I set up a cron to run every minute & I'm running a PHP script by way of cron like
Now does each request of Cron is a seperate HTTP Request or what? Say my script takes more than 1 minute to execute completely but before its completed, its called again. So, will that effect the PHP script running because of previous HTTP Request or will it create a new HTTP Request & let the previous request finish its operation? Technically, it shouldn't block/affect the previous request, but I'm not sure!!
I have a guy who can't get to any of the 100 or so virtual hosts on my RHEL3 server.
It's running the latest Apache RPM from RedHat. I also have mod_evasive and mod_security running.
Here's what I know. The guy *CAN* connect via SSH and FTP. The guy *CAN* see the default web page when he hits the IP in his web browser (e.g. he types [url]into the address bar on IE). But when he uses any of the host names on the server he *CAN NOT* see anything. He gets timeout errors.
His IP in NOT in ANY error logs, it's not in mod_evasive or mod_security, it's not in IPTABLES, it's not anywhere I can see.
I must be missing something. Anyone have any ideas?
What would be in front of Apache blocking his requests?
There seems to be some problem with my server, none of the websites hosted on my server are accessible, the http requests either return a blank page or a page with a red quare on the upper left hand corner.
I am not sure if this is some kind of infection or DNS problem or a problem with memory apache is taking up as i have thousands of virtualhost entries in my access log accumulated over the years out of which only a few 100 websites i am serving presently, but never deleted the non-exitent virtualhost blocks.
At times the websites are opening but most of the times they are not. And when they do not open my http requets are not logged in apacha access log.
Even the customers have reported the same problem.
Also, just four days back i had a strange issue where all http requests to my server would take me to [url].
I can SSH to server, and everything else is working fine.
My Linux Server's Http Daemon (Apache) would stop serving websites ever so often, as soon as apache is restarted the error fixes iteself only to resurface within few hours.
The apache process would still be running i.e. apache does not die but no websites hosted on my server would be accessible from browser. And when this happens the apache logs do not log any http requests.
Instead when this happens all http requests to my server would be redirected to some weird Trojan website and my Norton Antivirus would show an Alert/Warning, for example; "Browser exploit at www.xxx.xxx was blocked" Risk Name: MSIE WebViewFolderIcon ActiveX Control BO
or another error like; "Auto-Protect has detected Trojan.Fakeavalert".
At first i thought the problem could be with my Laptop/ISP so i logged on to the server via SSH and opened try to open a website using command line "lynx mywebsite.com" and it shows following error; "Alert!: HTTP/1.0 503 Service Unavailable".
Now if i assume my laptop were to be infected, then as soon as i restart my apache and visit mywebsite.com eveything returns to normal with no such warnings. Why do i see those norton error messages only when apache is down with 503, and when apache is down with 503 how come the http requests always get redirected to some suspicious websites and nothing gets logged in apache error log?
I think my server is being attacked causing http to get unresponsive and thereafter http requests to my server are redirected to some malicious website, is this correct?
Also, i suspect this is a php script exploit as some customers have reported that google have blocked their website due to security reasons, i found <iframe> tage inserted in some php pages which i fixed.
Also, another thinh i noticed; when apache responds with the 503 it is referencing PHP 5.1.4 in the header response:
[root@]# curl -I xxx.xxx.xxx.xxx (my server ip) HTTP/1.0 503 Service Unavailable Server: Apache X-Powered-By: PHP/5.1.4 Retry-After: 20
I am running PHP 4.3.9m why does apache responds with PHP 5.1.4 when this 503 error surfaces?
Also, since my apache was dowan with 503 error a customer mailed in today saying; "It seems that my site www.xxxx.com is regularly down, and the winlogon virus is involved."
I suspect this is again due to the fact that http requests start getting redirected?
1) #> nano /var/spool/cron/root Then type in the cron entry and save it #> service crond restart It cannot work if have not restart crond
2) #> crontab -e Then type in the cron entry and save it
3) #> nano /etc/crontab type in the cron entry and save it
I can use above three method without any problem.
However I cannot use crontab [filepath] method
4) #> crontab /home/admin/domain.com/www/testing/crontab.dat *crontab.dat is a cron entry. after type in this line, I use crontab -l and see cron entry has been added to /var/spool/cron/root However, the cron job will not run even I restart crond.
