Saturday, 29 September 2012

Using IMAPSize to restore your mail accounts


Imapsize is a freeware windows application that allows you to quickly and efficently manage your IMAP mail accounts.
Note, that this must insure that you need to have an IMAP account/access to where your mailbox exists.

First, download the Installer and install it (or unzip and execute the Zipped Distribution if you downloaded that).




Give the account details for which you want to download the mails(old server details),So as to restore the same mail contents in the new server.

Note, You have to create the same mail account with same creditinals on the new server.


Now you will see the main screen. Click the Check Size button to see the size of your account before backing it up.




You can see the all mail box details of that particular account.




Click on the Backup button or from the menu click on Account -> Account Backup




In the Account Backup window, click on Select All and then Backup buttons




When backup is done, you’ll see an Information popup.



After the backup process is completed, You can start the restore process.



In the Restore Backup window, You have to give the mail account details of the new server.
Note,You have to create both the mail accounts
1.mail account in the old server
2.mail account in the new server

With the same account details.



When restore is done, you’ll see an Information popup




Restoring emails manually
  • At this point, this should be all you need to do. If, by any change this failed to work (and it could fail), have no fear. Though this is a more length process, you can still restore the backup that you did, of the emails you have saves from the backup process you ran before.
  • From the main window, refresh your mailbox size by clicking the Check Size button again.
    Right click the first folder you want to restore email to (I picked INBOX) -> Upload Messages -> From *.eml files


Select all the .eml files from the backup folder for that mail folder (for INBOX) and click Open



When it’s done uploading them, the Information popup will appear



Enjoy !!!!!



Friday, 28 September 2012

FFmpeg-Php




ffmpeg-php is an extension for PHP that adds an easy to use, object-oriented API for accessing and retrieving information from video and audio files.
It has methods for returning frames from movie files as images that can be manipulated using PHP's image functions.
This works well for automatically creating thumbnail images from movies.
ffmpeg-php is also useful for reporting the duration and bitrate of audio files (mp3, wma...).
ffmpeg-php can access many of the video formats supported by ffmpeg (mov, avi, mpg, wmv...).

wget "http://downloads.sourceforge.net/project/ffmpeg-php/ffmpeg-php/0.6.0/ffmpeg-php-0.6.0.tbz2?use_mirror=garr"
tar xjvf ffmpeg-php-0.6.0.tbz2
cd ffmpeg-php-0.6.0
phpize
./configure
make
make install

While receving error  on complilng :

/root/ffmpeg-php-0.6.0/ffmpeg_frame.c:421: error: 'PIX_FMT_RGBA32' undeclared (first use in this function) make: *** [ffmpeg_frame.lo] Error 1 "

do this and after make command again:

vim ffmpeg_frame.c

:%s/PIX_FMT_RGBA32/PIX_FMT_RGB32/g

:wq

Now edit the php.ini file, by adding :

Enable ffmpeg extension module (please use the correct path)
extension_dir = "/usr/lib64/php/modules/" (path we get during FFmpeg installation)
extension=ffmpeg.so

Finally Restart Apache (service httpd restart).

You can test your installation via creating a phpinfo.php file in Public_html.

FFmpeg


FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video.
It includes libavcodec - the leading audio/video codec library.

yum install subversion
svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg
==========================
Inorder to check if SVN is installed and working :

root@server [/svn/demorepo]# which svn
/usr/local/bin/svn
root@server [/svn/demorepo]# svn --version
svn, version 1.4.5 (r25188)
compiled Apr 28 2008, 20:16:21
 

============================

cd ffmpeg
./configure --enable-libfaac --enable-shared --enable-memalign-hack --enable-gpl  --enable-libtheora
--enable-libmp3lame --enable-libopenjpeg  --enable-libvorbis --enable-libx264 --enable-libxvid
--enable-nonfree --enable-postproc --enable-avfilter  --enable-avfilter-lavf --enable-swscale

If you are getting errors on enabling all modules,try customizing the modules as :

