To solve this problem just reset the database password
---------------------
mysql> SET PASSWORD FOR 'some_user'@'some_host' = OLD_PASSWORD('newpwd');
----------------------
Tuesday, December 29, 2009
Tuesday, December 8, 2009
Account Creation Status: failed (Please setup a primary/secondary nameserver)
Change the "NS1 ns1.myprivateserver.example" line in /etc/wwwacct.conf to "NS ns1.myprivateserver.example"
Thursday, November 26, 2009
FTP Time Out error---> connection failed xx.xx.xxx.xxx – connection timed out
Resolution:
1)Login to the WHM==> FTP Server Selection
2)change the FTP server to Pure-FTPD from PRO-FTP ==> Save
3)Now ssh into the server as root and open the pure-ftp conf file /etc/pure-ftpd.conf
4)Find the FTP port no: used the “PassivePortRange” from the config file
5)Add the port range into the config file
for eg :
PassivePortRange 30000 40000
6)Save and quit
7)Open the csf(firewall) config file, add the ftp port along with the passive port range
eg :
# Allow incoming TCP ports
TCP_IN = “20,22,25,53,80,110,143,443,465,587,993,995,2001,2077,2078,2082,2083,2086,2087,
2095,2096,30000:40000″
1)Login to the WHM==> FTP Server Selection
2)change the FTP server to Pure-FTPD from PRO-FTP ==> Save
3)Now ssh into the server as root and open the pure-ftp conf file /etc/pure-ftpd.conf
4)Find the FTP port no: used the “PassivePortRange” from the config file
5)Add the port range into the config file
for eg :
PassivePortRange 30000 40000
6)Save and quit
7)Open the csf(firewall) config file, add the ftp port along with the passive port range
eg :
# Allow incoming TCP ports
TCP_IN = “20,22,25,53,80,110,143,443,465,587,993,995,2001,2077,2078,2082,2083,2086,2087,
2095,2096,30000:40000″
Wednesday, November 18, 2009
Outlook express... some tips
Here are some other outlook error code and solutions. The outlook error number and solution you will find here, include the following: 0x80040109, 0x80040201, 0x80040600, 0x8004060C, 0x80040900, 0x80042108, 0x80042109, 0x8004210A, 0x8004210B, 0x800C0131, 0x800CCC18, 0x800CCC1A, 0x800CCC79 and 0x800CCC7A.
0x80040109 - The Operation cannot be performed because the message has been changed
Error Message: Task 'pop.velnetweb.com - Sending' reported error (0x80040109) : 'The
operation cannot be performed because the message has been changed.'
Troubleshooting:
1) Disable email scanning and then restart Outlook
2) Check for any add-ins that may have altered the message by going to
Tools -> Options -> Other -> Advanced Options... -> Add-In Manager...
Error Message - 0x80040201 - Unknown Error
Solution:
This error has been known to occur for users migrating from an Exchange environment and is generated while sending to users from within the company only. The company contacts still reference the Exchange server which is either no longer in service or is not configured properly. Please check with systems adminstrator for resolution to this error.
0x80040600 - Unknown Error
Cause:
Corrupt PST file.
Solution:
Close Outlook
Click Start
Click Control Panel
Double-click the Mail icon
Click the Data Files button
Double-click on the PST file which is currently being used
Copy the text in the filename field.
Click Start
Click Search
Click All Files and Folders
Type scanpst.exe and click the Search button
Double-click the scanpst.exe icon (icon appears as a ripped envelope)
Paste the .pst filename into the text field
Click Start
Click the repair button to repair any damaged files
Open Outlook and verify it is working correctly
0x8004060C - Unknown Error
Error Message: Task ‘EMAIL ADDRESS’ - Sending and Receiving' reported error (0x8004060C) : 'Unknown Error 0x8004060C'
Solution:
This error is known to occur in Microsoft Outlook 2002 and usually indicates that the .pst file has reached it's capacity. For further resolution to this problem please visit the following link for a patch issued by Microsoft:
http://support.microsoft.com/?kbid=304863
0x80040900 - Unable to connect to server
Error Message : Task 'pop.velnetweb.co.uk - Receiving' reported error (0x80040900) : 'The server name you entered can not be found on the network (it might be down temporarily). Please verify that you are online and that the server name is correct.'
Troubleshooting:
User not connected to Internet.
Disable Firewall on system. If Outlook works with Firewall off refer them to the company of Firewall software.
0x80042108 - Outlook is unable to connect to your incoming (POP3) server
Error Message: Task 'Your server - Receiving' reported error (0x80042108) : 'Outlook is unable to connect to your incoming (POP3) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).'
Troubleshooting:
1.) Verify Internet connectivity
2.) Verify account settings
3.) Verify your email is the default account
4.) Telnet to pop.domainname.com and verify that port 110 is enabled
5.) Disable Internet Security or verify that Firewall is configured properly
6.) Disable Anti-virus software
7.) If still not working, restart computer.
8.) If still not working, contact the computer administrator or Internet Service Provider
0x80042109 - Outlook is unable to connect to your outgoing (SMTP) e-mail server
Error Message: Task 'Domain name - Receiving' reported error (0x80042108) : 'Outlook is unable to connect to your outgoing (SMTP) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).'
Troubleshooting:
1.) Verify Internet connectivity
2.) Verify account settings
3.) Verify your email is the default account
4.) Telnet to smtp.domain name.com and verify that port 25 and / or 5125 is enabled
5.) Disable Internet Security or verify that Firewall is configured properly
6.) Disable Anti-virus software
7.) If still not working, restart computer.
8.) If still not working, contact the computer administrator or Internet Service Provider.
0x8004210A - The operation timed out.
Error Message: The operation timed out waiting for a response from the receiving (POP) server 0x8004210a. A time-out occurred while communicating with the server 0x800ccc19
Troubleshooting:
Disable email scanning in Anti-Virus program.
Disable Firewall on system. If Outlook works with Firewall off refer them to the company of Firewall software.
Move any emails with large attachments on the web application to another folder and try popping the email again.
Increase the server timeout.
Run Telnet to see if there is a port being blocked.
Error message: 0x8004210B
Solution:
1) Verify POP / IMAP settings
2) Change outgoing port to 5125
3) Restart computer
0x800C0131 - An Unknown error has occurred. Protocol: SMTP Port: 0 Secure: No [SSL]
Cause:
This behavior can occur if the Folders.dbx file is missing, damaged, or using the read-only attribute.
Solution:
Note: Email may be lost during this procedure. It is important that you save any important email
1. Click Start, point to Find, and then click Files or Folders.
2. In the Named box, type folders.dbx.
3. In the Look In box, click your primary hard disk (usually drive C), and then click Find Now.
4. Right-click the Folders.dbx file, and then click Rename.
5. Type folders.old, and then click OK.
6. Start Outlook Express. This creates a new Folders.dbx file automatically
0x800CCC18 - Logon Attempt Failed
Error Message: No connection could be made because the target machine actively refused it.
Troubleshooting:
Check that computer has access to the Internet
Verify account settings ( POP / IMAP )
0x800CCC19 - A time-out occurred while communicating with the server
Error Message: A time-out occurred while communicating with the server 0x800ccc19
Troubleshooting:
Check that computer has access to the Internet
Verify account settings ( POP / IMAP )
Delete account and recreate
0x800CCC1A - SECURE_CONNECT_FAILED - Unable to connect using SSL
Error Message: SECURE_CONNECT_FAILED - Unable to connect using SSL.
Troubleshooting:
In Outlook select the 'Tools' menu.
Select 'Accounts'.
Click the 'Mail' tab'.
Double click the email account.
Select the 'Advanced' tab'.
Deselect 'This server requires a secure connection (SSL)' under both incoming mail and outgoing mail sections.
Click 'Apply' then Click 'OK'
0x800CCC79 - 501 Syntax Error
Error Message: Error 0x800CCC79 msg could not be sent - recipient was rejected by server... 501 char not allowed
Cause:
Email address is entered incorrectly
Solution:
Open the message from the Outbox and correct the email address. Make sure there are no spaces or incompatible characters
0x800CCC79 - Recipient Address Rejected
Error Message: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'test@domainmame.com' . Subject 'test', Account: 'Test', Server: 'smtp.xxxxxxx.xxx', Protocol: SMTP, Server Response: '550 5.7.1 Unable to relay for user@domain.com', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79
Cause:
This error will occur in Outlook 2000 if 'Outgoing server requires authentication' is not checked
Solution:
Check 'Outgoing server requires authentication'
0x800CCC7A - No sender address specified
Error Message: Connection to the server has failed, account ‘pop.domainname.com' error: 0x800CCC7A: No sender address specified.
Troubleshooting:
Verify account settings ( POP / IMAP )
Verify there is a valid email address in the To field
0x80040109 - The Operation cannot be performed because the message has been changed
Error Message: Task 'pop.velnetweb.com - Sending' reported error (0x80040109) : 'The
operation cannot be performed because the message has been changed.'
Troubleshooting:
1) Disable email scanning and then restart Outlook
2) Check for any add-ins that may have altered the message by going to
Tools -> Options -> Other -> Advanced Options... -> Add-In Manager...
Error Message - 0x80040201 - Unknown Error
Solution:
This error has been known to occur for users migrating from an Exchange environment and is generated while sending to users from within the company only. The company contacts still reference the Exchange server which is either no longer in service or is not configured properly. Please check with systems adminstrator for resolution to this error.
0x80040600 - Unknown Error
Cause:
Corrupt PST file.
Solution:
Close Outlook
Click Start
Click Control Panel
Double-click the Mail icon
Click the Data Files button
Double-click on the PST file which is currently being used
Copy the text in the filename field.
Click Start
Click Search
Click All Files and Folders
Type scanpst.exe and click the Search button
Double-click the scanpst.exe icon (icon appears as a ripped envelope)
Paste the .pst filename into the text field
Click Start
Click the repair button to repair any damaged files
Open Outlook and verify it is working correctly
0x8004060C - Unknown Error
Error Message: Task ‘EMAIL ADDRESS’ - Sending and Receiving' reported error (0x8004060C) : 'Unknown Error 0x8004060C'
Solution:
This error is known to occur in Microsoft Outlook 2002 and usually indicates that the .pst file has reached it's capacity. For further resolution to this problem please visit the following link for a patch issued by Microsoft:
http://support.microsoft.com/?kbid=304863
0x80040900 - Unable to connect to server
Error Message : Task 'pop.velnetweb.co.uk - Receiving' reported error (0x80040900) : 'The server name you entered can not be found on the network (it might be down temporarily). Please verify that you are online and that the server name is correct.'
Troubleshooting:
User not connected to Internet.
Disable Firewall on system. If Outlook works with Firewall off refer them to the company of Firewall software.
0x80042108 - Outlook is unable to connect to your incoming (POP3) server
Error Message: Task 'Your server - Receiving' reported error (0x80042108) : 'Outlook is unable to connect to your incoming (POP3) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).'
