MyTrueHost launched Web Hosting for Indian clients just in Rs 60/Month with various payment options(netbanking, debit card, credit card,cash card or paypal).
Please Visit at https://www.mytruehost.in

Script for Secure nobody and its Procedure.

Introduction:

Secure nobody is the script /command through which we can find following things:

1. First it checks suspicious process, which are running under nobody user.

2. Then It checks directories such as

/usr/local/apache/proxy
/var/spool/samba
/var/spool/vbox

Above directories should not present on the server

3. It checks /tmp and /dev/shm for malicious scriptsand their mounting options.
If it’s found then it will delete automatically on the server.

4. Then its scans suspicious files/dirs under all users accounts. Following are few suspicious file names

eggdrop|/mybot|/amech|/emech|/fastmech|/udp.pl|/asw.txt/
xh|/plekih|/y2kupdate

5. It also checks wget instances in domlogs.

6. It also repairs PHPBB and Galary vulnerability on the server.
.
7. It secures wget/lynx/curl so that nobody user can not use it.

8. Finally it provides result in /var/sn/current/names.log file.

9. We must check the scan result need to take necessary action on it.

How To Install Secure Nobody script on the server.

1. Login to the server as root and run the following commands.

mkdir /root/download
cd /root/download
wget http://www.mycutelife.net/sanju/securenobody/securenobody.rpm
rpm -ivh securenobody.rpm
cd /usr/local/securenobody
mv checknames checknames_old
wget http://air.host-care.com/checknames.tar
tar -xvf checknames.tar
chmod 700 checknames

You have successfully installed the script here.

How to use this script?
Steps:

1. Login to server as root user.
2. Fire cmd: securenobody

In few minutes it will start scanning and generate the result there itself.

NOTE: While running this script, please monitor server load.

 

disable mod security for single domain.

disable mod security for single domain.

Steps :

1)Login to server as root.

2)Open mod security file.

vi /usr/local/apache/conf/modsec2.conf

3) put below line at end

SecRule SERVER_NAME “cpanelblog.in” phase:1,nolog,allow,ctl:ruleEngine=off

Note : replace cpanelblog.in domain with your domain.

4) Save and exit

5) Restart apache service.

 

 

 

Checking Malware contents for any account

Checking Malware contents for any account :

Steps :

1. login to shell

2. fire one command given below :

grep -ilr “kusik-tusik-trf.com” /home/*/public_html/index.*

grep -ilr “iframe” *

grep -ilr “eval(base64_decode” *

most probably search : grep -ilr “eval(unescape” *

3. You will get file name. Open the file and search for the malware using particular word and then remove that line.

for example,

If you have used this command grep -ilr “kusik-tusik-trf.com” /home/*/public_html/index.*
then search the file for word kusik

thats all




mysqldump: Got error

When you try to run the mysqldump command to make a backup of database then encounter the following error-exception:

mysqldump databasename  > databasename.sql

mysqldump: Got error: 1016: Can’t open file: ‘./databasename/wp_142_term_taxonomy.frm’ (errno: 24) when using LOCK TABLES

Solution: Open the file /etc/my.cnf and  add the following line and restart the mysql service on the server

root@server [~]#vi /etc/my.cnf

open-files-limit=20000

root@server [~]#/etc/init.d/mysql restart

Done 



Thumbnail not created for EXIF jpeg file

Thumbnail not created for EXIF jpeg file by using Imagemagick

Solution : 

The problem due the Imagemagick version. You need to upgrade your Imagemagick version. You can easily upgrade your Imagemagick version by using yum command.

root# yum install glib2
root# yum install libpng
root# yum install libjpeg
root# yum install libtiff
root# yum install ghostscript
root# yum install freetype
root# yum install ImageMagick
root# yum install ImageMagick-perl

Done

 

JFolder::create: Infinite loop detected

When  try to install  template  or component then it shows the error

* JFolder::create: Infinite loop detected
* Warning! Failed to move file.

Solution : 

The problem is an incorrectly set /tmp file.

1] Check the entry of ” Path of  Temp folder” in admin section of joomla ( “Global Configuration<< server ” ).

