Server Administration & Management

How to create a tar archive from a directory

How can you do this? It’s not difficult at all. For exemple to backup a user home directory you would have to run:

# tar -pczf rchive.tar.gz /home/USERNAME

Since I started working with cPanel server I always needed to create archives from directories.
For example backing up a user’s home directory.

You can read more about tar by reading it’s manual.

# man tar

January 31, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , , | Leave a comment

Screen command

Many times as a Linux sysadmin, you will need to run multiple commands at once. You are probably doing this by opening multiple ssh sessions but there is a better way to do it ! Also as a sysadmin you probably had to run a command or script that is taking hours to finish like a rsync. This usually requires you to keep the ssh session open as if you close it the command or script will also be closed. If you ever faced any of those problems then it’s probably time to learn about the screen command.

Screen – makes it possible to run multiple full-screen pseudo-terminals from one real terminal, and lets you manipulate and save your screen input and output, copy and paste between windows.

First of all make sure that you have screen installed. If you don’t you can install it using yum, apt-get or any other package manager that you might have on your server.

# yum install screen

Now type in:

# screen

This will start a new screen for you. You could also name you screen using the -S option. Something like:

# screen -S 1

In this case I named the screen “1?.

The screen will look like any other ssh window. You can now type in your command that you want to run.

If you want to detach from the screen and still keep the command running you can do this by pressing:

Ctrl-a d (that is press Ctrl-a, release and press d)

Detaching a screen

To detach a screen, press ctrl+a release and then d. then you can just exit from your ssh shell. When you want to recover the jobs running under that screen just re-attach it.

Attaching to sessions again

First review the list of screen sessions you have running.

# screen -ls

There is a screen on:
3946.pts-0.arch (Dettached)
1 Socket in /tmp/screens/S-ggarron.

To resume the session run:

# screen -r 3946.pts-0.arch

If you want to reatach to a screen you simply type in:

# screen -r

Other options that you have when you are in a screen are:

1. To create a new screen:

Ctrl-a c

2. To switch between screens:

Ctrl-a n

3. And many others.

January 30, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , | 1 Comment

How to Enabling Quotas in cPanel

If in a cPanel server that didn’t have quotas enabled by default. What is the result of a server without quotas? Simple. All accounts will have unlimited diskspace.

How to fix this?

First of all you will have to login to your server using ssh.

1. You first have to edit /etc/fstab

# vi /etc/fstab

2. Locate the line that looks something like

LABEL=/1 / ext3 defaults 1 1

3. Add after “defaults” the word “usrquota”. It should look something like

LABEL=/1 / ext3 defaults,usrquota 1 1

4. Save and exit

5. Remount the / partition

# mount -o remount /

6. Now run the cpanel script to fixquotas

# /scripts/fixquotas

That’s it! Now all you cPanel accounts should have a limited disk space that you setup.

January 29, 2011 Posted by | cPanel | , , | 40 Comments

How to customize Apache default Success page

How to change the default Apache success page (the one that you see when you just type in the hostname for example). Surprisingly (or maybe not) this is not documented anywhere on cpanel docs or forums. If you are faced with the same problem then you will be relieved to know that the solution is extremely simple. You just have to login to your server via ssh. Navigate to /usr/local/apache/htdocs

# /usr/local/apache/htdocs

And finaly edit the file index.html

# vi index.html

If you list the content of /usr/local/apache/htdocs you will see that you can also modify the content of other error pages that cpanel’s apache outputs.

January 28, 2011 Posted by | Apache | , | 1 Comment

How to enable passive ftp in Pure-FTPd

For users that are behind a firewall it might be required that you enable passive ftp in your ftp server and client in Pure-FTp Software. We can enable passive ftp  by following steps as root user :-

1. Login to your server using a SSH

2. Open the Pure-FTPd configuration file in your favorite editor

# vi /etc/pure-ftpd.conf

3. Uncomment the line that starts with PassivePortRange and add:

PassivePortRange 61001 65535

4. Restart Pure-FTPd with the command:

# service pure-ftpd restart “OR” /etc/init.d/pure-ftpd restart

5. Please allow inbound connections  ports in firewall.

January 27, 2011 Posted by | FTP, Pure-FTPd | , | 1 Comment

Tracing what a Linux process is doing

From time to time you will get hanged process or you are unsure of what a process is doing at that moment.