Troubleshooting:
1.) Verify Internet connectivity
2.) Verify account settings
3.) Verify your email is the default account
4.) Telnet to pop.domainname.com and verify that port 110 is enabled
5.) Disable Internet Security or verify that Firewall is configured properly
6.) Disable Anti-virus software
7.) If still not working, restart computer.
8.) If still not working, contact the computer administrator or Internet Service Provider
0x80042109 - Outlook is unable to connect to your outgoing (SMTP) e-mail server
Error Message: Task 'Domain name - Receiving' reported error (0x80042108) : 'Outlook is unable to connect to your outgoing (SMTP) e-mail server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).'
Troubleshooting:
1.) Verify Internet connectivity
2.) Verify account settings
3.) Verify your email is the default account
4.) Telnet to smtp.domain name.com and verify that port 25 and / or 5125 is enabled
5.) Disable Internet Security or verify that Firewall is configured properly
6.) Disable Anti-virus software
7.) If still not working, restart computer.
8.) If still not working, contact the computer administrator or Internet Service Provider.
0x8004210A - The operation timed out.
Error Message: The operation timed out waiting for a response from the receiving (POP) server 0x8004210a. A time-out occurred while communicating with the server 0x800ccc19
Troubleshooting:
Disable email scanning in Anti-Virus program.
Disable Firewall on system. If Outlook works with Firewall off refer them to the company of Firewall software.
Move any emails with large attachments on the web application to another folder and try popping the email again.
Increase the server timeout.
Run Telnet to see if there is a port being blocked.
Error message: 0x8004210B
Solution:
1) Verify POP / IMAP settings
2) Change outgoing port to 5125
3) Restart computer
0x800C0131 - An Unknown error has occurred. Protocol: SMTP Port: 0 Secure: No [SSL]
Cause:
This behavior can occur if the Folders.dbx file is missing, damaged, or using the read-only attribute.
Solution:
Note: Email may be lost during this procedure. It is important that you save any important email
1. Click Start, point to Find, and then click Files or Folders.
2. In the Named box, type folders.dbx.
3. In the Look In box, click your primary hard disk (usually drive C), and then click Find Now.
4. Right-click the Folders.dbx file, and then click Rename.
5. Type folders.old, and then click OK.
6. Start Outlook Express. This creates a new Folders.dbx file automatically
0x800CCC18 - Logon Attempt Failed
Error Message: No connection could be made because the target machine actively refused it.
Troubleshooting:
Check that computer has access to the Internet
Verify account settings ( POP / IMAP )
0x800CCC19 - A time-out occurred while communicating with the server
Error Message: A time-out occurred while communicating with the server 0x800ccc19
Troubleshooting:
Check that computer has access to the Internet
Verify account settings ( POP / IMAP )
Delete account and recreate
0x800CCC1A - SECURE_CONNECT_FAILED - Unable to connect using SSL
Error Message: SECURE_CONNECT_FAILED - Unable to connect using SSL.
Troubleshooting:
In Outlook select the 'Tools' menu.
Select 'Accounts'.
Click the 'Mail' tab'.
Double click the email account.
Select the 'Advanced' tab'.
Deselect 'This server requires a secure connection (SSL)' under both incoming mail and outgoing mail sections.
Click 'Apply' then Click 'OK'
0x800CCC79 - 501 Syntax Error
Error Message: Error 0x800CCC79 msg could not be sent - recipient was rejected by server... 501 char not allowed
Cause:
Email address is entered incorrectly
Solution:
Open the message from the Outbox and correct the email address. Make sure there are no spaces or incompatible characters
0x800CCC79 - Recipient Address Rejected
Error Message: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'test@domainmame.com' . Subject 'test', Account: 'Test', Server: 'smtp.xxxxxxx.xxx', Protocol: SMTP, Server Response: '550 5.7.1 Unable to relay for user@domain.com', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79
Cause:
This error will occur in Outlook 2000 if 'Outgoing server requires authentication' is not checked
Solution:
Check 'Outgoing server requires authentication'
0x800CCC7A - No sender address specified
Error Message: Connection to the server has failed, account ‘pop.domainname.com' error: 0x800CCC7A: No sender address specified.
Troubleshooting:
Verify account settings ( POP / IMAP )
Verify there is a valid email address in the To field
different indexing using .htaccess file
When a web browser is pointed to a directory on your web site which does not have an index.html file in it, the files in that directory can be listed on a web page.
1. Enable/Disable Directory Listing
To have the web server produce a list of files for such directories, use the below line in your .htaccess.
Options +Indexes
To have an error (403) returned instead, use this line.
Options -Indexes
2. Listing Style
Either a basic list of files can be shown, or a 'fancy' list including icons, file size, modification date and more.
IndexOptions +FancyIndexing
Add this to your .htaccess file to use the 'fancy' style.
IndexOptions -FancyIndexing
Use the above line if you prefer a more basic file list.
3. Ignore Files
Let's say you have a directory with .jpg, .gif and .png image files. You only want the .png files to show in the directory listings. Add this line to your .htaccess.
IndexIgnore *.gif *.jpg
The web server now ignores the .gif and .jpg files.
4. Modify Index File
Maybe you don't want a list of the files, you want a specific file to be shown instead. You could upload an index.html file in this directory. There is another way.
DirectoryIndex myfile.html
Instead of listing the files, web page myfile.html will now be shown for this directory and its subdirectories.
1. Enable/Disable Directory Listing
To have the web server produce a list of files for such directories, use the below line in your .htaccess.
Options +Indexes
To have an error (403) returned instead, use this line.
Options -Indexes
2. Listing Style
Either a basic list of files can be shown, or a 'fancy' list including icons, file size, modification date and more.
IndexOptions +FancyIndexing
Add this to your .htaccess file to use the 'fancy' style.
IndexOptions -FancyIndexing
Use the above line if you prefer a more basic file list.
3. Ignore Files
Let's say you have a directory with .jpg, .gif and .png image files. You only want the .png files to show in the directory listings. Add this line to your .htaccess.
IndexIgnore *.gif *.jpg
The web server now ignores the .gif and .jpg files.
4. Modify Index File
Maybe you don't want a list of the files, you want a specific file to be shown instead. You could upload an index.html file in this directory. There is another way.
DirectoryIndex myfile.html
Instead of listing the files, web page myfile.html will now be shown for this directory and its subdirectories.
iptraf ---> linux command
iptraf - Real-time Network Statistics
The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:
* Network traffic statistics by TCP connection
* IP traffic statistics by network interface
* Network traffic statistics by protocol
* Network traffic statistics by TCP/UDP port and by packet size
* Network traffic statistics by Layer2 address
The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:
* Network traffic statistics by TCP connection
* IP traffic statistics by network interface
* Network traffic statistics by protocol
* Network traffic statistics by TCP/UDP port and by packet size
* Network traffic statistics by Layer2 address
Tuesday, November 17, 2009
Fatal error: Client does not support authentication protocol requested by server; consider upgrading MySQL client in
1. Select the 'privileges' option on the main PhpMyAdmin page
2. Edit the user you're using to connect to the database
3. Scroll down to where it says 'Change password'
4. Enter and re-type the password for that user
5. IMPORTANT Where it says 'Password Hashing', choose the option that says 'MySQL 4.0 compatible'.
6. Save your selection
Or you can manually from the backed by using the below command
===============
mysql> SET PASSWORD FOR
-> 'some_user'@'some_host' = OLD_PASSWORD('newpwd');
===============
2. Edit the user you're using to connect to the database
3. Scroll down to where it says 'Change password'
4. Enter and re-type the password for that user
5. IMPORTANT Where it says 'Password Hashing', choose the option that says 'MySQL 4.0 compatible'.
6. Save your selection
Or you can manually from the backed by using the below command
===============
mysql> SET PASSWORD FOR
-> 'some_user'@'some_host' = OLD_PASSWORD('newpwd');
===============
Tuesday, October 27, 2009
535 Incorrect authentication data in Exim
exim failed @ A restart was attempted automagically.
Service Check Method: [tcp connect]
Failure Reason: TCP Transaction Log:
<< 220-serverX.xxx-xxxxxxxx.net ESMTP Exim 4.69 #12008 14:58:20 +0000
<<
<<
>> EHLO localhost
<< 250-serverx.xxx-xxxxxxxxxxx.net Hello localhost [127.0.0.1]
<<
<<
<<
<<
<<
>> AUTH PLAIN AF9fY3BhbmVsX19zZXJ2aWNlX19hdXRoX19leGltX19IY3VsTE dXcFpDNU1XM1c2OVU4dmdGSUlyQllwcHpuSVJwQVllYXhlVlh5 VU1FRmx5Slg0YVlVV2JEbkJYcmpVAHBFTlh0eGtMdkNsRkJvZ3 ROd0xZVVhTNlNWRlBHMUR6VEZBTG1naUFzQTc4Y0FlMW5HaHI4 VXBoa1R0N1FJa0U=
<< 535 Incorrect authentication data
exim: ** [535 Incorrect authentication data != 2]
Cmd Service Check Raw Output:
Here is the fix.
go to /var/cpanel/serviceauth/
remove the directory exim
cd /var/cpanel/serviceauth/
rm -rf exim
Restart Cpanel.
/etc/rc.d/init.d/cpanel restart
The folder exim will be recreated…
that should fix the issue.
Service Check Method: [tcp connect]
Failure Reason: TCP Transaction Log:
<< 220-serverX.xxx-xxxxxxxx.net ESMTP Exim 4.69 #12008 14:58:20 +0000
<<
<<
>> EHLO localhost
<< 250-serverx.xxx-xxxxxxxxxxx.net Hello localhost [127.0.0.1]
<<
<<
<<
<<
<<
>> AUTH PLAIN AF9fY3BhbmVsX19zZXJ2aWNlX19hdXRoX19leGltX19IY3VsTE dXcFpDNU1XM1c2OVU4dmdGSUlyQllwcHpuSVJwQVllYXhlVlh5 VU1FRmx5Slg0YVlVV2JEbkJYcmpVAHBFTlh0eGtMdkNsRkJvZ3 ROd0xZVVhTNlNWRlBHMUR6VEZBTG1naUFzQTc4Y0FlMW5HaHI4 VXBoa1R0N1FJa0U=
<< 535 Incorrect authentication data
exim: ** [535 Incorrect authentication data != 2]
Cmd Service Check Raw Output:
Here is the fix.
go to /var/cpanel/serviceauth/
remove the directory exim
cd /var/cpanel/serviceauth/
rm -rf exim
Restart Cpanel.
/etc/rc.d/init.d/cpanel restart
The folder exim will be recreated…
that should fix the issue.
Thursday, October 15, 2009
CAPTCAH (sample code..)
