Riz Khan on December 2nd, 2010

Ever faced a problem with your ssh connection dying in middle of an installation Or in middle of data transfer ? scp rsync stopping in middle due to a ” Connection Closed ” message ?

Linux has a solution for you for this very scenario.  It has a utility that allows you to run any task in the background , without worrying about the connection breaking down due to internet or network cable or any other issue, its called screen. screen will keep things running for you in the background and you can again connect to the screen process and the task would be running as it is.  So how do we install and use it ? . Lets start with the installation.

Installing screen :

You can check if screen binary already exist by using below command :

root@CentOS5Server [~]# which screen
root@CentOS5Server [~]#

If it is already available you are good to go and can move on next step of utilizing this binary/utility.

If its not installed on your machine then you can install it using simple yum command on CentOS , RHEL or any RHEL family distros. You can do it as follows :

yum install screen

Now we can learn how to use the screen command :

Utilizing the screen command :

You can create a simple screen process by just typing the command ‘screen‘ and it will create a screen for you and move the control inside the screen session. Usually its recommended to use some the naming parameters with the command so you can create a screen with a required name and it can be referred to later with that name, specially when there going to be more than one screens and where more than one admins work on one  server. This can done using below command :

screen -mdS TransferingXYZDir

The above command will create a screen process in background with name  ‘TransferingXYZDir’ , you can choose any name. This will not switch the control to the screen session, the control and cursor will remain in the normal shell.

Writing just ‘screen’ will also create a screen session and will also switch the control and cursor to inside the screen session.

You can see the list of available screen processes at any time using the command ‘screen -ls’ as below :

root@CentOS5Server [~]# screen -ls
There is a screen on:
1468.TransferingXYZDir (Detached)

1 Socket in /var/run/screen/S-root.
root@CentOS5Server [~]#

As you can see the screen we just created above is now available in screen -ls , we can create more screen for our specific purpose and then connect to any of the screen and can also move out of any screen, this is called ‘attaching’ and ‘detaching’ from a screen.

You can connect or attach to any screen using below command :

screen -x TransferingXYZDir

If there is only one screen process then typing ‘screen -x‘ will attach you to that screen. When you have more than one screen process you will need to mention its id or name. The screen session created above can also be attached using command ‘screen -x 1468‘.

Detaching from screen requires a below key combination :

‘Ctrl A’ ‘D’

Pressing the three keys in above sequence will detach you from screen.

The screen process can be killed by only pressing ‘Ctrl D‘ or writing ‘exit‘ will also kill/close the active screen process.

The below demo commands will show the screen attaching/detaching and killing commands execution in sequence :

root@CentOS5Server [~]# screen -x TransferingXYZDir

root@CentOS5Server [~]# This is our Screen.
root@CentOS5Server [~]#


root@CentOS5Server [~]# screen -x TransferingXYZDir

root@CentOS5Server [~]# This is our Screen.
root@CentOS5Server [~]# exit

[screen is terminating] ( by pressing Ctrl D )
root@CentOS5Server [~]#


I wrote the line ‘This is our Screen’ in the screen session to show that the console is changing to a screen from normal shell.

The above commands should be enough to get you started and do all basic functions of using screen. For further details you can see the man pages for screen.

Have happing ‘screen’ ing :)

Tags: , , ,

Riz Khan on November 28th, 2010

When its comes to optimizing and tuning Mysql the most important aspect is to identify the inefficient/slow queries.
So the question arises how we can find the queries which are taking long time to execute so we can optimize/improve them to improve the overall performance.
Mysql helps us with its built in support for logging slow queries.

Activating the slow query logging :

We need check if slow query loggin is already enabled or not , it can be checked as below :

mysqladmin var |grep log_slow_queries
| log_slow_queries | OFF

If its already set to ON then you are set, if its set to OFF like above then you will need to enable slow query logging.

The mysql variable long_query_time (default 1) defines what is considered as a slow query. In the default case, any query that takes more than 1 second will be considered a slow query.

Now to enable the slow query logging we will need following entries in the /etc/my.cnf mysql configuration file.

long_query_time = 1
log-slow-queries = /var/log/mysql/mysql-slow.log

You can define the path for logging according to your requirements. Also the log query time which is by default 1 sec can be adjusted according to your needs.