./configure --enable-shared --enable-memalign-hack --enable-gpl --enable-postproc --enable-avfilter --disable-yasm
 
make
make install

Symlink some libraries if needed (ignore file exists errors):

ln -s /usr/local/lib/libavformat.so.50 /usr/lib/libavformat.so.50

ln -s /usr/local/lib/libavcodec.so.51 /usr/lib/libavcodec.so.51

ln -s /usr/local/lib/libavutil.so.49 /usr/lib/libavutil.so.49

ln -s /usr/local/lib/libmp3lame.so.0 /usr/lib/libmp3lame.so.0

ln -s /usr/local/lib/libavformat.so.51 /usr/lib/libavformat.so.51


While receiving error :

>> ffmpeg
ffmpeg: error while loading shared libraries: libavdevice.so.52: cannot open shared object file

Which means the file is either missing or the server was unable to locate the libraries path,

Locate the file using

>> find / -iname libavdevice.so.52

If you get an output, enter the location of the library to the ld.so.conf file.
>> vi /etc/ld.so.conf

Say, if the library is located at /opt/lib/libavdevice.so.52.so, add /opt/lib to ld.so.conf file.

After adding the path to the library, run the below command to make sure the system takes the library path.

>> ldconfig -v

Please note down the path where the modules are installed for eg :- "/usr/lib64/php/modules/".
B'coz it is neede for providing path during FFmpeg-php installation.

==========================================
If you are getting the following error on start up on svn check out :

root@server[/svn/demorepo]# svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg
svn: Can't connect to host 'svn.mplayerhq.hu': Connection timed out

Just stop the Iptables by the command :

service iptables stop
           or
/etc/init.d/iptables stop

============================================

cd ffmpeg

./configure –enable-gpl –enable-shared –enable-libmp3lame


If you are getting the following error

“Unable to create and execute files in /tmp. Set the TMPDIR environment…”
Try to unmount /tmp
                     
           OR

mkdir /test ; chmod 777 /test
vi configure edit TMPDIR to /test
and execute it once again

====================



 



Thursday, 20 September 2012

MYSQL COMMANDS


Create a database on the sql server.

mysql> create database [databasename];
List all databases on the sql server.

mysql> show databases;
Switch to a database.

mysql> use [db name];
To see all the tables in the db.

mysql> show tables;
To see database's field formats.

mysql> describe [table name];
To delete a db.

mysql> drop database [database name];
To delete a table.

mysql> drop table [table name];
Show all data in a table.

mysql> SELECT * FROM [table name];

Creating a new user. Login as root. Switch to the MySQL db. Make the user. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO user (Host,User,Password) VALUES('%','username',PASSWORD('password'));
mysql> flush privileges;
Change a users password from unix shell.

# [mysql dir]/bin/mysqladmin -u username -h hostname.blah.org -p password 'new-password'
Change a users password from MySQL prompt. Login as root. Set the password. Update privs.

# mysql -u root -p
mysql> SET PASSWORD FOR 'user'@'hostname' = PASSWORD('passwordhere');
mysql> flush privileges;

Recover a MySQL root password. Stop the MySQL server process. Start again with no grant tables. Login to MySQL as root. Set new password. Exit MySQL and restart MySQL server.

# /etc/init.d/mysql stop
# mysqld_safe --skip-grant-tables &
# mysql -u root
mysql> use mysql;
mysql> update user set password=PASSWORD("newrootpassword") where User='root';
mysql> flush privileges;
mysql> quit
# /etc/init.d/mysql stop
# /etc/init.d/mysql start

Set a root password if there is on root password.

# mysqladmin -u root password newpassword
Update a root password.

# mysqladmin -u root -p oldpassword newpassword

Allow the user "bob" to connect to the server from localhost using the password "passwd". Login as root. Switch to the MySQL db. Give privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> grant usage on *.* to bob@localhost identified by 'passwd';
mysql> flush privileges;

Give user privilages for a db. Login as root. Switch to the MySQL db. Grant privs. Update privs.

# mysql -u root -p
mysql> use mysql;
mysql> INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv) VALUES ('%','databasename','username','Y','Y','Y','Y','Y','N');
mysql> flush privileges;

or

mysql> grant all privileges on databasename.* to username@localhost;
mysql> flush privileges;

Update database permissions/privilages.

mysql> flush privileges;

Dump all databases for backup. Backup file is sql commands to recreate all db's.

# [mysql dir]/bin/mysqldump -u root -ppassword --opt >/tmp/alldatabases.sql

Dump one database for backup.

