Hello,

To get the apache version on linux server we have to use following command.

# /usr/local/apache/bin/httpd -v

To get the php version on linux server we have to use following command.

#php -v

you can get the php modules install on server with command #php -m
To get the mysql version on linux server we have to use following command.

#mysql -v

How to install and configure the CSF (configserver) firewall.

CSF can be used on a wide range of Linux systems, including those running cPanel. Following are the steps to install and configure the CSF.

Installation is quite straightforward:

rm -fv csf.tgz

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

To configure CSF modify the config files in /etc/csf/ - or if you are running WHM you can modify the CSF settings in WHM itself.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

For installing the SSL certificate you need to have a dedicated IP Address, and make sure that your domain is registred domain name and resolving perfectly

Step 1: You need to generate CSR (certificate signing request ) from your webhost nameger. which required following information.

———————————–
- Host to make cert for:
- Country(2 letter Abbreviation):
- State:
- City:
- Company Name:
- Company Division:
- Email:
- Password:
———————————–
Also please create webmaster@yourdomain.com (replace yourdomain.com with the domain that you want the SSL certificate to be setup for) and provide us with its password so we can complete the installation process.

After CSR generation you will get the CSR and RSA key

step 2: With the help of RSA key you need to purchase SSL certificate from any of SSL provider such as COMODO ,instant SSL

step 3: Once you got the SSL cerificate then you need to provide that certificate to hosting provider so the hosting provider will install SSL cerificate from WHM >> SSL/TLS >> Install a SSL Certificate and Setup the Domain option.

To stop other sites directly linking to your images and media files and stealing your bandwidth You need to add following code in your .htaccess file

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com(/)?.*$ [NC]
RewriteRule .*.(gif|jpg|jpeg|bmp|wmv)$ http://www.domain.com/image.jpg [R,NC]

Note: replace your website with domain.com

CGI Scripts :
An acronym for Common Gateway Interface, CGI is an interface that enables you to run external programs on your server for performing specific functions.
CGI is executed in real-time, it output dynamic information instantly so CGI can be considered as a way of interfacing your custom programs with HTTP or WWW servers, so that a server can offer interactive sites instead of just static text and images. CGI programs can be written in Perl, Java, Visual Basic and C.

How it works :
The Common Gateway Interface (CGI) allows information to pass between a Web site’s server and a program usually written in Perl or Java that lives in the “CGI bin” on that server. You send information from your browser to the server; the server passes the information through the CGI gateway to the Perl/Java program; the Perl/Java program does its thing to the information (perhaps conducting a query of a database and creating an HTML page that lists the results), then sends the information back through the CGI gateway to the server, and the server returns the information to your browser.

Uploading CGI scripts :
All CGI programs must be uploaded to your cgi-bin directory. You should be sure to use ASCII mode when uploading Perl scripts.

Calling CGI scripts :
In your HTML documents, reference your CGI script using following path: http://www[DOT]yourdomain[DOT]com/cgi-bin/script.

Precautions to be taken while developing customized CGI scripts :
You should take atmost care while using CGI scripts as they area more vulnerable to attacks, a buggy CGI script can leak sufficient system information to compromise the host.
Quite a number of widely distributed CGI scripts contain known security holes. Many of the ones that are identified here have since been caught and fixed, but if you are running an older version of the script you may still be vulnerable. Get rid of it and obtain the latest version. If there is no fix for a script, just get rid of it.

While you are developing custom CGI scripts avoid
*) Giving out too much information about your site and server host. ( eg : For example, the “finger” command often prints out the physical path to the fingered user’s home directory and scripts that invoke finger leak this information )
*) If you’re coding using some compiled language like C, avoid making assumptions about the size of user input.
(While coding if you made the assumption that user input provided by a POST request will never exceed the size of the static input buffer then a wily hacker can break this type of program by providing input many times that size. The buffer overflows and crashes the program; in some circumstances the crash can be exploited by the hacker to execute commands remotely.

Every other day we see some new bot crawling our site, but most of the time they are useless for us. Some of them are just sent out for some special purpose of either spamming or some type of content theft so you have to be careful and should be able to identify such unnecessary guest who have a bad purpose.

What are are Bad Robots ?
Bots who ignore robots.txt file.
Follow links through cgi scripts
Traverse the whole web site in seconds, which affect website speed.
Revisit the web site too often, even when there is no update in site.

How to prevent them for crawling your site?
You can ban all identified bad robots from getting into your site by inserting few lines at .htaccess
You can ban such bad bots by two ways
*) by banning all accesses from a particular site
*) Banning all accesses that use a specific id to access the server.

Usually having a search engine bot on your site is good for your site as they crawl and index your website faster but you should take care that you don’t allow bad bots crawling your site.

Sometimes you face the problem of bandwidth leakage, even you don’t see much traffic for your site your controlpanel shows heavy bandwidth usage. So you must check what is going wrong with your bandwidth.
There can be many reasons for this but first of all you should check for your images/video and take care for not being compromised or hotlinked. Some blackhat webmaster tries to save their bandwidth by hotlinking files at other sites.

What is Hotlink :
When you link to an image/video on someone else’s server instead of saving that image to your computer and uploading it to your blog/site. When you do this you are stealing bandwidth of the other linking site.
When your visitor loads the page with those images, they are actually loading image/video from the other site eating up the bandwidth of that site.