# CAPTCAH_sample code
#####################
$my_img = imagecreate( 200, 80 );
$background = imagecolorallocate( $my_img, 0, 0, 255 );
$text_colour = imagecolorallocate( $my_img, 255, 255, 0 );
$line_colour = imagecolorallocate( $my_img, 128, 255, 0 );
imagestring( $my_img, 4, 30, 25, "thesitewizard.com",
$text_colour );
imagesetthickness ( $my_img, 5 );
imageline( $my_img, 30, 45, 165, 45, $line_colour );
header( "Content-type: image/png" );
imagepng( $my_img );
imagecolordeallocate( $line_color );
imagecolordeallocate( $text_color );
imagecolordeallocate( $background );
imagedestroy( $my_img );
?>
http://www.thesitewizard.com/php/create-image.shtml
#####################
$my_img = imagecreate( 200, 80 );
$background = imagecolorallocate( $my_img, 0, 0, 255 );
$text_colour = imagecolorallocate( $my_img, 255, 255, 0 );
$line_colour = imagecolorallocate( $my_img, 128, 255, 0 );
imagestring( $my_img, 4, 30, 25, "thesitewizard.com",
$text_colour );
imagesetthickness ( $my_img, 5 );
imageline( $my_img, 30, 45, 165, 45, $line_colour );
header( "Content-type: image/png" );
imagepng( $my_img );
imagecolordeallocate( $line_color );
imagecolordeallocate( $text_color );
imagecolordeallocate( $background );
imagedestroy( $my_img );
?>
http://www.thesitewizard.com/php/create-image.shtml
Cron
for every 5 minutes
*/5 * * * *
Cron is UNIX/Linux service or daemon to execute scheduled commands. It is also known as the clock daemon that executes commands at specified dates and times according to instructions in a file.
Generally, crontab uses a daemon, crond, which runs constantly in the background and checks once a minute to see if any of the scheduled jobs need to be executed. If so, it executes them. These jobs are generally referred to as cron jobs.
Cron is controlled by a set of files called "crontabs". There is the master file in /etc/crontab. Each users cronjob is stored in /var/spool/cron/username directory.
Editing Crontab or setting up your own job
Just type following command:
$ crontab -e
daemon
A process that runs in the background and performs a specified operation at predefined times or in response to certain events.
Cron job are used to schedule commands to be executed periodically i.e. to setup commands which will repeatedly run at a set time, you can use the cron jobs.
crontab is the command used to install, deinstall or list the tables used to drive the cron daemon in Vixie Cron. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. You need to use crontab command for editing or setting up your own cron jobs.
To edit your crontab file, type the following command:
$ crontab -e
Syntax of crontab
Your cron job looks like as follows:
1 2 3 4 5 /path/to/command arg1 arg2
Where,
1: Minute (0-59)
2: Hours (0-23)
3: Day (0-31)
4: Month (0-12 [12 == December])
5: Day of the week(0-7 [7 or 0 == sunday])
/path/to/command - Script or command name to schedule
Same above five fields structure can be easily remembered with following diagram:
* * * * * command to be executed
- - - - -
| | | | |
| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)
| | | ------- Month (1 - 12)
| | --------- Day of month (1 - 31)
| ----------- Hour (0 - 23)
------------- Minute (0 - 59)
Example(s)
If you wished to have a script named /root/backup.sh run every day at 3am, my crontab entry would look like as follows:
(a) Install your cronjob:# crontab -e(b)Append following entry:0 3 * * * /root/backup.shRun five minutes after midnight, every day:5 0 * * * /path/to/commandRun at 2:15pm on the first of every month:15 14 1 * * /path/to/commandRun at 10 pm on weekdays: 0 22 * * 1-5 /path/to/command Run 23 minutes after midnigbt, 2am, 4am ..., everyday:23 0-23/2 * * * /path/to/commandRun at 5 after 4 every sunday:5 4 * * sun /path/to/command
Use of operators
An operator allows you to specifying multiple values in a field. There are three operators:
The asterisk (*) : This operator specifies all possible values for a field. For example, an asterisk in the hour time field would be equivalent to every hour or an asterisk in the month field would be equivalent to every month.
The comma (,) : This operator specifies a list of values, for example: "1,5,10,15,20, 25".
The dash (-) : This operator specifies a range of values, for example: "5-15" days , which is equivalent to typing "5,6,7,8,9,....,13,14,15" using the comma operator.
How do I disabling Email output?
By default the output of a command or a script (if any produced), will be email to your local email account. To stop receiving email output from crontab you need to append >/dev/null 2>&1. For example:0 3 * * * /root/backup.sh >/dev/null 2>&1To mail output to particluer email account let us say vivek@nixcraft.in you need to define MAILTO variable to your cron job:MAILTO="vivek@nixcraft.in"
0 3 * * * /root/backup.sh >/dev/null 2>&1
Task:To list your crontab jobs use the command
Type the following command:# crontab -lTo remove or erase all crontab jobs use the command:# crontab -r
Use special string to save time
Instead of the first five fields, you can use any one of eight special strings. It will not just save your time but it will improve readability.
Special string
Meaning
@reboot
Run once, at startup.
@yearly
Run once a year, "0 0 1 1 *".
@annually
(same as @yearly)
@monthly
Run once a month, "0 0 1 * *".
@weekly
Run once a week, "0 0 * * 0".
@daily
Run once a day, "0 0 * * *".
@midnight
(same as @daily)
@hourly
Run once an hour, "0 * * * *".
Run ntpdate every hour:
@hourly /path/to/ntpdate
Make a backup everyday:
@daily /path/to/backup/script.sh
Understanding /etc/crontab file and /etc/cron.d/* directories
/etc/crontab is system crontabs file. Usually only used by root user or daemons to configure system wide jobs. All individual user must must use crontab command to install and edit their jobs as described above. /var/spool/cron/ or /var/cron/tabs/ is directory for personal user crontab files. It must be backup with users home directory.
Typical /etc/crontab file entries:
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
Additionally, cron reads the files in /etc/cron.d/ directory. Usually system daemon such as sa-update or sysstat places their cronjob here. As a root user or superuser you can use following directories to configure cronjobs. You can directly drop your scripts here. run-parts command run scripts or programs in a directory via /etc/crontab
Directory
Description
/etc/cron.d/
Put all scripts here and call them from /etc/crontab file.
/etc/cron.daily/
Run all scripts once a day
/etc/cron.hourly/
Run all scripts once an hour
/etc/cron.monthly/
Run all scripts once a month
/etc/cron.weekly/
Run all scripts once a week
How do I use above directories to put scripts?
Here is a sample shell script (clean.cache) to clean up cached files every 10 days. This script is directly created at /etc/cron.daliy/ directory i.e. create a file called /etc/cron.daily/clean.cache:
#!/bin/bash
CROOT="/tmp/cachelighttpd/"
DAYS=10
LUSER="lighttpd"
LGROUP="lighttpd"
# start cleaning
/usr/bin/find ${CROOT} -type f -mtime +${DAYS} | xargs -r /bin/rm
# if directory deleted by some other script just get it back
if [ ! -d $CROOT ]
then
/bin/mkdir -p $CROOT
/bin/chown ${LUSER}:${LGROUP} ${CROOT}
fi
Cron (crond) daemon or service is use to execute scheduled commands or scripts. cron wakes up every minute, examining all stored crontabs, checking each command to see if it should be rhttp://www.ofc-clan.com/adultsun in the current minute.
If you are using Redhat (RHEL)/Fedora Core/Cent OS Linux use the following commands.
Task: Start cron service
To start the cron service, use:
# /etc/init.d/crond start
Task: Stop cron service
To stop the cron service, use:
# /etc/init.d/crond stop
Task: Restart cron service
To restart the cron service, use:
# /etc/init.d/crond restart
If you are using Debian or Ubuntu Linux the following commands.
Task: Start cron service
To start the cron service, use:
# /etc/init.d/cron start
OR
$ sudo /etc/init.d/cron start
Task: Stop cron service
To stop the cron service, use:
# /etc/init.d/cron stop
OR
$ sudo /etc/init.d/cron stop
Task: Restart cron service
To restart the cron service, use:
# /etc/init.d/cron restart
OR
$ sudo /etc/init.d/cron restart
Task : Start the cron service at boot time
It is recommended that you start the service at boot time so that job can run w/o problems.
If you are using Redhat (RHEL)/Fedora Core/Cent OS Linux use the following commands to ensure that the service remains enabled after a reboot:
# chkconfig crond on
You can use text based GUI tool called ntsysv:
# ntsysv
If you are using Debian or Ubuntu Linux use the following commands to ensure that the service remains enabled after a reboot:
# rcconf
OPR
$ sudo rcconf
You can use command line tool update-rc.d:
# update-rc.d cron defaults
OR
$ sudo update-rc.d cron defaults
crontab -e
Edit your crontab file.
crontab -l
Show your crontab file.
crontab -r
Remove your crontab file.
*/5 * * * *
Cron is UNIX/Linux service or daemon to execute scheduled commands. It is also known as the clock daemon that executes commands at specified dates and times according to instructions in a file.
Generally, crontab uses a daemon, crond, which runs constantly in the background and checks once a minute to see if any of the scheduled jobs need to be executed. If so, it executes them. These jobs are generally referred to as cron jobs.
Cron is controlled by a set of files called "crontabs". There is the master file in /etc/crontab. Each users cronjob is stored in /var/spool/cron/username directory.
Editing Crontab or setting up your own job
Just type following command:
$ crontab -e
daemon
A process that runs in the background and performs a specified operation at predefined times or in response to certain events.
Cron job are used to schedule commands to be executed periodically i.e. to setup commands which will repeatedly run at a set time, you can use the cron jobs.
crontab is the command used to install, deinstall or list the tables used to drive the cron daemon in Vixie Cron. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. You need to use crontab command for editing or setting up your own cron jobs.
To edit your crontab file, type the following command:
$ crontab -e
Syntax of crontab
Your cron job looks like as follows:
1 2 3 4 5 /path/to/command arg1 arg2
Where,
1: Minute (0-59)
2: Hours (0-23)
3: Day (0-31)
4: Month (0-12 [12 == December])
5: Day of the week(0-7 [7 or 0 == sunday])
/path/to/command - Script or command name to schedule
Same above five fields structure can be easily remembered with following diagram:
* * * * * command to be executed
- - - - -
| | | | |
| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)
| | | ------- Month (1 - 12)
| | --------- Day of month (1 - 31)
| ----------- Hour (0 - 23)
------------- Minute (0 - 59)
Example(s)
If you wished to have a script named /root/backup.sh run every day at 3am, my crontab entry would look like as follows:
(a) Install your cronjob:# crontab -e(b)Append following entry:0 3 * * * /root/backup.shRun five minutes after midnight, every day:5 0 * * * /path/to/commandRun at 2:15pm on the first of every month:15 14 1 * * /path/to/commandRun at 10 pm on weekdays: 0 22 * * 1-5 /path/to/command Run 23 minutes after midnigbt, 2am, 4am ..., everyday:23 0-23/2 * * * /path/to/commandRun at 5 after 4 every sunday:5 4 * * sun /path/to/command
Use of operators
An operator allows you to specifying multiple values in a field. There are three operators:
The asterisk (*) : This operator specifies all possible values for a field. For example, an asterisk in the hour time field would be equivalent to every hour or an asterisk in the month field would be equivalent to every month.