Once you have done the configuration, restart mysql service to load the new configurations.

Once slow query logging is enabled we can check the log file for each slow query that was executed by the server.
Different details are logged to help you understand how was the query executed:

Time:  the time it took to execute the query
Lock:  how long was a lock required
Rows: how many rows were investigated by the query
Host: this is the actual host that launched/initiated the query
Query: The actual mysql query.

This information will help us to see what queries need to be optimized.

Tags: , , ,

Riz Khan on November 20th, 2010

Munin is a networked resource monitoring tool that can help analyze resource  trends and usage. It can monitor a wide variety of servers and equipment e.g.  servers, vpss, networks, applications etc.

Munin provides very useful graphs with resource usage listed for different time periods like , daily , weekly and monthly graphs.

Installation of Munin as plugin on cPanel servers or vpss is very easy and straight forward.

Go to below link in your WHM interface :

WHM >> cPanel >> Manage Plugins

You will find the Munin in the plugins section. Just check the check box in that section which says ‘ Install and keep updated ‘ and press save from the bottom of the page.

You will see the installation steps in the gui and it will complete in 5 to 10 minutes.

Once the installation is complete, you will find the plugin available at below path :

WHM >> Plugins >> Munin Service Monitor

In some cases you may encounter a blank page when you click on this link , in that case upgrade cpanel to latest CURRENT/STABLE release depending on your requirements using /scripts/upcp.

At this link you will find graphs for following services and equipment :

Apache, Disk, Exim, Mysql, Network, Other, Processes, System

Be default both daily and weekly graphs for each the above are available. Which give you very good idea on your resource consumption and to identify any bottle necks.

Its also a very good tool to identify if and when you need to upgrade to a higher plan for your hosting requirements.

For a non cPanel server you can do the installation by downloading the source directly and then install it. Or you can also do simple yum based installation.

After the installation you will need to configure the related files at /etc/munin path.  I will not be covering the manual installation details in this article , however the steps are not difficult and you can find plenty of articles covering them on internet.

Tags: , , , ,

Emails not getting delivered to inbox of yahoo, hotmail and gmail is a common problem that many users face due to different reasons, many times its IP reputation or the email activity on the shared environment.

spf and domainkeys can help with this situation to get the emails delivered directly to inbox. cPanel documentation has good definition for both of these terms :

DomainKeys An email authentication method that attempts to verify that a message actually came from the domain it appears to have come from.

SPF (Sender Policy Framework) A feature that allows a recipient server to verify that an email message has really been sent from the domain specified in the From: field. Enabling SPF can prevent your server from receiving replies to spam that has forged your domain name as part of the sender’s address. SPF only works if both the sending and receiving mail servers have SPF enabled.

To enable domain keys and spf cPanel provides built in scripts which can be used.

For root level handling below scripts are available which cna be used.

/usr/local/cpanel/bin/domain_keys_installer CPANELUSER
/usr/local/cpanel/bin/spf_installer CPANELUSER

Where CPANELUSER will be the actual cPanel user of the related account/domain.

Similarly below scripts can be used to uninstall/remove DomainKeys and SPF :

/usr/local/cpanel/bin/domain_keys_uninstaller CPANELUSER
/usr/local/cpanel/bin/spf_uninstaller CPANELUSER

For providing the option of enabling/disabling these at User level i.e. for clients to do it from their cPanel, the ‘Email Authentication‘ option will need to be enabled in WHM at below link :

WHM >> Packages >> Feature Manager

If you want the accounts to be created with both DomainKeys and SPF enabled by default then you can add this to /scripts/postwwwacct script. You will need to follow the syntax and format that cPanel requires for any post account creation setups in this script.

Other than adding these, follow some simple tips below for getting your email to third party providers Inbox instead of spam/junk folders :

– Make sure to create a proper RDNS/PTR entry for the main IP or the IP you are using for Exim in case its different
– Set the catchall address to ” :fail: ” ( without quotes )
– Reduce/Avoid setting up forwarders from the domain on the server/vps to third party provider emails

Have a nice Email experience !