Some webmaster do such unethical practices as to save their bandwidth, as they have limited amount of bandwidth allowed each month and if it get exceeded then their host may suspend their account so they play such tricks. As a webmaster we should be aware of such illegal practices and should protect us.

How to Detect The Bandwidth Thieves :
Most effective way to check who are the culprits is through checking your web server logs for referrals to the images on your website. Trace the referrers in the logs to the actual referring website and check the offending web page. If you find your graphics displayed on their page, check the HTML source for that page and find out where the graphic files are hosted. If the IMG tag points to your website, it means they are using your bandwidth for their website.

How to protect yourself :
Using .htaccess, you can disallow hot linking on your server, so those attempting to link to your images are either blocked (failed request, such as a broken image) or served with different content may be with some funny image.
Note that mod_rewrite needs to be enabled on your server in order for this aspect of .htaccess to work. If you are using Wordpress, there is a hotlink protection plugin that you can install which fights bandwidth theft.

Today most of the sites are based on CSS. There are many reasons why CSS have become so popular some of them are easy maintenance of website, clean html code, easy updates, increase download speed, reduce bandwidth and most important improves search ranking ;
You must be wondering how it helps in ranking? Here’s the explanation….

Generally a page of site get index when the spider/bot of search engines crawls content of that page, When a search engine, such as Google, sends a spider to crawl your website, it looks through the code of your webpage they actually read certain elements of your HTML code. Certain HTML code holds more weight than other tags. So it is necessary to have a clean and readable code which is easy to understand by spiders, if there are unnecessary text and tags in your HTML file, spiders will have to struggle to understand that page is related to a particular search keyword. Using CSS you will be able to change the code layout without destroying the actual visual layout and will get an clean html code which will result to better search engine rankings.
eg .

You can easily make the main content of your site to show up above the header or navigation menu in the code of your website; thus will help to show search engine crawlers the importance of your content.

Today major search engines such as: Google, Yahoo and MSN loves to see your content; the text, not the clumsy code. Using CSS you can have pure and clean food for spiders.

Bash is a default shell on most of the Linux operating system, you should be aware of all the keyboard shortcuts to avoid typo mistakes.

Following is the list of shortcuts which will save your precious time;

ctrl+a : jump to beginning of line you are typing on ;

ctrl+b : moving back a character ;

ctrl+c : terminate the command;

ctrl+d:delete character at cursor;

ctrl+D : exit the current shell;

ctrl+h : delete character before cursor ;

ctrl+e : jump to end of line you are typing on ;

ctrl+f : move forward by one character ;

ctrl+l : clear the screen :

ctrl+K : clear the line after cursor ;

ctrl+H : works as backspace ;

ctrl+t : transpose 2 characters ;

ctrl+xx : move between end-of-line and current cursor position ;

ctrl+r : search the history backwords ;

ctrl+w : erase word before cursor ;

ctrl+x@ : shows possible hostname completions;

ctrl+y : recover previous deletion ;

ctrl+z : suspend/stop the command which is running ;

#) UsingAlt combination :

Alt + > - Move to the last line in the history ;

Alt + ? - Show current completion list ;

Alt + * - Insert all possible completions ;

Alt + / - Attempt to complete filename ;

Alt + . - Yank last argument to previous command ;

Alt + b - Move backward ;

Alt + c - Capitalize the word ;

Alt + d - Delete word ;

Alt + f - Move word forward ;

Alt + l - Make word lowercase ;

Alt + n - Search the history forwards non-incremental ;

Alt + p - Search the history backwards non-incremental ;

Alt + r - Recall command ;

Alt + t - Move words around ;

Alt + u - Make word uppercase ;

Alt + back-space - Delete backward from cursor ;

#) Using Esc combination :

esc+d : delete word ;

esc+f : move forward a word ;

esc+b : mmove backward a word ;

esc+t : transpose two adjacent words ;

#) Using Tab combination :

*)Press tab twice to see all available commands;

*)Press tab twice after a word to view all commands starting with that word ;

*)Pressing ~along with hitting tab 2 times will give you list of all user on system from /etc/passwd;

*)Pressing $along with hitting tab 2 times will show you all sys variables ;

*)Pressing / along with hitting tab 2 times will give you entire directory structure including hidden ;

#) Some extras :

*) To complete a command you can hit the tab key after typing one or more letters of a command.

*) you can use ! along with first few character of previous command to get previous command fired;

eg; if you have used ifconfig sometime back then you can use !if to fire that command once again.

Understanding cURL :

It is a command line tool used for transfer of your file with URL from or to a server, using supported protocols such as (FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, FILE and LDAP)
This command is designed to work if you don’t want user interaction ie to automate unattended file transfers or sequences of operations; Just fire the command with proper parameters and sit aside. You can view the status of process at any time as cURL normally displays a progress meter during operations, indicating amount of transfered data, transfer speeds and estimated time left etc.

However if you invoke curl to write some data at some terminal then this progress meter gets disable otherwise it would mess up the output mixing progress meter and response data.

The URL syntax is protocol dependent if you don’t specify any protocol cURL will take it as HTTP by default. Curl will attempt to re-use connections for multiple file transfers, so that getting many files from the same server will not do multiple connects this improves transfer speed.