High Security Issue For Linux Server (New Methods)
Aug 22, 2007What are new methods to High secure a linux server ? (For webhosting company)
Please write something you know for Linux Security Methods (New version of OS).
ADVERTISEMENT
Plesk 12.x / Windows :: High Cpu Usage And Methods To Understand What Website Is Involved
Jul 15, 2015from about 3-4 days, the cpu of my server, from an average of 0-15% load, grew up to a constant 80-90-100% cpu load.
There were two processes called php-cgi.exe IWAM_PLESK(default) that, each one, constantly burned 30-40% of cpu load.
So, stopping websites one by one, I found the website that was the cause of the cpu overload.
On my "old" windows vps, there were processes called with the name of the website hosted (for example websitename_web.exe), so it was easy to immediately find exactly what website was involved in the hypotetical cpu or ram overload issue.
Methods To Test Server Performance
Nov 2, 2008I have LAMP -server running and I was wondering how to test it's performance.
So is there any good tools for that? I'm interest how many http queries my server could handle etc.
Easy Methods For Migrating My Date/site From One Server To Another?
Dec 28, 2008Going to be migrating over to another server pretty soon.
Does anyone have any easy methods for migrating my date/site from one server to another?
Linux Server Security Scanner
Apr 28, 2008i have managed server. just i want sure if it is secured.
i want company to test my server, Security Scanner.
and give me report about my bugs.
Plesk 12.x / Linux :: High Memory Usage - Swap So High
Nov 14, 2014This is my free -m
total used free shared buffers cached
Mem: 1998 1903 95 0 45 542
-/+ buffers/cache: 1315 683
Swap: 2662 36 2625
Not good ....
I got 5 wordpress and 5 statics website on this server and 100 visitors by 24H00 each day.
Question 1 : Why the memory is so low and the swap so high ?
Question 2 : Why i don't find high usage process in top command ?
Question 3 How can i resolve this problem ?
Joomla Security / Linux Security
Apr 4, 2008I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.
When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.
However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.
Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.
Plesk 12.x / Linux :: Server Health High After Update 12.0.18
Jul 23, 2014Since the update our Server Health has been very high and is playing up with email and probably other services.
OS CentOS 6.5 (Final)
Plesk version 12.0.18 Update #8, last updated at July 16, 2014 11:20 AM
The system is up-to-date; last checked at July 19, 2014 04:41 AM
Services !Problem
Disk OK
Memory OK
CPU !Problem
Network
This is the log from /var/log/plesk/health-alarm.log
##################################################
2014-06-24T10:01:15+11:00 INFO (6): Server health parameter "Services > Panel CPU usage" changed its status from "green" to "red".
2014-06-24T10:21:16+11:00 INFO (6): Server health parameter "Services > Apache CPU usage" changed its status from "red" to "green".
[Code].....
Plesk 11.x / Linux :: DDOS Or High CPU Load Dedicated CentOS Server
May 12, 2014I have been trying to identify why mi server has high load cpu, suddenly CPU load suddenly jumps, from 1 to 40 and until 110
If I restart mysqld and apache, the cpu gets back to normal, until this happen again
My server is
GenuineIntel, Intel(R)Core(TM) i5-2400 CPU @ 3.10GHz
VersionParallels Plesk Panel v11.0.9_build110120608.16 os_CentOS 6
CentOS 6.4 (Final)
CentOS 6 x64 Processor: Intel Core i5 - 3.10 GH
I already installed FAIL2BAN and DDOS DEFLATE without lock. I have CloudFlare Enabled.
When there is a high CPU load, I have checked netstats, and I don't identify many ips connected, so I think it could be an internet script (or virus).
I will paste the result of
ps fax
command, in a moment of high cpu load
Plesk 11.x / Linux :: How To Stop High Number Of Httpd Processes Crashing Server
May 17, 2014Our server is running; Plesk 11.0.9 and CentOS 5.7 it has a Q8200 CPU @ 2.33GHz and 2GB of RAM. Now there are just two websites on the server plus a couple of redirects/forwarding domains, although lots of domains are still on the server but turned off in Plesk. Both websites are OSCommerce sites and I just need to keep these sites going until the end of the year when we will switch to our new Joomla based website.
We have seen an increasing number of server crashes and after various checks of the logs, fitting a new BIOS battery, check of the hardware by EasySpace who host the server, installation of ClamAV, LMD and RKHunter (which did find some Trojans and Suspect software), I have traced it down to some external Http activity that is taking all of my CPU time and RAM. Here is a screen capture of the Htop listing and when I killed these processes the CPU and RAM went back to normal. The problem is that I usually have to restart the HTTPD service and sometimes things get so bad that the server crashes and I have to request a power cycle.
High Server Load / High Swap / Lots Of Httpd
Feb 20, 2008I have a cPanel server with 4GB RAM
My server hangs time to time, once or twice a day. This is the last status when it happens.
Server Load 75.90 (2 cpus)
Memory Used 92 %
Swap Used 65.78 %
When I was still inside SSH when it happens, the processes I can see inside "top" are a lot of httpd processes.