# [mysql dir]/bin/mysqldump -u username -ppassword --databases databasename >/tmp/databasename.sql

Dump a table from a database.

# [mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql

Restore database (or database table) from backup.

# [mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql

Tuesday, 18 September 2012

Enable Iptables Modules for a VPS


Below was the error while trying to install CSF in one of the OpenVz containers:

    [root@abc ~]# perl /etc/csf/csftest.pl
    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...FAILED [ 4294967295] - Required for csf to function
    Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_limit/xt_limit...FAILED [FATAL Error: iptables: Unknown error 4294967295] - Required for csf to function
    Testing ipt_recent...FAILED [Error: iptables: Unknown error 4294967295] - Required for PORTFLOOD and PORTKNOCKING features
    Testing xt_connlimit...FAILED [Error: iptables: Unknown error 4294967295] - Required for CONNLIMIT feature
    Testing ipt_owner/xt_owner...FAILED [Error: iptables: Unknown error 4294967295] - Required for SMTP_BLOCK and UID/GID blocking features
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for MESSENGER feature
    Testing iptable_nat/ipt_DNAT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for csf.redirect feature




Enable Iptables Modules for a VPS:-

1 . Before enabling the modules to a VPS , make sure that its enabled in the root node of the VPS. You can check it using the command :

lsmod | grep -i module_name

2. If its not enabled, then it can enable by using the modprobe command :-

    modprobe iptables_module

    modprobe ipt_helper

    modprobe ipt_REDIRECT

    modprobe ipt_TCPMSS

    modprobe ipt_LOG

    modprobe ipt_TOS

    modprobe iptable_nat

    modprobe ipt_length

    modprobe ipt_tcpmss

    modprobe iptable_mangle

    modprobe ipt_tos

    modprobe iptable_filter

    modprobe ipt_helper

    modprobe ipt_tos

    modprobe ipt_ttl

    modprobe ipt_SAME

    modprobe ipt_REJECT

    modprobe ipt_helper

    modprobe ipt_owner

    modprobe ip_tables

    modprobe ipt_MASQUERADE

    modprobe ipt_multiport/xt_multiport

    modprobe ipt_state/xt_state

    modprobe ipt_limit/xt_limit

    modprobe ipt_recent

    modprobe xt_connlimit

    modprobe ipt_owner/xt_owner

    modprobe iptable_nat/ipt_DNAT

    modprobe iptable_nat/ipt_REDIRECT


3. Stop the container which one you want to enable the module :

    # vzctl stop 101

4 . Executing the following command:-

a) By Command:
Execute following command to enable all the modules for the VPS

    # vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save

or

b) Adding Rules manually:

Open the VPS configuration file which exists at /etc/vz/conf/veid.conf and paste following in the last line of the file.

      IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc"

5. Restart the container.

    # vzctl restart 101


Ready to go !!!!!!

How to configure Apache for maximum performance


The default settings need not be changed if the websites receive normal traffic. But once the traffic increases you would need to change the default settings and one should know what values need to be changed and why. Below setting will help you understand most of the Apache directives and what needs to be tweaked.

1. Apache modules and settings

a) mod_reqtimeout

    Syntax:

    RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate]

As seen above, time outs can be set for both request header and body from the client. Set this to a low value to make sure both header and body times out after the configured time.


b) TimeOut

This directive defines the time that Apache process will wait for I/O. The default value is set to 60 seconds and you should lower it to say 10-20 seconds in case of DDOS attacks. Some cgi scripts that need more execution time may face issues due to this.


c) KeepAlive and KeepAliveTimeout

Most of the webhosts disable KeepAlive during DDOS but doing so affects the server's performance again. A better idea would be to decrease the KeepAliveTimeout to 2 (default 5) and still have the KeepAlive enabled.


d) LimitRequestBody

This defines the allowed size of message body to be allowed. During DDOS attacks, set this server-wide. The default value is 0 which means unlimited. Set that to 100MB and see if improves the performance.

    Syntax:

    LimitRequestBody value

    LimitRequestBody 102400000

e) LimitRequestFields

This directive limits the request header fields from the client. Set this to a value between 40-50
LimitRequestFields 40 (default is 100)

f)  LimitRequestFieldSize

This limits the size of the HTTP request header allowed from the client. Default is 8190 and is hard coded when it is recompiled. Decrease this value to half.

