[Fri Oct 10 00:11:01 2008] [warn] pid file /usr/local/apache/logs/httpd.pid overwritten — Unclean shutdown of previous Apache run?
semget: No space left on device

This error occurred because there is no more space left in Semaphore Arrays for Apache.

You can check semaphore arrays on your server using the following command .

# ipcs -s

If you see too many of them, run the script as given below

#for i in `ipcs -s | awk ‘{print $2}’`; do ipcrm -s $i;done

Now restart Apache services

# service httpd startssl

Now Fixed….

With cpanel linux server we are getting following error

error : [notice] child pid x exit signal File size limit exceeded (25.)

This error occurs due to log file limit exceeded on server. On linux 32 Bit server apache support maximum filesize upto 2GB. If any log file exceeded this limit then you will get above error and apache services het hanged
TO get it resolved you need to log files with following directories
/usr/local/apache/logs  and /var/log/

To get it resolved you need to emptied your log files those are above 2GB

How to access Awstats from outside the control panel ?

Accessing Awstats from outside the control panel is easy.

Step 1.

Download awstats from awstats.sourceforge.net

Step 2.

Uncompress awstats-5.6.tgz

Step 3.

Copy the contents of the uncompressed cgi-bin folder from your hard drive to the user cgi-bin directory (this includes awstats.pl, awstats.model.conf, and the lang, lib and plugins sub-directories).

Step 4.

If necessary (should not be needed with most setups), edit the first (top-most) line of awstats.pl file that is

#!/usr/bin/perl

to reflect the path were your Perl interpreter is installed. Default value works for most of Unix OS, but it also might be #!/usr/local/bin/perl

Step 5.

Move AWStats icon sub-directories and its content into a directory readable by your web server, for example /home/users/public_html/icons

Step 6.

Copy awstats.model.conf file into a new file named awstats.myvirtualhostname.conf.

This new file must be stored in /home/user/public_html/cgi-bin.

Step 7.

Edit this new config file with your own setup :

- Change LogFile value with full path of your web server log file (The path is: LogFile=”/usr/local/apache/domlogs/domain.com”).
- Check if LogFormat has the value “1″ (it means “NCSA apache combined/ELF/XLF log format”).
- Change DirIcons parameter to reflect relative path of icon directory. (DirIcons=”/icons”)
- Edit SiteDomain parameter with the main domain name or the intranet web server name used to reach the web site to analyze (Example: www.mydomain.com).

IMPORTANT!
- Change DirData to use the same Statics file than Cpanel Awstats and do not loose any entry.
(DirData=”/home/user/tmp/awstats/”)

Step 8.

Access AwStats by the URL:
www.domain.com/cgi-bin/awstats.pl?config=domain.com

Done!!!

The AwStats will refresh the Statics every 24 Hours.

Is it possible to allow users to update Awstats from the Cpanel?

Yes, Change the parameter “AllowToUpdateStatsFromBrowser” in /usr/local/cpanel/etc/awstats.conf set to 1,

AWStats add a button on report page to “update” statistics from a web browser. This is not a good idea, because Update process can be long so you might experience “time out” browser errors if you don’t launch AWStats enough frequently. Also, it take around 12-24 hours to take into effect.

There is an option in WHM>> Server Configuration >> Tweak Settings>>Stats and Logs to “Allow users to update Awstats from cPanel“.

How to update Awstats and webalizer via shell?

We could update the webalizer using the command /usr/local/cpanel/3rdparty/bin/english/webalizer -N 10 -D /home/username/tmp/webalizer/dns_cache.db -R 250 -p -n domain.com -o /home/username/tmp/webalizer /usr/local/apache/domlogs/domain.com

The Awstats can be updated by using the script /scripts/runweblogs accountname

Is it possible to view webalizer stats without login to cpanel?

Yes. Do the following steps.

cd /home/username/www
ln -s ../tmp/webalizer stats
chown username.username stats
cd ../tmp
chmod 755 ./
chmod 755 ./webalizer
—————-
will allow domain.com/stats/ for viewing stats without logging in to cpanel

Following steps will allow only selected users in particular group to run GET command on the server :

Step 1:- Create a group on the server

Code:

]# groupadd getgrp

Step 2:- Give execute permission to group

Code:

]# chmod 750 /usr/bin/GET

Step 3:- Add this group to GET file.

Code:

]# chown root.getgrp /usr/bin/GET

Step 4:- To check the permission of GET

Code:

]# ll -ld /usr/bin/GET

Step 5:- Now if you need to add the user to getgrp so that he gets execute permission on GET. Also getgrp should be secondary group of that user. Let the user be myuser1.