The comma (,) : This operator specifies a list of values, for example: "1,5,10,15,20, 25".
The dash (-) : This operator specifies a range of values, for example: "5-15" days , which is equivalent to typing "5,6,7,8,9,....,13,14,15" using the comma operator.
How do I disabling Email output?
By default the output of a command or a script (if any produced), will be email to your local email account. To stop receiving email output from crontab you need to append >/dev/null 2>&1. For example:0 3 * * * /root/backup.sh >/dev/null 2>&1To mail output to particluer email account let us say vivek@nixcraft.in you need to define MAILTO variable to your cron job:MAILTO="vivek@nixcraft.in"
0 3 * * * /root/backup.sh >/dev/null 2>&1
Task:To list your crontab jobs use the command
Type the following command:# crontab -lTo remove or erase all crontab jobs use the command:# crontab -r
Use special string to save time
Instead of the first five fields, you can use any one of eight special strings. It will not just save your time but it will improve readability.
Special string
Meaning
@reboot
Run once, at startup.
@yearly
Run once a year, "0 0 1 1 *".
@annually
(same as @yearly)
@monthly
Run once a month, "0 0 1 * *".
@weekly
Run once a week, "0 0 * * 0".
@daily
Run once a day, "0 0 * * *".
@midnight
(same as @daily)
@hourly
Run once an hour, "0 * * * *".
Run ntpdate every hour:
@hourly /path/to/ntpdate
Make a backup everyday:
@daily /path/to/backup/script.sh
Understanding /etc/crontab file and /etc/cron.d/* directories
/etc/crontab is system crontabs file. Usually only used by root user or daemons to configure system wide jobs. All individual user must must use crontab command to install and edit their jobs as described above. /var/spool/cron/ or /var/cron/tabs/ is directory for personal user crontab files. It must be backup with users home directory.
Typical /etc/crontab file entries:
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
Additionally, cron reads the files in /etc/cron.d/ directory. Usually system daemon such as sa-update or sysstat places their cronjob here. As a root user or superuser you can use following directories to configure cronjobs. You can directly drop your scripts here. run-parts command run scripts or programs in a directory via /etc/crontab
Directory
Description
/etc/cron.d/
Put all scripts here and call them from /etc/crontab file.
/etc/cron.daily/
Run all scripts once a day
/etc/cron.hourly/
Run all scripts once an hour
/etc/cron.monthly/
Run all scripts once a month
/etc/cron.weekly/
Run all scripts once a week
How do I use above directories to put scripts?
Here is a sample shell script (clean.cache) to clean up cached files every 10 days. This script is directly created at /etc/cron.daliy/ directory i.e. create a file called /etc/cron.daily/clean.cache:
#!/bin/bash
CROOT="/tmp/cachelighttpd/"
DAYS=10
LUSER="lighttpd"
LGROUP="lighttpd"
# start cleaning
/usr/bin/find ${CROOT} -type f -mtime +${DAYS} | xargs -r /bin/rm
# if directory deleted by some other script just get it back
if [ ! -d $CROOT ]
then
/bin/mkdir -p $CROOT
/bin/chown ${LUSER}:${LGROUP} ${CROOT}
fi
Cron (crond) daemon or service is use to execute scheduled commands or scripts. cron wakes up every minute, examining all stored crontabs, checking each command to see if it should be rhttp://www.ofc-clan.com/adultsun in the current minute.
If you are using Redhat (RHEL)/Fedora Core/Cent OS Linux use the following commands.
Task: Start cron service
To start the cron service, use:
# /etc/init.d/crond start
Task: Stop cron service
To stop the cron service, use:
# /etc/init.d/crond stop
Task: Restart cron service
To restart the cron service, use:
# /etc/init.d/crond restart
If you are using Debian or Ubuntu Linux the following commands.
Task: Start cron service
To start the cron service, use:
# /etc/init.d/cron start
OR
$ sudo /etc/init.d/cron start
Task: Stop cron service
To stop the cron service, use:
# /etc/init.d/cron stop
OR
$ sudo /etc/init.d/cron stop
Task: Restart cron service
To restart the cron service, use:
# /etc/init.d/cron restart
OR
$ sudo /etc/init.d/cron restart
Task : Start the cron service at boot time
It is recommended that you start the service at boot time so that job can run w/o problems.
If you are using Redhat (RHEL)/Fedora Core/Cent OS Linux use the following commands to ensure that the service remains enabled after a reboot:
# chkconfig crond on
You can use text based GUI tool called ntsysv:
# ntsysv
If you are using Debian or Ubuntu Linux use the following commands to ensure that the service remains enabled after a reboot:
# rcconf
OPR
$ sudo rcconf
You can use command line tool update-rc.d:
# update-rc.d cron defaults
OR
$ sudo update-rc.d cron defaults
crontab -e
Edit your crontab file.
crontab -l
Show your crontab file.
crontab -r
Remove your crontab file.
SPF record
The spf record is in the zone file
=====================
To publish SPF, a domain has to add only one line to its zone file. That line is a TXT record, and you can publish it today. Let's see what the TXT record looks like.
SPF by Example
Suppose example.com wants to publish SPF. It expects MTAs everywhere to read its SPF record and use it to reject forgery attempts. It hopes SPF reduces the volume of joe-job bounces and bogus abuse reports. So it adds the following line to its zone file:
example.com. IN TXT "v=spf1 a mx ptr -all"
The v=spf1 version string identifies this as an SPF record. The -all means reject all mail by default. Domains that don't send any mail, such as altavista.com, can get by with simply v=spf1 -all. But if the domain does send mail, it declares mechanisms that describe how legitimate mail should look. Mechanisms go in the middle, before -all. The first mechanism to match provides a result for the SPF query. -all always matches and so belongs at the end.
Basic SPF
A: the A mechanism means the IP address of example.com is permitted to send mail from example.com. If you want to say the IP address of some-other.com is permitted, you can say a:some-other.com. You can use as many A mechanisms as you want.
MX: the MX mechanism means the MX servers for example.com all are permitted to send mail from example.com. If you want to say the MX servers for some-other.com are permitted, you can say mx:some-other.com. You can use as many MX mechanisms as you want.
PTR: the PTR mechanism says if a host has a PTR record that ends in example.com, it is permitted to send mail from example.com. This would be a good choice for Yahoo, whose mail server names all end in yahoo.com. It would be a bad choice for a broadband provider like Comcast. If you want to say servers whose names end in some-other.com are permitted to send mail from example.com, you can say ptr:some-other.com. You can use as many PTR mechanisms as you want.
IP4: to say the class C network of 192.0.2.0 is permitted to send mail from example.com, you would write ip4:192.0.2.0/24.
Mechanisms are interpreted left-to-right. Using v=spf1 a mx ptr -all first would check whether the connecting client was found in the A record for the domain or, failing that, in its list of MX servers. Then the MTA would check to see whether the hostname of the client matched the domain. If none of the mechanisms matched, -all would be evaluated, the result would be fail and the MTA would be justified in rejecting the mail.
A, MX, PTR and IP4 are enough for the overwhelming majority of domains. The setup wizard at spf.pobox.com/wizard.html can help you configure SPF for your domain. But if your situation is complex, you can use the mechanisms described in the “Advanced SPF” sidebar.
====================
MAILING PROBLEM
==============
The above specifes that this is an SPF record for mydomain.com:
v=spf1 - a required header that indicates this is an spf record
a - the A record for mydomain.com is allowed to send email
mx - the MX record for mydomain.com is allowed to send email
~all - all other mailservers trying to send mail will return a code of "softfail". The mail will still go through, however it will be a suspect message
If you wished to allow another server to send mail through that had the hostname of mail2.mydomain.com, you would modify the record thusly:
mydomain.com IN TXT "v=spf1 a mx a:mail2.mydomain.com ~all"
Also, if you wish to give a hard fail, and only allow those servers to send mail, the record would look like:
mydomain.com IN TXT "v=spf1 a mx a:mail2.mydomain.com -all"
==============
=====================
To publish SPF, a domain has to add only one line to its zone file. That line is a TXT record, and you can publish it today. Let's see what the TXT record looks like.
SPF by Example
Suppose example.com wants to publish SPF. It expects MTAs everywhere to read its SPF record and use it to reject forgery attempts. It hopes SPF reduces the volume of joe-job bounces and bogus abuse reports. So it adds the following line to its zone file:
example.com. IN TXT "v=spf1 a mx ptr -all"
The v=spf1 version string identifies this as an SPF record. The -all means reject all mail by default. Domains that don't send any mail, such as altavista.com, can get by with simply v=spf1 -all. But if the domain does send mail, it declares mechanisms that describe how legitimate mail should look. Mechanisms go in the middle, before -all. The first mechanism to match provides a result for the SPF query. -all always matches and so belongs at the end.
Basic SPF
A: the A mechanism means the IP address of example.com is permitted to send mail from example.com. If you want to say the IP address of some-other.com is permitted, you can say a:some-other.com. You can use as many A mechanisms as you want.
MX: the MX mechanism means the MX servers for example.com all are permitted to send mail from example.com. If you want to say the MX servers for some-other.com are permitted, you can say mx:some-other.com. You can use as many MX mechanisms as you want.
PTR: the PTR mechanism says if a host has a PTR record that ends in example.com, it is permitted to send mail from example.com. This would be a good choice for Yahoo, whose mail server names all end in yahoo.com. It would be a bad choice for a broadband provider like Comcast. If you want to say servers whose names end in some-other.com are permitted to send mail from example.com, you can say ptr:some-other.com. You can use as many PTR mechanisms as you want.
IP4: to say the class C network of 192.0.2.0 is permitted to send mail from example.com, you would write ip4:192.0.2.0/24.
Mechanisms are interpreted left-to-right. Using v=spf1 a mx ptr -all first would check whether the connecting client was found in the A record for the domain or, failing that, in its list of MX servers. Then the MTA would check to see whether the hostname of the client matched the domain. If none of the mechanisms matched, -all would be evaluated, the result would be fail and the MTA would be justified in rejecting the mail.
A, MX, PTR and IP4 are enough for the overwhelming majority of domains. The setup wizard at spf.pobox.com/wizard.html can help you configure SPF for your domain. But if your situation is complex, you can use the mechanisms described in the “Advanced SPF” sidebar.