Tags: , , , , ,

Many times if you find apache processes dying in the top process list or apache failing to start completely then one of the reasons could be a log file larger than 2Gb , which is indicated by the below error in the apache error logs :

child pid XXXX exit signal File size limit exceeded (25)

where XXXX is process id for the process which is failing and generating the error in the error log.

To fix this you will need to locate the log file which has grown to or above 2Gb size and either empty it or make a tar , rename and create a new log file. It can be access_log , error_log itself, the suphp_log , suexec_log etc.

For cPanel serves you should set the log rotation from following link in WHM to avoid this :

WHM >> Service Configuration >> Apache Configuration >> Log Rotation

For finding files greater then 2Gb below commands can be helpful :

This will print the top ten files with respect to size in the current directory
# find `pwd` -xdev -type f -ls | sort -k7nr | head

This will print any files greater than 2Gb
# ls -l | awk '{ if ( $5 > 2147483648 ) print $9 "\t" $5 }'

This will show files greater than 2Gb using simple find command
# find / -size +2G

Note : Depending on the version of find command on your server you may need to use different value, like in Mbs or Kbs in your find command.

Tags: , , ,

Riz Khan on September 28th, 2010

ConfigServer Security & Firewall

When we talk about server security, firewall is an important component.  For hosting server or other servers in general when it comes to free firewalls, there are two popular combinations. One is APF/BFD ( Advanced Policy Firewall/Brute Force Detection) and second is CSF/LFD ( Config Server Firewall / Login Failure Deamon ). The bfd or the lfd part of these installation take care of different brute force login or access attempts and blocks the related IPs/URLs using the firewall.

Both of these combinations are vastly used in industry. CSF/LFD is more popular on cPanel servers as it also provides a GUI access from WHM to manage different features and configurations.

Installing both CSF/LFD and APF/BFD is fairly easy.

In this short article I will list the steps of installation for CSF / LFD

– Login to your server with ‘root’ user and issue below commands :

- Change directory to either /root or /usr/local/src , which ever you normally use for such installations
# cd /usr/local/src
- remove any old source that might be present
# rm -fv csf.tgz
- wget/download the source for installation
# wget http://www.configserver.com/free/csf.tgz
- unzip/untar the source
# tar -xzf csf.tgz
- running installation script
# cd csf
# sh install.sh

Once the installation complete, you can run the below scripts provided by vendor to check if your server/vps has required iptables modules available :

# perl /etc/csf/csftest.pl

Even if it reports some of the modules missing and that you will not be able to run some features it is still fine as long as you do not get any Fatal errors.

If its are fresh installation then you are done with installation and can proceed with configuration. But if you are running some other firewall script then you will need to remove that first, CSF provides the script to remove the other popular combination I talked about above i.e. apf/bfd :

# sh /etc/csf/remove_apf_bfd.sh

The above script will remove apf/bfd from your server/vps.

Now you can either configure the firewall by directly editing the configuration files at /etc/csf/ or you can use WHM to edit the configurations from GUI.
CSF is disabled by default after the installation, so you will need to either enable it from shell or from WHM gui by accessing the configuration file.

I will list below some of very common commands you will need to use manage / use csf firewall :

– enabling the firewall
# csf –enable OR
# csf -e

– disabling the firewall
# csf –disable
# csf -x

– starting firewall / applying rules
# csf –start
# csf -s

– stopping firewall / flushing rules
# csf –stop
# csf -f

– adding an IP in firewall
# csf -d “Reason for blocking the IP”
# csf –deny “Reason for blocking the IP”

where is the IP you want to block.

You can use ‘csf -h’ or ‘csf –help’ to see the complete set of available commands.

CSF provides lot of options for tightening the security on the server , I will mentioned few tweaks that you can apply to your server/ vps :

– Find below parameter in CSF configuration and set it to 1 to enable it. This will block the outbound local connection to port 25, thus help with reducing spam activity on server.


Thee are other parameters like ‘SYNFLOOD’ and ‘PORTFLOOD’ which can help you with controlling/mitigating DOS attacks. See the configuration files and read me files for the CSF for complete details.  Also you can visit the vendor website for more details :

Vendor Websites :

APF/BFD – http://www.rfxnetworks.com/

CSF/LFD – http://www.configserver.com/

Tags: , , , , , , , ,