Code:

]# gpasswd -M myuser1 getgrp

Step 6:- To check if the user is added

Code:

]# cat /etc/group | grep getgrp

Step 7:- But if you want to add another user say myuser2 then please make sure that you mention both the user in your command as :

Code:

]# gpasswd -M myuser1,myuser2 getgrp

If you don’t mention both the user, this command will replace all the users with the user mentioned in your command. You should always run the cat command before adding any user so that you know how many users are already added. Or you can just edit the /etc/group file and add the user in the getgrp line.

The above steps will allow only root, myuser1 and myuser2 to execute GET command, all other will be denied.

Please note that path to GET may vary with the OS.

How can I run Rootkit Hunter every day?

You can create a cronjob script like this:

=========== /etc/cron.daily/rkhunter ====================
#!/bin/sh
(
/usr/local/bin/rkhunter –versioncheck
/usr/local/bin/rkhunter –update
/usr/local/bin/rkhunter –cronjob –report-warnings-only
) | /bin/mail -s ‘rkhunter Daily Run’ root
================================================== =======

You must be at ver 1.2.8 to use the report warnings only funtion.

How do I install Rootkit Hunter?

Download the gzipped tarball, extract it and run the installation script.

download:
# wget http://downloads.rootkit.nl/rkhunter-1.2.8.tar.gz
Note: It doesn’t matter where you save the tarball

extract:
# tar zxf rkhunter-1.2.8.tar.gz

installation:
# cd rkhunter
# ./installer.sh

This tutorial is for Web Server Administrators who administer Web Server.

Rules for Apache 2.x for better Security !

P.S: you must have Apache 2.x and Modsecurity_2 Installed

Step 1:- Downloading the Rules file

Code:

cd /etc
wget http://hyperois.com/files/modsec2_rules.tar.gz

Step 2:- Uncompress files

Code:

tar -xzvf modsec2_rules.tar.gz

Step 3:- Edit modsec2.conf

Code:

vi /usr/local/apache/conf/modsec2.conf

Step 4:- Copy and Paste this rules into your modsec2.conf

Code:

<IfModule mod_security2.c>
SecRuleEngine On
# “Add the rules that will do exactly the same as the directives”
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log
SecDebugLog logs/modsec_debug_log
SecDebugLogLevel 0
SecDefaultAction “phase:2,deny,log,status:406″
SecRule REMOTE_ADDR “^127.0.0.1$” nolog,allow
Include “/usr/local/apache/conf/modsec2.user.conf”

SecServerSignature “Rules Powered By HyperOIS.com”

#First, add in your exclusion rules:
#These MUST come first!
Include /etc/modsecurity/exclude.conf

#Application protection rules
Include /etc/modsecurity/rules.conf

#Just in Time Patches for Vulnerable Applications
Include /etc/modsecurity/jitp.conf

#Comment spam rules
Include /etc/modsecurity/blacklist.conf

#Bad hosts, bad proxies and other bad players
Include /etc/modsecurity/blacklist2.conf

#Bad clients, known bogus useragents and other signs of malware
Include /etc/modsecurity/useragents.conf

#Known bad software, rootkits and other malware
Include /etc/modsecurity/rootkits.conf

#Additional rules for Apache 2.x ONLY! Do not add this line if you use Apache 1.x
Include /etc/modsecurity/apache2-rules.conf

</IfModule>

Step 5:- Save and exit the file by clicking escape then typing

Code:

:wq

Step 6:- Lets apply the new setting by restarting Apache

Code:

services httpd restart

or

Code:

/etc/init.d/httpd restart

AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages.

The Setup consists of 5 major steps:

1. Installing Perl
2. The AWStats Setup
3. Setup IIS Logging
4. Setup AWStats Config File
5. Scheduling Log File Analysis

1. Installing Perl

Download the Perl binary for Windows.
Grab the MSI version.
Go ahead and run the install.
It will automatically create the Web Service Extension mapping in IIS.
However you need to allow that from IIS manager.

2. The AWStats Setup

Now that Perl is installed, we can get AWStats all setup.

1. Run the Setup. Select all the defaults.
2. Copy the contents of its Bin directory to C:\Perl\Bin Folder.
3. Go into IIS Manager, create the virtual directory named stats under default Website for C:\Perl\Bin.
4. Give Execute Permissions, select Scripts and Executables from the dropdown.