So I "killall -9 httpd", I had to do it 30~40 times
#killall -9 httpd
#killall -9 httpd
#killall -9 httpd
x 30~40 times until no pid process found & the server load is back to normal.
Before that, I check httpd fullstatus, they look very normal, same goes to what I see inside WHM Apache status & cpu usage status.
At first I thought it was a memory problem after consulting with a server admin, so I replaced all 4GB new ram stick (such a waste)
My Server Is Very Slow, High CPU, High Apache Load
Oct 31, 2009My server is very slow, High CPU, High Apache load....
I got a new server and i had setup a script on it.
No server tweaks has been done.
I run a filehosting site so it gets very slow when traffic is high.
Here is some info:
Code:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4135 filedip 19 0 12812 8892 2212 R 18.9 0.4 0:00.74 index.cgi
3140 apache 15 0 22624 9604 2768 S 17.3 0.5 1:54.45 httpd
3556 apache 15 0 22792 9592 2768 S 17.3 0.5 0:43.53 httpd
3739 apache 15 0 22672 9556 2744 S 17.3 0.5 1:09.67 httpd
3884 apache 15 0 22664 9560 2744 S 17.3 0.5 0:23.98 httpd
3474 apache 15 0 22672 9572 2756 R 16.1 0.5 1:34.09 httpd
3548 apache 15 0 22792 9560 2740 S 16.1 0.5 1:33.67 httpd
3991 apache 15 0 22640 9588 2756 S 15.1 0.5 0:22.44 httpd
3475 apache 15 0 22672 9580 2756 S 13.2 0.5 1:31.42 httpd
3493 apache 15 0 22664 9592 2768 S 12.9 0.5 1:15.52 httpd
3769 apache 15 0 22664 9580 2756 S 12.9 0.5 0:45.19 httpd
3638 apache 15 0 22664 9576 2756 S 12.3 0.5 0:32.82 httpd
3724 apache 16 0 22664 9580 2756 R 12.3 0.5 0:34.25 httpd
3626 apache 15 0 22672 9580 2756 S 11.7 0.5 0:52.54 httpd
4023 apache 16 0 22792 9560 2740 R 11.3 0.5 0:13.16 httpd
3882 apache 15 0 22664 9576 2756 S 10.1 0.5 0:38.56 httpd
3005 apache 15 0 22672 9588 2768 R 9.1 0.5 2:06.61 httpd
I dont know much about server managment...
how to fix this so server doesnt go slow?
Server High Load/high Mysql Usage
Jul 2, 2009I have a site that is eating up my server resources and need to know what the best solution for this is. I'm thinking of getting another server just for mysql but do not know what specs the server should be to handle the current traffic/database load and have the site run smoothly without slowing down to a snail's pace.
An alternative is to get another server just for the videos being served and leave the database and html on the current server. This is where I'm stuck and don't know what route to take with this.
My current server stats:
Dual Xeon 5130
4GB RAM
250GB
50 Mbit/sec
CentOS 3.9
Website traffic stats:
15,000 visitors/day
150,000 pageviews/day
Serving videos
I've attached screenshots of top and bandwidth usage per day. Hopefully with this information you could tell me if I need another server or if there are any things I can do to the current server to help things move faster.
Payment Methods
Jan 22, 2009I am planning to build my own site, but the problem is that I still don't have a domain and a hosting site..
I wanted to buy one but they all requested for a credit card number.. I'm still a student now and unfortunately I have no credit card..
Does anyone know any other way of paying those hosting sites and registering a domain w/o using credit card or something..
Or maybe since i'm still new, should I go for free hosting then? but my site uses MySql for database, is there a free hosting site that lets you use a database?
Backup Methods
May 14, 2007I am on a server with ssh disabled and automated cpanel backups disabled. I would like to back up all of my client accounts to my laptop in one go. So far, I think I've come across two options:
Option 1: rsync w/o SSH
I am not sure how to do this. Most tutorials I've found use ssh, and I can't figure out what other options there are.
Option 2: write a script that backs up all accounts and places them into a file on the server which I can then download.
Which option is better? Is there anything else I can do? I've been at this all day and haven't found a good solution.
Payment Methods For Hosting
Oct 28, 2008Very quick question please post if neither of the above. If you were to order hosting online which would you use: paypal or google checkout?
Any others please post below?
Different Methods To Drop DDOS Attack?
Jul 7, 2009What are the different methods to drop DDOS attack?
View 10 Replies View RelatedHow Can I Make Sshd Lie About It's Accepted Authentication Methods
May 16, 2008With my sshd installation, I have password authentication disabled, and only accept key-based auth. What I want to do is, make sshd lie about it's accepted authentication methods, or even make up a few to confuse anyone who's trying to connect. For example,
[root@vps2 ~]# ssh hah.cx
Permission denied (publickey).
I'd like to make it show something like,
[root@vps2 ~]# ssh hah.cx
Permission denied
Methods Of Resetting LOST Administrator / Root Password
Aug 9, 2008how do you guys reset the Administrator (for windows) and root password (linux)?
Do you guys use any kind of tools, boot-cd, software?