You can trace what a process is doing by running:

# strace -p PID

Where PID is the process ID. Whis will show you what that process is doing in real time.

This is usefull for detecting  exploits or the source of a hang process.

To detach from that process simply press CTRL + C.

January 26, 2011 Posted by | Tips & Tricks, Unix/Linux | , | Leave a comment

How to fix cron problems on new cPanel 11.x servers

Sometimes there is a problem with cron jobs of cPanel 11.x + CentOS 5.x, where the crons are not saved at all with no apparent reason and without any errors. It is done because of the fact that crontab doesn’t have the correct permissions.
You can easily fix by running following comands as root user :-

# chmod a+s /usr/bin/crontab

Now  crons should work.

January 25, 2011 Posted by | cPanel, Cron | , , | Leave a comment

Backup partition table and bootloader

We can backup the MBR record of a hard-drive. The MBR record contains the partition table and bootloader.

Having a backup of the MBR is important and useful in case, when you want to copy data from an older drive to a new one or in case you want to restore data from a damaged drive.

How to backup the MBR record

# dd if=/dev/sdX of=MBR.bck bs=512 count=1

Note : you have to replace /dev/sdX with your actual drive. This can be /dev/sda, /dev/hda, etc.

How to restore de MBR record

# dd if=MBR.bck of=/dev/sdX bs=512 count=1

Again you have to replace /dev/sdX with your actual drive. If you also want to keep a human readable copy of the partition table you can run:

# fdisk -l > part.table

January 24, 2011 Posted by | Tips & Tricks, Unix/Linux | , , | 2 Comments

Fantastico error ‘You cannot install more than one script in the root directory of a domain’

If there is no script installed in the root (i.e. public_html etc.) for your domain name but you still get the message stating that you cannot install more than one script in the root directory of a domain, it means that a previously installed script was not properly removed. To resolve this problem you should follow these steps:

1. Log in cPanel and go to File Manager
2. Navigate to .fantasticodata in your Home Directory
3. Delete the file installed_in_root.php

Make sure that show hidden files/folders is enabled in your file manager. ?

January 23, 2011 Posted by | cPanel | , , | 1 Comment

Downgrading MySQL5 to MySQL4.1 in cPanel

The default database version in cPanel server installs is MySQL5. If you want to downgrade your MySQL version 5 to 4.1, then here is following steps to downgrade the database (this should only be done on a new server without any account on it yet)

1. Log into SSH as root and modify the cpanel.config file

#vi /var/cpanel/cpanel.config

search for the mysql version

Ctrl + w , mysql

2. Now log into WHM and make sure MySQL 4.1 is checked in

Main >> Server Configuration >> Tweak Settings

And now change the version from 5.0 to 4.1, and now you need to run

#/scripts/mysqlup –force

to force the downgrade  mysql database.

January 22, 2011 Posted by | cPanel, MySQL | , , | 2 Comments

What is an inode

An inode is a data structure which contains information about a regular file, folder such as its size and owner. The number of inodes you use represents the number of files/folders you have on your web hosting account. Many web hosting companies restrict the inode usage on the shared hosting server. Hence, even if they offer unlimited disk space, you cannot use it because of inode limit.

When a file is opened, the file’s inode is read by the kernel. If you have more files/folder in your account, the more inodes you use. Generally one file uses one inode.

As shared hosting customers, you may receive the notification regarding inode usage from your hosting provider. Generally the web site contents do not require more inodes. In most cases, catch-all account consumes more inode. You can delete/download emails from your catch-all email account to reduce the inode usage and if you do not require catch-all account, it is advisable to disable it. Also, if your account has many email accounts, it is advisable to download the emails via email client software viz. Outlook, Thunderbird etc.

