tar.gz | awk -F- '{print $2}' | awk -F. '{print $1}' > file
# for i in `cat file`; do /scripts/restorepkg $i; done
# for i in `cat file`; do /scripts/restorepkg $i; done
Use of Screen Command
Screen command is very usefull to retain the ssh sessions even if connection to the server is lost.The main advantage is that the ongoing process will continue even if connection was reset.
To use screen command,first we had to begin a screen session with any name
screen -S test(Example)
Then a session named test is started.
To show available screen sessions
use screen -ls
To re-attach to a session, use the re-attach command:
screen -r
To use screen command,first we had to begin a screen session with any name
screen -S test(Example)
Then a session named test is started.
To show available screen sessions
use screen -ls
To re-attach to a session, use the re-attach command:
screen -r
31619.ttyp2.gigan
Thats all.
Enable Iptables Modules for a VPS
Enable Iptables/Firewall Modules for a VPS:-
1 . Before enabling the modules to a VPS , make sure that its enabled in the root node of the VPS. You can check it using the command :
lsmod | grep -i module_name ( lsmod | grep -i ipt_LOG )
2. If its not enabled, then it can enable by using the modprobe command :-
modprobe iptables_module
modprobe ipt_helper
modprobe ipt_REDIRECT
modprobe ipt_TCPMSS
modprobe ipt_LOG
modprobe ipt_TOS
modprobe iptable_nat
modprobe ipt_length
modprobe ipt_tcpmss
modprobe iptable_mangle
modprobe ipt_tos
modprobe iptable_filter
modprobe ipt_helper
modprobe ipt_tos
modprobe ipt_ttl
modprobe ipt_SAME
modprobe ipt_REJECT
modprobe ipt_helper
modprobe ipt_owner
modprobe ip_tables
modprobe ipt_MASQUERADE
modprobe ipt_multiport/xt_multiport
modprobe ipt_state/xt_state
modprobe ipt_limit/xt_limit
modprobe ipt_recent
modprobe xt_connlimit
modprobe ipt_owner/xt_owner
modprobe iptable_nat/ipt_DNAT
modprobe iptable_nat/ipt_REDIRECT
3. Stop the container which one you want to enable the module :
vzctl stop 101
4 . Executing the following command:-
1) By Command:
Execute following command to enable all the modules for the VPS
vzctl set 101 – -iptables ipt_REJECT –iptables ipt_tos –iptables ipt_TOS –iptables ipt_LOG –iptables ip_conntrack –iptables ipt_limit –iptables ipt_multiport –iptables iptable_filter –iptables iptable_mangle –iptables ipt_TCPMSS –iptables ipt_tcpmss –iptables ipt_ttl –iptables ipt_length –iptables ipt_state –iptables iptable_nat –iptables ip_nat_ftp –save
or
2) Adding Rules manually:
Open the VPS configuration file which exists at /etc/vz/conf/veid.conf and paste following in the last line of the file.
IPTABLES=”iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc”
5. Restart the container.
vzctl restart 101
1 . Before enabling the modules to a VPS , make sure that its enabled in the root node of the VPS. You can check it using the command :
lsmod | grep -i module_name ( lsmod | grep -i ipt_LOG )
2. If its not enabled, then it can enable by using the modprobe command :-
modprobe iptables_module
modprobe ipt_helper
modprobe ipt_REDIRECT
modprobe ipt_TCPMSS
modprobe ipt_LOG
modprobe ipt_TOS
modprobe iptable_nat
modprobe ipt_length
modprobe ipt_tcpmss
modprobe iptable_mangle
modprobe ipt_tos
modprobe iptable_filter
modprobe ipt_helper
modprobe ipt_tos
modprobe ipt_ttl
modprobe ipt_SAME
modprobe ipt_REJECT
modprobe ipt_helper
modprobe ipt_owner
modprobe ip_tables
modprobe ipt_MASQUERADE
modprobe ipt_multiport/xt_multiport
modprobe ipt_state/xt_state
modprobe ipt_limit/xt_limit
modprobe ipt_recent
modprobe xt_connlimit
modprobe ipt_owner/xt_owner
modprobe iptable_nat/ipt_DNAT
modprobe iptable_nat/ipt_REDIRECT
3. Stop the container which one you want to enable the module :
vzctl stop 101
4 . Executing the following command:-
1) By Command:
Execute following command to enable all the modules for the VPS
vzctl set 101 – -iptables ipt_REJECT –iptables ipt_tos –iptables ipt_TOS –iptables ipt_LOG –iptables ip_conntrack –iptables ipt_limit –iptables ipt_multiport –iptables iptable_filter –iptables iptable_mangle –iptables ipt_TCPMSS –iptables ipt_tcpmss –iptables ipt_ttl –iptables ipt_length –iptables ipt_state –iptables iptable_nat –iptables ip_nat_ftp –save
or
2) Adding Rules manually:
Open the VPS configuration file which exists at /etc/vz/conf/veid.conf and paste following in the last line of the file.