====================
MAILING PROBLEM
==============
The above specifes that this is an SPF record for mydomain.com:
v=spf1 - a required header that indicates this is an spf record
a - the A record for mydomain.com is allowed to send email
mx - the MX record for mydomain.com is allowed to send email
~all - all other mailservers trying to send mail will return a code of "softfail". The mail will still go through, however it will be a suspect message
If you wished to allow another server to send mail through that had the hostname of mail2.mydomain.com, you would modify the record thusly:
mydomain.com IN TXT "v=spf1 a mx a:mail2.mydomain.com ~all"
Also, if you wish to give a hard fail, and only allow those servers to send mail, the record would look like:
mydomain.com IN TXT "v=spf1 a mx a:mail2.mydomain.com -all"
==============
ERROR: Unknown IMAP response.
ERROR: Unknown IMAP response.
Query: FETCH 18678:18679,18681:18682,18692,18699:18702,18704,18709:18715,18720,18727,18732,18735,18738,18741,18743,18746,18750:18751,18753:18807,18809,18811:18813,18815:18819,18824:18832 (FLAGS UID RFC822.SIZE INTERNALDATE BODY.PEEK[HEADER.FIELDS (Date To Cc From Subject X-Priority Importance Priority Content-Type)])
Server responded:
/scripts/courierup --force ---------->the problem is due to the connection problem of courierup
/usr/local/cpanel/bin/update-horde --force
Query: FETCH 18678:18679,18681:18682,18692,18699:18702,18704,18709:18715,18720,18727,18732,18735,18738,18741,18743,18746,18750:18751,18753:18807,18809,18811:18813,18815:18819,18824:18832 (FLAGS UID RFC822.SIZE INTERNALDATE BODY.PEEK[HEADER.FIELDS (Date To Cc From Subject X-Priority Importance Priority Content-Type)])
Server responded:
/scripts/courierup --force ---------->the problem is due to the connection problem of courierup
/usr/local/cpanel/bin/update-horde --force
Linux overall
To check whether the port is listening:
lsof -i tcp:80
nmap localhost
cat /usr/local/apache/logs/error_log | grep domain.com
crontab -e
netstat -nap | wc -l
du -sh *
ls -lart
netstat -tn | grep :80 | awk '{print $5}' | cut -f1 -d: | sort | uniq -c | sort -rn | head
iptables -nL | grep 192.168.1.1
iptables -I INPUT -s 209.151.224.237 -j DROP
iptables -I INPUT -s 209.151.224.237 -j ACCEPT
iptables -D INPUT -s 209.151.224.237 -j DROP
grep deepinto /etc/userdomains
grep deepinto /etc/trueuserdomains
grep deepinto /etc/trueuserdomains
tail -f /var/log/exim_mainlog | grep
vi /etc/valiases/domain.com
pidof httpd
pgrep httpd
chown noble.noble test.php
cd -
vi /usr/local/apache/conf/httpd.conf
tail -f /usr/local/apache/logs/error_log
tail -f /usr/local/apache/logs/suexec_log
tail -f /usr/local/apache/logs/modsec_audit.log
tail -f /usr/local/apache/logs/modsec_debug_log
tail -f /usr/local/apache/logs/modsec_debug.log
grant all privileges on db.* to uesrname@'localhost' identified by 'password'
grant all privileges on db.* to uesrname@'%' identified by 'password'
find . -type f -name "*.corrupted" -exec rm -f {} \;
for i in `cat iframe.txt`; do sed -i.bak.hak 's///' $i; done
uzip filename.zip
gunzip filename.zip
grep config* */*/*/*/*
mysqldump tobhadr_idearich > tobhadr_idearich.sql
find -type d -exec chmod 0755 {} \;
script
fc -l
stty
tty
===========================================================================================================
Exim Commands
exim -bpc [No. of Mails in Queue]
exiwhat
exiqgrep -z -i
exim -bpr | grep frozen | wc -l
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm
exim -bp | grep <>
exim -Mvh 1MWBs7-0000VO-3z [Message ID]
/scripts
/scripts/pkgacct username [Backup a Domain Account via SSH]
/scripts/restorepkg username [Restore a Domain Account via SSH]
/scripts/runweblogs username [Updating log programs -> Awstats/Webalizer/etc... ]
/scripts/fixquotas [Fixing/Updating Quota problems]
cPanel Logs – A detailed view
Applications can log the system activity in two ways, one being according to their autonomous logic & the other through the system’s log daemon, well know as syslog..
The syslog daemon’s configuration file /etc/syslog.conf contains all the necessary paths/locations as to where the logs are stored.
Usually the directory /var/log/ is used for the system logs but other applications use the applications specified directories to store their log files…
Many distributions provide tools to manage and analyze the system logs.
Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file.
It may also have additional package-defined configurations in the /etc/logrotate.d/ directory..
In order to understand what’s happening on the system a brief analysis of /etc/syslog.conf is mandatory for checking the main logs positions.
Here are some basic log files, their locations & a brief description which can be found in Linux distros [mostly in cPanel ]:
General:
Quote:
cPanel/WHM Initial Installation Errors:
Location : /var/log/cpanel*install*
Description : These log files contain cPanel installation logs & should be referenced first for any issues resulting from new cPanel installations..
Quote:
Cpanel/WHM Service Status Logs:
Location : /var/log/chkservd.log
Description :The service monitoring demon (chkservd) logs all service checks here. Failed service are represented with a [-] and active services are represented by [+].
Quote:
Cpanel/WHM Accounting Logs:
Location : /var/cpanel/accounting.log
Description : Contains a list of accounting functions performed through WHM, including account removal and creation..
cPanel/WHM Specific Requests and Errors:
cPanel error logs:
Location : /usr/local/cpanel/logs/error_log
Description : cPanel logs any error it incurs here. This should be checked when you encounter errors or strange behavior in
cPanel/WHM
cPanel License Error Logs:
Location : /usr/local/cpanel/logs/license_log
Description : All license update attempts are logged here.
If you run into any errors related to license when logging in, check here.
Quote:
Stats Daemon Logs:
Location : /usr/local/cpanel/logs/stats_log
Description : The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.
Quote:
Client Information, Requested URL Logs:
Location : /usr/local/cpanel/logs/access_log
Description : General information related to access cPanel requests is logged here.
Quote:
cPanel/WHM Update Logs:
Location : /var/cpanel/updatelogs/update-[TIMESTAMP].log
Description : Contains all output from each cPanel update [upcp]. It’s named with the timestamp at which the upcp process was initiated..
Quote:
Bandwidth Logs:
Location : /var/cpanel/bandwidth
Description : Files contain a list of the bandwidth history for each account. Each named after their respective user.
Tailwatchd Log:
Location : /usr/local/cpanel/logs/tailwatchd_log
Description : Logs for daemon configuired under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.
Apache Logs:
General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.
Apache SuExec Logs:
Location : /usr/local/apache/logs/suexec_log
Description : Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations…
Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.
Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.
Exim:
Message Reception and Delivery:
Location : /var/log/exim_mainlog or /var/log/exim/mainlog
Description : Receives an entry every time a message is received or delivered.
Quote:
Exim ACLs/Policies based RejectLog :
Location : /var/log/exim_rejectlog
Description : An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail
Quote:
Unexpected or Fatal Errors:
Location : /var/log/exim_paniclog
Description : Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated..
Quote:
IMAP/POP/SpamAssassin General Logging and Errors:
Location : /var/log/maillog & /var/log/messages
Description : The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.
FTP: Quote: FTP Logins and General Errors: Location : /var/log/messages Description : General information and login attempts are logged here.. Quote: FTP Transactions logging: Location : /var/log/xferlog or /var/log/messages Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users… MySQL: Quote: MySQL General Information and Errors : Location : /var/lib/mysql/$(hostname).err Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log Security: Quote: Authentication attempts: Location : /var/log/secure Description : Logs all daemons which requires PAM Authentication. Quote: Tracking all Bad Logins and Logouts: Location : /var/log/btmp Description : Log of all attempted bad logins to the system. Accessed via the lastb command.. Quote: Tracking all Logins and Logouts: Location : /var/log/wtmp Description : The wtmp file records all logins and logouts. Quote: Last Logins: Location : /var/log/lastlog Description : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user. Quote: WebDav or WebDisk Log : Location : /usr/local/cpanel/logs/cpdavd_error_log Description : The cpdavd daemon is “WebDav” (better known as “WebDisk”) which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content… Quote: Cphulkd Logs: Location : /usr/local/cpanel/logs/cphulkd_errors.log Description : cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service…. It blacklists IPs that it thinks are trying to run a brute force attack. Quote: Failure Logging: Location : /var/log/faillog Description : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure. Quote: Startup/Boot, Kernel & Hardware error messages : Location : /var/log/dmesg Description : dmesg is a “window” into the kernels ring-buffer. It’s a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..
lsof -i tcp:80
nmap localhost
cat /usr/local/apache/logs/error_log | grep domain.com
crontab -e
netstat -nap | wc -l
du -sh *
ls -lart
netstat -tn | grep :80 | awk '{print $5}' | cut -f1 -d: | sort | uniq -c | sort -rn | head
iptables -nL | grep 192.168.1.1
iptables -I INPUT -s 209.151.224.237 -j DROP
iptables -I INPUT -s 209.151.224.237 -j ACCEPT
iptables -D INPUT -s 209.151.224.237 -j DROP
grep deepinto /etc/userdomains
grep deepinto /etc/trueuserdomains
grep deepinto /etc/trueuserdomains
tail -f /var/log/exim_mainlog | grep
vi /etc/valiases/domain.com
pidof httpd
pgrep httpd
chown noble.noble test.php
cd -
vi /usr/local/apache/conf/httpd.conf
tail -f /usr/local/apache/logs/error_log
tail -f /usr/local/apache/logs/suexec_log
tail -f /usr/local/apache/logs/modsec_audit.log
tail -f /usr/local/apache/logs/modsec_debug_log
tail -f /usr/local/apache/logs/modsec_debug.log
grant all privileges on db.* to uesrname@'localhost' identified by 'password'
grant all privileges on db.* to uesrname@'%' identified by 'password'
find . -type f -name "*.corrupted" -exec rm -f {} \;
for i in `cat iframe.txt`; do sed -i.bak.hak 's///' $i; done
uzip filename.zip
gunzip filename.zip
grep config* */*/*/*/*
mysqldump tobhadr_idearich > tobhadr_idearich.sql
find -type d -exec chmod 0755 {} \;
script
fc -l
stty
tty
===========================================================================================================
Exim Commands
exim -bpc [No. of Mails in Queue]
exiwhat
exiqgrep -z -i
exim -bpr | grep frozen | wc -l
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm
exim -bp | grep <>
exim -Mvh 1MWBs7-0000VO-3z [Message ID]
/scripts
/scripts/pkgacct username [Backup a Domain Account via SSH]
/scripts/restorepkg username [Restore a Domain Account via SSH]
/scripts/runweblogs username [Updating log programs -> Awstats/Webalizer/etc... ]
/scripts/fixquotas [Fixing/Updating Quota problems]
cPanel Logs – A detailed view
Applications can log the system activity in two ways, one being according to their autonomous logic & the other through the system’s log daemon, well know as syslog..
