On a busy webserver, you have to be very careful that you don’t run out of connection tracking buckets. Check how many you have set as your max: /sbin/sysctl net.ipv4.ip_conntrack_max Check how many you’re using: wc -l /proc/net/ip_conntrack A good maximum setting for most web servers with at least 2Gb RAM is 65536. Change the […]
Here is the location of the main Cpanel configuration file. You can configure many of it’s various components, such adding more cpu’s to cpuwatch: /var/cpanel/cpanel.config
Sometimes you might need to add one or more lines of text to the top of an existing text file. Let ‘sed’ rescue you: sed -i ‘1iSTUFF TO ADD’ file.txt You can add multiple lines (separated by \n) to multiple files at once: sed -i ‘1iSTUFF TO ADD\nMORE STUFF’ *.txt
Determine the nature of the attack (SYN, GET, ect): netstat -nat | awk ‘{print $6}’ | sort | uniq -c The following will list all the IPs connecting to the server in order of most connections. netstat -plan|grep :80|awk {‘print $5’}|cut -d: -f 1|sort|uniq -c|sort -nk 1 We can see which domains are most active […]
If you are using a cpanel/WHM server then the MTA will be Exim by default. Enable Mailheaders by running /scripts/easyapache script. After that, check the mail header using: exim -Mvh <message id> From that you will able to find the source of spam.
Adaptec RAID cards have huge performance gains over other cards, but the management features in Linux stink. Really bad. If you don’t have a GUI installed, you cannot set up monitoring or alerts, but thankfully you can use a Windows machine to set this up remotely. Additionally, there are no .deb packages so we have […]
Absolutely essential in a shared hosting environment. This example is relevant to Apache 2.2.x. ############# ## Compile mod_ipconnlimit cd /root wget http://dominia.org/djao/limit/mod_limitipconn-0.23.tar.bz2 tar xjf mod_limitipconn-0.23.tar.bz2 cd mod_limitipconn-0.23 /usr/local/apache/bin/apxs -cia mod_limitipconn.c ### this needs to be redone after each apache recompile ## in WHM, add to apache Pre VirtualHost Include (all versions) <IfModule mod_limitipconn.c> # Set […]
The tc command in Linux can be used for fine-grained control over bandwidth throughput. In this case I have limited public outbound traffic to 50Mbps, and internal network traffic to 450Mbps. The syntax of tc is quite complex. So much so, I found a neat utility called ‘tcng’ (Traffic Control Next Generation) that interprits a […]
Here’s a simple ‘skeleton’ script that will allow your Bash scripts to use a PID file, or ‘lockfile’. This ensures that only one instance can run at a time which is useful for daily Cron activities such as mirror updates. #!/bin/bash pidfile=/var/run/sync.pid if [ -e $pidfile ]; then pid=`cat $pidfile` if kill -0 &>1 > […]
If you aren’t storing critical system files on a partition, you can free up a ton of space. This will reduce the ‘reserved’ space on a Linux partition to 0%. I freed up 45Gb of ‘lost’ space on a 900Gb partition using the following command: tune2fs -m 0 /dev/sda4 Note: DO NOT set the reserved […]