IPTABLES=”iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc”
5. Restart the container.
vzctl restart 101
Wednesday, 4 April 2012
How to configure the ip in cpanel server through back end
The Command Line Method
You can also add IPs via command line in a way that cPanel understands, which is mainly useful when doing automated server setups, or adding multiple IPs across multiple servers. To do this, you’d edit the ipaliases load file, which is /etc/ips . If you already have additional IP addresses on your server added as aliases you may already see how this file is formatted, but here’s an example:
You can also add IPs via command line in a way that cPanel understands, which is mainly useful when doing automated server setups, or adding multiple IPs across multiple servers. To do this, you’d edit the ipaliases load file, which is /etc/ips . If you already have additional IP addresses on your server added as aliases you may already see how this file is formatted, but here’s an example:
123.456.789.123:255.255.255.0:123.456.789.255This is a colon-delimited file with each IP address on its own line. The first field is the IP itself, the second is its subnet mask, and the third is its broadcast. You can add as many IPs as you need, putting each on its own line. When you’re done, run the following commands:
service ipaliases reload (or service ipaliases restart)
/scripts/rebuildippoolTo check whether the IPs have been added successfully, you can perform any of the following tests:
/scripts/ipusage <~ will show the IP usage of the server
ifconfig <~ will show all IPs on the server
ping $ip <~ will ping the IP ($ip) you added to make sure it’s routing
Changing the Nameserver IPs of the WHM
Changing the Nameserver IPs of the WHM
If the client is getting the Nameserver IPs from the Main >> DNS Functions >> Nameserver IPs as
Example:
Nameserver IP No. Zones
ns1.localhost.com 64.99.64.32 80
ns2.localhost.com 64.99.64.32 80
>> From WHM to change them you can it from
Main >> Server Configuration >> Basic cPanel & WHM Setup >> Nameservers
>> From the shell you can change it with the below mentioned process
#vi /etc/nameserverips
64.99.64.32=ns1.localhost.com
64.99.64.32=ns2.localhost.com
change it to the appripriate IP address and Local host.
:wq!
>> Then access the file /var/cpanel/nameserverips.yaml
#vi /var/cpanel/nameserverips.yaml
Replace the appropriate nameservers and the IP address. >> After that restart the service
#service named restart OR #/etc/init.d/named restart
#service cpanel restart OR #/etc/init.d/cpanel restart
Check for the changes in the Nameserver IPs of the WHM.
Thats it !!! Done.
If the client is getting the Nameserver IPs from the Main >> DNS Functions >> Nameserver IPs as
Example:
Nameserver IP No. Zones
ns1.localhost.com 64.99.64.32 80
ns2.localhost.com 64.99.64.32 80
>> From WHM to change them you can it from
Main >> Server Configuration >> Basic cPanel & WHM Setup >> Nameservers
>> From the shell you can change it with the below mentioned process
#vi /etc/nameserverips
64.99.64.32=ns1.localhost.com
64.99.64.32=ns2.localhost.com
change it to the appripriate IP address and Local host.
:wq!
>> Then access the file /var/cpanel/nameserverips.yaml
#vi /var/cpanel/nameserverips.yaml
Replace the appropriate nameservers and the IP address. >> After that restart the service
#service named restart OR #/etc/init.d/named restart
#service cpanel restart OR #/etc/init.d/cpanel restart
Check for the changes in the Nameserver IPs of the WHM.
Thats it !!! Done.
how to recover mysql root password
Follow three easy steps to recover mysql root password.
irst of all stop mysqld service
#service mysqld stop or /etc/init.d/mysqld stop
start with skip grant table option
#mysqld_safe --skip-grant-tables &
now login with root without any password
# mysql -u root
here you got it!
now for own safety change mysql root password
mysql> set password=PASSWORD('yourpasswd');
mysql> flush privileges;
now stop mysql service and start it again
#service mysqld stop or /etc/init.d/mysqld stop
start with skip grant table option
#mysqld_safe --skip-grant-tables &
now login with root without any password
# mysql -u root
here you got it!
now for own safety change mysql root password
mysql> set password=PASSWORD('yourpasswd');
mysql> flush privileges;
now stop mysql service and start it again
Fix SolusVM Time Zone Issue with VMS
2- rm /etc//localtime
3- ln -s /usr/share/zoneinfo/EST /etc/localtime
Now ssh to you solusvm machine main machine:
rm /etc//localtime
ln -s /usr/share/zoneinfo/EST /etc/localtime
ntpdate us.pool.ntp.org
This will sync the time
now run the cron every night to sync time
crontab -e
0 0 * * * ntpdate us.pool.ntp.org
Fix Cpanel Permissions
Often we get internal error due to incorrect permission. Below are the commands to fix the file and directory permissions.
find $HOMEDIR -type f -exec chmod 644 {} \;find $HOMEDIR -type d -exec chmod 755 {} \;
Transfer the reseller account from one Cpanel server to other cPanel server.
EG : From Linux1 server to Linux2 server.
SSH server as root (to Linux1) .
1) Using following command, this will print all the account user name which are under reseller ownership.
root@Linux1[/home/]#cat /etc/trueuserowners | grep reseller-main-user-name | awk ‘{print$1}’ | cut -d : -f 1
2) create file backup-user.txt under reseller main account and add all the users listed by above command.
3) Now creating backup for users and move backup files to users home directory.
root@Linux1[/home/resellerusername] # for i in `cat /home/username/backup-user.txt`; do /scripts/pkgacct $i; mv /home/cpmove-$i.tar.gz /home/username/ ; done
Now copy all the backup along with file backup-user.txt to the destination server (Linux2) in /home partition and execute following command to restore the account.
SSH server as root (to Linux2) .
root@Linux2[/home/]#for i in `cat backup-user.txt `;do /scripts/restorepkg $i;done
Sunday, 1 April 2012
Use Of alias command
The alias command can be useful if you want to create
a 'shortcut' to a command.
The format is alias name='command'
alias mv='mv -i'
alias syam=ssh root@192.168.1.200
The above command is a default example of alias command.So by just typing the command mv it will execute What we had given in the right hand side of the alias.
To remove the alias ,use the unalias command.
The format is alias name='command'
alias mv='mv -i'
alias syam=ssh root@192.168.1.200
The above command is a default example of alias command.So by just typing the command mv it will execute What we had given in the right hand side of the alias.
To remove the alias ,use the unalias command.
Subscribe to:
Posts (Atom)