The syslog daemon’s configuration file /etc/syslog.conf contains all the necessary paths/locations as to where the logs are stored.
Usually the directory /var/log/ is used for the system logs but other applications use the applications specified directories to store their log files…
Many distributions provide tools to manage and analyze the system logs.
Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file.
It may also have additional package-defined configurations in the /etc/logrotate.d/ directory..
In order to understand what’s happening on the system a brief analysis of /etc/syslog.conf is mandatory for checking the main logs positions.
Here are some basic log files, their locations & a brief description which can be found in Linux distros [mostly in cPanel ]:
General:
Quote:
cPanel/WHM Initial Installation Errors:
Location : /var/log/cpanel*install*
Description : These log files contain cPanel installation logs & should be referenced first for any issues resulting from new cPanel installations..
Quote:
Cpanel/WHM Service Status Logs:
Location : /var/log/chkservd.log
Description :The service monitoring demon (chkservd) logs all service checks here. Failed service are represented with a [-] and active services are represented by [+].
Quote:
Cpanel/WHM Accounting Logs:
Location : /var/cpanel/accounting.log
Description : Contains a list of accounting functions performed through WHM, including account removal and creation..
cPanel/WHM Specific Requests and Errors:
cPanel error logs:
Location : /usr/local/cpanel/logs/error_log
Description : cPanel logs any error it incurs here. This should be checked when you encounter errors or strange behavior in
cPanel/WHM
cPanel License Error Logs:
Location : /usr/local/cpanel/logs/license_log
Description : All license update attempts are logged here.
If you run into any errors related to license when logging in, check here.
Quote:
Stats Daemon Logs:
Location : /usr/local/cpanel/logs/stats_log
Description : The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.
Quote:
Client Information, Requested URL Logs:
Location : /usr/local/cpanel/logs/access_log
Description : General information related to access cPanel requests is logged here.
Quote:
cPanel/WHM Update Logs:
Location : /var/cpanel/updatelogs/update-[TIMESTAMP].log
Description : Contains all output from each cPanel update [upcp]. It’s named with the timestamp at which the upcp process was initiated..
Quote:
Bandwidth Logs:
Location : /var/cpanel/bandwidth
Description : Files contain a list of the bandwidth history for each account. Each named after their respective user.
Tailwatchd Log:
Location : /usr/local/cpanel/logs/tailwatchd_log
Description : Logs for daemon configuired under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.
Apache Logs:
General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.
Apache SuExec Logs:
Location : /usr/local/apache/logs/suexec_log
Description : Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations…
Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.
Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.
Exim:
Message Reception and Delivery:
Location : /var/log/exim_mainlog or /var/log/exim/mainlog
Description : Receives an entry every time a message is received or delivered.
Quote:
Exim ACLs/Policies based RejectLog :
Location : /var/log/exim_rejectlog
Description : An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail
Quote:
Unexpected or Fatal Errors:
Location : /var/log/exim_paniclog
Description : Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated..
Quote:
IMAP/POP/SpamAssassin General Logging and Errors:
Location : /var/log/maillog & /var/log/messages
Description : The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.
FTP: Quote: FTP Logins and General Errors: Location : /var/log/messages Description : General information and login attempts are logged here.. Quote: FTP Transactions logging: Location : /var/log/xferlog or /var/log/messages Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users… MySQL: Quote: MySQL General Information and Errors : Location : /var/lib/mysql/$(hostname).err Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log Security: Quote: Authentication attempts: Location : /var/log/secure Description : Logs all daemons which requires PAM Authentication. Quote: Tracking all Bad Logins and Logouts: Location : /var/log/btmp Description : Log of all attempted bad logins to the system. Accessed via the lastb command.. Quote: Tracking all Logins and Logouts: Location : /var/log/wtmp Description : The wtmp file records all logins and logouts. Quote: Last Logins: Location : /var/log/lastlog Description : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user. Quote: WebDav or WebDisk Log : Location : /usr/local/cpanel/logs/cpdavd_error_log Description : The cpdavd daemon is “WebDav” (better known as “WebDisk”) which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content… Quote: Cphulkd Logs: Location : /usr/local/cpanel/logs/cphulkd_errors.log Description : cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service…. It blacklists IPs that it thinks are trying to run a brute force attack. Quote: Failure Logging: Location : /var/log/faillog Description : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure. Quote: Startup/Boot, Kernel & Hardware error messages : Location : /var/log/dmesg Description : dmesg is a “window” into the kernels ring-buffer. It’s a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..
Log Files
Applications can log the system activity in two ways, one being according to their autonomous logic & the other through the system’s log daemon, well know as syslog..
The syslog daemon’s configuration file /etc/syslog.conf contains all the necessary paths/locations as to where the logs are stored.
Usually the directory /var/log/ is used for the system logs but other applications use the applications specified directories to store their log files…
Many distributions provide tools to manage and analyze the system logs.
Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file.
It may also have additional package-defined configurations in the /etc/logrotate.d/ directory..
In order to understand what’s happening on the system a brief analysis of /etc/syslog.conf is mandatory for checking the main logs positions.
Here are some basic log files, their locations & a brief description which can be found in Linux distros [mostly in cPanel ]:
General:
Quote:
Quote:
cPanel/WHM Initial Installation Errors:
Location : /var/log/cpanel*install*
Description : These log files contain cPanel installation logs & should be referenced first for any issues resulting from new cPanel installations..
Quote:
Cpanel/WHM Service Status Logs:
Location : /var/log/chkservd.log
Description :The service monitoring demon (chkservd) logs all service checks here. Failed service are represented with a [-] and active services are represented by [+].
Quote:
Cpanel/WHM Accounting Logs:
Location : /var/cpanel/accounting.log
Description : Contains a list of accounting functions performed through WHM, including account removal and creation..
cPanel/WHM Specific Requests and Errors:
Quote:
Quote:
cPanel error logs:
Location : /usr/local/cpanel/logs/error_log
Description : cPanel logs any error it incurs here. This should be checked when you encounter errors or strange behavior in cPanel/WHM…
Quote:
cPanel License Error Logs:
Location : /usr/local/cpanel/logs/license_log
Description : All license update attempts are logged here. If you run into any errors related to license when logging in, check here.
Quote:
Stats Daemon Logs:
Location : /usr/local/cpanel/logs/stats_log
Description : The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.
Quote:
Client Information, Requested URL Logs:
Location : /usr/local/cpanel/logs/access_log
Description : General information related to access cPanel requests is logged here.
Quote:
cPanel/WHM Update Logs:
Location : /var/cpanel/updatelogs/update-[TIMESTAMP].log
Description : Contains all output from each cPanel update [upcp]. It’s named with the timestamp at which the upcp process was initiated..
Quote:
Bandwidth Logs:
Location : /var/cpanel/bandwidth
Description : Files contain a list of the bandwidth history for each account. Each named after their respective user.
Quote:
Tailwatchd [New]:
Location : /usr/local/cpanel/logs/tailwatchd_log
Description : Logs for daemon configuired under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.
Apache Logs:
Quote:
Quote:
General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.
Quote:
Apache SuExec Logs:
Location : /usr/local/apache/logs/suexec_log
Description : Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations…
Quote:
Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.
Quote:
Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.
Exim :
Quote:
Quote:
Message Reception and Delivery:
Location : /var/log/exim_mainlog or /var/log/exim/mainlog
Description : Receives an entry every time a message is received or delivered.
Quote:
Exim ACLs/Policies based RejectLog :
Location : /var/log/exim_rejectlog
Description : An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail
Quote:
Unexpected or Fatal Errors:
Location : /var/log/exim_paniclog
Description : Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated..
Quote:
IMAP/POP/SpamAssassin General Logging and Errors:
Location : /var/log/maillog & /var/log/messages
Description : The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.
FTP:
Quote:
Quote:
FTP Logins and General Errors:
Location : /var/log/messages
Description : General information and login attempts are logged here..
Quote:
FTP Transactions logging:
Location : /var/log/xferlog or /var/log/messages
Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users…
MySQL:
Quote:
Quote:
MySQL General Information and Errors :
Location : /var/lib/mysql/$(hostname).err
Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log
Security:
Quote:
Quote:
Authentication attempts:
Location : /var/log/secure
Description : Logs all daemons which requires PAM Authentication.
Quote:
Tracking all Bad Logins and Logouts:
Location : /var/log/btmp
Description : Log of all attempted bad logins to the system. Accessed via the lastb command..
Quote:
Tracking all Logins and Logouts:
Location : /var/log/wtmp
Description : The wtmp file records all logins and logouts.
Quote:
Last Logins:
Location : /var/log/lastlog
Description : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user.
Quote:
WebDav or WebDisk Log :
Location : /usr/local/cpanel/logs/cpdavd_error_log
Description : The cpdavd daemon is “WebDav” (better known as “WebDisk") which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content…
Quote:
Cphulkd Logs:
Location : /usr/local/cpanel/logs/cphulkd_errors.log
Description : cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service….
It blacklists IPs that it thinks are trying to run a brute force attack.
Quote:
Failure Logging:
Location : /var/log/faillog
Description : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure.
Quote:
Startup/Boot, Kernel & Hardware error messages :
Location : /var/log/dmesg
Description : dmesg is a “window” into the kernels ring-buffer. It’s a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..
Tomcat:
Quote:
Quote:
General Startup, Shutdown & Error Logs:
Location : /usr/local/jakarta/tomcat/logs/catalina.err and /usr/local/jakarta/tomcat/logs/catalina.out
Description : Logs for Tomcat and all tomcat based applications…
Permalink
The syslog daemon’s configuration file /etc/syslog.conf contains all the necessary paths/locations as to where the logs are stored.
Usually the directory /var/log/ is used for the system logs but other applications use the applications specified directories to store their log files…
Many distributions provide tools to manage and analyze the system logs.
Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file.
It may also have additional package-defined configurations in the /etc/logrotate.d/ directory..
In order to understand what’s happening on the system a brief analysis of /etc/syslog.conf is mandatory for checking the main logs positions.
Here are some basic log files, their locations & a brief description which can be found in Linux distros [mostly in cPanel ]:
General:
Quote:
Quote:
cPanel/WHM Initial Installation Errors:
Location : /var/log/cpanel*install*
Description : These log files contain cPanel installation logs & should be referenced first for any issues resulting from new cPanel installations..
Quote:
Cpanel/WHM Service Status Logs:
Location : /var/log/chkservd.log
Description :The service monitoring demon (chkservd) logs all service checks here. Failed service are represented with a [-] and active services are represented by [+].