    LimitRequestFieldSize 4095

g)  LimitRequestLine

This limits the size of the HTTP request line that will be accepted from the client.

    LimitRequestLine 4095 (default is 8190)

h)  LimitXMLRequestBody

This limits the size of an XML type body request.

    LimitXMLRequestBody 500000 (defaults to 1000000)

i) MaxRequestWorkers

A webserver should never use SWAP as doing so further decreases the server's performance and increases the server load drastically. You should regulate this directive to make sure that Apache doesn't spawn so many child processes as it starts swapping.

j) ServerLimit

It is the upper limit for the number of connections configured for Apache.

k) MaxClients

It is the maximum number of simultaneous connections that will be processed by Apache web server. This value should never exceed the #ServerLimit set. Extra care should be taken into consideration while setting the MaxClients value as any slight variation could badly affect the overall server's performance.

Saturday, 15 September 2012

Remote FTP configuration in WHM




Inorder to configure the remote ftp backup of a particular user account in whm. We have to first login to the server, Where the ftp server is hosted :
cd /home
mkdir backup (making a folder for account backups)
mkdir /home/backup/vmuser1(making a folder for user account)
Create a ftp user in the server :
useradd ftp user
set passwd


Login to User WHM :

Main >> Backup >> Configure Backup


Set the remote ftp host with the IP address of ftp server
Back up type : remote ftp
Ftp Back up user : ftp user (created in ftp server )
Ftp Back up password : password

Save it.
Ready to go !!!!!

You can access the remote ftp account via : ftp://Ip address of ftp server

Test :

Please create a test file in the location (/home/backup/vmuser1 in ftp server)
If you see the file, When you access the link ftp://Ip (Ftp server).

It works !!!!!!!


Friday, 14 September 2012

Cpanel Log Files


Cpanel - How to view error logs

cat /var/log/messages | more

it will give you the server wide error messages

for cpanel server apache logs.


cd /usr/local/apache/domlogs


cat domainname - it will give you the logs for a particular domain.

Cpanel logs:

/usr/local/cpanel/logs

Apache logs:

/usr/local/apache/logs

Captcha images not working on websites !!!!

               
This issue is due to the absence of a module called TTF (free type support for php ). It depends on how your version of  php was compiled. Please check your version of GD and PHP, Since php.net suggests that you need atleast 1.8 version for this support.

Fix :

           1 .Login to WHM

           2. In home select "Software" then "EasyApache (Apache Update)"  then select "Previously Saved Config" then in the bottom of the page click the button "Start customization based on the profile" then go to Exhaustive options by completing the previous steps then make sure checkboxe for "TTF" are checked. Once they are checked then initiate Build process.

Wednesday, 12 September 2012

CSF Installation

Pre Setup: Make sure perl modules are installed

yum install -y perl-libwww-perl

Step 1 :  Download, unpack, install of APF from source.

cd /usr/local/src
wget http://www.configserver.com/free/csf.tgz
tar -zxvf csf.tgz
cd csf
./install.sh

Step 1.1: Cleanup source install files.

rm -Rf /usr/local/src/csf* && cd

Step 2: Backup orginal CSF config

cp /etc/csf/csf.conf /etc/csf/csf.conf.bak

Step 3: Edit current CSF config
vi /etc/csf/csf.conf
                                                         
----------------------
csf -x : stop csf
csf -r : restart csf
----------------------



Changing the CSF mode

By default the firewall is running in testing mode(testing= "1"). We have to disable the firewall running in testing mode.
vi /etc/csf/csf.conf
testing = "0"
csf -r

Important Commands: 

csf -d IPADDRESS will deny an IP.
csf -a IPADDRESS will allow an IP.
csf -r will reload all rules.
csf -g IPADDRESSES (will tell you the reason ann IP address is blocked, and if not, will return no reason)

Important files: 

csf.conf   - the main configuration file, it has helpful comments explaining
        what each option does
csf.allow   - a list of IP's and CIDR addresses that should always be allowed
        through the firewall
csf.deny   - a list of IP's and CIDR addresses that should never be allowed
        through the firewall
csf.ignore   - a list of IP's and CIDR addresses that lfd should ignore and not
        not block if detected
csf.*ignore   - various ignore files that list files, users, IP's that lfd
        should ignore. See each file for their specific purpose

Finding spammer

Check for bulk/spam emails.