January 21, 2011 Posted by | Unix/Linux | , , | 2 Comments

WordPress Fatal error: Allowed memory size of xxx bytes exhausted while upgrading WordPress

You might have received the error stating that “Fatal error: Allowed memory size of xxx bytes exhausted (tried to allocate xxxx bytes) in some-file.php on line xxx” while upgrading you WordPress version. The reason is that while executing PHP file, it exceeds allowed PHP memory on the server. Generally this happens if the value for memory_limit is set to low (probably 8M etc.) in PHP configuration file php.ini. There are some workaround to increase the value for PHP memory.

[1] You can contact your host to raise limit for php_memory.

[2] You can add following line in your .htaccess:

php_value memory_limit 64M

This will not work if suPHP is enabled on your server. If suPHP is enabled on your server then you will need to put php.ini in the root of your domain and modify the following line:

memory_limit = 64M ; Maximum amount of memory a script may consume (64MB)

[3] You can also raise PHP memory from wp-config.php file. Just add the following line after opening PHP tag:

define(‘WP_MEMORY_LIMIT’, ’64M’);

January 20, 2011 Posted by | PHP, WordPress | , | 9 Comments

How to reset WordPress administrator password

Sometime you may need to reset your admin password for your WordPress blog. You have to reset your password through the WordPress database directly in case if the forgot password doesn’t work. The most convenient way to manage the database is via the PhpMyAdmin tool at your web hosting account.

In PhpMyAdmin, select your WordPress database from the drop-down menu on the left. The page will refresh and the database’s tables will be displayed on it. Open the SQL tab (look at the top navigation bar).

In the text field write the following SQL query:

UPDATE `wp_users` SET `user_pass` = MD5( ‘your_new_password’ ) WHERE `wp_users`.`user_login` = “your_admin_username”;

“your_new_password” – replace this with the new password you wish to use.
“your_admin_username” – replace this with the username the password should be updated for.

Once you are ready, click on the “GO” button to submit the query. If everything goes fine without errors, you should be able to login to WordPress with the new password

January 19, 2011 Posted by | WordPress | , | 2 Comments

WordPress and Mod_Security issues

ModSecurity is an open source web application firewall. This helps to prevent attacks on websites, SQL injection, command execution via browser etc. However, this may break some application installed in your website. With ModSecurity2, you can not bypass any rule by ID from your .htaccess file.

If your web hosting provider has enabled mod_security with Apache, you may face some problem to post topic, upload images, insert images in the post etc. Since ModSecurity2 does not allow to bypass rules by ID via .htaccess, you will have to contact your web hosting provider to bypass some rules for your website. ModSecurity provides facility to bypass rules based on the location. You will require to create global whitelist configuration file to bypass certain rules based on the location.

Recently, I faced problem to upload and insert images in the post. After reading some websites, I found some global rules which I bypassed some ModSecurity rules using global whitelist configuration file which fixed my problem. The rules that I bypassed are as follow (I have put space before LocationMatch and /LocationMatch. Remove that space in your configuration file):

< LocationMatch “/wp-admin/post.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/admin-ajax.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/page.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/options.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/theme-editor.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-includes/”>
SecRuleRemoveById 960010 960012 950006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

Hope this will help others who are facing the similar problem in their WordPress blog with mod_security.

January 18, 2011 Posted by | Mod_Security, WordPress | , | 1 Comment

Manually run logs for a cPanel account via SSH

Sometimes we manually need to run the logs for particular account in cPanel , we can easily do this via SSH Log in as root, For particular account only use following commands :-

#/scripts/runweblogs username

and for all accounts


January 17, 2011 Posted by | cPanel, SSH | , , | 1 Comment

How to change MySQL database collation from PhpMyAdmin in cPanel

Sometimes its require to change MySQL collation in the web hosting account to use foreign character encoding. There are many ways to change MySQL collation. Here are the following steps to change MySQL collation from PhpMyAdmin in cPanel:

1. Login to your cPanel and click on “PhpMyAdmin” icon.
2. Click on your database name and the go to “Operations” tab.
3. At the bottom of the page you will see the collation option. You can now select a collation from the drop down menu and click on the Go button.