3. Setup IIS Logging

1. Right click the website to be logged, go to properties, and then on the Configuration tab, check off
2. Enable Logging (if it isn’t already).
3. Select W3C Extended Format from the dropdown, and then click Properties.
4. Proceed to the advanced tab and uncheck everything. There are certain items here that we’ll tick back off.

Namely, the following items should be checked:

Date (date)
Time (time)
Client IP Address (c-ip)
Username (cs-username)
Method (cs-method)
URI Stem (cs-uri-stem)
Protocol Status (sc-status)
Bytes Sent (sc-bytes)
Protocol Version (cs-version)
User Agent (cs(User-Agent))
Referrer (cs(Referrer))

The IIS end is now done, the final step is to setup the AWStats.conf file.

4. Setup AWStats Config file

It is already copied in the C:\Perl\Bin Folder directory. Copy the existing config file and save it as awstats.mywebsite.com.conf.

*yourdomain.com = name of the website you want to monitor.

The first parameter to setup is your log file item. The only important part is the final piece at the end with the date time codes.

Here’s the line from my config file below:

LogFile=”C:\WINDOWS\system32\LogFiles\W3SVC1\ex%YY-0%MM-0%DD-0.log”

The config file and documentation say that one should specify LogFormat=2 for IIS. Unfortunately, IIS 6 does not follow this predefined format, so we’ll have to specify our own:

LogFormat=”date time cs-method cs-uri-stem cs-username c-ip cs-version cs(User-Agent) cs(Referer) sc-status sc-bytes”

Then we have to specify the value of Site Domain. Site Domain must contain the main domain name, or the main intranet web server name, used to reach the web site.

SiteDomain=”www.yourdomain.com”

5. Scheduling Log file Analysis

AWStats only analyzes log files when told to do so. It can easily be toggled from the command line, and running a scheduled task to do this is the best solution.

Here’s a command that look like:

c:\perl\bin\perl.exe awstats.pl -config=yourdomain.com –update

All set now, you can access the stats from http://yourdomain.com/stats

Spam emails is nothing but flooding  Internet with many copies of the same email messages or legitimate emails . We can also called it as junk emails . It is very frustrating when we receive spam emails in our inbox. Many spammers use various tricks to send spam emails to unknown email addresses like anybody@domain.com , main@domain.com etc . If you are have a web hosting account with cpanel as your control panel then you can easily avoid spam emails using “Default Address” option.

By default all your unrouted emails are received in your main users inbox.

So you can avoid it by adding the following line in your cpanel >> mail >> default address option

•  :fail: no such address here

You can also avoid spam emails using email filtering.

Cpanel >> Email Filtering  >> add filter

Here you need to use your own filtering techniques like filter spam emails with specific subject, email address, contents, message ID etc.

While choosing web host you need to consider following impotant factors of web host.

1: Security and realibility:

While hosting your site with any web hosting provider you must be sure that the servers are fully secured and reliable for your applications. That starts from basic website data protection especially hacking attempts are an important watch-point for web developers while selecting an host.

Security in terms of firewall, security patches, tweaking on server configurations to avoid hacking process,denial of service attacks (DDOS) etc.

Hosting provider or ISP is completely responsible for regular upgrades as well as security measures that are taken on a web server and lastly, daily / weekly backups are also part of their hosting packages to recover from any criticality issues.

2:Customer Service

Customer Service is another important concept hosting business. Various Hosts offer a variety of customer services to attract customers. You need to sure that your service provider has 24X7 support on chats, phone and email. Technical expertise and experience are part of customer service.

3:Server Software

UNIX and Windows NT are the most common server software environments provided by hosting provider. server software can also affect a website with their limitation and restrictions. Your web developer should be aware of applications they will be using and assess which software environment will best suit their needs.

4: Internet Connection used by host:

Internet connection is very important while choosing hosting provider.
There are a bunch of variations T-1, T-3, OC-3 etc. A company that offers a T1 connection to the Internet can only allow 1.544 Mbps , T3 can allow up to 45 Mbps. An OC-256 can allow 13,000 Mbps, having ability to transfer much more information at a higher speed before getting down.

5: Speed:

Server performance and integration with software applications. How fast can they respond to your request ? When we speak of server speed, it clearly means that bandwidth and network connections are an important part. A server that is a host to many sites that are being accessed simultaneously may get bogged down. No matter how fast the connection is this can seriously slow down a viewer’s speed of browse a site. You can easily test the speed at which a server responds by “pinging” a site from your command prompt. Processor speed is also important. video and audio Streaming, forums and message boards, and highly animated applications all require huge amounts of memory and fast access to the main server. Overloaded processors can slow down a site’s transmission .