Hello,
PHP and Apache are not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Monitiring exim_mainlog doesn’t exactly help, you see th email going out but you can’t track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you’ll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail
Requirements:

We assume you’re using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we’re only tested it on a
Cpanel/WHM Red Hat Enterprise system.

Step 1:

Login to your server with root.

Step 2:
Turn off exim before proceeding
service exim stop

Step 3:
Take the Backup of  your original /usr/sbin/sendmail file

mv /usr/sbin/sendmail /usr/sbin/sendmail_bak

Step 4:

You need to  Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n”;
}
else {

print INFO “$date - $PWD -  @infon”;

}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach  (@ARGV) {
$arg=”$arg” . ” $_”;
}

open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

save and close

Step 5:
Now change the new sendmail permissions
chmod a+x /usr/sbin/sendmail

Step 6:

Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7:
Start Exim up again.
/etc/init.d/exim start

Step 8:
You can Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log

Reference taken from : webhostgear.com

Hello,

ImageMagick is a software used  to create, edit, and compose bitmap images. Using ImageMagick we can read, convert and write images in a variety of formats including DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript, SVG, and TIFF. ImageMagick is used to translate, flip, mirror, rotate, scale, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.

ImageMagick is typically utilized from the command line or you can use the features from programs written in your favorite programming language. Choose from these interfaces: G2F (Ada), MagickCore (C), MagickWand (C)

How to install ImageMagick On Linux server:

wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz

tar -zxvf ImageMagick*.tar.gz
cd ImageMagick*

./configure

make

make install

You can verify the installation with command :

which convert

Regards,

Tuks

Hello,

For taking backup of you database you have to make sure that you database is good enough. with shell access you can take the database backup in .sql format with following command

#mysqldump user_databasename > database.sql

As you are having database backup and want to restore it then use following command

#mysql user_databasename < database.sql

Hello,

To get the apache version on linux server we have to use following command.

# /usr/local/apache/bin/httpd -v

To get the php version on linux server we have to use following command.

#php -v

you can get the php modules install on server with command #php -m
To get the mysql version on linux server we have to use following command.

#mysql -v

How to install and configure the CSF (configserver) firewall.

CSF can be used on a wide range of Linux systems, including those running cPanel. Following are the steps to install and configure the CSF.

Installation is quite straightforward:

rm -fv csf.tgz

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

To configure CSF modify the config files in /etc/csf/ - or if you are running WHM you can modify the CSF settings in WHM itself.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

To stop other sites directly linking to your images and media files and stealing your bandwidth You need to add following code in your .htaccess file

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com(/)?.*$ [NC]
RewriteRule .*.(gif|jpg|jpeg|bmp|wmv)$ http://www.domain.com/image.jpg [R,NC]

Note: replace your website with domain.com

Note: Please don’t disable the Windows Firewall unless and until you have the other appropriate firewall software installed on your system

There are mainly three methods for disabling the Windows Firewall. The first method is for any user with administrative privileges on an individual machine not remotely or collectively managed in any way. The other two methods are for use windows Administrators on fully managed systems or windows servers.

1) Using the Control Panel

This method is for any user with administrative access to unmanaged systems

1. From the Start menu, select Control Panel, then select Windows Firewall.
2. Select Off, then click Ok.

2) Using Local Policy

This method is for administrators with administrative access to unmanaged systems or locally managed systems where the machine is not part of a Windows 2000 or higher domain.

Go to Start menu >> select Run, here enter gpedit.msc.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.

3) Using Group Policy

This method is for administrators with administrative access to managed machines that are part of a Windows 2000 or 2003 Active Directory domain.

Create a new Group Policy object, and give the object a descriptive name (for example, ITS-Turn off Windows Firewall).
Select the newly created group policy.
Right-click on the newly created policy and select Edit.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.
In the Security Filter section, click Add.
Search for the objects that this group policy will be applied to, then click OK.
Close the Group Policy editor.

Dedicated Server Hosting lessen your need to share hardware or software with other websites on a server. Dedicated hosting is exceptionally flexible and robust solution that significantly meets the needs of more sophisticated users for their high traffic websites with lot of interactions.

Due to steady growth in the hosting industry and competitive environment the rates of the servers decline gradually but apparently you are going to consider to choose a dedicated hosting provider that provide reliable service and 24×7×365 monitoring of the server and network availability. The dedicated server hosting is in greatest demand due to the incredible growths of online presence of both small and mid-sized businesses.

With a dedicated server you get Control and Reliability and Fully Managed dedicated service that enable you to make changes and updates the installed software on a server because you get full root access to the web server and technical support by a team of experienced professionals.

In addition the users get the option to install the software and other resources they need for their websites and optimize page loads speed and allocation of resources on server that truly helps you to run a server resourcefully in its most optimal configuration in secure environment.

Dedicated server amplifies the website overall presence and helps you in performance drives customer retention. If you start realizing that your site is growing in fast, and you are getting increasingly the traffic from different sphere, then dedicated server is the most appropriate decision to shift on from a shared hosting environment.

How to hide the PHP version to remote requests :

In order to prevent PHP from exposing the fact that it is installed on the server, by adding to the web server header we need to locate in php.ini the variable expose_php and turn it off.

By default expose_php is set to ‘On’

In your php.ini locate the line containing “expose_php On” and set it to Off ;

expose_php = Off

After making this change PHP will no longer add it’s signature to the web server header. Doing this, will not make your server more secure but,it will just prevent remote hosts to easily see that you have PHP installed on the system and what version you are running.

What is Web-Based Email ?

Web-Based Email is an Internet-based email system that lets you send and receive
email messages from a Web browser. All you need to use Web-Based Email is an Internet
connection and the Internet Explorer Web browser (Internet Explorer v5.5 or later).
How do I access my Web-Based Email account ?
You can log on to your Web-Based Email account from your Web browser by going
to the Web address for your account. The Web address is the same as your domain
name, except you replace “www” with “email”. For example, if your Web address
is “www.example.com”, your email address is “email.example.com”.