Categories Archives: Linux

Sysctl and ip_conntrack_max optimization

On a busy webserver, you have to be very careful that you don’t run out of connection tracking buckets. Check how many you have set as your max: /sbin/sysctl net.ipv4.ip_conntrack_max Check how many you’re using: wc -l /proc/net/ip_conntrack A good maximum setting for most web servers with at least 2Gb RAM is 65536. Change the […]

Bash: How to add a line on top of text files with sed

Sometimes you might need to add one or more lines of text to the top of an existing text file. Let ‘sed’ rescue you: sed -i ‘1iSTUFF TO ADD’ file.txt You can add multiple lines (separated by \n) to multiple files at once: sed -i ‘1iSTUFF TO ADD\nMORE STUFF’ *.txt

Categories: Code, Linux, and Technical. Comments Off on Bash: How to add a line on top of text files with sed

Pre-analysis of a DDOS attack on a Cpanel or Linux server

Determine the nature of the attack (SYN, GET, ect): netstat -nat | awk ‘{print $6}’ | sort | uniq -c The following will list all the IPs connecting to the server in order of most connections. netstat -plan|grep :80|awk {‘print $5’}|cut -d: -f 1|sort|uniq -c|sort -nk 1 We can see which domains are most active […]

Tracking SPAM on a Cpanel Server

If you are using a cpanel/WHM server then the MTA will be Exim by default. Enable Mailheaders by running /scripts/easyapache script.  After that, check the mail header using: exim -Mvh <message id> From that you will able to find the source of spam.

Categories: Linux and Technical. Comments Off on Tracking SPAM on a Cpanel Server

Setting up Adaptec Storage Manager on a headless Ubuntu/Debian server

Adaptec RAID cards have huge performance gains over other cards, but the management features in Linux stink. Really bad. If you don’t have a GUI installed, you cannot set up monitoring or alerts, but thankfully you can use a Windows machine to set this up remotely. Additionally, there are no .deb packages so we have […]

Installing mod_limitipconn on a Cpanel server

Absolutely essential in a shared hosting environment. This example is relevant to Apache 2.2.x. ############# ## Compile mod_ipconnlimit cd /root wget tar xjf mod_limitipconn-0.23.tar.bz2 cd mod_limitipconn-0.23 /usr/local/apache/bin/apxs -cia mod_limitipconn.c ### this needs to be redone after each apache recompile ## in WHM, add to apache Pre VirtualHost Include (all versions) <IfModule mod_limitipconn.c> # Set […]

Limiting Bandwidth in Linux

The tc command in Linux can be used for fine-grained control over bandwidth throughput. In this case I have limited public outbound traffic to 50Mbps, and internal network traffic to 450Mbps. The syntax of tc is quite complex. So much so, I found a neat utility called ‘tcng’ (Traffic Control Next Generation) that interprits a […]

Lockfiles in Bash

Here’s a simple ‘skeleton’ script that will allow your Bash scripts to use a PID file, or ‘lockfile’. This ensures that only one instance can run at a time which is useful for daily Cron activities such as mirror updates. #!/bin/bash pidfile=/var/run/ if [ -e $pidfile ]; then pid=`cat $pidfile` if kill -0 &>1 > […]

Categories: Linux. Comments Off on Lockfiles in Bash

Reclaim ‘missing’ space on a Linux partition with tune2fs

If you aren’t storing critical system files on a partition, you can free up a ton of space. This will reduce the ‘reserved’ space on a Linux partition to 0%. I freed up 45Gb of ‘lost’ space on a 900Gb partition using the following command: tune2fs -m 0 /dev/sda4 Note: DO NOT set the reserved […]

Categories: Linux. Comments Off on Reclaim ‘missing’ space on a Linux partition with tune2fs