Correct Way To Kill Root Account
May 21, 2009whats the correct way to stop using root and setup a su account?
View 10 Replieswhats the correct way to stop using root and setup a su account?
View 10 RepliesI have created the account, and when I connect using FTP, I need to access to root directories such /usr /etc ........ How can I do that?
View 3 Replies View RelatedI'm running a webosting server under linux with sendmail as mailserver.
The problem is that many spammers send mails directly to the root account by using one of the existing pseudo accounts like "apache, uucp, root, ...". In a default sendmail installation, apache, uucp, root are defined as alias and point to root. I do virtualhosting so I accept mail for several domains. If a spammer send mail to root@anotherdomain.com, the spam will also arrive in the root account. If I define a bounce all for my main domain, I have problems because root@mymaindomain.com and apache@mymaindomain.com do not exist anymore. This results in user unkown when apache or root try to send a mail out.
So, how do I prevent spammers from sending mail directly to the root account? Is it possible to accept only local mail to the root account?
i have a server with cpanel,
i find the two folders .kde and .xemacs in the root folder of certain cpanel account,
is it safe?
because i feel that it looks likely the account has some problem.
I am trying to change color of directories. I can do that for root by editing .bashrc under /root. How can I do that for other users created under parallels? Their home directories are /var/www/vhosts/domain.com Using root account, I created .bashrc under those directory and chown to the user. But colors are not changing. I also adding the color in /etc/bashrc system wide file and it does not work either.
View 2 Replies View RelatedIs it possible to disable to root login to the panel? I do not mean the SSH login.
View 4 Replies View RelatedI was just wondering if someone has made a new tool/script yet that will allow yo to transfer CPanel accounts in bulk (not the old way of doing them one by one) to another server (VPS/Dedicated) without having root access?
Like I know in order to use the WHM's transfer from server to server you need root access on both servers, but I'm asking, if you have a Reseller account, and a VPS/Dedicated server, I know last time I checked the only way to transfer accounts over was by making a Backup file for each account and then transfering it over which can take a while if you are doing a lot of accounts.
I have read that although chained root ssl certificates can be more difficult to install they are actually more secure since the root certificate cannot be compromised, only the intermediary.
Is this true? It looks like both google and amazon both use chained SGC certs.
This morning apache stopped to serve pages. I have tried to restart it
with no success:
-------
init.d/httpd restart
----------
init.d/httpd stop
killall httpd
init.d/httpd start
------
killall httpd
init.d/httpd restart
---------
such like several times
every time failed with the
address already in use message
Was 4 oclock in the morning su I stopped investigating and restarted the machine
Is there a way to really shut down such a completely non-responsive process withou restarting the machine?
just a notice - there were not a heavy server load at the time
------------------
Server Version: Apache/2.2.6 (Mandriva Linux/PREFORK-8.2mdv2008.0) mod_ssl/2.2.6 OpenSSL/0.9.8e PHP/5.2.4 with Suhosin-Patch
Server Built: Sep 12 2008 14:54:18
I'm doing the following to create an SSH tunnel:
Code:
ssh -fNg -L 8888:127.0.0.1:3306 user@123.456.789.0
How can sort of "undo" that? I ask because I need to re-tunnel in to a different IP address but right now the only way I can figure to do it is to restart my computer (which is lame).
One of my sites, hosts mp3s for music I've written for video games etc.
I uploaded a track in December, and this month my bandwith has rocketed from 18g to 25g.
When I look at the awstats I see this...
a.a.a.a11811181146.82 MB26 Jan 2007 - 17:47
a.a.a.a+11161116198.40 MB26 Jan 2007 - 17:49
b.b.b.b1151115119.61 KB26 Jan 2007 - 08:00
c.c.c.c62062023.71 MB26 Jan 2007 - 15:18
d.d.d.d543543025 Jan 2007 - 20:52
e.e.e.e537537025 Jan 2007 - 20:18
f.f.f.f 3103104.18 MB26 Jan 2007 - 17:00
Now I'm not sure about the MB values, they don't look true at all, but why suddenly would the two top places have the same IP address bar a value of 1
If I scroll down to file usage, I see
/blah/blah/blah.mp3
7533305.76 KB52685276 - so it's been viewed 7533 times
and the next most popular page or file is,
/
10099.69 KB830412
Then looking at the search engine stats the most popular search engine phrase is this
[url][summer dance]45041.2 %
450 times? and yes, - np2sp6qjpj2jkzevo5mcl2fjmw$$.mp3 [summer dance] - this is the filename coming up even though it doesn't exist on the server
It's twice as popular as "game sounds" which is the site, and is on google... something fishy going on here.