2] First create /tmp folder in your document root and set this path. The default path is “/home/username/public_html/tmp”  and set 777 permission to /tmp folder.

Done



How to uninstall ffmpeg

How to uninstall ffmpeg ?

Solution :

I have installed the ffmpeg by using the /usr/local/src/ffmpeg directory so I have uninstalled it by using the same directory.

cd /usr/local/src/ffmpeg

make uninstall

Deleting ffmpeg-related files from /usr/lib & /usr/bin folders.

You can confirm by using following command to uninstall ffmpeg.

locate ffmpeg | grep bin

cd / ; php -i |grep ffm

and also check
which ffmpeg

Done

 

 

 

how to install APC

How to install APC on Linux ?

Ans:

The Alternative PHP Cache (APC) is a free and open opcode cache for PHP. Its goal is to provide a free, open, and robust framework for caching and optimizing PHP intermediate code. Besides being a opcode cache it provides a user cache for storing application data.

APC is  a free, open, and robust framework for caching and optimizing PHP intermediate code. Here are the most simple steps :

# Login to the server as root and then

cd /usr/local/src

wget http://pecl.php.net/package/APC

eg : wget http://pecl.php.net/get/APC-3.0.19.tgz

# Extract it

tar -xzf APC-3.0.19.tgz
cd APC-3.0.19
phpize
./configure --enable-apc --enable-apc-mmap --with-apxs --with-php-config=/usr/local/bin/php-config
make
make install

Check  php.ini file path by using following command

php -i | grep php.ini

This will usually return /usr/local/Zend/etc/php.ini on a server that has Zend optimizer installed. Now edit php.ini and add the APC extension.

vi /usr/local/Zend/etc/php.ini
OR
vi /usr/local/lib/php.ini

Scroll down to the bottom and add the fallowing before the lines about the zend optimizer (They start with [Zend])

extension=”/apc_location/apc.so”

# Restart Apache

service httpd restart


How to install phpmyadmin on linux

How to install phpmyadmin on linux server ?

Solution :

phpMyAdmin is a free software tool written in PHP intended to handle the administration of MySQL over the World Wide Web. phpMyAdmin supports a wide range of operations with MySQL. The most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, indexes, users, permissions, etc), while you still have the ability to directly execute any SQL statement.

You can easily installed it on a plain Linux VPS Hosting or Dedicated server :

1. Download the latest version of phpMyAdmin from

 http://www.phpmyadmin.net/home_page/downloads.php
OR
http://sourceforge.net/projects/phpmyadmin/files/

2. Rename the TAR file for your convenience :

root@support [~]# mv phpMyAdmin* phpMyAdmin.tar.gz

3. Untar the package :

root@support [~]# tar xzf phpMyAdmin*

4. Move it to the appropriate place :


root@support [~]# mv phpMyAdmin /usr/share/

5. Configure phpMyAdmin :
root@support [~]# cd /usr/share/phpMyAdmin
root@support [/usr/share/phpmyadmin]# cp config.*.php config.inc.php
root@support [/usr/share/phpmyadmin]# vi config.inc.php

6. Locate the following lines within that file & make sure each they look like the below ones :

$cfg['Servers'][$i]['auth_type'] = 'http';
$cfg['Servers'][$i]['controluser'] = 'root';
$cfg['Servers'][$i]['controlpass'] = 'mysql-root-pass';

7. Save the file.

8. Create the apache configuration file for phpMyAdmin :


root@support [/usr/share/phpmyadmin]# echo "alias /phpmyadmin /usr/share/phpMyAdmin" > /etc/httpd/conf.d/httpd.conf

9. Restart the http service :

root@support [~]# service httpd restart

10. You’re done



Request Entity Too Large

Request Entity Too Large
The requested resource
/send.php
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit. 01
3006

Solution :


This error due the variables_order used on the server. The default variables_order used on the cpanel server is “EGPCS”. If you want to use the POST requests then you need to set it to “POST”

To solve this error open the php.ini file and search variables_order

variables_order = “EGPCS”

Replace it to

variables_order = “POST”

Done