Quote:
Cpanel/WHM Accounting Logs:
Location : /var/cpanel/accounting.log
Description : Contains a list of accounting functions performed through WHM, including account removal and creation..
cPanel/WHM Specific Requests and Errors:
Quote:
Quote:
cPanel error logs:
Location : /usr/local/cpanel/logs/error_log
Description : cPanel logs any error it incurs here. This should be checked when you encounter errors or strange behavior in cPanel/WHM…
Quote:
cPanel License Error Logs:
Location : /usr/local/cpanel/logs/license_log
Description : All license update attempts are logged here. If you run into any errors related to license when logging in, check here.
Quote:
Stats Daemon Logs:
Location : /usr/local/cpanel/logs/stats_log
Description : The stats daemon (cpanellogd) logs the output from all stats generators (Awstats, Webalizer, Analog) here.
Quote:
Client Information, Requested URL Logs:
Location : /usr/local/cpanel/logs/access_log
Description : General information related to access cPanel requests is logged here.
Quote:
cPanel/WHM Update Logs:
Location : /var/cpanel/updatelogs/update-[TIMESTAMP].log
Description : Contains all output from each cPanel update [upcp]. It’s named with the timestamp at which the upcp process was initiated..
Quote:
Bandwidth Logs:
Location : /var/cpanel/bandwidth
Description : Files contain a list of the bandwidth history for each account. Each named after their respective user.
Quote:
Tailwatchd [New]:
Location : /usr/local/cpanel/logs/tailwatchd_log
Description : Logs for daemon configuired under tailwatchd ie. cPBandwd, Eximstats, Antirelayd.
Apache Logs:
Quote:
Quote:
General Error and Auditing Logs:
Location : /usr/local/apache/logs/error_log
Description : All exceptions caught by httpd along with standard error output from CGI applications are logged here..
The first place you should look when httpd crashes or you incur errors when accessing website.
Quote:
Apache SuExec Logs:
Location : /usr/local/apache/logs/suexec_log
Description : Auditing information reported by suexec each time a CGI application is executed. Useful for debugging internal server errors, with no relevant information being reported to the Apache error_log, check here for potential suexec policy violations…
Quote:
Domain Access Logs:
Location : /usr/local/apache/domlogs/domain.com
Description : General access log file for each domain configured with cPanel.
Quote:
Apache Access Logs:
Location : /usr/local/apache/logs/access_log
Description : Complete web server access log records all requests processed by the server.
Exim :
Quote:
Quote:
Message Reception and Delivery:
Location : /var/log/exim_mainlog or /var/log/exim/mainlog
Description : Receives an entry every time a message is received or delivered.
Quote:
Exim ACLs/Policies based RejectLog :
Location : /var/log/exim_rejectlog
Description : An entry is written to this log every time a message is rejected based on either ACLs or other policies eg: aliases configured to :fail
Quote:
Unexpected or Fatal Errors:
Location : /var/log/exim_paniclog
Description : Logs any entries exim doesn’t know how to handle. It’s generally a really bad thing when log entries are being written here, and they should be properly investigated..
Quote:
IMAP/POP/SpamAssassin General Logging and Errors:
Location : /var/log/maillog & /var/log/messages
Description : The IMAP, POP, and SpamAssassin services all log here. This includes all general logging information (login attempts, transactions, spam scoring), along with fatal errors.
FTP:
Quote:
Quote:
FTP Logins and General Errors:
Location : /var/log/messages
Description : General information and login attempts are logged here..
Quote:
FTP Transactions logging:
Location : /var/log/xferlog or /var/log/messages
Description : Is a symbolic link in most cases to /usr/local/apache/domlogs/ftpxferlog, which contains a history of the transactions made by FTP users…
MySQL:
Quote:
Quote:
MySQL General Information and Errors :
Location : /var/lib/mysql/$(hostname).err
Description : This path could vary, but is generally located in /var/lib/mysql. Could also be located at /var/log/mysqld.log
Security:
Quote:
Quote:
Authentication attempts:
Location : /var/log/secure
Description : Logs all daemons which requires PAM Authentication.
Quote:
Tracking all Bad Logins and Logouts:
Location : /var/log/btmp
Description : Log of all attempted bad logins to the system. Accessed via the lastb command..
Quote:
Tracking all Logins and Logouts:
Location : /var/log/wtmp
Description : The wtmp file records all logins and logouts.
Quote:
Last Logins:
Location : /var/log/lastlog
Description : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user.
Quote:
WebDav or WebDisk Log :
Location : /usr/local/cpanel/logs/cpdavd_error_log
Description : The cpdavd daemon is “WebDav” (better known as “WebDisk") which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content…
Quote:
Cphulkd Logs:
Location : /usr/local/cpanel/logs/cphulkd_errors.log
Description : cPHulk Brute Force Protection prevents malicious forces from trying to access your server’s services by guessing the login password for that service….
It blacklists IPs that it thinks are trying to run a brute force attack.
Quote:
Failure Logging:
Location : /var/log/faillog
Description : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure.
Quote:
Startup/Boot, Kernel & Hardware error messages :
Location : /var/log/dmesg
Description : dmesg is a “window” into the kernels ring-buffer. It’s a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..
Tomcat:
Quote:
Quote:
General Startup, Shutdown & Error Logs:
Location : /usr/local/jakarta/tomcat/logs/catalina.err and /usr/local/jakarta/tomcat/logs/catalina.out
Description : Logs for Tomcat and all tomcat based applications…
Permalink
Cpanel details
cpanel version----------># /usr/local/cpanel/cpanel -V
cpanel update--------------->/scripts/upcp --force
cpanel error log--------------> /usr/local/cpanel/logs/error_log
cpanel update--------------->/scripts/upcp --force
cpanel error log--------------> /usr/local/cpanel/logs/error_log
Server replied: 110 Can’t open SMTP stream
Error while sending mails from the Cpanel >> Squirrel Mail
Connection timed out
Server replied: 110 Can’t open SMTP stream.
Solution:
On shell, open this file
# vi /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php
CHANGE
$ useSendmail = false;
TO
$ useSendmail = true;
Save the file and the error is fixed.
Connection timed out
Server replied: 110 Can’t open SMTP stream.
Solution:
On shell, open this file
# vi /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php
CHANGE
$ useSendmail = false;
TO
$ useSendmail = true;
Save the file and the error is fixed.
IPTABLES
Replace IP-ADDRESS with actual IP address. For example if you wish to block ip address 65.55.44.100 for whatever reason then type command as follows:
# iptables -A INPUT -s 65.55.44.100 -j DROP ================================================ If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP =================================================== TO REMOVE THE BLOCKED IP FROM FIREWALL
1) Login into the server via shell access.
2) Go to the path of APF firewall. It should be:
/etc/csf
3) Edit the file csf.deny.
vi csf.deny
4) Remove the IP address from the list and save the file to unblock the IP address.
Once the IP address removed one need to restart the Firewall…To Restart Firewall one need to execute below mentioned command:
csf -r
===============================================================================
# LFD----CSF
############
/var/log/lfd.log
/etc/init.d/csf restart
tail -f /usr/local/apache/logs/error_log
/etc/init.d/lfd restart
crontab -l
rm -fv /etc/csf/csf.error
iptables -L -n | grep 72.29.86.55
service chkservd restart > restart service after done any in csf
csf -v
csf -x > disable
csf -e >enable
# iptables -A INPUT -s 65.55.44.100 -j DROP ================================================ If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:
# iptables -A INPUT -s 65.55.44.100 -p tcp --destination-port 25 -j DROP =================================================== TO REMOVE THE BLOCKED IP FROM FIREWALL
1) Login into the server via shell access.
2) Go to the path of APF firewall. It should be:
/etc/csf
3) Edit the file csf.deny.
vi csf.deny
4) Remove the IP address from the list and save the file to unblock the IP address.
Once the IP address removed one need to restart the Firewall…To Restart Firewall one need to execute below mentioned command:
csf -r
===============================================================================
# LFD----CSF
############
/var/log/lfd.log
/etc/init.d/csf restart
tail -f /usr/local/apache/logs/error_log
/etc/init.d/lfd restart
crontab -l
rm -fv /etc/csf/csf.error
iptables -L -n | grep 72.29.86.55
service chkservd restart > restart service after done any in csf
csf -v
csf -x > disable
csf -e >enable
suspicious process
Problem: suspecious process working in server
________________________________________________________________________________________________
For this we have to kill the process or kill the ip given by the user
firewall is situated in /etc/csf
csf.pignor---->is used for bloking process
csf.ignore---->is used for blocking ip address
______________________________
after this restart lfd, and csf
etc/init.d/ csf restart
etc/init.d/ lfd restart
_____________________________________________________________________________________________________
if md5 comparison test is failed is due to the upgradation of the server files
It will check all the files which is modified
to remove this problem go vi /etc/csf/csf.conf
in it change LF_integrity= to 0
.........
________________________________________________________________________________________________
For this we have to kill the process or kill the ip given by the user
firewall is situated in /etc/csf
csf.pignor---->is used for bloking process
csf.ignore---->is used for blocking ip address
______________________________
after this restart lfd, and csf
etc/init.d/ csf restart
etc/init.d/ lfd restart
_____________________________________________________________________________________________________
if md5 comparison test is failed is due to the upgradation of the server files
It will check all the files which is modified
to remove this problem go vi /etc/csf/csf.conf
in it change LF_integrity= to 0
.........
swap file creating
when some programs consume huge amount of virtual memory, make use of temporary SWAP space.
This can be achieved by mkswap and swapon
* For EG: To have 64 MB extra swap space
dd if=/dev/zero of=/swapfile bs=1024 count=65535
mkswap /swapfile
swapon /swapfile
where “/swapfile” is the swap filename. The location of this file depends on the availabilty of File System’s Space and the write permission.
when you dont need this anymore, remove it using the following commands
swapoff /swapfile
rm /swapfile
Tuesday, October 13, 2009
Error from domain wrapper: domainname.com is owned by another user
I got this error when I was trying to add subdomains to one of my cPanel accounts. This happens when cPanel doesn’t remove the subdomain correctly and then it thinks it’s still there so when you try to add it back on you get an error. Here’s how to fix it:
1. Remove domain.com from /var/cpanel/users/cpanel-username
3. Run /scripts/updateuserdomains as root user on the server because you changed the above file manually, this will create adjusted cache files
2. Remove /var/named/domain.com.db if the file exists (it doesn’t always)
3. Remove the virtualhost for domain.com on /usr/local/apache/conf/httpd.conf
4. Remove domain.com from /etc/named.conf
Now you can add the domain back on in cPanel with no problems.
20 Linux System Monitoring Tools Every SysAdmin Should Know
Need to monitor Linux server performance? Try these built-in command and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:
- Finding out bottlenecks.
- Disk (storage) bottlenecks.
- CPU and memory bottlenecks.
- Network bottlenecks.
1: top - Process Activity Command
The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.
