Category Archives: Servers

locale error in CentOS 6 !

Recently saw the issue in newly build CentOS6 VMs ( For me it was Virtuozzo based VMs ) :

-bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8)

Saw this error even after installing cPanel in the VPS.

This warning popped up every time you ran a command in shell, though it did not cause any issues

The fix was to run the following command :

localedef --no-archive -i en_US -f UTF-8 en_US.UTF-8

Should be good now !

 

Issue with r1soft backup agent !

Last day, got an issue which prevented a backup node to take the regular backup’s of a server which was already configured and working well.

The error which showed in backup node was :

Remote host unexpectedly closed the connection

Tried to stop the agent service running in the server and the error now obtained showed : “Connection refused

This meant that there was connections going through initially between the backup node and the concerned server, but somehow connection wasn’t getting established. Made sure the ports are opened and are listening in the server.

A quick grep on /var/log/messages showed the following :

Date hostname buagent: Was unable to create shared memory for log buffer

On checking the /etc/buagent/agent_config file, could see the CacheDir variable was set to : /var/cache/buagent

On trying to cd into the directory, was facing the error, ‘lots of symbolic links created’ and this error was preventing to enter in.

Removed the symlinks which is really not needed , re-created the folder/var/cache/buagent and attempted a backup task, bingo ! All good !!

 

 

 

 

Run FSCK without password during the startup !

You might have a situation in which you need to run an FSCK in your server and you do not have a root password or you do not get the desired login prompt due to any disk issues, which might need an FSCK.

You can try the following steps to attempt an FSCK :

* Reboot

* Edit the grub

Edit grub entry by pressing ‘e’

Edit the kernel line by pressing ‘e’

Add the following at the end of the kernel line: init=/bin/bash

Press enter to save and ‘b’ to boot

The above given statement boots straight into a shell without any password. You can now manually run the FSCK using commands such as :  fsck -y /

 

Wrong permissions when uploaded over SFTP ?

When uploading files / folders via SFTP, do you get the wrong / unintended permissions ? This might be evident when you get the permission of a file as 664 when uploaded via FileZilla over SFTP, and you get 644 when the same file is done over FTP.

This is due to the different umask setting for the different services.

To change this unintended behavior for SFTP, open the SSH configuration at /etc/ssh/sshd_config. Add this particular line :

Subsystem sftp /usr/libexec/openssh/sftp-server -u 022

022 means the permission for your files will be 644 (rw-r–r–) and for your directories 755 (rwxr-xr-x)


002 means the permission for your files will be 664 (rw-rw-r–) and for your directories 775 (rwxrwxr-x).

Once this is added, restart SSH service !

 

Hiding PHP extension in IIS using URL rewrite module

We have some situations in which we need to hide the extension of a webpage to the end users. Mostly this is concerned with the server security. Here we discuss about hiding the PHP extension of a wepage deployed in an IIS server .

We can easily implement this in Linux using codes passed via .htaccess file. In the case of Windows we will use URL-rewrite module to achieve the same. By default, this module is not installed alongside IIS, so we need to install it via Microsoft Web Platform Installer (WPI).

After the installation of URL-rewrite module, we need to edit the web.conf file in the root directory.

Say for example, we have a php website ‘www.abc.com’ and its root folder is C:/inetpub/wwwroot/www.abc.com. We need to hide the php extension of the page, www.abc.com/test.php. That is, we need to rewrite this url into www.abc.com/test. Lets now edit the web.conf file located at the root folder of the site (C:/inetpub/wwwroot/www.abc.com).

Attaching a sample web.conf file to make it clear :

<?xml version=”1.0″ encoding=”utf-8″ ?>

<configuration>

<system.webServer>

   <rewrite>

     <rules>

         <rule name=”test rule” enabled=”false” stopProcessing=”true”>

              <match url=”^gif” />

               <action type=”Rewrite” url=”{R:0}.aspx” />

         </rule>  

     </rules>

     </rewrite>

</system.webServer>

</configuration>

In our case look for the <rewrite> option in the web.conf file. After finding <rewrite> tag, copy the below mentioned configuration and paste it under the <rewrite> tag.

