Ive been having some issues with my cpanel lately... it seems everytime I add an account via whm or a subdomain via cpanel it locks up when "Restarting Apache"
I have 2 identical servers, 1 runs fine... this one though ive reinstalled apache...multiple times with no results... now im reinstalling cpanel and it seems forzen at 50% and just says
i have question about locking in homedir.. i bought few weeks ago debian box, and i need to create shell accounts with locking axx to user home directory.. or block access to other users directory..
a way to lock users in their directory. E.g. if I host a domain mydomain.com, I need that the owner of this domain can access (read, write, execute via ssh) only the folder www/mydomain.com and nothing else. The solution does not to be a ultrasecure one.
1] adjusting privileges (e.g. deny execute on dirs for the "others") seems a sure way to make the server unfunctional
2] rbash - when I set shell to rbash for a test user, the user can no longer connect to server through winscp
I have a (dedicated) server out of control. It is managed by a 3rd party company who has never been able to get the spam and server load under control. Loads average over 5! and there is no activity in top other than sendmail and mailscanner (with Ensim).
I turned off mailscanner and sendmail while I typed this and server load went to .08.
I'm going to switch (dedicated) servers to a new provider (for reasons above plus a few others) which will include managed service from the server provider as well.
There are only a few programs that need to run on this server. VBulletin is the main concern.
I want to lock down all mail access. I want vbulletin to be able to send outgoing email as part of its administration and as part of its member notifications.
I don't want ANYONE OUTSIDE THE SERVER to be able to send mail through this server.
One idea I have had is to use DNS to assign all MX records of every domain on the machine to the free gmail service.
I have one domain on this machine (and important domain) that gets thousands and thousands of spam. I assigned its' MX records to NO-IP.com who filters and forwards email to me. That has worked - but server load never budged.
User Domain %CPU %MEM MySQL Processes mysql 3.30 45.97 0.0 Top Process %CPU 1.0 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking Top Process %CPU 0.7 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking Top Process %CPU 0.6 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
the values are higher before,
i want to ask what is skip-locking and if i add skip-locking in my.cnf,
will the problem been improved? and will it take any effect or problem?
I'm running apache to serve PHP files on (/home/www/) and thttpd to serve images on (/home/www/images)
thttpd runs on a different IP than apache, apache only listens to its IP.
After doing this, the number of apache processes decreased significantly, however performance has gone down, and apache is starting to crash very frequently (swapping).
Could there be a file-locking issue? Do I have to separate the images folder from the www folder?
I've seen that a similar topic was posted earlier today, but I have more specific question. I'm looking for the e-mail only hosting. Requirements:
* dedicated IP * SMTP + SSL (TLS) * POP3/IMAP + SSL (TLS) * up to 10 e-mail addresses from various domains * forwarders (10 or more) * 1-5 GB storage * 10 GB bandwidth * budget: the less the better, but I'll pay any reasonable amount of money if the service is good. Basically I need to find a provider at which I can keep my e-mail address once and for all. (I need a few e-mails only, a few forwarders, 100 MB storage and 1 GB bandwidth but I stated more so I don't run out on resources)
Is there any significant difference between SSL and TLS or is it all mainly in the proprietary vs open standard?
Is there any good reason why not to use Google Apps for this purpose? I've read that some people are concerned about privacy. Is there any pro that can comment on this (privacy issue) and remain objective?
One last (dumb?) question. What is the purpose of domain locking? Before AuthCodes were introduced I could see the reason for locking domains, but why would anyone want to lock the domain these days? (and yet I see majority still does) I mean, noone can initiate the transfer without providing AuthCode (can he?) and isn't that alone good enough to keep the domain safe? And if someone manages to gain control to the control panel to read AuthCode then he can easily unlock the domain so I see no additional layer of security.
I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!
If I keep getting spam from a certain IP, can I add that IP to Iptables? Will it stop me receiving spam from that IP? I'm not quite sure how it all works.
Or what is the most effective method to stop spam?
EG_UDP_CPORTS="53,465,873,6277" Whenever I turn EGF to 1 my VPS locks me out of everything, I need togo into hyperVM to turn it off and restart my firewall.
What would cause this?
It's Fedora Core 5 on OpenVZ i've googled and cannot seem to find a reason why it would do that. Could be something in the host node kernel that may need adjusting?
Do you find iptables enough or do you use a hardware firewall for linux? I haven't used anything less than hardware firewalls for years but I gather than most simply rely on iptables. Is that a smart choice?
# iptables -D INPUT -s 25.55.55.55 -j DROP iptables v1.3.8: Couldn't load target `standard':/usr/local/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory What is going on? The libipt_standard.so file is located in /lib/iptables, but not /usr/local/lib/iptables. I tried moving all of the libipt files into the /usr/local/lib/iptables directory, but I got segmentation errors.
[root@localhost ~]# service iptables status Firewall is stopped. [root@localhost ~]# service iptables start Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: mangle filter [ OK ] Unloading iptables modules: ^[[A [ OK ] [root@localhost ~]# service iptables status Firewall is stopped.
it said iptables is stop...even I start manually...
I am not sure APF is running correctly because of iptables..
CSF dont ban the IP and if manually it is done I get following error. ---------------- csf -d 195.88.65.47 Adding 195.88.65.47 to csf.deny and iptables DROP... iptables: Index of insertion too big DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0 Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864 ------------------- Also iptables is not running on server. If status is checked it says its stopped.
I have many sites on my server I dont want to get any downtime.
Please let us know how can we fix this issue as soon as possible.
I have tried reinstall CSF but still the issue remains same.
I keep trying to flush my iptables on my linux server but every time i try to do so my server seems to freeze (i lose access and have to reboot it for it to come back online), how can I go about deleting those ips manually rather than executing the flushing command? what options do I have?
root@xxxx[~]# service iptables status Firewall is stopped. root@xxxx[~]# service iptables start Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] root@xxxx[~]# service iptables status Firewall is stopped.
i create a template for xen ( hypervm ) from jailtime site. now i install iptables , but iptables do not work and when i enter " service iptables restart" , iptables do not start. ( i check it from "service iptables status" )
I used a script to block some unwanted countries from accessing my site. In total I had about 3000 lines with ipranges. Now I just went ahead and put this on one of the servers, one that I really don't need the traffic on. But I am wondering what kind of affect this may have on the speeds. Will it really affect it more then a few ms? And anything else I should maybe worry about? Except maybe the loading time at reboots.