The most popular site to come from is [url] times in fact, and that's a japanese/chinese/eastern site which I don't understand.
The IP address appears to be chinese too.
Can anyone explain to me what might be going on here please? It appears that someone is continuously downloading this specific file, just to use up my bandwidth?
Just got alerted that my server is being used to send spam. Here is the information the datacenter gave me:
[information .....]
NOTE: I changed the real domain name and IP only.
Is there an expert who can help me decipher this? How do I find the culprit? My provider is threatening to shut me down and sink all my clients with the ship!
I am running the latest WHM and cpanel server, fyi.
I want to know what does kill -6 PID does?
Is there anything else like kill -1,-2 (expect 9).
Also, what is the diff between kill and kill -9?
What the command to kill zombies processes?
I have 13 in my server and using "kill PID" is not doing anything...
There is a process on my server:
9897 root 20 0 1872 588 504 R 99.9 0.0 210:11.25 repquota
I tried kill -9 or kill -15, couldn't kill this,
i Have VPS
How i can Disable Rapidget/rapidlkill ETC...
in my VPS?
how to kill all mysql processes? Either all in general, or those only with sleep status, or all for a given user.
View 7 Replies View RelatedHow kill all proces user nobody in shell command?
View 4 Replies View RelatedCode:
1(init)/sbin/init/init [3]����������������������������������������������������������������������������������������
2(ksoftirqd/0)/
3(events/0)/
4(khelper)/
5(kacpid)/
20(kblockd/0)/
38(pdflush)/
39(pdflush)/
41(aio/0)/
21(khubd)/
40(kswapd0)/
187(kseriod)/
301(kjournald)/
1345(udevd)/sbin/udevd/udevd�
1704(kauditd)/
1745(kmirrord)/
1975(kjournald)/
1976(kjournald)/
1977(kjournald)/
1978(kjournald)/
1979(kjournald)/
2668(syslogd)/sbin/syslogd/syslogd�-m�0�
2672(klogd)/sbin/klogd/klogd�-x�
2693(named)/usr/sbin/named/var/named/usr/sbin/named�-u�named�
2736(courierlogger)/usr/sbin/courierlogger//usr/sbin/courierlogger�-pid=/var/spool/authdaemon/pid�-facility=mail�-start�/usr/libexec/courier-authlib/authdaemond�
2737(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2772(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2773(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2774(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2775(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2776(authdaemond)/usr/libexec/courier-authlib/authdaemond//usr/libexec/courier-authlib/authdaemond�
2814(smartd)/usr/sbin/smartd//usr/sbin/smartd�
2823(acpid)/usr/sbin/acpid//usr/sbin/acpid�
4454(sshd)/usr/sbin/sshd//usr/sbin/sshd�
4467(xinetd)/usr/sbin/xinetd/xinetd�-stayalive�-pidfile�/var/run/xinetd.pid�
4534(chkservd)/usr/bin/perl/chkservd
4545(courierlogger)/usr/sbin/courierlogger//usr/sbin/courierlogger�-pid=/var/run/imapd.pid�-start�-name=imapd�/usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�143�/usr/lib/courier-imap/sbin/imaplogin�/usr/lib/courier-imap/bin/imapd�Maildir�
4546(couriertcpd)/usr/lib/courier-imap/libexec/couriertcpd//usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�143�/usr/lib/courier-imap/sbin/imaplogin�/usr/lib/courier-imap/bin/imapd�Maildir�
4553(courierlogger)/usr/sbin/courierlogger//usr/sbin/courierlogger�-pid=/var/run/imapd-ssl.pid�-start�-name=imapd-ssl�/usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�993�/usr/lib/courier-imap/bin/couriertls�-server�-tcpd�/usr/lib/courier-imap/sbin/imaplogin�/usr/lib/courier-imap/bin/imapd�Maildir�
4554(couriertcpd)/usr/lib/courier-imap/libexec/couriertcpd//usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�993�/usr/lib/courier-imap/bin/couriertls�-server�-tcpd�/usr/lib/courier-imap/sbin/imaplogin�/usr/lib/courier-imap/bin/imapd�Maildir�
4559(courierlogger)/usr/sbin/courierlogger//usr/sbin/courierlogger�-pid=/var/run/pop3d.pid�-start�-name=pop3d�/usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�110�/usr/lib/courier-imap/sbin/pop3login�/usr/lib/courier-imap/bin/pop3d�Maildir�
4560(couriertcpd)/usr/lib/courier-imap/libexec/couriertcpd//usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�110�/usr/lib/courier-imap/sbin/pop3login�/usr/lib/courier-imap/bin/pop3d�Maildir�
4565(courierlogger)/usr/sbin/courierlogger//usr/sbin/courierlogger�-pid=/var/run/pop3d-ssl.pid�-start�-name=pop3d-ssl�/usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�995�/usr/lib/courier-imap/bin/couriertls�-server�-tcpd�/usr/lib/courier-imap/sbin/pop3login�/usr/lib/courier-imap/bin/pop3d�Maildir�
4566(couriertcpd)/usr/lib/courier-imap/libexec/couriertcpd//usr/lib/courier-imap/libexec/couriertcpd�-address=0�-maxprocs=40�-maxperip=30�-nodnslookup�-noidentlookup�995�/usr/lib/courier-imap/bin/couriertls�-server�-tcpd�/usr/lib/courier-imap/sbin/pop3login�/usr/lib/courier-imap/bin/pop3d�Maildir�
4644(clamd)/usr/sbin/clamd//usr/sbin/clamd�
4648(exim)/usr/sbin/exim/var/spool/exim/usr/sbin/exim�-bd�-oX�26�
4654(exim)/usr/sbin/exim/var/spool/exim/usr/sbin/exim�-bd�-q60m�
4658(exim)/usr/sbin/exim/var/spool/exim/usr/sbin/exim�-tls-on-connect�-bd�-oX�465�
4666(antirelayd)/usr/bin/perl/antirelayd
4752(spamd)/usr/bin/perl//usr/bin/spamd -d --allowed-ips=127.0.0.1 --pidfile=/var/run/spamd.pid --max-children=5
4762(spamd)/usr/bin/perl/spamd child
4763(spamd)/usr/bin/perl/spamd child
4826(pure-ftpd)/usr/sbin/pure-ftpd/pure-ftpd (SERVER)������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
4829(pure-authd)/usr/sbin/pure-authd//usr/sbin/pure-authd�-s�/var/run/ftpd.sock�-r�/usr/sbin/pureauth�
4856(crond)/usr/sbin/crond/var/spoolcrond�
4874(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
4877(xfs)/usr/X11R6/bin/xfs/xfs�-droppriv�-daemon�
4886(anacron)/usr/sbin/anacron/var/spool/anacronanacron�-s�
4969(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
4995(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
4998(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
5001(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
5004(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
5005(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
5034(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
5083(cphulkd.pl)/usr/bin/perl/cPhulkd - processor
5105(cpdavd)/usr/bin/perl/cpdavd - accepting connections on 2077 and 2078
5116(cpbandwd)/usr/bin/perl/cpbandwd
5117(cpanellogd)/usr/bin/perl/cpanellogd - sleeping for logs
5154(mailmanctl)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/mailmanctl�-s�start�
5155(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=ArchRunner:0:1�-s�
5156(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=BounceRunner:0:1�-s�
5157(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=CommandRunner:0:1�-s�
5158(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=IncomingRunner:0:1�-s�
5159(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=NewsRunner:0:1�-s�
5160(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=OutgoingRunner:0:1�-s�
5161(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=VirginRunner:0:1�-s�
5162(python2.4)/usr/local/bin/python2.4/usr/local/cpanel/3rdparty/mailman/usr/local/bin/python2.4�/usr/local/cpanel/3rdparty/mailman/bin/qrunner�--runner=RetryRunner:0:1�-s�
5172(dbus-daemon-1)/usr/bin/dbus-daemon-1/dbus-daemon-1�--system�
5183(hald)/usr/sbin/hald/hald�
5194(mingetty)/sbin/mingetty//sbin/mingetty�tty1�
5195(mingetty)/sbin/mingetty//sbin/mingetty�tty2�
5196(mingetty)/sbin/mingetty//sbin/mingetty�tty3�
5197(mingetty)/sbin/mingetty//sbin/mingetty�tty4�
5198(mingetty)/sbin/mingetty//sbin/mingetty�tty5�
5199(mingetty)/sbin/mingetty//sbin/mingetty�tty6�
5806(cpsrvd-ssl)/usr/local/cpanel/cpsrvd-ssl/usr/local/cpanel/basecpsrvd - waiting for connections
5924(authProg)/usr/local/cpanel/bin/courier-auth//etc/authlib/authProg�
5959(mysqld_safe)/bin/bash/var/lib/bin/sh�/usr/bin/mysqld_safe�--datadir=/var/lib/mysql�--pid-file=/var/lib/mysql/tiny.dnsprotect.org.pid�
5994(mysqld)/usr/sbin/mysqld/var/lib/mysql/usr/sbin/mysqld�--basedir=/�--datadir=/var/lib/mysql�--user=mysql�--pid-file=/var/lib/mysql/tiny.dnsprotect.org.pid�--skip-external-locking�--socket=/var/lib/mysql/mysql.sock�
6081(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
7291(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
7293(mono)/opt/mono/bin/mono//opt/mono/bin/mono�/opt/mono/lib/mono/1.0/mod-mono-server.exe�--filename�/tmp/mod_mono_server_global�--nonstop�--master�
7298(httpd)/usr/local/apache/bin/httpd//usr/local/apache/bin/httpd�-k�start�-DSSL�
7740(eximstats)/usr/bin/perl/eximstats
7822(authProg)/usr/local/cpanel/bin/courier-auth//etc/authlib/authProg�
8527(authProg)/usr/local/cpanel/bin/courier-auth//etc/authlib/authProg�
9234(cpsrvd-ssl)/usr/local/cpanel/cpsrvd-ssl/usr/local/cpanel/whostmgr/docrootwhostmgrd - serving 81.104.99.97
9236(whostmgr)/usr/local/cpanel/whostmgr/bin/whostmgr/usr/local/cpanel/whostmgr/docroot/usr/local/cpanel/whostmgr/bin/whostmgr�./simpleps�
9237(simpleps)/usr/bin/perl/usr/local/cpanel/whostmgr/docroot/usr/bin/perl�/scripts/simpleps�--html�
Recently server been a lil unstable... unsure why.. only recent thing i've installed is eaccelerator thingy.
and It was a lil unstable before that..
Our website is based around a customer based chat system. Customers are only on the system during a particular day and time range. So for parts of the week the server gets almost no traffic. When then time for a chat comes up we get hundreds of people on the site all doing page requests every few seconds.
So as you might imagine we are bringing the server to it's knees with heavy CPU and memory loads. Plus bandwidth usage is really high. We are currently on the biggest box that Rackspace has to offer. The site runs ok on it during these times. It's a little slow but not unbearable.
But we have not hit our max customer base. In fact if all goes well we will double our customer base next month. So I know when we do we will bring that box down totally.
I was thinking about possibly trying a cloud/cluster based approach but after some research on this site I have found that is probably not the best option.
So I am looking for advice on what to do? Is there a better host? Different technology?
Servers are not my thing really so I could really use some help.
No we can't change the way customers access the site or when they access. There is nothing that can be done in that regard so don't suggest it.
I am running phproxy on my dedicated server.
Sometime some process hangs for long.
I want to kill processes automatically when it takes more than 5 minutes.
And is there any tip you will share to optimize my server best for phproxy?