<rule name=”PHP Hiding”>

     <match url=”(.*)” />

         <conditions logicalGrouping=”MatchAll”>

             <add input=”{REQUEST_FILENAME}” matchType=”IsFile” negate=”true” />

             <add input=”{REQUEST_FILENAME}” matchType=”IsDirectory” negate=”true” />

         </conditions>

     <action type=”Rewrite” url=”{R:1}.php” />

</rule>

After this, the webpage will always be displayed as www.abc.com/test instead of www.abc.com/test.php

Installing a Perl module using CPAN

In this short post, we will discuss on how to install a perl module using CPAN.

First, login to the CPAN interactive shell using the command:

# cpan

Once, you are in, install a module using the syntax,

cpan> install package:function

eg, to install the module JSON::Parse, hit the following in the shell :

cpan> install JSON::Parse

The installation will check for certain test cases. If any of those tests fail, you wont be able to install the module. Analyse the result of the tests and if you feel you are good to go, even with the failed result, force install the module using :

cpan> force install JSON::Parse

Thats it !

 

Turning off mod_gzip using .htaccess rules !

You an read this to find out about mod_gzip, an external module for Apache.

There can be an issue with mod_gzip, when your website is hit with lots of users, attempting to complete some form-submission and if they do not allow enough time for mod_gzip to send the content to the client machine, then the system call can fail and websites may not load during this. You may find some lines corresponding to the following in apache error_logs :

mod_gzip : TRANSMIT_ERROR:ISMEM:32

You may chose to disable mod_gzip for the particular domain, as long as simultaneous users are attempting to complete the forms-related task.

You can edit the .htaccess file for the domain and pass the following codes :

<IfModule mod_gzip.c>
mod_gzip_on No
</IfModule>

Now, mod_gzip would be disabled for the domain !

Disabling email alerts from LFD !

LFD ( login failure daemon ) which comes along with the firewall CSF, is a process which runs in the background and that scans for the server logs periodically to find any suspicious activities, process, login attempts etc.

You might receive Lfd excessive resource usage alert which happens when a particular task or process consumes more than an allocated value of system memory or when it runs in the background beyond a particular time-frame. In a bottle neck’d server, where system memory is almost utilized and the resources are consumed equally, you might keep on receiving these alerts which is a real frustration. You can edit the csf config file at /etc/csf/csf.conf to change the settings.

# vi /etc/csf/csf.conf

^ after opening the file, find for the variables – PT_USERMEM and PT_USERTIME. Set those variables to 0 to disable the feature of alerting the user when the limit of memory/time is exceeded by a user/process.

– Once the csf config file is saved, restart csf using # csf -r , also dont forget to restart lfd using # service lfd restart

 

Running your commands/scripts in background – screen !

At times, it is required to run your scripts or commands in the background rather than doing it directly over SSH. There can be a situation when your internet connection can get unstable and things get shaky. Every important stuffs you execute in your server is preferred to be done via screen. screen is often referred to as ‘An admins best buddy’

When screen is called, it creates a single window with a shell in it
(or the specified command) and then gets out of your way so that you can use the program as you normally would.

To install screen in a red-hat based distro, run the following :

# yum install screen

– To start a new screen with the name – test , run the following :

# screen -S test

The above command opens a new window and you can execute/run any commands there. This will stay in the background. You can detach yourself from the screen by pressing the following keys

Ctrl + a followed by Ctrl + d

– To list all the running screens at any point of time, run the following :

# screen -ls

– To re-enter into an already detached screen,

# screen -x test

This will re-attach your window to the screen test, which was created earlier.

– Check out the further options available in screen by :

# man screen

Finding an issue with Zend Optimizer ?

When you open your webpage, are you getting the message that “Zend Optimizer not installed“, when you are pretty sure that it is installed in your server ? You are also sure that nothing has changed in the server and you get this message all of a sudden.

This file was encoded by the Zend Encoder / Zend SafeGuard Suite. In order to run it, please install the freely available Zend Optimizer, version xx.xx or later."

You can verify it from the result of # php -v, if zend optimizer is installed, you will get a result something like this :

“with Zend Optimizer vxx.xx, Copyright (c) 1998-2009, by Zend Technologies”

Even with this result, if you are getting an error that shows optimizer is not installed, then there is an issue with your codes. You might look at the particular PHP file and might see enormous codes. More likely the domain is compromised.  You will need to clean up the site / restore the domain from a clean backup.