The 1st thing you should check for is the number of emails in the Exim queue using the below command:


exim -bpc


Then check if the emails are from same source:


exim -bp


Quote

    0m  1.6K 1Ryd9X-000aSt-8N <euser@host.hostname.com>
              user1@aol.com

     0m  1.6K 1Ryd9X-000aTK-NT <euser@host.hostname.com>
              user2@sbcglobal.net

     0m  1.6K 1Ryd9X-000aTT-Ui <euser@host.hostname.com>
              user3@aol.com

     0m  1.6K 1Ryd9Y-000aUC-Tp <euser@host.hostname.com>
              user4@aol.com

     0m  1.6K 1Ryd9Z-000aUN-59 <euser@host.hostname.com>
              user5@aol.com

     0m  1.6K 1Ryd9Z-000alM-P0 <euser@host.hostname.com>
              user6@aol.com


As you can see all the emails were sent a few minutes before I checked (0m), so there is definitely a bulk emailer/spammer. See if there is a cPanel user in the name "euser".



grep euser /etc/userdomains


If there is one, suspend/block him.

If you don't get much details. Check the header of one of the emails, using the below command.



exim -Mvh message_id


for eg:



exim -Mvh 1Ryd9Z-000alM-P0


Analyze the subject, from and to email address to locate the spammer.

Mailnull spammers, won't show up in the above headers most of the time. However an SSH connection is opened and we can identify them after seeing the netstat output.

Quote

    tcp        0      0 127.0.0.1:32587             127.0.0.1:25                ESTABLISHED 547580/sshd: euser
    tcp        0      0 127.0.0.1:32568             127.0.0.1:25                ESTABLISHED 547580/sshd: euser
    tcp        0      0 127.0.0.1:32458             127.0.0.1:25                ESTABLISHED 547580/sshd: euser
    tcp        0      0 127.0.0.1:32541             127.0.0.1:25                ESTABLISHED 547580/sshd: euser


Suspend the "euser" in that case and disable SSH access for him.

If you still don't find any spammers, enable extended logging for Exim. Read http://www.webhostgear.com/118.html

Also check the exim logs using the message_id to find more details.

Quote

    exigrep message_id /var/log/exim_mainlog

    exigrep 1Ryd9Z-000alM-P0 /var/log/exim_mainlog


Prevent Spamming

To prevent spamming, you should enable SpamFilters, SpammAssassin and anti-virus in the server. Read

http://www.sput.nl/software/exim.html http://wiki.exim.org/SpamFiltering and http://www.webhostgear.com/338.html

Also, the following command will give you some information if the spamming is done using any script.


ps -C exim -fH eww | grep home


Monday, 10 September 2012

Fantastico installation on WHM

SSH in to the server then : 

cd /usr/local/cpanel/whostmgr/docroot/cgi
wget -N http://files.betaservant.com/files/free/fantastico_whm_admin.tgz
tar -xzpf fantastico_whm_admin.tgz
rm -rf fantastico_whm_admin.tgz

A number of issues with Fantastico all have exactly the same cause and solution, so please try these two simple steps if you're having any problems with Fantastico either not working, displaying errors such as disabled functions or saying that Fantastico isn't installed in the correct location:

1)  Log into WHM as root, click on Tweak Settings, scroll down to the PHP section and make sure the      IONCUBE PHP Loader is selected. Save changes if needed.

2)  Log into your server as root via SSH and execute the following command:
    /scripts/makecpphp

For step number 2, make sure that the script completes the task without any errors. If the script stops the installation with errors, please deal with those errors before continuing.

We've seen a lot of servers lately that have cPanel and WHM incorrectly using a server's frontend (public) php.ini configuration instead of the correct backend copy located at /usr/local/cpanel/3rdparty/etc/php.ini. Running /scripts/makecpphp will fix this problem so long as your cPanel installation is reasonably up-to-date. Also, some people have missed the IONCUBE step mentioned in our installation directions or have accidentally had the loader changed or removed.

Reminder: Setting the IONCUBE loader in Tweak Settings does not affect your public PHP configuration, only the backend copy used by cPanel and WHM