su command================= — 2020-01-24
su – comptonpeslonline.com —command=‘whoami’ ;
don’t forget that “crontab -e -u comptoneslonline.com” so each user can have their own crontab!
bootup commands go in /etc/rc.d/rc.local — 2015-02-16
yum —nogpg ; ## 2015-03-18 – ignore the gpg key
yum clean all ; ## 2015-04-28 – clean everything
—and/or—
for a in $(rpm —query —all ); do rpm —verify $a ; done | grep missing > rpm-results.txt ;
yum —assumeyes reinstall whatever-needed-fixing ;
=======================
server monitoring:
upTimeRobot.com – watches websites and server itself
gotSiteMonitor.com – watches the apache server
StatusCake.com
pingdom.com – watches the server 2019-01-10 – no longer FREE!
DEAD – taken over by logMeIn: monitor.us – sends daily reports
UNUSED: abbbeat.io
===============================
rebooting the server – 2013-03-11
/sbin/shutdown -r now ;
/sbin/shutdown -r now “rebooting immediately” ;
/sbin/shutdown -h ;
-h – halt
-r – reboot
-t – time in seconds
2013-02-03
postfix start ; #start postfix mail
postfix stop;
postfix status;
postfix flush ;
all mail activity goes in /var/log/maillog
vi /etc/postfix/main.cf
always_bcc = edwardsmark@gmail.com
this will send blind-carbon-copies to an email address
mailq – shows all outgoing mail in the queue
postsuper -d ALL ; ## removes all mail in the queue postsuper -d ALL deferred ; ## removes all the mail waiting in the deferred queue
= (re)start mysql =======
/etc/init.d/mysqld restart ;
/etc/init.d/mysqld stop ;
/etc/init.d/mysqld start ;
mysqladmin -u root password NEWPASSWORD ;
=============================
2015-07-04 – to limit the number of concurrent processes, edit
/home/DOMAIN.org/fcgi-bin/php5.fcgi
add this line:
ulimit -u 10
=============================
adrive mount commands
umount:
umount /usr/local/backup/offSiteStorage/adrive.com.interServerBackup ;
mount:
mount -t davfs
https://www.adrive.com/webDAV.php
/usr/local/backup/offSiteStorage/adrive.com.interServerBackup
;
=============================
syncing files across server using rsync:
rsync -ae ssh
/home/mark/virtualmin/comptonpeslonline.com/ root@199.231.184.26:/tmp/adrive/comptonpeslonline.com/ ;
rsync —archive —rsh-ssh (same as -ae)
creating a key: ssh-keygen — 2014-09-16
cat /root/.ssh/id_rsa.pub ; – copy/paste this right into adrive public key area
=============================
processor usage:
ps -ef ;
ps aux ;
free; ## shows free server memory 2013-02-13
free -m; ## shows free server memory in megabytes
pstree ; shows processor status tree 2013-07-06
========================
to inspect a database: (2013-02-01)
mysqlcheck —verbose —user=mysqluser —password=mysqlpassword mysqldb ;
to repair a database:
myisamchk /var/lib/mysql/mysqldb/wp_posts.MYI ;
============
csf firewall: 2013-02-02
## Failed to start firewalld.service: Unit is masked. – new error 2018-02-28 to fix: unmask:
systemctl unmask firewalld ; ## new command !
systemctl start firewalld ;
systemctl status firewalld ;
systemctl stop firewalld ;
#vi /etc/csf/csf.conf ## for allowed IP numbers
#csf —start ; ## start firewall
#csf —stop ; ## stop firewall
csf —restart ; ## 2016-05-04
- csf -x ; ## disable firewall
- csf -e ; ## enable firewall csf —disable ; csf —enable ; ## stop and restart full flush
- iptables -L -n ; ## similar to status
CONNLIMIT 80;20 — set this value to also stop DoS attacks – 2014-03-27
==
lfd ( login failure daemon) 2014-04-05
lfd stop;
lfd start;
lfd restart;
0) modify CUSTOM2_LOG to point to /var/log/virtualmin/comptonpeslonline.com_access_log
1) add line into
/usr/local/csf/bin/regex.custom.pm – custom rules for firewall, insert this perl command into the file:
- 22.3.226 – - [04/Apr/2014:02:01:45
0400] “POST /wp-login.php HTTP/1.0” 500 534 “” “-”
if (($lgfile eq $config{CUSTOM2_LOG}) and ($line =~ /(S+) – - [.] “POST /wp-login.php HTTPS” [500,403]/)) { return (‘Failed wp-login.php login from ‘,$1,“wp-login.php”,“1”,“80”,“3600”);
}
80 – port number
3600 – number of seconds to wait
2) change line in
change /etc/csf/csf.conf
CUSTOM2_LOG = “/var/log/virtualmin/comptonpesltrainers.com_access_log”
3) restart the firewall:
csf —disable ; csf —enable ;
4) monitor activity: tail -f /var/log/lfd.log ;
=============================
https://ma.ttias.be/effectively-using-detecting-the-slowloris-http-dos-tool/
mod_qos firewall settings – 2014-03-27 (UPDATED 2016-06-27) – note that QS_SrvMinDataRate is now obsolete (2016-06-27)
==
also:
iptables -v -I INPUT -p tcp —dport 443 -m connlimit —connlimit-above 50 —connlimit-mask 20 -j DROP;
yum install mos_qos ;
added this line to httpd.conf:
LoadModule qos_module /usr/lib64/httpd/modules/mod_qos.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so ## 2016-06-27
and added this to /etc/httpd/conf.d/mod_qos.conf:
## QoS Settings
http://linuxtoolkit.blogspot.com/2014/04/using-modreqtimeout-to-make-http-server.html
https://httpd.apache.org/docs/trunk/mod/mod_reqtimeout.html
cat > http://linuxtoolkit.blogspot.com/2014/04/using-modreqtimeout-to-make-http-server.html ;
now restart apache:
systemctl restart httpd.service:
==========================
===============
ftp: (2013-03-12)
.netrc (dot-netrc) – file to create an automatic FTP login – put file in your login root directory:
machine ftp.xdrive.com login foobar password foobar
=============
red5 server 2013-03-11
red5 status:
1) ps -ef | grep red5;
2) http://edwardsmarkf.com:5080
to start red5 server at boot up, put this line into /etc/rc.d/rc.local:
/etc/init.d/red5 start >/usr/share/red5/red5.log 2>&1 &
to specify how much memory red5 uses – its in the final line of /usr/share/red5/red5.sh:
exec “$JAVA” -Xms32m “$JYTHON” -Dred5.root=”${RED5_HOME}” $JAVA_OPTS -cp “${RED5_CLASSPATH}” “$RED5_MAINCLASS” $RED5_OPTS
notice -Xms32m – specifies memory size
## manually starting red5 server:
nohup /etc/init.d/red5 start >/usr/share/red5/red5.log 2>&1 &
## stopping red5 server:
# /etc/init.d/red5 stop ;
—or—
# /usr/share/red5/red5-shutdown.sh ;
======================
webmin restart: (2013-03-23)
/etc/init.d/webmin restart ;