Please note that the new collation will be set for new tables only. Old table will use the previous collation under which they were created. If we want to use new collation for already created tables, we will need to change collation for all tables.

January 16, 2011 Posted by | cPanel, MySQL | , , , | 6 Comments

How to view maillog for particular domain

SSH to Server and run following commands as root user :-

# cat /var/log/exim_mainlog | grep “unixserveradmin.com” > mail_log.txt

this should create a file called mail_log.txt with the desired mail log for unixserveradmin.com domain

January 15, 2011 Posted by | Mail | , , | 1 Comment

Turbo charging MySQL by setting up the query cache

To make sure MySQL uses the query cache, there are a few variables you need to set in the configuration file . Usually its my.cnf or my.ini file, so check on the server with the shell command locate , in our case, its my.cnf located in /etc so we opened it by using vi /etc/my.cnf

First, is the query_cache_type. There are three possible settings:

0 (for off, do not use),
1 (for on, cache queries) and
2 (on demand).

To ensure it is always on, place: query-cache-type = 1

in the configuration file.

The query_cache_type is set to ON now. However, there is one more to set, and that is the query_cache_size. If set to 0 (the default), the cache will be disabled. This variable determines the memory, in bytes, used for the query cache. For our purposes, we will set it to 20 MB:

query-cache-size = 20M

if you want to check out whats happening in the MySQL cache, just run this command :-

# mysql -e “SHOW STATUS LIKE ‘%qcache%’;”?


January 14, 2011 Posted by | MySQL | | 3 Comments


1. # netstat -tulpn | grep :80

2. # fuser 7000/tcp [Find out the processes PID that opened tcp port 7000]

3. # ps ax | grep httpd | wc -l

4. # ps aux | awk ‘{ print $8 ” ” $2 }’ | grep -w Z

5. # netstat -ant | awk ‘{print $NF}’ | grep -vE ‘[:upper:]’| sort | uniq -c | sort -rn

6. # netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

7. # wc -l /proc/net/ip_conntrack

8. # history | awk ‘{print $2}’ | sort | uniq -c | sort -rn | head [List the most used commands in your history]

9. # cat /etc/domainusers | wc -l [Main Domain of Server]

10. # /ls /var/named/ | wc -l [Total Domain of Server]

11. # ps aux | awk ‘{print $2, $4, $11}’ | sort -k2rn | head -n 20 [List running processes ordered by RAM usage]

12. # netstat -nap | grep SYN [Synflood Attack]

13. # netstat -nap | grep SYN | wc -l [Synflood Attack]

14. # echo 1 > /proc/sys/vm/drop_caches [Flash RAM Memory]

15. # /bin/sed ‘s/(.*)(: )(.*)/3: 1/’ </etc/domainips | /bin/sort >/etc/domainips_reverse [command to create reverse IP for an domain]

January 13, 2011 Posted by | Tips & Tricks, Unix/Linux | , , | 2 Comments

PhpMyAdmin Error

Topic :- Can’t start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.

It appears that the /var/cpanel/userhomes/cpanelphpmyadmin/ directory has incorrect permissions on it

# cd /var/lib/php

check –> drwxrwx—  2 root apache 4096 Nov 14 02:41 session/

# chown -R cpanelphpmyadmin.cpanelphpmyadmin /var/cpanel/userhomes/cpanelphpmyadmin/

# vi /usr/local/cpanel/3rdparty/etc/phpmyadmin/php.ini

#/etc/init.d/httpd stop

#/etc/init.d/httpd start

January 12, 2011 Posted by | cPanel, PHP | , , | Leave a comment