2: vmstat - System Activity, Hardware and System Information
The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 0 2540988 522188 5130400 0 0 2 32 4 2 4 1 96 0 0
1 0 0 2540988 522188 5130400 0 0 0 720 1199 665 1 0 99 0 0
0 0 0 2540956 522188 5130400 0 0 0 0 1151 1569 4 1 95 0 0
0 0 0 2540956 522188 5130500 0 0 0 6 1117 439 1 0 99 0 0
0 0 0 2540940 522188 5130512 0 0 0 536 1189 932 1 0 98 0 0
0 0 0 2538444 522188 5130588 0 0 0 0 1187 1417 4 1 96 0 0
Display Memory Utilization Slabinfo
# vmstat -m
Get Information About Active / Inactive Memory Pages
# vmstat -a
3: w - Find Out Who Is Logged on And What They Are Doing
w command displays information about the users currently on the machine, and their processes.Sample Output:
17:58:47 up 5 days, 20:28, 2 users, load average: 0.36, 0.26, 0.24
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.1.3.145 14:55 5.00s 0.04s 0.02s vim /etc/resolv.conf
root pts/1 10.1.3.145 17:43 0.00s 0.03s 0.00s w
4: uptime - Tell How Long The System Has Been Running
The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
18:02:41 up 41 days, 23:42, 1 user, load average: 0.00, 0.00, 0.00
1 can be considered as optimal load value. The load can change from
system to system. For a single CPU system 1 - 3 and SMP systems 6-10
load value might be acceptable.
How do I find out Linux Resource utilization
vmstat command reports information about processes, memory, paging, block IO, traps, and cpu activity. However, a real advantage of vmstat command output - is to the point and (concise) easy to read/understand. The output of vmstat command use to help identify system bottlenecks. Please note that Linux vmstat does not count itself as a running process.
Here is an output of vmstat command from my enterprise grade system:
$ vmstat -S M
procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu----
r b swpd free buff cache si so bi bo in cs us sy id wa
3 0 0 1963 607 2359 0 0 0 0 0 1 32 0 68 0
Where,
- The fist line is nothing but six different categories. The second line gives more information about each category. This second line gives all data you need.
- -S M: vmstat lets you choose units (k, K, m, M) default is K (1024 bytes) in the default mode. I am using M since this system has over 4 GB memory. Without -M option it will use K as unit
Field Description For Vm Mode
(a) procs is the process-related fields are:
- r: The number of processes waiting for run time.
- b: The number of processes in uninterruptible sleep.
(b) memory is the memory-related fields are:
- swpd: the amount of virtual memory used.
- free: the amount of idle memory.
- buff: the amount of memory used as buffers.
- cache: the amount of memory used as cache.
(c) swap is swap-related fields are:
- si: Amount of memory swapped in from disk (/s).
- so: Amount of memory swapped to disk (/s).
(d) io is the I/O-related fields are:
- bi: Blocks received from a block device (blocks/s).
- bo: Blocks sent to a block device (blocks/s).
(e) system is the system-related fields are:
- in: The number of interrupts per second, including the clock.
- cs: The number of context switches per second.
(f) cpu is the CPU-related fields are:
These are percentages of total CPU time.
- us: Time spent running non-kernel code. (user time, including nice time)
- sy: Time spent running kernel code. (system time)
- id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
- wa: Time spent waiting for IO. Prior to Linux 2.5.41, shown as zero.
As you see the first output produced gives averages data since the last reboot. Additional reports give information on a sampling period of length delay. You need to sample data using delays i.e. collect data by setting intervals. For example collect data every 2 seconds (or collect data every 2 second 5 times only):
Role Of A Sustem Administrator
The person who is responsible for setting up and maintaining the system is called as the system administrator. System administrators may be members of an information technology department. Most of the following discussion also applies to network and Windows system admins.
Duties of a system administrator
The duties of a system administrator are wide-ranging, and vary widely from one organization to another. Sysadmins are usually charged with installing, supporting, and maintaining servers or other computer systems, and planning for and responding to service outages and other problems. Other duties may include scripting or light programming, project management for systems-related projects.
The system administrator is responsible for following things:
- User administration (setup and maintaining account)
- Maintaining system
- Verify that peripherals are working properly
- Quickly arrange repair for hardware in occasion of hardware failure
- Monitor system performance
- Create file systems
- Install software
- Create a backup and recover policy
- Monitor network communication
- Update system as soon as new version of OS and application software comes out
- Implement the policies for the use of the computer system and network
- Setup security policies for users. A sysadmin must have a strong grasp of computer security (e.g. firewalls and intrusion detection systems).
Monday, July 27, 2009
For The Linux ADMIN's
Please check the following URL's for the getting help in all type of LINUX server issues:
1) http://nazeem86.blogspot.com
2) http://jibinthomas.blogspot.com
3) http://scorpio-jibin.blogspot.com
1) http://nazeem86.blogspot.com
2) http://jibinthomas.blogspot.com
3) http://scorpio-jibin.blogspot.com
BOOKS
100 Best Books
Here is a list of one hundred books selected by the National Education Association in 1999 as great reading for children and young people. To help make these books more useful, we have added book and author links to any TeachersFirst resources and lesson ideas. For more reading ideas - including books grouped by theme and grade level - check out the hundreds of titles in our Suggested Reading section.
You can see NEA's online survey of best books from 2007 here.
TeachersFirst includes the most recent publications in our monthly TogetheRead themes on our companion site, TeachersAndFamilies. Don't miss these opportunities to promote literacy as a family activity!
Books for All Ages
The Giving Tree by Shel Silverstein
Where the Sidewalk Ends: the Poems and Drawing of Shel Silverstein by Shel Silverstein
Little Women by Louisa May Alcott
The Wizard of Oz by L. Frank Baum
Heidi by Johanna Spyri
Books for Preschoolers -
The Very Hungry Caterpillar by Eric Carle
Goodnight Moon by Margaret Wise Brown
Brown Bear, Brown Bear, What do you see? by Bill Martin, Jr.
The Rainbow Fish by Marcus Pfister
Corduroy by Don Freeman
The Snowy Day by Ezra Jack Keats
The Runaway Bunny by Margaret Wise
Guess How Much I Love You by Sam McBratney
Books for Children Ages 4-8 -
The Polar Express by Chris Van Allsburg
Green Eggs and Ham by Dr. Seuss
The Cat in the Hat by Dr. Seuss
Where the Wild Things Are by Maurice Sendak
Love You Forever by Robert N. Munsch
The Mitten by Jan Brett
Stellaluna by Janell Cannon
Oh, The Places You'll Go by Dr. Seuss
Strega Nona by Tomie De Paola
The Velveteen Rabbit by Margery Williams
How the Grinch Stole Christmas by Dr. Seuss
The True Story of the Three Little Pigs by Jon Scieszka
Chicka Chicka Boom Boom by John Archambault
The Complete Tales of Winnie the Pooh by A. A. Milne
If You Give a Mouse a Cookie by Laura Joffe Numeroff
The Lorax by Dr. Seuss
Amazing Grace by Mary Hoffman
Jumanji by Chris Van Allsburg
Math Curse by Jon Scieszka
Are You My Mother? by Philip D. Eastman
The Napping House by Audrey Wood
Sylvester and the Magic Pebble by William Steig
The Tale of Peter Rabbit by Beatrix Potter
Horton Hatches the Egg by Dr. Seuss
Basil of Baker Street by Eve Titus
The Little Engine That Could by Watty Piper
Curious George by Hans Augusto Rey
Wilfrid Gordon McDonald Partridge by Mem Fox
Arthur series by Marc Tolon Brown
Lilly's Purple Plastic Purse by Kevin Henkes
The Little House by Virginia Lee Burton
Amelia Bedelia by Peggy Parish
The Art Lesson by Tomie De Paola
Caps for Sale by Esphyr Slobodkina
Clifford, the Big Red Dog by Norman Bridwell
The Paper Bag Princess by Robert N. Munsch
Books for Children Ages 9-12 -
Charlotte's Web by E. B. White
Hatchet by Gary Paulsen
The Lion, the Witch, and the Wardrobe by C. S. Lewis
Bridge to Terabithia by Katherine Paterson
Charlie and the Chocolate Factory by Roald Dahl
A Wrinkle in Time by Madeleine L'Engle
Shiloh by Phyllis Reynolds Naylor
Little House on the Prarie by Laura Ingalls Wilder
The Secret Garden by Frances Hodgson Burnett
The Boxcar Children by Gertrude Chandler Warner
Sarah, Plain and Tall by Patricia MacLachlan
The Indian in the Cupboard by Lynne Reid Banks
Island of the Blue Dolphins by Scott O'Dell
Maniac Magee by Jerry Spinelli
The BFG by Roald Dahl
The Giver by Lois Lowry
James and the Giant Peach: A Children's Story by Roald Dahl
Little House in the Big Woods by Laura Ingalls Wilder
Roll of Thunder, Hear My Cry by Mildred D. Taylor
Stone Fox by John Reynolds Gardiner
Number the Stars by Lois Lowry
Mrs. Frisby and the Rats of Nimh by Robert C. O'Brien
The Best Christmas Pageant Ever by Barbara Robinson
Matilda by Roald Dahl
Tales of a Fourth Grade Nothing by Judy Blume
Ramona Quimby, Age 8 by Beverly Cleary
The Trumpet of the Swan by E. B. White
The Chronicles of Narnia by C. S. Lewis
The Phantom Tollbooth by Norton Juster
Tuck Everlasting by Natalie Babbitt
Anne of Green Gables by Lucy Maud Montgomery
The Great Gilly Hopkins by Katherine Paterson
Sideways Stories from Wayside School by Louis Sachar
Harriet the Spy by Louise Fitzhugh
A Light in the Attic by Shel Silverstein
Mr. Popper's Penguins by Richard Atwater
My Father's Dragon by Ruth Stiles Gannett
Stuart Little by E. B. White
Walk Two Moons by Sharon Creech
The Witch of Blackbird Pond by Elizabeth George Speare
The Watsons Go to Birmingham-1963 by Christopher Paul Curtis
Books for Young Adults -
Where the Red Fern Grows by Wilson Rawls
The Hobbit by J. R. R. Tolkien
Summer of the Monkeys by Wilson Rawls
The Cay by Theodore Taylor
The Sign of the Beaver by Elizabeth George Speare
Thursday, June 11, 2009
Welcome to Linux World
I am inviting you to the world of Linux. I am opening this blog to helping the new comers to the wold of Linux.............................
Please help me to develop this blog........
Also I am very thankful to Jana Savić for putting my Blog name in her site.....
-----------------> http://www.myteenstory.tk
Please help me to develop this blog........
Also I am very thankful to Jana Savić for putting my Blog name in her site.....
-----------------> http://www.myteenstory.tk
Subscribe to:
Posts (Atom)