A few days ago, all cron jobs stopped working, probably because of a certain setting that my host changed. I contacted my host, and he replied that the format i'm using for the commands was not proper, and he gave me the proper command as:
I tried it, but it didnt work....
I googled the problem and got tens of commands... i simply wanna run a PHP file (the file itseld is functional if i browse it) every now and then, so what is the command i should be using?
also,i m looking for a specific cron right now (xbt_cron).once i find it ,what command do i use to run it manually.its supposed to run by itself..i just moved to a new server last week and now its stopped working.
Anyone can explain what are the purpose for these command, and should I make any changes to these to standardize them all (the time)
Secondly, one of my server doesn't set any automatic CPanel updates, so I set automatic updates for CPanel packages and Security packages. Is it suppose to add "/scripts/upcp" into my crontab? Most of them are also at different time.
I assume this command is to inform me whenever my user make a new domain add-on? /usr/local/cpanel/whostmgr/docroot/cgi/cpaddons_report.pl --notify
Also can anyone tell me what are the purpose of these? /usr/local/bandmin/bandmin /usr/local/bandmin/ipaddrmap /usr/local/cpanel/bin/dcpumon >/dev/null 2>&1 /scripts/exim_tidydb > /dev/null 2>&1 /usr/local/cpanel/whostmgr/bin/dnsqueue > /dev/null 2>&1
I noticed on my new servers users doesnt have crontab permission.On my first server they have access.So what i need to do to enable users crontab permission automaticly on new servers?I have whm/cpanel there but it seems there is nothing about it there.
I am trying to edit crontab using crontab -e, I seem to get to it okay but I am unable to edit anything in there, at the end of the file there are ~ in there, and I cant even delete them. Its like the file is locked.
I am trying to setup a cronjob but cPanel, (Linux Centos 5), tells me that user/bin/crontab permissions are incorrect and need to be changed to 4755 - I try to change permissions in WinSCP [Properties] but it doesn't 'take'.
how to force a change of permissions with SSH (Putty)
I have root ssh access to a server and we notice when doing a bash ./mysq-backup script to dump the data from the web site's databases into .sql and .tgz them that httpd goes down sometimes. That, and sometimes it seems that httpd goes down in other situations. All fine, we will figure out why. But ..
It would be nice to run a crontab to check every 15 minutes if httpd is running, if not, to restart it.
Right now I when I notice the site is down I log into the ssh as root and type: service httpd restart. If it is up it will then first stop it, and restart it. I can look at the screen and see it happen, so I feel pretty safe doing this. One of my concerns is that when I am not at the screen and it stays down .. I do not notice this and downtime increases. And we don't want to just crontab service httpd restart, so a bash script to check for the pid and restart if it down .. would be nice.
I thought this would work: (chmod 755 httpdcheck)
Code: delta:~ root# cat httpdcheck #!/bin/bash
if [ ! "$(pidof httpd)" ] then echo "Could not find pid of httpd - restarting" service httpd restart else echo "Found pid of httpd - NO need to restart" fi delta:~ root# And I have this crontab entry:
Code: delta:~ root# crontab -l */5 * * * * /root/httpdcheck | mail my@email delta:~ root# When testing, I did service httpd stop and waited 5 minutes and I received the email : could not find it, restarting. But when I go to the web site in browser it remains down. I have to login to ssh and do service httpd start manually to really load it.
Manually loading btw .. shows it works as bash script just fine, so I dont't know why it won't work when run from cron?
Code: delta:~ root# ./httpdcheck Could not find pid of httpd - restarting Stopping httpd: [FAILED] Starting httpd: [ OK ] delta:~ root#
So .. when is it going wrong? Am I forgetting something?
where when I view my website through http using Firefox, it never stops loading. If I use IE, then I get a "page can not be displayed" error.
If I use https then everything works fine.
I have noticed that if I delete lines from the files, I don't have this problem.
If I try viewing images (so I know it can't be an html of php problem) some look fine (the very small files). But, larger files, around 168 kb, load halfway and the second half is distorted (green and purple chunks and other random colors and lines).
If I view the image through https, the image is perfectly fine!
If I put my site through w3.org's validator (just to see what it would report) it says "500 Line too long (limit is 4096)".
My website used to work, so I know there isn't any code in the pages that would cause this to happen.
Is there an Apache setting I check? Perhaps it is sending a really long header that I can not see? I am not really sure what to do. I have made my site to force https but it's slow and not signed.