Linux Hosting And Security
Jan 20, 2008About next week, I'll put a Linux box on the web.
Could anyone suggest what kind of security measures I could implement?
Iptables:
- Protect against DDos?
- Protect against certain worms?
- Protect against flooding?
Services:
- Protect against constant dictionary attacks based on ports?
Pretty much any experience you could put down in this thread would be invaluable.
Also mod, if this shouldnt be here. Feel free to move, Im not sure where it should go!
What Is The Best Security Software For Linux
Feb 29, 2008What is the best security (antivirus/firewall) for a linux web server?
View 4 Replies View RelatedPlesk 12.x / Linux :: How To Test WAF (mod Security)
Oct 8, 2014I have Parallels Plesk 12.0.18 with CentOS 6.5 (Final)
WAF is On, with Atomic Basic ModSecurity rule set.
I was wondering if my sites were protected and I went to the Atomic wiki.
When I run a test from a non-whitelisted system following these instructions (STEP 10) [URL].... I always receive 404 error with all of my sites.
I also tested with:
[URL]...
Results: The sites load normally. (the call not even appears in the logs)
I've unistalled and reinstalled mod_security several times with the same results.
Is there any "official" way to check if WAF is protecting Plesk 12?
I asked same question in Atomic forum and they said:
you'd need to ask parallels about this, we made the ruleset available to them, but they implemented it using their own design. They might not be using 403 error codes like we do.
Linux Security Threat - More Sloppy Coding
Jul 19, 2009[url]
Now, before you say it, the real flaw is the compiler. But, that too comes from the usual holier-than-thou culprits. They can't fix it unless they fix the compiler.
And of course, there is the usual see no evil-hear no evil head in the sand approach to defending the honour of their little pet.
Your Favorite Security Tools For Your Linux Web Servers
Nov 18, 2008Your Favorite Security Tools For Your Linux Web Servers
Just wanted to know what all you guys favorite tools are for your Linux Web Server Setups
Plesk 12.x / Linux :: After Mod Security Logrotate New Log Is Empty
Jul 6, 2014Plesk 12 on Centos 6.5
I added the following to my /etc/logrotate.conf
/var/log/modsec_audit.log {
missingok
daily
rotate 4
compress
}
I'm not exactly sure if the above is the correct syntax, but the result was that two days later my current modsec_audit.log was Gzipped and a new modsec_audit.log was created.
The problem is that nothing was logged to this new file.
From the Plesk 12 control panel I turned off mod security and then turned it back on again and hey presto, the new logfile started to log events.
This leaves the problem of why nothing was recorded when the file was created.
Plesk 12.x / Linux :: FTP Very Slow (with Firewall / Mod Security Enabled)
Jun 26, 2014After upgrading to Plesk 12 the FTP connection has become very slow. Mode Security, Fail2Ban and Plesk Firewall have been enabled, the security is set to force sFTP and maximum security and in /etc/proftpd.d/ a conf file has been added to set the passive ports that have been opened in the Plesk Firewall (60000 to 62000)
Turning off the Mod Security does not solve the slow connection.
What can we do to detect the cause of the problem?
High-End Linux Hosts
Aug 27, 2008My company's done shared hosting with our web site thus far. (I've gathered that the best of the best in shared hosting include Steadfast, DowntownHost, HostGator, Lunar Pages, and WebzPro. Any to add to the list, feel free!)
We're now thinking about moving to higher end hosting, i.e. a dedicated or managed server. So my questions are:
- Who are the biggest names and best quality Linux hosts in this category? That is, if those I mentioned above are "bargain" hosts, who are the "high end" hosts?
- What is the difference between a "virtual private server," a dedicated server, and a managed server? Ideally we'd like to still have a hosting package where security is taken care of and there's a lot of customer support to fix problems, but with our own dedicated resources.
Plesk 11.x / Linux :: Add Strict Transport Security (HSTS) To Panel
Mar 4, 2014I have tried this on Plesk 11.5 and Plesk 12.0.10 Preview running on Ubuntu 12.04.4 LTS...
Locate the file
/etc/sw-cp-server/conf.d/plesk.confClick to expand...
Plesk 12.x / Linux :: Disable Outlook Or Thunderbird Security Warning
Jul 12, 2014How can I do to send email without the security warning?
I want the clients sending mails no longer have a security warning.
I tried with SSL port 465
I tried with port 587 TLS> Mail settings for the entire server> Enable Send Message
Trace High(ish) Linux Load
Apr 27, 2007This is a RHEL3 box. It has a couple hundred sites, most of which are pretty quiet most of the time, lately I can't get the load below 3 most of the time. I've tried all the usual TOP PS and the rest, but I'm not seeing my problem. I've attached a text file with extended outputs. but here's what I'm seeing now from TOP and VMSTAT. I'm not sure what else I could be looking at.
I've been watching, and it seems to be Apache most of the time at the top of TOP, and I'm logging slow-queries for myslq, but there aren't many there.
top
10:02:03 up 3 days, 21:23, 2 users, load average: 2.81, 2.83, 3.05
140 processes: 137 sleeping, 2 running, 1 zombie, 0 stopped ....